Category Archives: News

Auto Added by WPeMatico

DNA techniques could transform facial recognition technology

When police in London recently trialled a new facial recognition system, they made a worrying and embarrassing mistake. At the Notting Hill Carnival, the technology made roughly 35 false matches between known suspects and members of the crowd, with one person “erroneously” arrested. Camera-based visual surveillance systems were supposed to deliver a safer and more secure society. But despite decades of development, they are generally not able to handle real-life situations. During the 2011 London riots, for example, facial recognition software contributed to just one arrest out of the 4,962 that took place. The failure of this technology means visual…

This story continues at The Next Web

Powered by WPeMatico

360 video shot over North Korea shows a sprawling, empty metropolis

Singaporean photographer Aram Pan was recently given a once-in-a-lifetime opportunity when North Korean officials allowed him to shoot and release 360 video on a short flight over the capitol city of Pyongyang. The significance of this being the “world’s first” 360-degree overhead video comes from the perpetual media blackout in the Democratic People’s Republic of Korea – which is heavily enforced under dictator Kim Jong Un. The state restricts photography of all kinds and censors media with an iron fist. Pan credits his approval to shoot and release the footage with his attitude toward the North Koreans, in an interview…

This story continues at The Next Web

Powered by WPeMatico

That’s a wrap! NASA spacewalkers install new HD video camera on space station

NASA astronauts finished up this month’s trio of spacewalks with a nearly seven-hour-long outing today — highlighted by the installation of a new HD camera on the International Space Station’s exterior, plus the replacement of a faulty camera-light assembly on the end of the station’s robotic arm. After the robotic arm’s “hand” was replaced on Oct. 5, NASA noticed that the camera-light assembly wasn’t focusing properly, which prompted the replacement. Spacewalkers Randy Bresnik and crewmate Joe Acaba also took care of some get-ahead tasks.

Powered by WPeMatico

Satellite readings track how climate change is thinning out mountain glaciers

Mount Rainier elevation change
This map shows the elevation change of Mount Rainier glaciers between 1970 and 2016. The earlier observations are from USGS maps, while the recent data use the satellite stereo imaging technique. Glacier surface elevations have dropped more than 40 meters (130 feet) in some places. (University of Washington Photo / David Shean)

Elevation readings captured by satellites confirm that glaciers in the western United States are fading away at a worrisome rate.

The fade-out isn’t a surprise, considering the rise in global mean temperatures that’s ascribed to climate change. The new twist has to do with how the measurements were made.

University of Washington researcher David Shean looked back at satellite readings that have been amassed in databases, plus fresh readings that are being taken by DigitalGlobe’s constellation of GeoEye and WorldView satellites.

An analysis of the data, facilitated with NASA’s Ames Stereo Pipeline software, produces a 3-D elevation model of mountainous terrain. The method supplements other techniques to estimate glacier size, including area measurements based on aerial imagery and depth measurements made using stakes in the snow.

The result is a year-by-year record tracing the ups and downs of a glacier.

“I’m interested in the broad picture: What is the state of all of the glaciers, and how has that changed over the last 50 years?” Shean, who is now a research associate with the UW’s Applied Physics Laboratory, said today in a news release.

Shean is due to present his findings at Seattle’s Washington State Convention Center on Sunday during the Geological Society of America’s annual meeting.

Mountain glacier map
Satellite readings are being collected for all the shaded areas in late spring and late fall. Mountain glaciers are shown in blue. (UW Graphic / David Shean)

Thanks to the fresh data, the satellite elevation readings can provide a twice-yearly assessment of roughly 1,200 mountain glaciers in the Lower 48 states, down to a resolution of about a foot. Most of the glaciers are in Washington state, and Shean is paying special attention to Mount Rainier.

He estimates that Mount Rainier has lost about a cumulative total of 900 million cubic yards of ice since 1970. If that volume could be distributed evenly across all of Rainier’s glaciers, it would amount to the disappearance of a 25-foot-deep layer of ice.

Of course, the ice loss isn’t distributed evenly. Lower-elevation glaciers have been especially hard hit.

“There are some big changes that have happened, as anyone who’s been hiking on Mount Rainier in the last 45 years can attest to,” Shean said. “For the first time we’re able to very precisely quantify exactly how much snow and ice has been lost.”

Mount Rainier’s level of loss is consistent with what readings from the other glaciers are showing, Shean said.

The comprehensive snapshots of glacial elevation should help resources planners anticipate what’s coming in the decades ahead, and how to plan accordingly.

“We want to know what the glaciers are doing and how their mass is changing, but it’s important to remember that the meltwater is going somewhere. It ends up in rivers, it ends up in reservoirs, it ends up downstream in the ocean. So there are very real applications for water resource management,” Shean said. “If we know how much snow falls on Mount Rainier every winter, and when and how much ice melts every summer, that can inform water resource managers’ decisions.”

Co-authors of the research that Shean will present at the GSA meeting include Anthony Arendt, Erin Whorton, Jon Riedel and Andrew Fountain. The work was funded by the National Park Service, the U.S. Geological Survey and NASA.

Powered by WPeMatico

LinkedIn ‘open to the idea’ of original video content and streaming NFL games

LinkedIn CEO Jeff Weiner, Microsoft CEO Satya Nadella and LinkedIn Chairman Reid Hoffman. (Microsoft Photo)

Netflix. Hulu. Amazon Video.


The Microsoft-owned business social network, best known for displaying the career histories of tens of millions of people, may create or buy its own original video content shows, including the possibility of joining the parade of tech giants bidding on NFL games, according to a report in The Information.

LinkedIn CEO Jeff Weiner made the remarks Friday at The Information’s Subscriber Summit in San Francisco, noting that shows such as reality TV hit “Shark Tank” is the style of programming that could resonate with LinkedIn users.

And while Weiner admitted to being “late” to video, he noted that the company would consider bidding on NFL video rights.

Earlier this year, Amazon reportedly paid $50 million to stream 10 NFL games this season, beating out tech opponents like Facebook, Google, and Twitter, which streamed games last season.

A move by LinkedIn into video could boost engagement on the social network, and possibly allow the company to grow its subscription revenue.

Apple is also among the tech giants looking to secure video programming, as the company is reportedly spending $1 billion to produce original content over the next year.

LinkedIn sold to Microsoft late last year for $26 billion, the largest acquisition in Microsoft’s history. In the interview, Weiner also discussed Salesforce’s attempt to buy LinkedIn, saying they would have been a different type of partner.

Powered by WPeMatico

‘Mr. Robot’ Rewind: Backdooring a monitor for FBI surveillance in Episode Two

(USA Network Photo)

 [Spoiler Alert] Yarr, me matey. There be spoilers ahead! Consider yourself warned. Seriously though, this article describes the latest Mr. Robot episode (Eps3.1_undo.gz) in deep technical detail. If you haven’t seen it yet, you might want to revisit this article later.

Wow! Another episode full of hacks and plot surprises. If “Mr. Robot” keeps up this pace for a full season, I may lose all my hair. So much happened with the storyline in this episode that it’s hard to focus on hacks alone… yet that’s what the Mr. Robot Rewind series is here for.

If you’ve ever found yourself wondering, is this hack too good to be true? Or, could this happen in real life? Well then, you’ve come to the right place. In this article series, I analyze the hackuracy of every “Mr. Robot” episode.

This week’s episode was full of subtle hacks that happened so quick some might have missed them. So, let’s jump right in, and dissect the details.

Harvesting passwords to expose corrupt managers

This week’s episode starts off with a purposely repetitious montage of Elliot’s daily life at his new E Corp job. The sequence is a masterfully-crafted, though cynical take on corporate life in America, with routine rote tasks, dull cubicles, and corrupt (and inept) middle management.

