ceced - Slashdot User

Comment Re:Finally some IoT cyber security regulations! (Score 1) 66

by ceced on Friday March 19, 2021 @10:45AM (#61175890) Attached to: The US Government Finally Gets Serious About IoT Security

Interesting, thanks. If I had one minor niggle (and yes, I know I can download the table ;-)) it's that the row headings aren't fixed, i.e. they scroll with the table, hence vanish when viewing countries in later columns.

Yep it's how GitHub converts Markdown tables. Very annoying with the horizontal scrolling too.
There's a PNG available and if you have time in hand, you can download the script to generate your own HTML file and augment it.

I will try to fix that and make the HTML available directly on GitHub.

Comment Finally some IoT cyber security regulations! (Score 2) 66

by ceced on Friday March 19, 2021 @07:20AM (#61175274) Attached to: The US Government Finally Gets Serious About IoT Security

Working in this domain since 2014, this is a step in the right direction! The best thing is that this bill targets all IoT systems, and not only consumer IoT.

However, it takes a very customer-centric approach, expecting that IoT manufacturers will follow NIST standards to get access to a huge pile of customers.
The NIST standards are quite good (NIST IR 8228, 8259 and its annexes): they use recognized principles for IoT security: a risk-based approach, secure-by-design principles, a baseline completed by sectorial requirements. But they are difficult to apprehend and I doubt a lot will change since many manufacturers don't sell in the US or only to individual consumers.

Other regulations follow a different approach: they target IoT manufacturers by making security requirements a condition to market access. These regulations usually have presecriptive requirements (no default password and secure update) or mandate the implementation of a standard (usually ETSI EN 303 645, a good complement to NIST standards). This is what Brazil, the UK, California and Oregon are doing.

Another trend comes from labels and certifications to inform customers on what they buy. Most approaches are based on ETSI EN 303 645 (again), probably to avoid seeing "yet another standard". This can be mandatory (UK) or voluntary (EU, Finland, Singapore, Australia).

In conclusion, IoT cyber security regulations are now a reality. I've always been in favor of self-regulation but it doesn't work. Just look at Verkada last week, they had a superadmin password giving access to all their customers' CCTV feeds. Let's hope things change for real this time.

If you are interested by this topic, I published a panorama of IoT cyber security regulations on GitHub: https://github.com/cetome/pano....

A Custom Objectionable Word List Ate My Homework 386

Posted by timothy on Sunday August 28, 2011 @07:31AM from the george-carlin-would-need-a-longer-list dept.

theodp writes "Among the first three schools using Chromebooks for Education is the Merton Community School District, which decided to go Chromebook after the Wisconsin Dept. of Public Instruction (WDPI) issued a news release (created using PDFMaker for Word) announcing that all Wisconsin schools can have access to Google Apps for Education by simply downloading a Google Consent Form (Microsoft Word format, oddly) from the WDPI website, completing & signing it, and submitting it to Google. And to help get the schools going, a separate Wisconsin Google Apps for Education website aims to jumpstart things with weekly webinars, the first of which — Getting started with the Google Apps for Education Control Panel — shows school officials how they can sandbox 'Naughty Students' and filter objectionable content. While Google illustrates how a list of 'custom objectionable words' can be used to flag and/or block students' e-mail with some cute examples — different spellings of 'booger' and a regex to block variants like 'b00g3r' — things get considerably nastier in the real world, as this NSFW custom objectionable word list used by the North Canton City Schools shows."

Comment Re:Funny/interesting addresses (Score 1) 243

by ceced on Wednesday June 08, 2011 @09:22AM (#36374624) Attached to: World IPv6 Day: Most-watched Tech Event Since Y2K

Actually it has "Facebook" (face:b00c), Cisco has "Cisco Dog Food" (c:15c0:d06:f00d), lunk.net.uk has "Boobies" (b00b:1e5) and BBC has "bbc" :)

MIT Finds 'Grand Unified Theory of AI' 301

Posted by CmdrTaco on Wednesday March 31, 2010 @10:57AM from the no-excuse-for-haley-joel-osment dept.

aftab14 writes "'What's brilliant about this (approach) is that it allows you to build a cognitive model in a much more straightforward and transparent way than you could do before,' says Nick Chater, a professor of cognitive and decision sciences at University College London. 'You can imagine all the things that a human knows, and trying to list those would just be an endless task, and it might even be an infinite task. But the magic trick is saying, "No, no, just tell me a few things," and then the brain — or in this case the Church system, hopefully somewhat analogous to the way the mind does it — can churn out, using its probabilistic calculation, all the consequences and inferences. And also, when you give the system new information, it can figure out the consequences of that.'"

Man Threatened Spam Attack In $200,000 Extortion Plot 77

Posted by samzenpus on Wednesday March 10, 2010 @02:17PM from the can't-believe-this-didn't-work dept.

52-year-old Anthony Digati was arrested for trying to extort $200,000 from an insurance firm by threatening to spam them with six million emails unless they paid up. Digati said he would use a spam service and his amazing talents as a "huge social networker" to drag the company "through the muddiest waters imaginable" and presumably unfriend everyone. He added that the price would increase to $3 million if they failed to pay up by Monday, according to federal authorities.

Hippies Say WiFi Network Is Harming Their Chakras 432

Posted by samzenpus on Thursday January 08, 2009 @12:58AM from the what's-with-all-the-negative-waves dept.

Anti-Globalism writes "A group of hippies is complaining that a recently installed WiFi mesh network in the UK village of Glastonbury is causing health problems. To combat the signals from the Wi-Fi hotspots, the hippies have placed orgone generators around the antennae." Although there have been many studies that show no correlation between WiFi and health issues the hippies say, "Yeah, well, you know, that's just, like, your opinion, man."

Hacker Admits To Scientology DDoS Attack 275

Posted by Soulskill on Saturday October 18, 2008 @10:19AM from the may-xenu-protect-you dept.

lbwbl writes with news that a New Jersey man will plead guilty to one felony count of 'unauthorized impairment of a protected computer' for his distributed denial of service attacks on Scientology websites as part of 'Anonymous' earlier this year. From Wired: "He faces a likely sentence of 12 to 18 months in prison based on stipulations in his plea agreement, which also obliges him to pay $37,500 in restitution. ... Friday's case, in US District Court in Los Angeles, marks the first prosecution of an Anonymous member for a series of attacks against the Church of Scientology that began in mid-January. The secretive religious group strayed into Anonymous' sights after trying to suppress the publication of a creepy Tom Cruise video produced for Scientology members."

ICANN Meeting Puts Off XXX Domain Again 157

Posted by Zonk on Thursday March 30, 2006 @04:39PM from the porn-still-easy-to-find dept.

An anonymous reader wrote to mention an International Herald story about a recent ICANN meeting on the proposed .XXX domain. Australia, the U.S., and the EU have moved to block the idea, with most commentators surmising this will prevent the concept from ever moving forward. From the article: "Some people maintain that a triple-x domain name, and the ability to enforce rules to qualify for it, would rein in an out-of-control Internet phenomenon. In registering, a company could have to abide by ratings agency standards, require proof of age for entrants, maybe even pay for Internet filtering research. The company pushing the idea, ICM Registry, also argues that dot-xxx would be good for customers of pornography sites, assuring them of certain business benchmarks, like being free of adware or computer viruses."

US Plans Lunar Motel 355

Posted by ScuttleMonkey on Sunday March 26, 2006 @01:24PM from the vacation-destinations dept.

OffTheLip writes "The US is planning to build a permanent lunar base which will support future visits to Mars. The living conditions on the moon presents a variety of challenges from medical to construction. Contingency planning would be critical but some feel the challenges presented on the moon will be less than Mars. The moon is closer to Earth, the atmosphere is less harsh and, unlike Mars, water does not exist. Is this the start of the next space race?"

Comment just a note... (Score 1) 425

by ceced on Saturday July 05, 2003 @06:58PM (#6374276) Attached to: Sports Technology?

it's the 100th year of tour de france not 90th

Slashdot Top Deals