Posts

Showing posts from 2018

Fake Malware Warning on NYTimes web site

Image
I just got a fake malware warning while reading an article on the New York Times web site. It also locked up my web browser too.

I'm copying and pasting the text here, to help any folks who do a search on the text.
There was a dangerous try to get an access to your personal logins & bank information. Luckily, your Firewall managed to block this suspicious connection. We recommend you to freeze your accounts until some measures will be taken. There is a great threat of leaking of your personal data. So you need to respond swiftly! Trojan Virus may have already hurt your hard disk and its data. That is why we are checking and verifying your system security. Do not waste your tie and consult one of our service centers or call us. Contact Microsoft Support: +1 (866) 273-6507 (TOLL-FREE). Your urgent response is needed. To deal with this problem, contact our network administrator.
How can we tell this is fake? 
First, I'm using the Chrome web browser, and folks from the Chrome …

What are the least secure connected devices?

A journalist was asking my thoughts about the least secure connected devices out there today. Here's my response:

----------

What's insecure? Almost all of the cheaper consumer electronics available on the market today, including toys, light bulbs, weight scales, bread makers, web cams, and more.

There are two major reasons. The first is that most of these are made by hardware manufacturers who have little background in software engineering best practices, let alone security. The result is common security problems, such as default passwords, no support for software updates, little or no encryption, or poor management of cloud servers.

The other reason is economics. We consumers don't make purchasing decisions based on whether a device is secure or not, since we can't easily gauge the quality of security. One result is that manufacturers don't put a lot of effort into security.

I research IoT security, and I basically try to avoid having any of these devices in my h…

Future of Education and Training in a World of Automation

A journalist was asking me about the future of automation, especially in terms of how we (society) should change in regards to training and education of workers. Below are my responses.


1) Do you consider your courses at CMU to be training a workforce for an increasingly automated world?

We don't explicitly gear our courses at CMU for training workforces. Generally, our courses are more about teaching high level concepts, methods, and skills. It's the same difference as learning how to program in Java and learning computer science with Java. The former focuses only on skills, while the latter focuses on bigger picture issues as well as the fundamentals.

2) Is the best way to train for "future jobs" truly in learning the mechanics of the machines that we rely on? Or is it perhaps better to train for truly complementary roles, human skills that a machines are far away from replicating?  (i.e. communications, design).
I would say that it's mostly for complementary rol…