During this time, Elliot’s goal is to ensure the Stage 2 attack will never succeed. Though he’s removed the UPS backdoor and Dark Army’s remote access into E Corp’s network, he still wants to make sure they can’t carry out their plans if they find their way back in.

He starts by slowly trying to convince his managers of the business value of not consolidating all their records in one place. Besides presenting a single point of failure, shipping all the records to one place would cost more than just scanning them locally. While he’s crafting his presentation, and slogging through corporate bureaucracy, we also learn that he’s hacked E corps shipping system, to ensure that none of the paper records end up at the New York office, despite the system records showing them arriving (we don’t see this hack, so nothing to analyze).

However, his management presentations don’t go as well as his shipping hacks, so that’s when he reverts to hacking them to unveil their secrets.

LATEST IN A SERIES: Corey Nachreiner, CTO at Seattle-based WatchGuard Technologies, is reviewing episodes of Mr. Robot on GeekWire. The show airs on USA Network on Wednesdays at 10 p.m. Join the conversation on Twitter using #MrRobotRewind, and follow Corey @SecAdept.

During the quick montage, you see two hacks — one technical and one simple. However, with only seconds of screen time, these subtle hacks were easy to miss. In both cases, Elliot figures out his boss’ corporate passwords so that he can access their emails and other records.

He first hacks direct manager, William Braddock’s, password. Braddock strangely reminds me of Dilbert’s “pointy haired boss.” In any case, Elliot doesn’t explain this hack at all, but by freeze framing his screen you can figure it on. Elliot is using a module from a tool we’ve seen him use before, the Social Engineers Toolkit (SET). This tool has many modules, but one is called Credential Harvester. Without going into all the details, this tool helps attackers create phishing sites. The tool will automatically copy a website, and host a fake version of it. If you get a victim to visit the fake site, and enter their credentials, you capture them in the clear. There’s a good write-up on how this works here.

Based on the screenshots in the show, it appears Elliot targeted this tool to E Corp’s Outlook Web Access (OWA) email server. I would presume he sent some email to Braddock that linked to the fake E Corp server, which Braddock fell for. One shot shows Elliot running the “tail” command on the credential harvester log file, which reveals Braddock’s username and password captured from the fake OWA site.

Figure 1: Elliot captures boss’s password with Credential Harvester.

This hack is entirely realistic. And, using the stolen credential, Elliot gets into Braddock’s email, and learns his manager is purposely installing rootkits on E Corp’s smart devices, such as their Ephones, TVs and even microwaves (which I believe is an inside joke based on Kellyanne Conway’s silly microwave spying comments). Braddock is then selling the private customer information he steals from these devices. Elliot leaks this info to the FBI to get his boss arrested.

Figure 2: Elliot learns his boss backdoors E Corp smart appliances

Braddock gets replaced with Peter McCleery, who’s just as unreceptive to Elliot’s paper record presentation. Elliot’s next password hack is much more simplistic. He merely “shoulder surfs” his boss’s password, which just means he literally watches McCleery type it.

Figure 3: Elliot shoulder surfing Mccleery’s password

While shoulder surfing is definitely a classic hacker tactic, I do find this “hack” slightly less realistic for today’s standards. First, Elliot must have pretty darn good eyesight to read a phone from that far across the room. More importantly, however, how many passwords have you entered lately where you actually saw the letters you typed? Not many, right? Most programs will replace letters with asterisks or something similar. I find it pretty unlikely Elliot would happen to see his boss use the one app that doesn’t obscure passwords today.

This scene seemed a bit like Hollywood convenience to me. Nonetheless, it’s not entirely implausible. I’ll give it a grade of, “unlikely and lucky, but not unrealistic.”

In any case, once Elliot has Peter’s password, he again checks his personal email and learns that Peter is modifying car firmware to hide bad emissions (a nod to the real-life story where VW did just that). Elliot turns the guy over to the FBI too, and the cycle continues. Those were the only two quick hacks we see during this period, but apparently Elliot cleans house, outing a ton of corrupt managers and E Corp.

