250-251 bootcamp are must for success in actual test

killexams.com 250-251 Free PDF contains Finish Pool of Queries and Answers plus practice test checked and accredited along with referrals and explanations (where applicable). Our focus on collecting the particular 250-251 Questions and Solutions is not simply in order to pass the 250-251 test at the very first attempt but Actually Transform your Knowledge regarding the 250-251 test subjects.

Exam Code: 250-251 Practice exam 2022 by Killexams.com team
Administration of HA Solutions for UNIX (VCS 5.0)
Symantec Administration thinking
Killexams : Symantec Administration thinking - BingNews https://killexams.com/pass4sure/exam-detail/250-251 Search results Killexams : Symantec Administration thinking - BingNews https://killexams.com/pass4sure/exam-detail/250-251 https://killexams.com/exam_list/Symantec Killexams : Serial Entrepreneur

FEATURE Business and Policy


Peter TippettPHOTO: Cameron Davidson

Peter Tippett

From the cockpit of his twin-prop Beechcraft Duke airplane, Peter Tippett, PhD, MD (GRS ’81, biochemistry; MED ’83), can see for miles on a bright, pleasant day. But Tippett, a doctor, scientist, entrepreneur, pilot and self-described “tinkerer,” doesn’t have to be at 15,000 feet to have a clear vision of where he—and the industries in which he’s involved—are heading.

Throughout a varied and highly successful career, he’s had an almost Forrest Gump-like knack for being at the genesis of breakthrough in a number of fields. From developing software that would become the ubiquitous Norton AntiVirus to building part of the first-of-its kind disease-fighting protein, Tippett always seems to be ahead of the curve. In the process, he gained the eye of the George W. Bush Administration, which named him to a presidential advisory committee on information technology.

These days, the energetic and innovative Tippett is tackling perhaps his biggest challenge yet: turning the bloated, costly and cumbersome world of electronic medical records on its head. Instead of relying on institution-controlled health information exchanges to share records, Tippett wants to empower doctors and patients. The name of his company— HealthCelerate—hints at the urgency with which he wants to transform the system, and a lifetime of cutting-edge achievement suggests he may be just the guy for the challenge.

“You’d think in 15 years of trying to put medical record products in every hospital that we’d have solved this problem,” he said. “But even today, if you want to send something from some big organization to some little place out in the country, it still comes on paper. And if you want to go get your mom’s medical record, good luck with that. It’s the law—they must supply it to your mom if she wants it—but they often supply it to her on paper, or on a CD or DVD. If you take the DVD to the next doctor, it will be unusable and incompatible with the electronic medical record systems of the vast majority of doctors. This is today!”

Sitting in a conference room one morning in the office space he shares with other startups in a nondescript strip mall in Virginia, about 35 miles northwest of Washington, D.C., Tippett raised his voice in excitement as he talked about his latest venture. A transplanted Michigander with a fable Midwestern ease, he tends to see most problems as opportunities, not roadblocks.

Tippett has just come from the airport after visiting his family in Cleveland. For this trip, he has hopped on a commercial carrier (he has flown more than 1 million miles on multiple airlines), but to get to meetings the next day in New Jersey and New York, he’ll fly himself. Aviation is more of time-saver than a thrill or a passion for the workaholic Tippett, who said he needs only about five hours of sleep a night.

“Peter’s done a lot of significant things in his life,” said Darryl Shaw, a former colleague at Verizon and now an adviser to HealthCelerate. “Among them, he has been a research assistant to a Nobel Prize laureate, created and sold successful companies and served on a presidential advisory committee. Despite this, he is also a very real, down-to-earth person. He easily can have a highly detailed conversation with a programmer about some esoteric technical topic, and yet also have a wide-ranging discussion with a CEO explaining the state of the company’s industry. And, in each case, he’ll do so in a genuine and unpretentious manner.”


Peter Tippett began flying at the age of 15, made his first solo trip the following year and now averages about 40,000 miles a year in planes ranging from a twin-prop to a Citation jet.PHOTO: Cameron Davidson

Peter Tippett began flying at the age of 15, made his first solo trip the following year and now averages about 40,000 miles a year in planes ranging from a twin-prop to a Citation jet.

Tippett grew up in Dearborn, Michigan, where his father, James, worked in insurance sales, while his mother, Phyllis, tended to the home. From an early age, he was fascinated by how things were built. At 13, he became a ham radio operator and loved using Morse code. The Henry Ford Museum near his home featured an exhibit on radios, and he ascended to the presidency of its radio club, spending many a night at the museum broadcasting into the wee hours.

While most kids his age were learning to parallel park, Tippett was taking flying lessons. A blizzard delayed his first solo flight until three days after his 16th birthday.

At Kalamazoo College, he majored in biology and worked as an intern at a cholesterol research lab in Cincinnati.

“I was the third human being to eat what was then called sucrose octa-ester, which is now called Olestra,” he recalled. “It was originally thought to be able to lower cholesterol. I ate a diet with X-number of calories where they took the fat out and put this stuff in instead.”

Participation in the study required him to live in a hospital for three months, in part so his diet could be strictly controlled. Bored in his temporary digs, he wandered down to the emergency room, where he worked evenings sewing up people and wrote a program to compile the results of the cholesterol study. He found he enjoyed medicine and the newfangled world of computers.

After graduating in 1975, he landed a position as research assistant to Robert Bruce Merrifield (who won the Nobel Prize for chemistry in 1984) at Rockefeller University in New York City. There, he wrote a program to simplify the process of creating proteins and, for his own project, synthesized the segment of the disease-fighting protein, formally known as the first biologically active immunoglobulin segment.

Tippett was interested in medical school, but didn’t particularly care for the overly competitive nature of pre-med students. Still, he was drawn to Case Western Reserve’s MD-PhD program.

“The neat thing about the Case [Western Reserve] medical school was that it was kind of an experiential model,” he said. “It was less about classes and grades and more about digging in. You immediately got hooked up with patients. I liked the intellectual challenge of it, and I liked the patient interaction parts of it.”

While working 120 hours a week during his residency and internship at what is now MetroHealth Medical Center, he started a software company out of his home in the Coventry neighborhood of Cleveland Heights. In 1987, he heard about a computer virus that affected Lehigh University in Pennsylvania.

“That got me intrigued, and I found that there had been another virus, and I theorized how that had to work,” he said. “People say, ‘You’re a doctor and that’s why you got into viruses, and you applied biochemistry to virus.’ I never thought that was true. How the math of replication works was intuitively obvious to me. If you put a single bacterium on a petri dish, it turns into two bacteria. Those two each have another one and it becomes four, and then each other divides and it becomes eight. Whether any given [computer virus] becomes a real problem or not, who knows, but to the extent that they grow exponentially due to their nature, it’s guaranteed that everybody’s going to need some protection from them.”

So Tippett and his programming team, most of whom were Case Western Reserve students, wrote an anti-virus program eventually called Certus. As the company grew, so did the competition. In 1992, Tippett sold it to Symantec (which changed the product name to Norton AntiVirus) for a sum that would have allowed him to retire.

“Back in the early days of anti-virus, people scoffed at Peter,” said Bob Bales, a longtime business associate and friend. “He would draw graphs and show exponential growth of computer viruses. People would say, ‘That’s the Tippett Curve, some marketing thing.’ But he tends to see stuff that other people don’t and, as a result, sometimes people kind of laugh and say, ‘That’s just Peter.’ But he’s right more often than he’s wrong.”

After working for two contractually mandated years at Symantec, he went on to co-found a company that eventually became Cybertrust, a computer network protection company sold to Verizon in 2007. Tippett, who seems to create companies at the same rate most people replace their cars, founded HealthCelerate in 2015 after leaving the telecom behemoth.

“I didn’t start out thinking I was good at starting companies, but I’ve come to realize that I seem to get something about what’s going to be true about a market in two or three or four years,” he said.

Tippett’s long believed that improvements in health-related information technology (IT) will lead to healthier people, longer life expectancies and billions of dollars in health-care savings. However, his view is that the prevailing approach today toward health information exchanges run by large providers is deeply flawed. This isn’t the first time he’s been a naysayer. He also played that role in the mid-2000s when he served on the President’s Information Technology Advisory Committee under George W. Bush.

“I didn’t think keeping all the medical records in one place and having people go get them was the right way to go,” Tippett said. “That was then, and still is now, the predominant theory. For a bunch of reasons, I thought that wouldn’t work, and it’s turned out to not work.”

Tippett said several factors play into that, the biggest being that there’s no universal or standard way to send a medical record from one clinician to another—and fetching a record from a different hospital is basically impossible. A related issue is the incompatibility of different electronic medical record systems. And then there’s the issue of competition between hospitals, Tippett said, which can thwart cooperation.

The approach should be inverted, Tippett argues. Instead of relying on hospitals to share, he wants to allow doctors or patients easy access and share the patients’ records.

HealthCelerate has built a system that was launched in late February. It is disruptive to the machine-to-machine, big-system-to-big-system model because it’s controlled by individuals. A cloud-based service allows patients or doctors to send medical records to other doctors regardless of the original format, and allows doctors to access the records regardless of the platform they use. The company’s website says it provides tools that make this easy for “the busiest doctor to the most technology-phobic individual in the general population.” Tippett offered an example of how the system could work: A doctor in an emergency room reviews an X-ray with a patient whose bone is broken and then forwards the image to an orthopedist (who could be across the country), thus eliminating the need for a costly and wasteful second X-ray.

“All I’m doing is making it easier for you or your doctor to have your complete record in a way that’s usable by machines and people so we can get the benefit of digitization on a personal level,” Tippett said. If he succeeds, Tippett may alter a major component of American health care. It’s a tall task, certainly, but at heart, he remains a tinkerer, determined to disrupt the system until he gets it just right.

“I still have that desire to actually fix things,” he said. “This notion of doing something big enough to actually change the course of security, or health care, or whatever—if that’s within your grasp, why wouldn’t you do it?”

—Mike Unger

Tue, 02 May 2017 05:10:00 -0500 en text/html https://case.edu/think/spring2017/entrepreneur.html
Killexams : A White Hat Virus For The Internet Of Things

The Internet of Things is going gangbusters, despite no one knowing exactly what it will be used for. There’s more marketing money being thrown at IoT paraphernalia than a new soda from Pepsi. It’s a new technology, and with that comes a few problems: these devices are incredibly insecure, and you only need to look at a few CCTV camera streams available online for proof of that.

The obvious solution to vulnerable Internet of Things things would be to get people to change the login credentials on their devices, but that has proven to be too difficult for most of the population. A better solution, if questionable in its intentions, would be a virus that would close all those open ports on routers, killing Telnet, and reminding users to change their passwords. Symantec has found such a virus. It’s called Wifatch, and it bends the concept of malware into a force for good.

Wifatch is a bit of code that slips through the back door of routers and other IoT devices, closes off Telnet to prevent further infection, and leaves a message telling the owner to change the password and update the device firmware. Wifatch isn’t keeping any secrets, either: most of the code is written in unobfuscated Perl, and there are debug messages that enable easy analysis of the code. This is code that’s meant to be taken apart, and code that includes a comment directed at NSA and FBI agents:

To any NSA and FBI agents  practicing this: please consider whether defending
the US Constitution against all enemies, foreign or domestic, requires you
to follow Snowden's example.

Although the designer of Wifatch left all the code out in the open, and is arguably doing good, there is a possible dark side to this white hat virus. Wifatch connects to a peer-to-peer network that is used to distribute threat updates. With backdoors in the code, the author of Wifatch could conceivably turn the entire network of Wifatch-infected devices into a personal botnet.

While Wifatch is easily removed from a router with a simple restart, and re-infection can be prevented by changing the default passwords, this is an interesting case of virtual vigilantism. It may not be the best way to tell people they need to change the password on their router, but it’s hard to argue with results.

[Image source: header, thumb]

Tue, 02 Aug 2022 12:00:00 -0500 Brian Benchoff en-US text/html https://hackaday.com/2015/10/02/a-white-hat-virus-for-the-internet-of-things/
Killexams : DevSecOps: Why Security can no longer be an afterthought

It’s not just the job of the security team anymore! An important aspect of DevSecOps is a shared sense of responsibility towards security, writes Nigel Pereira.

As the focus of the enterprise has shifted towards pushing changes to production as quickly as possible, security is often left on the back burner. In a mad scramble to harness the power of the cloud to remain relevant and competitive, organizations end up leaving huge gaps in security that cannot be addressed as an afterthought.  These gaps could be caused by anything from a misconfiguration to an insecure service being enabled or even a vulnerability inherited from an open-source component like in the case of the Equifax breach that cost over $1.7 billion.

The modern security dilemma

It’s easy to think of security a detail to fill in at a later date because that’s how it has always been done. In fact, the internet itself was secured as an afterthought to quote internet pioneer Dan Lynch who said “When we were first starting to test the first internet, we looked at security and thought that it would be too difficult to include at this phase.” He then adds “bad choice, eh? We never looked back until it was too late.” What he means by too late here is the fact that the internet we use today is still inherently insecure!

