August 2022


The next generation of the Web – Web 3 – has been touted as more secure than the current incarnation of cyberspace, but a report released Tuesday warned that may not be the case.

According to a report by Forrester, a national technology research company, Web3 can be difficult to break into at the infrastructure level, but there are other points of attack that could provide threat actors with more opportunities for mischief than those found in legacy Web. can go.

Web3 applications, including NFTs, are not only vulnerable to attack; Forrester explained that they often offer a wider attack surface than traditional applications due to the distributed nature of blockchains.

Furthermore, it said, Web3 apps are desirable targets as tokens can be worth substantial amounts of money.

The openness of Web3, which is considered one of its main advantages, can also be a disadvantage. Martha Bennett, Vice President and Principal Analyst, Forrester, said, “The code that runs on a public blockchain is easily accessible by anyone with the necessary technical skills, from anywhere in the world – no need to enter corporate security to achieve this. Not there.” He is also a co-author of the report.

“Source code is generally readily available, because the focus is not on running closed source ‘smart contracts’. The Web3 ethos is, after all, ‘open code,'” she told TechNewsWorld.

unwanted complication

David Ricard, CTO of North America at Cipher, a division of Prosegur, a multinational security company, explained that Web3 is based on distributed control of data and identity by its users.

“This broadens the attack surface for individuals who may be unwilling or simply unable to handle the management of their own data and identities, bringing technical complexity to an area that is ‘above anything’ in use.” ‘easy’,” he told TechNewsWorld.

“Scrolling through personal, text messaging, email and social media and shopping apps is a real challenge for them,” he said.

He said the idea of ​​making Web3 code transparent and publicly available is unlikely to gain real traction. “There is a lot of money at stake between capital investors and users of blockchain financial systems and NFTs,” he said.

He further added that making the code transparent and public can also broaden the attack surface in a clear way. “Safe coding practices that predict how someone might abuse a system for nefarious gains are generally not practiced,” he explained. “It is not easy to predict how people might use the system for purposes other than those intended.”

“Most of the financial losses associated with blockchain and NFTs do not exploit immutable objects themselves, but rather manipulate them by exploiting applications that can affect them,” he said.

Furthermore, while legacy systems may be outdated, they may also be robust. “What’s new is also the most vulnerable,” said Matt Chiodi, chief trust officer at Cerby, creator of a platform to manage Shadow IT in San Francisco.

“While time is not always a friend of security, it allows an application to become battle tested,” he told TechNewsWorld. “Web 3 is no different. It’s new and not much tested. Legacy applications have a time advantage. Web3 doesn’t.”

NFT becoming popular target

Even if the code is visible and accessible, the report said, attackers will find weak points. This makes it clear that while attacks on smart contracts and cryptocurrency wallets are confined to the Wild West of decentralized finance, increasingly, NFT projects have become a favorite target.

“Why go for more difficult hacks if there are easier ways to get what you want?” asked Bennett. “Like any other venue where value is traded, [NFT] Markets and communication tools attract people who want to steal or otherwise break the rules.”

“For anything to do with Web3, speed is of the essence, and many of the people involved do not have the necessary expertise to assess a potential security issue,” she said. “Sometimes, startups don’t even advertise for a security chief until something bad happens.”

One of the biggest breaches of the NFT marketplace occurred in June at OpenC, which exposed nearly 1.8 million email addresses. “There was an inside threat involved in that particular case, but the applications that handle the transactions can be quite vulnerable,” Ricard said.

“There may be hundreds of thousands of ways this can be abused, which coders have to try to account for, yet a hacker only needs to discover a vector, once for a breach to occur. ,” They said.

Hangout for Scammers

Forrester also pointed out that social media network Discord has become a major weak point in NFTs and other public blockchain projects. Successful phishing attacks on Discord are at the root of many, if not most, NFT thefts, it continued.

It clarified that attacks are usually targeted at community managers and administrators. Once an administrator account is successfully taken over, attackers have the opportunity to steal extensively, as users rely on messages from community administrators.

Bennett noted that Discord was primarily designed as a communication platform for gamers, not for holding and exchanging value, and that it has mechanisms to mitigate risk. “But these mechanisms can only help if they are implemented, and it is clear that often, they are not,” she said.

“Furthermore,” she said, “Discord attracts a similar share of phishing attacks and scam messages, being the preferred communication mechanism for token projects.”

Ricard said the Discord communities provide a rich source of information for scammers, as well as investors. “The harvesting of participants’ contact information leads to phishing,” he said. “Hacks in digital wallets are not uncommon.”

“The Discord bot has been hacked, so threatening actors can post fake mining offers, resulting in the theft of cryptocurrencies,” he said.

Better security than legacy web?

Forrester’s report notes that in a fast-moving Web 3 world, it’s tempting to ignore security in favor of innovating quickly, but public safety issues can easily derail a major launch or product team. to analyze and mitigate critical security flaws.

Firms can identify risks and protect both the decentralized and centralized components of their Web3 applications by engaging their security teams not only in the software development lifecycle but throughout the product lifecycle.

“Web3 needs to shift its focus to the left, which means getting as much security as possible for developers and making prevention the ultimate goal,” Chiodi said. “Without this focus, Web3 would be indistinguishable from Web2. It would be a shame given its tremendous potential, especially around decentralized identity.”

“Web3’s distributed approach provides a variety of security capabilities, but the fundamental problems remain the same,” said Mark Bower, vice president of product at Anjuna, a confidential computing company in Palo Alto, Calif.

“If an attacker gains credentials, root-level privileges or access to keys — especially private keys that run throughout the ecosystem,” he told TechNewsWorld, “then it’s game over, as if this one in a centralized platform.”

The US Defense Advanced Research Projects Agency (DARPA), best known for creating the Internet, has selected 11 teams to work on its space-based adaptive communications node program for communication between low-orbit satellite networks. advanced its plan to revolutionize

Known as Space-BACN, the project seeks to build a low-cost, reconfigurable optical communications terminal that adapts to most optical intersatellite link standards while translating between different satellite constellations.

According to DARPA, Space-BACN will create an “internet” of low-Earth orbit (LEO) satellites that will enable seamless communication between military/government and commercial/civilian satellite constellations that are currently unable to talk with each other. are unable.

The goal of the teams working on Phase 1 of the project, which will take 14 months to complete, will be to create a preliminary design for a flexible, reduced size, weight, power and cost (SWaP-C) optical aperture that pairs Single-mode fiber and a reconfigurable optical modem that supports up to 100 Gbps on a single wavelength, as well as a fully defined interface between system components.

Also to be developed during Phase 1 will be the schema for cross-constellation command and control, which will be demonstrated in a simulated environment.

The team focusing on SWaP-C optical aperture includes CACI, MBRYONICS and Mynaric. The team working on the optical modem includes II-VI Aerospace & Defense, Arizona State University and Intel Federal. The command and control team consists of five members: SpaceX, Telesat, SpaceLink, Viasat and Amazon’s Kuiper Government Solutions.

Following the completion of Phase 1, six teams will spend 18 months developing engineering design units of optical terminal components, while the remaining five teams will continue to develop schemas to function in more challenging and dynamic scenarios.

Multiple commercial and social beneficiaries

Jim Dunston, general counsel for TechFreedom, a technology advocacy group in Washington, DC, pointed out that optical intersatellite links are a new technology without established interconnection standards.

“I see the satellite industry as a big winner here, more so than end-users, given that the power – 100 watts – and the price – $100K – are going to prevent widespread use of technologies for a single user terminal. that emerged from this program,” he told TechNewsWorld.