Protecting E Corp’s UPS with signed firmware

Besides redistributing the paper records, Elliot wants to keep Dark Army from hijacking E Corp’s UPS backup power with malicious firmware that might cause an explosion. In a quick scene, Elliot describes how he modifies and updates the firmware to only accept updates with a valid E Corp digital signature.

The idea of protecting firmware with digital signatures is real, and is something smart hardware manufacturers do to protect their products. This prevents hackers from easily replacing a device’s firmware with a trojaned version, by first making sure the new firmware has a legitimate, cryptographically verified, digital fingerprint. For example, an iPhone uses digital signatures to prevent you from easily loading some unsanctioned OS.

This means Elliot’s idea is quite accurate, however, I’m not sure if what the show portrayed would be easy or even possible. In the real world, the mechanisms used to check for proper digital signatures are usually built in by the hardware manufacturer. In fact, these mechanisms require that the devices ship with sets of private and public digital keys, which are used to verify the firmware is signed properly from the hardware vendor. In the show, it’s implied that this UPS system’s original firmware did not check for digital signatures. In fact, the hardware may not have any vendor-delivered capability to do so. Furthermore, the episode subtly implies that Elliot “hacked” this capability into the UPS system himself. If you look closely at shots of Elliot working on the UPS system, you see one where he uses a tool called IDA Pro, and has opened the firmware file.

Figure 4: Elliot reverses UPS firmware with IDA Pro.

IDA Pro is a disassembler tool that developers, security researchers and hackers use to reverse engineer compiled code. You can also use it to modify compiled code. To me, this screen actually infers that Elliot manually modified the UPS firmware to use a digital signature verification mechanism that wasn’t present in the original vendor’s features. That seems like a very tall order to me.

There is a lot of precedent for hackers patching vendor software. In the past, researchers have found critical vulnerabilities in Microsoft software, felt the organization was taking too long to fix them and released “third party” patches for those products (likely created using tools like IDA Pro). It’s very possible for smart reversers to hack additional functionality or fixes into other people’s products, even if they don’t have the source code. However, creating a digital signature validation mechanism would be a ton of work, and in most cases would involve more than just the firmware itself, but some of the hardware design.

Long story short, if the UPS firmware already had the capability to check firmware for digital signatures built in (which seems unlikely), Elliot’s config change to use that capability to protect these devices is totally plausible. However, it does seem a little less realistic if the show was implying that Elliot modified a full signature validation mechanism into the firmware using IDA. 

Backdooring Elliot’s PC for the FBI

One of the more surprising scenes this episode was when Darlene betrays Elliot, and backdoors his computer for the FBI. When Elliot asks Darlene to stay over, we see her doing something at the back of Elliot’s computer monitor while he sleeps. Mr. Robot (Elliot’s alter) catches her, and roughly interrogates her about what she did. Most of you probably realized that she likely added some sort of backdoor to the machine, which we learn is the case when she returns to Dom. But what exactly did she do on a technical level, and would it work in real life?

This is one of the subtler hacks the show has attempted, giving only relatively vague, and hidden hints about what exactly happened. Let me break it down in the next few sections.

Mr. Robot caught Darlene red-handed, and certainly suspects that she did something to Elliot’s computer. This doesn’t necessarily mean Elliot knows what his alter does though. In any case, later in the episode, you see Elliot start to use his computer, but hesitate. He suspects something is wrong. Based on his display, Elliot’s primary operating system (OS) is a Linux distro called LinuxMint—a pretty popular and clean desktop operating system (the show-runners even took the time to use a period-accurate version of the distro for the show’s timeline, 2015).

After pausing for a moment, Elliot does a bunch of things in quick succession. Specifically, Elliot powered down his machine, he plugged in a USB key, and then he powered back up. This time his machine booted into Kali Linux, which is a well-known and real hacker distro that Elliot has used before. Why did Elliot power down his normal OS and reboot into another one? To search for rootkits.

A rootkit is a type of tool or malware that helps malicious programs hide on your computer, so even the OS is tricked into missing something that’s actually there. I like to think of them as the software equivalent of a “Jedi mind trick.” In short, rootkits can allow malicious software to hide files, processes, and even active network connections from the OS itself, which means that security software using OS functions to find stuff will totally miss it.

This is why Elliot is booting into an alternate OS. If you suspect your normal OS has been infected with a rootkit, you really can’t trust that OS, or any security scans run from that OS. How will you know for sure a rootkit isn’t affecting the scan results? To combat this, security professionals know to boot their computer and run security scans with an alternate OS that isn’t infected by the rootkit.

After rebooting his computer in Kali, we see Elliot run these commands:

Figure 5: Mounting hard drive and running Rootkit hunter.

To summarize, Elliot has booted a “live” version of Kali, or a “temporary” OS running off a USB stick. After booting this live Kali stick, Elliot mounts the file systems associate with his normal LinuxMint OS. This allows him to access and scan those file systems even though he didn’t boot from that hard drive. Then he runs a tool called rkhunter. This is a real-life open source tool called Rootkit Hunter, which scans Linux systems for rookits.

In short, this entire process a realistic portrayal of one way a security expert or forensic analyst might try to find a rootkit on a system they suspect is infected.

However, after doing all this, rkhunter doesn’t find anything. Elliot’s LinuxMint OS doesn’t seem to be infected. Believe it or not, this is a subtle hint suggesting what Darlene did, but we can’t connect all the dots just yet.

Figure 6: rkhunter fails to find a rootkit on Elliot’s computer.

Monitor Darkly: Hacking monitor firmware for fun and profit

Immediately, after seeing Elliot’s rootkit tool fail, we see Elliot’s screen, but this time from a different perspective and a different computer. Turns out, Dom, Darlene, and the FBI are watching everything Elliot does on his computer. This confirms that Darlene did plant some sort of spying tool on his computer, but since Elliot didn’t find an infection or rootkit, what really happened?

Here’s what we know. Darlene was messing behind Elliot’s monitor, and whatever she did does not seem to have left any footprints on the actual computer’s OS. This suggests either a hardware or a firmware hack.

Let’s start with hardware hacks. There are a number of nifty devices hackers can leave on your computer to spy on you. For instance, there are small Ethernet taps that a hacker can leave between your computer’s network port and Ethernet cable that will record and transmit your network activity. There are similar devices you can put between a keyboard cable and the computer to record keystrokes. There are even specialized USB devices that automatically launch different attacks to hijack a computer. In short, there are many hardware devices that might give attackers some level of remote access to your computer’s activity or data, without leaving a physical trace in your OS or file system.

However, I am not aware of any device that can plug into a monitor’s output, and transmit that output wirelessly back to the attacker. But theoretically, such a device is possible. You can wirelesses transmit HD footage captured from an HDMI port, but devices that do so are rather large. So, I initially wasn’t sure what type of device that Darlene could have plugged into a monitor that would have given Dom remote access to what Elliot’s viewed on his screen.

That said, there have been previous attacks that could wirelessly capture display output. For instance, a classic example is a government project called TEMPEST. By monitoring the electromagnetic emissions from a CRT monitor, remote analysts could recreate low quality, but readable copies of the display. However, this attack only worked in close proximity, and it doesn’t work with newer OLED technology. More recently, the Snowden leaks revealed that governments have updated tools to remotely monitor displays, like RageMaster. Theoretically, the FBI might have some tools the general public doesn’t know about to do this sort of spying, but I felt Mr. Robot’s security consultants would use something more publicly accessible.

That brings us to firmware hacks. As you know from the original Stage 2 plans, hackers can modify and backdoor the firmware running on different hardware devices (like the UPS hack). Malicious code running on the firmware of some hardware device isn’t running in your OS, so normal security software can’t detect it. Thus, infecting firmware is a great way for attacks to evade normal OS security controls. It’s possible that Darlene somehow hacked the monitor’s firmware, but she’d still need to add some device with a wireless connection, in order to “send” the display back to the FBI’s computers. It turns out that’s exactly what Darlene did, but the way I confirmed this may surprise you. More on that soon.

There are some clues on Dom’s screen that help unveil how this monitor hack worked.

Figure 7: Dom’s view of Elliot’s hacked computer

This screenshot reveals a lot. First, Dom is seeing individual screenshots of Elliot’s desktop every few seconds, not a live video feed. You can tell this first by the fact that her view of his screen is actual a PNG image, but also because you can see a folder of PNG images that seem to have been saved every few seconds.

More importantly, you can see the Command & Control (C2) script she is using to receive these images from Elliot’s computer. The terminal window shows a python script called, which is obviously a C2 channel listening for network connected and then receiving the PNG images. Finally, the last hint in this screenshot wasn’t obvious until I uncovered something later. The folder all the images are stored in is called “monitor darkly.”

Elliot’s Revenge: Hacking back the FBI hackers 

So, it’s clear Dom and Darlene have successfully backdoored Elliot’s monitor, and whatever they did has some sort of wireless Internet access (likely cellular), sending PNG images of his display output back to the FBI computer.

In the final scene, Dom returns to the apartment where they are staking out Elliot. Her FBI partner informs her that Elliot sent an encrypted email with a link to someone when she was away. He is hoping they got lucky, and this email is some secret, incriminating message to Tyrell. As Dom looks over the screenshots of the email, she gets nervous and asks her partner if he followed the link. He did, and even downloaded and opened the file it pointed to. That’s when we see Elliot finding this apartment (or at least the one downstairs).

Figure 8.: Elliot’s FBI phishing email.

As you might have guessed, this scene suggests that Elliot somehow realized he was monitored, and “phished” the people watching him. The link in the fake email Elliot staged could have pointed to malicious code, which could have helped him get the IP and location of the FBI computer that clicked on it in any number of ways. Looks like Elliot “hacked back” his hackers.

However, the true beauty to this little sequence is the show runners also hid an Easter egg in this email that helps truly reveal how Darlene hacked Elliot’s monitor. But, you’d have to participate in Mr. Robot’s hidden puzzles and games to catch this clue.

Notice the link in the email: 

Like many URLs and IP addresses you see on this show, that link really works. If you visit it, you will find what looks to be a compressed RAR file, but actually isn’t. If you look at it in a browser, this is what you get:

Figure 9: Base64 encoded file.

If you work in security or development, you may be used to recognizing encoded data, and can tell that this is Base64 encoded data. If you run this file through a base64 decoder (like this: curl -s | base64 -D > plans.rar), you’ll end up with a working RAR file. If you decompress that, you get a PNG image of a QR code.

Figure 10: Hidden QR code in Elliot’s email.

If you follow that QR code, you get to this GitHub project for a real monitor firmware hack that the authors called Monitor Darkly (shoutout to smart /r/MrRobot Redditors for finding this quickly).

This is the final hint that shows how Darlene hijacked Elliot’s monitor firmware, but not the actual computer. In short, Monitor Darkly is a firmware hack of the OSD built into a specific Dell monitor. Using a USB port on the monitor (or HDMI too), an attacker can hijack the monitor’s firmware, and then fully control reading and writing every pixel on the monitor, independent of what the actual computer sends to the monitor. This mean an attacker can force pictures onto your monitor regardless of what the computer is telling it to display. That could allow them to trick you in a number of ways. More importantly, it allows attackers to read every pixel on the monitor, which is likely what this hack does to create screenshots for Dom. If you want to learn more about this hack, check out the DEF CON talk on Monitor Darkly.

