Weekend Reads 122217

Because this is the last “weekend reads” of the year, I’m supersizing it, and including a few articles at the end on culture I found interesting. The majority of the other stories relate to security, as always.

San Diego, Calif., Dec. 12, 2017 — Computer scientists have built and successfully tested a tool designed to detect when websites are hacked by monitoring the activity of email accounts associated with them. The researchers were surprised to find that almost 1 percent of the websites they tested had suffered a data breach during their 18-month study period, regardless of how big the companies’ reach and audience are. “No one is above this—companies or nation states— it’s going to happen; it’s just a question of when,” said Alex C. Snoeren, the paper’s senior author and a professor of computer science at the Jacobs School of Engineering at the University of California San Diego. —UC San Diego

GPS has become such an ingrained part of our culture that many of us don’t even think about it anymore. If you want to go check out a new restaurant but don’t know where it is, search for it in Google Maps. Want to map your running route? There are tons of apps that use GPS to do that. Don’t want to be tracked at all? Just turn GPS off. But, what if I told you that you could be tracked without using GPS? What if there was a way for an app to narrow down exactly where you are, how fast you’re traveling, and what kind of vehicle you’re in— all without accessing your GPS location or you being aware? That’s pretty scary, right? —Android Authority

In May 2013 KrebsOnSecurity wrote about Ragebooter, a service that paying customers can use to launch powerful distributed denial-of-service (DDoS) attacks capable of knocking individuals and Web sites offline. The owner of Ragebooter subsequently was convicted in 2016 of possessing child pornography, but his business somehow lived on while he was in prison. Now just weeks after Poland made probation, a mobile version of the attack-for-hire service has gone up for sale on the Google Play store. —Krebs on Security

Only a few years ago, DDoS attacks targeted certain industries, gaming and finance being at the top of the list. What’s changed is the consistent drumbeat of attacks. Today, they are pervasive, impacting businesses of all sizes, across all industries and geographies. The driver for this remains the ready availability of free attack tools that can turn anyone with an internet connection and a grudge into a DDoS attacker. The bull market in DDoS attack services is also a significant factor. —Arbor

Section 1201 of the Digital Millennium Copyright Act (DMCA 1201) gives device manufacturers a legal tool to keep you from understanding and modifying the things you buy. While DMCA 1201’s stated goal was to prevent copyright infringement by punishing people for breaking the technological mechanisms companies put on their material to protect it, the law has been used against artists, researchers, technicians, and users, even when the reasons why they were trying to circumvent digital locks were completely lawful. —EFF

In the days of shrink-wrapped software, customers had no option but to provide perimeter security — firewalls, intrusion detection, antivirus, web application firewalls — since they had no access to proprietary source code, he explained. In 15 years in the security industry, most recently at FireEye, where he was seeing about 100,000 new pieces of malware a day, reacting to threats doesn’t make sense in an environment where development teams are releasing software multiple times a day. —The New Stack

For IT conference speakers, making an offering to the Demo Gods has become almost customary, a ritual that reinforces the hope that their barely-functioning prototype will dazzle onlookers without crashing and leaving them proverbially naked in front of the audience. No one, however, has ever had a tighter relationship with these demo deities than Douglas Engelbart, who on Dec. 9, 1968, laid out a long view of the future of computing in an astounding set of demos, one that included the mouse, Google Docs, the internet, and video conferencing. Engelbart and the work of his team laid out the path forward for all of the software, years before Xerox PARC even existed. —The New Stack

It is often said that California foretells the nation’s future. If so, we should really be worried about the cost of living. Wednesday’s New York Times ran an article about California that was candid about the high cost of living there although opaque about the reasons for it. It recognized that in the last seven years the state has lost more than two million people over twenty five years old to other states. And the reasons for fleeing many give is the cost of living with the largest number going to Texas, a state renowned for a low cost of living. —Liberty Law Site

In a world of serial storytelling, characters commonly outlive the actors who play them. Makers of film and television find ways to respond to the death of an actor, from recasting a role without comment (like Dumbledore in the Harry Potter films) to making the changeover of lead actors a central motif of a series (the Doctor in Doctor Who). Disney pioneered a new response in its latest Star Wars movie: resurrecting a deceased actor to reprise a role from beyond the grave. The technology on display here is impressive. But it both denigrates the craft of acting and violates the dignity of the human body by treating it as a mere puppet. —The New Atlantis

How do we make sense of our political moment? There has been no dearth of commentary on the meaning of the 2016 American presidential election and its political aftermath. Pundits, scholars, and others have expressed alarm about the degree of fragmentation and polarization, the increase in vulgarity in political discourse and the loss of political civility, the weakening of traditional international alliances, the abuse of basic ethics in governing, and the resurgence of nativism, populism, isolationism, and nationalism, all of which could encourage authoritarian behavior among those in or seeking power. There are good reasons to be uneasy. —The Hedgehog Review