Flower
Profile :
The opinion expressed here or re- blogged are my personal opinion and views and has no relation to any organization , group or people.
Public Facebook Profile:
Deter Cyber Theft Act aims to stop companies from profiting on cyber-espionage against the US
Yesterday a Pentagon report laid the blame for some of the recent hacking attacks in the United States at the feet of the Chinese government and military, and now a group of four US senators have proposed legislation aimed at hurting those the benefit from such actions. The Deter Cyber Theft Act was proposed by Carl Levin (D-MI), John McCain (R-AZ), Jay Rockefeller (D-WV), and Tom Coburn (R-OK), and is designed to address what NSA head General Keith Alexander has called “the greatest transfer of wealth in history” — theft of intellectual property in cyber-related crime.
If it were to become law, the Act would require the Director of National Intelligence (DNI) to put together an annual report listing what foreign countries are engaging in economic or industrial cyber-espionage in the US, including a watch list of those considered the most egregious offenders. The report would include what information had been targeted by these attacks, what had been stolen, what materials were created using that stolen information, and what foreign companies — including government entities — benefitted. It would also list what steps the DNI and other federal agencies had taken to combat the attacks.
Additionally, it would require that the president block the import of a number of products found to be the result of cyber-espionage. Products containing technology stolen from the US, those made by “state-controlled enterprises” of nations that make the report’s watch list, and products manufactured by companies that the DNI decided had benefited from cyber-espionage would all be affected.
There have been an assortment of high-profile hacking attacks over the past few years, including several on major newspapers. Most of them have been traced back to China, with yesterday’s Pentagon report only the most recent accusation (China’s Ministry of Defense has consistently denied any involvement). “It is time that we fought back to protect American businesses and American innovation,” Levin said in a written statement. “We need to call out those who are responsible for cyber theft and empower the president to hit the thieves where it hurts most — in their wallets, by blocking imports of products or from companies that benefit from this theft.”
As published on http://www.theverge.com/2013/5/7/4310042/deter-cyber-theft-act-aims-to-stop-companies-from-profiting-on-cyber-espionage-us
Share
Why Two-Factor Authentication Won’t Stop The Hacking Crisis
As high profile hacks continue to make news, “two-factor authentication” is becoming a household term. This year alone, Apple, Microsoft, and Evernote have rolled it out to users, and two weeks ago Wired reported that Twitter is developing a two-factor option of its own. Google and Facebook have had it since early 2011.
It’s usually described in the media as a sort of silver bullet: Damaging Twitter hacks, the thinking goes, will cease as soon as two-factor authentication becomes available.
Now, security experts are questioning its limits. As cyber attacks grow more sophisticated, hackers are zeroing in on mobile devices with the express intention of circumventing two-factor auth — an integral part of the two-factor process, which requires users to interact with their phones, either through text message or app, to log in. “In underground communities we’re seeing a lot of chatter focusing around mobile, specifically with phones,” Daniel Cohen, Head of Online Threats Managed Services at RSA tells BuzzFeed. Cohen notes that RSA has seen 350 percent growth in Android malware between 2011 and 2012, from 1000 samples to 350,000.
“We’re seeing apps that will steal your contacts off your phonebook as well as applications that are programmed to steal SMS messages. These programs hide the messages from the users, so you’ll never even know you received the SMS,” Cohen said.
This kind of mobile malware — which can find its way onto your phone through a corrupted site or a compromised app — successfully grabbed private SMS data in Europe as part of a dramatic online heist. A December 2012 study by Versafe and Checkpoint Software Technologies details a Trojan virus called the “Eurograbber,” which stole over 36 million Euros from bank customers masking itself as a bank’s mobile encryption software. A passage from the report chillingly explains how the virus works:
The bank’s SMS containing the Transaction Authorization Number (TAN) is the key element of the bank’s two factor-authorization. The Eurograbber Trojan on the customer’s mobile device intercepts the SMS and uses the TAN to complete its own transaction to silently transfer money out of the bank customer’s account. The Eurograbber attack occurs entirely in the background. Once the “security upgrade” is completed, the bank customer is monitored and controlled by Eurograbber attackers and the customer’s online banking sessions give no evidence of the illicit activity.
