US Govt proposal to classify Security Tools as Weapons of War w/ Export Regulations.

This would be devastating to US business and security products.

In 2013, WA agreed to add the following to their list of dual-use goods: systems, equipment or components specially designed for the generation, operation or delivery of, or communication with, intrusion software; software specially designed or modified for the development or production of such systems, equipment or components; software specially designed for the generation, operation or delivery of, or communication with, intrusion software; technology required for the development of intrusion software; Internet Protocol (IP) network communications surveillance systems or equipment and test, inspection, production equipment, specially designed components therefor, and development and production software and technology therefor. BIS, the Departments of Defense and State, as well as other agencies have been discussing the best way to add these items, which we have named “cybersecurity items,” to the Commerce Control List (CCL) (Supplement No. 1 to part 774 of the Export Administration Regulations) without reducing encryption controls and while balancing the national security and foreign policy. For resource planning purposes, as well as license requirements, license exceptions, license submission requirements, and internal license reviews and processing planning purposes, this rule is published as a proposed rule.

https://www.federalregister.gov/articles/2015/05/20/2015-11642/wassenaar-arrangement-2013-plenary-agreements-implementation-intrusion-and-surveillance-items

I-R-C-H AAS Infrastructure, Research, Crimeware and Hacking as a Service

How a botnet works: 1. A botnet operator sends out viruses or worms, infecting ordinary users’ computers, whose payload is a malicious application — the bot. 2. The bot on the infected PC logs into a particular command and control (C&C) server (often an IRC server, but, in some cases a web server). 3. A spammer purchases access to the botnet from the operator. 4. The spammer sends instructions via the IRC server to the infected PCs, causing them to send out spam messages to mail servers. (Photo credit: Wikipedia)

If you have not heard of any of these it is not surprising but they are beginning to effect everyones daily lives. All of these have been purchasable in the past but never at the scale that is being exposed today. The advent of the cloud and the proliferation of the internet around the world has brought about a new level of willing hacker. It also has allowed the launching of DDoS attacks that are larger and as complex as the most complex systems in the world.

I recently did an example of an attack that launched 2000 different servers in the matter of minutes to completely flood a switching network shutting off the ability to get any communication out. This shut down everything that ran across an IP network; this included their pbx switch and their building security. It would have only taken a bit more to have caused their cell phones to not work as well leaving the building an island ready for a physical attack.

Crimeware is widely exploited by the criminal underground that seeks to improve its economy by the easiest means. The gist: “Criminals have started to use online cybercrime services instead of having to deal themselves with the technical challenges of running their own Crimeware server, installing Crimeware toolkits or compromising legitimate websites,” says Finjan.  In other words, it’s point, click and hack (Dignan, 2008).

Cybercrime thieves operate in a market that is sensitive to location and economic trends, they cannot use a “one-­‐scheme-­‐fits-­‐all” approach. The attacks must be customized for each geographic region and focus on a selected group of users and/or businesses. These attacks are often called “campaigns” and incorporate Crimeware toolkits, Trojans and Botnets to do their dirty work (Finjan, 2008).

http://hacksurfer.com/amplifications/247-cybercrime-is-for-sale-and-the-market-is-booming

Related articles

• 2013 – The Impact of Cybercrime
• Prolexic DDoS
• Only 2 countries have been hit with DDoS attacks every day since May. The U.S. is one.

La couverture universelle santé, une bonne idée mais son application est compliquée

Nice article in France about RSBY. The right to health for all and particularly in developing countries is certainly a noble idea, but how to apply it? The NGO Oxfam , CSU implies that everyone has the same financial protection and access to the same set of quality health services, whatever their employment status and ability to pay. But it can not be a single model and the States will develop tailored approaches to social, economic and political context of the country. In India, the RSBY insurance program for people living below the poverty line is hailed as a great success, but it offers limited financial protection, is riddled with corruption, abuse and rising costs, and mobilizes public resources for curative rather than preventive care.

La couverture universelle santé, une bonne idée mais son application est compliquée | Viva Presse.

Related articles

• NRHM to create awareness on RSBY for Assam

Aadhaar-linked accounts to be basis for mobile payments

I do find it interesting that everyone in the development community is focused on mobile payments and yet the attachment of a higher level of verification using biometrics and a randomly generated 12 digit number and it is a target at every turn.

Over 30 million linked accounts to start DBT payments in most countries would be considered a resounding success. M-Pesa still only has 17 million accounts and a very very low level of security but is considered the gold standard for mobile payments. Praveen Chakravarty, chief executive, Anand Rathi Financial Services, says, the application sounds great conceptually and is in line with the government’s current thrust on financial inclusion. “Of the 600,000 villages in the country, banks are present in only 40,000.”

Now, Aadhaar-linked accounts to be basis for mobile payments | Business Standard.

Related articles

• The Mobile Payments Rush Is On, And The Winners Will Shape The Future Of Transactions And Commerce
• Now, Aadhaar-linked accounts to be basis for mobile payments

Deadline for Aadhaar Cards on February 28, 2014 in West Bengal

The West Bengal government set February 28 as the deadline for distributing Aadhaar cards among all Bengal residents, prompting many to wonder about the feasibility of covering over six crore people in little over five-and-a-half months.

Providing Aadhaar numbers to all citizens above the age of five is the precursor to Prime Minister Manmohan Singh’s dream project of rolling out a direct benefit-transfer scheme, replacing the leak-prone subsidy system. The success of the project will depend on coverage as subsidies will be directly transferred to the 12-digit Aadhaar-linked bank accounts. “We have set a target to complete the process by February 28,” home secretary Basudeb Banerjee said after a review meeting at Writers’ with district magistrates and representatives of the census directorate this afternoon.

Deadline for Aadhaar Cards on February 28, 2014 in West Bengal – Economic Times.

Related articles

• Haryana fixes October 31 deadline for Aadhaar cards
• Indian Biometric ID Project Faces Court Hurdle

Tesla way ahead on the Auto-Pilot car

Tesla Motors (NASDAQ: TSLA  ) and its brash CEO, Elon Musk, love nothing more than to name an outrageous-sounding technological goal — and then meet it. The latest: Musk said this week that Tesla will be able to offer cars that are (mostly) self-driving in three years.

That’s way ahead of giants General Motors (NYSE: GM  ) and Toyota (NYSE: TM  ) , which have been saying that 2020 is a more likely date for the arrival of autonomous cars. In this video, Fool contributor John Rosevear looks at what Musk really said and argues that Tesla’s goal this time isn’t revolutionary — instead, it’s more likely to be the basic price of admission to the luxury-car market in a few years’ time.

http://mobile.reuters.com/article/idUSBRE98H01720130918?irpc=932

Related articles

• Tesla Motors Aiming To Build Self-Driving Car Within 3 Years, Elon Musk Says
• Tesla To Build Car With “Auto-Pilot” Mode In Next Three Years

Aadhaar, fingerprint scan enough to open bank account

Axis Bank to be the first to start using Aadhaar for account openings, satisfying the need for KYC. This starts the process of building a verifiable credit file. In addition to the use of Aadhaar Axis will start using the Visa network to validate the biometrics across all 25 branches of Axis. “For the middle-class customers , eKYC is a convenience but for the lower end of society, this will provide access like never before,” said Sridharan.

Aadhaar, fingerprint scan enough to open bank account – The Times of India.

Related articles

• A “game changer for poor people”…?
• Maharashtra to disburse Salary through Aadhaar linked Bank Accounts

Aadhaar recognizes 1,600 more transgender persons

This is an ongoing update of Aadhaar and UID. In that in October of 2011 there had already been over 12,500 issued as transgender to various communities around the India. Life is a daily struggle for transgender and Hijras through out the world but especially in India which makes the foresight of the UID team to include such a classification as even more important. The social stigma associated with their identity is takes a toll on their physical and mental health. For the first time they were being acknowledged along with receiving a statutory identity proof that will help in securing basic needs of life. The delivery of Aadhaar numbers started to be a realization for this community in Guntur city.

They are often spurned by the officials concerned/staff who simply say that Aadhaar cards cannot be issued to them on technical grounds in spite of their fulfilling eligibility criteria. Then the usual insults are heaped on them. Sometimes their applications are taken but to no avail, all because of the familiar societal mindset of looking down upon them. Not willing to bear this disdainful treatment anymore, some 30 members of the transgender community in living in Guntur city (KVP Colony, Gujjanagundla and other localities) approached the District Legal Services Authority (DLSA) Secretary M.V. Ramana Kumari and Superintendent of Police (urban) A. Ravi Krishna, who got them successfully enrolled into the UIDAI database. Ms. Ramana Kumari made the transgender people to submit a petition to Collector S. Suresh Kumar, which set the ball rolling. Mr. Ravi Krishna spoke to the officials concerned of Revenue Department and got the address of a single house in KVP Colony in which the nearly 30 transgenders are staying, submitted as proof of their residence.

In a first, Aadhar recognises 1,600 transgender persons – Hindustan Times.

Related articles

• Haryana fixes October 31 deadline for Aadhaar cards
• Bombay High Court :- A Birth Certificate, Passport Or Even An Aadhaar Card May Not Be Enough To Prove That You Are An Indian Citizen
• Govt agencies can make Aadhaar mandatory in future, says Nilekani

South Australia achieves 19.2% rooftop solar penetration

The rapid rise of solar PV rooftops in Australia has stunned even some of the most optimistic renewable energy enthusiasts, and the most recent snapshot of the state of the solar power sector shows this momentum isn’t slowing. Spark Infrastructure, one of the largest critical infrastructure investment groups in Australia, recently released a webcast that provides half-year results for growth in several areas. One of the most exciting parts of the presentation was the increase in solar PV adoption in South Australia.

Currently, one in five households in the state receive power from solar rooftop installations. That equates to a residential solar penetration rate of 19.2 per cent. This is up from the penetration rate of 17.2 per cent in the same period of 2012. Solar PV adoption is still on the rise in Victoria, too, though not at the breakneck pace that has been seen in South Australia. Spark’s report showed solar rooftop penetration has risen to 10.4 per cent, compared to a rate of 8 per cent last year. This reading only covers those who receive their electricity from utility Powercor – a a customer base of about 774,000 people. Residents in electric utility CitiPower‘s jurisdiction haven’t shown the same response, with penetration sitting at 2.3 percent. However, considering last year’s rate was 1.8 per cent, growth is certainly possible in this area for the full year.

http://reneweconomy.com.au/2013/rooftop-solar-penetration-rises-to-19-2-in-south-australia-15484

Related articles

• South Australia To Reach 50% Renewables Within A Decade
• Rooftop solar penetration rises to 19.2% in South Australia

Iris scans gets a thumbs up from US Gov NIST; Welcome to the party 10 years late.

A new report by biometric researchers at the National Institute of Standards and Technology (NIST) uses data from thousands of frequent travelers enrolled in an iris recognition program to determine that no consistent change occurs in the distinguishing texture of their irises for at least a decade. These findings inform identity program administrators on how often iris images need to be recaptured to maintain accuracy. For decades, researchers seeking biometric identifiers other than fingerprints believed that irises were a strong biometric because their one-of-a-kind texture meets the stability and uniqueness requirements for biometrics. However, recent research has questioned that belief. A study of 217 subjects over a three-year period found that the recognition of the subjects’ irises became increasingly difficult, consistent with an aging effect.

I would like to point out to NIST all they would have to do is look at the data collected by India‘s UID program to see the stability of iris over a longer period. The pilot projects that we did looked at the stability of various biometrics in many different groups to see which were the most stable and reliable. What we determined is that while iris is good it really needs to be fuzed with another biometric to be used in a multi-use application. Multimodal biometrics are required for a lifetime of identity management.

http://singularityhub.com/2013/08/23/already-in-use-in-canada-and-india-iris-scans-get-thumbs-up-in-u-s-government-study/

Related articles

• NIST study advances use of iris images as a long-term form of identification
• Study advances use of iris images as long-term form of ID