https://www.spektrum.de/video/chatten-mit-einer-emotionalen-ki/1593702
Author: mfeilner
The Evolution of Trust – Game theory tells us how trust emerges
… and what you can do about it. http://ncase.me/trust has a great, in fact the best explanation I have seen so far. (From my Leadership presentation).
The challenges with the open-source model
Reality update: Open source and the demise of proprietary software – Timescale … :
“The challenges with the open-source model
Developing a successful open-source project is not easy As we can see from its history, there has always been a tension in open source: e.g., philosophical licenses focused on preserving “freedom” vs. permissive licenses taking a pragmatic approach. But there are two larger tensions today: (1) how to balance openness with sustainability and (2) how to manage the transition to the cloud.“
Advanced attacks on Microsoft Active Directory
Reality update: Positive Technologies – learn and secure : Advanced attacks on Microsoft Active Directory: detection and mitigation … Nice…:
“An example of DCShadow confirms that new enterprise attack vectors appear. It is essential to stay on the crest of the wave in this ocean of information security, look ahead, and act quickly.“
Remember Chinese Spy Chips? It’s complicated – and probably a hoax
Reality update: Hype um “chinesische Spionagechips” kommt vom Pentagon – fm4.ORF.at …
Especially regarding:
“Die Sensationsmeldung des Wirtschaftsportals Bloomberg über manipulierte Hardware für Cloud Computing stellt sich im FM4-Faktencheck als fast völlig faktenfrei heraus. Am Freitag kam ein langerwarteter Bericht des Pentagon heraus, der vor der Elektronikfertigung in China warnt. (…) Der Börsenkurs des Motherboard-Herstellers Supermicro wurde fast halbiert, etwa 500 Millionen Dollar an Börsenwert gingen verloren. (…) In Folge gingen auch völlig unbeteiligte Hardwarefertiger aus China in den Börsenkeller, Lenovo etwa notierte am Freitag bei minus 15 Prozent. Insgesamt gingen damit mehrere Milliarden Dollar an Börsenwert den großen Datenstrom hinunter, obwohl erst Supermicro, dann Amazon und Apple in scharfen Worten dementiert hatten. Diesen Dementis folgte noch ein weiteres und zwar von Bloomberg selbst, direkt am Ende des Artikels: „Auch Bloomberg LLP ist Kunde von Supermicro. Laut einem Sprecher des Unternehmens sind keine Indizien gefunden, dass die von Bloomberg benutzte Hardware solche Probleme aufweist, wie sie im Artikel beschrieben sind.” ”
Strange, um?
Hvar September/October 2018
Ridiculously Complicated Algorithms
The terrifying, hidden reality of Ridiculously Complicated Algorithms
God is in the machine Carl Miller on the terrifying, hidden reality of Ridiculously Complicated Algorithms
Software’s Tay Bridge…
The Age Of Invisible Disasters · Privacy, Power, & Protection In The Cyber Century
Software’s Tay Bridge The Therac-25 X-ray machine killed several people around the world. All of them died a prolonged and horrible death by massive radiation overdose.
Markus Feilner’s OpenVPN Trainings at Linuxhotel
Update 2019: After many years of wonderful trainings, I won’t be available at Linux Hotel anymore. Sad, but understandable. My new employer, Heise, is offering trainings and conferences, too, and thus we may see each other there one day… Here’s the old text. Thank you Ingo, Martin, and all the others at this great Essen venue!
Since 2010 Markus Feilner has been sharing his Open VPN know-how in the wonderful location of the Linuxhotel in Villa Vogelsang in Essen, Germany. The wonderful hotel and training center are situated in a green and fresh park on a cliff above the Ruhr river. Its exclusive amenities range from sauna and spa to excellent food and extraordinary ideas for the evenings. (Watch the video beneath this post!)
Usually, Markus’ Open VPN training lasts for three days and covers basics, administration and advanced features of Open VPN in hands-on sessions. Whereas the first day is full of basic concepts and theory, day 2 and 3 will give participants hours of guided work with setup and exploring the abundance of Open VPN servers and clients, including deep dives into individually agreed on features.
Contact us or the Linux Hotel directly for requests about the class specified here: https://www.linuxhotel.de/kurs/openvpn/. Giving trainings at Linxhotel has always been a great pleasure, also because there are a lot of interesting and highly skilled parallel classes going on at the venue, the participants and trainers of which you will meet at lunch, breakfast, dinner, in the park or at the evening events. Linuxhotel is my favorite venue for any kind of training.
First kontact: New presentation (held at Akademy Vienna 2018)
In a few minutes I will give this presentation here at KDE Akademy in Vienna. It’s more technical than others by yours truly, but simply a report of how I am using Mail and Groupware on Linux. Here’s the description, here’s the slide deck.
Here’s why you should never have a smart TV
How Smart TVs in Millions of U.S. Homes Track More Than What’s On Tonight – The New York Times….
https://www.nytimes.com/2018/07/05/business/media/tv-viewer-tracking.html
Office 365 compromised – would you still trust Microsoft?
Using the Office 365 Activities API to Investigate Business Email Compromises…. MSO 365 has an undocumented API for forensics, where you can curl a user’s activity report.
EFF Border Search Pocket Guide | Electronic Frontier Foundation
Very important and insightful help for all of you that might travel to the USA or similar surveillance states. “Reduce data, encrypt, switch off and dont use biometrics“
What is an “Exploit” – German article explains
Have an hacker explain why an “exploit” is like an access or an unwanted access permission to your system. Nice read, albeit German.
https://www.golem.de/news/hacker-was-ist-eigentlich-ein-exploit-1806-134909.html
A new approach to Security? Post-Infection Thread Hunting
Reality update: A New Paradigm For Cyber Threat Hunting … :
“Threat hunting requires a shift to a post-infection mentality and sets of tools such as SIEM (security incident and event management), EDR (endpoint detection and response) and NDR (network detection and response). Even with these tools, threat hunting is a challenge for a variety of reasons. For one thing, these solutions are “heavy.” They require some kind of data collection that involves installing agents on endpoints and/or hardware placed on networks. This can get quite expensive for a large enterprise.“
Do good and talk about it might bring you to jail in the US
Reality update: Marcus Hutchins, WannaCry-killer, hit with four new charges by the FBI … :
I do not think the whole story is clear yet, but my intuition tells me to doubt the US version of this story – and I know many people are thankful to Mr. Hutchins for stopping Wannacry, however accidentally that may have been. But what is going on in the court room here? I can’t tell. But the sad part is – as long as it remains unclear, this guy is another Snowden, locked away from home:
“Hutchins, who is living in Los Angeles on bail, is unable to leave the United States since last year due to his pending criminal charges. Hutchins stormed to fame and hailed as a hero earlier last year when he accidentally stopped a global epidemic of the WannaCry ransomware attack that crippled computers all across the world.“
Vacation in Russia anybody? Your VPN may be forbidden – and you could be fined…
Reality update: Russia to Fine Search Engines for Linking to Banned VPN services … :
“According to the bill, individuals who break the law will face fine of 3,000 to 5,000 rubles (approx. $48 to $80), officials will face fines up to 50,000 rubles (approx. $800), and legal entities could be fined 500,000 to 700,000 (nearly $8,019 to $11,227), reports Russian State Duma Government site.“
Oscilloscope based extraction of Bitcoin PIN
… : “Congrats to excellent work by Jochen Hoenicke on using an inexpensive oscilloscope to monitor the power drawn by a TREZOR bitcoin wallet to determine what data it was processing.“
Roko’s Basilisk … a scary thought experiment
Reality update: Roko’s Basilisk: The most terrifying thought experiment of all time. … :
“Believing in Roko’s Basilisk may simply be a “referendum on autism,” as a friend put it. But I do believe there’s a more serious issue at work here because Yudkowsky and other so-called transhumanists are attracting so much prestige and money for their projects, primarily from rich techies. I don’t think their projects (which only seem to involve publishing papers and hosting conferences) have much chance of creating either Roko’s Basilisk or Eliezer’s Big Friendly God. But the combination of messianic ambitions, being convinced of your own infallibility, and a lot of cash never works out well, regardless of ideology, and I don’t expect Yudkowsky and his cohorts to be an exception. I worry less about Roko’s Basilisk than about people who believe themselves to have transcended conventional morality. Like his projected Friendly AIs, Yudkowsky is a moral utilitarian: He believes that that the greatest good for the greatest number of people is always ethically justified, even if a few people have to die or suffer along the way.“
Blokada – Efficient Filtering of Ads and Trackers on Android
This is one of the best tools for Google’s broken mobile OS I have ever found. Thanks to my deer friend Dmitri Popov, I am now blocking thousands of Ads I wasn’t even aware of. No root access required, a great tool. You will only need F-Droid for installation, because of course Google and the other big three don’t like this at all.