Thursday, February 28, 2019

Curious story in the Verge about "thunderclap"



I’m not familiar directly with Thunderbolt computers, but here’s a story on vulnerability to certain external drives and devices to thunderclap. 

I think this vulnerability could be of concern to utilities and infrastructure computers (pipelines, water treatment) to prevent “jumping” across “air-gaps” as a deep cybersecurity threat.

Just a warning note.

Friday, February 08, 2019

Youtube copyright strikes scam reported and fixed



Motherboard Vice, in an article by Jack Hauen, warns about a new scam to extort money (bitcoin) from YouTube channel creators with false copyright strikes, based on a flaw in the way YouTube handles DMCA takedown requests.  


The video above reports a similar scam using Comcast.
  
YouTube has restored the affected accounts and hopefully has closed the loophole.  

Tuesday, February 05, 2019

Lawsuit in Texas could set a precedent allowing copyright trolls to remove Internet access entirely from "pirating" consumers



Lior Leser (Sept. 2018) described a lawsuit by some media companies against an ISP in Austin, TX for not suspending the Internet access of some people who made illegal downloads by Bit Torrent.


The lawsuit could set a precedent requiring ISP’s to terminate consumers accused of piracy by media companies, requiring all access to the Internet merely based on allegations from a copyright troll.

This case is very disturbing and it needs to be followed in more detail.

In the future, cloud examination could develop more evidence of piracy. 
  
Defeating SOPA in 2012 didn’t prevent this.

Friday, February 01, 2019

Google wants to eliminate the URL, turn the world into mobile apps?



What?  Google wants to eliminate the URL? 
  
So Lily Hay Newman writes in Wired. 

Where as a fixed, static web address works well for individual consumers and small companies and bloggers, it seems to complicate things (that is, security and immunity from consumer database hacks and breaches) for enterprises. 

But it’s hard for me to imagine how this would go away.
  
But the tendency for companies to encourage you to use their apps on smartphones rather than go to a conventional URL is a start.

Then the app stops working and doesn’t work again until you turn off and restart the phone, or get another iOS update.

This story reminds me of the big scare in 2008 on DNS that led to a big security conference held by Microsoft after a Finnish researcher found a vulnerability (ID blog, Aug, 9, 2008). 
  
Here’s a list of the 12 most dangerous malware outbreaks in history.