Though the two-factor breaches have, so far, been mostly relegated to the banking industry, they pose a real threat to social and personal accounts, especially as more platforms adopt two-factor security solutions and phishing scams become more personalized. Spear-phishing isn’t just for organizations — scammers use it to target individuals, too.
“It’s not that the tech or that the method is corrupted, it’s that we as humans “fail” with regard to being vigilant and aware of the attacks,” Cohen added. “That said, social engineering today is done with such high quality that it can deceive even a well trained eye.”
For security experts like Cohen, these hacks are part of a never-ending cat and mouse game, where hackers are often a step ahead. Two-factor authentication is important, but in no way a panacea for online security — for hackers, it’s a hurdle, not a roadblock.
As companies like RSA continue to develop more advanced methods of protection — currently, RSA is trying to build a profile of the “legitimate user” to make it easier to see abnormal behavior across the web and identify hacks — threat managers like Cohen suggest not only dual authentication, but extreme vigilance.
“The web has definitelly become more dangerous in recent years and malware much more malicious in its nature,” Cohen cautions. “The security industry understands that this is a fact of life now. We have to accept that our computers can be breached and then work to find the solutions to help protect us.”
Article as published on http://www.buzzfeed.com/charliewarzel/why-two-factor-authentication-wont-stop-our-security-nightma
Share
The 20 Hottest Startups From The World’s 2nd-Biggest Startup Factory – Israel
Israel calls itself the “startup nation.” Israelis say that technology is the country’s No. 1 export.
By some counts, Israel is home to 4,800 startups today. It’s also home to least two dozen accelerator/incubator programs in the Tel Aviv area, alone, including some run by Microsoft and Google.
There are more incubators in other cities, too, including a program in Jerusalem run by Jerusalem Venture Partners on a campus so big it has its own restaurant and nightclub.
All of this is to say that as a startup hub, Israel is second only to Silicon Valley.
So it’s not easy to name the nation’s hottest, most exciting startups because everywhere you turn there are young companies doing really cool things.
Read complete article on http://www.businessinsider.com/the-20-hottest-startups-in-israel-2013-5?op=1
Share
Personal Information Is the Currency of the 21st Century
The currency of the 21st century digital economy is your personal information. It has no transaction costs and does not decrease in value when the supply increases. Contrary to the laws of economics, it may even increase in value with greater supply. The more information you provide to companies, the more value they can extract from it.
Now that 21st century digital behemoths such as Facebook and Google have discovered how to make personal information the most valuable resource in the history of humanity, they are strip-mining mountains of it into completely unrecognizable states.
Conversely, we tend to ignore this process because the most magnificent, technologically advanced and socially connected digital city is being built from it.
You are living in this growing digital city, and I’m guessing that you really like it here. Unfortunately, you can’t live in this city for free. Your rent is due in the form of your personal information, and you have to accept a certain loss of your privacy.
There’s no credit check to move in. You just need to share your name, birth date, where you’re from, your alma mater and a few more personal details. It’s effortless to hand over your information, and will only take you about 60 seconds to sign a lease.
But if you don’t read the fine print of your lease, you’ll gloss over the fact that surveillance cameras and microphones have been installed to cover every square inch of the city and that you have consented to being watched at all hours.
Meanwhile, marketers and advertisers will eavesdrop on your conversations and abruptly interrupt when you bring up any topics related to their products. (Bizarrely, you are also required to eat a complimentary cookie every time you enter a building.)
Real estate metaphors notwithstanding, losing your privacy is not such a bad thing. You pay into the new digital economy with your demographic and behavioral information.
Some people raise legitimate concerns, but claims of an Orwellian dystopia are alarmist hyperbole. There is a level of discomfort that comes with voluntarily divulging private information, and, understandably, greater anxiety results from being watched at all times.
As a society, we need to define the rules under which our personal information can be mined. Our collective unease is largely the result of not having clear parameters to create an equilibrium between privacy and personalization.
These parameters will help shift our focus from the negatives to the positives, because in return for your personal information, you realize a net benefit with tremendous value.
Access to Your Data From Anywhere, at Any Time, Using Any Device
I don’t want access to my data being constrained by the time of day, where I am or what digital device I have access to. I shouldn’t have to go to work to grab an Excel file off my computer and I shouldn’t need my personal device to show a photo of my dog to coworkers.
