Mediaboss Marketing

Angela Ahrendts, Apples high priestess for all things retail, wants to harness her inventory of company stores around the world to be much more than simply places to buy iPhones and iPads.

Talking to a LinkedIn blog this week to share her vision, Apples senior vice president for retail described about how so-called influencers will be able to share their art and ideas in a communal setting within Apple stores. These thinkers, leaders, and culture-makers who feed our curiosity and reinforce our ideas will turn Apple stores into repositories of creative sparks and incubators of world-changing ideas, if, that is, things go according to Ahrendts plan.

An influencer to me is someone who shares their journeythe ups and downsand their approach to their craft or the spark that ignites a new interest allowing people to do more and go further, she writes. At their core, an influencer creates an empowering human connection. This is the essence of our new in-store experience, Today at Apple, bringing a community of people together to influence one another, to learn, share, and experience their Apple passions like music, photography, videography, art and coding. Free and open to everyone, everydaykids, parents, educators, entrepreneurs, and more.

Ahrendts goes on to say what every fanboy and girl out there already knows as Steve Jobs gospel: At Apple, we believe that people with passion can change the world. In an era of social everything, we want to spark possibility and opportunity in the creative arts, in real life, person to person. Across our almost 500 stores through our 60,000 incredible employees impacting their local communities. The goal, says Ahrendts, is to turn every Apple Store into a town square where people with similar interests can gather and share ideas and experiences.

The message then sends readers to the Today at Apple site where you can plug in your local store and pull up a list of activities at each venue.

Besides offering things like workshops like editing classes for the Mac and adding voice-over to your iPhone video, the initiative offers new sessions to learn and share ideas about using iPads for hearing loss and finding creative ways to store those billions of old photos youve got on your iPhone 7. The stores will also offer special classes for kids and for businesses. Every single store will offer a Kids Hour every Saturday morning. Atthe Apple Store in Walnut Creek this afternoon, for example, you can join others on a Photo Walk: Framing Architecture and Details.

In fact, this weekend every Apple Store on the planet will be offering photo walks, too. And stores will also offer Studio Hours, which are open work sessions where users can come in and get help from trained staff and other Apple customers with their personal projects.

Discover a new angle on photographing buildings, monuments, architectural details, and structures, says the pitch. Bring your iPhone or iPad and well share techniques for composing your shot, and show you how to consider light and shadow to emphasize details and lines. Wear comfortable shoes and bring only what you needincluding a fully charged device.

The program is not completely new by any means for years, Apple has offered classes and speakers inside many of its stores, with some of the larger locations equipped with spacious classrooms. But with Today at Apple, the Cupertino tech giant is jumping even higher onto a social-networking bandwagon that everyone from Google (Google Groups allows you to create and participate in online forums and email-based groups with a rich experience for community conversations.) to Facebook (Whether its a road trip, a bachelor party, or your concert bucket list, groups make it easy to coordinate with friends near and far. Share documents, project updates, poll your team for feedback. A group lets you communicate in one searchable space.)

Even Airbnb has joined the fray with its Experiences which allow guests to join others and do communal activities in different cities around the world.

______________________________________________________________

Cupertino, California Apple today announced plans to launch dozens of new educational sessions next month in all 495 Apple stores ranging in topics from photo and video to music, coding, art and design and more. The hands-on sessions, collectively called Today at Apple, will be led by highly-trained team members, and in select cities world-class artists, photographers and musicians, teaching sessions from basics and how-to lessons to professional-level programs.

At the heart of every Apple Store is the desire to educate and inspire the communities we serve, said Angela Ahrendts, Apples senior vice president, Retail. Today at Apple is one of the ways were evolving our experience to better serve local customers and entrepreneurs. Were creating a modern-day town square, where everyone is welcome in a space where the best of Apple comes together to connect with one another, discover a new passion, or take their skill to the next level. We think it will be a fun and enlightening experience for everyone who joins.

