Later On

A blog written for those whose interests more or less match mine.

Archive for the ‘Software’ Category

It’s worse than we thought: A Cyberattack ‘the World Isn’t Ready For’

leave a comment »

Nicole Perlroth has a frightening report in the NY Times:

There have been times over the last two months when Golan Ben-Oni has felt like a voice in the wilderness.

On April 29, someone hit his employer, IDT Corporation, with two cyberweapons that had been stolen from the National Security Agency. Mr. Ben-Oni, the global chief information officer at IDT, was able to fend them off, but the attack left him distraught.

In 22 years of dealing with hackers of every sort, he had never seen anything like it. Who was behind it? How did they evade all of his defenses? How many others had been attacked but did not know it?

Since then, Mr. Ben-Oni has been sounding alarm bells, calling anyone who will listen at the White House, the Federal Bureau of Investigation, the New Jersey attorney general’s office and the top cybersecurity companies in the country to warn them about an attack that may still be invisibly striking victims undetected around the world.

(p>And he is determined to track down whoever did it.

“I don’t pursue every attacker, just the ones that piss me off,” Mr. Ben-Oni told me recently over lentils in his office, which was strewn with empty Red Bull cans. “This pissed me off and, more importantly, it pissed my wife off, which is the real litmus test.”

Two weeks after IDT was hit, the cyberattack known as WannaCry ravaged computers at hospitals in England, universities in China, rail systems in Germany, even auto plants in Japan. No doubt it was destructive. But what Mr. Ben-Oni had witnessed was much worse, and with all eyes on the WannaCry destruction, few seemed to be paying attention to the attack on IDT’s systems — and most likely others around the world.

The strike on IDT, a conglomerate with headquarters in a nondescript gray building here with views of the Manhattan skyline 15 miles away, was similar to WannaCry in one way: Hackers locked up IDT data and demanded a ransom to unlock it.

But the ransom demand was just a smoke screen for a far more invasive attack that stole employee credentials. With those credentials in hand, hackers could have run free through the company’s computer network, taking confidential information or destroying machines.

Worse, the assault, which has never been reported before, was not spotted by some of the nation’s leading cybersecurity products, the top security engineers at its biggest tech companies, government intelligence analysts or the F.B.I., which remains consumed with the WannaCry attack.

Were it not for a digital black box that recorded everything on IDT’s network, along with Mr. Ben-Oni’s tenacity, the attack might have gone unnoticed.

Scans for the two hacking tools used against IDT indicate that the company is not alone. In fact, tens of thousands of computer systems all over the world have been “backdoored” by the same N.S.A. weapons. Mr. Ben-Oni and other security researchers worry that many of those other infected computers are connected to transportation networks, hospitals, water treatment plants and other utilities.

An attack on those systems, they warn, could put lives at risk. And Mr. Ben-Oni, fortified with adrenaline, Red Bull and the house beats of Deadmau5, the Canadian record producer, said he would not stop until the attacks had been shut down and those responsible were behind bars.

“The world is burning about WannaCry, but this is a nuclear bomb compared to WannaCry,” Mr. Ben-Oni said. “This is different. It’s a lot worse. It steals credentials. You can’t catch it, and it’s happening right under our noses.”

And, he added, “The world isn’t ready for this.”

Targeting the Nerve Center . . .

Continue reading.

It gets worse. Later:

. . , No one he has spoken to knows whether they have been hit, but just this month, restaurants across the United States reported being hit with similar attacks that were undetected by antivirus systems. There are now YouTube videos showing criminals how to attack systems using the very same N.S.A. tools used against IDT, and Metasploit, an automated hacking tool, now allows anyone to carry out these attacks with the click of a button.

Worse still, Mr. Ben-Oni said, “No one is running point on this.” . . .

Later:

. . . Last month, he personally briefed the F.B.I. analyst in charge of investigating the WannaCry attack. He was told that the agency had been specifically tasked with WannaCry, and that even though the attack on his company was more invasive and sophisticated, it was still technically something else, and therefore the F.B.I. could not take on his case.

The F.B.I. did not respond to requests for comment. . .