The only missing piece of this equations is how the monitor sends that information back to Dom. Most monitors don’t have network or wireless capabilities, so how does this hijacked monitor connect to Dom’s computer? Well, nothing in this episode answers that question, but luckily an interview with one of the producers, Kor Adana, give us the last hint. In an interview, Adana mentioned the USB Armory. This is a full computer on a tiny USB stick. This USB stick would serve two purposes. First, it could be the USB delivery mechanism for the firmware exploit used to hijack the monitor. Second, with the right accessories (a cellular USB dongle), this tiny computer could also wirelessly connect to the Internet, sending the screen images back to Dom.

Figure 11: A USB Armory with a wireless dongle.

As you can tell, this is a pretty realistic hack. It literally uses a real monitor firmware exploits that researchers disclosed a year ago. I will say that the actual GitHub code for this exploit doesn’t contain any command and control code that send screens back over the network. That is not something the original researchers did. However, the hack would allow you to create screenshots, and combined with a small USB computer and cellular dongle, this is a totally plausible application for Monitor Darkly’s capabilities. As usual, Mr. Robot gets a +1 for realism.

Hidden Easter eggs and other odds and ends

If you watch Mr. Robot idly, you’re only scraping the surface of all its hidden secrets. Here are some interesting points revealed in this episode:

  • First, another of my pre-season predictions came true. As I suspected, Darlene is working with Dom this season.
  • As always, there are many real URLs and IPs in almost every episode of Mr. Robot. If you pay close attention, you may be able to use an E Corp login page, connect to the fictional UPS system, follow QR codes and more!
  • Elliot worked hard on the paper record presentation he tried to give to his bosses. With enough diligence solving the Easter eggs in this episode, you can download a copy of that presentation.
  • Don’t forget the always available It tends to get interesting new updates after every show. 

Long passwords and multifactor authentication

With so many interesting hacks, there is a lot you can learn from this episode, but I want to really concentrate on the theme of password security as a practical takeaway.

Authentication and passwords are the cornerstone of security. You can have all the fancy security controls you want, but if an attacker gets one of your trusted user’s credentials, all your security is out the door since that hacker will be allowed legitimate access. In this episode, you saw how easy it was for Elliot to steal passwords.

The answer to stolen, lost, or reused passwords is multifactor authentication—using at least two factors for authentication; a password and something else, such a fingerprint, certificate, a one-time-password, or even a mobile push approval. When you use multifactor authentication, even if an attacker learns your password, they’ll be challenged to figure out your second token.

Figure 12: Elliot’s long and secure password.

While we’re talking passwords and authentication, when you use passwords, they should be strong. In this episode, you see both Dom and Elliot log into computers multiple times with lengthy passwords. Follow their example by always using long and complex passwords for better security.

Thanks for joining me for another eventful Mr. Robot hackuracy analysis. If the first two episodes of the overall pace for season three, we’re in for a wild ride. As always, I look forward to your comments, theories and feedback below, and don’t forget to join us again for Mr. Robot Rewind next week.

Powered by WPeMatico

Washington state’s life sciences industry has a talent crisis — and the tech sector is partly to blame

(Shutterstock Photo)

Washington State’s life sciences sector has historically been strong, even among the best in the nation. Industries like medicine, research and agriculture are right up there with aerospace, shipbuilding and tech as mainstays of the state’s economy.

But the industry has been stagnant, even shrinking, in the past few years, and a new report identifies a leaky talent pipeline and a booming technology industry competing for workers as big parts of the problem.

A similar report released in February found that the state had lost 3 percent of life sciences jobs between 2011 and 2014, and the newest study cited drops in patent activity and industrial R&D activity as other indicators of lagging growth.

Of course, there are many factors behind those statistics. The report cited factors including a lack of affordable office and wet lab space and a lack of investment capital, and industry leaders have also pointed to the expiration of state support for various aspects of the industry.

