61
Software Engineering / Re: Emerging technologies for an emerging economy
« on: April 02, 2018, 02:58:35 PM »
Thanks sir for sharing this information.
News:
Daffodil International University Forum contains information about Open Text material, which is only intended for the significant learning purposes of the university students, faculty, other members, and the knowledge seekers of the entire world and is hoped that the offerings will aide in the distribution of reliable information and data relating to the many areas of knowledge.
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
62
Software Engineering / Re: These 15 unsung women in tech changed the world
« on: April 02, 2018, 02:56:56 PM »
Thanks mam for sharing this information.
63
History & Latest Cyber crime / Russian Hacker Who Allegedly Hacked LinkedIn and Dropbox Extradited to US
« on: April 01, 2018, 10:23:01 AM »
A Russian man accused of hacking LinkedIn, Dropbox, and Formspring in 2012 and possibly compromising personal details of over 100 million users, has pleaded not guilty in a U.S. federal court after being extradited from the Czech Republic.
Yevgeniy Aleksandrovich Nikulin, 30, of Moscow was arrested in Prague on October 5, 2016, by Interpol agents working in collaboration with the FBI, but he was recently extradited to the United States from the Czech Republic on Thursday for his first appearance in federal court.
Nikulin's arrest started an extradition battle between the United States and Russia, where he faces significantly lesser criminal charges of stealing $3,450 via Webmoney in 2009. But the Czech Republic ruled in favor of the United States.
In the U.S., Nikulin is facing:
3 counts of computer intrusion
2 counts of intentional transmission of information, code, or command causing damage to a protected computer
2 counts of aggravated identity theft
1 count of trafficking in unauthorized access devices
1 count of conspiracy
According to the maximum penalties for each count, Nikulin faces a maximum of 32 years in prison and a massive fine of more than $1 Million.
The U.S. Justice Department accused Nikulin of allegedly hacking into computers belonging to three American social media firms, including LinkedIn, the online cloud storage platform Dropbox and now-defunct social-networking firm Formspring.
Nikulin reportedly gained access to LinkedIn's network between March 3 and March 4, 2012, Dropbox between May 14 and July 25, 2012, and Formspring between June 13 and June 29, 2012.
The hacker allegedly stole accounts of more than 117 Million LinkedIn users and more than 68 Million Dropbox users. Authorities also say that after stealing data from the three companies, Nikulin worked with unnamed co-conspirators to sell the stolen data.
Besides hacking into the three social media firms, the Justice Department also accused Nikulin of allegedly gaining access to credentials belonging to LinkedIn and Formspring employees, which helped him carry out the computer hacks.
Nikulin appeared in Federal District Court in San Francisco on Friday and pleaded not guilty to the charges against him, the New York times reported.
"This is deeply troubling behavior once again emanating from Russia," said Attorney General Jeff Sessions in a statement. "We will not tolerate criminal cyber-attacks and will make it a priority to investigate and prosecute these crimes, regardless of the country where they originate."
Judge Jacqueline Scott Corley scheduled Nikulin's next court appearance for status on April 2, 2018, and scheduled a detention hearing for April 4, 2018.
Yevgeniy Aleksandrovich Nikulin, 30, of Moscow was arrested in Prague on October 5, 2016, by Interpol agents working in collaboration with the FBI, but he was recently extradited to the United States from the Czech Republic on Thursday for his first appearance in federal court.
Nikulin's arrest started an extradition battle between the United States and Russia, where he faces significantly lesser criminal charges of stealing $3,450 via Webmoney in 2009. But the Czech Republic ruled in favor of the United States.
In the U.S., Nikulin is facing:
3 counts of computer intrusion
2 counts of intentional transmission of information, code, or command causing damage to a protected computer
2 counts of aggravated identity theft
1 count of trafficking in unauthorized access devices
1 count of conspiracy
According to the maximum penalties for each count, Nikulin faces a maximum of 32 years in prison and a massive fine of more than $1 Million.
The U.S. Justice Department accused Nikulin of allegedly hacking into computers belonging to three American social media firms, including LinkedIn, the online cloud storage platform Dropbox and now-defunct social-networking firm Formspring.
Nikulin reportedly gained access to LinkedIn's network between March 3 and March 4, 2012, Dropbox between May 14 and July 25, 2012, and Formspring between June 13 and June 29, 2012.
The hacker allegedly stole accounts of more than 117 Million LinkedIn users and more than 68 Million Dropbox users. Authorities also say that after stealing data from the three companies, Nikulin worked with unnamed co-conspirators to sell the stolen data.
Besides hacking into the three social media firms, the Justice Department also accused Nikulin of allegedly gaining access to credentials belonging to LinkedIn and Formspring employees, which helped him carry out the computer hacks.
Nikulin appeared in Federal District Court in San Francisco on Friday and pleaded not guilty to the charges against him, the New York times reported.
"This is deeply troubling behavior once again emanating from Russia," said Attorney General Jeff Sessions in a statement. "We will not tolerate criminal cyber-attacks and will make it a priority to investigate and prosecute these crimes, regardless of the country where they originate."
Judge Jacqueline Scott Corley scheduled Nikulin's next court appearance for status on April 2, 2018, and scheduled a detention hearing for April 4, 2018.
64
History & Latest Cyber crime / SamSam ransomware attacks have earned nearly $850,000
« on: April 01, 2018, 10:21:37 AM »
First emerging in late 2015, the group believed to be responsible for the SamSam ransomware family has targeted small and large businesses, healthcare, governments and education.