The US will be destroyed because of bureaucratic turf issues.

Written by LeisureGuy

22 June 2017 at 8:37 pm

And Just Like That, Google Becomes The World’s Largest Job Board

leave a comment »

Mark Wilson writes in Co.Design:

Monster. CareerBuilder. GlassDoor. LinkedIn. When you’re looking for a new job, you’re required to dig through countless job boards, managing logins and apps. Or it did. Now you can just google it.

Starting today, when you search something like “jobs near me” or “restaurant jobs in Chicago,” you’ll be ushered to a new part of Google Search called Google for Jobs. Here, you can further specify the opportunity you’re looking for, and Google will list opportunities from some of the largest employer databases on the web (including every site mentioned at the top of this article).

The search tool should do a lot to streamline the job hunt. It can even give you a desktop alert or email notification as new jobs matching your criteria are posted.

But on a broader level, what’s so incredible about this feature is how swiftly and efficiently Google can disrupt an industry, just by adding some new capabilities to the Swiss army knife that is Search.

Google tells Co.Design that no money is exchanging hands to get partners using its new Cloud Jobs API–which is what powers this experience. The company has no plans for monetization of the platform at this time, aside from its standard ad practices. . .

Continue reading.

Written by LeisureGuy

20 June 2017 at 5:17 pm

Workflowy mayo

leave a comment »

I’ve been using Workflowy a lot, and it’s turning out to be surprisingly useful.

It’s an outliner that you run in your browser, and it’s free. Its operation is in general intuitive, but it has some special tricks, so click “Help” and watch all the little 1-minute videos. You can space them out: they’re in order of relative importance and usefulness.

You have just one giant outline, but if you click the bullet for any item, then you get the outline of that item as the main heading, and all the children beneath, with a diagram at the top that allows you to back out by clicking on the level you want.

I in fact just used it after a phone call with TYD in which we exchanged cooking discoveries and ideas, and one thing I contributed was my experience in making mayo with an immersion blender in the little plastic beaker you get with it. The recipe makes one cup, and it is so easy and quick that I no longer buy mayo at all, just make up a cup and use it. When it’s gone, make another cup.

So that’s the node I’m going to share to (a) let you know how I make mayo and (b) let you get a feel for what Workflowy is like.

Again, I have just one giant outline, any level of which can be clicked to make it the top of an outline with its children beneath. Making mayo is just one node way down in my one giant outline, and I’m sharing it with you. Because sharing is fun, as our moms used to say.

Written by LeisureGuy

14 June 2017 at 5:22 pm

Posted in Recipes, Software

Outlook for college grads

leave a comment »

Very interesting column by Danielle Paquette in the Washington Post on the impact of automation and AI on highly compensated jobs (banking, finance, software engineering). The column opens with:

The job title “Wall Street trader” once evoked sleek suits, martini-soaked lunches and chaotic offices  — a gateway to prosperity at a relatively young age. But earlier this year, Marty Chavez, the chief financial officer of Goldman Sachs, revealed that some of the investment bank’s well-paid humans were being replaced by unpaid robots.

Over the last seventeen years, the number of stock traders at the firm has shrunk from 600 to two, he told  a Harvard computer science symposium in January. . .

And it concludes with:

. . .“Investment banking is next on the chopping block,” Webb said. And engineering isn’t off the hook, either. “The next iteration of artificial intelligence,” she said, “is artificial intelligence creating software for itself.”

In one Google Brain experiment, for example, software became better at teaching itself tasks — such as navigating a maze, for example — than the engineers who were charged with making it smarter.

“That obviates the need,” she said, “for a human engineer.”

Written by LeisureGuy

16 May 2017 at 8:15 pm

Jason Koebler switched from Chrome to Opera, and so did I

leave a comment »

Jason Koebler writes at Motherboard:

It’s time to break up with Chrome and all the RAM it eats up.

If the purpose of a web browser is to load, view, and interact with the largest percentage of websites on the internet, then the best web browser in the world is Google Chrome, which can handle just about anything you throw at it. But if you like opening more than a couple tabs at once, Google Chrome is not the browser for you.