The solution is adopting a cloud service like Dropbox, Google or Facebook. They become the stewards of your data, responsible for keeping it secure and accessible at all times. In exchange, you grant them full visibility of your data and permit them to monetize it.
I don’t know about you, but I don’t like carrying a USB stick around and I definitely loathe the pain of a hard drive failure corrupting three years of photos and memories. I’m sticking with the cloud.
Personalized Experience
A personalized experience is why companies like American Express, Brooks Brothers and USAA consistently rank at the top of consumer surveys. These are giant corporations, but they make you feel special by focusing on you. They also happen to know a lot about you and your spending habits.
The sheer volume of information online is overwhelming and often leads to decision paralysis. You need help cutting through the noise; the best companies personalize your digital experience, only presenting information that is relevant to you.
I don’t want to dig through the iTunes or Netflix libraries. I want to choose from recommendations based upon what I’ve watched in the past and what my friends are watching. If I’m buying something on Amazon, or planning a vacation on TripAdvisor, I’d like to see reviews and recommendations from my friends. I’m far more likely to make a better and more informed choice with the trusted validation of my social circle.
Proactive Digital Assistant
Google knows where I live, where I work and the typical route I take to commute between them. I find it extremely valuable when I am alerted about an accident before I’m already stuck in the horrific traffic jam for over an hour.
Facebook pings me with a push notification about my friend’s birthday so I don’t forget yet again. I can see from Instagram photos that my friend went to the Nationals game and I can ask him how it was. Foursquare will let me know if one of my friends has checked in near me and we can now meet for a serendipitous drink.
Our 21st century digital economy makes my life better. I have access to what I need, when I need it. My online experience is largely customized to suit my needs. And, I have better ambient awareness of what’s happening in my social circles.
The cost to improve my life is sharing my personal information. A barter economy is based on the exchange of goods and services of perceived equal value. In my mind, I’m receiving far more than I’m giving up.
There is a zero-sum relationship between personalization and privacy. To get the personalized digital experience you want and have grown accustomed to, you have to accept the loss of your privacy.
As published on http://allthingsd.com/20130507/personal-information-is-the-currency-of-the-21st-century/
Share
It’s not just about China and America—smaller countries want to wage cyberwar too
America’s Department of Defense yesterday released its annual report on China’s military capabilities (pdf). The report includes “electronic warfare” and “information dominance” as part of a larger campaign it says is an “essential element, if not a fundamental prerequisite” of China’s defense planning.
The report is good PR for China’s cyberwarriors but there is nothing surprising about the country’s ambitions. America itself is relatively open about its cyberwarfare activities. The US air force recently designated six bits of code as “weapons” so it could squeeze some more funding out of the defense budget. And the most widely known instance of cyberwarfare, Stuxnet, is a computer virus with not one, not two, but five “zero-day exploits,” as attacks on previously undiscovered vulnerabilities are knowns. Stuxnet was hailed as such a success that its authors, America and Israel, gleefully ensured that the whole world knew who was behind it.
Some researchers doubt the effectiveness of Stuxnet. That seems almost immaterial. Where the wide publicity given to Chinese attacks ensures a bogeyman, the success of Stuxnet—and the low cost of developing such weapons—has become a model for other countries to follow.
For example, here is what the British Intelligence and Security Committee’s latest annual report (pdf) had to say about cyberwar: “While attacks in cyberspace represent a significant threat to the UK, and defending against them must be a priority, we believe that there are also significant opportunities for our intelligence and security agencies.”
The committee’s recommended actions included accessing enemy networks to obtain intelligence without detection, destruction of data, and “disruption,” which it describes as accessing the “networks or systems of others to hamper their activities or capabilities without detection (or at least without attribution).” It cited Stuxnet as an example.
France is the latest to hop on to the bandwagon. A white paper submitted to the president by a committee on defence and security last week outlined the need for “la capacité informatique offensive” (pdf in French). There are few national security agencies that haven’t outlined something similar (pdf) to their governments.
A milder form of cyberwar is fighting crime online. But this too requires many of the same techniques and involves the same extra-territorial incursions. The Dutch ministry of security and justice said last week that it is seeking new legislation to allow police to break into computers, which would make it a crime to refuse to share passwords with the law. In this, the Dutch could argue they are merely fulfilling their commitments to the Convention on Cybercrime, which practically requires (pdf) such laws.
