Tuesday, October 31, 2017

Mass Emergence of Drone Usage

“Drones can save lives, if the government lets them”
---------------------------------------------------------------------
“Drones set to become the biggest threat to national security”


Two very different quotes- representing the two very different viewpoints on the emergence of drones today. Drones can be used on the consumer level for kids and adults who want to have fun flying around a little device, business such as Amazon who are looking into shipping using drones, and on the other end of the spectrum drones could be used for military or government uses in war or surveillance purposes. There are clearly pros and cons to the use of drones in today’s society, however what might the downsides be.

Pros: According to a recent article by Joe Rinzel, he followed a project of transporting blood across the Arizona desert to a patient in critical condition. The flight took 3 hours, and the blood samples arrived in perfect condition unharmed. This innovative way to transport medical necessities is game changer- as it is a quicker alternative to retrieve vital materials for patients. This example represents a great example of how drones are a positive use in today’s society, however many regulations will have to be put into motion to mandate the drone usage.

Cons: With the rise in companies using drones for business, we also see potential threats involved. One risk of utilizing drones is their security vulnerability. Hackers are getting smarter in the ways they penetrate drones, which opens doors for massive problems. For example, Amazon plans to implement shipping options utilizing drones, however one could tamper with the drone carrying precious cargo. In an even more extreme instance of risky drone usage, is for government and military use. The government utilizes unmanned drones to spy and investigate activity in unknown areas. As there are currently no regulations on where drones can fly, this creates openings for individuals to fly a drone carrying a grenade or bomb and drop it in a highly populated area.

All in all, drone usage has stimulated much publicity in society for the many pros and cons they have. What are your thoughts on drone activity today?

What is your opinion of drones being used in warfare? Do you think this is a good idea?
Have you ever used a drone for pleasure?
Do you see vulnerabilities in drone used for shipping?


Sources:

http://fortune.com/2017/10/30/drones-delivery-faa-emergency/

http://www.information-age.com/drones-biggest-threat-national-security-123465587/
Posted by at 5 comments:

Monday, October 30, 2017

Tech Briefing: Chipmaker Qualcomm Bets On Healthcare's Wireless Future

"Chipmaker Qualcomm Bets On Healthcare's Wireless Future"

This article discusses how Qualcomm is investing in things like virtual reality and how it can benefit the health care sector. VR is a tool that can help doctors, "better understand, diagnose, and treat patients in real life." Virtual reality helps doctors experience different patience scenarios like never before, allowing them to better understand symptoms, illnesses, practice difficult surgeries, etc.

Currently, Qualcomm is working on 5G technology which is promising more bandwidth and higher mobile data connections, and believes that the health care sector is a good place for a "worthy beneficiary" of their new developments.

Not only is Qualcomm investing in VR, but tey believe that with 5G it is possible to make an "Internet of Medical Things." Think of how there are connected homes, you can connect and control almost everything in your home now, this is what they believe can happen with the medical field. Connect patient devices that monitor blood pressure, glucose levels, etc.

They have a lot of hurdles in the future if they want to see these changes happen, but I think that Qualcomm is on the right track. They can definitely be shaping a different future for the health care sectors.

What are your thoughts about the "Internet of Medical Things?"
Do you think that Qualcomm is shaping how the health care sector will operate in the future if they are able to offer new 5G technology?

https://www.wired.com/story/qualcomm-life-5g-healthcare-devices/
Posted by at 3 comments:

Wednesday, October 25, 2017

Tech Briefing: New Hacking Method- KRACK


Article: Update Every Device-- This KRACK Hack Kills Your Wi-fi Privacy
Author: Thomas Fox- Brewster

This year we have seen a lot of security breaches and data compromises. Along with it, new hacking methods have surfaced, that only make us more vulnerable in the online world. Though many hacking methods are used to get into a specific system, this new hack allows hackers to get in your network.

A researcher from a Belgian university, Mathy Vehoef calls this hack "KRACK, for Key Reinstallation Attack" (Brewster). This affects a very common core encryption protocol WPA2 which allows us to keep our web use hidden from everyone. However, now hackers can "tweak" into the handshake process that happens between a computer and a router to connect to the network. Once they hack into this, they can manipulate the encrypted key which is supposed to be a one time use, and is created by algorithms during the handshake process.
Once they manipulate this key they can use it multiple times to get into your network. This means  now the hacker can see everything we do on the internet, and can steal our credit card information, messages, emails, photos etc.
Though this attack is only possible when the hacker is within the physical proximity of the device. So to protect ourselves, we need to look out for newly released patches for routers, laptops and mobile devices. Many top companies have already released patches and some are underway.
Meanwhile, Vehoef suggests users to use VPN software and HTTPS encrypted websites to protect ourselves from this.

