Google AI Can Create Its Own Crpyto

Standard

Recently it was discovered that the artificial intelligence experts of The Google’s Brain project were able to create A.I. that is capable of developing its own secure secret language or cryptography.

The accomplishment is leaving some with more questions than answers currently available.

It seems that nobody at Google has any idea how this extra layer of encryption actually works, not even the A.I.

In an experiment, the A.I. networks were created, two were instructed to communicate securely with each other using a shared secret key, while the third was assigned the task of intercepting and decrypting those communications.

The result, the two communicating networks were able to develop their own crypto layer that the third network was unsuccessful at cracking.

Importantly, the AIs were not told how to encrypt stuff, or what crypto techniques to use: they were just given a loss function (a failure condition), and then they got on with it. In Eve’s case, the loss function was very simple: the distance, measured in correct and incorrect bits, between Alice’s original input plaintext and its guess. For Alice and Bob the loss function was a bit more complex: if Bob’s guess (again measured in bits) was too far from the original input plaintext, it was a loss; for Alice, if Eve’s guesses are better than random guessing, it’s a loss. And thus an adversarial generative network (GAN) was create

via Google AI invents its own cryptographic algorithm; no one knows how it works | Ars Technica UK

Advertisements

Bitcoin $1000 – Third Time Is A Charm

Standard

If you have been following cryptocurrency this month then no doubt you have been keeping a close eye on the price of Bitcoin($BTC). For a third time, the electronic currency has a market price of over $1000.

 

Some had guessed that this occurrence would happen last night but the rally was delayed and waited until early today break past this crucial resistance.

coindesk-bpi-chart

12 hours chart via coindesk

Will this current rally hold or will Bitcoin be made to collect more solid support before these recent gains can be looked at as a win for the community of bitcoin enthusiast and investors?

News orgs sue FBI for details on San Bernardino iPhone exploit — TechCrunch

Standard

The Associated Press, Vice Media and Gannett, the parent company of USA Today, sued the FBI today in an attempt to uncover information about how the law enforcement agency was able to unlock an iPhone used by Syed Farook, one of the San Bernardino shooters. The Justice Department initially sought to force Apple to create custom…

via News orgs sue FBI for details on San Bernardino iPhone exploit — TechCrunch

Sydney Stock Exchange Confirms Public Blockchain Platform for Instant Settlements – CCN: Financial Bitcoin & Cryptocurrency News

Standard

The Sydney Stock Exchange is pressing ahead with a new blockchain settlement system that will position itself as a low-cost alternative to the current clearing and settlement system delivered by the Australian Securities Exchange (ASX).

via Sydney Stock Exchange Confirms Public Blockchain Platform for Instant Settlements – CCN: Financial Bitcoin & Cryptocurrency News

How John McAfee Global Technologies Intends To Challenge The Cloud

Standard

John McAfee Global Technologies From Las Vegas

At Def Con 24, I was given a chance to spend about an hour talking with the proposed CEO of MGT Capital Investments(NYSEMKT:MGT) outside of the Bally’s Poker Room. Joined by CTO Eric “Eijah” Anderson halfway through our interview, we discussed several important issues that I am simultaneously preparing to publish. It has been a month since I interviewed McAfee and Anderson but I have waited to release my interviews due to the controversy some believe have muddied the credibility of this company. Without specifically mentioning any of the detials, I will just share this tweet that I feel captures the spirit better than anything I could write.

https://twitter.com/ihazcandy/status/773876821267849217

Unfortunately even my editors at another site have decided to believe libelous claims from an avid troll, that I am on the payroll of MGT or one of its insiders. I feel that like others, they seem to be committed to their bias against McAfee and continue to judge this new company unfairly. On the other hand, by analyzing what John has been saying about the industry and not MGT,  objective and free minded people may already understand the potential growth that his insight could bring. No matter how you feel about John McAfee, it is hard to deny the truth in his sentiment regarding the industry he helped to create.

John McAfee: Well when I started out people were saying ‘well virus aren’t a problem you’re insane’. Today I see the entire cybersecurity industry is operating on an outdated paradigm that is let’s find after the hacker gets in, let’s find the traces…”

As bold as the statement McAfee makes, it seems that the methods we use to secure our information are indeed outdated and is driving an increased demand for better cybersecurity. It is not hard to find indicators to support this idea.

At a time when global cybersecurity sales are expected to rise to $1 trillion by 2021, research is now showing that the problem of cyber-crime will cost companies $2 trillion by 2019. This reflects a widening gap between the efficiency of the solutions and the resourcefulness of the criminals.

In the United States, CNBC reported that the problem has become a drain on the infrastructure to the point that law enforcement agencies and hospitals have given in to ransomware demands for payment. There has also been a rise in reports that indicate that this type “pay or beware” strong-arming cost about 2,500 victims around $24 million in damages last year.

This year that number has already dramatically increased 500%. Recent data is also indicating that at the end of March 2016, Americans had paid over $209 million in order to regain access to their critical information. What I find most concerning about these figures is that those damages are limited to only the complaints reported to the FBI meaning that the actual costs of these crimes could be significantly more expensive.

What this shows that security professionals are as in the dark as law enforcement when it comes to protecting sensitive data. The problem is rooted in the lack of a solution that stops these intrusions while they occur

JM: But by then it’s too late…He’s already in…

So obviously the paradigm doesn’t work.”

What Is Wrong With the State of Cybersecurity Today?

With a shift from Personal Computers to mobile devices, many hardware vendors have also moved to a cloud-based product offering secured by third-party cybersecurity vendors. With so many trusted names to protect the customer’s data, I believe if the paradigm is broken, then supporting data will be represented in the market. I feel the story of FireEye(NASDAQ:FEYE) and former McAfee CEO Bill DeWalt illustrates a great example of what John goes on to say is wrong with the current state of the cybersecurity industry.

Intel(NASDAQ:INTC) acquired McAfee’s former company after his departure in a $7.7 billion sale spearheaded by Bill DeWalt. Intel Security intended to embed features into its chipsets but now must consider selling its underfunded interest in cybersecurity under the McAfee brand. DeWalt would go on to leave to leave McAfee as a surge in venture capital funding poured into an industry and take the CEO role at the emerging FireEye venture in 2012. Under his leadership, their products took a proactive approach to developing anti-malware firewalls that brought a surge of interest in the company’s stock shortly after its IPO in early 2014.

FEYE Chart

FEYE data by YCharts

With a flurry of new technologies to market interest from investors was on the rise yet the result of these new approaches was that from 2013 to 2015, the costs of cybercrime on businesses had quadrupled. In early 2014 FireEye had shed about 81% of its stock market value from its high of $13 billion and in the case of Bill DeWalt, he was recently replaced as CEO.

Eventually, the buzzword fueled hype had lost its effect on investors as the money pouring into the industry failed to produce tangible results. The Ponemon Institute released research that goes on to explain that the average cost of a data breach rose 23% in the last two years to $3.79 million. Like many other tech firms at the time, once these companies went from private ventures to public markets, investor confidence dropped as it became apparent that the current methods of information and network security were failing to keep up with enterprising criminals.

I feel that key players like Intel are discovering that they may have over-compartmentalized themselves as the disruptive effect of mobile technology shifts the focus of their business development. This tricky situation leaves Intel in a position to either increase spending by expanding the security operating expenses to competitive levels or sell the McAfee assets in order to focus on the company’s proposed move away from the PC market to a cloud-focused enterprise. Intel has released a manifesto that issued a proclamation that “The cloud is the most important trend shaping the future of the smart, connected world – and thus Intel’s future.

As some companies may consider moving out of the crowded market, some have opted to consolidate. Investors have seen these effects manifest itself in the form of a more competitive industry and competitive acquisitions from established entities like Symantec(NASDAQ:SYMC) and its recent Blue Coat purchase.

Symantec who owns the popular Norton brand is paying $4.65 billion for the reported revenue of $598.3 million last year. All this for a company that decided to cash-in instead going through an IPO after it was acquired by Bain Capital last year for $2.4 billion. While Blue Coast has ceased to be a profitable business, those fundamentals did not stop it Symantec from paying a premium at x8 sales, after being turned away by FireEye earlier this year.

