Break a world record with Moonhack 2017

The team at Code Club Australia set a world record last year by gathering 10,207 Australian kids together to participate in their coding event Moonhack. But they are not going to rest on their laurels: this year, they’ve set their sights even higher with their event on 15 August.

Moonhack Code Club Australia

What is Moonhack?

In honour of the Apollo 11 landing, Code Club Australia created a series of space-themed coding activities for their Moonhack event in July 2016. Their aim? To bring together as many kids as possible from all over Australia, to get them to code and have fun, and to hopefully establish a world record along the way.

Code Club Australia #MoonHack

Watch the Sunrise coverage of Code Club Australia World Record ‪#‎Moonhack‬ event – Launching Wed 20th July 2016 18:00 AEST – Register Now: www.moonhack.com.au

And they did exactly that! 10,207 kids completed Moonhack projects, which constitutes the largest number of children coding on one day ever recorded.

Moonhack 2017

With the success of the 2016 event spurring them on, the Code Club Australia team have scaled up their efforts this year. By opening Moonhack to kids across the globe, they want to spread enthusiasm for coding everywhere. And why not break their own world record in the process? Every kid in the world can take part in the event, as the website explains:

“Moonhack is for everyone. Moonhack is inclusive, not exclusive, because coding is for everyone, no matter their skill level or age – kids new to code, coding whizz kids, and anyone who wants to try out coding for the first time, or coding pros who want to get creative.”

Young people between the ages of 8 and 18 are invited to participate, by themselves or in teams. They can create their own space-themed project, or use one of the provided examples in Scratch, ScratchJr, or Python. If you’re outside the age range, don’t worry – you can still take part, but your project won’t be counted toward the world record attempt.

Moonhack Code Club Australia

The sky is no longer the limit…

Participants submit their complete project to the Moonhack website as a link, screenshot, or file upload. All successful young coders will receive a certificate to print and hang proudly on their wall. Woohoo!

How do we take part?

To participate, you will need to be registered on the website. Young people can register themselves if they have parental consent, or they can be registered by an adult facilitator. Registering will give facilitators access to a whole host of helpful tips for how to support their child or team of children during Moonhack. On Moonhack day, 15 August, the participants or facilitator can upload the completed project. If you cannot work on the project on the big day, that’s okay – simply complete it beforehand. Coding can take place anywhere, including at a library, school, office, or at home. For more information go to the Moonhack website, where you can also find coding projects in several human and programming languages.

So what are you waiting for? Get together with the code-loving young people in your life, put your thinking hats on, get programming, and have the chance to set a new world record!

The post Break a world record with Moonhack 2017 appeared first on Raspberry Pi.


Source: RaspberryPi – IOT Anonimo

Source: Privacy Online


Source: Zologic

A white man called her kids the n-word. Facebook stopped her from sharing it.

“The coalition has gathered 570,000 signatures urging Facebook to acknowledge discriminatory censorship exists on its platform, that it harbors white supremacist pages even though it says it forbids hate speech in all forms, and that black and Muslim communities are especially in danger because the hate ­directed against them translates into violence in the streets, said Malkia Cyril, a Black Lives Matter activist in Oakland, Calif., who was part of a group that first met with Facebook about their concerns in 2014.”

Location

United States
Date published: 
July 31, 2017
People: 
Related Topics: 


Source: Cyber Law

Source: Privacy Online


Source: Zologic

That R. Kelly ‘cult’ story almost never ran. Thank Hulk Hogan for that.

“There’s a lot of uncertainty and fear out there, post-Gawker, said Nabiha Syed, BuzzFeed’s assistant general counsel, who vetted the story before publication.

“The answer to uncertainty in the environment is certainty in our mission,” she said. And in making sure that a story is accurate, that it can be backed up and that it serves a purpose.”

Location

United States
Date published: 
July 30, 2017
Focus Area: 
People: 
Related Topics: 


Source: Cyber Law

Source: Privacy Online


Source: Zologic

How an online wedding registry in my name appeared out of thin air

“Arvind Narayanan, a computer science professor at Princeton University and an expert on internet privacy, correctly captured my angst when he told me that privacy “is not so much secrecy, but the ability to control how we present ourselves in the world.”

The whole thing is creepy, but it also serves as a stark reminder that our personal information is floating around the ether for companies to use. “There are a million different ways in which different aspects of your activities are observed and put into databases,” Narayanan said.”

Location

United States
Date published: 
July 29, 2017
Focus Area: 
People: 
Related Topics: 


Source: Cyber Law

Source: Privacy Online


Source: Zologic

Announcing the Raspberry Jam Big Birthday Weekend 2018

For the last few years, we have held a big Raspberry Pi community event in Cambridge around Raspberry Pi’s birthday, where people have come together for a huge party with talks, workshops, and more. We want more people to have the chance to join in with our birthday celebrations next year, so we’re going to be coordinating Raspberry Jams all over the world to take place over the Raspberry Jam Big Birthday Weekend, 3–4 March 2018.

Raspberry Pi Big Birthday Weekend 2018. GIF with confetti and bopping JAM balloons

Big Birthday fun!

Whether you’ve run a Raspberry Jam before, or you’d like to start a new Jam in your area, we invite you to join us for our Big Birthday Weekend, wherever you are in the world. This event will be a community-led, synchronised, global mega-Jam in celebration of our sixth birthday and the digital making community! Members of the Raspberry Pi Foundation team will be attending Jams far and wide to celebrate with you during the weekend.

Jams across the world will receive a special digital pack – be sure to register your interest so we can get your pack to you! We’ll also be sending out party kits to registered Jams – more info on this below.

Need help getting started?

First of all, check out the Raspberry Jam page to read all about Jams, and take a look at our recent blog post explaining the support for Jams that we offer.

If there’s no Jam near you yet, the Raspberry Jam Big Birthday Weekend is the perfect opportunity to start one yourself! If you’d like some help getting your Jam off the ground, there are a few places you can get support:

  • The Raspberry Jam Guidebook is full of advice gathered from the amazing people who run Jams in the UK.
  • The Raspberry Jam Slack team is available for Jam organisers to chat, share ideas, and get help from each other. Just email jam [at] raspberrypi.org and ask to be invited.
  • Attend a Jam! Find an upcoming Jam near you, and go along to get an idea of what it’s like.
  • Email us – if you have more queries, you can email jam [at] raspberrypi.org and we’ll do what we can to help.

Raspberry Jam

Get involved

If you’re keen to start a new Jam, there’s no need to wait until March – why not get up and running over the summer? Then you’ll be an expert by the time the Raspberry Jam Big Birthday Weekend comes around. Check out the guidebook, join the Jam Slack, and submit your event to the map when you’re ready.

Like the idea of running a Jam, but don’t want to do it by yourself? Then feel free to email us, and we’ll try and help you find someone to co-organise it.

If you don’t fancy organising a Jam for our Big Birthday Weekend, but would like to celebrate with us, keep an eye on our website for an update early next year. We’ll publish a full list of Jams participating in the festivities so you can find one near you. And if you’ve never attended a Jam before, there’s no need to wait: find one to join on the map here.

Raspberry Jam

Register your interest

If you think you’d like to run a Jam as part of the Big Birthday Weekend, register your interest now, and you’ll be the first to receive updates. Don’t worry if you don’t have the venue or logistics in place yet – this is just to let us know you’re keen, and to give us an idea about how big our party is going to be.

We will contact you in autumn to give you more information, as well as some useful resources. On top of our regular Raspberry Jam branding pack, we’ll provide a special digital Big Birthday Weekend pack to help you celebrate and tell everyone about your Jam!

Then, once you have confirmed you’re taking part, you’ll be able to register your Jam on our website. This will make sure that other people interested in joining the party can find your event. If your Jam is among the first 150 to be registered for a Big Birthday Weekend event, we will send you a free pack of goodies to use on the big day!

Go fill in the form, and we’ll be in touch!

 

PS: We’ll be running a big Cambridge event in the summer on the weekend of 30 June–1 July 2018. Put it in your diary – we’ll say more about it as we get closer to the date.

The post Announcing the Raspberry Jam Big Birthday Weekend 2018 appeared first on Raspberry Pi.


Source: RaspberryPi – IOT Anonimo

Source: Privacy Online


Source: Zologic

‘Textalyzer’ May Bust Distracted Drivers — But at What Cost to Privacy?

“”We can’t give the government the power to peer into everybody’s digital lives indiscriminately, because that might create a bigger problem than the one we’re trying to solve in the first place,” said Neil Richards, a law professor at Washington University in St. Louis who’s an expert in privacy and civil liberties. “The way to do it is if the police suspect a case of distracting driving, they go and they get a warrant and they compel the records from the service provider.””

Location

United States
Date published: 
July 28, 2017
Focus Area: 
People: 


Source: Cyber Law

Source: Privacy Online


Source: Zologic

To thwart the trolls, social-media sites should require users' real names

““Trolling is a terrible problem,” acknowledged Ryan Calo, an assistant law professor at the University of Washington who specializes in technology issues. “Are companies doing enough? I don’t think they are.”

He quickly added, however, that “we shouldn’t live in a world where if you don’t show utmost civility, you get erased from the Internet.””

Location

United States
Date published: 
July 28, 2017
Focus Area: 
People: 


Source: Cyber Law

Source: Privacy Online


Source: Zologic

Halt the Sidecar Bear’s infrastructure with Intel 471 and Anomali Threatstream

By Mark Arena, Intel 471 and Travis Farral, Anomali

We’ve all seen the research into Fancy Bear (aka APT28, Sofacy etc) which is likely a group sponsored by or a part of the Russian government. They even have their own website. Research into these groups is predominantly reactive.

Reactive Malware Research Process
Typical process for investigating nation state malware.

You’ll note in the above process that this is all driven by malware or attack samples being obtained at the beginning. The very nature of this means that attacks are already underway or might have already been finished by the time it’s detected or blocked. Protections against future attacks from this same actor using this process may or may not bear fruit as a result.

Rough Start

What if instead of simply waiting for malware or attack samples, we research one of the core enablers of this type of threat activity. Would this be a better return on investment for our efforts?

Bulletproof Hosting

For those that don’t know, bulletproof hosting is one of the key enablers for cyber threat activity. The miscreants need hosting for everything they do, be it command and control server hosting or exploit kit hosting. It also takes quite a bit of time for the miscreants to setup these servers, so ideally they want hosting that isn’t taken down easily. Any time a miscreant runs a command and control server or exploit kit, their server provider will likely receive complaints and pressure from various anti-virus and security companies to take down the malicious infrastructure. Bulletproof hosting is hosting that will (or claims to) remain running even with the pressure from the antivirus and security company. Some bulletproof hosting providers even have their own data centers with prepaid government protection.

When it comes to bulletproof hosting, we are trying to achieve a position of information dominance over our adversary where these hosting networks are identified before they are used and can be blocked. At Intel 471 we refer to these as “pre-IOCs”. It’s a marketing gimmick we know but based on the fact that these aren’t indicators of compromise (IOCs) yet, we believe it’s an accurate term to describe the proactive blocking of bulletproof hosting networks. Blocking the bulletproof hosting networks proactively also means we don’t need to spend all our resources focusing on the specific threat groups or malware families themselves.

Alex

We’ll use the name Alex to describe one bulletproof hoster whom Intel 471 has tracked closely (Alex isn’t a nickname he uses). At the elite cybercriminal level there are only a few legitimate bulletproof hosting providers and Alex is one of them. In March-May 2017 we were able to link Alex’s bulletproof hosting network to the following malicious infrastructure:

  • Ransomware: Cerber, Locky/Osiris, Sage, Yakes, Razy, Barys, and Kovter.
  • Malware: Dridex, Hancitor, Nemucod, PandaZeuS, Nymaim, Zusy, Symmi/Graftor, Gafgyt (Linux), Marcher (Android), Valyria, Pony/Fareit, exploitation for CVE-2017-0199, Mirai, and more.
  • Phishing: Global banks, Apcera (cloud management), Amazon, Google (Play, Gmail, etc), CDN providers, Android-related, Yandex, Microsoft, Local UK governments, UK Driver and Vehicle Licensing Agency, UK’s Crown Prosecution Service, UK parking enforcement and ticketing, Apple, IMF, Adobe, Chrome, Apcera (cloud management), Mail.ru, Ubuntu, PayPal, Hilton, and much more.
  • Other: Drug shops, cybercrime forums, credit card dump shops, credential shops, activity related to the Russia/Ukraine conflict, counterfeit watches, online casinos and more.

Alex’s front-end proxy network from March-May 2017 consisted of around 800 different IPs across about 230 different providers. The vast majority were abusing US, China and Russian cloud hosting providers. In the beginning, the daily average size was around 100 hosts that were being rotated across his clients’ infrastructure.

Blocking Alex and all his miscreant customers

Using Intel 471’s actor-centric intelligence with Anomali Threatstream, we are able to automatically ingest, correlate and action the blocking of Alex’s bulletproof hosting network. Intel 471, in this case, is the collector of the information whilst the Threatstream platform enables the sharing of this threat information into your organization’s security infrastructure.

ThreatStream

What’s the return on investment?