“What Space-BACN does, however, is get all players into the same virtual room to work on standards that are much needed, and allow them both to receive federal support for their research and to work with other companies.” Allows you to take advantage of the work.” He continued.

“While a DARPA video space-BACN has been done with first responder communications, as has been done with first responder communications—replace a myriad of individual proprietary systems operating at disparate frequencies—I don’t think the analogy is appropriate here. There is more power reason for the price,” he said.

However, DARPA projects have a way of having a wider impact than may initially seem obvious. “There are many commercial and social beneficiaries that are outside the formal focus of the program,” said Arizona State University professor Daniel Bliss, director of the Center for Wireless Information Systems and Computational Architecture.

“The technologies we will develop are widely applicable to processing and communication,” he told TechNewsWorld. “In the context of the program’s specific goals, we are proving flexible, efficient and relatively low-cost optical communications technologies to rapidly expand diverse low-cost satellite systems.”

reduce LEO costs

Existing operators of satellite constellations in non-geostationary orbit (NGSO), such as Elon Musk’s Starlink network, may eventually benefit from Space-BACN, Dunston noted.

“Optical interconnection is still one of the big value drivers of NGSO systems,” he said. “The radio side of things has been largely commoditized. You can buy very sophisticated software-defined radios [SDRs] Very cheap.”

“Optical systems are still very expensive,” he continued, “so Space-BACN has an opportunity to reduce some of that cost, benefiting all NGSO operators.”

“For existing and new LEOs [Low Eart Orbit] network, we enable the ability to connect legacy and yet-to-be-defined optical communications links,” Bliss said. “We can translate between optical standards and implement new standards as they develop, potentially officially after the launch.”

By putting together the teams for Space-BACN, DARPA attempted to remove friction for the many firms wishing to participate in the project.

“We intentionally proposed to make our Space-BACN requests as easy as possible, because we wanted to tap into the large pool of both established defense companies and innovative small tech companies, many of which do not have the time or resources to make complex government contracts. trace processes,” Space-BACN program manager Greg Kuperman said in a statement.

“We have used other transactions and are very pleased with [the] The diversity of organizations responding and the quality of the proposals,” he said.

democratization of space

Dunstan stressed that DARPA hit a “sweet spot” with the Space-BACN program. “It cast a wide net, bringing both very established and relative newcomers to the table,” he said.

“It uses DARPA’s other transaction authorization [OTA] To avoid the high overhead of most government funding mechanisms,” he continued, “and the 11 winners in Phase I mean that DARPA can take on more risk and allow some failure in the process without jeopardizing the program’s overall goal.” can give.”

The ability of small firms to participate in a project like Space-BACN reflects what the satellite industry is like today. “In the past, satellites used to cost a fortune to build,” explained John Strand of Strand Consulting in Denmark. “We are now seeing smaller companies with limited funding to build satellites for limited applications.”

“They can build satellites using standard components, the same way you would build a custom computer,” he told TechNewsWorld. “So if you look at the number of companies in the satellite industry, it’s booming.”

“Space, historically, has centralized government,” he said. “What’s happening with the space industry now is that it has become democratized because the cost of putting things in space for private-public partnerships has dropped dramatically.”

Safety Questions

In its kickoff announcement for Space-BACN, DARPA said it hopes to establish seamless communication between military/government and commercial/civilian satellite constellations. This could be the rub of the future in the program’s future.

“That would be the final question – can you secure the military/civilian interface,” Dunston said.

“Optical systems are less likely to jam because of their tighter beams. They may also be less prone to hacking, but that remains to be seen,” he continued. “My guess is that DARPA is so interested in the project. One reason is that they can get a window into the security capabilities of these types of networks.”

“Certainly the DoD is not going to sign up for an interface between defense and civilian satellite systems that they cannot secure,” he said. “Given how much SpaceCom traffic currently travels on civilian systems, my guess is that they feel pretty confident they can secure their side of the interface.”

Bliss acknowledged that it’s not always a good idea to directly implement commercial communication technologies. But, he added, “because of the flexibility we’re developing, we can maximize the benefits of leveraging commercial technologies while minimizing security risks.”

Cyber ​​security professionals want the computer industry to emphasize vendor consolidation and open standards.

This major change in the security networks of IT professionals is long overdue, according to new research from the Information Systems Security Association (ISSA) International and the independent industry analyst firm Enterprise Strategy Group (ESG), a division of TechTarget.

Seller consolidation and the push toward open standards is driven by buyers themselves, who are challenged by increasing complexity, cost, and the promotion of best-of-breed technology “equipment sprawl”.

Nearly half (46%) organizations consolidate or plan to consolidate the number of vendors they do business with. Concerned by the growing complexities of security operations, 77% of InfoSec professionals would like to see greater industry collaboration and support for open standards that promote interoperability.

Thousands of cyber security technology vendors compete against each other in multiple security product categories. Organizations want to optimize all the security technologies in their stack at once.

According to the research report, vendors supporting open standards for technology integration will be best positioned to meet this shift in the industry.

“Given that nearly three-quarters (73%) of cybersecurity professionals feel that vendors are engaging in promotions on substance, vendors who demonstrate a genuine commitment to supporting open standards are more likely to engage industry-wide. would be in the best position to avoid consolidation,” he said. Candy Alexander, Board President, ISSA International.

He said CISO vendors have become so burdened with noise and security “equipment dispersion” that for many, the wave of vendor consolidation is like a breath of fresh air.

Shift to security platform

ESG studied 280 cyber security professionals, most of whom are ISSA members. The results, released last month, focused on security processes and technologies, and show that 83% of security professionals believe the technology interoperability of the future depends on setting industry standards.

The report’s details demonstrate a cybersecurity landscape that looks favorably toward a security product suite (or platform) as it moves away from a defense-intensive strategy based on deploying best-of-breed cybersecurity products. This approach is based on historical precedent that has consistently increased organizational complexity and contributed to substantial operations.

“The report shows that massive changes are taking place within the industry in what many believe is a long time to come,” said John Oltsik, Senior Principal Analyst and ESG Fellow.

“The fact that 36% of organizations may be willing to purchase most security technologies from a single vendor speaks volumes for a change in buying behavior as CISOs are openly considering security platforms in lieu of best-of-breed point of view devices. are,” he said.

Why Jump from Best-of-Breed

The number of competing security suites has skyrocketed with many organizations managing 25 or more independent security tools. It follows that security professionals are now stressing the need to juggle so many independent security products to do their job.

Managing an assortment of security products from different vendors has increased training requirements, makes it difficult to get an overall picture of safety, and requires manual intervention to fill in the gaps between products. As a result, 21% of organizations are consolidating the number of cybersecurity vendors they do business with, and another 25% are considering consolidating.

“In general, buying, implementing, configuring and operating too many different tools has become very difficult, let alone ongoing support relationships with vendors. Consolidation management/operations makes sense,” says Oltsik told TechNewsWorld.

This ongoing complication is prompting 53% of cybersecurity professionals to purchase security technology platforms instead of best-of-breed products. The study showed that 84% of respondents believe a product’s integration capabilities are important, and 86% consider it important or important that integration with other products create best-of-breed products.

According to 60% of IT teams, strict integration between already separate security controls is a primary requirement rather than a best buy. Improved threat detection efficiency such as accurate high-fidelity alerts and improved cyber-threat detection were on the wish list for 51%.

generalized government mandate

Cybersecurity products cover the basics, noted Oltsik. This includes antivirus software, firewalls, some sort of identity management system, and a range of products for endpoint encryption.

“In many cases, these technologies are mandated by government and industry regulations,” he said. “The biggest influencer in cybersecurity protections is the US federal government which can and does mandate certain standards.

For example, the Security Content Automation Protocol (SCAP) is a synthesis of interoperable specifications derived from community considerations. The In-Process Cyber ​​Security Maturity Model Certification (CMMC) standard mandates certain security certifications for DoD vendors.

“We have also seen standards from industry, such as the activity of the Organization for the Advancement of Structured Information Standards (OASIS) and other OASIS standards. This week, we introduced the Open Cyber ​​Security Framework (OCSF), a standard data schema for security data. Saw the beginning. There are also many identity management standards,” he said.

Finding a shared security base

After reviewing this data, ESG and ISSA recommend that organizations encourage their security vendors to adopt open industry standards, possibly in collaboration with the Industry Information Sharing and Analysis Center (ISAC). In addition, there are some established security standards available from MITER, OASIS and Open Cyber ​​Security Alliance (OCA).

Many vendors speak in favor of open standards, but most do not actively participate or contribute to them. However, this lukewarm behavior can change quickly.

For this to happen, cybersecurity professionals – especially large organizations big enough to send signals to the market – establish best practices for vendor qualification.

In addition, they need to emphasize process requirements that include adoption and development of open standards for technology integration as part of a broader process for all security technology procurement, according to the report.

expected result

Cyber ​​security standards and vendor integration will strengthen the cyber security landscape against the continuing increase in cyber threats by easing product development and integration. Oltsik explained that this will allow industry and security teams to focus more on innovation and security fundamentals and less on building connectors for interoperability.

He sees an opportunity within the industry to support these efforts.

“It seems that some industry leaders are collaborating. I point to OCSF where 18 vendors agreed to support it,” he said.

This group includes a number of leaders – AWS, CrowdStrike, IBM, Okta and Splunk, for starters. He said another potential driver would be the support of large security technology customers.

Oltsik concluded, “If Goldman Sachs, GM, Walmart and the US federal government said they would only buy from vendors that support OCSF, it would really hit the industry.”

The full ESG-ISSA report titled “Technology Perspectives from Cyber ​​Security Professionals” is available here. No form filling is required.

While Netscape didn’t invent the Internet or HTML, it was the company that made the Internet real. Netscape went ahead with the creation of Tim Berners-Lee’s HTML and was instrumental in turning it into something that will change the world.

Last week at Siggraph, Nvidia’s opening keynote identified Universal Scene Description (USD), developed by Pixar, a Disney subsidiary, as the HTML equivalent for the Metaverse. Since Pixar wouldn’t exist without Steve Jobs, it’s like putting Pixar where Berners-Lee was, and Nvidia where Netscape was, but unlike Netscape, Nvidia is very well run and knows its battles. How to choose

Nvidia also talked about the future of the Metaverse, where avatars will become browser-like, creating a whole new level of human/machine interface. Nvidia also announced the concept of Neural Graphics, which is based heavily on AI to create more realistic Metaverse graphical elements with far less work.

This week let’s talk more about what happened at Siggraph — and how Nvidia and Disney can, and should, demonstrate their strengths at the forefront of the Metaverse.

Then we’ll close our product of the week, the HP Halo product, with an update on the Dragonfly laptop, which has just released its third edition. Halo products showcase the full capabilities of the seller and draw people to the brand, and it’s well positioned against the best of Apple.

Metaverse and Disney

I’m a former Disney employee and I can’t think of any other company on the content side that would be a better base for building the Metaverse.

Disney has always been about fantasy and trying to make magic real. While the firm has had problems maintaining its innovative leadership over the years, it still attracts all its peers, especially youth, across all age groups in terms of physical, magical places to see and film content.

It is tempting that the concept of the Multiverse, which could easily become a Metaverse creation, as illustrated by the Marvel Universe, which is also owned by Disney, suggests that as the Metaverse moved into the consumer market. Goes on, Disney could be even more powerful. The driver of this new technology for fun.

That’s a long way to say that given its relationship with the USD and entertainment, Disney may be the best-positioned media company to take advantage of this new paradigm and turn its version of the metaverse into something truly amazing. Imagine the potential of Metaverse Disney parks that kids can enjoy from their homes during extreme weather events, pandemics or wars.

Nvidia’s One Metaverse Movement

Right now, the metaverse is a mess. It appears that companies like Meta and Google are creating experiences that, like CompuServe and AOL, were done at the dawn of the Internet, which the market did not want.

The reason those wall-garden efforts didn’t survive is because no single company can meet the needs of each user. Once they gave way to the open Internet, the technology really took off, and AOL and CompuServe largely faded into history.

Nvidia CEO Jensen Huang is a big believer in the metaverse. He refers to it as Web 3.0 – the successor to Web 2.0 (the Internet as we know it today, with changes to the cloud and user-generated content). This concept of a generic metaverse, with elements that you can move on seamlessly, requires a great deal of standardization and advancements in physical interfaces like VR goggles.

Huang addressed this during the keynote, speaking of the massive advances in headset technology that in the future will bring VR glasses much closer to the size and weight of reading glasses, making them less tedious and annoying. . However, recalling our problems with 3D glasses, the industry will still need to address the overwhelming dislike of consumers for prosthetic interfaces if the effort is to reach its full potential.

One of the most interesting parts of this presentation was the concept of neural graphics, or graphics enhanced significantly by AI, which reduce the cost and speed of scanning things in the real world and turning them into mirror images in the virtual world. increase. At the event, Nvidia presented about 16 papers on neural graphics, two of which won awards.

Building on Pixar’s concept of Universal Scene Description, Huang explained how, once these virtual elements were created, they would be linked via AI to ensure that they remain in sync with the real world, Enables complex digital twins that can be used effectively for extreme precision. Simulation for both business and entertainment purposes.

This made me wonder how long it would take before we had the incarnation of Huang, who was revealed to be the keynote speaker, was actually the keynote speaker. With Huang’s progress in terms of avatar realism and emotion, there will come a time when avatars will be far better at such presentations than humans.

Up to this point, Huang introduced a concept called Audio2Face which combines a voice track with an avatar that creates realistic facial expressions, conveys emotion and is often indistinguishable from an actor’s appearance.

To do this realistically, they mapped facial muscles and then allowed the AI ​​to learn how people manipulated those muscles for different emotions and the ability to edit those emotions after the fact. . I have no doubt that the kids of tomorrow will have a lot more fun than this and in the future will create some deeply murky issues that we will need to address.

With Audio2Face MDL, a new content definition language, and neural VDB that can reduce video file sizes by up to 99%, create a pattern of increased resolution and realism while reducing the overall cost of effort.

Back to Disney: This technology could allow the company to create more compelling streaming and movie theater content while reducing its production budget, which would be huge for its top and bottom tiers.

Finally, Huang talked about a cloud publishing service for Avatars called Omniverse ACE. This could potentially open up a market for avatar creation, which in itself could be a highly profitable new tech industry.

wrapping up

With tremendous gains in USD and multi-age group content, Disney is in a unique position to benefit from our move into the metaverse.

However, the technology company to watch in this space is Nvidia which is at the forefront of creating this Web 3.0 metaverse creation that will be fast-forward to the Internet as we know it and provide us with amazing new experiences – and undoubtedly new ones. Problems we plague haven’t identified yet – much like the Internet.

In their respective fields, both Nvidia and Disney are forces of nature, and betting against either company has proven unwise. Together, they are creating a metaverse that will surprise, entertain and help solve global problems like climate change.

What is being built for the metaverse is simply amazing. For another example, look at this:

We are at the forefront of another technological revolution. Once done, the world will become a mixture of the real and the virtual and will be forever changed again.

Technical Product of the Week

HP Elite Dragonfly G3

Halo products are expensive and somewhat exclusive offerings that often show what a company can do, regardless of price.

The HP Elite Dragonfly G3 is the third generation of this Halo product, and it’s a relatively affordable showcase of HP’s laptop capabilities.

Lighter than most of its competitors, including the MacBook, sporting the latest 12th Gen Intel Core processors, and promising up to 22 hours of battery life (video), this 2.2-pound laptop is an impressive piece of kit.

HP Elite Dragonfly G3 Notebook

HP Elite Dragonfly G3 | image credit: HP

Some interesting features include a mechanical privacy shade for the 5MP front-facing camera that is activated electronically from the keyboard.

The laptop comes in a unique Slate Blue finish which I think looks awesome. This latest generation was designed for the new hybrid world many of us now live in, where we both work from home but sometimes have to go to the office.

It has Wi-Fi 6e for better wireless connectivity and supports 5G WAN for times when Wi-Fi is either too insecure or too unrealistic.

The Elite Dragonfly G3 has a unique 3:2 aspect ratio instead of the more typical panoramic display. The latter may be better for films but 3:2 is better for work. Laptops in this class are expected to focus more on content creation than on entertainment. This high screen also enabled a large touchpad that includes a fingerprint reader for security.

The ports on this unit, which has a 13.5-inch display, are surprisingly complete for one of the thinnest laptops I’ve tested. In addition to two USB-C Thunderbolt ports, it has a full-size USB port and a full-size HDMI port, both of which are unusual but unheard of in a laptop this small and light.

hp elite dragonfly g3 port

HP Elite Dragonfly G3 Right-Side Ports | image credit: HP

The product is relatively durable, using a magnesium/aluminum frame that is largely from recycled metals and designed to be recycled again as the laptop gets older.

In conclusion, it is potentially one of the most secure laptops in its class with the Wolf Pro security option for those who want extra security. Interestingly, starting at just $2,000, the Wolf Security Edition is also one of the most affordable.

I was at the launch of HP’s first Dragonfly laptop and I am very impressed with this offering which is my product of the week. I’m going to hate giving this laptop back.

The opinions expressed in this article are those of the author and do not necessarily reflect the views of ECT News Network.

Navigating the Internet can be a troublesome journey. Bad actors constantly hide behind emails, websites and social media invitations with the intention of exploiting uninformed users. Even your Wi-Fi router and the now-ubiquitous QR code are danger points. Add to that, the never-ending virus and malware threats.

Computer and mobile device users are often unaware of the danger zone. However, the Internet does not require a continuous journey through the Badlands. To stay safe online, it’s important to know what to avoid and how to protect yourself.

Here are five things you have under your control to help keep your digital activity safe.

1. QR Codes, Easy But Potentially Harmful

QR code for
A secure QR code for

These postage-sized image links can be convenient for websites. Simply point your smartphone’s camera at it and instantly visit a website, tech support location, discount offer on purchases, or restaurant menu.

However, QR codes can also take you to a nefarious place where malware or worse is waiting. QR codes can be programmed to link to anything, putting your privacy and security at great risk.

Think before scanning the QR code. If the code is displayed on a website or printed document that you trust, it is probably a safe one. If not, or you’re unsure, check it out.

You can download reputed QR reader apps that will do security checks at the endpoint of destination of the QR code. One such security tool I use is the Trend Micro QR Scanner app, which is available for Android and iOS.

2. Avoid ‘Unsubscribe’ Email Scams

This is a popular ongoing scam that has a high success rate for hackers. Potential victims receive an email asking for a product offer or other business invitation. The opt-out action move is enticing, looks familiar, and feels appropriate. “Don’t want to receive our emails? Click here to unsubscribe,” it prompts.

Sometimes annoying repetitive emails asking if you want to unsubscribe from future emails. Some even provide a link for you to unsubscribe.

Do not select any option. Clicking on the link or replying confirms your active address.

Never enter your email address in the “Unsubscribe me” field. More senders will follow.

A better way to remove unwanted email, especially from an unknown sender, is to mark it as spam. This moves it to the spam folder. You can add that sender to your email program’s block list, or set a filter to automatically remove it before it reaches your inbox.

Finally, check out the free service There you can unsubscribe from unwanted emails, keep others, or receive the rest in the Daily Digest.

3. Lockout Facebook Hackers

Other villains try to usurp Facebook accounts. Hackers can change your password, email address, phone number and even add a security code to lock you out of a pirated account. Before trouble strikes, be proactive to prevent these situations. Facebook provides the following security settings that you need to enable.

Enable two-factor authentication (2FA) to require your login approval on a different device.

To do so, log into your Facebook account on a desktop computer and navigate to Settings & Privacy. Next, select Security and login. Then scroll down and edit the Two-Factor Authentication option.

Facebook Two-Factor Authentication Settings

You will need to enter your Facebook password to complete this step.

Activate these two additional features to block Facebook hackers:

  • Enable the code generator feature in the Facebook mobile app
  • Set up login alerts in your email

First, open the Facebook mobile app and tap on the magnifying glass, enter the word “code generator” and tap the search icon. Tap on the Result Code Generator to navigate to the next screen, then tap the “Turn on Code Generator” button to receive a 6 digit code that changes every 30 seconds. You will need to enter this code within that short amount of time to login to your account on another device.

Next, set an alert about unfamiliar logins. You can do this from a computer or mobile device.

  • Computer: Go to Settings & Privacy > Settings > Security & Login > Receive alerts about unrecognized logins (see screenshot above).
  • mobile application: Tap Menu > Settings & privacy gear icon > Settings. Then tap Password & Security. Next, scroll down to Set up additional security > Receive alerts about unfamiliar logins > Tap to select your preferred notification methods.

If you’re having trouble logging in, visit to have the problem fixed. If you are unable to log in there, go to this Facebook help page instead and fill out the request form for Facebook to review your account. You will need to answer a few security questions to prove your identity. This may include providing proof of ID, like a picture of a driver’s license.

4. Secure Your Wi-Fi Router

The influx of people working remotely since Covid has put home Wi-Fi routers among the target sites of hackers. As a result, malware attacks on home Wi-Fi networks are on the rise because residential setups often lack the level of security and protection found on enterprise networks.

One nasty attack tool, called ZuoRAT, is a remote access Trojan designed to hack into small office/home office routers. It can affect macOS, Windows, and Linux computers.

With it, hackers can collect your data and hijack any site you visit on your network. One of the worst factors of ZuroRAT is that once your router is infected, it can infect other routers to spread the hackers’ reach.

Follow these steps to better secure your home/office Wi-Fi network:

  • Be sure to enable WPA2 or WPA3 encryption on your router. The default factory setting is often the old WEP (Wired Equivalent Privacy) security protocol, or is set to none. See the user manual or the router manufacturer’s website for instructions.
  • Change your router’s SSID (Service Set Identifier) ​​and password. It is critical. Typically, the factory setting shows the make or model of the router and has a universal password such as 0000 or 1234. Change the name of the SSID to not identify you easily. Avoid names that include all or part of your name or address. Make sure the password is very strong.
  • For added security, change the router’s password regularly. Yes, this is a major inconvenience as you will also have to update the password on all your devices that use that Wi-Fi network. But considering that it will keep hackers away, it is well worth the trouble.
  • Keep the router’s firmware up to date. Refer to the user manual and/or the manufacturer’s website for steps on how to download the latest update.

general question
How do I create a password that is hard to hack?

The strongest passwords have all these characteristics:

  • Long – the more characters, the better
  • mix of upper-case and lower-case letters, numbers, and special characters
  • No jargon words or anything related to personal information

Pro Tip: When using a password generator, always replace at least a few characters from the random result to create your final credential.

