With the launch of 18.104.22.168, Cloudflare thumbs its nose at ISPs and the big platforms (AKA Google), and once again declares itself a business willing to start, and lead, tech’s toughest conversations
Over the past year Cloudflare became best known not for the impressive services it has built in the Internet networking space, but for an action taken by its CEO Matthew Prince during the swirl following Trump’s Charlottesville comments. After initially defending the free speech rights of its neo-Nazi customer The Daily Stormer, Prince finally had enough. When the site claimed Cloudflare secretly supported its hateful philosophy, Prince kicked the site off the company’s network.
We must not eliminate the most important variable in today’s systems — the humans who design, maintain and manage them.
Straight out of defense labs, autonomous and semi-autonomous weapons are already in use, but there’s no overarching agreement among key stakeholders on how to control their implementation and diffusion. Unlike nuclear or biological weapons whose proliferation have been largely controlled, autonomous weapons pose some tricky problems.
The first is the absence of an international treaty. The second is the comparative ease by which autonomous weapons can be developed. Nuclear weapons are hard. The nine countries with nuclear weapons have achieved this with multi-decade projects backed substantially by state resources and administrative capacity.
On Friday the world was engulfed by the malware attack known as the WannaCry virus, which encrypts Windows users’ data and demands $300 in Bitcoin to free the hostage info (The New York Times). By Monday, the blame-throwing fingers were pointing in every direction.
Security experts reminded all of us to keep our systems up to date, back up our data, and avoid clicking suspicious links. Thanks, guys! But surely it’s clear by now that earnest reminders are not going to save us. Anyway, the organizations most heavily hit by WannaCry, like Britain’s National Health Service, Germany’s rail system, and Federal Express in the U.S., are institutions whose systems are managed by pros.
It’s great to depend on Google’s authentication system to confirm your identity on an online application’s website — until it doesn’t work. If you’ve ever been locked out of your own life, here’s how to work around that conundrum.
The authentication process is a little hard to explain, so let me give you an example to show why it matters. Let’s say your old cell phone died and you bought a replacement. After you restore all your apps and your contacts, you are ready to return to your normal routine. You sit down at your computer, and go to log into your Dropbox account. Because you previously enabled two-factor authentication using Google Authenticator, Dropbox prompts you to open the Google Authentication app (available for both Android and iPhone users) on your phone and enter the code it shows you.
Whoops! Although the Google Authenticator app was restored to your new phone, the settings were not — and now you can’t log into your Dropbox account.
We all trust cloud-based file storage services to keep our data safe from prying eyes, right? Maybe we shouldn’t. In the summer of 2015, an exploit was discovered that let baddies get into Google Drive, Dropbox, and OneDrive accounts without knowing your password. As the ZDNet story about the problem pointed out, “The so-called ‘man-in-the-cloud’ attack is said to be a common flaw in most cloud-based file synchronization services.”
Of course, that particular security hole has been closed by now — we hope. But even if it has, another one always seems to come along. So it’s probably a good idea to encrypt any information we store in the cloud, especially since it’s easy to do — and free, as well.
A huge bee in everyone’s bonnet right now is IT security. And as you’re accessing your company’s financials with Xero, you’ll want to make sure your account is as secure as can be. Adding two factor authentication (or as Xero calls it, two step authentication) to your account will help you do just that.
A quick word on two-factor: While nothing can guarantee your account’s safety, two factor authentication will get you pretty close. Two-factor in security means you have to have 2 things to get access — usually something you know, and something you have. For many apps it’s something you know — a password — and something you have — an authenticator app on your mobile.
Start by logging into Xero. In the upper right hand corner you’ll see your name. Click on that.
One observer dubbed it “the Exxon Valdez of security breaches”: Yahoo revealed that information for a billion user accounts — including names, addresses, hashed passwords, phone numbers, birthdays, and security-question answers — was stolen from its servers in 2013 (Krebs on Security). No, you’re not having deja vu: This is a separate incident from the previously disclosed hack of another 500 million Yahoo accounts.
Let’s survey the damage. Yahoo’s deal to be acquired by Verizon looks far less likely. Countless individuals and organizations will now be that much more vulnerable to being hacked. On some broader level, our trust in the cloud-based systems that now run our lives is tattered, if not shattered.