The Soaring Success of Cybercrime as a Company

At the start of the 1992 movie Sneakers, Robert Redford is shown as a youthful hacker, breaking into computer networks and stealing money to give to liberal causes. He avoids being captured and sent to prison only because he is out picking up a pizza. For years, this stereotype of the messy-haired, pizza-eating, solo hacker who often has idealistic motives, prevailed in the media. 

IDG Contributor Network: The theft of tea leaves and the evolution of cyber espionage prevention

More than 200 years ago, a British botanist smuggled a cache of tea plants and seeds out of China and into British-controlled India. Within a couple of years, that theft enabled India to usurp China as the world’s leading tea grower. India is still one of the biggest producers of tea as a result of one of the greatest acts of corporate espionage in history.

The Utah Jazz Might Just Be For Real

Embed Code

Welcome to The Lab, FiveThirtyEight’s basketball podcast. On this week’s show (March 22, 2018), Neil, Chris and Kyle break down the Houston Rockets’ potential. Has James Harden all but locked up the MVP award this year? And is a Rockets vs. Golden State Warriors Western Conference final inevitable? Next, the Utah Jazz are on an impressive tear, moving up in the playoff rankings despite a crowded field. The crew discusses the Jazz’s success and breaks down the unique challenges facing a small-market team. Plus, a significant digit on the Boston Celtics.

An Introduction to Storm Detector Modules

Lightning storm detectors have been around for a surprisingly long time. The early designs consisted of a pair of metal bells and a pendulum. When there was a charge applied, for example by connecting one bell to the ground and the other to a lightning rod, the bells would ring when a lightning storm was close by. In the mid 18th century, these devices were only practical for demonstration and research purposes, but very likely represent the earliest devices that convert electrostatic charge to mechanical force. A bit over a hundred years later, the first lightning detector was considered by some as the first radio receiver as well.

As soon as I found out about storm detector chips, I knew I would have to get one working. For about $25, I ordered an AMS AS3935 module from China. This chip has been featured before in a number of excellent projects such as Twittering lightning detectors, and networks of Sub-Saharan weather stations. While there’s an Arduino library for interfacing with this IC, I’m going to be connecting it up to an ESP8266 running the NodeMCU firware, which means digging into the datasheet and writing some SPI code. If any of the above tickles your fancy, read on!

Unlike the earliest charge-based detectors, this one works by picking up the RF signal produced by distant lightning strikes using a small 500 kHz antenna and doing some digital signal processing.

The detector is capable of differentiating between lightning strikes and other types of RF noise, then using the signal from the lightning strikes to estimate the distance to the stormfront, up to 40 kilometers away. This is quite nice for two reasons: it detects active storms from quite a bit further than you can with your eyes and ears, and it gives you a reasonable idea of how fast the storm is coming in.

It’s easy to think of possible applications. Golf courses, sports fields, pools, and beaches would all benefit from earlier storm detection. Besides outdoor activities, datacenters, airports, and construction crews also need to know about incoming lightning storms.

On my end, I live in Southeast Asia and rainy season can be a little epic. Downpours are very localized, incredibly intense, often cause floods, and occur with little warning. Like most residents I drive a motorbike, and being stuck in traffic or on the highway in that intensity of rain is miserable. Given the option, it’s usually better to stop, have a coffee, and let it pass.

Weather reporting isn’t terribly useful for planning trips because most showers are very localized, short, and frequent. The weather report throughout rainy season is simply “28 degrees Celsius, 75% chance of showers” every day, so adding a storm detector to my motorbike seemed practical and fun. Even if it only works some of the time, it would be fantastic. In fact, I’m surprised I’ve never seen this as a product – if it works, someone please do this.

To the Lab!

Back to our detector, there exists an Arduino library to interface with it, if that’s your style. It looks easy enough to use, but my personal preference is to use NodeMCU and the ESP8266, although it has no built-in library for this chip.

Luckily, we have a datasheet (PDF) for the AS3935, and the chip supports both SPI and I2C interfaces. I had been looking for an excuse to explore SPI in Lua on the NodeMCU, and this was perfect. Since we’re just using plain SPI, hopefully the code will be easier to port to other platforms as well.

Let’s start with the basic setup. To use SPI, the datasheet says that the Select Interface (SI) pin needs to be pulled to ground. I also wanted to use the on-chip voltage regulator, so the EN_V chip needed to be pulled high. Finally, the chip pulls an interrupt pin high on every event detection to let the connected microcontroller know that something interesting has happened.

To improve noise immunity on this pin, I used a 1kΩ pull down resistor to ground (not shown below). The latter was probably not necessary but helped reduce false positives during testing while handling the circuit without an enclosure.

Next, we connect all the pins required by SPI. There are 4: Master Out Slave In (MOSI), Master In Slave Out (MISO), clock (SCK) and Chip Select (CS). I’ve included a small table detailing what these pins are under NodeMCU, keep in mind they’re likely to be different on other platforms.

An important point is that the CS pin is not automatically managed by the NodeMCU during SPI communications. You’ll need to set its value like any other GPIO pin, which we’ll cover later. Before you begin programming, I highly recommend you double-check all your pins are connected correctly. I lost an hour that way and felt silly.

We start by initializing SPI and the relevant pins:

spi.setup(1, spi.MASTER, spi.CPOL_LOW, spi.CPHA_LOW, 8, 256); CS=8 IRQ = 2 gpio.mode(CS, gpio.OUTPUT) gpio.mode(IRQ, gpio.INPUT)

Show HN: Asynchronous HTTP/2 client for Python 2.7

README.rst

Async HTTP/2 Client

A simple asynchronous HTTP/2 client for Tornado applications, based on the awesome h2 library.

Intended for Python 2 (>= 2.7.9).

This package is in a very early development stage, so expect bugs or changes in the API. If you spot anything wrong, or would like to suggest improvements, please open an issue or a pull request.

Example

Usage in a coroutine may be:

from th2c import AsyncHTTP2Client from tornado.httpclient import HTTPRequest client = AsyncHTTP2Client( host='nghttp2.org', port=443, secure=True, ) request = HTTPRequest( url='https://nghttp2.org/httpbin/get', method='GET', ) res = yield client.fetch(request)

Mark Zuckerberg Apologizes For the Cambridge Analytica Scandal, Says He Isn’t Opposed To Regulation

An anonymous reader quotes a report from The Verge: Mark Zuckerberg apologized on Wednesday evening for his company’s handling of the Cambridge Analytica privacy scandal. “This was a major breach of trust and I’m really sorry this happened,” he said in an interview on CNN. “Our responsibility now is to make sure this doesn’t happen again.” Zuckerberg’s comments reflected the first time he apologized following an uproar over how Facebook allowed third-party developers to access user data. Earlier in the day, Zuckerberg wrote a Facebook post in which he said the company had made mistakes in its handling of the Cambridge Analytica data revelations. The company laid out a multipart plan designed to reduce the amount of data shared by users with outside developers, and said it would audit some developers who had access to large troves of data before earlier restrictions were implemented in 2014. Zuckerberg also told CNN that he is not totally opposed to regulation. “I’m not sure we shouldn’t be regulated,” he said. “There are things like ad transparency regulation that I would love to see.”

Other highlights of Zuckerberg’s interviews:
-He told multiple outlets that he would be willing to testify before Congress.
-He said the company would notify everyone whose data was improperly used.
-He told the New York Times that Facebook would double its security force this year, adding: “We’ll have more than 20,000 people working on security and community operations by the end of the year, I think we have about 15,000 now.”
-He told the Times that Facebook would investigate “thousands” of apps to determine whether they had abused their access to user data.

GDPR vs Blockchain: Technology vs the Law

One of the biggest impacts that GDPR will have for consumers (citizens of countries that comply with GDPR, at least) is the right to be forgotten. A person can request that they be removed from a record. What if the record is part of a blockchain? This poses a challenge for blockchain implementations. Blockchains are designed to last forever. Each block has a hash based on its contents, and carries the hash of its predecessor. So when you look at a block on a blockchain, you can trace the block back through its predecessors to the founding block. Changing the contents of a block changes the block’s hash. If a block’s hash changes, the successor blocks will no longer reference it. They point to the original, valid, block. Rebuilding the chain with the replacement block means the hash for each successive block will have to be recalculated, which is an enormous computational task. In Figure 1, we see part of a blockchain showing three blocks. Block 36 contains the hash for block 35, some data (DATA yyyyy) and its own brand new hash (HASH 36). Note that some of the data may include the identity of the creator of that data – the miner who computed the hash. If the data changes, the value of HASH 36 will change. Subsequent blocks will not point to it.

BrandPost: Mitigating Personal Cyber Risk

The biggest security challenge facing individuals and businesses today isn’t scale. It’s hyperconnectivity. The various devices and applications being used in homes or at organizations have now become so intertwined that it’s hard to keep them separate. The cloud allows users to access data and information from any device with a Wi-Fi connection or data plan, and IT consumerization encourages those same users to download new applications and storage solutions to use and share across a wide variety of devices.

GoPro to license camera lenses and sensors to third party manufacturers

GoPro is today announcing a multi-year deal with Jabil that aims to put GoPro technology in everything from police body cameras to video conferencing solutions. Through this agreement, Jabil will use GoPro’s design and intellectual property for use in approved third-party devices. This is the first time GoPro is letting other manufacturers build products with GoPro parts. The products will not be branded GoPro at this time.

Samsung’s Galaxy S9 is the way to wean yourself off of DSLRs

Samsung has a new smartphone out, the Galaxy S9 (and S9+). It’s the latest flagship from one of the top smartphone makers in the world, but this year’s version has a lot in common with last year’s model, at least on the surface. The big focus (lol) this year was on the camera, and for good reason: Samsung stepped up its game significantly in this department with this update, and it comes closest to any smartphone camera I’ve tried yet to replicating some of the aspects of traditional photography that I love.