The MacValley blog


Welcome to the MacValley blog, your first stop for all the latest MacValley news and views.


Tom Briant

The MacValley blog

Editor: Tom Briant


Click here to email Tom

Click here for Tom's profile



To search the blog posts please use the box below

Sunday, July 3, 2016

Senior Correspondent Arnold Woodworth's Weekly Web Wrap-up for Sunday, July 3, 2016

Want to see the latest progress at Apple’s new headquarters now under construction in Silicon Valley? One documentarian has you covered.

Matthew Roberts has published his latest video taken from a drone of Apple’s Campus 2 in Cupertino, Calif., including a peek at the main “spaceship” building as well as some of the others nearby.

Take a Sneak Peek at Apple's Mindblowing $5 Billion Spaceship Campus

The Apple spaceship is finally looking like it’s almost ready to blast off.

7 clever tricks that will make your iPhone or iPad better

There will never be anything like the iPhone again

Nine years and a few days ago, Apple released the iPhone, and the world was never the same.

Well, there's some bad news and some good news.

The bad news is that we probably won't another big, world-shaking product introduction like the iPhone any time soon.

The good news is everybody's right! The next big thing is already here, and you probably haven't even noticed it yet.

the iPhone wasn't the first of a new kind of computer, it's the last of the old.

Just know that the arrow of history is pointing towards a whole galaxy of smart everything in constant communication. Where an iPhone is pretty good at lots of things, you're going to see more dedicated tools for specific tasks start to emerge, all powered by intelligence and connectivity.

10 facts about the Apple-1, the machine that made computing history
On June 29, 1975, Steve "Woz" Wozniak tested the first prototype of the Apple computer, and history was made.

The oldest library in the world just opened to the public — here's a look inside

1,157 years after it first opened, the world's oldest library has finally been restored and unveiled to the public.

Located in Fez, Morocco, the al-Qarawiyyin library is part of the world's oldest continually operating university, al-Qarawiyyin University, which opened in 859.

Google's Satellite Map Gets a 700-Trillion-Pixel Makeover

The new map, which activates this week for all users of Google Maps and Google Earth, consists of orbital imagery that is newer, more detailed, and of higher contrast than the previous version.

Most importantly, this new map contains fewer clouds than before—only the second time Google has unveiled a “cloudless” map. Google had not updated its low- and medium-resolution satellite map in three years.

The internet does not just radicalize would-be terrorists, it radicalizes everybody.

This video starts off silent, until you click its volume control.

Powerful facial-recognition software can shred your privacy with just 1 photo

Nearly 250 million video surveillance cameras have been installed throughout the world, and chances are you’ve been seen by several of them today. Most people barely notice their presence anymore — on the streets, inside stores, and even within our homes. We accept the fact that we are constantly being recorded because we expect this to have virtually no impact on our lives. But this balance may soon be upended by advancements in facial recognition technology. 

Soon anybody with a high-resolution camera and the right software will be able to determine your identity.

A new app called FindFace, recently released in Russia, gives us a glimpse into what this future might look like. Made by two 20-something entrepreneurs, FindFace allows anybody to snap a photo of a passerby and discover their real name — already with 70% reliability.

A hacker wants to sell 10 million patient records on a black market

These records are being sold in four separate batches. The biggest batch includes 9.3 million patient records stolen from a U.S. health insurance provider.

The three other batches cover a total of 655,000 patient records, from healthcare groups in Atlanta, Georgia, Farmington, Missouri, and another city in the Midwestern U.S. The hacker didn't give the names of the affected groups.

The hacker wants a total of 1,280 bitcoins for the data he stole.

Healthcare providers are seen as especially vulnerable to cyberattacks because they haven't invested as much in IT security, according to experts.

The hacker said in one listing that the data was stored on an "accessible internal network" and stored in plaintext -- which if true would be in violation of federal healthcare privacy rules.

The best free weapon for businesses to fight phishing fraud

The organizational culture instinctively and intuitively gave employees all the tools to spot a phish. No technical tools, but the cultural human element allowed our close knit humans to immediately spot complex spear phish campaigns.

This close knit and well connected organization working culture was my best weapon to identify and defeat the phish campaign! And best of all it was already there - no purchase needed!

I discovered this weapon when other staff members in the organization forwarded phish emails into the information security office. The quality of the phish emails was very good. No spelling mistakes and excellent grammar. The wire instructions in the Business email compromise (BEC) phish emails were well laid out. The email had all the hallmarks of a professional spear phish. Yet my people were catching these phish emails very easily. The folks catching the phish and forwarding to me were not computer geeks but regular office staff with average skills in computing and security awareness. How were these folks able to spot these sophisticated spear phish and regular phish attacks?

The more I dug in I realized that while the malicious phish campaign had taken pains to craft a well-polished and targeted phish, they tripped up on some common details:

• The salutation was off. Somebody we refer to as William was named as a Bill in the email or the other way around. James in accounting was referred to as James in the email and not what we normally used, which was ‘Jim’

• The sender signature was incorrect in a similar manner;  For example the phish email would say John Doe instead of simply John

• The style of the content was different. The wording of the content seemed different. The email was often very abrupt with no ‘please’ or in some cases no sender name in the message body.

Bart ransomware shows it can be effective without sophisticated encryption

In order to protect themselves against ransomware attacks, users should be wary of email attachments, especially those with unusual file extensions like JS. They should also keep their computer software up to date, especially their browsers and browser plug-ins, and they should implement a file backup routine that involves an offline or offsite backup location.

A new ransomware program making the rounds uses a simple, yet effective technique to make user files inaccessible: Locking them in password-protected ZIP archives.

The new threat is called Bart.

Bart stands out through its simplicity and efficiency, according to researchers from security vendor PhishMe.

Unfortunately for users, Bart is proof that attackers don't need advanced crypto knowledge or complex infrastructure to create reliable and effective ransomware programs. That's why this cybercrime model is so successful and why it won't go away anytime soon.

Android’s full-disk encryption just got much weaker—here’s why
Unlike Apple's iOS, Android is vulnerable to several key-extraction techniques

A blog post revealed that, in stark contrast to the iPhone's iOS, Qualcomm-powered Android devices store the disk encryption keys in software. That leaves the keys vulnerable to a variety of attacks

JOHN MCAFEE: This is why the US is losing the ‘cyber war’ to China and Russia

Attackers are developing an aggressive new ransomware program for Windows machines that encrypts user files as well as the computer's master boot record (MBR), leaving devices unable to load the OS.

The program is dubbed Satana -- meaning "Satan" in Italian and Romanian ... functional but still under development.

When Should Hacking Be Legal?
A group of academics and journalists say a federal computer-fraud law criminalizes their work.

When Aaron Swartz, a prominent programmer and digital activist, was arrested in 2011, he was halfway through a fellowship at Harvard’s Center for Ethics. Faced with the possibility of decades in prison and up to a million dollars in fines, Swartz took his own life in 2013.

The ordeal brought CFAA—a 30-year-old anti-hacking law that has been updated half a dozen times to keep up with new technology—under intense scrutiny. 

Now, a group of academic researchers and journalists is suing the government, challenging the constitutionality of part of CFAA. With the help of the American Civil Liberties Union, they’re targeting the portion of the law that makes it illegal to break private companies’ terms of service, claiming that the rule violates researchers’ and journalists’ rights to conduct research and investigations in the public interest, as guaranteed by the First Amendment.

The four professors bringing the lawsuit are conducting research into racial and other discriminatory biases in online services.

No comments:

Post a Comment



Blog Archive