Tuesday, December 12, 2017

Somehow, this does not give me that warm fuzzy feeling.
Hackers hit U.S., Russian banks in ATM robbery scam: report
A previously undetected group of Russian-language hackers silently stole nearly $10 million from at least 18 mostly U.S. and Russian banks in recent years by targeting interbank transfer systems, a Moscow-based security firm said on Monday.
Group-IB warned that the attacks, which began 18 months ago and allow money to be stolen from banks’ automated teller machines (ATMs), appear to be ongoing and that banks in Latin America could be targeted next.
… The firm said it was continuing to investigate a number of incidents where hackers studied how to make money transfers through the SWIFT banking system, while stopping short of saying whether any such attacks had been carried out successfully.
SWIFT said in October that hackers were still targeting its interbank messaging system, but security controls instituted after last year’s $81 million heist at Bangladesh’s central bank had thwarted many [but not all? Bob] of those attempts. (reut.rs/2z1b7Bo)
Group-IB has dubbed the hacker group “MoneyTaker” after the name of software it used to hijack payment orders to then cash out funds through a network of low-level “money mules” who were hired to pick up money from automated teller machines.
… The average amount of money stolen in each of 14 U.S. ATM heists was $500,000 per incident. Losses in Russia averaged $1.2 million per incident, but one bank there managed to catch the attack and return some of the stolen funds, Group-IB said.




Should there be a law to protect LinkedIn’s data? How could you write that to keep my researching students from violating it every day?
EFF to Court: LinkedIn is wrong about accessing publicly available information online
… The social networking giant wants violations of its corporate policy against using automated scripts to access public information on its website to count as felony “hacking” under the Computer Fraud and Abuse Act, a 1986 federal law meant to criminalize breaking into private computer systems to access non-public information.
EFF, together with our friends DuckDuckGo and the Internet Archive, have urged the Ninth Circuit Court of Appeals to reject LinkedIn’s request to transform the CFAA from a law meant to target “hacking” into a tool for enforcing its computer use policies. Using automated scripts to access publicly available data is not “hacking,” and neither is violating a website’s terms of use. LinkedIn would have the court believe that all “bots” are bad, but they’re actually a common and necessary part of the Internet. “Good bots” were responsible for 23 percent of Web traffic in 2016. Using them to access publicly available information on the open Internet should not be punishable by years in federal prison.




So what do we do about it? Rather simplistic and opinionated.
How Russia Hacked America—And Why It Will Happen Again
During the 2016 presidential campaign, Russian hackers attacked the U.S. on two fronts: the psychological and the technical. Hackers used classic propaganda techniques to influence American voters, bought thousands of social media ads to propagate fake news, and broke into Democratic party email servers to steal information.




They talk to the people who should know.
Deloitte’s tech predictions for 2018: More AI, digital subscriptions, AR, and live events
Accounting and tech consultant Deloitte released its predictions for the technology industry in 2018, covering topics from the growth of augmented reality to the triumph of live programming on the Internet.
The predictions are part of the company’s 17th annual Technology, Media, & Telecommunications report. Some of the predictions are for tech growth in 2018, while other predictions refer to growth in future years.




I wonder if detailed analysis of signatures in those little screens or the signatures by finger suggests that nothing matches?
American Express and MasterCard are quietly killing one of the most annoying things about buying things in stores
In 2018, major credit card companies including MasterCard, Discover, and American Express will no longer require customers to sign their receipts.
… With the rise of online shopping and new tech like EMV chips in credit cards, signatures have become less necessary as a safety measure, American Express said in a press release.




For my Statistics class: There is such a thing as “Wisdom of the Crowd.” What else could we do with it?
Crowdsourcing Accurately and Robustly Predicts Supreme Court Decisions
ABSTRACT: Scholars have increasingly investigated “crowdsourcing” as an alternative to expert-based judgment or purely data-driven approaches to predicting the future. Under certain conditions, scholars have found that crowd-sourcing can outperform these other approaches. However, despite interest in the topic and a series of successful use cases, relatively few studies have applied empirical model thinking to evaluate the accuracy and robustness of crowdsourcing in real-world contexts. In this paper, we offer three novel contributions. First, we explore a dataset of over 600,000 predictions from over 7,000 participants in a multi-year tournament to predict the decisions of the Supreme Court of the United States. Second, we develop a comprehensive crowd construction framework that allows for the formal description and application of crowdsourcing to real-world data. Third, we apply this framework to our data to construct more than 275,000 crowd models. We find that in out-of-sample historical simulations, crowdsourcing robustly outperforms the commonly-accepted null model, yielding the highest-known performance for this context at 80.8% case level accuracy. To our knowledge, this dataset and analysis represent one of the largest explorations of recurring human prediction to date, and our results provide additional empirical support for the use of crowdsourcing as a prediction method.” (via SSRN)




Something for my geeks?
Microsoft Launches Free Preview Version Of Its Quantum Development Kit
Back in September, we talked about the groundwork Microsoft was laying for quantum computing with a new programming language in development. Not even three months later, Microsoft is ready to toss a free preview version of that new language to the public and it's called the Quantum Development Kit. That dev kit includes the Q# programming language, a quantum computing simulator, and other resources for people who want to write apps for quantum computers.


