SIPantic: 2017

Saturday, December 23, 2017

We all need some of this....

https://www.theverge.com/2017/12/23/16812834/edward-snowden-haven-guardian-project-laptop-phone

Friday, December 8, 2017

Trust must always be minimal and subject to scientific proof through lambda-calculus and Church-Turing machinery implemented in hardware. K J HAMER-HODGES....E.G. Rutkowska: Trust Makes Us Vulnerable

https://www.darkreading.com/vulnerabilities---threats/rutkowska-trust-makes-us-vulnerable/d/d-id/1330587

Security industry needs to be less trusting to get more secure • The Register Forums

https://forums.theregister.co.uk/forum/1/2017/12/07/security_distrusting/?mt=1512736508789

Minimal trust always comes back to capability based Church-Turing machines that scientifically encapsulate algogithms as proven by the Plessey PP250 decades ago.

Thursday, November 30, 2017

Apple releases patch for catastrophic security flaw in MacOS 10.13 | Computing

https://www.computing.co.uk/ctg/news/3022115/apple-releases-patch-for-catastrophic-security-flaw-in-macos-1013?utm_medium=email&utm_term=&utm_content=&utm_campaign=CTG.Daily_RL.EU.A.U&utm_source=CTG.DCM.Editors_Updates&im_edp=sipantic.net&im_company=&utm_medium=email

Tuesday, November 7, 2017

GDPR: What will happen in the first 72 hours after a data breach? | Computing

https://www.computing.co.uk/ctg/opinion/3019682/gdpr-what-will-happen-in-the-first-72-hours-after-a-data-breach?utm_medium=email&utm_term=&utm_content=4.%20GDPR%3A%20What%20will%20happen%20in%20the%20first%2072%20hours%20after%20a%20data%20breach%3F&utm_campaign=Top%20Stories%20-%20%5BNov%2017%5D&utm_source=Controlled%20circulation%20engagement&im_edp=sipantic.net&im_company=&utm_medium=email

Friday, November 3, 2017

Re: [Caja] WASM and ocaps

Interesting!

On Nov 3, 2017 5:56 PM, "Mark Miller" <erights@gmail.com> wrote:

At the latest wasm (Web Assembly) standards meeting, I pointed out that wasm is already an OS-like ocap system: A wasm instance, with its linear data space + table of opaque external functions/objects is already a process-granularity-like unit of isolation with an address space and a clist. A wasm computation addresses its clist entries by clist index as expected. In addition, wasm currently obeys the following restriction.

> WebAssembly instances must never be able to cause effects other than by wielding explicitly granted access (e.g. the importObject in a JS embedding).

According to Andreas Rossberg (cc'ed), this is on purpose, even though the people in the room at the time did not seem to know that. I suggested that it be made normative, so security uses of this restriction would not be compromised by later "enhancements" that accidentally break this unarticulated restriction.

https://github.com/WebAssembly/meetings/issues/104
is the one to watch. Assuming I do a good job clarifying the agreement we just came to, and assuming the agreement holds in the face of these clarifications, it looks like wasm will explicitly be the object-capability system it was designed to be.

Andreas and Bradley (also cc'ed), please clarify or expand as appropriate. If you don't want to subscribe to these lists, send your posts to me and I will forward. Thanks.

--
Cheers,
--MarkM

--

---
You received this message because you are subscribed to the Google Groups "Google Caja Discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-caja-discuss+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Friday, October 27, 2017

BBC News: Artificial intelligence smart enough to fool Captcha security check

I saw this on the BBC and thought you should see it:

Artificial intelligence smart enough to fool Captcha security check - http://www.bbc.co.uk/news/technology-41775968

* Disclaimer *

The BBC is not responsible for the content of this email, and anything written in this email does not necessarily reflect the BBC's views or opinions. Please note that neither the email address nor name of the sender have been verified.

Thursday, October 26, 2017

The KRACK Wi-Fi vulnerability, explained like you're five

The KRACK Wi-Fi vulnerability, explained like you're five
https://thenextweb.com/security/2017/10/17/krack-explained-like-youre-five-years-old/

Monday, October 16, 2017

Cat theory

http://catinf.com/index.php?_utm_source=1-2-2

Thursday, October 12, 2017

MarketWatch: Opinion: The cyberwars are coming — here’s how to prepare (and make money)

MarketWatch: Opinion: The cyberwars are coming — here's how to prepare (and make money) http://google.com/newsstand/s/CBIwyruyqTY

Marketplace APM: 10/12/2017: A computer science "genius" on why we haven't fixed cybersecurity

Marketplace APM: 10/12/2017: A computer science "genius" on why we haven't fixed cybersecurity. http://google.com/newsstand/s/CBIwjYy2qTY

Tuesday, October 10, 2017

Engadget: 37,000 Chrome users downloaded a fake Adblock Plus extension

Engadget: 37,000 Chrome users downloaded a fake Adblock Plus extension. http://google.com/newsstand/s/CBIw0cjD0DI

Friday, October 6, 2017

Re: Unit 42 Threat Intelligence ALERT

Update

On Oct 6, 2017 14:29, Palo Alto Networks <marketing-emails@paloaltonetworks.com> wrote:

Unit 42 Threat Intelligence ALERT
If you're having trouble reading this message, click here

Read the latest research >

FREEMILK: A HIGHLY TARGETED SPEAR PHISHING CAMPAIGN

In May 2017, Palo Alto Networks Unit 42 identified a limited spear phishing campaign targeting various individuals across the world. The threat actor leveraged... Read more >