But the most prominent factor, cited by life sciences executives and also shown in data, is the shortage of qualified talent.

Juno Therapeutics CEO Hans Bishop (left) speaking to VP of Research and Receptor Discovery Francois Vigneault inside Juno’s new headquarters in Seattle. (GeekWire Photo / Todd Bishop)

That shortage is being seen in some life sciences industries across the country, particularly in the medical field. But in Washington State, a highly competitive technology industry means that life sciences organizations also struggle to find engineers, IT professionals and other technology-related professionals.

That’s in spite of world-class universities and research institutions, which attract talent from all over the world to be trained in the life sciences.

“The report tells us we need better alignment with industry needs and existing workforce capabilities,” Commerce Director Brian Bonlender said in a press release. “The good news is the study helps provide a roadmap to accomplishing that. It highlights the industry’s strengths, such as its workforce diversity as compared to other high tech industries.”

The paper outlines six initiatives that would help close the talent gap, including establishing a hands-on STEM training academy in Washington State.

But the majority of the initiatives address one specific phenomenon: Washington’s secondary education programs graduate hundreds of well-qualified life sciences workers, but many then leave the state to take jobs elsewhere.

“Many years of schooling and local connections have been invested in this top technical talent and to see it migrate out of the state and to other life sciences hubs such as Boston, or the Bay Area in California, is a painful loss for Washington,” the report says.

“Feedback from post-doctoral and current graduate students indicates a disconnect between this top talent cohort and the industry, and among many of these individuals there is a strong desire to remain in Washington and to work in industry rather than academia,” it adds.

The report suggests steps like creating a more direct pipeline between secondary education and industry, creating a targeted intern program and supporting employer-led fellowship training programs.

Washington Gov. Jay Inslee is a vocal supporter of the life sciences industries, and has voiced support for past measures to help the industry. However, more dramatic steps will need wider support from the state legislature and other actors.

The report was commissioned by the Governor’s Life Science and Global Health Council, and conducted by research and strategy consultant TEConomy Partners.

Powered by WPeMatico

Why I Watch Old Baseball Games, Not Just the Ones I Missed Over Shabbat—and You Should Too

This past Saturday night, like many observant Jews across the country, I watched the Yankees vanquish the Cleveland Indians in Game Five of the American League Division series. This would be unremarkable except for the fact that the game had been played three days earlier. Thanks to the Jewish holiday of Sukkot and then Shabbat—during which religious Jews eschew electronics—I had completely missed the entire exciting affair. I’d heard the Yankees had won, but did not know the score.

Some might raise an eyebrow at watching a three-hour sporting event when one already knows the outcome. It’s one thing to DVR a game one can’t watch in real-time, avoid all spoilers, and watch it shortly thereafter. It’s another to wait days, know the endgame, yet do so regardless. But I’ve actually been engaging in such retrospective fandom for some time—and not just for games on Shabbat.

Continue reading “Why I Watch Old Baseball Games, Not Just the Ones I Missed Over Shabbat—and You Should Too” at…

Powered by WPeMatico

Straight Outta Satmar: Hear the Biggest Hasidic Hit of Right Now

Growing up, Meilech Kohn didn’t like it in the Yeshiva. He was the quiet kid who liked to daydream and hum nice tunes, and his fellow students were so miffed by his strange ways that they shunned him altogether, refusing to speak to the awkward child. Increasingly distraught, he retreated into his inner world, which was increasingly consumed by writing songs and melodies. Eventually, he decided to drop out.

Much to the chagrin of his parents, Meilech left the fold of his tightly-knit Hasidic community. He moved to Los Angeles, then Puerto Rico, then Texas. He listened to any kind of music he could find, and continued to teach himself his craft. By the time he was ready to return home and recommit himself to religious life, he contained multitudes.

Continue reading “Straight Outta Satmar: Hear the Biggest Hasidic Hit of Right Now” at…

Powered by WPeMatico