What are your thoughts on this new hacking method? Have you installed any patches or received any information regarding the release of these patches from companies like Microsoft?




Posted by at 3 comments:

Tuesday, October 24, 2017

Tech Briefing: Your Browser Could Be Mining Cryptocurrency For A Stranger

"Your Browser Could Be Mining Cryptocurrency For A Stranger"
Lily Hay Newman - 10/20/17

Link: https://www.wired.com/story/cryptojacking-cryptocurrency-mining-browser/

Topic: Blockchain/Cryptography

The Internet continues to live in the realms of a dangerous environment where threats are in an abundance. Many people in today's society aren't taking the initiative to protect themselves from the array of problems they can find themselves in from cybersecurity related issues. To add to the ongoing list of problems, the world is experiencing a new issue in the name of "cryptojacking", "which secretly uses your laptop or mobile device to mine cryptocurrency when you visit an infected site" (Newman). Cryptojacking definitely has some unique features to take into consideration.

Cryptojacking is a new concept in itself that it has gained popularity over the last couple of weeks. According to the text, "Instead, the latest technique uses Javascript to start working instantly when you load a compromised web page" (Newman). Individuals will not immediately know if the website they are visiting has been compromised or not. Digital profit may be earned in the likes of getting access to your device or even utility bills that you pay. This craze started when a company called Coinhive developed a script that would starting mining Monero, a cryptocurrency when a specific webpage is loaded. There are countless ways to protect yourself from this arising trend.

Taking time to prevent any security breaches may be a life lesson to learn. In ensure best practices, "To protect yourself from cryptojacking, you can add sites you're worried about, or ones that you know practice in-browser mining, to your browser's ad blocking tool" (Newman). Everything may be happening in front of your eyes and you may be clueless in the entirety.

What security related issues have you personally encountered? What specific measures have you taken to protect yourself from any type of attack?

Thanks for reading and I hope to hear your thoughts to this post!

Best,

Andrew Hom


Posted by at 10 comments:

Blockchain (continued)

I posted some videos and links on my Tech Briefing blog related to Blockchain.  I direct your inquiry there.   http://techbriefmis441.blogspot.com/2017/10/blockchain.html.   Thanks for attending the talk at the IT Summit.

If you don't know much about Blockchain, or even if you do, I hope you find the links (and videos) helpful in extending your knowledge.  Please comment or ask questions on the blog.  We can try to talk about this in class, but there is a lot to cover.   I suggest you start with the videos and articles/videos from the MIT Media Lab event.  I hope the talk gave you some idea of how blockchain works, but I find words don't really explain all you need to know about the field.  Okay to post your own links, too.
Posted by at 4 comments:

Sunday, October 22, 2017

Tech Briefing: Tesla & Autopilot

When it comes to cars and autonomous driving, few have been able to set the industry standard quite like Tesla has. With their Autopilot capability, Tesla vehicles are able to completely drive themselves, and claim to even be able to operate better than a human can when it comes to safety. What makes their self-driving capabilities so unique is the technology that they pack into them, specifically Eight surround cameras provide 360 degrees of visibility around the car at up to 250 meters of range. Twelve updated ultrasonic sensors complement this vision, allowing for detection of both hard and soft objects at nearly twice the distance of the prior system. A forward-facing radar with enhanced processing provides additional data about the world on a redundant wavelength that is able to see through heavy rain, fog, dust and even the car ahead (Tesla). In addition, the cars can always be updated via over the air software updates, so new features can always be continuously added and improved to make the self-driving experience that much better.

When stacked up against the competition, Tesla ranks king every time, for the time being. Car and Driver did a comparison between the Tesla Model S P85D, BMW 750i xDrive, Mercedes Benz S65 AMG, and Infiniti Q50S, in which the Tesla blazed past the competition. They found that The Tesla’s Autosteer performance can be distinguished from our other contenders by two words: no wobbling. This car identifies the exact center of your lane of travel and holds that course with minimal deviation. This system rises well above parlor-trick status to beg your use in daily driving (Car and Driver). With this finding, it is clear that the Autopilot features that are built into each Tesla are more than just a party trick, it is the future and direction in which autonomous driving needs to be heading.

One of the biggest hurdles facing self-vehicles today is the government regulations that they have to overcome to become compliant in each state. While we are still a few short years off before seeing fully autonomous vehicles on the road due to those regulations, it is exciting to see how the future of driving is going to be changing.


What are your thoughts on the future of driving and fully autonomous vehicles? Are you for or against it? What features would you like to see as available options in a self-driving car?

Sources: 

https://www.caranddriver.com/features/semi-autonomous-cars-compared-tesla-vs-bmw-mercedes-and-infiniti-feature-2015-tesla-model-s-p85d-page-5

https://www.tesla.com/autopilot
Posted by at 4 comments:

Thursday, October 19, 2017

Google Play Security Reward

Google is unveiling a new competition that will utilize crowdsourcing to uncover bugs in the popular apps of the Play Store. The “GooglePlay Security Reward” program is inviting users to poke around some of the popular apps and look for vulnerabilities. There are currently only a few apps involved in the program and consists of apps created by Google as well as third parties. All the Google developed Android apps are on the list for the challenge as well as Alibaba, Dropbox, Duolingo, Headspace, LINE, Snapchat and Tinder.

If you are able to help a developer fix a bug, Google will reward you with $1,000 in addition to the bounty the third-party developer may pay.  Google does not have an interest in knowing of any of the bugs until after they are solved. The company will review any of the fixes and then hand out the reward. They are utilizing HackerOne to deal with most of the back end for this program from submitting reports to inviting hackers to the program.


How will Google truly benefit from this program if they only look at solutions rather than the problem and the solution? Do you think it will benefit Google to have this program even though they outsourced most of the work to HackerOne? 
Posted by at 8 comments:

Tuesday, October 17, 2017

Tech Briefing: Using AI for Cybersecurity

“Firewalls Don’t Stop Hackers. AI Might.”

Article: https://www.wired.com/story/firewalls-dont-stop-hackers-ai-might/
Author: Scott Rosenberg
Date: 9/27/17

Even when organizations follow all the right procedures and take all necessary precautions, they are still vulnerable to security attacks. Hackers can still find a way in past all defenses. Nicole Eagan, CEO of Darktrace, argues that artificial intelligence (AI) is the only way to effectively defend networks from the kinds of unknown attacks that antivirus scans and other measures will not find. Darktrace uses machine learning to identify what “normal” looks like across a network and all its device and then reports in real time if there are any anomalies or activities in the network that deviate from that “normal” baseline.

Eagle insists that the current way we approach security is flawed. We wait for an attack to happen, and analyze that attack after-the-fact to try and see how we can better protect ourselves next time. But the problem, Eagle notes, is that we are just chasing yesterday’s attack and the next attack may be different – the attacker may find a new vector, especially knowing we are protecting against the previous kinds of attacks. Darktrace’s approach is about learning in real time what is going on, and using AI to recommend actions to take. The AI can do this even if the attack is one that has never been seen before. In this way, Darktrace insists we strategically plan ahead when it comes to cyber risk, rather than merely react to the past.

Eagle uses the human immune system as an analogy for this concept. The immune system has a very precise response when it senses an infection. It is always running in the background and we do not have to think about it. We just trust it knows what it is doing and will react when needed. And, like immune systems, the longer machine learning and unsupervised self-learning systems are in place, the smarter and stronger they get. The more things it gets exposed to, the stronger it gets.

Eagle also introduced the idea of a sort of cyber risk score. Like a credit rating, this would be a dynamically changing, real-time score that analyzes and reports an organization’s level of cyber risk. Organizations in a supply chain must share their score with each other so others in the chain are aware if an organization has a poor score and is more vulnerable to security threats. Eagle argues this will change the future of cyber risk insurance and can also extend to consumers. For instance, a consumer may be more reluctant to bank with a certain institution if it has a low cyber risk score.

To summarize her point, Eagle claims the great thing about their approach is that you don’t have to try and figure out what you need to do with your device to secure it. Darktrace just models the device’s behavior, identifying what is and is not normal, and monitors it continuously to know whether or not it is under attack.

I find this concept to be very interesting and believe it can be very effective. However, like anything, it would need to be tested in practice and proven to work. If it does, I can see organizations beginning to adopt this. I do not believe it should replace anything currently in place, but it would be a great extension of an organization’s current security defense mechanisms to better protect themselves against the growing depth and breadth of cyber threats.

Regarding the cyber risk score, I too think this could be a good idea, if it works well and accurately, and without significant cost. On the supply-chain side, the transparency along the chain is fair so that organizations can protect themselves if they are at risk. On the consumer side, this allows consumers to know the risk of doing business with an organization. What is also great is that this would incentivize organizations to increase their cyber risk score or else consumers will not want to use them. However, I do see some concerning drawbacks. If an organization’s cyber risk score is public, attackers can see this as well and target organizations with low scores. Thus, this concept would need to be given serious consideration before being implemented.


If it works, I think the use of AI and machine learning to detect network attacks will be a promising new avenue for organizations to protect themselves, their partners, and consumers.

Additional Links:

 https://www.darktrace.com/
https://www.cnet.com/news/cyberattacks-artificial-intelligence-ai-hackers-defcon-black-hat/
https://digit.hbs.org/submission/darktrace-using-machine-learning-for-cyber-security/
Posted by at 1 comment:
Subscribe to: Posts (Atom)