The Contrarian Case: Pillars of Disruptive Growth

It comes down to the concept of analyzing data of real-time user activity within a network, Gartner Research calls this, “Visibility”. It has become what Gartner refers to as its first pillar that describes the methods of analyzing a cloud-based security service as a means of both proactive security and a method to monetize the data being collected. Intel best summarizes Visibility with, “The many “things” that make up the PC Client business and the Internet of Things are made much more valuable by their connection to the cloud

What if, instead of storing and sharing all of that user information, the company focused on developing real-world solutions to evolving problems? I believe that John McAfee’s re-entry is a calculated move to do just that. When you consider that on May 9th, 2016, MGT put out a press release marking his re-entry to the industry, weeks after Intel announced its new cloud-focused strategy.

JM:“…I spent 3 years finding the best products and that were in development out there and waiting for them to be ready and making both arrangements and relationships with the key people in this companies so that as for when they all matured they can use them.

Much like the investors funding the MGT reverse merger, McAfee is making a contrarian play on marketing the technology he has cultivated.

 His security model of reducing risk by removing the needless connectivity of personal information through the cloud may grab the attention of those enterprises looking for an alternative. If MGT can offer a competitive solution to those organizations who are reluctant to move their most valuable information to the cloud the company’s recent acquisitions may prove to be a viable alternative platform to the cloud.

Although bearish investors may feel McAfee could be leading shareholders into the cybersecurity abyss of diminished returns, there is room for growth in the industry. With a potential market of over 85% of large enterprises switching to a cloud-based access solution, MGT is offering a packaged decentralized network structure to challenge the cloud’s projected dominance. The Ponemon institute finds that 87% of the data stored on the cloud is out of their company’s control. As more digital threats become newsworthy, businesses have shown that are uncomfortable keeping their most secure information outside of their control.

The recent acquisitions of Sentinel from Cyberdonix for 150,000 restricted shares of MGT stock, the company may find itself able to breach the moat of the global managed security services market that is projected to reach nearly $30 billion by 2020. I believe that MGT recognizes this potential market and is in a position to offer them on-site control of their data with a competitive advantage in some niche marketplaces. While the industry is extremely crowded, there is market research to support room for an alternative solution to cloud computing. If MGT’s offering can serve as an analog for Gartner’s four pillar approach as a Cloud Security Access Broker, then Sentinel MGT may prove to be wise acquisition for an initial product offering

For McAfee to expose shareholders to the growth projected in the industry, MGT will have to offer solutions to rival the likes of Symantec and FireEye. The real answer to the question of legitimacy for this venture will come from analyzing how well its technology can directly compete with hardware vendors like Cisco(NASDAQ:CSCO) and other established firewall providers as a real-time threat detection solution.

JM: For example, Sentinel… It doesn’t look for the damages that was done, and say “Ah-Ha! We have a problem.” It knows this within a matter for a second the first time a hacker attempts to approach the system.”

As lucrative as an opportunity this may seem, there is no guarantee that by purchasing a Next Generation Intrusion Protection Device like Sentinel, MGT can find customers who trust the minimalist approach. In order to provide the sales volume to ramp initial revenues, this product will have to offer is a new standard in real-time threat detection.

McAfee would go on to explain how he believes this has been achieved.

JM: A hacker doesn’t come in and dig up a bomb, he has to spend a lot searching.. First getting into the network…

Then it has to find where the thing I’m looking for is…

But we notice in the first few seconds his first approach

Our little box, it’s a passive box just watching, it uses a combination of heuristics and artificial intelligence and we notice instantly that this is an anomaly and there’s a packet or an intrusion here, right at that second that this shouldn’t be happening.

It then notifies our server, our server then does analysis…

All this happens in a matter of seconds.

At that point, you can take action which is close down that port and firewall or take remedial action which fixes the problem that let the hacker in.

Now isn’t that better than to wait for the hacker to come in and find the signs and say Aha there’s a piece of malware but good god that is months after he first came in…

It is a game changer it will change the entire face of cybersecurity in the way that companies address and reacts to intrusion.”

John McAfee, proposed CEO MGT 8/5/2016 Bally’s Poker Room, Las Vegas at Defcon 24

Sentinel and the Projected Growth of Enterprise Security

I expect that interest in Sentinel will grow in relation to the traditional IDS and IPS devices that have contributed to the slow response in threat-detection. With a low bar already set, all MGT may have to do is provide an actual solution to the problematic approach of analyzing data after the fact. According to FireEye, the median number of days that attackers are present on a victim’s network before being detected is 229. For this key reason, I feel that MGT has proven itself to be a legitimate contrarian play based on substantial market research that indicates Sentinel’s unique opportunity.

As the global enterprise governance, risk and compliance market continues to grow from to $11.5 billion by 2019, there will likely be customers reluctant to trust their information to devices that have underperformed. Where companies like Cisco and Microsoft offer IPS/IDS solutions, Sentinel was designed to be ideally suited for smaller areas compared to the standard 19-inch rack configuration that other vendors implement. Standard IPS and IDS solutions have several drawbacks other than their size. As McAfee explained, Sentinel acts as a passive box, meaning that it is on the other side of the firewall where the  traditional IPS and IDS counterparts are located. This allows for Sentinel to reduce the risk of bottle-necking the network traffic. When a typical IPS/IDS solution has a malfunction or gets hacked, the entire network access point is compromised. I believe this to be an advantage over cloud solutions because of the obvious vulnerability of all data being transferred through one access point.

According to MGT’, Sentinel’s first production run is expected in Q4 2016 and gives investors exposure to the 13.2% CAGR projected for the market. The trend in information security spending indicates that by 2020, 60% of enterprise security budgets will be allocated for this type of rapid detection and response system and within two years 80% of these endpoint protection platforms will include similar A.I. and heuristic analysis similar to MGT. This may help the new company find some initial footing in the very rocky landscape that has become the cybersecurity industry. For now I will leave you with John’s proclamation to change the industry by bringing real-time results to problems that sometimes take years to understand.

In light of S.A. refusing to believe the simple truth, I am just citizen journalist using my free speech and free will to voice my opinion, I have decided to publish independently for now. I hope this rough notes will help you with your own due diligence. My research and writing is only made possible through your support. Thank you for taking the time to visit my personal website. Please use paypal to help support this blog.

Update: Demonsaw 3.0.5 Goes Live

Standard

A new release for community has hit the demonsaw.com downloads section.

Here are the latest updates since 3.0 went was launched at DEFCON 24:

[3.0.2]
* queue unauthorized packets then emoty queue once re-authenticated with xfr router
* transfer routers should not be overwritten when refreshing with msg router (keep in memory and replace only). msg router sends back all xfr routers to clients (not just success ones)
* transfer service unauthorized will drop transfer request (to restart). Re-queue and/or don’t restart, just re-group & handshake? Add to post-auth queue and then process upon successful re-connect?
* restart of client should NOT restart transfer routers (allow transfers to continue)
* turn yellow if you have 0 xfr routers
* use transfer router as long as not error status
* max/min transfer routers that are used in transfer? (1 – 8)
* transfer router open fail should abort? Or.. use TTL and fail when we run out of retries?
* right click download, Stop doesn’t appear cross rows (if yes/no)
* fix browse sort crash bug
* wrap all service/acceptor handlers in exception handling
* TwoFish crashes on linux??? (Just use AES for session?)
* 5 sec progress update change from green to blue
* removed early socket close function calls (should fix router crashes)
* return 501 if router uses non AES for session
* router socket->close() – let destructor do it
* porn’s weird file parse issue – i think an exception is thrown tbh
* Only allow folder browsing if folder size > 0
* alpha 1 sets button at 255 alpha?
* auto rejoin client to router if going from 0 -> 1 or 1 -> 0 shares
* minus button remove all (download, upload, etc.)

[3.0.3]
* Stack crash was occurring on Linux due to 4K worker thread stacks
* Increased stack size to 256K
* Added twofish algorithm back
* tooltip for dock widget
* Added tooltips back
* Updated retry to 1 sec (100 ms was DDOSing the router?)
* retry is set to 0-1 sec now…
* Add retries to services & acceptors
* Remove unnecessary error messages
* Unable to write needs to eventually time out?
* retry should be 8
* bring over random retry code from message acceptor to clients (0 – 1000)
* tunnel sockets to 1

[3.0.4]
* Restart ignores previous queued events
* unable to write still doesn’t timeout – it does, just takes 1 min
* playing while downloading corrupted file, resume fixed?
* 1 tunneled socket

[3.0.5]
* 1 thread for message routers
* Display “Upgrade Now” message in chat when incompatible router found