Monthly Archives: July 2017

Chelsea Manning marvels at the US military’s ‘cowardice’ after Trump announces ban on transgender recruits – The Week Magazine

Posted on by

After Politico published a piece Wednesday night about new White House communications director Anthony Scaramucci still being able to profit from an ownership stake in his investment firm, Scaramucci tweeted that he will contact the FBI about the "leak" of his financial disclosure and he tagged Reince Priebus, President Trump's chief of staff, in his message.

This didn't come as a surprise to The New Yorker's Ryan Lizza, who tweeted a bombshell:

Politico's report was the first one to reveal details from the disclosure form Scaramucci filed with the Office of Government Ethics, which showed that from Jan. 1, 2016, to the end of June, when he joined the Export-Import Bank, Scaramucci earned $4.9 million from his ownership stake in SkyBridge Capital, plus more than $5 million in salary. Scaramucci founded SkyBridge in 2005, and is still listed on its website as the managing director of the investment firm, Politico reports, even though he's been a government employee for more than a month.

RON Transatlantic and HNA Group, a Chinese conglomerate, are in the process of buying the firm, and the sale is being closely watched by federal regulators. A White House adviser told Politico Scaramucci, a major fundraiser for Trump during his campaign, joined the Export-Import Bank in June as a way to get access to Trump while waiting for SkyBridge's very complicated sale to go through. Politico notes that he had security credentials that allowed him to gain access to Trump whenever he wanted, and could go around senior White House staffers, like Priebus.

Just a few hours after the report came out, Scaramucci tweeted his intentions of contacting the FBI and Justice Department, cryptically tagging Priebus, too:

@Reince45 hasn't responded, and perhaps most shocking of all, neither has @realDonaldTrump.

Update: Scaramucci has deleted his tweet mentioning Priebus, and posted a new message, with a screenshot of an Axios report with the headline, "Scaramucci appears to want Priebus investigated by FBI." "Wrong!" Scaramucci wrote. "Tweet was public notice to leakers that all Sr Adm officials are helping to end illegal leaks. @Reince45." Catherine Garcia

Original post:
Chelsea Manning marvels at the US military's 'cowardice' after Trump announces ban on transgender recruits - The Week Magazine

Indian IT firms value scaling encryption, lag in adoption: Study – Economic Times

Posted on by

NEW DELHI: Indian IT firms value scaling of data encryption but lag in adoption of the technology compared to the global average, says a study commissioned by French security technology firm Thales.

"95 per cent of organisations in India valued scalability for encryption solutions, which was much higher than any other country, global average of 29 per cent," the Global Encryption Trend study said.

However, it found that 82 per cent of organisations in India covered in the study embrace some type of encryption strategy while global average is of 86 per cent

The survey is based on responses from more than 5,000 IT security decision makers across multiple industry sectors in the United States, United Kingdom, Germany, France, Australia, Japan, Brazil, the Russian Federation, Mexico, Saudi Arabia and the United Arab Emirates and includes responses from 548 individuals in India.

"This study is part of a global initiative by Thales to educate leaders from the private and public sectors on the privacy and data protection practices companies can follow today," Thales, Country director India, Emmanuel de Roquefeuil said.

The company operates in strategic electronics and IT space with focus on high-end security. It is setting up manufacturing unit in India in partnership with Reliance Defence for making radar and electronic warfare display system for supply to Rafale Jet.

The study found that Indian firms led globally in adoption of cloud technology with 75 per cent of organisations transferring sensitive or confidential information to the cloud - whether encrypted or not - compared to global average of 53 per cent.

The top drivers for encryption in India are to protect against specific, identified threats and customer information.

"This is in contrast to the global data where compliance is, and historically always has been, the top driver for encryption. In India, compliance ranked third on the list at 55 per cent," the study said.

As per the study, 62 per cent of the respondents in India feel hardware security modules (HSMs) will be important in the next 12 months for encryption or key management strategy which is almost in line with global average of 61 per cent.

"This study is a call to action for organisations in India to strengthen their security position with strong data security and encryption plans in order to secure sensitive data and adhere to risk and compliance best practices and regulations," Thales e-Security, director for sales in South Asia, James Cook said.

Most of the Indian IT firms are of the view that top threat to sensitive data is from mistake of employees followed by hackers and temporary contract workers, the study said.

"Top threat to sensitive data continues to be employee mistakes (55 per cent of respondents), followed by hackers (36 per cent) and temporary or contract workers (31 per cent)," the study said.

The rest is here:
Indian IT firms value scaling encryption, lag in adoption: Study - Economic Times

Indian IT firms Embrace Encryption, Lacks Adoption: Study – CXOToday.com

Posted on by

Indian IT companies readily embrace data encryption but is at a back foot in the adoption of technology compared to global average, states a study by French security technology firm Thales.

The report reveals that organizations are increasingly adopting encryption to address compliance requirements and the escalating need to protect sensitive information from both internal and external threats and accidental disclosure.

95 per cent of organizations in India valued scalability for encryption solutions, which was much higher than any other country, global average of 29 per cent,noted the Global Encryption Trend study.

The study found that Indian organizations transfer sensitive or confidential information to the cloud whether encrypted or not at a rate that is the highest of all countries in the survey which is 70 percent while the global average is 53 percent.

the survey is based on responses from more than 5,000 IT security decision makers across multiple industry sectors in the United States, United Kingdom, Germany, France, Australia, Japan, Brazil, the Russian Federation, Mexico, Saudi Arabia and the United Arab Emirates and includes responses from 548 individuals in India.

As organizations embark on their digital transformation and embrace the cloud it is imperative that their most sensitive data remains secure and protected. This study is part of a global initiative by Thales to educate leaders from the private and public sectors on the privacy and data protection practices companies can follow today, said,Emmanuel de Roquefeuil, country director India, Thales.

The firm operates in strategic electronics and IT space with a focus on high-end security. It is setting up a manufacturing unit in India in collaboration with Reliance Defense for making radar and electronic warfare display system for supply to Rafale Jet.

The study highlights that the top drivers for encryption are to protect against specific, identified threats and to protect customer information. This is in contrast to the global data where compliance is, and historically always has been, the top driver for encryption. In India, compliance ranked third on the list at 55 percent.

IT operations (28 per cent of respondents) and IT security (27 per cent of respondents) have the most influence in directing encryption strategies in contrast to global data where business unit leaders have a higher influence over encryption strategy than IT operations, the study said.

Top threat to sensitive data continues to be employee mistakes (55 percent of respondents), followed by hackers (36 percent) and temporary/contract workers (31percent of respondents).

This study is a call to action for organizations in India to strengthen their security position with strong data security and encryption plans in order to secure sensitive data and adhere to risk and compliance best practices and regulations. Thales is a strong player in the Indian public sector banks and most private sector banks, securing their information with its Hardware Security Module (HSMs). It is estimated that over 90% of the card transactions in India are secured by Thales payment HSMs, said, James Cook, sales director South Asia, Thales e-Security.

In India, encryption deployment grew the most year-on-year in databases, big data, and email. Encryption of databases, Internet communications, and laptop hard drives are the most likely to be extensively deployed. In contrast, public cloud services and docker containers are least likely to be extensively or partially encrypted. 62 percent of the respondents say hardware security modules (HSMs) will be important in the next 12 months.

Original post:
Indian IT firms Embrace Encryption, Lacks Adoption: Study - CXOToday.com

Is Wall Street Ready for Open Source Software? – FTF News

Posted on by

Eugene Grygo, Chief Content Editor, FTF News

Open source software and the open collaboration practices that it engenders are quietly gaining ground among software vendors, securities firms and maybe across Wall Street.

One of the biggest proponents of OSS movement, the Symphony Software Foundation, based in Palo Alto, Calif., has been consistently pulling market participants into its camp.

Known for its support of the Symphony messaging platform, Symphonys community has grown to 200,000 licensed users across 170 companies, including 40 of the worlds top asset managers and 25 of the largest global banks.

In February, the nonprofit group added charting and data visualization provider ChartIQ, data and analytics application vendor The Beast Apps, and real-time products and services provider Tick42 as new, cutting-edge members. These members will add to the dynamic between large financial institutions and younger fintech firms to collaborate in the open and achieve true interoperability through open source, Gabriele Columbro, executive director of the Foundation, said in a prepared statement at the time.

In addition, about a year ago, OpenFin, a provider of HTML5 runtime technology, joined the foundation for a collaboration that will enable OpenFin and other foundation member organizations to drive fintech standardization, contribute to the Symphony platform, and further drive the adoption of open source technology within financial services, officials say.

Through the foundations Open Governance model, OpenFin will influence the overall product direction of the Symphony platform, while its participation in working groups will aim to foster container standardization and application interoperability for the financial industry, officials add.

The foundation now reports that it has more than 50 open source projects underway, and two months shy of its second anniversary, it also has more than 100 contributors, four active working groups, and 25 member organizations that are part of the Symphony ecosystem.

The foundation has also added four new Silver Members Arcontech, BankEX, Cloud9 Technologies and FinTech Studios that bring experience in financial market data solutions, distributed ledger technology (DLT), voice trading and artificial intelligence technologies.

When done right, open source enables a degree of innovation which is simply not possible in proprietary development or solution-time collaboration models like open APIs [application programming interfaces] or open standards, Columbro, executive director, Symphony Software Foundation, in a statement.

The growth of our community shows how these strategic benefits can outweigh legal, technical and frankly cultural aspects preventing effective innovation in financial services technology, Columbro adds. We see our Foundation as the proven-to-be-trusted environment where fintech producers and consumers can collaborate on open source, industry-grade standard solutions, sparking innovation on common and new use cases that have the potential of reshaping Wall Street.

With Wall Street in mind, the foundation has also announced that it is hosting an inaugural Open Source Strategy Forum in New York on November 8. The one-day conference is open to executive-level decision makers and senior technologists from financial services seeking to drive industry innovation through open source, officials say.

In the meantime, the foundation offers an Open Developer Platform (ODP) to open source contributors, providing open API access to Symphony and a compliant open source development process, officials add.

More information about the technology is at: http://symphony.foundation

Read this article:
Is Wall Street Ready for Open Source Software? - FTF News

China’s New Quantum Communication Network Will Be Unhackable – Futurism

Posted on by

In Brief China's new quantum communication network in the city of Jinan is expected to change cryptography for the better. As computers become more powerful, current encryption methods become less reliable. Quantum cryptography will be a key technology for addressing this. Securing the Internet

For a country notorious for its restrictive internet policies, China seems to be taking the lead on developing next-generation internet communications. The city of Jinan is set to become the hub of this quantum communications network that will boost Beijing-Shanghai internet when the project is launched by the end of August. It is set to become the worlds first unhackable internet communications network.

Unlike encryption methods that hide the key under difficult mathematical problems, quantum communication and cryptographyuse entanglementto do the trick. Concretely, the key is embedded in photons (light particles) and sent ahead of the encrypted message a method called quantum key distribution (QKD).

Communication becomes unhackable this way because any attempt to intercept the key would be obviousto the sender and the intendedrecipient. Whats even more impressive is that China has the technology to extend quantum communications up to 400 kilometers (about 250 miles), as previously demonstrated in a quantum cryptography research in Hefei.

As technology becomes increasingly more complex, computers are becomingincreasingly more powerful. This puts current encryption methods in danger, as number-crunching becomes easier with powerful computing power. Number-based keys need to be prolonged and constantly updated to keep up. QKD potentially solves all of this.

Yet, for the most part, it seems China is leaving the West behind in pursuit of this technology. For a long time people simply didnt think it was needed, Myungshik Kim from Imperial College, London,told the BBC. The mathematical difficulty of the current coding system was so high that it was not thought necessary to implement the new technology.

Recent security breeches and hacks, of course, reveal the error of this thinking. Thats one reason why China is pursuing quantum communication, but the tech has a number of other possible applications as well.

We plan to use the [Jinan] network for national [defense], finance, and other fields, and hope to spread it out as a pilot that if successful, can be used across China and the whole world, Zhou Fei, Jinan Institute of Quantum Technology assistant director, previously told the Financial Times.