5. Beware of the phony tech support plans

Some fraudsters call you on the phone to tell you they are a tech support department working for a well-known computer or software company. The caller claims to have detected a virus on your device or made a call in response to an alert from your computer of malware. The scammer offers to fix it if you only provide your credit card number.

Keep phone. Your computer is not infected.

A modified version of this tech support scam is a text or email claiming the same details. do not respond. Just delete the message and move on.

You can also browse the web when a pop-up message crashes on your screen. I have received too loud Audio alerts warn me that my computer is in danger and should not be turned off without responding for help.

In all these cases, scammers want to scare you into following their instructions. The action they seek to fix the alleged problem will damage your bank account and possibly let them transmit the actual infection.

Follow these best practices to protect yourself from tech support fraud:

  • never Allow a scammer to trick you into visiting a website or clicking on a link.
  • never Agree to a remote connection by the so called technical support agent who initiated contact with you.
  • never Provide payment information for technical support you haven’t started. Legitimate tech companies will not call you and ask for payment to fix a problem detected on your device.

If you suspect that your computer has a virus or malware problem, contact a self-repair center. You probably already have a support plan or active warranty from where you bought the computer. If you have not contacted a technical support company, the call or message you have received is illegitimate.

Fake social media accounts are usually associated with bot networks, but some research released Tuesday showed that many social media users are creating fake accounts of their own for a variety of reasons.

According to a survey of 1,500 US social media users conducted by, one in three US social media users have multiple accounts on the social media platforms they use. About half (48%) of people with multiple accounts have two or more additional accounts.

Reasons for creating additional accounts vary, but the most commonly cited are “sharing my thoughts without judgment” (41%) and “spying someone else’s profile” (38%).

Other motives behind creating fake accounts include “increasing my chances of winning an online contest” (13%), “increasing likes, followers and other metrics on my real account” (5%), fooling others (2.6%) Are included. and for scamming others (0.4%).

When asked where they were creating their fake accounts, respondents most often named Twitter (41%), followed by Facebook (31%) and Instagram (28%). “That’s because Twitter is pretty much open by default,” said Will Duffield, a policy analyst at the Cato Institute, a Washington, DC think tank.

“Twitter power users will often have multiple accounts — one for a mass audience, other for smaller groups, one that is open by default, one that is private,” he told TechNewsWorld.

Infographic explains where US residents create fake social media accounts

Infographic Credit:

Twitter prompted the research by the online casino directory site, noted study co-author Ines Ferreira. “We started this study primarily because of discussions about Elon Musk and the Twitter deal,” she told TechNewsWorld.

That deal is currently tied up in the courts and hinges on a dispute between Musk and the Twitter board over the number of fake accounts on the platform.

sex changing detective

The types of fake accounts in the study, however, differ from the ones that confused Musk. “The survey tackles two completely different issues,” Duffield said.

“On the one hand, you have automated accounts – things operated by machines and often used for spamming. This is the kind of fake account that Elon Musk alleges Twitter has too much,” he told TechNewsWorld. There are pseudonymous accounts, which are being surveyed here. They are operated by users who do not wish to use their real names.”

The survey also found that most users retained their same gender (80.9%) when creating fake accounts. The main exception to that practice, the survey noted, is when users want to spy on other accounts. Then they are in favor of creating a fake account of the opposite sex. In general, one in 10 (13.1%) of those surveyed said they used the opposite sex when creating fake accounts.

Infographic reveals how many fake social media accounts owners own

Infographic Credit:

“There are a number of reasons why we don’t want everything we do online to be associated with our real name,” Duffield said. “And it doesn’t necessarily have to be cancel culture or anything like that.”

“One of the great things about the Internet is that it allows us to divulge identities without committing ourselves or trying on new individuals so that we can showcase one aspect of ourselves at a time,” he said. Explained.

“It is absolutely normal for people to use pseudonyms online. If anything, using real names is a more contemporary expectation,” he said.

Accounts created with impunity

The study also found that most fake account creators (53.3%) prefer to keep the practice a secret from their inner circle of acquaintances. When they mentioned their fake accounts, they were most likely to mention them, followed by friends (29.9%), family (9.9%) and partners (7.7%).

The researchers also found that more than half of the owners of fake accounts (53.3%) were millennials, while Gen X had an average of three fake accounts and Gen Z had an average of two.

According to the study, the creators of fake accounts do this. When asked whether their fake accounts were reported on the platforms on which they were created, 94% of the participants responded negatively.

Infographic describing platforms where fake social media accounts have been reported

Infographic Credit:

“Every time these platforms release new algorithms to report these accounts, most of them never report them,” Ferreira said. “There are so many fake accounts, and you can create them so easily, it’s really hard to identify them all.”

“After Elon Musk’s deal with Twitter, these platforms are going to be thinking a little bit more about how they’re going to do it,” she said.

However, Duffield downplayed the need for users to police fake accounts. “Creating these accounts is not against the platform rules, so there is no reason for the platform to consider them a problem,” he said.

“Since these accounts are operated by real people, even though they do not have real names, they act like real people,” he continued. “They’re messaging one person at a time. They’re taking the time to type things out. They have a typical day/night cycle. They’re sending messages to 100 different people at once at all hours of the day. Not sending thousand messages.

harmless fake?

Duffield stressed that unlike fake accounts created by bots, fake accounts created by users are less harmful to the platforms hosting them.

“There is a theory that people abuse more often when they are using a pseudonymous account or one that is not tied to their real identity, but from a sobriety perspective, banning a pseudonymous account is a real person.” No different from banning,” he observed.

“Facebook has had a real-name policy, although it has received a lot of criticism over the years,” he said. “I’d say it’s under-applied intentionally at this point.”

“As long as the pseudonymous account is complying with the rules, this is not a problem for the platforms,” he said.

While bot accounts do not contribute to the social media platform’s business model, fake user accounts do.

Duffield explained, “If the pseudonymous account is being used by a real human being, they are still seeing the ad.” “It’s not like a bot clicking on things without a human being involved. Regardless of the name on the account, if they’re seeing contextual ads and they’re being shown, from a platform standpoint, it’s not really a problem. Is.”

“Activity is reflected in monthly active user statistics, which is what the platform, advertisers and potential buyers care about,” he continued. “The total number of accounts is a useless statistic because people constantly drop accounts.”

Still, Ferreira argued that any form of fake account undermines the credibility of social media platforms. “At some point,” she said, “there are going to be more fake users than real users, so they need to do something about that now.”

According to a CNBC report, less than 1% of Netflix’s 221 million subscribers are playing the service’s games every day.

Based on data from Apptopia, the report revealed that Netflix’s mobile games have had 23.3 million global downloads, and an average of 1.7 million subscribers are connecting to the game daily.

When Netflix announced its move into games in November, it was seen as a revenue diversification strategy at a time when it was sinking cash. Since then, the streaming service has seen a massive exodus of subscribers — 200,000 in the first quarter, nearly a million in the second — so the gaming may be even more important for the service now than it was when it initially launched.

However, it is likely that gaming will be on the back burner for some time. “Unless they stabilize subscription levels and are seeing some momentum from ad-supported levels, I expect to see a lot more aggressive movement on the game front,” said Ross Rubin, principal analyst at Reticle Research, a consumer technology advisory. hope not.” firm in New York City, told TechNewsWorld.

“This Apptopia report should be disastrous for Netflix’s senior management,” said Mark N. Venna, president and principal analyst at SmartTech Research in San Jose, Calif.

“It confirms what many industry experts have long suspected: gamers don’t see the Netflix brand as even remotely attractive for gaming versus traditional mobile, PC and console gaming platforms,” ​​he told TechNewsWorld.

He said the lack of appeal would deprive Netflix of its ability to strengthen its subscription business and drive incremental revenue through gaming.

no need to worry

Other analysts said Apptopia’s findings won’t cause much consternation in Netflix’s executive suites.

“Netflix should be vigilant and attentive to consumer feedback as it builds out its still-nascent game portfolio, but I don’t think it should be overly concerned,” said Paul Erickson, research director at Parks Associates. Consulting company in Edison, Texas specializing in consumer technology products.

“The company is playing the long game when it comes to being a provider of connected entertainment, and it is learning the habits of its customers,” he told TechNewsWorld. “It’s still early for its gaming aspirations, and I don’t believe its current game with mobile apps is the end of its gaming strategy — just the initial phase.”

George Zizyashvili, principal analyst at Omdia, a research and consulting firm in London, called Netflix’s approach to gaming “cautious and measured”.

“Netflix Gaming launched with just five games worldwide last November. Nine months later, it now offers 26 exclusive games, including games made by its acquired studios,” he explained to TechNewsWorld .

“Netflix recently unveiled several upcoming games as tie-ins for their respective Netflix TV series. Based on its acquisitions and activity in this area, I think Netflix remains committed to gaming,” he said.

questionable value proposition

Michael Inoue, a principal analyst at ABI Research, a global technology intelligence firm, agreed that Netflix shouldn’t be too concerned about the Aptopia findings. “If Netflix is ​​concerned, they had unrealistic expectations,” he told TechNewsWorld.

“Entering the gaming market as a previous outsider is never an easy task, especially when you are targeting mobile games,” he said.

“While Netflix’s mobile games, which still number less than 30, can be included in subscriptions — without ads or in-game purchases — these games are essentially competing for free,” he explained.

“Most mobile games are still free to play and most consumers accept both advertising and in-game purchases, as long as it’s not a ‘pay to win’ – meaning you don’t have to go ahead or win.” have to pay for it,” he added.

Vena pointed out that Netflix is ​​competing in a space with strong competitors who are offering a strong value proposition. “It’s very difficult to promote and defend Netflix’s value proposition in the gaming space,” he said. “Unless it offers some brand tie to their streaming content properties — which may be a non-starter — it’s hard to understand how Netflix can differentiate itself in any meaningful way.”

need more marketing

“Netflix is ​​a company known for streaming video entertainment, not gaming,” Eriksson said. “Neither the brand nor service resonates with the public as a known quantity when it comes to gaming. Without an active marketing campaign and branding push, the change in consumers’ brand perception will be slow and gradual.

“Right now, in the early stages of their gaming strategy, game content is ranked as the value addition to its video content,” he continued. “Whether mobile gaming remains a value-add to increase subscriber stickiness and perceived value of Netflix subscriptions in the long run, or the company creates a broader content and brand push around gaming, it remains to be seen.”

Inouye notes that even though it has a link to Netflix’s game at the bottom of its app, it hasn’t generated a significant amount of marketing. “It makes sense given the current size of its gaming library,” he said, “but as it fills up, or when new titles based on hit shows launch, I’m looking for more direct marketing on their behalf. I look forward to your efforts.”

Rubin agreed that Netflix could do a lot to promote its games and suggested that might change when the company launches one of its proposed new services. “With the launch of the ad-supported tier of Netflix, this could provide them with some inventory to promote their games,” he said.

Zizyashvili cited three reasons for the low response by gamers to Netflix’s offerings: small selection, low customer awareness, and mobile device exclusivity.

“Smart TVs, monitors, set-top boxes and digital media players are the preferred devices for watching Netflix at home,” he explained. “I believe that’s why many Netflix subscribers rarely visit their mobile app for this reason.”

“If Netflix were to bring its games to more devices — for example, through cloud gaming — I think it could significantly increase customer engagement with its games,” he said.

‘Destined to fail’

Inouye agreed that content is a problem with Netflix games at this time. “Netflix doesn’t have enough unique content yet,” he said. “While some titles may be exclusive, many have game archetypes similar to other popular mobile games.”

“Netflix needs more unique IPs that take advantage of its most popular video franchises,” he continued. “The Stranger Things games are a prime example here, with Netflix needing more games of this type, rather than reimagining mobile games with little ties to their exclusive library of content.”

“That’s probably the goal, but it takes time to develop these games and build a library,” he said. “The challenge is finding a way to get the right timing between the life cycle of the video franchise and the time to development and the investment on the gaming front.”

Still, there are those who argue that Netflix made a big mistake in gaming in the first place. Michael Pachter, managing director of equity research at Wedbush Securities in Los Angeles, said, “Nobody needs Netflix to provide games, just like someone doesn’t need to sign up for video on demand at a sporting event. “

“There’s no natural connection between Netflix’s business and games, and their foray into gaming is set to fail,” he told TechNewsWorld. “It’s like McDonald’s selling groceries, because they serve half the population and the population eats there. It’s not logical that they would include groceries in their offering. Adding a Netflix game is similarly misleading. .

This week is Siggraph 2022 where Nvidia will be doing one of the main things.

While on the consumer side the Metaverse has industrial uses, outside of gaming, which has effectively included Metaverse instances over the years, at Siggraph Nvidia will talk about its leadership in integrating AI into technology, the creation and application of digital twins, and successes. . In major new robotic factories such as the one made by BMW with the help of Siemens.

But what I find even more interesting is that as metaverse tools like Nvidia’s Omniverse become more consumer friendly, the ability to use AI and human digital twins is enabling us to create our own worlds where We Let the rules dictate and where our AI-powered digital twins will simulate real people and animals.

At that point, I expect we’ll need to learn what it means to be gods of the world we’ve created, and I doubt we’re prepared anywhere, in terms of the addictive nature of such products and the way these metaverses become virtual. How to create a world in a way that can form the basis of our own digital immortality.

Let’s explore the capabilities of the Metaverse this week, then we’ll end with our product of the week: the Microsoft Surface Duo 2.

Sigraph and the AI-powered metaverse

If you’ve participated in multiplayer video games like Warcraft, you’ve experienced a rudimentary form of the metaverse. You also found that objects that do things in the real world – like doors and windows that open, leaves that move with the wind, and people who behave like people – don’t exist yet.

With the introduction of digital twins and physics through tools like Nvidia’s Omniverse, this is changing so that reality-dependent simulations, such as those developed by autonomous cars and robots, work accurately and assure that humans or Potential accidents are reduced without putting real animals at risk. Because those accidents initially happen in a virtual world.

At SIGGRAPH, Nvidia will talk about the Metaverse’s current capabilities and its near future, where for a time, money and greatest capabilities will be tied to industrial, not entertainment, use.

For that purpose, the need to make an observer feel as though they are in a real world, outside of simulations intended to train people, is largely reduced. But training humans is also a goal of simulations, and creating human digital twins will be an important step forward in our ability to use AI of the future to handle the ever-increasing amount of repetitive and annoying portions of our workloads.

It is my belief that the next major breakthrough in human productivity will be the ability of regular people to create digital twins of their own that can perform an increasing number of tasks autonomously. Auto-fill is a very, very early milestone on this path that will eventually allow us to create virtual clones of ourselves that can cover for us or significantly increase our reach.

Nvidia is at the forefront of this technology. For anyone wanting to know what the Metaverse is capable of doing today, attending Siggraph Keynote should virtually be on your important to-do list.

