Artificial Intelligence Meets Actual Intelligence: Would you connect your brain to the internet?

Before you laugh at the notion and discount the idea as science fiction, you might be surprised to learn that many really smart people are trying to make this happen, and they are making real progress.

image of digital brain

http://wondergressive.com/wp-content/uploads/2014/01/WG-computer-brain.jpg

Exhibit A: The MIT Media Lab in NYC

Skip ahead one minute into this 60 minute video

 

Exhibit B: A company named Neuralink

Neuralink is interesting primarily because of the man who is behind it, Elon Musk. You may know who he is already, but for those that don’t, he has been involved in a just a handful of successful endeavors. Among them is the invention of a computer with four wheels that can driver really fast and runs on electric, commonly referred to as a Tesla. Oh yeah, and it can dance.

Dancing cars are cool, but Musk feels that artificial intelligence could be a risk to the human race, and if you can’t beat it, join it. He reasons that we are all “cyborgs” already, part human and part machine, thanks to the modern smartphone. Our input system (sight) is high bandwidth, he says, but we have an output bottleneck to contend with…two thumbs. He created a company with the goal of solving that problem by finding a way to connect our brain to the internet.

STOP RIGHT THERE, MUSK!

My brain is one network that must remain air gapped for all time. We can’t reliably protect my WiFi thermostat, let alone the super computer inside our head that makes you, you and me, me. I would imagine that most information security professionals will react similarly, but as technologists many would accept the risk so we can be super CISOs and the like. But fear not! The rest of us will still have jobs. How do I know? We will always need someone to protect the internet connected brains from a massive and devastating denial of service attack, and it will be the non-internet connected mortals that will have to do it.

Before you assume I lost my non-internet connected mind, rest assured most of this article was written in jest. But all kidding aside, let’s figure out how to protect artificial intelligence consistently before we put our actual intelligence at risk. Many technology experts, including Musk, are concerned about the weaponization of artificial intelligence, which is a ship that has already left the dock. I would much rather see artificial intelligence leveraged to create self-patching software or a programming language that can keep our data safe without the contingency of developer perfection. Until then, I’ll work within the constraints of having two thumbs,and be grateful for the extra four fingers on each hand that allowed me to generate this output at about 65 wpm.

Thanks for reading and don’t forget to subscribe.

 

Quoted by CSOOnline: Keeping your kids safe along with your network

One of my comments regarding BYOD was quoted in an online slideshow on CSO Online. My comment is on slide 3. Pretty cool! It’s an interesting and concise article on a complex topic. I’m not just saying that because I was quoted…

Keeping your kids safe along with your network

The article’s author, Josh Fruhlinger, has a bunch of similar slideshow formatted articles on various topics. Be sure to check those out as well.

Thanks for reading and don’t forget to subscribe.

Linux Security: No Room For Cockiness

Hello All. Today, I am very happy to share with you a post written by a guest blog writer, Shawn Powers. Shawn has been teaching IT for more than a decade. His specialties are Linux, Chef, and integrating multiple platforms for larger networks. Early in his career, he started a Cisco Academy for a local school district where he taught networking (CCNA & CompTIA A+) to high school students. He has a passion for teaching others, and his enthusiasm comes through in his courses. He is an associate editor for Linux Journal and instructor for CBT Nuggets.

Linux Security: No Room For Cockiness, By Shawn Powers

https://themmindset.files.wordpress.com/2011/04/windows_vs_linux.jpg

                  https://themmindset.files.wordpress.com/2011/04/windows_vs_linux.jpg

One of the biggest selling points for using Linux is its inherent security advantage. Some people claim it’s due to a better modular security structure in its design. Others claim it’s compromised less often because it’s not targeted as much. I think the truth lies somewhere in the middle. Wherever you think Linux has an edge, the worst thing a system administrator can do is depend on the percentages game and assume a Linux system is invulnerable.

A Linux server is not invulnerable.

Even if Linux itself is secure, the applications installed on top of the operating system might not be. One prime example is the Code Red worm that affected Apache web servers. It didn’t matter that Linux system was secure. After an application with elevated privilege got compromised, the system was done for.