______________________________________________________________

The rest is here:
Company is adding more social-networking features to its Apple Stores - The Mercury News

Ive been silent on the blog for a while Ive been tweeting my way through current events rather than blogging about them but I wanted to flag the publication of my latest article, The Effect of Legislation on Fourth Amendment Protection, 115 Michigan Law Review 1117 (2017). The abstract:

When judges interpret the Fourth Amendment, and privacy legislation regulates the governments conduct, should the legislation have an effect on the Fourth Amendment? Courts are split three ways. Some courts argue that legislation provides the informed judgment of a coequal branch that should influence the Fourth Amendment. Some courts contend that the presence of legislation should displace Fourth Amendment protection to prevent constitutional rules from interfering with the legislatures handiwork. Finally, some courts treat legislation and the Fourth Amendment as independent and contend that the legislation should have no effect.

This Article argues that courts should favor interpreting the Fourth Amendment independently of legislation. At first blush, linking the Fourth Amendment to legislation seems like a pragmatic way to harness the experience and skills of the legislature to help implement constitutional values. A closer look reveals a different picture. Investigative legislation offers a surprisingly weak indicator of constitutional values. Linking the Fourth Amendment and statutes raises novel and complex questions of what links to draw and how to draw them. Linkage also threatens to weaken statutory privacy laws by turning the legislative process into a proxy battle for Fourth Amendment protection. Interpreting the Fourth Amendment independently of legislation avoids these problems. Independence limits arbitrary decisionmaking, provides a clear standard, and helps to protect the benefits of legislation.

This issue will come up soon at the Supreme Court if the justices agree to review the still-pending petitions on Fourth Amendment protection for cell-site data. As always, stay tuned.

See original here:
Final version of 'The Effect of Legislation on Fourth Amendment Protection' - Washington Post

After the WannaCry cyberattack hit computer systems worldwide, Microsoft says governments should report software vulnerabilities instead of collecting them. Here, a ransom window announces the encryption of data on a transit display in eastern Germany on Friday. AFP/AFP/Getty Images hide caption

After the WannaCry cyberattack hit computer systems worldwide, Microsoft says governments should report software vulnerabilities instead of collecting them. Here, a ransom window announces the encryption of data on a transit display in eastern Germany on Friday.

When the National Security Agency lost control of the software behind the WannaCry cyberattack, it was like "the U.S. military having some of its Tomahawk missiles stolen," Microsoft President Brad Smith says, in a message about the malicious software that has created havoc on computer networks in more than 150 countries since Friday.

"This is an emerging pattern in 2017," Smith, who is also chief legal officer, says in a Microsoft company blog post. "We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage."

On affected computers, the WannaCry software encrypts files and displays a ransom message demanding $300 in bitcoin. It has attacked hundreds of thousands of computers, security experts say, from hospital systems in the U.K. and a telecom company in Spain to universities and large companies in Asia. And the software is already inspiring imitators, as the Bleeping Computer site reports.

The malware behind WannaCry (also called WannaCrypt, Wana Decryptor or WCry) was reported to have been stolen from the NSA in April. And while Microsoft said it had already released a security update to patch the vulnerability one month earlier, the sequence of events fed speculation that the NSA hadn't told the U.S. tech giant about the security risk until after it had been stolen.

With his new statement, Smith seems to be confirming that version of events.

Two months after Microsoft issued its security patch, thousands of computers remained vulnerable to the WannaCry attack. That prompted the company to issue another patch on Friday for older and unsupported operating systems such as Windows XP, allowing users to secure their systems without requiring an upgrade to the latest operating software.

Urging businesses and computer users to keep their systems current and updated, Smith says the WannaCry attack shows the importance of collective action to fight cybercrime.

But he aimed his sharpest criticisms at the U.S. and other nations.

The attack, Smith says, "represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today nation-state action and organized criminal action."

International standards should compel countries not to stockpile or exploit software vulnerabilities, Smith says. He adds that governments should report vulnerabilities like the one at the center of the WannaCry attack.

Governments "need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world," Smith says, urging agencies to "consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits."