Over the last few years, I have grown endlessly frustrated with Chrome’s resource management, especially on MacOS. Admittedly, I open too many tabs, but I’d wager that a lot of you do, too. With Chrome, my computer crawls to complete unusability multiple times a day. After one too many times of having to go into Activity Monitor to find that one single Chrome tab is using several gigs of RAM, I decided enough was enough.

I switched to Opera, a browser I had previously thought was only for contrarians.

This, after previous dalliances with Safari and Firefox left me frustrated. Chrome has a built-in advantage, because web developers optimize their pages for the most popular browser (Chrome!). And so as Chrome gets more popular, its compatibility continues to get better while Safari’s and Firefox’s would suffer (at least in theory). Safari uses an engine known as WebKit and Firefox uses Gecko, while Chrome is built on an engine called Blink, which is used in all Chromium-based browsers (Chromium is a fully featured, open source browser that served as the backbone for Chrome).

Safari manages resources well but didn’t work great with a lot of streaming video. More importantly, Safari doesn’t use favicons (the tiny icons on the tab that tell you what site you’re on), which, can I just say, is a WILD design decision and a complete deal breaker for anyone who opens a lot of tabs. I found Firefox to be slow and ran into compatibility issues as well—this experiment was over a year ago so I don’t remember the specifics, but I didn’t love it. I spent only a couple hours with the upstart Vivaldi browser before getting frustrated with its non-Chrome-ness.

After several months of using Opera, most of my web browsing problems have been solved. Wednesday, Opera released a new version of its browser, called “Reborn,” which adds in-browser WhatsApp, Facebook, and Telegram messaging. For now, this feature is just a gimmick to me: The real appeal of Opera is that it is essentially Chrome but with a better, less disastrous and less time consuming mechanism of failure.

Because Opera is also based on Blink, I almost never run into a website, plugin, script, or video that doesn’t work flawlessly on it. In fact, Opera works almost exactly like Chrome, except without the resource hogging that makes me want to throw my computer against a brick wall.

This is exactly the point, according to Opera spokesperson Jan Standal: “What we’re doing is an optimized version of Chrome,” he said. “Web developers optimize most for the browser with the biggest market share, which happens to be Chrome. We benefit from the work of that optimization.”

Why I can’t use Chrome anymore

One of the original draws of Chrome was that it handles each tab as a separate process. This means that if one tab crashes, it doesn’t crash the whole browser. This innovation—once the selling point of the browser—is one of the reasons why Chrome is a nightmare to use today. As we started running powerful applications within tabs and as websites became bloated with autoplaying videos, tracking scripts, and ads, each individual tab we open has the potential to be a resource hog. That’s how you end up with a couple tabs using multiple gigs of RAM. Though I’ve tried extensions like the Great Suspender and OneTab, these never felt like full solutions and neither did much to help my problem.

Google has tried to rein in resource-hogging tabs, but in my experience on MacOS, new versions of Chrome haven’t solved the problem. . .

Continue reading.

Written by LeisureGuy

15 May 2017 at 4:20 pm

Posted in Software, Technology

Why your next Echo command should be: ‘Disconnect me from the internet’

leave a comment »

Tim Johnson writes at McClatchy:

Dr. Herbert Lin, one of the nation’s pre-eminent thinkers on cybersecurity policy, shuns the internet-connected devices that fill some American homes.

He’ll have nothing to do with “smart” refrigerators, hands-free home speakers he can call by name, intelligent thermostats and the like.

“People say to me, ‘How can you have a doctorate in physics from MIT and not trust in technology?’ And I look at them and say, ‘How can I have a doctorate in physics from MIT and trust technology?’ ” Lin said.

Part of what he distrusts is the “internet of things,” and the ease with which hackers can penetrate “smart” devices with digital worms and shanghai them into massive robotic networks to launch crippling digital attacks or generate ever greater quantities of spam.

It is a mistrust based on mathematics. Internet-enabled devices are exploding in number. Gartner, a research giant in technology, says the devices will climb from 6.4 billion at the end of last year to 25 billion by 2020. Such growth sharply augments the power of hidden robotic networks, or botnets.

[RELATED: If the NSA can be hacked, is anything safe?]

Now, an unseen battle unfolds. Weaponized digital worms are entering the scene and infecting masses of devices that obediently await instructions from a remote master to spring to action, possibly a new botnet attack.

The threat from botnets is so serious that FBI Director James Comey brought them up at a Senate hearing last week, saying the “zombie armies” created from internet devices can do tremendous harm.

(RELATED: This new Amazon device can give you fashion advice. But, warns UNC prof, what else it is finding out?)

“Last month, the FBI – working with our partners, with the Spanish national police – took down a botnet called the Kelihos botnet and locked up the Russian hacker behind that botnet,” Comey said. “He’s now in jail in Spain, and the good people’s computers who had been lashed to that zombie army have now been freed from it.”

Further botnet attacks are inevitable. . .

Continue reading.

Do read the entire article. One feels a sense of urgency. Later in the article:

Now a new worm, dubbed Hajime – Japanese for “beginning” – is spreading.

The Moscow-based Kaspersky Lab estimated in late April that the Hajime worm had already penetrated 300,000 devices worldwide and could rally them into a botnet army at a moment’s notice.

Written by LeisureGuy

8 May 2017 at 7:09 pm

The dystopian aspect of AI emerges in reality

leave a comment »

AI can be a force for good or not. Adam Liptak in the NY Times describes one problematic aspect—and if you think that’s bad, how about when an algorithm decides that it’s not worthwhile to treat your life-threatening illness?

When Chief Justice John G. Roberts Jr. visited Rensselaer Polytechnic Institute last month, he was asked a startling question, one with overtones of science fiction.

“Can you foresee a day,” asked Shirley Ann Jackson, president of the college in upstate New York, “when smart machines, driven with artificial intelligences, will assist with courtroom fact-finding or, more controversially even, judicial decision-making?”

The chief justice’s answer was more surprising than the question. “It’s a day that’s here,” he said, “and it’s putting a significant strain on how the judiciary goes about doing things.”

He may have been thinking about the case of a Wisconsin man, Eric L. Loomis, who was sentenced to six years in prison based in part on a private company’s proprietary software. Mr. Loomis says his right to due process was violated by a judge’s consideration of a report generated by the software’s secret algorithm, one Mr. Loomis was unable to inspect or challenge.

In March, in a signal that the justices were intrigued by Mr. Loomis’s case, they asked the federal government to file a friend-of-the-court brief offering its views on whether the court should hear his appeal.

The report in Mr. Loomis’s case was produced by a product called Compas, sold by Northpointe Inc. It included a series of bar charts that assessed the risk that Mr. Loomis would commit more crimes.

The Compas report, a prosecutor told the trial judge, showed “a high risk of violence, high risk of recidivism, high pretrial risk.” The judge agreed, telling Mr. Loomis that “you’re identified, through the Compas assessment, as an individual who is a high risk to the community.”

The Wisconsin Supreme Court ruled against Mr. Loomis. The report added valuable information, it said, and Mr. Loomis would have gotten the same sentence based solely on the usual factors, including his crime — fleeing the police in a car — and his criminal history.

At the same time, the court seemed uneasy with using a secret algorithm to send a man to prison. Justice Ann Walsh Bradley, writing for the court, discussed, for instance, a report from ProPublica about Compas that concluded that black defendants in Broward County, Fla., “were far more likely than white defendants to be incorrectly judged to be at a higher rate of recidivism.”

Justice Bradley noted that Northpointe had disputed the analysis. Still, she wrote, “this study and others raise concerns regarding how a Compas assessment’s risk factors correlate with race.”

In the end, though, Justice Bradley allowed sentencing judges to use Compas. They must take account of the algorithm’s limitations and the secrecy surrounding it, she wrote, but said the software could be helpful “in providing the sentencing court with as much information as possible in order to arrive at an individualized sentence.” . . .

Continue reading.

See also this book.

Written by LeisureGuy

2 May 2017 at 1:53 pm

Posted in Law, Software, Technology

%d bloggers like this: