After 2018’s hypes, this

Already you thought you had enough on your plate, for 2018 qua predictions even when most will play out differently than stated? And though these ones are [as in: when you verify/falsify them in the near future, they will have become ‘are’] actually correct…
these will also play a role in 2018.

Yes, yes, in a much more fundamental way, and maybe in the mainstream media only per ill-understood sensational pastiche, but still it will certainly [same] augment the fuzz around quantum computing. That will, in the end, when made operational not be much of a shocker anymore. Too much dilution in the latter, to still make good on its supercalifragilisticexpealidocious claims. Too bad / good, depending on which side of the quantum-crypto-crackability wars you are – the latter not even mattering since this and this. And this in particular. What will the above mean in this respect?

[Edited to add: Oh and this just in. Relevant, on a nearer-future scale]

Leaving it there for you, to study and be prepared… plus:
[Fattened over the holiday season, you are ..? Shardless London it was, ‘is’ish]

A different take on fireworks

Yes dear people it may be unbelievable to some but there’s some local areas, like the EU, where in some spots/countries, fireworks are still allowed to be lit by just about anyone [age limits for buying, much more overeasily circumvented than e.g., alcohol sales], on Dec 31 – and no-one seems to care about earlier (days in advance) occasional severity-max hindrance to the elderly, dogs, and generally phobic/gravely-disturbed-by-fireworks public. “Tolerance” never seems to go the way of the Meek.
But, when societal discussions go to maybe possibly impinge on these ridiculously-lax liberties, there’s hope. Of a replacement of sorts. Not (only) by means of public fireworks displays – that are, admit it, always much more beautiful then your own, and just noise doesn’t impress anyone but prepuerile boys – but also by, tadaaa:
This here idea of Drone-on-Drone contests. Should be fun! If only we could attach the equivalent of reactive stuff, just for the light show effects.

That was all, folks. Out on a bang with:
[Hey those things are still quite prevalent in Knightsbridge; are they anti-drone security devices or how backward can one be ..? Good riddance from the EU ..?]

Fog(gy) definitions, mist(y) standards

If you thought that containers were only something to ship wine in, by the pallet, you a. would be right, b. would maybe have overslept on the new concept, c. would not mind I introduce the next thing, being fog computing. I’m not making this up as a part, or extension, of low-hanging cloud computing.
You think I’m kidding, right? Or, that I should have called it mist computing which is a thing already but only a somewhat different thing… You’re still with me?

Then it’s time to read up. And weep. Over this here piece that sets the standard, quite literally.

There. You see ..? Indeed low-hanging, as in the stack … That wasn’t so hard. But implementation will be, if required to be secure. Have fun, will TLS. Or so.

OK, this post was as it stated just an introduction to the IoThing – I was serious though about the Go Study part. Plus:
[Cloudy top cover, smiley backside of a place of worship; Ronchamps FR]


How would this (link in Duds) great – not so much – invention help against drones that have pre-programmed GPS coordinates and semi- or fully-autonomously fly to their destination? Because they’re out there already and even building/programming them is a piece of cake for the ones that would actually want to do harm for no defensible (sic) reason.
And also, there already is this; better drone detection than the article (and the vendors therein) suggest would be possible …!
And also, there already is law against the proposed jamming.

So, too bad, vendors Deutsche Telekom, T-Systems, Dedrone, Rhode&Schwartz, Squarehead, Robin Radar Systems, and HP Wüst: Magenta is a colour, not a viable product — it’s illegal and it doesn’t work; a square fail.

Am I too harsh? Possibly; that happened some 50 years ago as well. Plus:
[Quite this’y: All showboating, no real value, and skewed; Haut Koenigsbourg again]

Nudge, nudge, wink, wink, know what infosec behaviour I mean?

Am working on an extensive piece, a long-longread, on as many aspects of behavioural change towards true ‘secure’ user behaviour as I can cram into text. I.e., moving beyond mere full ‘awareness’ as phases 2/3 of this, to phase 4. Strange, by the way, that there is in that no end ‘phase’ or cycle in which one finds out to have been in phase 4 already for some time but didn’t notice and now forgets just as quickly as that seems ‘logical’.

But back to today’s subject, which is the same, but on a tangent. My question to you dear readers [why the plural, or >0 ..?] is:
Would you have pointers to (semi)scientific writing on the use of nudges to (almost)stealthily change (infosec-related) behaviour ..?
I could very much use that. Other sectors of human behaviour influencing studies have ample info on the effectiveness of such nudges, but for infosec I’m still with Googlewhack-like results.

Thanks in advance… Plus:

[The ways to seek prosperity from misery; EPIC Dublin]


Oh (not like here though supported) when will EVs be useful? Like, being available with diesel range (1000kms, seriously! I seriously need that) and station car luggage space (660/1950ℓ – yes really need that, too), at a fair price (which is 2nd hand, not even a fifth of what 40%-featurematching EVs go for today).

No, I’m not going electric today because EVs will get better in a couple of years. I’m not going to waste buckets of money and opportunities by sitting out those years with a severely underperforming car. If others do that; that’s their bad decisions.
But wait; there’s hope around the corner (of the Cobra, Málaga–Ronda and v.v. kind): When we have electric (?) autonomous trucking sometime soon (like Big T is proposing or already developing), the results might be scaled down to anything in the range, in due time. And/or current auto-elecs are scaled up considerably. Squashing my own hope, this will take a couple of years.

By lack of proper alternatives, trying to do away with fully functional transport, is an attempt to hinder the due functioning of society; to be categorised as illegal.

I rest my case. And:

[Once upon a time, in a world far, far away (i.e., not so far Valencia), training was Fashionable]

Progress, friends, is here. Only, not everywhere. Yet. Say ‘No’ till then?

You know that the bright new future is here, when amid the torrent (figuratively referring to the physical phenomenon, nothing to do with the on-line tool(s)) of fake news, this still makes it into a headline: ATMs now to begin to start being rolled out with Win10 ‘support’. To be completed per 2020, when support for Win7 stops. Right. 2020; probably not referring to the eyesight of the ones planning this, not being personally accountable and duly informed of the risks.

Because otherwise, wouldn’t it be smarter to come up with a clever idea to do the roll-out within a month, to prevent just about anyone to take ATM security — or is it a signpost for overall infosec’s position — seriously, as seriously as it should ..?

It’s time there comes an agency, Nationwide, worldwide, that has the authority to say NO!!! to all ill-advised (IT- which is the same these days) projects. Infosec professionals tried to ditch the Dr. No image, but it turns out, it’s needed more than ever to prevent the Stupid (Ortega y Gasset’s Masses I guess) from endangering all of us or at least squandering the billions (yes) that could have been applied against world poverty etc.etc.

Oh, and:
[The UBO ‘humanity’ seems to be lost, here; Zuid-As Ams]

Yesterday, same thing.

This is sort-of the same as yesterday’s post, put into practice, when your AGA now not only remotely slow-cooks but slow-betrays you. Slowly either does not at all or over-burns your carefully prepped meat. So the wretched short-lived lambkin died for nothing.
Would anyone know of any device out there that is duly protected against this sort of thing? Or whether (not or not) this is a generic weakness: Access from the outside, offers access from the outside to anyone, to rattle the door. And some, through persistance or imme force applied, will find the door opens. Your convenience, theirs too. Same, with ‘connected’ toys. Yes they are

Oh, and:
[May superficially look like an AGA but isn’t, not even a hacked architecture studio’s design, just purposeful – and beautiful – museum design in Toronto]

Learn you will… Recover, you might.

When your countries largest retailer (primarily F&B but non-F only recently growing as well), has finally heard about something-something-smart-fridge. And wants to do it Right and starts off with a pilot. Of, drumroll, a smart fridge magnet with a mic and barco scanner for adding stuff to your on-line grocery list (on-site self-service pick / pick-up, or delivery to follow separately). Didn’t kno that existed already.
Nice idea, to include not (only) a barco deliberate-scanner (no creepy auto-scans) but also a mic when you don’t have the product at hand (and fresh veggies wouldn’t make it; for a long time already not stickered but weighted at the (vast majority) non-selfscanned check-out).

But what security ..? For fun, e.g., putting reams of alcohol stuff on the to-pickup lists of unsuspecting meek middle-classmen that won’t understand but come home with some explanation to do (bonus for taking the stuff off the list once procured so ‘no’ trace on the shopping list). For less fun, snooping off people’s shopping habits and get rich (by ultra-focused ads or selling off the data, or by extortion-light once you get the Embarrassing Items in view). For even less fun but lulz (grow a pair) when changing the list to violate some family member’s med-dietary choices into harmful variants. And don’t forget the option to (literally) listen in on very much that is said in the vincinity of the fridge. Could be anything, but probably privacy-sensitive.
But what security? The press release point to other countries’ supermarkets already offering the Hiku sensors. Nothing is unhackable. Exploit searches must be under way. People never learn. Reputational (corp) and personal-integrity (clients) damages may or may not be recoverable, at huge expense.

I’m not in, on this one. No need. Plus:
[Where you can learn; Zuid-As Ams]

Automobiles, (trains,) Planes

What a disaster it would be if all those (self-driving, or augmented-driving as they are today already) cars could be taken over by some madman or unrelatedly hacker … One could remotely steer a car off the road! One could remotely steer a whole bunch of cars within some area / country (?) off the road in a broadcast … With pre-emptively having disabled manual override, of course. [Though, noted before, the ability to do so would on the human side deteriorate very quickly as it wouldn’t be needed to be seriously trained/experienced (anymore).]

Yes, that’s bad. How is this same idea, but applied to current-day planes ..? Where about-all is automated, and users get more and more access hence control (think that one through; qua nothing’s 100% secure) to still but what do you know limited zone(s) of plane networks, e.g., re on-board wifi. The known-to-be-stellar-secure wifi.
Of course, this would be suicide — or airport-proximity (from just outside the fence) runway-DoS …; but not all seem to care about the sacrifice… on the contrary. And don’t come with the argument of having to know systems to break in / run amok. Some had gone through the effort of going through a pilot’s training, right? And here, one can be a passenger and do recce from business class, and/or deliver and C&C from there.

I love my old-style car / driving … and:
[Warped, but quite safe from hacking… Somewhere upstate WI]

Maverisk / Étoiles du Nord