Over time, the ransom prices set by this group have changed some, but they've remained consistent when it comes to general affordability, which is why many victims have paid. To date, the group has made nearly $850,000 USD.
[ Read our blue team's guide for ransomware prevention, protection and recovery. | Get the latest from CSO by signing up for our newsletters. ]
This somewhat shocking figure is based on current value of Bitcoin (BTC), which was $8,620.22 at the time this story was written. However, because the market is constantly changing, the actual value of the ransoms paid will go up or down, as the final value is determined on the rate at cash-out.
Also, this figure is based on the previously known SamSam wallet (used during the Allscripts attack in January) and the wallet used in their most recent attack against the City of Atlanta.
Still, the fact the group behind SamSam has collected any ransom at all, let alone 98.5 BTC, tells an interesting story about the balance between security and business.
When victims of ransomware pay the ransom, most people assume it's because they didn't have proper backups, or the backups themselves were either outdated or corrupt. You'll see pundits mention this in the media or on stage at security conferences year-round.
Thing is, what most pundits aren't talking about – a dirty secret for some in the security industry – is that sometimes it's cheaper and quicker to pay during a ransomware attack.
Over time, the ransom prices set by this group have changed some, but they've remained consistent when it comes to general affordability, which is why many victims have paid. To date, the group has made nearly $850,000 USD.
[ Read our blue team's guide for ransomware prevention, protection and recovery. | Get the latest from CSO by signing up for our newsletters. ]
This somewhat shocking figure is based on current value of Bitcoin (BTC), which was $8,620.22 at the time this story was written. However, because the market is constantly changing, the actual value of the ransoms paid will go up or down, as the final value is determined on the rate at cash-out.
Also, this figure is based on the previously known SamSam wallet (used during the Allscripts attack in January) and the wallet used in their most recent attack against the City of Atlanta.
Still, the fact the group behind SamSam has collected any ransom at all, let alone 98.5 BTC, tells an interesting story about the balance between security and business.
When victims of ransomware pay the ransom, most people assume it's because they didn't have proper backups, or the backups themselves were either outdated or corrupt. You'll see pundits mention this in the media or on stage at security conferences year-round.
Thing is, what most pundits aren't talking about – a dirty secret for some in the security industry – is that sometimes it's cheaper and quicker to pay during a ransomware attack.
65
ACADEMIC PROGRAMS AT DIU / Principles for C programming
« on: March 31, 2018, 01:34:20 PM »
In the words of Doug Gwyn, “Unix was not designed to stop you from doing stupid things, because that would also stop you from doing clever things”. C is a very powerful tool, but it is to be used with care and discipline. Learning this discipline is well worth the effort, because C is one of the best programming languages ever made. A disciplined C programmer will…
Prefer maintainability. Do not be clever where cleverness is not required. Instead, seek out the simplest and most understandable solution that meets the requirements. Most concerns, including performance, are secondary to maintainability. You should have a performance budget for your code, and you should be comfortable spending it.
As you become more proficient with the language and learn about more features you can take advantage of, you should also be learning when not to use them. It’s more important that a novice could understand your code than it is to use some interesting way of solving the problem. Ideally, a novice will understand your code and learn something from it. Write code as if the person maintaining it was you, circa last year.
Avoid magic. Do not use macros1. Do not use a typedef to hide a pointer or avoid writing “struct”. Avoid writing complex abstractions. Keep your build system simple and transparent. Don’t use stupid hacky crap just because it’s a cool way of solving the problem. The underlying behavior of your code should be apparent even without context.
One of C’s greatest advantages is its transparency and simplicity. This should be embraced, not subverted. But in the fine C tradition of giving yourself enough rope to hang yourself with, you can use it for magical purposes. You must not do this. Be a muggle.
Recognize and avoid dangerous patterns. Do not use fixed size buffers with variable sized data - always calculate how much space you’ll need and allocate it. Read the man pages for functions you use and handle their failure modes. Immediately convert unsafe user input into sanitized C structures. If you later have to present this data to the user, keep it in C structures until the last possible moment. Learn of and use extra care around sensitive functions like strcat.
Writing C is sometimes like handling a gun. Guns are important tools, but accidents with them can be very bad. You treat guns with care: you don’t point them at anything you love, you exercise good trigger discipline, and you treat it like it’s always loaded. And like guns are useful for making holes in things, C is useful for writing kernels with.
Take care organizing the code. Never put code into a header. Never use the inline keyword. Put separate concerns in separate files. Use static functions liberally to organize your logic. Use a coding style that gives everything enough breathing room to be easy on the eyes. Use single letter variable names when their purpose is self-evident and descriptive names when it’s not, and avoid neither.
I like to organize my code into directories that implement some group of functions, and give each function its own file. This file will often contain lots of static functions, but they all serve to organize the behavior this file is responsible for implementing. Write up a header to give others access to this module. And use the Linux kernel coding style, god dammit.
Use only standard features. Do not assume the platform is Linux. Do not assume the compiler is gcc. Do not assume the libc is glibc. Do not assume the architecture is x86. Do not assume the coreutils are GNU. Do not define _GNU_SOURCE.
If you must use platform-specific features, describe an interface for it, then write platform-specific support code separately. Under no circumstances should you ever use gcc extensions or glibc extensions. GNU is a blight on this Earth, do not let it infect your code.
Use a disciplined workflow. Have a disciplined approach to version control, too. Write thoughtful commit messages - briefly explain the change in the first line, and add justification for it in the extended commit message. Work in feature branches with clearly defined goals, and do not include changes that don’t serve that goal. Do not be afraid to rebase and edit your branch’s history so that it presents your changes clearly.
When you have to return to your code later, you will be thankful for the detailed commit message you wrote. Others who interact with your code will be thankful for this as well. When you see some stupid code, it’s nice to know what the bastard was thinking at the time, especially when the bastard in question was you.
Do strict testing and reviews. Identify the different possible code paths that your changes may take. Test each of them for the correct behavior. Give it incorrect input. Give it inputs that could “never happen”. Pay special attention to error-prone patterns. Look for places to simplify the code and make the processes clearer.
Next, give your changes to another human to review. This human should apply the same process and sign off on your changes. Review with discipline as well, taking all of the same steps. Review like it’ll be your ass on the line if there’s a problem with this code.
Learn from mistakes. First, fix the bug. Then, fix the real bug: your process allowed this mistake to happen. Bring your code reviewer into the discussion - this is their fault, too. Critically examine the process of writing, reviewing, and deploying this code, and seek out the root cause.
The solution might be simple, like adding strcat to the list of functions that should trigger your “review this code carefully” reflex. It might be employing static analysis so a computer can detect this problem for you. Perhaps the code needs to be refactored so it’s simpler and easier to spot errors in. Failing to reflect on how to avoid future -ups would be the real -up here.
Prefer maintainability. Do not be clever where cleverness is not required. Instead, seek out the simplest and most understandable solution that meets the requirements. Most concerns, including performance, are secondary to maintainability. You should have a performance budget for your code, and you should be comfortable spending it.
As you become more proficient with the language and learn about more features you can take advantage of, you should also be learning when not to use them. It’s more important that a novice could understand your code than it is to use some interesting way of solving the problem. Ideally, a novice will understand your code and learn something from it. Write code as if the person maintaining it was you, circa last year.
Avoid magic. Do not use macros1. Do not use a typedef to hide a pointer or avoid writing “struct”. Avoid writing complex abstractions. Keep your build system simple and transparent. Don’t use stupid hacky crap just because it’s a cool way of solving the problem. The underlying behavior of your code should be apparent even without context.
One of C’s greatest advantages is its transparency and simplicity. This should be embraced, not subverted. But in the fine C tradition of giving yourself enough rope to hang yourself with, you can use it for magical purposes. You must not do this. Be a muggle.
Recognize and avoid dangerous patterns. Do not use fixed size buffers with variable sized data - always calculate how much space you’ll need and allocate it. Read the man pages for functions you use and handle their failure modes. Immediately convert unsafe user input into sanitized C structures. If you later have to present this data to the user, keep it in C structures until the last possible moment. Learn of and use extra care around sensitive functions like strcat.
Writing C is sometimes like handling a gun. Guns are important tools, but accidents with them can be very bad. You treat guns with care: you don’t point them at anything you love, you exercise good trigger discipline, and you treat it like it’s always loaded. And like guns are useful for making holes in things, C is useful for writing kernels with.
Take care organizing the code. Never put code into a header. Never use the inline keyword. Put separate concerns in separate files. Use static functions liberally to organize your logic. Use a coding style that gives everything enough breathing room to be easy on the eyes. Use single letter variable names when their purpose is self-evident and descriptive names when it’s not, and avoid neither.
I like to organize my code into directories that implement some group of functions, and give each function its own file. This file will often contain lots of static functions, but they all serve to organize the behavior this file is responsible for implementing. Write up a header to give others access to this module. And use the Linux kernel coding style, god dammit.
Use only standard features. Do not assume the platform is Linux. Do not assume the compiler is gcc. Do not assume the libc is glibc. Do not assume the architecture is x86. Do not assume the coreutils are GNU. Do not define _GNU_SOURCE.
If you must use platform-specific features, describe an interface for it, then write platform-specific support code separately. Under no circumstances should you ever use gcc extensions or glibc extensions. GNU is a blight on this Earth, do not let it infect your code.
Use a disciplined workflow. Have a disciplined approach to version control, too. Write thoughtful commit messages - briefly explain the change in the first line, and add justification for it in the extended commit message. Work in feature branches with clearly defined goals, and do not include changes that don’t serve that goal. Do not be afraid to rebase and edit your branch’s history so that it presents your changes clearly.
When you have to return to your code later, you will be thankful for the detailed commit message you wrote. Others who interact with your code will be thankful for this as well. When you see some stupid code, it’s nice to know what the bastard was thinking at the time, especially when the bastard in question was you.
Do strict testing and reviews. Identify the different possible code paths that your changes may take. Test each of them for the correct behavior. Give it incorrect input. Give it inputs that could “never happen”. Pay special attention to error-prone patterns. Look for places to simplify the code and make the processes clearer.
Next, give your changes to another human to review. This human should apply the same process and sign off on your changes. Review with discipline as well, taking all of the same steps. Review like it’ll be your ass on the line if there’s a problem with this code.
Learn from mistakes. First, fix the bug. Then, fix the real bug: your process allowed this mistake to happen. Bring your code reviewer into the discussion - this is their fault, too. Critically examine the process of writing, reviewing, and deploying this code, and seek out the root cause.
The solution might be simple, like adding strcat to the list of functions that should trigger your “review this code carefully” reflex. It might be employing static analysis so a computer can detect this problem for you. Perhaps the code needs to be refactored so it’s simpler and easier to spot errors in. Failing to reflect on how to avoid future -ups would be the real -up here.
66
Conference/Seminar / IEEE International Conference on Robotics, Electrical and Signal Processing Tech
« on: March 28, 2018, 04:04:05 PM »
IEEE International Conference on Robotics, Electrical and Signal Processing Techniques 2018 hosted by American International University- Bangladesh
Call for Paper
Faculty of Engineering, American International University- Bangladesh (AIUB) is going to organize an International Conference on Robotics, Electrical and Signal Processing Techniques (ICREST) for the 1st time in Bangladesh. AIUB is one of the leading private universities committed to excellence in Science, Engineering, Business, Arts and Social Science education, research, community works and outreach programs. Hence ICREST 2018 is looking for innovative research and ideas on the emerging developments in Computer, Electrical and Electronics, Quantum Computing, Big Data Cloud Computing, Machine and Deep Learning, Artificial Intelligence, Internet of Things (IoT) and Robotic Technologies. Academic and industrial leaders are expected to interact with young researchers to identify the future penstock. This platform may be a unique opportunity to develop future direction for Science and Engineering professionals.
Scope
Topics included but not limited to:
Bioengineering communication
Circuit devices & systems
Computing & processing (hardware/software)
Engineering profession
Electromagnetics
Photonics & electro-optics
Power energy
Industry applications--robotics & control systems
Signal processing & analysis
Important Dates
Submission of Papers: 30th June, 2018
Acceptance of Papers: 30th August, 2018
Submission of Camera Ready: 15th September, 2018
Early Bird Registration: 15th September, 2018 – 15th October , 2018
Registration Ends: 30th November, 2018
Exhibition Submission: 15th September, 2018
Conference Date:22-24th December 2018
LInk:http://icrest.aiub.edu/
Call for Paper
Faculty of Engineering, American International University- Bangladesh (AIUB) is going to organize an International Conference on Robotics, Electrical and Signal Processing Techniques (ICREST) for the 1st time in Bangladesh. AIUB is one of the leading private universities committed to excellence in Science, Engineering, Business, Arts and Social Science education, research, community works and outreach programs. Hence ICREST 2018 is looking for innovative research and ideas on the emerging developments in Computer, Electrical and Electronics, Quantum Computing, Big Data Cloud Computing, Machine and Deep Learning, Artificial Intelligence, Internet of Things (IoT) and Robotic Technologies. Academic and industrial leaders are expected to interact with young researchers to identify the future penstock. This platform may be a unique opportunity to develop future direction for Science and Engineering professionals.
Scope
Topics included but not limited to:
Bioengineering communication
Circuit devices & systems
Computing & processing (hardware/software)
Engineering profession
Electromagnetics
Photonics & electro-optics
Power energy
Industry applications--robotics & control systems
Signal processing & analysis
Important Dates
Submission of Papers: 30th June, 2018
Acceptance of Papers: 30th August, 2018
Submission of Camera Ready: 15th September, 2018
Early Bird Registration: 15th September, 2018 – 15th October , 2018
Registration Ends: 30th November, 2018
Exhibition Submission: 15th September, 2018
Conference Date:22-24th December 2018
LInk:http://icrest.aiub.edu/
67
Conference/Seminar / IEEE International Conference on Innovations in Science, Engineering and Technol
« on: March 28, 2018, 04:03:05 PM »
IEEE International Conference on Innovations in Science, Engineering and Technology 2018 hosted by International Islamic University Chittagong
Call for Paper
International Conference on Innovations in Science, Engineering and Technology 2018 (ICISET 2018) is a multidisciplinary international conference organized by the Faculty of Science and Engineering (FSE) of International Islamic University Chittagong (IIUC) in association with the Center for Research and Publication (CRP) of the university. This is the second time ICISET is going to take place where the first round of this immensely successful conference was held in 2016. The objective of ICISET 2018 is to create a unique opportunity for the scientists, engineers, professionals, researchers and students to present their latest research findings and experiences in the areas of Computer Engineering, Electrical Engineering, Electronics, Telecommunication Engineering, Pharmacy and other relevant areas of Science, Engineering and Technology.
Scope
Algorithms & Information Systems
Artificial Intelligence, Machine Learning & Expert System
Computer Vision, Robotics & Human-Computer Interaction
Computer Graphics & Multimedia Systems
Signal, Image, Audio & Video Processing
Distributed, Mobile & Cloud Computing
Database, Data Mining & Big Data
Engineering Ethics, E-Commerce and E-Governance
Internet of Things
System Security
Power Systems, Electrical Drives and Control Systems
Mobile & wireless communication
RF & Microwave Engineering
Antenna Propagation
Optical & under water communication
Concept of 5G & Advanced Communication Technology
Electronic Devices and Embedded System
VLSI Design, Fabrication & Computer Architecture
Materials Science
Renewable Engineering
Instrumentation and Sensors
Nanotechnology and NEMS
Photonic Devices
Herbal Medicine
Pharmacology
Pharmaceutical Microbiology & Immunology
Bioinformatics, Biotechnology & Molecular Biology
Pharmaceutics
Pharmaceutical Technology & Nanotechnology
Important Dates
Paper submission deadline: June 25, 2018
Notification of acceptance: August 27, 2018
Camera-ready due: September 10, 2018
Last date of registration: September 24, 2018
Conference Dates: October 26-27,2018
Venue: Faculty of Science and Engineering (FSE) of International Islamic University Chittagong
Link: http://iciset2018.iiuc.ac.bd/
All accepted and presented papers are expected to be included in IEEE Xplore and will be indexed by EI.
Call for Paper
International Conference on Innovations in Science, Engineering and Technology 2018 (ICISET 2018) is a multidisciplinary international conference organized by the Faculty of Science and Engineering (FSE) of International Islamic University Chittagong (IIUC) in association with the Center for Research and Publication (CRP) of the university. This is the second time ICISET is going to take place where the first round of this immensely successful conference was held in 2016. The objective of ICISET 2018 is to create a unique opportunity for the scientists, engineers, professionals, researchers and students to present their latest research findings and experiences in the areas of Computer Engineering, Electrical Engineering, Electronics, Telecommunication Engineering, Pharmacy and other relevant areas of Science, Engineering and Technology.
Scope
Algorithms & Information Systems
Artificial Intelligence, Machine Learning & Expert System
Computer Vision, Robotics & Human-Computer Interaction
Computer Graphics & Multimedia Systems
Signal, Image, Audio & Video Processing
Distributed, Mobile & Cloud Computing
Database, Data Mining & Big Data
Engineering Ethics, E-Commerce and E-Governance
Internet of Things
System Security
Power Systems, Electrical Drives and Control Systems
Mobile & wireless communication
RF & Microwave Engineering
Antenna Propagation
Optical & under water communication
Concept of 5G & Advanced Communication Technology
Electronic Devices and Embedded System
VLSI Design, Fabrication & Computer Architecture
Materials Science
Renewable Engineering
Instrumentation and Sensors
Nanotechnology and NEMS
Photonic Devices
Herbal Medicine
Pharmacology
Pharmaceutical Microbiology & Immunology
Bioinformatics, Biotechnology & Molecular Biology
Pharmaceutics
Pharmaceutical Technology & Nanotechnology
Important Dates
Paper submission deadline: June 25, 2018
Notification of acceptance: August 27, 2018
Camera-ready due: September 10, 2018
Last date of registration: September 24, 2018
Conference Dates: October 26-27,2018
Venue: Faculty of Science and Engineering (FSE) of International Islamic University Chittagong
Link: http://iciset2018.iiuc.ac.bd/
All accepted and presented papers are expected to be included in IEEE Xplore and will be indexed by EI.
68
Internet Risk / Facebook scraped call, text message data for years from Android phones
« on: March 25, 2018, 10:35:56 AM »
This past week, a New Zealand man was looking through the data Facebook had collected from him in an archive he had pulled down from the social networking site. While scanning the information Facebook had stored about his contacts, Dylan McKay discovered something distressing: Facebook also had about two years worth of phone call metadata from his Android phone, including names, phone numbers, and the length of each call made or received.
This experience has been shared by a number of other Facebook users who spoke with Ars, as well as independently by us—my own Facebook data archive, I found, contained call-log data for a certain Android device I used in 2015 and 2016, along with SMS and MMS message metadata.
In response to an email inquiry about this data gathering by Ars, a Facebook spokesperson replied, "The most important part of apps and services that help you make connections is to make it easy to find the people you want to connect with. So, the first time you sign in on your phone to a messaging or social app, it's a widely used practice to begin by uploading your phone contacts."
The spokesperson pointed out that contact uploading is optional and installation of the application explicitly requests permission to access contacts. And users can delete contact data from their profiles using a tool accessible via Web browser.
Further Reading
Facebook’s Cambridge Analytica scandal, explained [Updated]
Facebook uses phone-contact data as part of its friend recommendation algorithm. And in recent versions of the Messenger application for Android and Facebook Lite devices, a more explicit request is made to users for access to call logs and SMS logs on Android and Facebook Lite devices. But even if users didn't give that permission to Messenger, they may have given it inadvertently for years through Facebook's mobile apps—because of the way Android has handled permissions for accessing call logs in the past.
If you granted permission to read contacts during Facebook's installation on Android a few versions ago—specifically before Android 4.1 (Jelly Bean)—that permission also granted Facebook access to call and message logs by default. The permission structure was changed in the Android API in version 16. But Android applications could bypass this change if they were written to earlier versions of the API, so Facebook API could continue to gain access to call and SMS data by specifying an earlier Android SDK version. Google deprecated version 4.0 of the Android API in October 2017—the point at which the latest call metadata in Facebook user's data was found. Apple iOS has never allowed silent access to call data.
Facebook provides a way for users to purge collected contact data from their accounts, but it's not clear if this deletes just contacts or if it also purges call and SMS metadata. After purging my contact data, my contacts and calls were still in the archive I downloaded the next day—though this may be because the archive was still the same cache I had requested on Friday.
As always, if you're really concerned about privacy, you should not share address book and call-log data with any mobile application. And you may want to examine the rest of what can be found in the downloadable Facebook archive, as it includes all the advertisers that Facebook has shared your contact information with, among other things.
This experience has been shared by a number of other Facebook users who spoke with Ars, as well as independently by us—my own Facebook data archive, I found, contained call-log data for a certain Android device I used in 2015 and 2016, along with SMS and MMS message metadata.
In response to an email inquiry about this data gathering by Ars, a Facebook spokesperson replied, "The most important part of apps and services that help you make connections is to make it easy to find the people you want to connect with. So, the first time you sign in on your phone to a messaging or social app, it's a widely used practice to begin by uploading your phone contacts."
The spokesperson pointed out that contact uploading is optional and installation of the application explicitly requests permission to access contacts. And users can delete contact data from their profiles using a tool accessible via Web browser.
Further Reading
Facebook’s Cambridge Analytica scandal, explained [Updated]
Facebook uses phone-contact data as part of its friend recommendation algorithm. And in recent versions of the Messenger application for Android and Facebook Lite devices, a more explicit request is made to users for access to call logs and SMS logs on Android and Facebook Lite devices. But even if users didn't give that permission to Messenger, they may have given it inadvertently for years through Facebook's mobile apps—because of the way Android has handled permissions for accessing call logs in the past.
If you granted permission to read contacts during Facebook's installation on Android a few versions ago—specifically before Android 4.1 (Jelly Bean)—that permission also granted Facebook access to call and message logs by default. The permission structure was changed in the Android API in version 16. But Android applications could bypass this change if they were written to earlier versions of the API, so Facebook API could continue to gain access to call and SMS data by specifying an earlier Android SDK version. Google deprecated version 4.0 of the Android API in October 2017—the point at which the latest call metadata in Facebook user's data was found. Apple iOS has never allowed silent access to call data.
Facebook provides a way for users to purge collected contact data from their accounts, but it's not clear if this deletes just contacts or if it also purges call and SMS metadata. After purging my contact data, my contacts and calls were still in the archive I downloaded the next day—though this may be because the archive was still the same cache I had requested on Friday.
As always, if you're really concerned about privacy, you should not share address book and call-log data with any mobile application. And you may want to examine the rest of what can be found in the downloadable Facebook archive, as it includes all the advertisers that Facebook has shared your contact information with, among other things.
69
Resources and Publications / IEEE International Conference on Robotics, Electrical and Signal Processing Tech
« on: March 25, 2018, 08:32:37 AM »
Call for Paper
Faculty of Engineering, American International University- Bangladesh (AIUB) is going to organize an International Conference on Robotics, Electrical and Signal Processing Techniques (ICREST) for the 1st time in Bangladesh. AIUB is one of the leading private universities committed to excellence in Science, Engineering, Business, Arts and Social Science education, research, community works and outreach programs. Hence ICREST 2018 is looking for innovative research and ideas on the emerging developments in Computer, Electrical and Electronics, Quantum Computing, Big Data Cloud Computing, Machine and Deep Learning, Artificial Intelligence, Internet of Things (IoT) and Robotic Technologies. Academic and industrial leaders are expected to interact with young researchers to identify the future penstock. This platform may be a unique opportunity to develop future direction for Science and Engineering professionals.
Scope
Topics included but not limited to:
Bioengineering communication
Circuit devices & systems
Computing & processing (hardware/software)
Engineering profession
Electromagnetics
Photonics & electro-optics
Power energy
Industry applications--robotics & control systems
Signal processing & analysis
Important Dates
Submission of Papers: 30th June, 2018
Acceptance of Papers: 30th August, 2018
Submission of Camera Ready: 15th September, 2018
Early Bird Registration: 15th September, 2018 – 15th October , 2018
Registration Ends: 30th November, 2018
Exhibition Submission: 15th September, 2018
Conference Date:22-24th December 2018
LInk:http://icrest.aiub.edu/
Faculty of Engineering, American International University- Bangladesh (AIUB) is going to organize an International Conference on Robotics, Electrical and Signal Processing Techniques (ICREST) for the 1st time in Bangladesh. AIUB is one of the leading private universities committed to excellence in Science, Engineering, Business, Arts and Social Science education, research, community works and outreach programs. Hence ICREST 2018 is looking for innovative research and ideas on the emerging developments in Computer, Electrical and Electronics, Quantum Computing, Big Data Cloud Computing, Machine and Deep Learning, Artificial Intelligence, Internet of Things (IoT) and Robotic Technologies. Academic and industrial leaders are expected to interact with young researchers to identify the future penstock. This platform may be a unique opportunity to develop future direction for Science and Engineering professionals.
Scope
Topics included but not limited to:
Bioengineering communication
Circuit devices & systems
Computing & processing (hardware/software)
Engineering profession
Electromagnetics
Photonics & electro-optics
Power energy
Industry applications--robotics & control systems
Signal processing & analysis
Important Dates
Submission of Papers: 30th June, 2018
Acceptance of Papers: 30th August, 2018
Submission of Camera Ready: 15th September, 2018
Early Bird Registration: 15th September, 2018 – 15th October , 2018
Registration Ends: 30th November, 2018
Exhibition Submission: 15th September, 2018
Conference Date:22-24th December 2018
LInk:http://icrest.aiub.edu/
70
Resources and Publications / Scopus indexed journals in subject area: Software
« on: March 25, 2018, 08:30:03 AM »
ACM Journal on Emerging Technologies in Computing Systems
ACM Transactions on Autonomous and Adaptive Systems
ACM Transactions on Mathematical Software
ACM Transactions on Programming Languages and Systems
ACM Transactions on Software Engineering and Methodology
Acta Informatica
Ad Hoc Networks
Ada User Journal
Advanced Robotics
Advances in Engineering Software
Annual Reviews in Control
Applied Soft Computing Journal
Automated Software Engineering
Automatic Control and Computer Sciences
Chemometrics and Intelligent Laboratory Systems
Cluster Computing
CMES - Computer Modeling in Engineering and Sciences
Cognitive Technologies
Computer Animation and Virtual Worlds
Computer Languages, Systems and Structures
Computer Methods and Programs in Biomedicine
Computer Software
Computer Speech and Language
Computer Standards and Interfaces
Computer Vision and Image Understanding
Computing (Vienna/New York)
Computing and Informatics
Computing and Visualization in Science
Concurrency Computation Practice and Experience
Constraints
CrossTalk
Cutter IT Journal
Cybernetics and Systems
Design Automation for Embedded Systems
Distributed and Parallel Databases
ACM Transactions on Autonomous and Adaptive Systems
ACM Transactions on Mathematical Software
ACM Transactions on Programming Languages and Systems
ACM Transactions on Software Engineering and Methodology
Acta Informatica
Ad Hoc Networks
Ada User Journal
Advanced Robotics
Advances in Engineering Software
Annual Reviews in Control
Applied Soft Computing Journal
Automated Software Engineering
Automatic Control and Computer Sciences
Chemometrics and Intelligent Laboratory Systems
Cluster Computing
CMES - Computer Modeling in Engineering and Sciences
Cognitive Technologies
Computer Animation and Virtual Worlds
Computer Languages, Systems and Structures
Computer Methods and Programs in Biomedicine
Computer Software
Computer Speech and Language
Computer Standards and Interfaces
Computer Vision and Image Understanding
Computing (Vienna/New York)
Computing and Informatics
Computing and Visualization in Science
Concurrency Computation Practice and Experience
Constraints
CrossTalk
Cutter IT Journal
Cybernetics and Systems
Design Automation for Embedded Systems
Distributed and Parallel Databases
71
Journalism & Mass Communication / Tech Tent: Facebook's data privacy crisis
« on: March 25, 2018, 08:27:24 AM »
What have we learned this week about the dangers of sharing our lives on Facebook - and can we now take back control?
Stream or download the latest Tech Tent podcast
Listen live every Friday at 15:00 GMT on the BBC World Service
This week's Tech Tent explores how the biggest crisis in the social media company's history has unfolded - and asks what might happen next. Will Facebook really change its ways, or will regulators have to step in and make it be more transparent about how it uses our data?
After all, according to one of our guests Emma Mulqueeny, it and other platforms "utilised the easiest business model they could and closed their eyes and crossed their fingers that it would be too annoying, too complicated or too late by the time people started wanting to take control of their own data".
Some people have now decided to take to the courts to assert their rights over their own data. Among them is a US citizen, Prof David Carroll. He is taking Cambridge Analytica to court in the UK to get access to data he says it holds on him.
The company, which acquired the Facebook profiles of 50 million people from an academic researcher, boasted in the past that it had 4,000-5,000 data points on just about every American citizen.
Prof Carroll tells Tech Tent that this boast inspired him to demand his file but what he received from the company was "alarming but not complete", a model of the political beliefs he probably held and his likelihood to vote.
Convinced that there must be far more data, he went to court to seek it - not in the United States but in the UK where the law is more friendly to this kind of case. With Europe's major new data protection law GDPR arriving in May we can expect more cases to cross the Atlantic.
Source:bbc news
Stream or download the latest Tech Tent podcast
Listen live every Friday at 15:00 GMT on the BBC World Service
This week's Tech Tent explores how the biggest crisis in the social media company's history has unfolded - and asks what might happen next. Will Facebook really change its ways, or will regulators have to step in and make it be more transparent about how it uses our data?
After all, according to one of our guests Emma Mulqueeny, it and other platforms "utilised the easiest business model they could and closed their eyes and crossed their fingers that it would be too annoying, too complicated or too late by the time people started wanting to take control of their own data".
Some people have now decided to take to the courts to assert their rights over their own data. Among them is a US citizen, Prof David Carroll. He is taking Cambridge Analytica to court in the UK to get access to data he says it holds on him.
The company, which acquired the Facebook profiles of 50 million people from an academic researcher, boasted in the past that it had 4,000-5,000 data points on just about every American citizen.
Prof Carroll tells Tech Tent that this boast inspired him to demand his file but what he received from the company was "alarming but not complete", a model of the political beliefs he probably held and his likelihood to vote.
Convinced that there must be far more data, he went to court to seek it - not in the United States but in the UK where the law is more friendly to this kind of case. With Europe's major new data protection law GDPR arriving in May we can expect more cases to cross the Atlantic.
Source:bbc news
72
Journalism & Mass Communication / Sensor firm Velodyne 'baffled' by Uber self-driving death
« on: March 25, 2018, 08:26:37 AM »
The firm that designed the sensors on the Uber self-driving car that killed a woman this week has said its technology was not to blame.
San Jose-based Velodyne told the BBC it was "baffled" by the incident, adding its equipment was capable of seeing in the dark.
Elaine Herzberg, 49, was struck by the car late on Sunday night in Tempe, Arizona. She died in hospital.
The investigation into what caused her death is ongoing.
Video of the incident was published by investigators earlier on Wednesday. It showed Ms Herzberg walking with her bicycle, away from a pedestrian crossing. Neither the car - nor its human driver - reacted.
A spokeswoman for Uber told the BBC it would not comment on Velodyne's view while the inquiry took place.
Source:bbc news
San Jose-based Velodyne told the BBC it was "baffled" by the incident, adding its equipment was capable of seeing in the dark.
Elaine Herzberg, 49, was struck by the car late on Sunday night in Tempe, Arizona. She died in hospital.
The investigation into what caused her death is ongoing.
Video of the incident was published by investigators earlier on Wednesday. It showed Ms Herzberg walking with her bicycle, away from a pedestrian crossing. Neither the car - nor its human driver - reacted.
A spokeswoman for Uber told the BBC it would not comment on Velodyne's view while the inquiry took place.
Source:bbc news
73
History & Latest Cyber crime / Is leaving Facebook the only way to protect your data?
« on: March 21, 2018, 04:02:58 PM »
Allegations that research firm Cambridge Analytica misused the data of 50 million Facebook users have reopened the debate about how information on the social network is shared and with whom.
Data is like oil to Facebook - it is what brings advertisers to the platform, who in turn make it money.
And there is no question that Facebook has the ability to build detailed and sophisticated profiles on users' likes, dislikes, lifestyles and political leanings.
The bigger question becomes - what does it share with others and what can users do to regain control of their information?
Source:bbc news
Data is like oil to Facebook - it is what brings advertisers to the platform, who in turn make it money.
And there is no question that Facebook has the ability to build detailed and sophisticated profiles on users' likes, dislikes, lifestyles and political leanings.
The bigger question becomes - what does it share with others and what can users do to regain control of their information?
Source:bbc news
74
History & Latest Cyber crime / Cambridge Analytica: Facebook boss summoned over data claims
« on: March 21, 2018, 04:00:58 PM »
Facebook boss Mark Zuckerberg has been called on by a parliamentary committee to give evidence about the use of personal data by Cambridge Analytica.
The consulting firm is accused of harvesting the data of 50 million Facebook users without permission and failing to delete it when told to.
Damian Collins, the chairman of the Commons inquiry into fake news, accused Facebook of "misleading" the committee.
London-based firm Cambridge Analytica denies any wrongdoing.
Both companies are under scrutiny following claims by a whistleblower, Christopher Wylie, who worked with Cambridge Analytica and alleges it amassed large amounts of data through a personality quiz on Facebook called This is Your Digital Life.
He claims that 270,000 people took the quiz, but the data of some 50 million users, mainly in the US, was harvested without their explicit consent via their friend networks.
Mr Wylie says that data was sold to Cambridge Analytica, which then used it to psychologically profile people and deliver pro-Trump material to them, with a view to influencing the outcome of the 2016 presidential election.
Cambridge Analytica: The story explained
Facebook data sharing - time to act?
US consumer watchdog 'probes Facebook'
In a letter to Mr Zuckerberg, Mr Collins accused Facebook of giving answers "misleading to the Committee" at a previous hearing which asked whether information had been taken without users' consent.
He said it was "now time to hear from a senior Facebook executive with the sufficient authority to give an accurate account of this catastrophic failure of process".
Requesting a response to the letter by 26 March, the MP added: "Given your commitment at the start of the New Year to "fixing" Facebook, I hope that this representative will be you."
His intervention comes after the UK's Information Commissioner Elizabeth Denham said she would be applying to court for a warrant to search the offices of Cambridge Analytica.
The firm insists it followed the correct procedures in obtaining and using data, but it was suspended from Facebook last week.
President Donald Trump welcomed any investigation into Cambridge Analytica as "Americans' privacy should be protected", according to a deputy press secretary at the White House.
Source:bbc news
The consulting firm is accused of harvesting the data of 50 million Facebook users without permission and failing to delete it when told to.
Damian Collins, the chairman of the Commons inquiry into fake news, accused Facebook of "misleading" the committee.
London-based firm Cambridge Analytica denies any wrongdoing.
Both companies are under scrutiny following claims by a whistleblower, Christopher Wylie, who worked with Cambridge Analytica and alleges it amassed large amounts of data through a personality quiz on Facebook called This is Your Digital Life.
He claims that 270,000 people took the quiz, but the data of some 50 million users, mainly in the US, was harvested without their explicit consent via their friend networks.
Mr Wylie says that data was sold to Cambridge Analytica, which then used it to psychologically profile people and deliver pro-Trump material to them, with a view to influencing the outcome of the 2016 presidential election.
Cambridge Analytica: The story explained
Facebook data sharing - time to act?
US consumer watchdog 'probes Facebook'
In a letter to Mr Zuckerberg, Mr Collins accused Facebook of giving answers "misleading to the Committee" at a previous hearing which asked whether information had been taken without users' consent.
He said it was "now time to hear from a senior Facebook executive with the sufficient authority to give an accurate account of this catastrophic failure of process".
Requesting a response to the letter by 26 March, the MP added: "Given your commitment at the start of the New Year to "fixing" Facebook, I hope that this representative will be you."
His intervention comes after the UK's Information Commissioner Elizabeth Denham said she would be applying to court for a warrant to search the offices of Cambridge Analytica.
The firm insists it followed the correct procedures in obtaining and using data, but it was suspended from Facebook last week.
President Donald Trump welcomed any investigation into Cambridge Analytica as "Americans' privacy should be protected", according to a deputy press secretary at the White House.
Source:bbc news
75
Software Engineering / Re: Multiple Programming Languages or Problem Solving
« on: March 21, 2018, 11:21:07 AM »
THANKS FOR THOSE INFORMATIVE POST.