Structure News: Email security is broken, but you should still open this one

Your weekly tech news roundup, with a little bit of Structure. Where Our Fantasy Football Team Is Awesome, Thanks For Asking September 16th, 2016 / by Tom Krazit This week, we'll talk about why email is at the heart of so many security issues, the push for security thinking as the new design thinking, and why Facebook deliberately shuts off some of its data centers from time to time. BIG PICTURE It's increasingly clear that information security is a broken promise, and it's probably email's fault. Despite decades of attempts to kill it, email is still one of the most-used applications on our personal computers. That means some of our most valuable information is stored in a place tied to your computer that anyone in the world with your address can contact, potentially gaining control of your system if you're careless, unlucky, or both. And if you host your own email server, you're probably more at risk. The World Anti-Doping Agency confirmed this weekthat Russian hackers, possibly the ones behind other prominent hacks this election year, used an email spear-phishing attack to steal the personal information of an unknown number of athletes. That personal medical information was used to make a clumsy attempt at denting the reputations of U.S. gymnast Simone Biles and tennis players Venus and Serena Williams. Several emails written by former U.S. Secretary of State Colin Powell were also leaked this week, revealing private conversations containing frank assessments of public figures that Powell would have never published in an op-ed. And then security expert Bruce Schneier warned of a new threat: hackers who might forge a document or two alongside a dump of legitimate documents or correspondence, spreading disinformation while inviting the target to confirm the legitimacy of other damaging information in order to deny the forged information. How hard would it be to fake a damaging email thread? Sure, you can encrypt your email, set up two-factor authentication, or use encrypted messaging apps instead of email. Most people aren't going to do that. It's long past time for the technology and security worlds to work together to make secure communications products that are as easy to use as email. The power of the default setting is well understood in technology, and email is a default setting for digital communication that spans age, gender, race, and nationality. STRUCTURE NEWS RE-THINKING SECURITY FUNDAMENTALS: HOW TO MOVE BEYOND THE FUD Our good friends at ZDNet, an official media partner of Structure Security, were kind enough to let me riff on a topic I've been thinking about all year while planning this conference: why the tech world needs to embrace security thinking the same way design thinking became a central facet of product development a decade ago. It took products like the iPhone and services like Airbnb to make design thinking trendy, and 'Im almost afraid to imagine what it will take for software companies to take security thinking as seriously as their font choices. We're less than two weeks away from Structure Security, which is going to happen September 27th and 28th at the Golden Gate Club in San Francisco (pictured here). I've talked at length about our great speaker list, which you can find here. And if you haven't yet purchased tickets, now is the time and here is the place. INDUSTRY NEWS HOW NVIDIA LET INTEL GET AN EDGE IN AI CHIP MARKET Nvidia and Intel have tussled over the years, and seem destined for more conflict as the market for artificial intelligence chips heats up. The Information (subscription required) takes a look at Intel's acquisition of Nervana Systems and what might have been a missed opportunity for Nvidia. U.S. CYBER COMMAND'S WEAPONS WILL BE CREATED BY CONTRACTORS, SENIOR OFFICIAL SAYS This should be interesting: the federal government will employ both contractors and in-house employees in creating "loud" cyber weapons, or exploits that leave a calling card for the U.S. government, according to FedScoop. The idea is that such easily-identifiable exploits might deter countries or organizations from escalating their own activities, but Oliver Stone might be thinking about a sequel to Snowden. A LOUD SOUND JUST SHUT DOWN A BANK'S DATA CENTER FOR 10 HOURS This was a new one for me. ING Bank revealed this week that its primary data center in Romania was brought to its knees by a fire drill in which a gas-extinguisher system made such a loud noise as to ruin its hard drives. Motherboard reports that vibration from the noise, which was compared to standing next to an airplane engine, was responsible for destroying the drives. GOOGLE'S DIANE GREENE TALKS AWS AND MACHINE LEARNING AT TECHCRUNCH DISRUPT Google's "We're Serious About The Cloud World Tour 2016" continued this week with an appearance at Techcrunch Disrupt. The site shared a video that Google had convinced Evernote to shed its datacenters and move its workloads to over to Google. WHY CLOUD VENDORS AREN'T TALKING SO MUCH ABOUT PRICE CUTS ANYMORE In the cloud evangelism era, deep and frequent price cuts were a popular tool used by Amazon Web Services and its competitors to reward existing users and court new ones. But that tactic is starting to fall by the wayside in favor of adding new features and finding more value for customers in existing products, Fortune reports. WHAT FACEBOOK HAS LEARNED FROM REGULARLY SHUTTING DOWN ENTIRE DATA CENTERS This item is a little old by the regular standards of this newsletter, but I wanted to highlight a talk given by Structure veteran (and 2016 participant) Jay Parikh of Facebook on how the company measures the resiliency of its network by taking out an entire data center. Data Center Knowledge wrote up his talk, which goes into some detail about how Facebook has learned to prepare for failures it can't control by introducing a few it can control. QUOTE OF THE WEEK It's one thing to have all of your dirty laundry aired in public for everyone to see. It's another thing entirely for someone to throw in a few choice items that aren't real." Bruce Schneier, on the new practice of hacking and forging Click here to unsubscribe from this list. Our mailing address is: 405 El Camino Real, #215 Menlo Park, CA 94025 Copyright (C) 2016 StructureSeries All rights reserved.