While the convention encourages international cooperation and allows unilateral access to data in other countries, negotiators were unable to agree on the extent of that access. Reaching into an American server and destroying or stealing private data without the consent of the owner is frowned upon. Yet that is the right the Dutch are seeking, since many services, such as Gmail, now lie beyond their jurisdiction. Even for those countries that aren’t yet building full-blown cyberwarfare capabilities, there are only couple of steps that lie between snooping and spying, and between spying and sabotage.
As published on http://qz.com/81997/its-not-just-about-china-and-america-smaller-countries-want-to-wage-cyberwar-too/
Share
Time
You may delay, but time will not. – Benjamin Franklin
Share
Most data isn’t “big,” and businesses are wasting money pretending it is
Big data! If you don’t have it, you better get yourself some. Your competition has it, after all. Bottom line: If your data is little, your rivals are going to kick sand in your face and steal your girlfriend.
There are many problems with the assumptions behind the “big data” narrative (above, in a reductive form) being pushed, primarily, by consultants and IT firms that want to sell businesses the next big thing. Fortunately, honest practitioners of big data—aka data scientists—are by nature highly skeptical, and they’ve provided us with a litany of reasons to be weary of many of the claims made for this field. Here they are:
Even web giants like Facebook and Yahoo generally aren’t dealing with big data, and the application of Google-style tools is inappropriate.
Facebook and Yahoo run their own giant, in-house “clusters”—collections of powerful servers—for crunching data. The necessity of these clusters is one of the hallmarks of big data. After all, data isn’t all that “big” if you could chew through it on your PC at home. The necessity of breaking problems into many small parts, and processing each on a large array of computers, characterizes classic big data problems like Google’s need to compute the rank of every single web page on the planet.
But it appears that for both Facebook and Yahoo, those same clusters are unnecessary for many of the tasks which they’re handed. In the case of Facebook, most of the jobs engineers ask their clusters to perform are in the “megabyte to gigabyte” range (pdf), which means they could easily be handled on a single computer—even a laptop.
The story is similar at Yahoo, where it appears the median task size handed to Yahoo’s cluster is 12.5 gigabytes. (pdf) That’s bigger than what the average desktop PC could handle, but it’s no problem for a single powerful server.
All of this is outlined in a paper from Microsoft Research, aptly titled “Nobody ever got fired for buying a cluster,” which points out that a lot of the problems solved by engineers at even the most data-hungry firms don’t need to be run on clusters. And why is that an issue? Because there are vast classes of problems for which clusters are a relatively inefficient—or even totally inappropriate—solution.
Big data has become a synonym for “data analysis,” which is confusing and counter-productive.
Analyzing data is as old as tabulating a record of all the Pharaoh’s bags in the royal granary, but now that you can’t say data without putting “big” in front of it, the—very necessary—practice of data analysis has been swept up in a larger and less helpful fad. Here, for example, is a post exhorting readers to “Incorporate Big Data Into Your Small Business” that is about a quantity of data that probably wouldn’t strain Google Docs, much less Excel on a single laptop.
Which is to say, most businesses are in fact dealing with what Rufus Pollock, of the Open Knowledge Foundation, calls small data. It’s very important stuff—a “revolution,” according to Pollock. But it has little connection to the big kind.
Supersizing your data is going to cost you and may yield very little.
Is more data always better? Hardly. In fact, if you’re looking for correlations—is thing X connected to thing Y, in a way that will give me information I can act on?—gathering more data could actually hurt you.
“The information you can extract from any big data asymptotically diminishes as your data volume increases,” wrote Michael Wu, the “principal scientist of data analytics” at social media analysis firm Lithium. For those of you who don’t normally think in data, what that means is that past a certain point, your return on adding more data diminishes to the point that you’re only wasting time gathering more.
One reason: The “bigger” your data, the more false positives will turn up in it, when you’re looking for correlations. As data scientist Vincent Granville wrote in “The curse of big data,” it’s not hard, even with a data set that includes just 1,000 items, to get into a situation in which “we are dealing with many, many millions of correlations.” And that means, “out of all these correlations, a few will be extremely high just by chance: if you use such a correlation for predictive modeling, you will lose.”
This problem crops up all the time in one of the original applications of big data—genetics. The endless “fishing expeditions” conducted by scientists who are content to sequence whole genomes and go diving into them looking for correlations can turn up all sorts of unhelpful results.
In some cases, big data is as likely to confuse as it is to enlighten.
When companies start using big data, they are wading into the deep end of a number of tough disciplines—statistics, data quality, and everything else that comprises “data science.” Just as in the kind of science that is published every day—and as often, ignored, revised, or never verified—the pitfalls are many.
Biases in how data are collected, a lack of context, gaps in what’s gathered, artifacts of how data are processed and the overall cognitive biases that lead even the best researchers to see patterns where there are none mean that “we may be getting drawn into particular kinds of algorithmic illusions,” said MIT Media Lab visiting scholar Kate Crawford. In other words, even if you have big data, it’s not something that Joe in the IT department can tackle—it may require someone with a PhD, or the equivalent amount of experience. And when they’re done, their answer to your problem might be that you don’t need “big data” at all.
So what’s better—big data or small?
Does your business need data? Of course. But buying into something as faddish as the supposed importance of the size of one’s data is the kind of thing only pointy-haired Dilbert bosses would do. The same issues that have plagued science since its inception—data quality, overall goals and the importance of context and intuition—are inherent in the way that businesses use data to make decisions. Remember: Gregor Mendel uncovered the secrets of genetic inheritance with just enough data to fill a notebook. The important thing is gathering the right data, not gathering some arbitrary quantity of it.
As published on http://qz.com/81661/most-data-isnt-big-and-businesses-are-wasting-money-pretending-it-is/
Share
14 Effortless Actions You Can Take Right Now To Live A Better Life
Let’s face it..
Personal growth is hard. At least, the type of personal growth you want to last is hard (which is the only kind that matters).
If you’ve been on the self-improvement journey for any amount of time, you know how much reflection, self-discovery, and learning there is to be done. Then, when you’ve reached the end you find a whole set of new and exciting issues to address.
Are there any steps you can take towards a better life that don’t involve hours inside your head followed by meditation (and possibly medication)? Not to mention the boxes upon boxes of tissue paper you go through, making the cashiers your local Walmart speculate on all the reasons one person would need so many boxes of tissues.
In all seriousness, it feels like a long, hard, arduous journey. But, although it doesn’t come easily, it also doesn’t always have to be an all-consuming self-improvement program.
In fact, there are simple actions you can take that will make you feel better almost immediately. And the best news: they don’t require any tissue paper at all.
1.) Interact With Humans
I continue to marvel at our ability to spend 14 hours a day in front of a screen without suffering any permanent damage to our capacity to interact socially with our fellow man.
It’s not right to spend so much time removed from human interaction. This is especially true for people that work from home.
It’s entirely possible to not leave your house for 2 weeks. What with video chat and internet, why would you need to?
Electronic communication is not a substitute for being next to a living breathing human being.
2.) Always Try Your Best
You’ll feel better for it and you’ll always over-deliver.
If you can’t try your best then maybe you shouldn’t be doing it at all.
3.) Keep Your Word
I’ve talked in length about how your self-esteem is the reputation you have within yourself. Not keeping your word destroys this reputation and destroys your self-esteem.
This applies to promises you make to others and to yourself.
It’s just as important, if not more important, to keep promises you make to yourself. When you don’t you stop trusting yourself. You stop believing in yourself.
After that it’s not hard to go from ‘my words mean nothing’ to ‘I mean nothing’ and then to ‘I am nothing.’
4.) Do One Nice Thing Every Day
Most of us are nice people, but we just feel like we don’t have time to express it.
So think of one really nice thing you can do for someone you like. How can you make that person smile? How can you make their day? What can you do that’s easy for you but hard for them?
It doesn’t need to be random. It doesn’t need to be unexpected. It just needs to be genuine.
5.) Look People In The Eye
Not looking someone in the eye is synonymous to outright saying that you don’t have any self-confidence.
Even if you don’t feel confident, even if you’re intimidated, look them in the eye.
Now, with that said, don’t initiate a staring contest with everyone you meet. Just meet their eye at least 50% of the time in conversation and watch how much better you feel about yourself.
6.) Smile
A smile can transcend any cultural, racial, religious, and societal differences.
It will make you and everyone around you feel better. The simple act of smiling will elicit happy emotions within you.
So smile, even when you want to frown.
7.) Eat Real Food
I can’t be sure when we as human beings decided it was ok to stop eating real food but, just in case you were on the fence about this one, it’s not ok.
A carrot is not just a combination of carbohydrates, proteins, water, etc. It’s a carrot!
There shouldn’t be any extraneous chemicals in the carrot. It shouldn’t look like it came from Mars. And it should taste like a carrot.
Do you know what a carrot tastes like? Are you sure?
8.) Be The First to Apologize
Apologizing first is a thousand times more satisfying than having the last laugh.
If you do even one of the above on a consistent basis, you’ll start feeling like a panda in a tree in no time. Gone will be the days where you stare off in the distance in awe of how you made it this far in life with all of the mental baggage you’ve carried around. Here are the days where you stare off in the distance and actually see the sky and look upon it in awe of its vastness.
As tears form in the corners of your eyes you’ll curse because, alas, you’ve no more tissue paper. There are worse problems to have.
As published on http://www.pickthebrain.com/blog/14-effortless-actions-you-can-take-right-now-to-live-a-better-life/
Share
The worst possible cybersecurity breaches could be far worse than you imagined
The cyber-ruffians who briefly tanked the stock market recently by faking a news tweet about an attack at the White House showed how much damage can be done with a few well-placed keystrokes. Those who hacked into a Department of Labor website earlier this week could have wreaked even more havoc, say, if they successfully tweaked the monthly jobs report.
Neither seemed particularly sophisticated, or malicious. But they do beg the obvious question: How much damage could a group of well-trained hackers do, economic and otherwise, if they really wanted to?
That’s a question that Paul Rosenzweig has been thinking about for awhile. He’s a former top US Department of Homeland Security official and author of the recently published book, “Cyber Warfare: How Conflicts in Cyberspace Are Challenging America and Changing the World.“ The book’s cheerful premise? That technological advances, combined with the ubiquity of the Internet, have spawned a near-infinite range of potentially grave security threats to governments, commercial entities and individuals.
It doesn’t take Rosenzweig long to come up with some unsettling scenarios. Most involve either disruption or disinformation, like the Associated Press Twitter account hack.
Here are just a few of them:
Spreading disinformation through trusted sources about a dangerous escalation of a geopolitical flashpoint, prompting a plunge in global markets that lasts for days before it’s corrected. North Korea’s Kim Jong-Un launches ICBMs at the United States, for instance, or Israel attacks Iran’s nuclear program, squeezing the global oil supply.
Hacking into the Industrial Control Systems (ICS) that run so many government and private sector systems, disrupting dams, oil refineries, the power grid, utility companies—or the global banking system known as SWIFT. (A Chinese hacker is suspected in a recent intrusion into a US government database cataloging dam vulnerabilities, according to the Washington Free Beacon.)
Disrupting trading on the New York, London or Tokyo stock exchanges, or finding a way to wipe out, or corrupt, the vast database of prior trades.
Messing with the space-based satellite navigation system that provides location and time information for just about everything these days. “Think of this,’” Rosenzweig says. “What if someone started degrading the information that GPS runs on? It’s just data, ones and zeros that come down from satellites. You could make our missiles less accurate, our planes less able to fly or less safe. You could intercept, degrade it, or spoof it—send false signals, and make the planes think they are somewhere else.”
How serious are these threats? “All of these are very, very real vulnerabilities,” says Rosenzweig. ”There are people who would love to do these to us but don’t have the capability, yet, like Al Qaeda. There are others, like Russia, China and Iran, who could do much of it, and they might do it at some point. But when, and why, we don’t know.” One question is whether state actors like Russia, China and Iran would authorize something that could be construed as an act of war, or certainly a serious provocation that could prompt a US military cyber-response.
Rosenzweig, who now runs the Red Branch Law & Consulting firm, wouldn’t talk about the work he did on highly-classified “Red Teams” tasked by the government to think up such scenarios as a way of thwarting them. But he says such efforts are becoming increasingly urgent as cybersecurity experts try to anticipate what kind of hacks could really do serious damage.
As published on http://qz.com/81268/the-worst-possible-cybersecurity-breaches-could-be-far-worse-than-you-imagined/
::: Shailendra Nair ::: 
You must be logged in to post a comment.