Somehow, this does not give me that warm fuzzy feeling.
Hackers hit U.S., Russian banks in ATM robbery scam: report
A previously undetected group of Russian-language hackers silently stole nearly $10 million from at least 18 mostly U.S. and Russian banks in recent years by targeting interbank transfer systems, a Moscow-based security firm said on Monday.
Group-IB warned that the attacks, which began 18 months ago and allow money to be stolen from banks’ automated teller machines (ATMs), appear to be ongoing and that banks in Latin America could be targeted next.
… The firm said it was continuing to investigate a number of incidents where hackers studied how to make money transfers through the SWIFT banking system, while stopping short of saying whether any such attacks had been carried out successfully.
SWIFT said in October that hackers were still targeting its interbank messaging system, but security controls instituted after last year’s $81 million heist at Bangladesh’s central bank had thwarted many [but not all? Bob] of those attempts. (reut.rs/2z1b7Bo)
Group-IB has dubbed the hacker group “MoneyTaker” after the name of software it used to hijack payment orders to then cash out funds through a network of low-level “money mules” who were hired to pick up money from automated teller machines.
… The average amount of money stolen in each of 14 U.S. ATM heists was $500,000 per incident. Losses in Russia averaged $1.2 million per incident, but one bank there managed to catch the attack and return some of the stolen funds, Group-IB said.




Should there be a law to protect LinkedIn’s data? How could you write that to keep my researching students from violating it every day?
EFF to Court: LinkedIn is wrong about accessing publicly available information online
… The social networking giant wants violations of its corporate policy against using automated scripts to access public information on its website to count as felony “hacking” under the Computer Fraud and Abuse Act, a 1986 federal law meant to criminalize breaking into private computer systems to access non-public information.
EFF, together with our friends DuckDuckGo and the Internet Archive, have urged the Ninth Circuit Court of Appeals to reject LinkedIn’s request to transform the CFAA from a law meant to target “hacking” into a tool for enforcing its computer use policies. Using automated scripts to access publicly available data is not “hacking,” and neither is violating a website’s terms of use. LinkedIn would have the court believe that all “bots” are bad, but they’re actually a common and necessary part of the Internet. “Good bots” were responsible for 23 percent of Web traffic in 2016. Using them to access publicly available information on the open Internet should not be punishable by years in federal prison.




So what do we do about it? Rather simplistic and opinionated.
How Russia Hacked America—And Why It Will Happen Again
During the 2016 presidential campaign, Russian hackers attacked the U.S. on two fronts: the psychological and the technical. Hackers used classic propaganda techniques to influence American voters, bought thousands of social media ads to propagate fake news, and broke into Democratic party email servers to steal information.




They talk to the people who should know.
Deloitte’s tech predictions for 2018: More AI, digital subscriptions, AR, and live events
Accounting and tech consultant Deloitte released its predictions for the technology industry in 2018, covering topics from the growth of augmented reality to the triumph of live programming on the Internet.
The predictions are part of the company’s 17th annual Technology, Media, & Telecommunications report. Some of the predictions are for tech growth in 2018, while other predictions refer to growth in future years.




I wonder if detailed analysis of signatures in those little screens or the signatures by finger suggests that nothing matches?
American Express and MasterCard are quietly killing one of the most annoying things about buying things in stores
In 2018, major credit card companies including MasterCard, Discover, and American Express will no longer require customers to sign their receipts.
… With the rise of online shopping and new tech like EMV chips in credit cards, signatures have become less necessary as a safety measure, American Express said in a press release.




For my Statistics class: There is such a thing as “Wisdom of the Crowd.” What else could we do with it?
Crowdsourcing Accurately and Robustly Predicts Supreme Court Decisions
ABSTRACT: Scholars have increasingly investigated “crowdsourcing” as an alternative to expert-based judgment or purely data-driven approaches to predicting the future. Under certain conditions, scholars have found that crowd-sourcing can outperform these other approaches. However, despite interest in the topic and a series of successful use cases, relatively few studies have applied empirical model thinking to evaluate the accuracy and robustness of crowdsourcing in real-world contexts. In this paper, we offer three novel contributions. First, we explore a dataset of over 600,000 predictions from over 7,000 participants in a multi-year tournament to predict the decisions of the Supreme Court of the United States. Second, we develop a comprehensive crowd construction framework that allows for the formal description and application of crowdsourcing to real-world data. Third, we apply this framework to our data to construct more than 275,000 crowd models. We find that in out-of-sample historical simulations, crowdsourcing robustly outperforms the commonly-accepted null model, yielding the highest-known performance for this context at 80.8% case level accuracy. To our knowledge, this dataset and analysis represent one of the largest explorations of recurring human prediction to date, and our results provide additional empirical support for the use of crowdsourcing as a prediction method.” (via SSRN)




Something for my geeks?
Microsoft Launches Free Preview Version Of Its Quantum Development Kit
Back in September, we talked about the groundwork Microsoft was laying for quantum computing with a new programming language in development. Not even three months later, Microsoft is ready to toss a free preview version of that new language to the public and it's called the Quantum Development Kit. That dev kit includes the Q# programming language, a quantum computing simulator, and other resources for people who want to write apps for quantum computers.


No comments: