Educational CyberPlayGround Inc. NetHappenings Newsletter 6.4.19

Educational CyberPlayGround Inc. https://www.edu-cyberpg.com

NetHappenings© Newsletter 6.4.19

Get Nethappenings© email RSS Feed
https://cyberplayground.org/

Warning: please don’t choke <gulp> This post is a fire hose,  so be ready to chunk the info below into manageable amounts over the next several days or weeks.

Orientation:  #IOT | #DATA BREACH | #CYBER – Surveillance – Security | #Delete Facebook | #Crypto | #College  

*Remember people are trying to develop tomorrows tech on today’s platforms using yesterday’s ideologies.

42 years may not seem a long time, but in terms of the internet it is like a geological age.
1972: Jon Postel published RFC 318, which presented his understanding of the ad hoc Telnet protocol. It became an official protocol 13 months later when RFC 495 was published. https://twitter.com/todayininfosec/status/1113686510434312192

 

IOE

“Thought of the day: As we end up connecting *every* electronic device to the internet, we will soon hit a point of saturation where we cannot connect more stuff. This means “peak cyber risk” may actually be on the horizon”.

Here’s how Internet of Things malware is undermining privacy
https://www.privateinternetaccess.com/blog/2019/04/heres-how-internet-of-things-malware-is-undermining-privacy/

Do renters have the right to reject smart home technology?
https://www.marketplace.org/2019/03/05/tech/do-renters-have-the-right-to-dumb-apartments

EXECUTING A VEHICLE KEYLESS ENTRY ATTACK
https://hackaday.com/2019/03/30/executing-a-vehicle-keyless-entry-attack/

Data-leaking flaw in WPA3 Wi-Fi authentication
https://nakedsecurity.sophos.com/2019/04/15/dragonblood-data-leaking-flaw-in-wpa3-wi-fi-authentication/

THE NEW GEOPOLITICS OF CONVERGING RISKS
THE UN AND PREVENTION IN THE ERA OF AI

DATA BREACH

The Crisis of Election Security
As the midterms approach, America’s electronic voting systems are more vulnerable than ever. Why isn’t anyone trying to fix them?
https://www.nytimes.com/2018/09/26/magazine/election-security-crisis-midterms.html

DARPA Is Building a $10 Million, Open Source, Secure Voting System https://motherboard.vice.com/en_us/article/yw84q7/darpa-is-building-a-dollar10-million-open-source-secure-voting-system

 WannaCry? Hundreds of US schools still haven’t patched servers. “If you’re wondering why ransomware continues to be such a problem for state and local governments and other public institutions, all you have to do to get an answer is poke around the Internet a little. Publicly accessible security-scan data shows that many public organizations have failed to do more than put a bandage over long-standing system vulnerabilities that, if successfully exploited, could bring their operations to a standstill
https://arstechnica.com/information-technology/2019/05/two-years-after-wannacry-us-schools-still-vulnerable-to-eternalblue/

Petya cyber industry loss passes $3bn driven by Merck & silent cyber
In projecting the way the Petya / NotPetya cyber loss will break down by industry, PCS believes that at least 54% will be driven by the pharmaceutical sector, 20% by manufacturing and the rest of consumer businesses, professional services and other miscellaneous industries.
https://www.reinsurancene.ws/petya-cyber-industry-loss-passes-3bn-driven-by-merck-silent-cyber-pcs/

Data Breach Report
https://enterprise.verizon.com/resources/reports/2019-data-breach-investigations-report.pdf

Elizabeth Warren unveils bill that could hold tech execs responsible for data breaches
https://www.theverge.com/2019/4/3/18293688/elizabeth-warren-facebook-amazon-google-apple-executives-jail-data-breaches

Wyden Unveils New Plan to Protect Private Data, Restore ‘Do Not Track,’ and Jail Reckless CEOs
https://gizmodo.com/wyden-unveils-new-plan-to-protect-private-data-restore-1830153516

Quest Data Breach
12 million SSN now for sale on the Dark Web.