The idea behind proactively blocking bulletproof hosting is that you are blocking things before they are bad. I.e., don’t wait for your organization’s systems to be compromised with the latest exploit kit, banking trojan or ransomware whereby a costly incident response exercise is initiated. Intel 471 believes that there is truly only a dozen legitimate bulletproof hosters in the top tier or elite cybercriminal underground. The efficiency gain for simply blocking this pre-IOCs compared to the cost of not doing so is very large.

This is financially motivated cybercrime! You mentioned Fancy Bear at the start!

We did and you found us out. Alex’s cybercriminal bulletproof hosting service has been used in targeted attacks in Eastern Europe. Nation state threat actors need bulletproof hosting too.

The joint Anomali and Intel 471 offering

The joint Anomali and Intel 471 offering provides a window into the elite cybercriminal underground within the Anomali Threatstream platform. This centralized threat intelligence solution provides proactive and breaking insight into how top tier cybercriminals are targeting your organization, assets, and people. Leveraging ThreatStream’s integrations and data enrichment features with Intel 471’s intelligence and insights creates a powerful weapon against cybercriminals and other threat actors. It’s a solution that gives analysts the ability to research actors like Alex and proactively push out protections against his known infrastructure. Because Intel 471 stays on top of actors like Alex, infrastructure changes can be followed and defenses adjusted accordingly.

Anomali, Intel 471 Silver, Gold and Platinum Offerings

Anomali and Intel 471 are happy to announce that as of 1 August 2017 we are offering silver, gold and platinum Intel 471 packages so organizations of any size can take advantage of Intel 471’s actor-centric intelligence within the Anomali platform. These offerings are available exclusively through the Anomali platform and depending on the package chosen. Packages include:

  • Full integration of Intel 471 actor-centric intelligence within Anomali Threatstream
  • Custom underground alerting
  • Intel 471 finished intelligence reports
  • Intel 471 information reports from Intel 471’s on the ground intelligence collectors
  • Emergency threat briefings and regular customer calls
  • Anomali supported request for information (RFI) service
Intel471

Find out more about this new offering

Contact your Anomali representative or contact info@anomali.com.

Download our datasheet.


Source: Honeypot Tech

MagPi 60: the ultimate troubleshooting guide

Hey folks, Rob from The MagPi here! It’s the last Thursday of the month, and that can only mean one thing: a brand-new The MagPi issue is out! In The MagPi 60, we’re bringing you the top troubleshooting tips for your Raspberry Pi, sourced directly from our amazing community.

The MagPi 60 cover with DVD slip case shown

The MagPi #60 comes with a huge troubleshooting guide

The MagPi 60

Our feature-length guide covers snags you might encounter while using a Raspberry Pi, and it is written for newcomers and veterans alike! Do you hit a roadblock while booting up your Pi? Are you having trouble connecting it to a network? Don’t worry – in this issue you’ll find troubleshooting advice you can use to solve your problem. And, as always, if you’re still stuck, you can head over to the Raspberry Pi forums for help.

More than troubleshooting

That’s not all though – Issue 60 also includes a disc with Raspbian-x86! This version of Raspbian for PCs contains all the recent updates and additions, such as offline Scratch 2.0 and the new Thonny IDE. And – *drumroll* – the disc version can be installed to your PC or Mac. The last time we had a Raspbian disc on the cover, many of you requested an installable version, so here you are! There is an installation guide inside the mag, so you’ll be all set to get going.

On top of that, you’ll find our usual array of amazing tutorials, projects, and reviews. There’s a giant guitar, Siri voice control, Pi Zeros turned into wireless-connected USB drives, and even a review of a new robot kit. You won’t want to miss it!

A spread from The MagPi 60 showing a giant Raspberry Pi-powered guitar

I wasn’t kidding about the giant guitar

How to get a copy

Grab your copy today in the UK from WHSmith, Sainsbury’s, Asda, and Tesco. Copies will be arriving very soon in US stores, including Barnes & Noble and Micro Center. You can also get the new issue online from our store, or digitally via our Android or iOS app. And don’t forget, there’s always the free PDF as well.

Subscribe for free goodies

Some of you have asked me about the goodies that we give out to subscribers. This is how it works: if you take out a twelve-month print subscription of The MagPi, you’ll get a Pi Zero W, Pi Zero case, and adapter cables absolutely free! This offer does not currently have an end date.

Alright, I think I’ve covered everything! So that’s it. I’ll see you next month.

Jean-Luc Picard sitting at a desk playing with a pen and sighing

The post MagPi 60: the ultimate troubleshooting guide appeared first on Raspberry Pi.