See more here:
China's New Quantum Communication Network Will Be Unhackable - Futurism

Sequoia and Andreessen Horowitz Are Secretly Backing This Cryptocurrency Hedge Fund – Fortune

Posted on by

It's a hedge fund savvy enough to have scooped up Bitcoin when it was free. One of its founders is the well-known CEO of AngelList, Naval Ravikant . It's backed by a roster of Silicon Valley's top venture capital firms, and boasts returns of more than 500%. And you've probably never heard of it.

Meet MetaStable Capital, a stealthy startup hedge fund based in San Francisco that invests only in cryptocurrencies such as Bitcoin and Ethereum. Since its launch in September 2014, MetaStable has delivered such eye-popping performance that it apparently lets the numbers mostly speak for themselves; it shuns publicity and never announced its recent fundraising round.

Still, Fortune has learned many of the details. In the spring, Andreessen Horowitz, Sequoia Capital, Union Square Ventures, Founders Fund and Bessemer Venture Partners all invested in MetaStable, according to several of the VCs and other people close to the fund.

Notably, it's only Sequoia's second investment in a blockchain-related company in that venture capital firm's 45-year history; the first was earlier this year, in Polychain Capital , in a $200 million round in which Andreessen, Union Square Ventures and Founders Fund also participated.

In contrast to MetaStable, though, Polychain has been much more welcoming of press (its founder, Olaf Carlson-Wee, is on the cover of Forbes ' latest issue). It also differs in its strategy: Whereas Polychain specializes in investing in other blockchain companies through what's known as an initial coin offering (or ICO)an investment style that has been likened to venture capitalMetaStable invests directly in digital currencies that it believes could become a new form of money.

Now, MetaStable owns about a dozen different cryptocurrencies, including Bitcoin (which one of the fund's co-founders, Lucas Ryan, originally received for free in 2011), Ethereum, and Monero (of which the fund holds nearly 1%, or about $6 million worth, of all outstanding coins), according to a pitch deck seen by Fortune.

Josh Seims, MetaStable's third co-founder, says the fund takes a value investing approach, "sort of what you imagine a Warren Buffett doing, but its kind of oxymoronic to use these terms in the space because everything is so ephemeral." An example in the pitch deck illustrates the fund's skill in "Bitcoin crisis investing," a Buffett-like concept of investing when others are fearful: When Bitfinex, a major cryptocurrency exchange, was hacked last summer, the price of Bitcoin swiftly plunged more than 20% to under $550, and MetaStable took the opportunity to double its Bitcoin position within the next few hours. The price of Bitcoin has since more than quadrupled.

Rather than try to time the market or buy into the newest blockchain trend, MetaStable looks closely at the real-world use cases of various digital currencies, and aims to make at least decade-long bets on the most "credible candidates," Seims tells Fortune . "There's a handful of, say between five and 10 of these major use cases that could be trillion-dollar blockchains," he says. "Its all very long-term focused, and we think were in super early days right now. It really comes down to which do we think is the strong enough technology, that we think can win." (So far, MetaStable has also exhibited an edge in dodging some of the duds: It skipped The Dao's token offering last year, correctly predicting that it would be hacked; and also steered clear of the cryptocurrency Steem, which has largely turned out to be a flop.)

Through mid-March, MetaStable's flagship fund had returned 539% over its short lifetime, including 86% in the first two-and-a-half months of 2017 (a time period in which the Bitcoin price was up almost 28%).

Since then, though, Bitcoin and Monero have each more than doubled; Ethereum, meanwhile, is worth more than five times what it was four months ago. (Year to date, the Ethereum price has risen more than 2,300%.) That means that MetaStable's returns are actually much, much higher than the ones listed in its March presentation documents. A person close to the fund simply says it has "vastly outperformed Bitcoin;" that puts its 2017 returns at a minimum of 170% and likely far greater. Fortune estimates that MetaStable's returns since its inception now exceed 1,000%.

One caveat is that the fund is likely relatively small by hedge fund standards, which makes it somewhat easier to post outsized return figures. Still, in the fledgling industry of cryptocurrency hedge funds, MetaStable appears to be one of the heavyweights. A recent Forbes report listed its assets at $45 million, but that was before the recent surge in cryptocurrency prices over the last few months. MetaStable's portfolio more than doubled in value in May alone, according to a source close to the fund; on June 23, after a Bitcoin and Ethereum price crash , the hedge fund reported total assets of $69 million in a regulatory filing.