But if we project 20 or so years into the future, given the enormous pace of development in this space, our ability to immerse ourselves in virtual worlds will increase, as well as our ability to create these existences. Worlds where physics as we know it is not only optional, but where we can choose to put ourselves in “God Mode” and walk through virtual worlds as the ultimate rulers of the virtual spaces we’ve created. Huh.

immersion is important

While we’ll have intermediate stages using prosthetics that use more advanced forms of haptics to make us feel like we’re immersed in these virtual worlds, it’s like Elon Musk’s attempt to create better human-machine interfaces. that will make a real difference.

By connecting directly to the brain, we should be able to create experiences that are indistinguishable from the real world and place us far more realistically in these alternate realities.

Meta Reality Labs is researching and developing haptic gloves to bring the sense of touch to the metaverse of the future.

Yet, as we gain the ability to create these worlds ourselves, changing these connections to provide more reality (e.g. experiencing pain in battle) will be optional, allowing us to walk through encounters. As if we were super powers.

human digital twin

One of the biggest problems with video games is that NPCs, no matter how good the graphics, use very limited scripts. They don’t learn, they don’t change, and they’re barely more capable than the animatronics at Disneyland.

But with the creation of human digital twins, we will gain the ability to populate the created world with more realistic citizens.

Imagine being able to present the Digital Twin you create to others and license them to be used in companies or games made by them. These NPCs will be based on real people, will respond more realistically to changes, potentially be able to learn and grow, and will not be tied to your gender or even your physical appearance.

For example what about Talking Dragon based on your digital twin? You can also populate the created Metaverse world with a large number of clones that have been altered to look like a diverse population, including animals.

Practical applications will include everything from virtual classrooms with virtual teachers to police and military training with virtual partners against virtual criminals – all based on real people, providing the ability to train with an unlimited number of realistic scenarios.

For example, for a police officer, one of the hardest things to train is domestic disturbance. These collisions can go all the way sideways. I know of many instances where a police officer stepped in to protect the abusing spouse and then was spotted by the same spouse who suddenly decided to defend her husband from the officer.

Today I read a story about a rookie who approached a legally armed citizen who was on his property. The officer was almost shot because he tried to seduce a civilian who had not broken any laws. He was all set to kill the civilian officer if it had happened. For this the officer was fired but he could have died.

Being able to train in situations like this can help ensure the safety of both the civilian and the officer.

Wrapping Up: God Mode

Anyone who has ever played a game in God Mode knows that it really destroys a lot of the game’s value. Yes, you can burn through the game in a fraction of the time, but it’s like buying a book and then reading a comprehensive summary with no spoilers. Most of the fun of a game is figuring out puzzles and working through challenges.

“Westworld” explored what might happen if virtual people, who were created to emulate humans, found out they had been abused. To be realistic, these creations would need to emulate the full flow of pain, suffering, and emotion, and it’s certainly a remote possibility that they could kick off their schedule.

However, another possibility is that people fully immersed in God Mode may not be able to differentiate between what they can do in the virtual world and the real world. This can result in some bad behavior in the real world.

I think we will find that there will be a clearer delineation between those who want to create viable worlds and treat those worlds beneficially, and those who want to create worlds that allow them to explore their distorted fantasies and occult desires. allow.

This can be a way to determine if someone has the right personality to be a leader, as it would be so easy to abuse power in the virtual world, and the tendency to abuse power is for anyone who goes into management. Should be a big red flag.

We’re still decades away from this potential, but we should start thinking about the limits of using this technology for entertainment so that we don’t create a significant group of people who don’t see others as different from virtual people who don’t. They misbehave in the twisted world. they will make.

What kind of metaverse god would you be?

Technical Product of the Week

Surface Duo 2

I’ve been using the Surface Duo 2 for several months now and it remains my favorite phone. I’m amazed at how many people came up to me to ask me about the phone and then said, when I shared with them what it does, they want to buy one.

This has huge advantages when consuming emails with attachments or links. The attachment or link opens on another screen without interrupting the flow of reading the email that it delivered. Just like using the phone when you’re opening a website that requires two-factor authentication. The authentication app is on another screen, so you don’t have to go back and try to locate the screen you were working on, preserving the workflow again.

For reading, it reads and holds like a book with two virtual pages, one on each screen. While I thought I might have problems watching videos due to the gap between the screens, I have been watching videos on both screens for some time now and unlike my issues of using dual screen monitors where I find the separation annoying , it’s not the difference. Doesn’t bother me at all.

Ideally this phone works best with a headset or smartwatch, such as the Apple Watch, so you can talk and listen – as it’s awkward to hold this form factor on its head. However, many of us somehow use the speakerphone feature on our smartphones and the Surface Duo 2 works fine that way.

In the end, I think it shows why with a revolutionary device – such as the iPhone was, and there is the Surface Duo 2 – it needs a lot of smart marketing for people to really understand the benefits of a different design. Otherwise they won’t get it.

Remember that the iPhone design, which previously emulated the failed LG Prada phone, was supported by a lot of marketing, while Prada, even though it initially had a strong luxury brand, was not.

Nonetheless, Microsoft’s Surface Duo 2 remains my favorite smartphone. This is really awesome – and my product of the week.

The opinions expressed in this article are those of the author and do not necessarily reflect the views of ECT News Network.

An unusual STEAM (Science, Technology, Engineering, Art and Math) concept combined with some fashion knowledge creating a unique brand of tech-based fashion entrepreneurship.

Swaha USA is a Steam-themed clothing and accessories brand whose online store is changing the face of women’s and children’s wear. Swaha celebrates women in all fields of endeavor and tackles gender stereotypes with bright, fun clothing to lift the imaginations of children.

In 2015 founder Jaya Iyer’s two-year-old daughter desperately craved some planet-themed clothing to fulfill her dreams of flying into space as an astronaut. But nothing related to space existed in the textile departments.

Iyer used her knowledge of fashion merchandising to create an exclusive clothing brand designed for her Steam-themed assortment that defies gender stereotypes. As a result of those efforts she became one of the most successful STEAM fashion brands for children and adults in the world.

“I wanted to encourage my daughter’s passion and other girls with similar interests in the best way possible — with clothing! I realized there was a missed market for kids who like things that aren’t gender traditional, Iyer told TechNewsWorld.

difference makes an ‘a’

Jaya Iyer and daughter Swaha, founder of Swaha USA
Jaya Iyer, Founder and Daughter of Swaha USA Swaha, Company Name. Jaya moved from India to America with the addition of a bag and ambition. She earned her doctoral degree in fashion merchandising from Iowa State University, taught fashion buying, and wrote a textbook on fashion in emerging markets that is now used at universities.

In doing so, Iyer forges a relationship that fosters academic STEM (science, technology, engineering and math) studies and the role the arts and humanities have previously overlooked.

“I believe there is no STEM without A” [art], Art is a part of science, technology, engineering and even mathematics.”

One of her biggest hurdles was being able to make clothing designs technically accurate. But working with women working in the field has helped her overcome this hurdle.

“We are now working on bringing our products to more women so that they too can wear these clothes and show their love for tech-themed clothing,” Iyer said.

from dreams to reality

According to data from the US Census Bureau, today only 25% of computer scientists and 15% of engineers are women. Iyer hopes to change that with her fashion lineup. Very sensitive to customers’ suggestions, she developed about 95% of designs from customers’ inputs.

“Our customers absolutely love our products! Teachers love wearing our clothes when they are teaching the concept represented in our clothing design. Professionals love wearing them to work and to various conventions. We have There is a very loyal customer base who regularly come back to buy our products,” offered Iyer.

Steam influencer Dr. Arlene Simon is a biomedical engineer who invented a blood test that detects whether cancer patients decline bone marrow transplants. She is also the founder of AB InventsA multicultural children’s products company that helps inspire young innovators.

