Newsletter Volume 29 Issue 12, Dec 2017
From The Editor
News of security breaches is becoming commonplace and in recent articles from various sources we have given examples of vulnerabilities to cyber attack and economic blackmail, to Security camera attacks and to Wi-Fi KRAK attacks (which included a four-minute YouTube video.) However a December 6th 2017 Science Daily report from University of Birmingham appears to top them all (I almost said “trump them all” but nowadays that phrase may be confusing). “Researchers have developed a tool to perform semi-automated security testing of mobile phone apps. After running the tool on a sample of 400 security critical apps, they were able to identify a critical vulnerability in banking apps.” See below, Security flaw found: 10 million banking app users at risk.
However, security of mobile phone apps may be the least of our problems. For Network systems, the US Computer Emergency Readiness Team (US-CERT) issued an alert on November 14, 2017, revised November 22, 2017, titled HIDDEN COBRA – North Korean Remote Administration Tool: FALLCHILL. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA the alert includes suggested response actions to the IOCs (indicators of compromise) provided, recommended mitigation techniques, and information on reporting incidents.
On a brighter note, researchers are reporting progress on new tools at least for identifying breaches if not for preventing them. These include: A tool that “can detect when websites are hacked by monitoring the activity of email accounts associated with them.”;
How to identify smartphones by examining just one photo taken by the device;
New software that can verify someone’s identity by their DNA in minutes
See below, HIDDEN COBRA, smartphones and DNA.
Talking of DNA, “A research team has leapfrogged their ‘DNA bricks’ technology by two orders of magnitude, enabling next-generation DNA bricks to self-assemble into three-dimensional nanostructures that are 100 times more complex than those created with existing methods.” This quote comes from a 6 December 2017 ScienceDaily article from Wyss Institute for Biologically Inspired Engineering at Harvard. See below, A 100-fold leap to GigaDalton DNA nanotech
“A team of technologists have joined forces with doctors, lawyers, economists and philosophers to make technology ethical”
This quote comes from a December 13 2017 article in The Conversation by researchers from the University of Sydney. They report that ”The result is a new set of guidelines focused on the ethical and social implications of autonomous and intelligent systems. That includes everything from big data and social media algorithms to autonomous weapons. The report, Ethically Aligned Design, was released today by the Institute of Electrical and Electronics Engineers (IEEE). It is the culmination of a year’s work by 250 world leaders in technology, law, social science, business and government spanning six continents.” The report proposes a set of recommendations (suggestions) that are open to public feedback, see below, Engineers, philosophers and sociologists release ethical design guidelines for future technology.
Articles in the current Issue cover:
“As this flaw is generally difficult to detect from normal analysis techniques, we have developed a detection tool that is semi-automated and easy to operate. This will help developers and penetration testers ensure their apps are secure against this attack..”
“ Interestingly, some research for other purposes could be applied to prevent cybercrime. An example is a 30 November 2017. ScienceDaily article from Columbia University School of Engineering and Applied Science. New software can verify someone’s identity by their DNA in minutes..”
“We worked out an easily accessible practical platform that allows researchers with very different interests and applications in mind to create a molecular canvas with 10,000 bricks and use it to build nanostructures with unprecedented complexities and potential”
“The report suggests all technologies should be guided by five general principles:
- protecting human rights
- prioritising and employing established metrics for measuring wellbeing
- ensuring designers and operators of new technologies are accountable
- making processes transparent
- minimising the risks of misuse.”
Talk about creative design? This video shows some mind-boggling ways to revolutionize your home. See Incredible Expand furniture
We are planning ACOSM18 as a QESP/ACS evening event to be scheduled in April after Easter. Further details will be provided in the January 2018 Newsletter.
Quote of the Day
“Testing is an infinite process of comparing the invisible to the ambiguous in order to avoid the unthinkable happening to the anonymous.” – James Bach
Quote from Yesteryear
Home computers are being called upon to perform many new functions, including the consumption of homework formerly eaten by the dog. – Doug Larson
Wishing all our readers a happy festive season and success in 2018