What does this mean for the person in charge of Linux Security? Several things.

1) Keep your system updated.

We make fun of Windows users for the hundreds of security updates that need to be installed on a regular basis. Truth be told, Linux systems have just as many updates! Yes, some are feature changes, but on most systems there is a special “security” channel in the update mechanism that is crucial to keep up to date. Don’t wait for a security problem before installing those updates. Make them a part of your regular routine.

http://www.libertycolumns.com/images/os-updates-windows-mac-linux.jpg

                http://www.libertycolumns.com/images/os-updates-windows-mac-linux.jpg

2) Don’t install services you don’t intend to use.

When you’re setting up a server, whether it’s a virtual machine, bare metal, or a cloud instance, don’t install services unless you actually need to use them. If you’re not going to host web pages on your MySQL server, don’t install Apache on it! Not only are services more vectors for compromise; if you don’t use them, you’re less likely to notice if they fall behind in updates. An idle Apache server is just as vulnerable as an active one. Install what you need, but no more.

3) Firewalls are your friend.

There was a time somewhere between Windows XP and Windows Vista where the first thing I did on a desktop system was turn off the firewall. It seems like the built in firewalling system on Windows was so flaky, that it broke more than it solved. That’s not the case anymore with Windows, and it’s absolutely not the case with Linux. Whether you’re using a GUI tool, or the super simple “Uncomplicated FireWall” (UFW) in Ubuntu from the command line, use a firewall! And like with the applications you install, only open the ports you need, and no more.

Linux security is generally rock solid, and is fairly easy to maintain. One of the biggest problems Linux system administrators face is the tendency to neglect updates. So take security seriously, and Linux will be painless to keep safe. Leave it on its own, and hackers will happily check for vulnerabilities on your behalf!

-Author, Shawn Powers

(images and formatting added by Matthew Nappi)

 

Do you agree with Shawn’s viewpoint on Linux security? Is there anything else you would add to this list? Let us know in the comments below.

Thanks for reading and don’t forget to subscribe.

Have You Been Bluesnarfed?

I recently became aware of a couple of scams that can significantly hurt your wallet because the end result is a bunch of unauthorized, but legitimate (from the phone company’s perspective) charges on your cell phone bill.  The prevention of these scams is extremely simple and non-technical.

Scam 1:  A scammer hacks into the Bluetooth connection coming from your phone and downloads your entire address book.  They then add a 1-900 premium relay number as a prefix to each of the stored phone numbers in your address book and uploads the modified contacts back to your phone…all in the matter of seconds.

The result?  You call Mom, and your phone simply displays “Calling Mom.”  What’s really happening is that your phone call to Mom is being relayed through a 1-900 premium pay-per-minute “service” and you owe the phone company thousands of dollars by the end of the month.  You’ve been bluesnarfed!

Prevention:  Call your cell phone company and disallow premium phone calls.

Scam 2:  A scammer sits in the back of a crowded movie theater and hacks into your cell phone via Bluetooth while it is tucked safely away in a purse or pocket as to not disturb others.  A second scammer sits outside and sells reduced cost minutes to a crowd of international visitors who would like to speak to their family.  Unbeknownst to you, they are doing so via your cell phone.

The result?  You owe the phone company big for almost 2 hours of international phone calls.

Prevention:  Call your cell phone company and disallow international phone calls.

I took the preventive steps listed and although the customer service rep at my cell phone carrier initially told me it was not possible, after I pushed them they “figured out” how to disable international and premium outbound phone calls on my line.  Although newer phones make these scams harder to execute, the increased range of Bluetooth makes your “attacker” radius larger than ever before.  Besides, it was a 15 minute phone call and may have saved me thousands of dollars.  I hope you take the same precaution!

Some other general recommendations regarding Bluetooth security:

  1. Turn off discovery mode when not actively pairing a device.
  2. Reset default Bluetooth pins to be longer and unique.
  3. Turn off Bluetooth when not in use.
  4. Only pair devices in trusted and non-crowded locations.

Thanks for reading and don’t forget to subscribe!

Google Glass: The Apple of My Eye?