It's not clear how much of those assets are venture capital dollars; typically, when VC firms invest in other funds (the startup accelerator Y Combinator, backed by Sequoia, is one prime example), they can choose to invest in the company itself (or "general partner") or in the actual fund that company manages, or both. In the case of Polychain, for one, Union Square Ventures said it backed the firm but also put some money into the hedge fund.

The abundance of capital is also enticing a slew of other cryptocurrency hedge funds to test the waters for themselves. According to Hedge Fund Alert , there are at least 15 such funds already up and running, but as many as 25 more are in the works.

Investors should expect similar restrictions and high fees as the ones that exist with traditional hedge funds: MetaStable requires a minimum investment of $1 million, and has a "2 and 20" structure for one of its funds, charging a management fee of 2% of assets, and a performance fee of 20% of the profits. A riskier fund has a 1.5% management fee and a 25% performance fee.

Visit link:
Sequoia and Andreessen Horowitz Are Secretly Backing This Cryptocurrency Hedge Fund - Fortune

Cryptocurrency exchanges could be subject to SEC regulation, too – FT Alphaville (registration)

Posted on by

FT Alphaville (registration)
Cryptocurrency exchanges could be subject to SEC regulation, too
FT Alphaville (registration)
You've probably heard the news about DAO tokens by now: The SEC says they should be regulated securities, and will probably end up regulating other digital coins, too. (At question is whether each digital coin passes the SEC's Howey test, which we ...
'Sophisticated' Ethereum hack steals $8mn worth of cryptocurrencyRT
SEC Report Finds Cryptocurrency Markets Trade To Federal Securities LawsInternational Business Times
US decrees some ethereum trading is bound by securities lawZDNet
CoinDesk -Quartz -Finance Magnates
all 59 news articles »

Go here to read the rest:
Cryptocurrency exchanges could be subject to SEC regulation, too - FT Alphaville (registration)

AMD’s Blowout Second Quarter Got a Boost From the Cryptocurrency Mining Craze – TheStreet.com

Posted on by

Advanced Micro Devices Inc. (AMD) blew past expectations for the second quarter, helped by robust sales in its computing and graphics segment.

Shares of the chipmaker were soaring 10.2% to $15.56 in after-hours trading on Tuesday, after the company beat on its top and bottom line during the period. AMD said computing and graphics revenues jumped 51% from one year ago.

On an earnings call with investors, AMD CEO Lisa Su said sales of the company's RadeonRX GPUs (released in the second quarter) got a boost from the cryptocurrency mining market, as well as the gaming market. Leading up to AMD's earnings report, Wall Street had been trying to measure what impact the rise of cryptocurrency mining will have on chip companies, particularly AMD and its rival Nvidia Corp. (NVDA) . Both companies' chips are used to mine Ethereum, an alternative cryptocurrency to Bitcoin.

AMD's stock has popped 24.5% so far this year, in part due to a wave of demand from cryptocurrency miners. But Su indicated that AMD doesn't view cryptocurrency as a stable, long-term driver for the company.

"Relative to the cryptocurrency, we have seen some elevated demand," Su told investors on the call. "Our priority, though, really is on our core market, which is the gaming market. We are prioritizing supply toward the gaming market...But it's important to say that we didn't have cryptocurrency in our forecast and we are not looking at it as a long-term growth driver, although we will continue to watch the developments around blockchain technologies as they go forward."

Read more:
AMD's Blowout Second Quarter Got a Boost From the Cryptocurrency Mining Craze - TheStreet.com

AMD CEO: Cryptocurrency mining and gaming will boost Q3 graphics shipments – VentureBeat

Posted on by

Lisa Su, CEO of chip maker Advanced Micro Devices, said in an analyst conference call that enthusiasm for cryptocurrency and gaming will drive demand for the companys Vega graphics chips in the third quarter.

Overall, Su said AMD expects to post 23 percent better revenues in Q3 compared to the second quarter, which generated $1.22 billion in revenues. Su said that demand will be driven by a variety of things, including AMDs most competitive processors in a decade in its battle with rival Intel. AMD posted earnings that beat earnings expectations, and it predicted better times to come.