THREAT ACTORS TARGET GOVERNMENT OF BELARUS USING CMSTAR TROJAN

Palo Alto Networks Unit 42 has identified a series of phishing emails containing updated versions of the previously discussed CMSTAR malware family... Read more >

THREAT BRIEF: CONVERSATION HIJACKING SPEAR PHISHING

Spear Phishing is a specific attack technique that has become widely used in the past few years. In our new research blog "FreeMilk: A Highly Targeted Spear Phishing Campaign"... Read more >

© 2017 Palo Alto Networks, Inc. All rights reserved.
3000 Tannery Way, Santa Clara, CA 95054

Privacy Policy | Terms of Use | Email Preferences
www.paloaltonetworks.com

Thursday, October 5, 2017

Re: App VJ Foot Spa shared by Ken Hh

ken

On Oct 3, 2017 4:54 PM, Ken Hh <noreply@appsheet.com> wrote:

Ken Hh shared an app with you!

Hello! I have created this app with AppSheet and am sharing it with you.

To install the 'VJ Foot Spa' app, please click the link below on your mobile device and follow the instructions:
Install the app

You can also run the app in your web browser by clicking the link below:
Run the app in a web browser

Need more help?
Join the AppSheet User Community!

Tuesday, September 26, 2017

Sec hack

https://www.washingtonpost.com/news/business/wp/2017/09/26/the-sec-is-hiring-more-cybersecurity-help-after-breach-that-may-have-allowed-hackers-to-profit-from-stock-trades/?utm_term=.dbc352746a51

ken

Friday, September 22, 2017

Play Store malware

https://www.wired.com/story/google-play-store-malware

ken

Thursday, September 21, 2017

Cost of Ransom ware attack on FedEx

https://www.engadget.com/2017/09/21/fedex-ransomware-notpetya/

ken

Reuters: Exclusive: U.S. Homeland Security found SEC had 'critical' cyber weaknesses in January

From Reuters News:

Exclusive: U.S. Homeland Security found SEC had 'critical' cyber weaknesses in January
http://www.reuters.com/article/us-sec-cyber-weaknesses-exclusive/exclusive-u-s-homeland-security-found-sec-had-critical-cyber-weaknesses-in-january-idUSKCN1BW27P

The U.S. Department of Homeland Security detected five "critical" cyber security weaknesses on the Securities and Exchange Commission's computers as of January 23, 2017, according to a confidential weekly report reviewed by Reuters.

This service is not intended to encourage spam. The details provided have been used for the sole purpose of facilitating this email communication and have not been retained by Thomson Reuters.

ken

Reuters | Homeland Security detected five critical cyber security weaknesses in SEC's computers in January: confidential report

Homeland Security detected five critical cyber security weaknesses in SEC's computers in January: confidential report

Get updates at Reuters.com

ken

Sunday, September 17, 2017

Cybersecurity Incident & Important Consumer Information | Equifax

https://www.equifaxsecurity2017.com/

Saturday, September 16, 2017

The hidden history of cyber-crime forums - BBC News

http://www.bbc.com/news/technology-40671091

Saturday, September 9, 2017

Equifax data breach

https://www.engadget.com/2017/09/08/equifax-hack-response-pii-lawsuit-waiver/

Monday, August 28, 2017

The Next Web: Google made a tiny error and it broke half the internet in Japan

The Next Web: Google made a tiny error and it broke half the internet in Japan. http://google.com/newsstand/s/CBIwpZuC7TU

Friday, August 25, 2017

Wikileaks Vault 7: CIA backdoored software updates to spy on allies | Computing

https://www.computing.co.uk/ctg/news/3016250/wikileaks-vault-7-cia-backdoored-software-updates-to-spy-on-allies?utm_medium=email&utm_term=&utm_content=&utm_campaign=CTG.Daily_RL.EU.A.U&utm_source=CTG.DCM.Editors_Updates&im_edp=sipantic.net&im_company=

Thursday, August 24, 2017

How A Hoax Made To Look Like A Guardian Article Made Its Way To Russian Media

https://www.buzzfeed.com/craigsilverman/how-a-hoax-made-to-look-like-a-guardian-article-made-its?utm_term=.bl5v3YYeEj

Get the BuzzFeed App: https://bzfd.it/bfmobileapps

Tuesday, August 15, 2017

When it all kicks off: What happens at a security firm when a global malware outbreak occurs?

http://www.computing.co.uk/3015625

Saturday, August 12, 2017

Elon Musk just made Microsoft Azure 100% cooler by association

Elon Musk just made Microsoft Azure 100% cooler by association
https://mspoweruser.com/elon-musk-just-made-microsoft-azure-100-cooler-association/

Thursday, August 10, 2017

DNA attack

https://www.google.com/amp/s/www.wired.com/story/malware-dna-hack/amp?_utm_source=1-2-2

Saturday, July 1, 2017

Doctor Opens Fire at Bronx Hospital, Killing Woman and Wounding 6 Others

Doctor Opens Fire at Bronx Hospital, Killing Woman and Wounding 6 Others
https://www.nytimes.com/2017/06/30/nyregion/bronx-hospital-shooting.html

ken

Wednesday, May 31, 2017

Blame game for cyber attacks grows murkier as spying, crime tools mix | Reuters

http://mobile.reuters.com/article/idUSKBN18R1UJ

Sent from my iPhone

From The New York Times:

Hackers Hide Cyberattacks in Social Media Posts

A recent attack on the accounts of Defense Department employees suggests how easily people can be duped into clicking on dangerous links.

https://www.nytimes.com/2017/05/28/technology/hackers-hide-cyberattacks-in-social-media-posts.html?mwrsm=Email

Sent from my iPhone