|
|
Please Pardon the Dust
|
Due to a technical issue with a WordPress plug-in, some of the pages of the cébé website, including the archive of past issues of the KIT, were unavailable last week. It looks like we have fixed the issue. Thank you for your patience.
|
|
Device Sanitization Procedures
|
The US Computer Emergency Response Team (US-CERT) has published Security Tip ST18-005, entitled Proper Disposal of Electronic Devices. This short document contains instructions, well-known to security professionals, on how to properly wipe data off of a device (laptop, tablet, smartphone, etc.) before disposing of it.
Companies would be well advised to distribute this document to their employees, who often hold some work-related data on personal devices.
|
|
Baby Steps in Secure Electronic Voting
|
During the recent U.S. "midterm" legislative elections, 140 voters from West Virginia who reside out of the country were able to vote using a mobile application from Voatz that relies on facial recognition and blockchain to secure the voting process. This Washington Post article explains the pilot project.
Not only is it a very small-scale project (the article title wildly exaggerated it as "the biggest blockchain-based voting test ever") but whether it was really tamper-proof and could prevent vote buying or coercion is open to discussion (read the article for details).
|
|
Award for the Vague Obvious Statement of the Month
|
And the November award goes jointly to... the CEO of Jaguar Land Rover, Ralph Speth, and Reuters Business News for the earth-shattering statement that "the self-driving car industry needs standards and security." The success of the industry depends on "standards for key equipment, a wide-reaching 5G broadband network, [...] strong partnerships, [and] unified and clear guidelines for safeguarding driver information and privacy." Since there are few details on how to achieve this, and the article would have been too short as a result, the author or editor just repeated each point several times.
|
|
A Data Breach Can Hide Another One
|
The leak of records for 500 million customers of the Marriott Hotel chain just made the news, but a few weeks earlier we learned that American Express (Amex) India had exposed 700,000 cardholder records, stored in plaintext on a MongoDB server that was not password-protected. See this ZDnet article for more details.
This shows once again that failure to take very basic security precautions is a key cause of data breaches, even at large companies. No wonder regulators are moving to punitive measures, such as those in the EU's GDPR, to make companies take security measures seriously.
|
|
Private-to-Public Cloud Migration
|
An Information Age article from four weeks ago tells of the adoption of Amazon Web Services by the Guinness Book of World Records, which is increasingly moving to digital content delivery. A key benefit of moving to a public cloud was the ability to scale up rapidly when the announcement of a new record causes a spike in traffic.
Thanks to John McLaughlin for featuring this in his IT News and Events newsletter.
|
|
LASER 2019
|
The program of the LASER Foundation's 15th Summer School on Software Engineering has been published. As usual, the event will take place on Elba Island, Italy; the dates are June 1-9, 2019. This edition will be devoted to "the complementarity and confluence of Artificial Intelligence, Machine Learning and Software Engineering." |
|
|
Seen Recently... |
"Let's go invent tomorrow instead of worrying about what happened yesterday."
-- Steve Jobs, quoted on Twitter by
Catherine Havasi, co-founder of Luminoso,
a company that uses natural language processing (NLP) for sentiment analysis
"Our reliance on automated systems needs to be balanced with a continued ability to manually execute as a fail-safe."
-- Tweeted by
Thomas Fischer, after "sitting here over 5 mins on the
taxiway because the automated docking system was having a problem."
|
|
|