Did you get pawned?
https://haveibeenpwned.com/Passwords

Identity Theft Recovery Steps
https://identitytheft.gov/Top-Company-Contacts

Death by a Thousand Clicks: Where Electronic Health Records Went Wrong
https://hn.premii.com/#/article/19545264

Who owns the © to my medical x-rays?
https://shkspr.mobi/blog/2018/11/who-owns-the-copyright-to-my-medical-images/

By tracing bitcoin transactions, ProPublica identifies multiple InfoSec firms that promise customers high-tech ransomware solutions, but instead just pay the BlackHat’s ransom & charge back the cost (plus billable hours/services). https://features.propublica.org/ransomware/ransomware-attack-data-recovery-firms-paying-hackers/

Health Insurance Hustle
You Snooze, You Lose: Insurers Make The Old Adage Literally True
Millions of sleep apnea patients rely on CPAP breathing machines to get a good night’s rest. Health insurers use a variety of tactics, including surveillance, to make patients bear the costs. Experts say it’s part of the insurance industry playbook.

Competition for Meat Eaters

 

CYBER – Surveillance – Security – Spy Craft – State Craft

The Spycraft Revolution https://foreignpolicy.com/2019/04/27/the-spycraft-revolution-espionage-technology/

The Psychology Behind Unethical Behavior
https://hbr.org/2019/04/the-psychology-behind-unethical-behavior

The Retroscope At Play Here’s a simple test for how you can decide if an app has encryption that doesn’t have backdoors for the local cops: if it’s allowed, it does. https://freethoughtblogs.com/stderr/2018/06/17/the-retroscope-at-play/

US Universities And Retirees Are Funding The Technology Behind China’s Surveillance State. Millions of dollars from US university endowments, foundations, and retirement plans have helped fund two billion-dollar Chinese facial recognition startups: SenseTime and Megvii. The Chinese government is using their technologies to surveil and profile its own citizens. https://www.buzzfeednews.com/article/ryanmac/us-money-funding-facial-recognition-sensetime-megvii

Cyber War | World Economic Forum
https://www.weforum.org/agenda/2017/01/cyber-war/

Vulnerabilities in industrial control systems surface lack of basic security hygiene https://www.techrepublic.com/article/vulnerabilities-in-industrial-control-systems-surface-lack-of-basic-security-hygiene/

How Silicon Valley Became a Den of Spies
The West Coast is a growing target of foreign espionage. And it’s not ready to fight back. https://www.politico.com/magazine/amp/story/2018/07/27/silicon-valley-spies-china-russia-219071

How did Iran find CIA spies?  They Googled it
https://arstechnica.com/tech-policy/2018/11/how-did-iran-find-cia-spies-they-googled-it/

Vault 7: CIA Hacking Tools Revealed https://wikileaks.org/ciav7p1/

How Bellingcat outfoxes the world’s spy agencies
The inside story of how it got the Skripal scoop
https://spectator.us/bellingcat-outfoxes-spy-agencies/

CULT OF THE DEAD COW
How the Original Hacking Supergroup Might Just Save the World
https://www.nytimes.com/2019/05/31/books/review/cult-of-the-dead-cow-joseph-menn.html

Department Of Homeland Security Compiling Database Of Journalists And ‘Media Influencers’
https://www.forbes.com/sites/michellefabio/2018/04/06/department-of-homeland-security-compiling-database-of-journalists-and-media-influencers/

Free Cyber Security Training and Career Development
https://www.cybrary.it/

NetBSD Problem Report

New York City is launching public cybersecurity tools to keep residents from getting hacked
https://techcrunch.com/2018/03/29/nyc-secure-new-york-cybersecurity-app-de-blasio/

Blackwater founder Erik Prince’s new company is building training center in Xinjiang. Prince, the brother of Education Secretary Betsy DeVos, is a former Navy SEAL who founded Blackwater, a military contractor that was controversial for its actions in the wars in Iraq and Afghanistan.
This a new low for former Navy Seal Erik Prince. The founder of Blackwater is part owner of a security training company opening in Xinjiang, China. Training China to oppress its Muslim population.
https://www.washingtonpost.com/world/asia_pacific/blackwater-founder-erik-princes-new-company-building-training-center-in-xinjiang/2019/02/01/ac372d40-2602-11e9-ba08-caf4ff5a3433_story.html

