background preloader

How Apple and Amazon Security Flaws Led to My Epic Hacking

How Apple and Amazon Security Flaws Led to My Epic Hacking
In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. In many ways, this was all my fault. Had I been regularly backing up the data on my MacBook, I wouldn’t have had to worry about losing more than a year’s worth of photos, covering the entire lifespan of my daughter, or documents and e-mails that I had stored in no other location. Those security lapses are my fault, and I deeply, deeply regret them. But what happened to me exposes vital security flaws in several customer service systems, most notably Apple’s and Amazon’s. This isn’t just my problem. ‬The very four digits that Amazon considers unimportant enough to display in the clear on the Web are precisely the same ones that Apple considers secure enough to perform identity verification.‪ I realized something was wrong at about 5 p.m. on Friday. Lulz. “Wait. “Mr.

Hackers backdoor the human brain, successfully extract sensitive data With a chilling hint of the not-so-distant future, researchers at the Usenix Security conference have demonstrated a zero-day vulnerability in your brain. Using a commercial off-the-shelf brain-computer interface, the researchers have shown that it's possible to hack your brain, forcing you to reveal information that you'd rather keep secret. As we've covered in the past, a brain-computer interface is a two-part device: There's the hardware -- which is usually a headset (an EEG; an electroencephalograph) with sensors that rest on your scalp -- and software, which processes your brain activity and tries to work out what you're trying to do (turn left, double click, open box, etc.) Both of these commercial BCIs have an API -- an interface that allows developers to use the BCI's output in their own programs. Moving forward, this brain hack can only improve in efficacy as BCIs become cheaper, more accurate, and thus more extensively used.

Reaching 10M Downloads, And The Guerrilla Marketing Tactics We Used To Get There The day my app (AutoCAD WS) crossed one million downloads on the App Store, the first question that crossed my mind was how did I ever end up doing marketing? I was a techy product manager and never imagined myself in marketing, until my app was in a life or death situation. The startup I co-founded (which was later acquired by Autodesk) developed a CAD B2B app for engineers. After launching our product, we started marketing it by the book – crafting our positioning and working with a PR agency to approach bloggers. This didn’t work. We went at it a second and third time – tweaking our positioning and web site once again, adding more product features and writing to more bloggers. I gradually came to an understanding that when competing with hundreds of thousands of other apps for attention, marketing is not just another ingredient in an app’s success. Here are some non-traditional tactics that helped us get there. The first big marketing step for a vertical app to admit that it is one.

Helping Students Create Positive Digital Footprints - ASCD Annual Conference 2012 Christine Fisher When asked what words come to mind when they think about students posting to the Internet, many educators list words like danger and safety. But with the likes of Robert Nay—who created one of the most downloaded iPad apps of 2011 when he was just 14—and even Justin Bieber—who began his international superstardom as a YouTube sensation—as inspiration, students and teachers alike should know the positives that posting to the Internet can offer. This was the message Steve Johnson, a technology skills teacher, parent, and author of two education books, shared during his Saturday session, "Digital Footprints: Your Students' New First Impression." "The main idea we get from surveying teachers [about students posting online] is there [are] a lot of negative connotations," Johnson said, as he aimed to reverse these negative perceptions and encourage educators to promote student-produced online content in their classrooms. "They are going to make mistakes," he said.

Harvard cracks DNA storage, crams 700 terabytes of data into a single gram A bioengineer and geneticist at Harvard’s Wyss Institute have successfully stored 5.5 petabits of data — around 700 terabytes — in a single gram of DNA, smashing the previous DNA data density record by a thousand times. The work, carried out by George Church and Sri Kosuri, basically treats DNA as just another digital storage device. Instead of binary data being encoded as magnetic regions on a hard drive platter, strands of DNA that store 96 bits are synthesized, with each of the bases (TGAC) representing a binary value (T and G = 1, A and C = 0). To read the data stored in DNA, you simply sequence it — just as if you were sequencing the human genome — and convert each of the TGAC bases back into binary. It is only with recent advances in microfluidics and labs-on-a-chip that synthesizing and sequencing DNA has become an everyday task, though. Just think about it for a moment: One gram of DNA can store 700 terabytes of data.

APIs - US Census Bureau To improve access to data and encourage innovation, the Census Bureau has begun to provide API access to some data sets. We invite developers to use these APIs, join our Developer Forum, and provide feedback to help us move forward with continued API development. Please read the Terms of Service for using the API. Now available: The Economic Indicators Time Series Database - see details The Economic Indicator Database is now available via the API. Discovery Tool (in Beta) The machine-readable dataset discovery service is now available in beta release. In addition to the above URIs dataset discovery is available for the entire vintage/dataset hierarchy as well. The Open Project Data Common Core Metadata Schema documentation is a good starting point for understanding the fields output by the discovery service. This is a beta release. Happy discovering! Accessing Data Data are accessible to software developers through a stateless HTTP GET request. Query Response

10 Things Your Students Should Know About Their Digital Footprints Building a digital legacy is an issue I believe doesn’t garner enough attention in our personal and professional lives. In fact, some of the heaviest users of online tools and social media are our young students, who are growing up as a generation of visual learners and visual attention seekers. This is in fact the Facebook and YouTube generation, and the reality is that many teens are unconcerned about the dangers of sharing personal information online. A highly respected education advocate, Kevin Honeycutt, once asked me if any of us from our generation (GenX and before), had ever made a mistake in puberty. He then asked if our mistakes are “Googleable.” The reality is that our mistakes from puberty are not “Googleable”. With that in mind, I have developed some important facts and opinions that our students should be completely aware of as they live in their digital world, creating digital footprints along the way. 10 Things Your Students Should Know About Their Digital Footprints 1. 2.

Dropbox in Space! Dropbox / 18 Comments Posted by Drew Houstonon April 09, 2014 Today, we launched Mailbox for Android, turned on new Dropbox for Business features, and introduced the world to Carousel, our new gallery app. These experiences are just a first step towards making Dropbox a home for life. And today, we’re thrilled to announce three amazing additions to our leadership team to help us get there. We’re thrilled to promote Sujay Jaswa to be our CFO. Dennis Woodside is joining the Dropbox family as our new COO. Finally, we’re proud to welcome Dr. Welcome aboard! Dropbox / 56 Comments Posted by Drew and Arashon April 09, 2014 Technology should ‘just work’ and make us happy. If you’re using Dropbox at work, you can now connect your personal Dropbox to your Dropbox for Business on all your devices. Mailbox was the first new addition to the Dropbox family, and for the last year it’s helped iOS users put email in its place. Dropbox / 45 Comments Posted by Ramesh Balakrishnan & Chris Leeon April 09, 2014

MobileDay - One-Touch into any conference call from your iPhone or Android Meet Eb0z, The Guy Who Claims To Have Hacked Pakistan’s Web (And 89,000 Other Sites) It all started with a score that needed to be settled. A couple of weeks ago, I wrote up some news about how various, high-profile sites in Pakistan and Romania were getting defaced by hackers. I did a little digging around to see who might have been behind the events, and then wrote that up in the posts. Apparently, I didn’t dig deep enough to get the whole story. Over the weekend, someone called eboz, the same name as the hacker behind the Pakistan spate of attacks, got in touch. As long as I had his ear, I decided to see if he would talk to me a bit more. Eboz is a self-styled hacker’s hacker and focuses mostly on gaining root access to servers and sometimes defacing them. Extended excerpts from the interview follow below. So I have some proof and confidence in connecting this guy to the defacements. On Monday morning, he told me he had some attacks planned for Google, and maybe others. Why does he hack, or claim to hack? I’ve kept his writing style just as he typed it. Pakistan? no.

WebDAV Navigator

Related: