SiliconANGLE: How the International Red Cross aims to make civilian wartime hacking more humanitarian

The role of civilian hackers during warfare continues to expand, and now at least one group is trying to set up some rules of engagement. But whether the proposal from the International Committee of the Red Cross announced Wednesday will gain any traction and make these attempts more humane is anyone’s guess. In this story for SiliconANGLE, I review the roles that civilian hackers have played in previous conflicts, how the Russian/Ukrainian war has escalated civilian participation, and what this new proposal means for future conduct.

 

Review: The Roaring Days of Zora Lily

A book cover of a person

Description automatically generatedAs a man with absolutely no fashion sense I was surprised that I was drawn into this novel and how much I absolutely loved its characters, plot lines, and settings. At its heart is a love story that spans the past century. It centers on the life and career of the title character, who becomes an expert dressmaker and designer. She has the ability to feel her fabrics, sense the style and shape of her work which spans everyday wear to movie costumes. The story is told from two perspectives: besides Zora’s narrative which mostly takes place in the 1920s (hence the title), there is a no-so-small matter of a Smithsonian curator who is putting together a show of period costumes who finds out about Zora’s past. This book is just a sheer delight, and even though I couldn’t tell you whether some hem was dropped, set, or whatever, it was still a great read with fascinating descriptions not just of the clothes but the whole design ethos surrounding their art, creation and craft. Very highly recommended. Buy it on Amazon.

SiliconANGLE: After 10 years of crypto scammers, there is still a rocky road ahead

Running a criminal cryptocurrency enterprise has certainly gotten more complicated.

It was 10 years ago this week when Ross Ulbricht walked into a branch of the San Francisco public library to spend another day running the Silk Road, his marketplace for buying and selling illegal and questionable goods. He walked out in handcuffs after an elaborate sting operation carried out by the FBI. This week, the scene shifts to a downtown New York City courtroom, where former FTX Trading Ltd. founder and former Chief Executive Sam Bankman-Fried faces 12 counts that he attempted to defraud investors for his various alleged crypto-related schemes.

Although the two events deal with vastly different parts of the criminal justice system, they are notable bookends in the past decade for the rise and fall of cryptocurrencies, along with associated technologies regarding blockchains, smart contracts and other elements of this universe.

You can read my analysis of this historic moment in SiliconANGLE here.

SiliconANGLE: This week’s news

I have known John Kindervag for many years, going back to the days when Novell Netware was a major power and Interop a must-see international conference. Yes, those dinosaurs have become extinct, but John soldier’s on with promoting zero trust networking far and wide. Now he is with Illumio, which seems like a great fit. I interview him for a post here.

Have you heard the term purple teams in reference to IT security? There is yet another new vendor on the purple scene, and the purple trend is catching on, albeit slowly. The notion is to have both defenders and attackers collaborate, and learn something from each other. Here is my take on the situation.

Finally, there has been yet another NFT hack, this time with one of the OG NFT marketplaces OpenSea. It is not their first time when funds were stolen. You would hope by now they would have gotten their act together. Here is my post about the situation.

SiliconANGLE: Security threats of AI large language models are mounting, spurring efforts to fix them

A new report on the security of artificial intelligence large language models, including OpenAI LP’s ChatGPT, shows a series of poor application development decisions that carry weaknesses in protecting enterprise data privacy and security. The report is just one of many examples of mounting evidence of security problems with LLMs that have appeared recently, demonstrating the difficulty in mitigating these threats. I take a deeper dive into a few different sources and suggest ways to mitigate the threats of these tools in my post for SiliconANGLE here.

 

SiliconANGLE: California stays ahead on state privacy protection

California has become the latest state to enact a special law regulating how consumers can remove themselves from data brokers. The Delete Act was passed this week and it’s now up to Governor Gavin Newsom to sign it into law. But it has already led to similar laws and bills being proposed in other states in next year’s legislative sessions.

My summary of the past summer’s privacy laws enacted across the country, what makes California stand out, and the problem with data brokers all can be found in my latest piece for SiliconANGLE here.

SiliconANGLE: Deepfake cyberthreats keep rising. Here’s how to prevent them

As expected, this summer has seen a rise in various cybersecurity threats based on deepfake audio and video impersonations.

Despite warnings from the Federal Bureau of Investigation in June, it’s now quite common to experience these types of threats. The fakes are used to lend credibility to larger exploits, such as for a phishing email lure or a request from a superior. These can run the gamut of executive impersonation, performing various forms of financial fraud and obtaining stolen account credentials. My story for SiliconANGLE provides some perspective.

SiliconANGLE: A network observability protocol standard gets a big boost

A networking protocol that has been under development for four years got a boost from both F5 Inc. and ServiceNow Inc. this week.

Called OpenTelemetry — OTel or OTLP for short — the protocol has been endorsed by dozens of vendors and has a curious mixture of open- and closed-source code to help advance the cause of observability, as it is now called. If refers to the broad collection of log analyzers, metrics and network traces that are used to figure out what’s happening inside a digital infrastructure.

OTLP was designed to be extensible, efficient and useful in a number of situations. For example, it can help analyze server log collections and share network trace data between different providers’ products. There is more in my story for SiliconANGLE here.

SiliconANGLE: Beware of insecure networked printers

Despite promises of a paperless office that have origins in the 1970s, the printer is still very much a security problem in the modern office.

And even if Microsoft Corp. will succeed in its efforts to eradicate the universe of third-party printer drivers from its various Windows products, the printer will still be the bane of security professionals for years to come. The problem is that the attack surface for printer-related activities is a rich one, with numerous soft targets.

Taking care of insecure printers isn’t easy, here is a trip down memory lane for my latest post for SiliconANGLE.

SiliconANGLE: It’s the end of the line for the outdated TLS

An aging core internet protocol is finally getting the ax by Microsoft Corp.

But it wasn’t just last month’s announcement that the software vendor was ending support for versions 1.0 and 1.1 of Transport Layer Security, or TLS, but that it was actually dropping the support from the impending release of the latest beta version of Windows 11. This means it is time to locate and update your aging TLS 1.0 and 1.1 systems, Windows 11 will disable by default in its next preview release.

You can read my story in SiliconANGLE here