I had very few preconceived notions and limited information about Google Glass before my test drive.  Aside from watching the concept video, I didn’t really know what to expect.  Unfortunately, the experience of wearing Glass did not fully live up to what I was hoping for.  Is it cool?  Yes.  Is it different?  Yes.  Is it life changing? NO.  Is it worth $1500.00 to the average consumer? Not by a long shot.  $500?  Nope.  $200?  Maybe.  Will it replace your iPhone, Galaxy or Lumia anytime soon?  Definitely not.

One thing is for sure…smartglasses can potentially introduce a truly hands-free mobile computing experience.  I have no doubt that as they mature they will eclipse the fledgeling smartwatch market.  However, at the moment they are both in the same category of being merely smartphone accessories.  Google Glass does not really enable you to do anything you can’t do now and much of it’s functionality relies on being tethered to your phone.  There are a few features worth taking note of though.

The picture taking and video recording ability of Glass could be a game changer.  Taking a picture is as simple as winking your right eye.  What parent doesn’t want that ability?  Saving time in a bottle becomes a real possibility now that we can record almost exactly what our eyes are seeing.  Video recording has long been known as the great equalizer and no doubt everyone would be on their best behavior if a simple gesture could preserve everything you say and do…on youtube.  I’m not saying it’s good or bad, but having a video camera pointed everywhere you go is definitely one of the more interesting Glass features.  There are so many practical applications for that feature as well.  Police Officers, field technicians, reporters, and students would no doubt find a wearable video camera useful on a daily basis.  Maybe state IT workers could find it useful too…

 

This is also a feature that makes me concerned as a security professional.  It is well documented that hacking into a webcam is nothing short of commonplace.  It’s kind of funny that of all the cyber risks in the wild, a webcam hack is the one risk that seems to resonate with everyone (see video below).  According to most and depending on where your webcam is situated, the idea of someone covertly watching us is just an unfathomable violation of privacy.  What can be worse?  I know!  Someone covertly seeing everything you see.  Hopefully you don’t look down when you type in your super secret passwords.  Anti-Virus for Google Glass?  Probably not, but with Android being targeted heavily with malware, AV on your smartphone is a must.  Keeping your phone OS and all accessories updated is equally, if not more, important.

http://www.youtube.com/watch?v=CUx8_JNNKsM&feature=youtu.be

By and large my experience with Google Glass was a positive one.  It was great to be able to have GPS directions in the corner of my eye rather than on my Costco purchased dashboard GPS.  Be forewarned though that the device runs hot when used for processor intensive tasks.  I also really enjoyed the text to speech ability of the device.  That feature was especially helpful when taking a picture and sharing it with my Google+ circles almost instantly.  It was shockingly accurate with the exception of one embarrassing picture caption that I will not share at this time.

So by and large, I would say that Google Glass and other products like it are here to stay.  They definitely have the need to mature, but the vision and application of smartglasses and even smartglass (car windshields?) is exciting.  Oh yeah, and get ready for a new breed of selfie…

They are unavoidable.
They are unavoidable.

Mobile Computing in 2014 and Beyond…

With all the hype surrounding Google Glass, Dick Tracy watches and curved phone displays, it makes me wonder what the future of mobile computing is going to be.  It’s obvious that smartphones are not quite as “smart” as they used to be.  Standard phones continue to disappear (Nana has an iPhone) and so-called smartphones have taken over the coveted title of “phone”.  The line that separates smartphones from tablets is thinner than the devices themselves.  So, then, what’s next?  Wearable technology seems to be the obvious progression of mobile computing.  It is soooooooooooo 2010 to reach into your pocket and pull out a square clunky device to check your e-mail…

Sadly, internet access from your watch, glasses, or iShoes, means more of an attack surface for malware writers and the like.  It won’t be long before ‘patching your shirt’ has nothing to do with a needle and thread.  The Internet of Things is growing and everything we own will have an IP address along with software to patch.  It’s this endless exposure that demands a risk based approach to IT security rather than the secure everything approach that just isn’t feasible anymore.

In any case, I’m excited to have a little face time (literally) with Google Glass over the weekend.  I’ll summarize my opinions on the topic sometime next week.

photo