Source: RaspberryPi – IOT Anonimo

Source: Privacy Online


Source: Zologic

The "Going Dark" Debate: No News Isn’t Necessarily Good News

Location

United States

This year’s Black Hat USA conference is currently underway in Las Vegas. Last year, Jennifer Granick and I spoke at Black Hat about handling technical assistance demands from law enforcement. (You can watch video of the talk here.) We reported that there were a number of unsettled legal questions about what the U.S. government can and cannot force a company to do to assist in an investigation.

One year later, that remains true. In the intervening months, we haven’t seen any decisive court rulings or legislative developments in the U.S. to clarify the bounds of companies’ legal duty to help law enforcement access their customers’ communications and other data. Overall, the larger “going dark” debate over encryption has mostly been in a holding pattern in the United States this year. Given the chaos now pervading the political branches, that might not change in the near term. But if it does, it’s doubtful that the change will be for the better.

In the past year, the U.S. government has not publicly sought to force technical assistance from Apple, Google, or their ilk in order to access user data. That’s not surprising given the agency’s high-profile drubbing in the “Apple vs. FBI” case last spring. However, the government may be still be making such demands outside the public eye, either in the courts or through back-room discussions.

One option is that the government is still filing technical-assistance requests in court, but doing so under seal—meaning the public cannot scrutinize the request and the company affected cannot discuss it openly. Since last fall, Jennifer and I have been seeking to unseal surveillance matters filed in Northern California federal district court in which the records are still sealed but the need for secrecy has passed. Our goal is to discover what, if any, technical-assistance demands law enforcement has sought (and been granted) here in our own backyard. That effort is proceeding gradually. Last month, the court denied a motion we’d filed in January seeking to unseal the docket sheets for the category of cases that includes surveillance matters. Nevertheless, I’m hopeful that we’ll start to see some surveillance records getting unsealed in the near future. Once the public gains access to these matters, we should find out more about how law enforcement carries out electronic surveillance and, potentially, how it compels tech companies’ help in accessing their users’ private data.

Rather than file under-seal technical-assistance requests, another possibility is that the government has chosen to rely more heavily on discussions with tech companies and communications providers behind closed doors. The idea is to persuade those companies to “voluntarily” change their products and services to enable law enforcement access, without the risk of creating adverse case law that the government runs when it tests out novel legal theories in court. You may recall that in late 2015, then-FBI Director James Comey advocated this “voluntary” approach. That was four months before the FBI went to court for an unprecedented, aggressive technical-assistance order to Apple. Clearly, then, the “voluntary change” and “court-compelled assistance” tactics are not mutually exclusive. But following the Apple vs. FBI firestorm, the agency may be focusing more on the former strategy than the latter.

When Comey was fired in May, the “going dark” camp lost its champion. Yet his would-be replacement appears to be a case of “meet the new boss, same as the old boss.” In testimony to the Senate Judiciary Committee earlier this month, the president’s nominee, Christopher Wray, repeated the same meaningless line about “balance” between encryption and law enforcement needs that we’ve heard so often before. Wray’s testimony also indicated that if confirmed, he, like Comey before him, would favor pressuring companies privately to get “on board” with law enforcement needs.

Wray is not alone in favoring this tactic. Troubling developments brewing in other Western democracies such as Australia, France, and the United Kingdom have the potential to spill over into the U.S. Following a recent meeting of the so-called “Five Eyes” countries (the U.S., Canada, the U.K., Australia, and New Zealand), officials vowed to “engage” with communications and technology companies on law enforcement access to encrypted data. They didn’t specify what this “engagement” would entail, but it’s safe to assume it doesn’t mean a thumbs-up and a “keep up the good work.”

Back-room discussions with tech companies and communications providers are not the right way to set policy on issues of encryption and technical assistance. Like under-seal demands in court, private pressure on providers skirts transparency and accountability to the public, i.e., the customers of the affected providers. How those companies design the encryption and other security features of their products and services affects not just data security, but the civil liberties and human rights of users around the globe. The U.S. and its surveillance partners should keep their hands off strong encryption—but as long as they’re determined to keep waging this seemingly endless war against math, the public needs to be informed and involved.

There have been no reports of an “Apple vs. FBI 2.0” in 2017. Perhaps no news is good news. But if the U.S. government has in fact been secretly pursuing surveillance strategies that deserve public scrutiny, it may be that, true to the zeitgeist of 2017, no news is fake news.

Focus Areas: 
Related Projects: 


Source: Cyber Law

Source: Privacy Online


Source: Zologic