Yes, that’s right, the digital network that we use for literally everything was not designed with security in mind and is officially deemed “insecure.” To add to that, modern cloud-based environments typically span multiple public clouds, private clouds, and on-premise resources.

Image: IBM

These hybrid environments are hard to secure using traditional perimeter security measures because the perimeter or “attack surface” is too large and constantly expanding. Additionally, every time you add a new cloud-based application or open-source tool, you’re effectively increasing your attack surface exponentially.

The problem with DevOps

DevOps is about optimizing for development speed with the security aspect added at the end of the development pipeline. While this approach used to work well when networks and perimeters were well defined and could be placed behind a firewall, a lot has changed since then. In addition to complexities associated with securing hybrid environments, the pandemic has caused a major shift regarding where work is done. This has in turn caused the so-called “perimeter” to shift to anywhere an employee decides to log in with their laptop or smartphone. We’re talking about an ethereal, shape-shifting boundary that requires re-thinking of fundamentals to properly secure.

While DevOps was meant to break down Silos, it’s still pretty “Siloed” if you’re to build your entire application and then chuck it over the wall at your security team. DevSecOps, on the other hand, is all about having your security team on board from day one, getting their feedback at every step, and integrating automated security tests across the pipeline as much as possible. Another important aspect of DevSecOps is a shared sense of responsibility towards security and how it’s not just the job of the security team anymore.

Secure coding practices

As opposed to application and infrastructure being the sole responsibility of the security team, DevSecOps makes security a joint obligation. With regards to development teams, in particular, this involves secure coding practices to ensure applications are inherently protected from the ground up. OWASP provides a useful checklist of secure coding practices that include 14 areas of consideration. The first and the most important item on the list labelled “security by design” is all about optimizing for security as opposed to development speed. Other Secure coding practices include using version control systems like GitHub to keep track of changes and AppSec tools to automatically identify known vulnerabilities in third-party tools.

Image: www.itgovernance.co.uk

While DevSecOps may slow down development in the short term, it’s the wiser choice when you consider what’s at stake. Cybercriminals are growing exponentially in sophistication by leveraging technologies like AI and Machine Learning and the cost of cybercrime damages is expected to reach $8 trillion by the end of 2022. That’s what’s at stake here, and while security teams need to work endlessly toward securing an ever-expanding perimeter, a hacker attacks every 39 seconds and requires just a single successful breach to cause untold damage.

Don’t trust anyone

With the internet being inherently insecure and traditional methods of perimeter security turning obsolete, an idea that seems to be catching on is a security framework called Zero-Trust. With traditional methods of perimeter security turning obsolete, an idea that seems to be catching on is a security framework called Zero-Trust. While traditional software is built on a conception of implicit trust, this one is developed with no trusted perimeter, and every connection is suspicious until proven otherwise. This is a fundamental change in the way we look at a network since it has more to do with network policies than an actual physical network.

In conclusion, if you want the reason for DevSecOps in a nutshell, Applied Risk founder and CEO Jalal Bouhdada was quoted stating “despite increased awareness, new technologies are still regularly developed and deployed in a way that prioritizes speed to market and costs over key security considerations.”

In case you missed:

Wed, 03 Aug 2022 02:21:00 -0500 en-US text/html https://www.sify.com/security/devsecops-why-security-can-no-longer-be-an-afterthought/
Killexams : Swan: Better Linux On Windows

If you are a Linux user that has to use Windows — or even a Windows user that needs some Linux support — Cygwin has long been a great tool for getting things done. It provides a nearly complete Linux toolset. It also provides almost the entire Linux API, so that anything it doesn’t supply can probably be built from source. You can even write code on Windows, compile and test it and (usually) port it over to Linux painlessly.

However, Cygwin’s package management is a little clunky and setting up the GUI environment has always been tricky, especially for new users. A project called Swan aims to make a full-featured X11 Linux environment easy to install on Windows.

The project uses Cygwin along with Xfce for its desktop. Cygwin provides pretty good Windows integration, but Swan also includes extra features. For example, you can make your default browser the Windows browser with a single click. It also includes spm — a package manager for Cygwin that is somewhat easier to use, although it still launches the default package manager to do the work (this isn’t a new idea, by the way).

Here’s a screenshot of Windows 10 (you can see Word running native in the background) with top running in a Bash shell and Thunar (the default file manager for Swan). Notice the panel at the top with the swan icon. You can add things there and there are numerous settings you can access from the swan icon.

Swan is fairly new, so it still has some rough edges, but we like where it is going. The install process is in two parts which doesn’t make sense for something trying to be easier. Admittedly, it is already easier than doing an X11 install with normal Cygwin. However, on at least one test install, the virus scanner erroneously tripped on the wget executable and that caused the install to fail.

The project is hosted on GitHub if you want to examine the source or contribute. Of course, Windows has its own support for Linux now (sort of). Swan isn’t quite a finished product and, like Cygwin, it isn’t a total replacement for Linux. But it is still worth a look on any machine that you use that boots Windows.

Wed, 03 Aug 2022 11:59:00 -0500 Al Williams en-US text/html https://hackaday.com/2017/03/29/swan-better-linux-on-windows/
Killexams : The SolarWinds Hack

SolarWinds Hack

The manual supply chain attack against SolarWinds’ Orion network monitoring platform has sent shockwaves throughout the world, with suspected Russian government hackers gaining access to U.S. government agencies, critical infrastructure entities and private sector organizations.

The injecting of malicious code into Orion between March and June 2020 allowed hackers believed to be with the Russian intelligence service, or APT29, to compromise Microsoft and FireEye, as well as U.S. Departments of Defense, State, Treasury, Homeland Security and Commerce, according to reports from Reuters and others.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered all federal civilian agencies Sunday to power down SolarWinds Orion products until all hacker-controlled accounts and identified persistence mechanisms have been removed. CISA said it has evidence of additional initial access vectors beyond SolarWinds Orion, but noted those other intrusion methods are still being investigated.

Michael Dell: Public Cloud Isn’t More Secure Than On-Premise
‘The things that led to a lot of these attacks are human-induced that can occur in a public cloud, can occur in a private cloud – it can occur anywhere,’ says Dell Technologies CEO Michael Dell.

Mimecast Axes SolarWinds Orion For Cisco NetFlow After Hack
Mimecast has decommissioned its SolarWinds Orion software and replaced it with a Cisco NetFlow monitoring system after hackers compromised a Mimecast certificate used for Microsoft authentication.

Microsoft’s Brad Smith Drags AWS, Google Over SolarWinds Response
‘There are other companies that... have not even alerted their customers or others that they were a victim of a SolarWinds-based attack. These are companies where their own infrastructure was used to launch the attack,’ says Microsoft’s Brad Smith.

AWS: SolarWinds Hackers Used Our Elastic Compute Cloud
‘The actors used EC2 just like they would use any server they could buy or use anywhere (on-premises or in the cloud). And, in fact, the actors did use several different service providers in this manner,’ AWS tells CRN.

SolarWinds To Spend Up To $25M On Security Following Attack
SolarWinds says the money will be put toward security initiatives as well as used to cover higher costs around both insurance and professional fees stemming from the massive cyberattack.

Partners: AWS Must Come Clean On Role In SolarWinds Hack
‘I do wonder whether AWS has made a judgment error in not coming out to publicly defend their position in this high-profile case with such far reaching consequences,’ says Karl Robinson of AWS partner Logicata.

10 Boldest Statements From The SolarWinds Senate Hearing
Senators and tech executives discussed how the SolarWinds hackers used AWS’ infrastructure, took advantage of Microsoft’s authentication process, dwelled in FireEye’s systems and remained undetected for months.

U.S. Senators: AWS Infrastructure Used In SolarWinds Attack
‘The operation we’ll be discussing today uses [Amazon’s] infrastructure, [and], at least in part, required it to be successful. Apparently they were too busy to discuss that here with us today,’ says Sen. Marco Rubio, R-Fla.

U.S. Plans Russian Sanctions For SolarWinds Breach: Report
The Biden administration plans to classify the SolarWinds campaign as ‘indiscriminate’ and ‘disruptive’ to distinguish it from espionage activities the U.S. conducts against adversaries, The Washington Post reported.

Microsoft On-Premises Warning: Customers Must Protect Their Own Identity Infrastructure
‘We were also reminded of the importance of cloud technology over on-premises software. Cloud technologies like Microsoft 365, Azure and the additional premium layers of services available as part of these solutions Boost a defender’s ability to protect their own environment,’ writes Vasu Jakkal, Microsoft’s corporate vice president of security, compliance and identity, in a blog post.

SolarWinds Hackers Kept Going After Microsoft Until January
The SolarWinds hackers first viewed a file in a Microsoft source repository in November, and were able to download source code for its Azure, Exchange and Intune cloud-based products.

SolarWinds MSP Building New IT Systems Prior To N-able Launch
‘As we look to design the new N-able systems, we‘re going to have the benefit of all that [threat actor] knowledge and these world class experts to help us design this,’ says SolarWinds MSP President John Pagliuca.

SolarWinds MSP Hunts For New Security Chief Following Split
‘Tim [Brown, VP of Security] has been a fantastic advisor to the 25,000 MSPs that we have. So, we’re bummed. But we understand. So, we’re looking to see if we can clone him,’ says SolarWinds MSP President John Pagliuca.

10 Bold Statements From SolarWinds MSP After The Orion Hack
From comments on switching up CEOs and weeks of silence to building new IT systems and giving MSPs free security products, here’s a look at 10 notable remarks made by SolarWinds MSP President John Pagliuca and VP of Security Tim Brown.

SolarWinds Hacked From Inside U.S., 100+ Orgs Compromised
‘As a country, we choose to have both privacy and security. [As a result], the intelligence community largely has no visibility into private sector networks,’ says Anne Neuberger, a top Biden administration cybersecurity official.

Microsoft: No Evidence SolarWinds Was Hacked Via Office 365
‘The wording of the SolarWinds 8K [regulatory] filing was unfortunately ambiguous, leading to erroneous interpretation and speculation, which is not supported by the results of our investigation,’ Microsoft said Thursday.

Alex Stamos Attributes SolarWinds Hack To Russian Intel Service
New SolarWinds consultant Alex Stamos says the Russian foreign intelligence service is responsible for the massive hacking effort, although SolarWinds itself isn’t attributing the attacks to a specific group or nation.

SolarWinds CEO Confirms Office 365 Email ‘Compromise’ Played Role In Broad Based Attack
SolarWinds CEO Sudhakar Ramakrishna has Verified suspicious activity in its Office 365 environment, with a company email account compromised and used to access accounts of targeted SolarWinds staff in business and technical roles.

Mimecast To Lay Off 80 Workers Weeks After Disclosing Hack
Mimecast CEO Peter Bauer says cutting 4 percent of its workforce will help the company provide more resources to enterprises while leveraging automation and efficiency for mid-market and SMB customers.

Kevin Mandia: Discovering SolarWinds Hack ‘Validates Our Intelligence and Expertise’
‘This breach got everybody to recognize there‘s a way to compromise some of the most secure organizations on the planet in a surreptitious way, and that alarmed people,’ says FireEye CEO Kevin Mandia.

Chinese Hackers Exploit SolarWinds To Steal Federal Payroll Info: Report
Suspected Chinese hackers took advantage of another SolarWinds Orion vulnerability to spread across networks and break into computers at the National Finance Center and other U.S. agencies, Reuters said.

Sophos CEO Kris Hagerman’s 10 Boldest Remarks From Best Of Breed Virtual Winter 2021
From surging sales and profitability and securing the supply chain to combating complexity and doubling down on detection and response, here’s a look at 10 notable statements made by Sophos CEO Kris Hagerman.

SolarWinds Hack ‘One Of The Most Dramatic’ In Last Decade: Sophos CEO
‘You cannot think about your security only in the context of, ‘How well am I secured?’ You’ve got to go beyond that to say, ‘How well am I secured and how well am I securing everything that I connect to?’’ says Sophos CEO Kris Hagerman.

Fidelis Targeted By SolarWinds Hackers After Installing Orion
Fidelis Cybersecurity was a target of interest to the SolarWinds hackers after downloading an evaluation copy of trojanized SolarWinds Orion network monitoring software in May, the company disclosed Tuesday.

Mimecast Breach Linked To SolarWinds Hack, Allowed Cloud Services Access
Mimecast said Tuesday that its certificate compromise was carried out by the same threat actor behind the SolarWinds attack and provided hackers with access to customers’ on-premises and cloud services.

5 Security Vendors That Have Reported Cyberattacks Since December
Five cybersecurity vendors disclosed in accurate weeks that hackers have attacked their internal systems, compromised their certificates or attempted to access their email accounts. Here’s a rundown of what happened when.

SolarWinds Hackers Access Malwarebytes’ Office 365 Emails
‘Attackers leveraged a dormant email production product within our Office 365 tenant that allowed access to a limited subset of internal company emails,’ Malwarebytes CEO Marcin Kleczynski wrote in a blog post.

SolarWinds Hack Could Cost Cyber Insurance Firms $90 Million
‘Although the SolarWinds attack is a cyber catastrophe from a national security perspective, insurers may have narrowly avoided a catastrophic financial incident to their businesses,’ says BitSight’s Samit Shah.

5 Things To Know About The Mimecast Hack And Stock Drop
From the type of certificate likely compromised to the impact of this hack on Mimecast’s email security rivals to whether the attack is tied to the SolarWinds breach, here are five big things to know about the Mimecast hack.

Hackers Compromise Mimecast Certificate For Microsoft Authentication
The certificate used to authenticate Mimecast’s Sync and Recover, Continuity Monitor and Internal Email Protect (IEP) products to Microsoft 365 has been compromised by a sophisticated threat actor.

Hackers Taunt FireEye’s Kevin Mandia At Home With Postcard: Report
The FBI is investigating a mysterious postcard sent to CEO Kevin Mandia’s home days after FireEye found initial evidence of a hacking operation on federal agencies and private businesses, Reuters reports.

SolarWinds CEO: Attack Was ‘One Of The Most Complex And Sophisticated’ In History
Hackers first accessed SolarWinds in September 2019 and went out of their way to avoid being detected by the company’s software development and build teams, SolarWinds CEO Sudhakar Ramakrishna says.

SolarWinds’ New CEO Will Make These 5 Changes Post-Hack
From resetting privileged credentials and re-signing all digital certificates to manually checking source code and rolling out threat hunting software, here are five critical security improvements new SolarWinds CEO Sudhakar Ramakrishna plans to make.

SolarWinds Fights Back With Chris Krebs, Alex Stamos Hires
‘Armed with what we have learned of this attack, we are also reflecting on our own security practices and seeking opportunities to enhance our posture and policies. We have brought in the expertise of Chris Krebs and Alex Stamos to assist in this review,’ SolarWinds tells CRN.

SolarWinds Hackers Compromise Confidential Court Filings
The Russian hackers behind the SolarWinds attack have apparently compromised the federal courts’ electronic case filing system, putting ‘highly sensitive non-public documents’ at great risk.

SolarWinds To Pay Ex-CEO $312K To Assist With Investigations
SolarWinds has agreed to pay former CEO Kevin Thompson $62,500 for each of the next five months as the embattled company faces a likely wave of lawsuits and government probes into its conduct around the hack.

SolarWinds Hackers Got Into U.S. Justice Department’s Emails
‘At this point, the number of potentially accessed Office 365 mailboxes appears limited to around 3 percent, and we have no indication that any classified systems were impacted,’ the Justice Department announces.

Feds: SolarWinds Breach Is Likely Russian Intel Gathering Effort
Nearly ten U.S. government agencies experienced follow-on activity on their systems after being compromised through a malicious SolarWinds Orion update, the Cyber Unified Coordination Group says.

SolarWinds Hit With Class-Action Lawsuit Alleging Securities Violations
The first class-action lawsuit brought against SolarWinds following its colossal breach accuses the company of making materially false and misleading statements about its security posture throughout 2020.

SolarWinds Hackers Gain Access To Microsoft’s Source Code
One Microsoft account compromised by suspected Russian hackers had been used to view source code in a number of source code repositories, but none of the code itself was altered, Microsoft disclosed Thursday.

Here Are 24 Reported Victims Of The SolarWinds Hack (So Far)
From tech giants, internet service providers and IT solution providers to federal agencies and county governments, here’s a deeper look at 24 of the publicly identified victims of the colossal SolarWinds hack.

CrowdStrike Fends Off Attack Attempted By SolarWinds Hackers
The suspected Russian hackers behind the massive SolarWinds attack attempted to hack CrowdStrike through a Microsoft reseller’s Azure account but were ultimately unsuccessful, CrowdStrike says.

Five Solution Providers Breached By SolarWinds Hackers: Researchers
The SolarWinds hackers called for proceeding with the second stage of their attack on Stratus Networks, Digital Sense, ITPS and Netdecisions, and had an unknown response to compromising Deloitte, Truesec says. Digital Sense said it wasn’t impacted by the campaign since the company doesn’t use SolarWinds.

Top Treasury Email Accounts Exposed In SolarWinds Hack: Report
The hackers performed a complex step inside Microsoft Office 365 to create an encrypted “token” that tricked the Treasury’s system into thinking the hackers were legitimate users, The New York Times said.

Microsoft: A 2nd Group May Have Also Breached SolarWinds
A ‘different threat actor’ may be responsible for the malware known as Supernova that has been found installed in SolarWinds Orion.

Kevin Mandia: 50 Firms ‘Genuinely Impacted’ By SolarWinds Attack
FireEye CEO Kevin Mandia acknowledges the SolarWinds hack ‘is an attack very consistent with’ what the Russian foreign intelligence service is known for, but didn’t want to officially blame the campaign on them.

Intel, Nvidia Swept Up In SolarWinds Attack: WSJ
The chipmakers say they are investigating the impact of downloading a software update containing malicious code for SolarWinds Orion — the trigger that has left many SolarWinds customers vulnerable — though there is no evidence of any negative impact.

Unclassified Treasury Systems Hit By SolarWinds Hack: Mnuchin
‘At this point, we do not see any break-in into our classified systems. Our unclassified systems did have some access,’ Secretary of the Treasury Steve Mnuchin tells CNBC Monday morning.

Trump Downplays SolarWinds Hack, Pompeo Blames Russia
‘Russia, Russia, Russia is the priority chant when anything happens because Lamestream [Media] is, for mostly financial reasons, petrified of discussing the possibility that it may be China (it may!),’ Trump tweeted.

Cisco Hacked Through SolarWinds As Tech Casualties Mount
Roughly two dozen computers in a Cisco lab were compromised through malicious SolarWinds Orion updates, Bloomberg reported. Cisco says there isn’t currently any known impact to its offers or products.

Datto Offers All MSPs Free Scanner To Find Signs Of FireEye, SolarWinds Hack
‘Now is a time to remain vigilant and take an active role in hardening systems against these, now known, tactics,’ Datto CISO Ryan Weeks writes in a blog post announcing the scanner.

VMware Flaw Used To Hit Choice Targets In SolarWinds Hack: Report
A VMware vulnerability that allowed federated authentication abuse was used by the SolarWinds hackers to attack valuable targets, KrebsOnSecurity said. VMware said it didn’t have any indication of this happening.

SolarWinds Should Have Been More ‘Vigilant’: Palo Alto Networks CEO
‘I am not going to supply them a free pass,’ says Palo Alto Networks CEO Nikesh Arora. ‘They should have been more vigilant and diligent, but I think this is a very sophisticated, very complex attack. The fact they (the Russians) got in there not only did they do sophisticated things, they also got lucky that this is a piece of software which then went unnoticed for six to nine months, and now it’s embedded in the infrastructure of thousands of customers.’

SolarWinds Hack Compromised 40-plus Microsoft Customers
A decisive plurality – 44 percent – of the Microsoft customers compromised through SolarWinds are actually in the IT sector, and include software and security firms as well as IT services and equipment providers.

Microsoft Breached Via SolarWinds As Scope Of Destruction Widens: Report
Suspected Russian hackers capitalized on Microsoft’s wide use of SolarWinds to infiltrate the software giant, and then used Microsoft’s own products to further their attacks on other victims, Reuters said. Microsoft pushed back on the report.

SolarWinds Deploys CrowdStrike To Secure Systems After Hack
SolarWinds says its breached Orion network monitoring platform now meets the security requirements of U.S. federal and state agencies following the release of a final hotfix Tuesday night.

Feds: SolarWinds Attack ‘Poses a Grave Risk’ To Government, Business
The U.S. government says it has evidence of additional initial access vectors beyond the SolarWinds Orion supply chain compromise, but noted that those other attack methods are still being investigated.

SolarWinds MSP To Revoke Digital Certificates For Tools, Issue New Ones As Breach Fallout Continues
‘I think they’re afraid. They’ve got liability, and they don’t know what to say, so everybody’s told to keep their mouth shut. Instead of being focused on the issue at hand, they’re panic about lawsuits,” SolarWinds MSP partner Rich Delany tells CRN.

SolarWinds Hack ‘One Of The Worst In The Last Decade’: Analyst
‘There are a lot of white knuckles around this attack ... Even though much of it is unknown, right now people are fearing the worst,’ Daniel Ives of Wedbush Securities tells CRN.

Malware Used In SolarWinds Attack Can Now Be Blocked: FireEye
‘Under certain conditions, the malware would terminate itself and prevent further execution... This killswitch will affect new and previous... infections by disabling... deployments that are still beaconing to avsvmcloud[.]com,’ FireEye tells CRN.

Microsoft’s Role In SolarWinds Breach Comes Under Scrutiny
Microsoft has become ensnared in probes surrounding the colossal U.S. government hack, with media reports and company messages focusing on Office 365, Azure Active Directory and a key domain name.

$286M Of SolarWinds Stock Sold Before CEO, Hack Disclosures
Silver Lake and Thoma Bravo said they weren’t aware of the cyberattack at the time of the sale, but didn’t respond to questions about whether they knew Sudhakar Ramakrishna had been selected as SolarWinds’ next CEO.

10 Things To Know About The SolarWinds Breach And Its U.S. Government Impact
From how nation-state hackers evaded detection to why federal agencies were ordered to immediately power down Orion to its impact on the SolarWinds MSP business, here are the most important things to know about the SolarWinds breach.

Homeland Security Latest Breach Victim Of Russian Hackers: Report
A spokesman said the Department of Homeland Security is aware of reports of a breach and is currently investigating the manner. The U.S. Treasury and Commerce Departments were also reportedly hacked.

US Calls On Federal Agencies To Power Down SolarWinds Orion Due To Security Breach
An emergency directive issued by the U.S. government calls on all federal civilian agencies to disconnect or power down SolarWinds Orion IT management tools because they are being used to facilitate an active exploit.

Infected SolarWinds Updates Used To Compromise Multiple Organizations: FireEye
Nation-state hackers gained access to government, consulting, technology and telecom firms around the world through trojanized updates to SolarWinds’ Orion network monitoring tool, according to FireEye .

8 Big Things To Know About The State-Sponsored FireEye Hack
From who’s suspected to be behind the FireEye hack and how they remained hidden, to what FireEye and intelligence officials are doing to minimize the fallout from the attack, here’s a look at what partners need to know.

FireEye Hacked By Nation-State Group Seeking Government Info
‘This attack is different from the tens of thousands of incidents we have responded to throughout the years. The attackers tailored their world-class capabilities specifically to target and attack FireEye,’ says CEO Kevin Mandia.

Fri, 18 Dec 2020 04:17:00 -0600 en text/html https://www.crn.com/the-solarwinds-hack
Killexams : Weaving a New Web

In 1969 scientists at the University of California, Los Angeles, transmitted a couple of bits of data between two computers, and thus the Internet was born. Today about 2 billion people access the Web regularly, zipping untold exabytes of data (that’s 10^18 pieces of information) through copper and fiber lines around the world. In the United States alone, an estimated 70 percent of the population owns a networked computer. That number grows to 80 percent if you count smartphones, and more and more people jump online every day. But just how big can the information superhighway get before it starts to buckle? How much growth can the routers and pipes handle? The challenges seem daunting. The current Internet Protocol (IP) system that connects global networks has nearly exhausted its supply of 4.3 billion unique addresses. Video is projected to account for more than 90 percent of all Internet traffic by 2014, a sudden new demand that will require a major increase in bandwidth. Malicious software increasingly threatens national security. And consumers may face confusing new options as Internet service providers consider plans to create a “fast lane” that would prioritize some Web sites and traffic types while others are routed more slowly.

Fortunately, thousands of elite network researchers spend their days thinking about these thorny issues. Last September DISCOVER and the National Science Foundation convened four of them for a lively discussion, hosted by the Georgia Institute of Technology in Atlanta, on the next stage of Internet evolution and how it will transform our lives. DISCOVER editor in chief Corey S. Powell joined Cisco’s Paul Connolly, who works with Internet service providers (ISPs); Georgia Tech computer scientist Nick Feamster, who specializes in network security; William Lehr of MIT, who studies wireless technology, Internet architecture, and the economic and policy implications of online access; and Georgia Tech’s Ellen Zegura, an expert on mobile networking (click here for video of the event).

Powell: Few people anticipated Google’s swift rise, the vast influence of social media, or the Web’s impact on the music, television, and publishing industries. How do we even begin to map out what will come next?

Lehr: One thing the Internet has taught us thus far is that we can’t predict it. That’s wonderful because it allows for the possibility of constantly reinventing it.

Zegura: Our response to not being able to predict the Internet is to try to make it as flexible as possible. We don’t know for sure what will happen, so if we can create a platform that can accommodate many possible futures, we can position ourselves for whatever may come. The current Internet has held up quite well, but it is ready for some changes to prepare it to serve us for the next 30, 40, or 100 years. By building the ability to innovate into the network, we don’t have to know exactly what’s coming down the line. That said, Nick and others have been working on a test bed called GENI, the Global Environment for Network Innovations project that will allow us to experiment with alternative futures.

