Serious flaw in WPA2 protocol lets attackers intercept passwords and much more
Unless you live on another planet, you’ll have heard about last week’s bad news: WiFi is broken and your network is most likely insecure now.
Researchers have disclosed a serious weakness in the WPA2 protocol that allows attackers within range of vulnerable device or access point to intercept passwords, e-mails, and other data presumed to be encrypted, and in some cases, to inject ransomware or other malicious content into a website a client is visiting. The proof-of-concept exploit is called KRACK, short for Key Reinstallation Attacks.If you want to try it for yourself, the PoC is on Github and all the additional info you need are on the official website. Check out the list of companies potentially affected here and who’s already fixed it (or not).
The World Once Laughed at North Korean Cyberpower. No More.
Scary times: while the world is fixated on its nuclear missiles, North Korea has also developed a cyberattack program that is stealing millions and unleashing havoc.
When North Korean hackers tried to steal $1 billion from the New York Federal Reserve last year, only a spelling error stopped them. They were digitally looting an account of the Bangladesh Central Bank, when bankers grew suspicious about a withdrawal request that had misspelled “foundation” as “fandation.” Even so, Kim Jong-un’s minions still got away with $81 million in that heist.
Big data meets Big Brother as China moves to rate its citizens
It’s 1984 in China! It’s both fascinating and very scary.
Imagine a world where many of your daily activities were constantly monitored and evaluated: what you buy at the shops and online; where you are at any given time; who your friends are and how you interact with them; how many hours you spend watching content or playing video games; and what bills and taxes you pay (or not). It’s not hard to picture, because most of that already happens, thanks to all those data-collecting behemoths like Google, Facebook and Instagram or health-tracking apps such as Fitbit. But now imagine a system where all these behaviours are rated as either positive or negative and distilled into a single number, according to rules set by the government. That would create your Citizen Score and it would tell everyone whether or not you were trustworthy.
Technology / AI / Blockchain
Welcoming Our New Robot Overlords
Robots used to assist human workers, now it’s the other way around.
Automation was bringing greater and greater efficiency, even though, at a certain point, the logic of increasing efficiency would catch up with him, and he wouldn’t be around any longer to witness it. One day, the factory might go dark. In the meantime, he was enjoying the advantages of work that involved less work.
Robots Are Coming for These Wall Street Jobs
Wall Street is entering a new era, see how robots and AI will change the way traders work.
Banks and investment funds have been tinkering for years, prompting anxiety for employees. Now, firms are rolling out machine-learning software to suggest bets, set prices and craft hedges. The tools will relieve staff of routine tasks and offer an edge to those who stay. But one day, machines may not need much help.
Spotify’s Discover Weekly: How machine learning finds your new music
See how Spotify creates your Discover Weekly playlist.
There are three main types of recommendation models that Spotify employs: Collaborative Filtering models (i.e. the ones that Last.fm originally used), which work by analyzing your behavior and others’ behavior. Natural Language Processing (NLP) models, which work by analyzing text. Audio models, which work by analyzing the raw audio tracks themselves.
Development / Design / DIY projects
Web development explained to a time traveler from 10 years ago
Great summary of where the web is today.
I’m glad that you’re still interested in computers! Today we have many more of them than we did 10 years ago, and that comes with new challenges. We wear computers on our wrists and faces, keep them in our pockets, and have them in our fridges and kettles. The cars are driving themselves pretty well, and we’ve taught programs to be better than humans at pretty much every game out there — except maybe drinking.
OverTheWire: Wargames
Test your hackers skills with this game.
The wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of fun-filled games.
Practical Public Key Cryptography
Public key cryptography in a nutshell.
Today you can send an encrypted message to anyone. This is accomplished by the use of a pair of keys: one public key and one private key. The key properties are such that when something is encrypted with the public key, only the private key can decrypt it and vice-versa. (…) But the game changer is that the public key doesn’t have to be kept secret. This allows cryptography to be used for authentication — proving who someone is — as well as for encryption, without requiring you to have previously exchanged secrets.
Bits and pieces
Chase just bought WePay. Google Just Made Gmail the Most Secure Email Provider on the Planet. Alibaba Group announced the launch of an innovative global research program called “Alibaba DAMO Academy.“
Check out Woebot, the AI for mental health. See how this guy sold his SaaS business. Also, apparently you shouldn’t design your emails and stick to plain text. If you find MailChimp too expensive, check this: MailChimp vs. Amazon SES — How I Reduced My Monthly Bill by 92%.
See how this guy Snatched 153,037 ETH After A Bad Tinder Date. Serious Crypto-Flaw Lets Hackers Recover Private RSA Keys Used in Billions of Devices. And finally, want to see something crazy? Open this link on your phone with WiFi turned off.