AMD launched its Epyc server chips in July, and it has been releasing new Ryzen processors since March. Those chips are based on the Zen cores, which are 52 percent faster per clock cycle than the previous generation. The gradual ramp of the Zen products will help AMD gain share in the market compared to Intel, and Su said the reception has been good.

Above: Lisa Su, CEO of AMD, introduces Zen.

Image Credit: Dean Takahashi

But Su also responded to questions about cryptocurrency during the call. She noted that the popularity of blockchain is prompting speculators to buy more graphics hardware so that they can mine currency faster. AMD recently launched its first Vega graphics processing units (GPUs), and it has more coming next week. Overall, demand for cryptocurrency mining has been clear.

We have seen elevated demand for cryptocurrency, she said. Inventory for GPUs is lean, but our priority is the core gaming market.

Su said the company is prioritizing supplies for game PC retailers. Semi-custom chips, including game console chips, will likely peak in the third quarter and come down in the fourth quarter, she said. AMD is shipping new processors for Microsofts Xbox One X game console debuting in October. Semi-custom chip sales were down 5 percent in the second quarter.

In the long term, Su said AMD was not counting on revenues from cryptocurrency to change the overall demand profile for graphics chips, but the company is watching the market, as cryptocurrency is definitely a component in overall demand.

Overall, I would view this as GPUs are strong. Its a great market to be in, she said.

More here:
AMD CEO: Cryptocurrency mining and gaming will boost Q3 graphics shipments - VentureBeat

WikiLeaks drops another cache of ‘Vault7’ stolen tools – Naked Security

Posted on by

The WikiLeaks Vault 7 almost-weekly drip-drip-drip of confidential information on the cybertools and tactics of the CIA continued last week.

The latest document dump is a trove from agency contractor Raytheon Blackbird Technologies for the so-called UMBRAGE Component Library (UCL) Project, which includes reports on five types of malware and their attack vectors.

This is the 17th release of specific CIA hacking or surveillance tools since the initial announcement by WikiLeaks on March 7.

According to a statement announcing the latest release:

The documents were submitted to the CIA between November 21st2014 (just two weeks afterRaytheon acquired Blackbird Technologiesto build aCyber Powerhouse) and September 11th2015. They mostly contain Proof-of-Concept ideas and assessments for malware attack vectors partly based on public documents from security researchers and private enterprises in the computer security field.

Raytheon Blackbird Technologiesacted as a kind of technology scout for theRemote Development Branch (RDB)of the CIA by analysing malware attacks in the wild and giving recommendations to the CIA development teams for further investigation and PoC development for their own malware projects.

The component library includes:

A new variant of the HTTPBrowser Remote Access Tool (RAT), used by a threat actor known as Emissary Panda, believed to be in China, which was built in 2015. It is a keylogger, and according to Raytheon captures keystrokes using the standard RegisterRawInputDevice() and GetRawInput() APIs and writes the captured keystrokes to a file.

A new variant of the NfLog RAT, also known as IsSpace and used by Samurai Panda. It is, according to Raytheon, a basic RAT that polls C2 servers every 6 seconds awaiting an encoded response. If it detects that a user has administrative privileges, it will attempt to reload itself using the elevated permissions.

Regin, described as a very sophisticated malware sample, which has been around since 2013. It is used for target surveillance and data collection. Raytheon said it has a six-stage, modular architecture that affords a high degree of flexibility and tailoring of attack capabilities to specific targets. It is also stealthy, with an, ability to hide itself from discovery, and portions of the attack are memory resident only.

HammerToss, a suspected Russian state-sponsored malware, which became operational in 2014 and was discovered in 2015, uses Twitter accounts, GitHub or compromised websites, and cloud storage to arrange the command and control operations for the malware. It is considered the most sophisticated malware of the five in the current release.

Gamker, an information-stealing Trojan that uses an interesting process for self-code injection that ensures nothing is written to disk.

As WikiLeaks noted in its announcement, these were all malware attacks found in the wild, and therefore not secret. But the CIAs hope clearly was that they would lead to development of their own malware projects to be used to conduct attacks not just on individual computers or systems, but social media platforms like Twitter as well.

Read more from the original source:
WikiLeaks drops another cache of 'Vault7' stolen tools - Naked Security