Powell: Almost like using focus groups to redesign the Internet?

Zegura: That’s not a bad analogy, although some of the testing might be more long-term than a traditional focus group.

Powell: What are some major online trends, and what do they suggest about where we are headed?

Feamster: We know that paths are getting shorter: From point A to point B, your traffic is going through fewer and fewer Internet service providers. And more and more data are moving into the cloud. Between now and 2020, the number of people on the Internet is expected to double. For those who will come online in the next 10 years or so, we don’t know how they’re going to access the Internet, how they’re going to use it, or what kinds of applications they might use. One trend is the proliferation of mobile devices: There could be more than a billion cell phones in India alone by 2015.

Powell: So there’s a whole universe of wireless connectivity that could potentially become an Internet universe?

Feamster: Absolutely. We know things are going to look vastly different from people sitting at desktops or laptops and browsing the Web. Also, a lot of Internet innovation has come not from research but from the private sector, both large companies and start-ups. As networking researchers, we should be thinking about how best to design the network substrate to allow it to evolve, because all we know for sure is that it’s going to keep changing.

Powell: What kind of changes and challenges do you anticipate?

Lehr: We’re going to see many different kinds of networks. As the Internet pushes into the developing world, the emphasis will probably be on mobile networks. For now, the Internet community is still very U.S.-centric. Here, we have very strong First Amendment rights (see “The Five Worst Countries for Surfing the Web,” page 5), but that’s not always the case elsewhere in the world, so that’s something that could cause friction as access expands.

Powell: Nearly 200 million Americans have a broadband connection at home. The National Broadband Plan proposes that everyone here should have affordable broadband access by 2020. Is private industry prepared for this tremendous spike in traffic?

Connolly: Our stake in the ground is that global traffic will quadruple by 2014, and we believe 90 percent of consumer traffic will be video-based. The question is whether we can deal with all those bits at a cost that allows stakeholders to stay in business. The existing Internet is not really designed to handle high volumes of media. When we look at the growth rate of bandwidth, it has followed a consistent path, but you have to focus on technology at a cost. If we can’t hit a price target, it doesn’t go mainstream. When we hit the right price, all of a sudden people say, “I want to do that,” and away we go.

Powell: As networks connect to crucial systems—such as medical equipment, our homes, and the electrical grid—disruptions will become costly and even dangerous. How do we keep everything working reliably?

Lehr: We already use the cyber world to control the real world in our car engines and braking systems, but when we start using the Internet, distributed networks, and resources on some cloud to make decisions for us, that raises a lot of questions. One could imagine all kinds of scenarios. I might have an insulin pump that’s controlled over the Internet, and some guy halfway around the world can hack into it and change my drug dosage.

Feamster: The late Mark Weiser, chief technologist at the Xerox Palo Alto Research Center, said the most profound technologies are the ones that disappear. When we drive a car, we’re not even aware that there’s a huge network under the hood. We don’t have to know how it works to drive that car. But if we start networking appliances or medical devices and we want those networks to disappear in the same way, we need to rely on someone else to manage them for us, so privacy is a huge concern. How do I supply someone visibility and access so they can fix a problem without letting them see my personal files, or use my printer, or open my garage door? The issues that span usability and privacy are going to become increasingly important.

Zegura: I would not be willing to have surgery over the Internet today because it’s not secure or reliable enough. Many environments are even more challenging: disaster situations, remote areas, military settings. But many techniques have been developed to deal with places that lack robust communications infrastructure. For instance, my collaborators and I have been developing something called message ferries. These are mobile routers, nodes in the environment that enable communication. Message ferries could be on a bus, in a backpack, or on an airplane. Like a ferry picks up passengers, they pick up messages and deliver them to another region.

Powell: Any takers for surgery over the Internet? Show of hands?

Lehr: If I’m in the Congo and I need surgery immediately, and that’s the only way they can supply it to me, sure. Is it ready for prime time? Absolutely not.


Powell: Many Web sites now offer services based on “cloud computing.” What is the concept behind that?

Feamster: One of the central tenets of cloud computing is virtualization. What that means is that instead of having hardware that’s yours alone, you share it with other people, whom you might not trust. This is evident in Gmail and Google Docs. Your personal documents are sitting on the same machine with somebody else’s. In this kind of situation, it’s critical to be able to track where data go. Several of my students are working on this issue.

Powell: With more and more documents moving to the cloud, aren’t there some complications from never knowing exactly where your data are or what you’re connecting to?

Lehr: A disconnect between data and physical location puts providers in a difficult position—for example, Google deciding what to do with respect to filtering search results in China. It’s a global technology provider. It can potentially influence China’s rules, but how much should it try to do that? People are reexamining this issue at every level.

Powell: In one accurate survey, 65 percent of adults in 14 countries reported that they had been the victim of some type of cyber crime. What do people need to know to protect themselves?

Feamster: How much do you rely on educating users versus shielding them from having to make sensitive decisions? In some instances you can prevent people from making mistakes or doing malicious things. Last year, for instance, Goldman Sachs was involved in a legal case in which the firm needed to show that no information had been exchanged between its trading and accounting departments. That’s the kind of thing that the network should just take care of automatically, so it can’t happen no matter what users do.

Zegura: I agree that in cases where it’s clear that there is something people should not do, and we can make it impossible to do it, that’s a good thing. But we can’t solve everything that way. There is an opportunity to help people understand more about what’s going on with networks so they can look out for themselves. A number of people don’t understand how you can get e-mail that looks like it came from your mother, even though it didn’t. The analogy is that someone can take an envelope and write your name on it, write your mother’s name on the return address, and stick it in your mailbox. Now you have a letter in your mailbox that looks like it came from your mother, but it didn’t. The same thing can happen with e-mail. It’s possible to write any address on an Internet packet so it looks like it came from somewhere else. That’s a very basic understanding that could help people be much smarter about how they use networks.

Audience: How is the Internet changing the way we learn?

Feamster: Google CEO Eric Schmidt once gave an interview in which he was talking about how kids are being quizzed on things like country capitals (video). He essentially said, “This is ridiculous. I can just go to Google and search for capitals. What we really should be teaching students is where to find answers.” That’s perhaps the viewpoint of someone who is trying to catalog all the world’s information and says, “Why don’t you use it?” But there’s something to be said for it—there’s a lot of data at our fingertips. Maybe education should shift to reflect that.

Audience: Do you think it will ever be possible to make the Internet totally secure?

Feamster: We’ll never have perfect security, but we can make it tougher. Take the problem of spam. You construct new spam filters, and then the spammers figure out that you’re looking for messages sent at a certain time or messages of a certain size, so they have to shuffle things up a bit. But the hope is that you’ve made it harder. It’s like putting up a higher fence around your house. You won’t stop problems completely, but you can make break-ins inconvenient or costly enough to mitigate them.

Audience: Should there be limits on how much personal information can be collected online?

Zegura: Most of my undergraduate students have a sensitivity to private information that’s very different from mine. But even if we’re savvy, we can still be unaware of the personal data that some companies collect. In general, it needs to be much easier for people to make informed choices.

Feamster: The thing that scares me the most is what happens when a company you thought you trusted gets bought or goes out of business and sells all of your data to the lowest bidder. There are too few regulations in place to protect us, even if we understand the current privacy policies.

Lehr: Technologically, Bill Joy [co-founder of Sun Microsystems] was right when he said, “Privacy is dead; just get over it.” Privacy today can no longer be about whether someone knows something, because we can’t regulate that effectively. What matters now is what they can do with what they know.

Audience: Wiring society creates the capacity to crash society. The banking system, utilities, and business administration are all vulnerable. How do we meaningfully weigh the benefits against the risks?


Lehr: How we decide to use networks is very important. For example, we might decide to have separate networks for certain systems. I cannot risk some kid turning on a generator in the Ukraine and blowing something up in Kentucky, so I might keep my electrical power grid network completely separate. This kind of question engages more than just technologists. A wider group of stakeholders needs to weigh in.

Connolly: You always have to balance the good versus the potential for evil. Occasionally big blackouts in the Northeast cause havoc, but if we decided not to have electricity because of that risk, that would be a bad decision, and I don’t think it’s any worse in the case of the Internet. We have to be careful, but there’s so much possibility for enormous good. The power of collaboration, with people working together through the Internet, gives us tremendous optimism for the kinds of issues we will be able to tackle.

The Conversation in Context: 12 Ideas That Will Reshape the Way We Live and Work Online

1. Change how the data flow
A good place to start is with the overburdened addressing system, known as IPv4. Every device connected to the Internet, including computers, smartphones, and servers, has a unique identifier, or Internet protocol (IP) address. “Whenever you type in the name of a Web site, the computer essentially looks at a phone book of IP addresses,” explains Craig Labovitz, chief scientist at Arbor Networks, a software and Internet company. “It needs a number to call to connect you.” Trouble is, IPv4 is running out of identifiers. In fact, the expanding Web is expected to outgrow IPv4’s 4.3 billion addresses within a couple of years. Anticipating this shortage, researchers began developing a new IP addressing system, known as IPv6, more than a decade ago. IPv6 is ready to roll, and the U.S. government and some big Internet companies, such as Google, have pledged to switch over by 2012. But not everyone is eager to follow. For one, the jump necessitates costly upgrades to hardware and software. Perhaps a bigger disincentive is the incompatibility of the two addressing systems, which means companies must support both versions throughout the transition to ensure that everyone will be able to access content. In the meantime, IPv4 addresses, which are typically free, may be bought and sold. For the average consumer, Labovitz says, that could translate to pricier Internet access.

2. Put the next internet to the test
In one GENI experiment, Stanford University researcher Kok-Kiong Yap is researching a futuristic Web that seamlessly transitions between various cellular and WiFi networks, allowing smartphones to look for an alternative connection whenever the current one gets overwhelmed. That’s music to the ears of everyone toting an iPhone.

3. Move data into the cloud
As Nick Feamster says, the cloud is an increasingly popular place to store data. So much so, in fact, that technology research company Gartner predicts the estimated value of the cloud market, including all software, advertising, and business transactions, will exceed $150 billion by 2013. Why the boom? Convenience. At its simplest, cloud computing is like a giant, low-cost, low-maintenance storage locker. Centralized servers, provided by large Internet companies like Microsoft, Google, and Amazon, plus scores of smaller ones worldwide, let people access data and applications over the Internet instead of storing them on personal hard drives. This reduces costs for software licensing and hardware.

4. Settle who owns the internet
While much of the data that zips around the Internet is free, the routers and pipes that enable this magical transmission are not. The question of who should pay for rising infrastructure costs, among other expenses, is at the heart of the long-standing net neutrality debate. On the one side, Internet service providers argue that charging Web sites more for bandwidth-hogging data such as video will allow them to expand capacity and deliver data faster and more reliably. Opponents counter that such a tiered or “pay as you go” Internet would unfairly favor wealthier content providers, allowing the richest players to indirectly censor their cash-strapped competition. So which side has the legal edge? Last December the Federal Communications Commission approved a compromise plan that would allow ISPs to prioritize traffic for a fee, but the FCC promises to police anticompetitive practices, such as an ISP’s mistreating, say, Netflix, if it wants to promote its own instant-streaming service. The extent of the FCC’s authority remains unclear, however, and the ruling could be challenged as early as this month.

5. Understand what can happen when networks make decisions for us
In November Iranian president Mahmoud Ahmadinejad confirmed that the Stuxnet computer worm had sabotaged national centrifuges used to enrich nuclear fuel. Experts have determined that the malicious code hunts for electrical components operating at particular frequencies and hijacks them, potentially causing them to spin centrifuges at wildly fluctuating rates. Labovitz of Arbor Networks says, “Stuxnet showed how skilled hackers can militarize technology.”

6. Get ready for virtual surgery
Surgeon Jacques Marescaux performed the first trans-Atlantic operation in 2001 when he sat in an office in New York and delicately removed the gall bladder of a woman in Strasbourg, France. Whenever he moved his hands, a robot more than 4,000 miles away received signals via a broadband Internet connection and, within 15-hundredths of a second, perfectly mimicked his movements. Since then more than 30 other patients have undergone surgery over the Internet. “The surgeon obviously needs a certain that the connection won’t be interrupted,” says surgeon Richard Satava of the University of Washington. “And you need a consistent time delay. You don’t want to see a robot continually change its response time to your hand motions.”

7. Bring on the message ferries
A message ferry is a mobile device or Internet node that could relay data in war zones, disaster sites, and other places lacking communications infrastructure.

8. Don’t share hardware with people whom you might not trust
Or who might not trust you. The tenuous nature of free speech on the Internet cropped up in December when Amazon Web Services booted WikiLeaks from its cloud servers. Amazon charged that the nonprofit violated its terms of service, although the U.S. government may have had more to do with the decision than Amazon admits. WikiLeaks, for its part, shot back on Twitter, “If Amazon are [sic] so uncomfortable with the First Amendment, they should get out of the business of selling books.”

Unfortunately for WikiLeaks, Amazon is not a government agency, so there is no First Amendment case against it, according to Internet scholar and lawyer Wendy Seltzer of Princeton University. You may be doing something perfectly legal on Amazon’s cloud, Seltzer explains, and Amazon could supply you the boot because of government pressure, protests, or even too many service calls. “Service providers supply end users very little recourse, if any,” she observes. That’s why people are starting to think about “distributed hosting,” in which no one company has total power, and thus no one company controls freedom of speech.

9. Make cloud computing secure Nick Feamster’s strategy is to tag sensitive information with irrevocable digital labels. For example, an employee who wants only his boss to read a message could create a label designating it as secret. That label would remain with the message as it passed through routers and servers to reach the recipient, preventing a snooping coworker from accessing it. “The file could be altered, chopped in two, whatever, and the label would remain with the data,” Feamster says. The label would also prohibit the boss from relaying the message to someone else. Feamster expects to unveil a version of his labeling system, called Pedigree, later this year.

10. Manage your junk mail A lot of it. Spam accounts for about 85 percent of all e-mail. That’s more than 50 billion junk messages a day, according to the online security company Symantec.

11. Privacy is dead? Don’t believe it As we cope with the cruel fact that the Internet never forgets, researchers are looking toward self-destructing data as a possible solution. Vanish, a program created at the University of Washington, encodes data with cryptographic tags that degrade over time like vanishing ink. A similar program, aptly called TigerText, allows users to program text messages with a “destroy by” date that activates once the message is opened. Another promising option, of course, is simply to exercise good judgment.

12. Network to make a better world Crowdsourcing science projects that harness the power of the wired masses have tremendous potential to quickly solve problems that would otherwise take years to resolve. Notable among these projects is Foldit (fold.it), an engaging online puzzle created by Seth Cooper of the University of Washington and others that tasks gamers with figuring out the shapes of hundreds of proteins, which in turn can lead to new medicines. Another is the UC Berkeley Space Sciences Lab’s Stardust@home project (stardustathome.ssl.berkeley.edu), which has recruited about 30,000 volunteers to scour, via the Internet, microscope images of interstellar dust particles collected from the tail of a comet that may hold clues to how the solar system formed. And Cornell University’s NestWatch (nestwatch.org) educates people about bird breeding and encourages them to submit nest records to an online database. To date, the program has collected nearly 400,000 nest records on more than 500 bird species.

Check out discovermagazine.com/web/
citizenscience for more projects.

—
Andrew Grant and Andrew Moseman

The Five Worst Countries for Surfing the Web

China

Government control of the Internet makes using the Web in China particularly limiting and sometimes dangerous. Chinese officials, for instance, imprisoned human rights activist Liu Xiaobo in 2009 for posting his views on the Internet and then blocked news Web sites that covered the Nobel Peace Prize ceremony honoring him last December. Want to experience China’s censorship firsthand? Go to baidu.com, the country’s most popular search engine, and type in “Tiananmen Square massacre.”

North Korea
It’s hard to surf the Web when there is no Web to surf. Very few North Koreans have access to the Internet; in fact, due to the country’s isolation and censorship, many of its citizens do not even know it exists.

Burma
Burma is the worst country in which to be a blogger, according to a 2009 report by the Committee to Protect Journalists. Blogger Maung Thura, popularly known in the country as Zarganar, was sentenced to 35 years in prison for posting content critical of the government’s aid efforts after a hurricane.

Iran

The Iranian government employs an extensive Web site filtering system, according to the press freedom group Reporters Without Borders, and limits Internet connection speeds to curb the sharing of photos and videos. Following the controversial 2009 reelection of president Mahmoud Ahmadinejad, protesters flocked to Twitter to voice their displeasure after the government blocked various news and social media Web sites.

Cuba

Only 14 percent of Cubans have access to the Internet, and the vast majority are limited to a government-controlled network made up of e-mail, an encyclopedia, government Web sites, and selected foreign sites supportive of the Cuban dictatorship. Last year Cuban officials accused the United States of encouraging subversion by allowing companies to offer Internet communication services there.

—
Andrew Grant

Sat, 07 Dec 2019 21:35:00 -0600 en text/html https://www.discovermagazine.com/technology/weaving-a-new-web?&b_start:int=4
Killexams : Ghost Security emerges from stealth to defend APIs and apps from attackers

Ghost Security, which its founders describe as an "app security" company, today emerged from stealth with $15 million in combined funding from 468 Capital, DNX Ventures, and Munich Re Ventures at a $50 million valuation. CEO Greg Martin said that the capital will go toward expanding the team, building Ghost's product, and launching pilots with potential customers.

Apps and APIs are at the core of organizations. Ultimately, they're what delivers essential info to employees and customers. But increasingly, apps and APIs have become attack vectors. Salt Security -- which, to be fair, sells an API protection product -- estimates that "malicious" API usage grew 681% from December 2020 to December 2021. As for apps, cybercriminals targeting mobile devices most frequently used them to break in, according to Pradeo Labs research.

Martin claims that Ghost takes a "data science" approach to security to solve challenges that other vendors cannot. While keeping the details high-level and mostly under wraps -- Ghost's product hasn't launched yet -- he said that the company's technology delivers visibility and risk protection for apps and their dependencies, including services and APIs, in both cloud and on-premises environments.

"As an industry, we are still seeing a lot of legacy thinking around how to deal with the application, data, and microservice sprawl that large scale cloud adoption has created," Martin said in a press release. "Existing approaches and application security solutions are now dated and losing effectiveness. At Ghost, we are completely rethinking the approach to securing modern applications from the ground up."

Them's fighting words for a company that's preproduct. But Martin highlights that Ghost's co-founders have considerable expertise in cybersecurity. Josh Larsen, CTO, was an engineering manager at Symantec before joining Check Point as an account manager and co-founding Blackfin Security Group, which Symantec acquired in 2015. Eric Cornelius, chief product officer, was the deputy director of the U.S. Department of Homeland Security's control systems security program and a chief product architect at BlackBerry.

Talent is only a part of the equation -- and Ghost faces a slew of competition out of the gate. The aforementioned Salt Security has raised tens of millions of dollars for its tech to protect APIs from malicious abuse. Noname, another company aiming to solve API security problems, hit a $1 billion valuation after a $135 million Series C raise last December. Traceable AI, 42Crunch, and Cequence offer comprehensive API security services, too, while on the app security side, there's vendors like Astrix Security and Enso Security.

That doesn't faze Hiro Rio Maeda, a managing partner at DNX Ventures and an investor in Ghost. His is a meaningful investment, to be clear, given that the amount of venture capital investment for cybersecurity startups fell 35.8% this quarter on a quarter-over-quarter basis, according to Pitchbook data.

"The surge in adoption of applications, APIs, and microservices represents great growth potential for businesses but also introduces many new attack surfaces," Maeda said in a statement. "A better approach to securing these assets is needed, and Ghost is well-positioned to address that challenge."

Thu, 04 Aug 2022 06:02:00 -0500 en-US text/html https://www.yahoo.com/video/ghost-security-emerges-stealth-defend-153023063.html
Killexams : Russia’s Other Battlefront Listen to this episode

S1: Back in 2016, Andy Greenberg editors at Wired wanted him to write a story about Cyberwar. Their initial pitch was inspired by U.S. politics.

S2: They were thinking about the Russian interference in the 2016 election, which I didn’t really see as Cyberwar at all.

S1: Andy’s definition is more malevolent.

S2: Cyberwar, to me, is a campaign of cyber attacks with disruptive or destructive effects carried out by one state against an enemy state or its adversary. And often in the midst of an actual war. So I went looking for the real Cyberwar story and I found it in Ukraine.

S1: For the past six years, Andy has reported on the ongoing cyber campaign against Ukraine. The hacks that have disabled power plants, frozen government agencies and paralyzed hospitals, and the Russian military unit behind it all. On Thursday morning, as Russia officially invaded Ukraine, we called him up to try to understand the parallel digital war that’s taking place alongside the physical one.

S2: There are cyber attacks that are definitely happening now and have been happening for four weeks prior to the actual physical re invasion of Ukraine. And I think it’s really important to preface anything I say about cyber attacks at this moment, like a kind of caveat that they they just don’t matter as much as the actual physical attacks with mortars and bullets and fighter jets and helicopters that are truly killing people and putting many more people’s lives at risk. But it’s still it still matters.

S1: Since January, government networks have been attacked, so have banks in the military.

S2: And then yesterday we saw reports of wiper malware again hitting Ukrainian targets this time. Hundreds of computers. We don’t know how many networks

S1: the malware seems to destroy everything it hits. It’s a digital playbook that looks awfully familiar to one that Russia has run before with terrible consequences. Today on the show, Andy walks us through the war in Ukraine that you can’t see one that started years ago and is still happening. I’m Lizzie O’Leary and you’re listening to what next? TBD a show about technology, power and how the future will be determined. Stick around. I think the average American knows that, you know, Russian hackers exist, maybe he about them in the context of the 2016 election, but it feels like this kind of nebulous bogeyman. I would love it if you could describe the Russian hacking ecosystem.

S2: There is really like a there’s a whole kind of array of these hacker groups that all work for the Kremlin. But the simplest way to split them up is probably among the three major intelligence agencies in Russia the FSB, which is the kind of intelligence but also domestic law enforcement agency, the successor to the KGB. Another successor to the KGB when it split up is the SVR. The Foreign Intelligence Agency sort of their equivalent to the CIA, I suppose. And then there is the agency that I am most focused on that are obsessed with the GRU, this military intelligence agency that can easily be said to be the most reckless and brazen and disruptive of the three in its hacking activities. The two most active hacking units I know of within the jury you are unit two six one six five, also known as Fancy Bear or APT28, who famously were the ones who kind of led the breach of the Democratic National Committee in the Clinton campaign in 2016 and and leaked those documents. And then there is Unit seven, four, four or five five of the GRU, also known as Voodoo Bear or most famously, Sandworm, who I think are, you could say are the most active cyber warfare hacker group in the world. They are responsible for everything from blackouts that they triggered twice in Ukraine, first in 2015 and then in 2016, the not Petya malware they released in Ukraine, which was a kind of self spreading worm that really carpet bombs the entire Ukrainian internet, but then spread to the rest of the world and did 10 billion dollars in damage. I mean, this is a group that specializes in in just inflicting maximum chaos globally.

S1: I’m really curious in how directly Sandworm the Sandworm group is tied to the GRU and to the Kremlin, you know, can we say affiliated with, can we say, directed by who’s giving them their marching orders? Do we know?

S2: I think it’s fair to say that Sandworm is a part of the G.R.. These are hackers who wear military uniforms and sit in a government building a tower in the neighborhood of Khimki on the outskirts of Moscow. You know, we’ve with that I’ve been to I’ve seen from a distance I didn’t knock on the door. They they are soldiers.

S1: Essentially, the first big Russian cyber attack in Ukraine happened just before Christmas in 2015. The previous few years had been tumultuous, with Russia’s annexation of Crimea and fighting throughout eastern Ukraine, which also led to the downing of a Malaysian passenger plane. By this point, a series of ceasefire agreements had been signed, but the situation was still tense.

S2: So just before Christmas in 2015, in the midst of Russia’s physical invasion of the country, we saw this first ever black air attack and it hits a group of Ukrainian electric utilities. It wasn’t just that Sandworm went in and switch the lights off and left. They used a piece of wiper malware of the kind that we’re still seeing Russia using in Ukraine today to first wipe a bunch of computers in the facility. The kind of initially throw them into a state of chaos. They also bombarded the facility with fake phone calls just to kind of add an extra layer of confusion. But then they actually took over the I.T. helpdesk software to take over the actual mouse movements of the operators in the control room of this Western Ukrainian power grid utility and locked them out of their computers. And these poor operators were forced to watch as their own mouse movements clicked through circuit breakers and turned off the lights to tens of thousands of Ukrainians.

S1: I was really struck practicing your story. You have a little video that one of the guys in this power facility has taken, and you can just see the mouse. You know, the cursor move around and the video pans down and the mouse isn’t moving. They must have felt so helpless.

S2: I think that there are definitely there. You know, there probably were easier ways to turn off the lights to Ukrainian civilians. But I think that this was, yes, it was designs. You know, all of these cyber attacks are designed to as a kind of terrorism to make Ukrainians feel like they are under attack, like they’re in a war zone, like their government is not keeping them safe, like they are not in control. And to make the rest of the world feel that way about Ukraine as well to, you know, to keep the West’s hands off Ukraine to prevent investment from coming into the country, to make it look like a failed state. This is, I think, cyber war, but it’s also cyber terrorism.

S1: Roughly a year and a half later, Sandworm attacked on a new scale. If 2015 was scary and embarrassing, this was an all encompassing whirlwind. The malware that Sandworm use this time was called not Petya. Andy describes it as a bug that infected systems and then metastasized.

S2: Well, in 2017, Sandworm essentially hijacked the software updates of this Ukrainian accounting software called Murdoc that Murdoch has basically used by everyone in Ukraine to file taxes. It is the TurboTax or Quicken of Ukraine. It’s also used by people outside of Ukraine who do business with Ukraine or who have a Ukrainian satellite office. And Sandworm essentially corrupted those updates so that if you had a copy of Murdoch installed, you suddenly had a copy of Not Petya. This malicious software installed too, and it immediately took down by some measures hundreds of companies in Ukraine. But of course, as I was saying, like, you know, Murdoch is used outside of Ukraine and a cyber attack like this, a self spreading piece of code doesn’t respect national borders. So very quickly we began to see not Petya infections around the world, and I sort of reported this out in most detail at Maersk,

S1: the big shipping company.

S2: Yes. Yes. And inside of Maersk, you know, I talked to one I.T. administrator, for instance, who was working that day, June 27, 2017, in the afternoon, and he just saw his screen go black and kind of, you know, stood up and looked around the room to see if anybody else was having a problem. And he saw a wave of black screens across the room just black, black, black, black, black as not Petya infected and destroyed every computer in masks, global headquarters. And within minutes, you know, people were running down hallways, yelling at each other to turn their computers off. They were going into conference rooms and unplugging machines in the middle of meetings. They were actually they were jumping over the turnstiles between different parts of the building because even those those physical security systems had been paralyzed already by not Petya to try to warn other parts of the building. But of course, Maersk is not just one building in Copenhagen. You know this this has infected their global network, and very soon that meant that tens of thousands of trucks were lining up outside of Maersk terminals and in ports around the world. Meanwhile, ships are arriving at these terminals with tens of thousands of cargo containers on them, and nobody knows what is in them. I mean, nobody knows how to to load or unload these like ships the size of the Empire State Building on its side. And that’s just one company. I mean, this also hit Merck shut down their pharmaceutical manufacturing. They had to borrow their own HPV vaccine from the CDC because they couldn’t make enough of it. Has the company that owns Cadbury and the Pisco, you know, it’s shut down medical record systems and in dozens of U.S. hospitals. I could go on and on. I mean, I still kind of boggles my mind to think that this happens. And I don’t really ever think that Russia was fully held accountable for it.

S1: That’s what I was going to ask you because the attack was so big. It was so brazen. It went to so many different places. But the international community’s response did not feel particularly loud. People were indicted, but not until 2020.

S2: Right? I mean, this is what I what drove me crazy, as I reported in all of this. I mean, first, Russia caused blackouts in Ukraine. They actually attacked the power grid before we even get to not Petya. That was supposed to be a red line where you can do all sorts of state sponsored hacking and get away with it. But if you touch the power grid that was supposed to be an act of Cyberwar and it would be treated as such, you know, with real consequences. And yet nothing happens. I mean, no government around the world even said that that was Russia that had done this, except Ukraine, of course. And then, you know, that kind of invited Russia to just keep going to go further. And when that Petya hits, it still took eight months for anyone to say that this was Russia that had carried out the worst cyber attack in history. There’s $10 billion in damage, cyber attack and then not. Months for there to be any kind of sanctions, so I think that’s part of why the average person is not aware, I don’t think of of NotPetya or that it was a Russian state sponsored attack by this military intelligence agency because the response was so slow.

S1: As you’ve described, these attacks have caused tremendous chaos and cost, but that doesn’t seem like their entire goal. I mean, this has all been occurring sort of set against the backdrop of this long simmering conflict between Russia and Ukraine. Or we should say Russian aggression. I wonder what the political goal is here, too. Is it just to render the physical infrastructure useless? Or is it to inflict economic pain, to make Ukraine look foolish, to disrupt everyday lives? You describe this as cyber terrorism, and I’m wondering what you see the goal as

S2: the goal of these cyber attacks shifts over time, you know, given based on what Russia needs to accomplish, like what they’re the kind of tactical aims of the moment are in. I would say 2014, 2015, 2016, 2017 Russia was waging this. This war they had, they had sort of sparked a war in the east of Ukraine. But that was a limited war kind of a frozen conflict, as people say, designed to to weaken Ukraine, but not to reach the capital. And so these cyber attacks, I think, were a way to to send a message to the rest of Ukraine that you too are vulnerable. You know, even though you’re hundreds of miles away from the fronts, we can reach you too. We can cause a blackout in the capital in the west of France, the furthest reaches of the country. You’re all subject to our sphere of influence.

S1: You talk to a Ukrainian cybersecurity consultant. And he said that essentially the Sandworm was was training that they were using Ukraine as a training ground training ground for what

S2: when they caused a blackout for the second time in the capital of the country. It did seem that they were trying out new techniques. They weren’t just repeating themselves from the year before. They weren’t just doing this the simplest possible way they were trying to innovate. And it seems like they had understood that they can get away with whatever they wanted to in Ukraine, and they might as well try live fire exercises to develop capabilities that they could use in Ukraine, but also elsewhere in the world.

S1: When we come back, where else might that be? Andy says that part of what makes these cyber so frightening and so effective is the sense of disorientation they inflict even before physical conflict begins

S2: with this most accurate ongoing invasion of Ukraine. And you know, things are changing so fast it’s hard to to know what’s what is happening or will happen next. It’s seems like cyber attacks have been designed to kind of prepare the battleground in the sense of like creating confusion as Ukraine tries to figure out what is going on to scare people. But then once the physical invasion starts, I imagine, and it does seem like it is more kind of a tactical accompaniments of physical war, like we’re seeing attacks on organizations that support the military to maybe just actually confuse their command and control. Today, I’m seeing reports of a distributed denial of service attack against the Ukrainian media, who may be reporting on the events of this war. So, of course, these cyber attacks also kind of slip into the background. I mean, they are no longer the center of events. If you want to cause a blackout in Ukraine now, you hit a power station with the missile, which is absolutely happening. Instead of trying to reach in with some IP helpdesk software.

S1: It as I got ready to come in and talk to you, I was practicing a blog from Symantec saying that they had seen destructive malware attacks being used, you know, kind of preceding the Russian ground attack, but then also in Lithuania. And I wonder what that says to you.

S2: Reports so far seem to indicate that those victims, those targets in Lithuania and Latvia, were actually organizations supporting the Ukrainian government. They just happened to be based in Latvia and Lithuania. So, you know, Russia doesn’t care. They’re going to hit them wherever they may be to just kind of bolster, prepare for their physical ground invasion.

S1: One thing that I have been struck by is in the past week, the U.S. and other kind of international allies have been much quicker to call out Russian cyber activity than we’ve seen in the past. There were some attacks February 15th, 16th, and the White House turned around a few days later and said GRU infrastructure was doing this. Why do you think the U.S. has been more willing to make this public so quickly? Is it just because we’re in this, you know, heightened conflict situation?

S2: I think you’re pointing to a huge sea change that is really significance. And it’s, as you say, it’s like almost the polar opposite of what I was just kind of complaining about this, this like situation that was driving me insane in 2015 through 2017, when Russia would get away with blackout attacks in Ukraine, the worst cyber attack in history, with no comments from any Western governments. Now, yeah, as you said, we saw these distributed denial of service attacks, which, by the way, are the equivalent of like throwing rocks versus, you know, a surgical drone strike or, you know, releasing a biological weapon or something. And yet, you know, we saw within days the White House calling out not only Russia, but actually be the specific agency down to the agency level. You know, this name and shame for in this very crude attacks, we

S3: have technical information that links the Russian Main Intelligence Directorate, or GRU. As known GRU infrastructure was seen transmitting high volumes of communication to Ukraine based IP addresses and domains.

S2: We are learning, you know, I think we are learning as a society. Our governments are learning that they do have to respond immediately, if not to come up with like a fully fleshed out package of sanctions or something, just to call out the the rogue hackers that and the rogue agencies that do this to send a message to them that we know what you’ve done. There will be consequences. You need to cut it out right away.

S1: One thing Andy is watching is whether Russia will retaliate against international sanctions with cyber warfare outside Ukraine, something President Biden alluded to at the White House on Thursday.

S4: If Russia pursues cyber attacks against our companies are critical infrastructure, we are prepared to respond. For months, we’ve been working closely with our prime with the private sector to harden our cyber defenses, sharpen our ability to respond to Russia’s cyber attacks as well.

S2: If we really want to talk about high impact cyber attacks at this point, I would not be looking at Ukraine itself, but rather the after effects of sanctions. For instance, when Western countries implement new crushing sanctions against Russia, they will lash out, and I would not be at all surprised to see cyber attacks that don’t just spread from Ukraine, you know, semi accidentally as. Not that you did, but are targeted at the West and that are designed to punish us for what we do to Russia in retaliation for its invasion.

S1: Andy Greenberg, thank you very much.

S2: Thanks, Lizzie.

S1: Andy Greenberg is a senior writer at Wired and the author of the book Sandworm A New ERA of Cyberwar and The Hunt for the Kremlin’s Most Dangerous Hackers. All right, that is it for the show today. TBD is produced by Ethan Brooks were edited by Jonathan Fischer and Tori Bosch. Alicia Montgomery is the executive producer for Slate Podcast. TBD is part of the larger What Next family, and it’s also part of Future Tense, a partnership of Slate, Arizona State University and New America. And I want to take a minute and recommend that you listen to Thursday’s episode of What Next? It’s a story about an anti-government movement in California of all places. All right, we will be back on Sunday with another episode. I am Lizzie O’Leary. Thank you for listening.

Wed, 29 Jun 2022 12:00:00 -0500 en text/html https://slate.com/transcripts/SmlDYmFEb2ZCVko2T3dUdXFBTU1sU1pJWFB2dE8vTmlSQ3dvbmMyQ1N4az0=
Killexams : InfiniteWorld Recruits Seasoned Tech Veteran, Alan Krassowski, as Chief Technology Officer

With Over 30 Years in Software Engineering and Architecture, Krassowski Brings Specialty Experience in Software Security, Secure Smart Contracts, Blockchain and Other Forward-Thinking Technologies to Further Strengthen the Company's Internal Teams

MIAMI, August 02, 2022--(BUSINESS WIRE)--Infinite Assets, Inc. ("InfiniteWorld"), a Web3 and Metaverse infrastructure company that enables brands and creators to create, monetize and drive consumer engagement with digital content, today announced that the company has hired Alan Krassowski as the Company's new Chief Technology Officer— replacing Lucas Henning, who will become Chief Technology Officer at Suku, InfiniteWorld’s Web3 partner. Henning will also act as senior advisor to InfiniteWorld and work with Krassowski as he transitions into the CTO role.

"I'm excited to be a part of the InfiniteWorld team," said Alan Krassowski, Chief Technology Officer at InfiniteWorld. "The paradigm shifts happening in the tech world right now are something I’m passionate about, and I greatly admire how InfiniteWorld is playing a significant role in the exciting transition into Web3. I've been a part of many high-caliber, high-performing teams throughout my career. I look forward to bringing that expertise to this role and becoming a valuable asset to InfiniteWorld in order to further build out our world-class solutions and lead the company to its full potential."

Prior to InfiniteWorld, Krassowski served as CTO, Chief Architect, VP of Technology, and Senior Director of Engineering at global companies such as ConsenSys Capital, Intel Security, Symantec, Cylance and Kiva. In his new role, Krassowski will replace his predecessor, Henning, who will move on to become the full-time CTO at Suku.

"I have the utmost faith in Alan's expertise and ability to lead the InfiniteWorld team and continue to drive innovation for the company," said Lucas Henning, Chief Technology Officer at Suku. "I couldn't be prouder of the work we've done over the last year, and I look forward to working side-by-side with Alan in my new role at Suku as we work with InfiniteWorld to take Web3 to the next level."

As one of the Co-Founders of InfiniteWorld, Henning has played a pivotal role in defining InfiniteWorld's technical vision. He has been driving the conception, architecture, and technical implementation of InfiniteWorld's solutions such as InfiniteWorld's NFT marketplace, TextMeNFT, and NFT Grade. Henning will remain involved as a Senior Advisor to the CTO and collaborate with the Company in his role as the CTO of Suku.

"The strength of our team lies in the passion and experience we all bring to the table," said Brad Allen, Chief Executive Officer at InfiniteWorld. "Alan is inheriting a strong and innovative team of engineers who’ve been led well by Lucas up to this point. I have no doubts both of these CTO transitions will lead to the benefit and growth of InfiniteWorld and we will bring more brands and creators into the Metaverse."

About InfiniteWorld

InfiniteWorld is a leading Web3 and Metaverse infrastructure company that enables brands and creators to create, monetize, and drive consumer engagement and experiences with digital content. InfiniteWorld is poised to become a publicly traded company through a business combination with Aries I Acquisition Corporation (Nasdaq: RAM), a special purpose acquisition company. The company has been highly sought after by brands and creators for its ability to create immersive programs around NFTs and other digital assets that offer high-level experiences and engagement for their consumers and communities.

About Aries I Acquisition Corporation

Aries I Acquisition Corporation (NASDAQ: RAM) was founded by its Chairman, Thane Ritchie. Aries is a special purpose acquisition company whose business purpose is to effect a merger, capital stock exchange, asset acquisition, stock purchase, reorganization or similar business combination with one or more businesses. On December 13, 2021, Aries and InfiniteWorld announced that they had entered into a definitive business combination agreement. Closing of the business combination is subject to customary closing conditions including the approval of the shareholders of Aries.

For materials and information, visit https://www.infiniteworld.com/ for InfiniteWorld and https://www.ariescorp.io/ for Aries.

No Offer or Solicitation

This press release is not a proxy statement or solicitation of a proxy, consent or authorization with respect to any securities or in respect of the potential transaction and does not constitute an offer to sell or a solicitation of an offer to buy any securities of Aries or InfiniteWorld, nor shall there be any sale of any such securities in any state or jurisdiction in which such offer, solicitation or sale would be unlawful prior to registration or qualification under the securities laws of such state or jurisdiction. No offer of securities shall be made except by means of a prospectus meeting the requirements of the Securities Act.

Important Additional Information Regarding the Transaction Will Be Filed With the SEC

In connection with the proposed business combination, Aries intends to file with the U.S. Securities and Exchange Commission (the "SEC") a registration statement on Form S-4 containing a preliminary proxy statement and a preliminary prospectus of Aries, and after the registration statement is declared effective, Aries will mail a definitive proxy statement/prospectus relating to the proposed business combination to its shareholders and InfiniteWorld’s shareholders. This press release does not contain all the information that should be considered concerning the proposed business combination and is not intended to form the basis of any investment decision or any other decision in respect of the business combination. Aries’s shareholders and other interested persons are advised to read, when available, the preliminary proxy statement/prospectus and the amendments thereto and the definitive proxy statement/prospectus and other documents filed in connection with the proposed business combination, as these materials will contain important information about InfiniteWorld, Aries and the proposed business combination. When available, the definitive proxy statement/prospectus and other relevant materials for the proposed business combination will be mailed to shareholders of Aries as of a record date to be established for voting on the proposed business combination. Such shareholders will also be able to obtain copies of the preliminary proxy statement/prospectus, the definitive proxy statement/prospectus and other documents filed with the SEC, without charge, once available, at the SEC’s website at www.sec.gov, or by directing a request to Aries I Acquisition Corporation, 23 Lime Tree Bay, P.O. Box 1569 Grand Cayman, Cayman Islands.

Participants in the Solicitation

Aries and InfiniteWorld and their respective directors, executive officers, other members of management, and employees, under SEC rules, may be deemed to be participants in the solicitation of proxies of Aries’ shareholders in connection with the proposed transaction. Information regarding the persons who may, under SEC rules, be deemed participants in the solicitation of Aries’ shareholders in connection with the proposed business combination will be set forth in Aries’ registration statement on Form S-4, including a proxy statement/prospectus, when it is filed with the SEC. Investors and security holders may obtain more detailed information regarding the names and interests in the proposed transaction of Aries’ directors and officers in Aries’ filings with the SEC and such information will also be in the Registration Statement to be filed with the SEC by Aries, which will include the proxy statement/prospectus of Aries for the proposed transaction.

Cautionary Statement Regarding Forward-Looking Statements

This press release includes "forward-looking statements" within the meaning of the "safe harbor" provisions of the United States Private Securities Litigation Reform Act of 1995. Aries’ and InfiniteWorld’s actual results may differ from their expectations, estimates, and projections and, consequently, you should not rely on these forward-looking statements as predictions of future events. Words such as "expect," "estimate," "project," "budget," "forecast," "anticipate," "intend," "plan," "may," "will," "could," "should," "believes," "predicts," "potential," "continue," and similar expressions (or the negative versions of such words or expressions) are intended to identify such forward-looking statements. These forward-looking statements include, without limitation, the satisfaction of the closing conditions to the proposed business combination, and the timing of the completion of the proposed business combination. These forward-looking statements involve significant risks and uncertainties that could cause the actual results to differ materially from those discussed in the forward-looking statements. Most of these factors are outside Aries’s and InfiniteWorld’s control and are difficult to predict. Factors that may cause such differences include, but are not limited to: (1) the occurrence of any event, change, or other circumstances that could supply rise to the termination of the definitive business combination agreement (the "Agreement"); (2) the outcome of any legal proceedings that may be instituted against Aries and InfiniteWorld following the announcement of the Agreement and the transactions contemplated therein; (3) the inability to complete the proposed business combination, including due to failure to obtain approval of the shareholders of Aries and InfiniteWorld, certain regulatory approvals, or satisfy other conditions to closing in the Agreement; (4) the occurrence of any event, change, or other circumstance that could supply rise to the termination of the Agreement or could otherwise cause the transaction to fail to close; (5) the impact of COVID-19 on InfiniteWorld’s business and/or the ability of the parties to complete the proposed business combination; (6) the risk that the proposed business combination disrupts current plans and operations as a result of the announcement and consummation of the proposed business combination; (7) costs related to the proposed business combination; (8) changes in applicable laws or regulations; (9) the possibility that InfiniteWorld or Aries may be adversely affected by other economic, business, and/or competitive factors; and (10) other risks and uncertainties indicated from time to time in the final prospectus of Aries for its initial public offering, including those under "Risk Factors" therein, and in Aries’ other filings with the SEC. Aries cautions that the foregoing list of factors is not exclusive. Aries cautions readers not to place undue reliance upon any forward-looking statements, which speak only as of the date made. Aries does not undertake or accept any obligation or undertaking to release publicly any updates or revisions to any forward-looking statements to reflect any change in its expectations or any change in events, conditions, or circumstances on which any such statement is based.

View source version on businesswire.com: https://www.businesswire.com/news/home/20220802005460/en/

Contacts

Media Contact(s):
Nicole Rodrigues
NRPR Group - for InfiniteWorld
nicole@nrprgroup.com

Keil Decker
ICR for InfiniteWorld and Aries
(646) 677-1806
Keil.Decker@icrinc.com

Investors
Ashley DeSimone
ICR for InfiniteWorld and Aries
(646) 677-1827
Ashley.DeSimone@icrinc.com

Mon, 01 Aug 2022 17:05:00 -0500 en-CA text/html https://ca.news.yahoo.com/infiniteworld-recruits-seasoned-tech-veteran-120500022.html
Killexams : Weaving a New Web

In 1969 scientists at the University of California, Los Angeles, transmitted a couple of bits of data between two computers, and thus the Internet was born. Today about 2 billion people access the Web regularly, zipping untold exabytes of data (that’s 10^18 pieces of information) through copper and fiber lines around the world. In the United States alone, an estimated 70 percent of the population owns a networked computer. That number grows to 80 percent if you count smartphones, and more and more people jump online every day. But just how big can the information superhighway get before it starts to buckle? How much growth can the routers and pipes handle? The challenges seem daunting. The current Internet Protocol (IP) system that connects global networks has nearly exhausted its supply of 4.3 billion unique addresses. Video is projected to account for more than 90 percent of all Internet traffic by 2014, a sudden new demand that will require a major increase in bandwidth. Malicious software increasingly threatens national security. And consumers may face confusing new options as Internet service providers consider plans to create a “fast lane” that would prioritize some Web sites and traffic types while others are routed more slowly.

Fortunately, thousands of elite network researchers spend their days thinking about these thorny issues. Last September DISCOVER and the National Science Foundation convened four of them for a lively discussion, hosted by the Georgia Institute of Technology in Atlanta, on the next stage of Internet evolution and how it will transform our lives. DISCOVER editor in chief Corey S. Powell joined Cisco’s Paul Connolly, who works with Internet service providers (ISPs); Georgia Tech computer scientist Nick Feamster, who specializes in network security; William Lehr of MIT, who studies wireless technology, Internet architecture, and the economic and policy implications of online access; and Georgia Tech’s Ellen Zegura, an expert on mobile networking (click here for video of the event).

Powell: Few people anticipated Google’s swift rise, the vast influence of social media, or the Web’s impact on the music, television, and publishing industries. How do we even begin to map out what will come next?

Lehr: One thing the Internet has taught us thus far is that we can’t predict it. That’s wonderful because it allows for the possibility of constantly reinventing it.

Zegura: Our response to not being able to predict the Internet is to try to make it as flexible as possible. We don’t know for sure what will happen, so if we can create a platform that can accommodate many possible futures, we can position ourselves for whatever may come. The current Internet has held up quite well, but it is ready for some changes to prepare it to serve us for the next 30, 40, or 100 years. By building the ability to innovate into the network, we don’t have to know exactly what’s coming down the line. That said, Nick and others have been working on a test bed called GENI, the Global Environment for Network Innovations project that will allow us to experiment with alternative futures.

Powell: Almost like using focus groups to redesign the Internet?

Zegura: That’s not a bad analogy, although some of the testing might be more long-term than a traditional focus group.

Powell: What are some major online trends, and what do they suggest about where we are headed?

Feamster: We know that paths are getting shorter: From point A to point B, your traffic is going through fewer and fewer Internet service providers. And more and more data are moving into the cloud. Between now and 2020, the number of people on the Internet is expected to double. For those who will come online in the next 10 years or so, we don’t know how they’re going to access the Internet, how they’re going to use it, or what kinds of applications they might use. One trend is the proliferation of mobile devices: There could be more than a billion cell phones in India alone by 2015.

Powell: So there’s a whole universe of wireless connectivity that could potentially become an Internet universe?

Feamster: Absolutely. We know things are going to look vastly different from people sitting at desktops or laptops and browsing the Web. Also, a lot of Internet innovation has come not from research but from the private sector, both large companies and start-ups. As networking researchers, we should be thinking about how best to design the network substrate to allow it to evolve, because all we know for sure is that it’s going to keep changing.

Powell: What kind of changes and challenges do you anticipate?

Lehr: We’re going to see many different kinds of networks. As the Internet pushes into the developing world, the emphasis will probably be on mobile networks. For now, the Internet community is still very U.S.-centric. Here, we have very strong First Amendment rights (see “The Five Worst Countries for Surfing the Web,” page 5), but that’s not always the case elsewhere in the world, so that’s something that could cause friction as access expands.

Powell: Nearly 200 million Americans have a broadband connection at home. The National Broadband Plan proposes that everyone here should have affordable broadband access by 2020. Is private industry prepared for this tremendous spike in traffic?

Connolly: Our stake in the ground is that global traffic will quadruple by 2014, and we believe 90 percent of consumer traffic will be video-based. The question is whether we can deal with all those bits at a cost that allows stakeholders to stay in business. The existing Internet is not really designed to handle high volumes of media. When we look at the growth rate of bandwidth, it has followed a consistent path, but you have to focus on technology at a cost. If we can’t hit a price target, it doesn’t go mainstream. When we hit the right price, all of a sudden people say, “I want to do that,” and away we go.

Powell: As networks connect to crucial systems—such as medical equipment, our homes, and the electrical grid—disruptions will become costly and even dangerous. How do we keep everything working reliably?

Lehr: We already use the cyber world to control the real world in our car engines and braking systems, but when we start using the Internet, distributed networks, and resources on some cloud to make decisions for us, that raises a lot of questions. One could imagine all kinds of scenarios. I might have an insulin pump that’s controlled over the Internet, and some guy halfway around the world can hack into it and change my drug dosage.

Feamster: The late Mark Weiser, chief technologist at the Xerox Palo Alto Research Center, said the most profound technologies are the ones that disappear. When we drive a car, we’re not even aware that there’s a huge network under the hood. We don’t have to know how it works to drive that car. But if we start networking appliances or medical devices and we want those networks to disappear in the same way, we need to rely on someone else to manage them for us, so privacy is a huge concern. How do I supply someone visibility and access so they can fix a problem without letting them see my personal files, or use my printer, or open my garage door? The issues that span usability and privacy are going to become increasingly important.

Zegura: I would not be willing to have surgery over the Internet today because it’s not secure or reliable enough. Many environments are even more challenging: disaster situations, remote areas, military settings. But many techniques have been developed to deal with places that lack robust communications infrastructure. For instance, my collaborators and I have been developing something called message ferries. These are mobile routers, nodes in the environment that enable communication. Message ferries could be on a bus, in a backpack, or on an airplane. Like a ferry picks up passengers, they pick up messages and deliver them to another region.

Powell: Any takers for surgery over the Internet? Show of hands?

Lehr: If I’m in the Congo and I need surgery immediately, and that’s the only way they can supply it to me, sure. Is it ready for prime time? Absolutely not.


Powell: Many Web sites now offer services based on “cloud computing.” What is the concept behind that?

Feamster: One of the central tenets of cloud computing is virtualization. What that means is that instead of having hardware that’s yours alone, you share it with other people, whom you might not trust. This is evident in Gmail and Google Docs. Your personal documents are sitting on the same machine with somebody else’s. In this kind of situation, it’s critical to be able to track where data go. Several of my students are working on this issue.

Powell: With more and more documents moving to the cloud, aren’t there some complications from never knowing exactly where your data are or what you’re connecting to?

Lehr: A disconnect between data and physical location puts providers in a difficult position—for example, Google deciding what to do with respect to filtering search results in China. It’s a global technology provider. It can potentially influence China’s rules, but how much should it try to do that? People are reexamining this issue at every level.

Powell: In one accurate survey, 65 percent of adults in 14 countries reported that they had been the victim of some type of cyber crime. What do people need to know to protect themselves?

Feamster: How much do you rely on educating users versus shielding them from having to make sensitive decisions? In some instances you can prevent people from making mistakes or doing malicious things. Last year, for instance, Goldman Sachs was involved in a legal case in which the firm needed to show that no information had been exchanged between its trading and accounting departments. That’s the kind of thing that the network should just take care of automatically, so it can’t happen no matter what users do.

Zegura: I agree that in cases where it’s clear that there is something people should not do, and we can make it impossible to do it, that’s a good thing. But we can’t solve everything that way. There is an opportunity to help people understand more about what’s going on with networks so they can look out for themselves. A number of people don’t understand how you can get e-mail that looks like it came from your mother, even though it didn’t. The analogy is that someone can take an envelope and write your name on it, write your mother’s name on the return address, and stick it in your mailbox. Now you have a letter in your mailbox that looks like it came from your mother, but it didn’t. The same thing can happen with e-mail. It’s possible to write any address on an Internet packet so it looks like it came from somewhere else. That’s a very basic understanding that could help people be much smarter about how they use networks.

Audience: How is the Internet changing the way we learn?

Feamster: Google CEO Eric Schmidt once gave an interview in which he was talking about how kids are being quizzed on things like country capitals (video). He essentially said, “This is ridiculous. I can just go to Google and search for capitals. What we really should be teaching students is where to find answers.” That’s perhaps the viewpoint of someone who is trying to catalog all the world’s information and says, “Why don’t you use it?” But there’s something to be said for it—there’s a lot of data at our fingertips. Maybe education should shift to reflect that.

Audience: Do you think it will ever be possible to make the Internet totally secure?

Feamster: We’ll never have perfect security, but we can make it tougher. Take the problem of spam. You construct new spam filters, and then the spammers figure out that you’re looking for messages sent at a certain time or messages of a certain size, so they have to shuffle things up a bit. But the hope is that you’ve made it harder. It’s like putting up a higher fence around your house. You won’t stop problems completely, but you can make break-ins inconvenient or costly enough to mitigate them.

Audience: Should there be limits on how much personal information can be collected online?

Zegura: Most of my undergraduate students have a sensitivity to private information that’s very different from mine. But even if we’re savvy, we can still be unaware of the personal data that some companies collect. In general, it needs to be much easier for people to make informed choices.

Feamster: The thing that scares me the most is what happens when a company you thought you trusted gets bought or goes out of business and sells all of your data to the lowest bidder. There are too few regulations in place to protect us, even if we understand the current privacy policies.

Lehr: Technologically, Bill Joy [co-founder of Sun Microsystems] was right when he said, “Privacy is dead; just get over it.” Privacy today can no longer be about whether someone knows something, because we can’t regulate that effectively. What matters now is what they can do with what they know.

Audience: Wiring society creates the capacity to crash society. The banking system, utilities, and business administration are all vulnerable. How do we meaningfully weigh the benefits against the risks?


Lehr: How we decide to use networks is very important. For example, we might decide to have separate networks for certain systems. I cannot risk some kid turning on a generator in the Ukraine and blowing something up in Kentucky, so I might keep my electrical power grid network completely separate. This kind of question engages more than just technologists. A wider group of stakeholders needs to weigh in.

Connolly: You always have to balance the good versus the potential for evil. Occasionally big blackouts in the Northeast cause havoc, but if we decided not to have electricity because of that risk, that would be a bad decision, and I don’t think it’s any worse in the case of the Internet. We have to be careful, but there’s so much possibility for enormous good. The power of collaboration, with people working together through the Internet, gives us tremendous optimism for the kinds of issues we will be able to tackle.

The Conversation in Context: 12 Ideas That Will Reshape the Way We Live and Work Online

1. Change how the data flow
A good place to start is with the overburdened addressing system, known as IPv4. Every device connected to the Internet, including computers, smartphones, and servers, has a unique identifier, or Internet protocol (IP) address. “Whenever you type in the name of a Web site, the computer essentially looks at a phone book of IP addresses,” explains Craig Labovitz, chief scientist at Arbor Networks, a software and Internet company. “It needs a number to call to connect you.” Trouble is, IPv4 is running out of identifiers. In fact, the expanding Web is expected to outgrow IPv4’s 4.3 billion addresses within a couple of years. Anticipating this shortage, researchers began developing a new IP addressing system, known as IPv6, more than a decade ago. IPv6 is ready to roll, and the U.S. government and some big Internet companies, such as Google, have pledged to switch over by 2012. But not everyone is eager to follow. For one, the jump necessitates costly upgrades to hardware and software. Perhaps a bigger disincentive is the incompatibility of the two addressing systems, which means companies must support both versions throughout the transition to ensure that everyone will be able to access content. In the meantime, IPv4 addresses, which are typically free, may be bought and sold. For the average consumer, Labovitz says, that could translate to pricier Internet access.

2. Put the next internet to the test
In one GENI experiment, Stanford University researcher Kok-Kiong Yap is researching a futuristic Web that seamlessly transitions between various cellular and WiFi networks, allowing smartphones to look for an alternative connection whenever the current one gets overwhelmed. That’s music to the ears of everyone toting an iPhone.

3. Move data into the cloud
As Nick Feamster says, the cloud is an increasingly popular place to store data. So much so, in fact, that technology research company Gartner predicts the estimated value of the cloud market, including all software, advertising, and business transactions, will exceed $150 billion by 2013. Why the boom? Convenience. At its simplest, cloud computing is like a giant, low-cost, low-maintenance storage locker. Centralized servers, provided by large Internet companies like Microsoft, Google, and Amazon, plus scores of smaller ones worldwide, let people access data and applications over the Internet instead of storing them on personal hard drives. This reduces costs for software licensing and hardware.

4. Settle who owns the internet
While much of the data that zips around the Internet is free, the routers and pipes that enable this magical transmission are not. The question of who should pay for rising infrastructure costs, among other expenses, is at the heart of the long-standing net neutrality debate. On the one side, Internet service providers argue that charging Web sites more for bandwidth-hogging data such as video will allow them to expand capacity and deliver data faster and more reliably. Opponents counter that such a tiered or “pay as you go” Internet would unfairly favor wealthier content providers, allowing the richest players to indirectly censor their cash-strapped competition. So which side has the legal edge? Last December the Federal Communications Commission approved a compromise plan that would allow ISPs to prioritize traffic for a fee, but the FCC promises to police anticompetitive practices, such as an ISP’s mistreating, say, Netflix, if it wants to promote its own instant-streaming service. The extent of the FCC’s authority remains unclear, however, and the ruling could be challenged as early as this month.

5. Understand what can happen when networks make decisions for us
In November Iranian president Mahmoud Ahmadinejad confirmed that the Stuxnet computer worm had sabotaged national centrifuges used to enrich nuclear fuel. Experts have determined that the malicious code hunts for electrical components operating at particular frequencies and hijacks them, potentially causing them to spin centrifuges at wildly fluctuating rates. Labovitz of Arbor Networks says, “Stuxnet showed how skilled hackers can militarize technology.”

6. Get ready for virtual surgery
Surgeon Jacques Marescaux performed the first trans-Atlantic operation in 2001 when he sat in an office in New York and delicately removed the gall bladder of a woman in Strasbourg, France. Whenever he moved his hands, a robot more than 4,000 miles away received signals via a broadband Internet connection and, within 15-hundredths of a second, perfectly mimicked his movements. Since then more than 30 other patients have undergone surgery over the Internet. “The surgeon obviously needs a certain that the connection won’t be interrupted,” says surgeon Richard Satava of the University of Washington. “And you need a consistent time delay. You don’t want to see a robot continually change its response time to your hand motions.”

7. Bring on the message ferries
A message ferry is a mobile device or Internet node that could relay data in war zones, disaster sites, and other places lacking communications infrastructure.

8. Don’t share hardware with people whom you might not trust
Or who might not trust you. The tenuous nature of free speech on the Internet cropped up in December when Amazon Web Services booted WikiLeaks from its cloud servers. Amazon charged that the nonprofit violated its terms of service, although the U.S. government may have had more to do with the decision than Amazon admits. WikiLeaks, for its part, shot back on Twitter, “If Amazon are [sic] so uncomfortable with the First Amendment, they should get out of the business of selling books.”

Unfortunately for WikiLeaks, Amazon is not a government agency, so there is no First Amendment case against it, according to Internet scholar and lawyer Wendy Seltzer of Princeton University. You may be doing something perfectly legal on Amazon’s cloud, Seltzer explains, and Amazon could supply you the boot because of government pressure, protests, or even too many service calls. “Service providers supply end users very little recourse, if any,” she observes. That’s why people are starting to think about “distributed hosting,” in which no one company has total power, and thus no one company controls freedom of speech.

9. Make cloud computing secure Nick Feamster’s strategy is to tag sensitive information with irrevocable digital labels. For example, an employee who wants only his boss to read a message could create a label designating it as secret. That label would remain with the message as it passed through routers and servers to reach the recipient, preventing a snooping coworker from accessing it. “The file could be altered, chopped in two, whatever, and the label would remain with the data,” Feamster says. The label would also prohibit the boss from relaying the message to someone else. Feamster expects to unveil a version of his labeling system, called Pedigree, later this year.

10. Manage your junk mail A lot of it. Spam accounts for about 85 percent of all e-mail. That’s more than 50 billion junk messages a day, according to the online security company Symantec.

11. Privacy is dead? Don’t believe it As we cope with the cruel fact that the Internet never forgets, researchers are looking toward self-destructing data as a possible solution. Vanish, a program created at the University of Washington, encodes data with cryptographic tags that degrade over time like vanishing ink. A similar program, aptly called TigerText, allows users to program text messages with a “destroy by” date that activates once the message is opened. Another promising option, of course, is simply to exercise good judgment.

12. Network to make a better world Crowdsourcing science projects that harness the power of the wired masses have tremendous potential to quickly solve problems that would otherwise take years to resolve. Notable among these projects is Foldit (fold.it), an engaging online puzzle created by Seth Cooper of the University of Washington and others that tasks gamers with figuring out the shapes of hundreds of proteins, which in turn can lead to new medicines. Another is the UC Berkeley Space Sciences Lab’s Stardust@home project (stardustathome.ssl.berkeley.edu), which has recruited about 30,000 volunteers to scour, via the Internet, microscope images of interstellar dust particles collected from the tail of a comet that may hold clues to how the solar system formed. And Cornell University’s NestWatch (nestwatch.org) educates people about bird breeding and encourages them to submit nest records to an online database. To date, the program has collected nearly 400,000 nest records on more than 500 bird species.

Check out discovermagazine.com/web/
citizenscience for more projects.

—
Andrew Grant and Andrew Moseman

The Five Worst Countries for Surfing the Web

China

Government control of the Internet makes using the Web in China particularly limiting and sometimes dangerous. Chinese officials, for instance, imprisoned human rights activist Liu Xiaobo in 2009 for posting his views on the Internet and then blocked news Web sites that covered the Nobel Peace Prize ceremony honoring him last December. Want to experience China’s censorship firsthand? Go to baidu.com, the country’s most popular search engine, and type in “Tiananmen Square massacre.”

North Korea
It’s hard to surf the Web when there is no Web to surf. Very few North Koreans have access to the Internet; in fact, due to the country’s isolation and censorship, many of its citizens do not even know it exists.

Burma
Burma is the worst country in which to be a blogger, according to a 2009 report by the Committee to Protect Journalists. Blogger Maung Thura, popularly known in the country as Zarganar, was sentenced to 35 years in prison for posting content critical of the government’s aid efforts after a hurricane.

Iran

The Iranian government employs an extensive Web site filtering system, according to the press freedom group Reporters Without Borders, and limits Internet connection speeds to curb the sharing of photos and videos. Following the controversial 2009 reelection of president Mahmoud Ahmadinejad, protesters flocked to Twitter to voice their displeasure after the government blocked various news and social media Web sites.

Cuba

Only 14 percent of Cubans have access to the Internet, and the vast majority are limited to a government-controlled network made up of e-mail, an encyclopedia, government Web sites, and selected foreign sites supportive of the Cuban dictatorship. Last year Cuban officials accused the United States of encouraging subversion by allowing companies to offer Internet communication services there.

—
Andrew Grant

Wed, 06 Jul 2011 05:13:00 -0500 en text/html https://www.discovermagazine.com/technology/weaving-a-new-web
250-251 exam dump and training guide direct download
Training Exams List