Smith's blog post did not address another factor in the ransomware's spread, one that hints at the difficulty of uniting against a hacking attack: Users of pirated Microsoft software are unable to download the security patch, forcing them to fend for themselves or rely on a third-party source for a solution.

Continue reading here:
is calling out the NSA

The particularly nasty computer program dubbed WannaCry that attacked hospitals, businesses and government agencies around the world this past weekend was like a cybercrime highlight reel, a compilation of by-now familiar elements conscience-free cybercriminals, an obscure vulnerability in Microsoft Windows, older and ill-maintained corporate computer networks and computer users tricked into opening booby-trapped email attachments that played out on an epic scale.

Whats different this time is that the hackers apparently had considerable help from the U.S. government. They used a stolen tool reportedly developed by the National Security Agency to exploit a hidden weakness in the Windows operating system and spread their ransomware far and wide. The tool was one of many linked to the NSA that were leaked online last year, then finally decrypted in April for use by anyone with the requisite coding skills.

Its tempting to howl at the NSA for not alerting companies like Microsoft when its researchers find vulnerabilities in their products. The reality, though, is that doing so would reduce the effectiveness of cybertools that have become an integral part of modern efforts by agencies like the NSA to fight terrorism, international criminal organizations and rogue states. Whats needed is a better effort to determine if and when a vulnerability discovered by the feds represents too great a threat to keep it secret from the potential victims. Thats a difficult balance to strike, and the decision shouldnt be made solely by the executive branch without the input of independent experts and, potentially, lawmakers.

The even more important lesson here is that years, even decades of warnings from security experts simply arent getting through to the public. WannaCry should not have reached disastrous proportions Microsoft released a patch that could close the vulnerability in March, well before the NSAs tool was decrypted. Yet tens of thousands of computers werent updated, allowing the malware the room it needed to spread.

The problem could easily get much, much worse as more routine devices become smart, Internet-connected ones. Evidently we need stronger incentives not just for companies to release more secure products, but also for users to keep them updated and protect their data with encryption and backups. Thats what the lawmakers and federal officials should be focusing on not on trying to discourage consumers from using encryption on their smartphones, or on building stockpiles of malware based on vulnerabilities they alone have found.

Follow the Opinion section on Twitter @latimesopinion and Facebook

Read the original post:
The 'WannaCry' malware: A public service announcement ...

Slide: 1 / of 1. Caption: Caption: A woman walks past a branch of Noor Islamic Bank along Khalid Bin Al-Waleed Road in Dubai.Reuters

For eight months, the hacker group known as Shadow Brokers has trickled out an intermittent drip of highly classified NSA data. Now, just when it seemed like that trove of secrets might be exhausted, the group has spilled a new batch. The latest dump appears to show that the NSA has penetrated deep into the finance infrastructure of the Middle Easta revelation that could create new scandals for the worlds most well-resourced spy agency.

Friday morning, the Shadow Brokers published documents thatif legitimateshow just how thoroughly US intelligence has compromised elements of the global banking system. The new leak includes evidence that the NSA hacked into EastNets, a Dubai-based firm that oversees payments in the global SWIFT transaction system for dozens of client banks and other firms, particularly in the Middle East. The leak includes detailed lists of hacked or potentially targeted computers, including those belonging to firms in Qatar, Dubai, Abu Dhabi, Syria, Yemen, and the Palestinian territories. Also included in the data dump, as in previous Shadow Brokers releases, are a load of fresh hacking tools, this time targeting a slew of Windows versions.

Oh you thought that was it? the hacker group wrote in a typically grammar-challenged statement accompanying their leak. There was speculation prior to this mornings release that the group had finally published its full set of stolen documents, after a seemingly failed attempt to auction them for bitcoins. Too bad nobody deciding to be paying theshadowbrokers for just to shutup and going away.

The transaction protocol SWIFT has been increasingly targeted by hackers seeking to redirect millions of dollars from banks around the world, with recent efforts in India, Ecuador, and Bangladesh. Security researchers have even pointed to clues that a $81 million Bangladesh bank theft via SWIFT may have been the work of the North Korean government. But the Shadow Brokers latest leak offers new evidence that the NSA has also compromised SWIFT, albeit most likely for silent espionage rather than wholesale larceny.

