IT security

rogue49 · Mar 10, 2020

https://www.washingtonpost.com/tech...er-left-users-locations-fetishes-exposed-web/

Oooo, here’s another doozy of personal info that one can get blackmailed from.

Secret sharing app “Whisper” left users locations, ages, fetishes, etc...all exposed to the web from a fully open database.

Geez

cynthetiq · Mar 12, 2020

I loved whisper when no one knew what it was...

rogue49 · Jan 1, 2022

Opinion: To keep our country safe, we need a national Cyber Academy. Think of it as West Point for technology defense.
By Kirsten Gillibrand

Kirsten Gillibrand, a Democrat, represents New York in the U.S. Senate.

Cybersecurity is undoubtedly one of the United States’ most important lines of defense, but too many parts of the government don’t have the reinforcements they need. In one of the most serious examples of danger, Russian hackers in 2019 penetrated SolarWinds software widely used by the U.S. government, and the hack went undetected for months. Networks ranging from the departments of Energy, Treasury and Justice to the National Institutes of Health were exposed to exploitation.

Opinions to start the day, in your inbox. Sign up.
Unfortunately, the government faces a severe shortage of cyber personnel needed to protect ourselves from such adversaries. As of September, more than one-third of public-sector cybersecurity jobs — more than 38,000 — were unfilled. And the tech workforce we do have is quickly aging out: By our calculations, just 7 percent of federal employees in computer science, computer engineering and information technology positions are under 30.

We need to take bold, forward-looking action to build not only a new generation of cybersecurity and technology professionals, but also a new pipeline to cyber and tech careers in government. We need to establish a Cyber Academy.

Working with colleagues on the Senate Armed Services Committee, I recently secured provisions in the National Defense Authorization Act, the annual defense budget bill, that will jump-start our work to do just that. They would create a road map for establishing, building and devising a curriculum for an institution that would staff up the federal cyber workforce and prepare the next generation of civil servants for the vital jobs of the 21st century.

The Cyber Academy we envision would be a state-of-the-art civilian counterpart to West Point, the Air Force Academy and other military academies — a government-funded university dedicated to training cyber and tech professionals for the civil service. It would make the U.S. government a vanguard in digital careers, while providing talented and civic-minded young people with a free postsecondary technological education and a way to serve their country.

The Post's View: Does the U.S. need a West Point for tech-savvy civil servants?

Cyber Academy students would earn degrees in fields such as artificial intelligence, software engineering, cybersecurity, robotics and data science. They then would be placed for a prearranged term in corresponding roles in various federal agencies, determined according to the government’s digital and cyber needs and the students’ preferences, and informed by our national security priorities.

These graduates would have important roles beyond defense. They could help us to protect the electric grid and food supply chain, oversee policies about cryptocurrency and develop regulations for complex machinery such as driverless cars and autonomous drones — and that’s just scraping the surface.

The current tech workforce is neither large enough nor diverse enough to meet the nation’s critical needs. There are more than 600,000 open computing jobs in the United States, but just 71,000 computer science students graduated into the workforce in 2020. And the government has to compete for them with private tech giants such as Google and Amazon. The Cyber Academy’s service requirement would help address that uneven playing field and expedite the often slow-moving federal hiring process.

Recruiting for the Cyber Academy would also help us to diversify the field. The more perspectives, languages and skill sets we can bring into government, the more we can out-innovate and outperform our competitors and counter looming technological threats from China and Russia. The Cyber Academy could make this education and these careers accessible to everyone, including nontraditional students and those from underserved communities.

Without an urgent strategic investment in strengthening our federal cyber workforce, we risk ceding global leadership to our competitors and falling behind on our ability to protect and advance our national interests. As it stands, we are not fully prepared to face the challenges and seize the opportunities ahead.

Experts in science, technology and national defense agree: Former Google chief executive Eric Schmidt said last year that establishing a type of cyber academy will help to address the “vast shortage of the talent” the United States needs to keep up “in a world shaped by strategic competition.” Just last month, the Government Accountability Office published a report on the need for a “pipeline of digital staff,” specifically noting that an academy could create a dedicated pool of talent with “proficiency in both digital skills as well [as] understanding the functions of government [required] to meet agencies’ needs.”

In the short term, the steady stream of tech talent from a Cyber Academy would enable the government to address its urgent personnel deficit. In the long term, it would build up a pool of digital and cyber experts, allowing the United States to gain substantial ground in technological innovation and cement our global leadership in the digital age.
Click to expand...

The badguys aren't slowing down.
They know we're lagging behind.
Playing catchup.
Ignoring the holes.

This IS truly cyberwarfare.
Not only are we dealing with pirates.
But we're dealing with government supported marauders (The usual suspects...China, Russia, Iran, NK and more)

How do we get MUCH better at this?
Develop a better mindset.
Not just skills.

See a hole, plug a hole.
Know a risk, address that risk.

rogue49 · Aug 23, 2024

National Public Data Published Its Own Passwords – Krebs on Security

Well, this is what keeps me employed as a cybersecurity SME... (although not consistently, often being a merc contractor and the IT game being what it is)

Thanks for the paycheck.

Considering I wrote Advanced Technology section and the led the creation of the whole DB security strategy for a big 3 bank.
I can tell you this...

If you think the govt is paranoid, you should try a bank. They do it better than most I've seen, including the Feds.

They are unprepared and not fully paying attention, too busy multitasking and making $$$
"It's not a priority" (and again, they do it better than most...so that's saying something)

When Quantum Computing becomes commercial level, no one is ready at all for risk and security focus.

It's not if, but WHEN it's coming and relatively soon (within 5 years I estimate.)
(I was on seminars for knowledge transfer from the Advanced Tech group and its IBM partnership for QC
...and that's NOT what they're focused on or or even close to being prepped for, risk being not a priority, monetizing and new services are)

This stuff is going to go thru encryption like a hot knife thru butter.
Like the movie, Sneakers...it won't be a special one chip, it will be in many places, as powerful Qbit driven CPUs
Getting thru encryptions that would take a now normal CPU 25,000 years, in just 2 minutes.

That's for the most prepped and aware players...
And stupidity and incompetent players, well, they're screwed and then some.

Think of it like a thief or scammer with a key to the city and the world.
Locked doors open everywhere.

Cryptocurrency worthless in it's anonymous value. (dark web, in the spotlight and sun) ...this will likely tank it, value zip.

And old school oblivious politicians and VIP leaders, and police woefully unprepared and not able to understand the ramifications...must less catch criminals...or make laws about it.

Hell, they can't even keep up with these incompetent fools in TFA.
Oops, don't sue us will become the byline.
(much less, I'm innocent, don't jail me )

Oh yeah, insider trading will be by second ..and likely will upset the markets. Like crashes, seriously.

Enjoy all.
And again, thanks for the check. I need more, send more.

Log in or Sign up

IT security

rogue49 Tech Kung Fu Artist Staff Member

cynthetiq Administrator Staff Member Donor

rogue49 Tech Kung Fu Artist Staff Member

rogue49 Tech Kung Fu Artist Staff Member

Log in or Sign up

IT security

rogue49 Tech Kung Fu Artist Staff Member

cynthetiq Administrator Staff Member Donor

rogue49 Tech Kung Fu Artist Staff Member

rogue49 Tech Kung Fu Artist Staff Member

Useful Searches