Ex-Coca-Cola engineer charged with stealing secrets for Chinese firm
https://www.channelnewsasia.com/news/business/ex-coca-cola-engineer-charged-with-stealing-secrets-for-chinese-firm-11244824

The Chinese Communist Party Is Setting Up Cells at Universities Across America – Foreign Policy https://foreignpolicy.com/2018/04/18/the-chinese-communist-party-is-setting-up-cells-at-universities-across-america-china-students-beijing-surveillance/

Clues in Marriott hack implicate China
https://www.reuters.com/article/us-marriott-intnl-cyber-china-exclusive-idUSKBN1O504D

Fri, 3 May 2019 Executive Order on America’s Cybersecurity Workforce
https://www.whitehouse.gov/presidential-actions/executive-order-americas-cybersecurity-workforce/

MSFT’s net earnings are around $16 billion. The US “Black Budget” is reportedly $56 billion. The NSA’s budget was $10 billion back in 2013 probably more now.
https://www.washingtonpost.com/wp-srv/special/national/black-budget/

Why businesses will have to audit algorithms, AI and account for risk
https://www.zdnet.com/article/why-businesses-will-have-to-audit-algorithms-ai-and-account-for-risk/

Department Of Homeland Security Compiling Database Of Journalists And ‘Media Influencers’ https://www.forbes.com/sites/michellefabio/2018/04/06/department-of-homeland-security-compiling-database-of-journalists-and-media-influencers/

Debunking the cybersecurity thought that humans are the weakest link
“From a social engineering standpoint, it has never been easier to trick employees,” Payton added. “Business email compromise is one of the largest unreported crimes after ransomware.”
What’s more, there’s a 25 percent probability that any given healthcare organization will be hacked in the next 2.5 years, said Salwa Rafee, worldwide security leader for healthcare and life sciences at IBM.
https://www.healthcareitnews.com/news/debunking-cybersecurity-thought-humans-are-weakest-link

Fort Bliss soldier under investigation for suspected ties to neo-Nazi terrorist group – U.S. – Stripes
https://www.stripes.com/news/us/fort-bliss-soldier-under-investigation-for-suspected-ties-to-neo-nazi-terrorist-group-1.580087

Free security advice.md
https://gist.github.com/grugq/353b6fc9b094d5700c70#file-free-security-advice-md

Free Wolfram Engine for Developers
https://www.wolfram.com/engine/

Technology has begun to test the boundaries of traditional First Amendment doctrine. Defense Distributed won their case. https://harvardlawreview.org/2017/04/defense-distributed-v-united-states-department-of-state/

France says Russia tried to intercept satellite communications in 2017
Russia attempted to intercept transmissions from a Franco-Italian satellite used by both nations’ armies for secure communications, French Defence Minister Florence Parly said on Friday, describing the move as an “act of espionage”.
https://www.channelnewsasia.com/news/world/france-says-russia-tried-to-intercept-satellite-communications-in-2017-10695906

DELETE FACEBOOK NOW!

2006 This post from Facebook’s Director of Engineering in 2006 (2 days after they launched the Newsfeed) did not age well. https://mobile.twitter.com/hunterscott/status/1116461733768339456

‘The goal is to automate us’: welcome to the age of surveillance capitalism
https://www.theguardian.com/technology/2019/jan/20/shoshana-zuboff-age-of-surveillance-capitalism-google-facebook

Well, These New Zuckerberg IMs Won’t Help Facebook’s Privacy Problems. In case you weren’t aware, Zuckerberg famously did a Ratner and called facebook users “dumb fucks”;
This Business Insider article was originally published May 13, 2010
Facebook CEO Mark Zuckerberg and his company are suddenly facing a big new round of scrutiny and criticism about their cavalier attitude toward user privacy.
An early instant messenger exchange Mark had with a college friend won’t help put these concerns to rest.
According to SAI sources, the following exchange is between a 19-year-old Mark Zuckerberg and a friend shortly after Mark launched The Facebook in his dorm room:

Zuck: Yeah so if you ever need info about anyone at HarvardZuck: Just ask

Zuck: I have over 4,000 emails, pictures, addresses, SNS

[Redacted Friend’s Name]: What? How’d you manage that one?

Zuck: People just submitted it.

Zuck: I don’t know why.

Zuck: They “trust me”

Zuck: Dumb fucks

U.S. users are leaving Facebook by the millions, Edison Research says
https://www.marketplace.org/2019/03/06/tech/exclusive-look-numbers-showing-users-leaving-facebook-by-the-millions/

How Koch Brothers and Mercer use LEOSA Law Enforcement Officers Safety Act to carry a concealed weapon in all 50 states. Anyone can get a badge to carry a concealed weapon cause there are no state or fed standards that determines what “qualified” means.
Mercer owned Cambridge Analytics was able to reproduce the data mining that Facebook was already doing in a more effective way than the DNC. Mercer’s hedge fund is Renaissance Technologies. Mercer owns Cambridge Analytica. Cambridge Analytica is at the center of a tech and political firestorm after revelations that it improperly harvested the personal data of 50 million Facebook users without their knowledge.

The moment Mark Zuckerberg tries to make a joke about privacy and nobody laughs: https://twitter.com/alfredwkng/status/1123281388046827520

Zuckerberg defends Facebook users’ right to be wrong – even Holocaust deniers. CEO explains decision not to censor conspiracy theories but says the platform will try to ‘reduce distribution of content’
https://www.theguardian.com/technology/2018/jul/18/zuckerberg-facebook-holocaust-deniers-censorship

Facebook’s security team tracks posts, location for ‘BOLO’ threat list
https://www.cnbc.com/2019/02/14/facebooks-security-team-tracks-posts-location-for-bolo-threat-list.html

Facebook’s Data Deals Are Under Criminal Investigation
https://www.nytimes.com/2019/03/13/technology/facebook-data-deals-investigation.html

Facebook: Old posts by Mark Zuckerberg have disappeared
https://www.businessinsider.com/facebook-old-posts-mark-zuckerberg-disappeared-2019-3

Facebook Has a ‘Sauron Alert’ to Protect Employees’ Privacy—But Not Yours https://gizmodo.com/facebook-reportedly-has-a-sauron-alert-to-protect-emp-1825770152

DELETE FB Selenium script to delete all of your Facebook wall posts
https://news.ycombinator.com/item?id=19963599

Facebook says employees had access to millions of Instagram passwords
https://www.cnbc.com/2019/04/18/facebook-says-employees-had-access-to-millions-of-instagram-passwords.html

Ime Archibong, Facebook vice president of product partnerships.

Facebook exec Andrew ‘Boz’ Bosworth broke rule on using real name
https://www.businessinsider.com/facebook-exec-andrew-boz-bosworth-broke-rule-real-name-2019-1

Facebook and Cambridge Analytica: Everybody’s learning nothing from this https://www.privateinternetaccess.com/blog/2018/03/facebook-cambridge-analytica-everyone-looking-wrong-way/

CRYPTO 

Facebook moderators are in revolt over ‘Big Brother’-style working conditions https://www.continentsnews.com/facebook-moderators-are-in-revolt-over-big-brother-style-working-conditions/

Two American Pension Funds Invest in Crypto https://www.trustnodes.com/2019/02/12/two-american-pension-funds-invest-in-crypto

Pretty much universal except for the Silicon Valley fanbois: cryptographers @ #RSAC19 now agree, FacebookCoin is a sick joke
https://mashable.com/article/cryptocurrency-experts-mock-facebook-coin/
APPLE
How to download a copy of everything Apple knows about you
https://www.cnbc.com/2018/04/25/how-to-download-a-copy-of-apple-data-about-me.html
Emails show RBS bankers joked about destroying the US housing market before 2008
https://www.businessinsider.com/emails-show-rbs-bankers-joked-about-crashing-us-housing-market-before-2008-2018-8
The kings of capitalism are finally worried about the growing gap between rich and poor
https://www.theguardian.com/commentisfree/2019/apr/24/ray-dalio-jamie-dimon-kings-of-capitalism-concerned

 

COLLEGE

Want to help struggling college students? Support the low-paid staff who teach them https://thinkprogress.org/teaching-college-and-living-on-food-stamps-why-untenured-faculty-are-a-2020-campaign-issue-45ffc57f6d92/

High-Paying Trade Jobs Sit Empty, While High School Grads Line Up For University https://www.npr.org/605092520

(ISC)² Cybersecurity Exams Approved for College Credits by American Council on Education https://finance.yahoo.com/news/isc-cybersecurity-exams-approved-college-130100480.html

1.5 Trillion in College Debt Trump Wants to Make It Legal for Debt Collectors to Text You “Where’s the Money, A$$hole?”
New rules would allow debt collectors to send customers unlimited texts and e-mails. https://www.vanityfair.com/news/2019/05/trump-cfpb-debt-collectors

“A few months ago I was interviewing a college admissions coach who told me the following about how big of a donation it takes to get a child into an Ivy no questions asked: “There’s a certain magic number. It’s way higher than people think: $10 million.””
https://twitter.com/DanaGoldstein/status/1105511957103370240

Elite College Admissions Are a Zero-Sum Game
https://medium.com/s/no-mercy-no-malice/how-i-got-here-eb3ca0aa98d2

How Admissions Works at Williams
Williams admissions work the same as admissions at most other elite colleges. If you understand the process at Swarthmore or Princeton, then you understand 99% of what happens at Williams.

Does It Matter Where You Go To College? Some Context For The Admissions Scandal – https://www.npr.org/702973336

Is a perfect ACT score rare? Not so much anymore, thanks to expensive test prep.
“It’s kind of encouraged to get good at test taking.” That’s an understatement: The number of perfect ACT scores is 6 times higher than 8 years ago. https://www.usatoday.com/story/news/education/2019/05/01/act-sat-scholarships-college-admissions-scandal-scores-test-prep/3640007002/

How Americans have come to see college as a requirement
https://www.washingtonpost.com/amphtml/outlook/a-college-degree-has-shifted-from-a-privilege-to-a-right-to-now-a-basic-need/2018/09/14/08c7dab8-b6d8-11e8-94eb-3bd52dfe917b_story.html

Does your income make you middle class where you live? Use this calculator to see where your income falls compared to other households in your county or the U.S. as a whole.
https://www.washingtonpost.com/graphics/2017/business/your-income-comparison/?utm_term=.1bb1fec6ed1b

How much money do you make? — Ask a Manager

Why Poverty Is Like a Disease
Emerging science is putting the lie to American meritocracy.
By Christian H. Cooper Photography by Nathan Cooper April 20, 2017
http://nautil.us/issue/47/consciousness/why-poverty-is-like-a-disease

What a $1,000 Per Month Universal Basic Income Would Look Like
https://medium.com/s/story/what-a-1-000-a-month-universal-basic-income-would-look-like-e278e11a16e0

Scientists think a new fault line might turn Nevada into a coast
Move aside, San Andreas. A new fault is shaking up the tech industry’s latest frontier in the West—and only a small group of scientists is paying attention. On a recent trip to Nevada’s Pyramid Lake, geologist James Faulds explores what he believes may become the future continental edge of North America. U.S. ROUTE 395 is a geologic master class disguised as a road. It runs north from the arid outskirts of Los Angeles, carrying travelers up to Reno along the eastern flank of the Sierra Nevada.
https://www.wired.com/story/walker-lane-move-over-san-andreas-fault/

Kennedy vs. Nixon – 1st 1960 Debate
https://www.youtube.com/watch?v=QazmVHAO0os

Really wonderful Video of NY 1911

How Do I Look? Dimitri From Paris – Une Very Stylish Fille