EastNets has denied that it was hacked, writing on its Twitter account that theres no credibility to the online claim of a compromise of EastNets customer information on its SWIFT service bureau. But the Shadow Brokers leak seems to suggest otherwise: One spreadsheet in the release, for instance, lists computers by IP address, along with corresponding firms in the finance industry and beyond, including the Qatar First Investment Bank, Arab Petroleum Investments Corporation Bahrain, Dubai Gold and Commodities Exchange, Tadhamon International Islamic Bank, Noor Islamic Bank, Kuwait Petroleum Company, Qatar Telecom and others. A legend at the top of the spreadsheet notes that the 16 highlighted IP addresses mean, box has been implanted and we are collecting. That NSA jargon translates to a computer being successfully infected with its spyware.1

Those IP addresses dont actually correspond to the clients computers, says Dubai-based security researcher Matt Suiche, but rather to computers servicing those clients at EastNets, which is one of 120 service bureaus that form a portion of the SWIFT network and make transactions on behalf of customers. This is the equivalent of hacking all the banks in the region without having to hack them individually, says Suiche, founder of UAE-based incident response and forensics startup Comae Technologies. You have access to all their transactions.

While the Shadow Brokers releases have already included NSA exploits, todays leak is the first indication of targets of that sophisticated hacking in the global banking system. Unlike previous known hacks of the SWIFT financial network, nothing in the leaked documents suggests that the NSA used its access to EastNets SWIFT systems to actual alter transactions or steal funds. Instead, stealthily tracking the transactions within that network may have given the agency visibility into money flows in the regionincluding to potential terrorist, extremist, or insurgent groups.

If that sort of finance-focused espionage was in fact the NSAs goal, it would hardly deviate from the agencys core mission. But Suiche points out that confirmation of the operation would nonetheless lead to blowback for the NSA and the US governmentparticularly given that many of the listed targets are in US-friendly countries like Dubai and Qatar. A big shitstorm is to come, says Suiche. You can expect the leadership of key organizations like banks and governments are going to be quite irritated, and theyre going to react.

Beyond EastNets alone, Suiche points to references in the files to targeting the Panama-based firm Business Computer Group or BCG, although its not clear if the firm was actually compromised. Beyond its Twitter statement, EastNets didnt respond to WIREDs request for comment. WIRED also reached out to BCG and the NSA, but didnt get a response.

SWIFT aside, the leak also contains a cornucopia of NSA hacking tools or exploits, including what appear to be previously secret techniques for hacking PCs and servers running Windows. Matthew Hickey, the founder of the security firm Hacker House, analyzed the collection and believes there are more than 20 distinct exploits in the leak, about 15 of which are included in an automated hacking framework tool called FuzzBunch.

This is as big as it gets. Matthew Hickey, Hacker House

The attacks seem to target every recent version of Windows other than Windows 10, and several allow a remote hacker to gain the full ability to run their own code on a target machine. There are exploits here that are quite likely zero days that will let you hack into any number of servers on the internet, says Hickey. This is as big as it gets. Its internet God mode.

In a statement to WIRED, however, a Microsoft spokesperson wrote that the company had previously patched all the vulnerabilities in Windows that the hacking tools exploited. Weve investigated and confirmed that the exploits disclosed by the Shadow Brokers have already been addressed by previous updates to our supported products, the statement reads. In a blog post, the company clarified that several of the exploits do still work, but only on versions of Windows prior to Windows 7.2

But the Shadow Brokers hinted in their release that theyre not done creating trouble for the NSA yet. Maybe if all suviving [sic] WWIII theshadowbrokers be seeing you next week, the groups message concludes. Who knows what we having next time?

1Updated 4/14/2017 12:15 EST to include comments from EastNets.

2Updated 4/15/2017 3:50 EST to include a response from Microsoft.

More here:
Major Leak Suggests NSA Was Deep in Middle East ... - WIRED