Dr. Arlene Simon, Medical Marvels Heady Dress
Dr. Arlene Simon is a biomedical engineer, patent inventor and author. Simon created the Medical Marvels headdress design incorporating African print inspiration and biomedical engineering symbols.

All too familiar with being the “only woman” or “only black” engineer in a room, Simon Swaha sees USA as a game-changer. Its creative approach to helping bridge the gender gap in STEM makes science fun and fashionable, and empowers girls and women to pursue STEM careers.

“If she wears it, she can be. Give a girl a space outfit, and she portrays herself as an astronaut. Give her a biomedical engineering dress, and she’ll find herself with life-saving health tech.” Imagine creating,” Simon told TechNewsWorld.

This level of detection risk is life changing. Ask a girl to draw a scientist, and most likely, she will draw an old man in a lab coat, she observed.

“When girls are not exposed to women scientists, they are unable to imagine themselves in these roles. But maybe for a girl to fall in love with space only for a teacher to talk about the solar system while walking around in Swaha’s Rings of Saturn skirt,” she said.

This kind of grassroots support is essential to advance women in the field of technology. Science T-shirts and dresses are the start and spark dialogue between the girls and their mothers/teachers.

“Tell me about your dress” could lead to a conversation about how mathematical models in epidemiology predict the spread of COVID-19. Since each Swaha costume is named after a renowned female scientist, the girls are introduced to notable women like Heidi Lamar and Marie Curie,” said Simon.

women in space exploration

Svaha today launched the collections in association with women who are making a difference in the STEAM fields. These contributors include former NASA astronaut Karen Nyberg.

Astronaut Karen Nyberg
Astronaut Karen Nyberg aboard the International Space Station holds a hand-drawn dinosaur for her son that inspired the “Space Fashion” collection.

In his spare time aboard the International Space Station, Nyberg made hand-crafts from cast-off supplies and videographed them floating without gravity inside the station as a gift to his son, Jack.

His first doodad was a cloth dinosaur crafted from Russian food containers with a layer of cloth. He stuffed it on the board with strips of cloth cut from one of his used T-shirts stitched with ivory thread.

Together Iyer and Nyberg developed a line of dinosaur-themed clothing. For that, Nyberg tapped into Jack’s strong knowledge of dinosaurs.

Her grade-school-aged son, still a dinosaur lover with aspirations to become a paleontologist, offered his mother “dino advice” on her designs for Swaha USA. He chose four of his favorite dinosaurs to include in the design and provided them with an accurate illustration for each of his Dinos in Space collections.

give birth to concept

Jaya Iyer’s younger daughter was already focused on becoming an astronaut when Jaya started her clothing company seven years ago. Named after Iyer’s daughter, the company developed its first line of products partly by launching a successful Kickstarter campaign that raised more than $30,000.

Iyer later expanded the business line to women’s apparel called Smart Dresses for Smart Women following suggestions from customers. She then funded that clothing style with another Kickstarter campaign that raised more than $57,000.

Some of Iyer’s product inspiration came from a passion for making memorabilia for Nyberg’s son as he orbited the Earth.

Rachel Ignotofsky
New York Times best-selling author and illustrator Rachel Ignotofsky is another contributor to Swaha USA, who has extended her technical expertise to her own science-based artwork and a new computer science clothing model based on her book “The History of the Computer”. added to the collection.

“We’ve been able to perfect the designs by working with women working in STEM fields. But, reaching more people is still a work in progress. We’ve grown a lot… but we still have a long way to go.” There is a way to go,” she said.

The relationship between STEM and Steem is a major driving factor for Iyer and his followers. Her clothing line including the arts and humanities provided something for all professionals who are not part of STEM.

“We create literature, music and library-themed products that appeal to a different set of customers,” Iyer said.

According to Iyer, the fact that art is an integral part of STEM is now being accepted by more and more people. If people can be educated about the importance of different areas of the arts in STEM education and professions, it will be much easier to adopt.

“We try to do this through our clothes and social media. But, more people need to understand the importance of art in our lives,” she said.

mundane wear

Callie Moore in Velociraptor Skirt
Callie Moore, manager of the paleontology collection at the University of Montana, collaborated with Swaha USA to design the Velociraptor A-Line Skirt.

Iyer’s clothing collection allows scientists to harness their inner Ms. Frizzle. They also feel as “widespread impacts,” noted fossil librarian, science communicator and manager of the paleontology collection at the University of Montana, Cali Moore. The company recently launched its Velociraptor Design Collection.

“By wearing your science, you invite questions and comments. I have all kinds of interactions wearing the Swaha USA piece. It’s another outlet for me to spread my love of paleontology,” she told TechNewsWorld.

Hero kids are great. But sometimes it becomes difficult to connect with them. Moore offered, having someone in your community, higher on your level, is more tangible to be successful in supporting women in STEM.

“Jaya collaborates with real scientists, and it’s fun to see what they’ll create for themselves. I hope this inspires others to create STEM-focused clothing for people who identify as female.” are,” she said.

From paleontology, where art is so closely linked to science, art is a great advantage. In paleontology, art helps us visualize what ancient organisms and ecosystems might have been like, Moore continued. This allows us to get closer to our past. “Obviously looking really, really good, while also looking totally out of place is a plus,” she said.

steam wear at a glance

According to Iyer, Swaha USA’s high-quality 100% organic, super-soft dress is a sign of geek and features pockets in all.

Each style of dress is named after famous female scientists such as Marie Curie, Rosalind Franklin, Ada Lovelace, Ruby Payne-Scott and Dorothy Hodgkin.

Some of Swaha’s unique designs for dresses, skirts, blouses, T-shirts, cardigans, hoodies, sleepwear and accessories are visually interesting.

The collection includes everything from science heroes on raglan tops to stylish, high-quality dresses that feature Steam-themed concepts.

Other thoughtful selections include Amazing Women Pioneers Canvas Bags, the Pi Day Collection, a Moon Phase glow-in-the-dark ombre Aida dress, and a colorful Chemistry Lab Rosalind dress.

Fashionable creative clothing featuring augmented reality, DNA the iconic double helix, trigonometry, and even literary treasures such as Jane Austen is also offered.

Visit Svaha USA to browse all of the geeky, STEAM-themed, apparel and accessories collections.

Nearly all the top 10 universities in the United States, United Kingdom and Australia are putting their students, faculty and staff at risk of compromising email by failing to prevent attackers from spoofing the email domains of schools.

Universities in the United States are most at risk with the worst levels of security, followed by the United Kingdom, then Australia, according to a report released Tuesday by enterprise security company Proofpoint.

The report is based on an analysis of Domain-Based Message Authentication, Reporting and Conformance (DMARC) records in schools. DMARC is a nearly decade old email verification protocol used to authenticate the domain of an email message before it reaches its destination.

The protocol provides three levels of protection – Monitor, Quarantine, and the strongest level, Deny. The report found that none of the country’s top universities had a disallowed level of security enabled.

“Higher education institutions hold a greater proportion of sensitive personal and financial data, perhaps more than any industry outside of healthcare,” Ryan Kalember, Proofpoint’s executive vice president of cybersecurity strategy, said in a statement.

“Unfortunately, this makes these institutions a highly attractive target for cybercriminals,” he continued. “The pandemic and rapid changes in distance learning have further increased cybersecurity challenges for tertiary education institutions and open them up to significant risks from malicious email-based cyberattacks such as phishing.”

Barriers to Adoption of DMARC

Universities are not alone in poor DMARC implementation.

A recent analysis of 64 million domains globally by Red Sift, a London-based manufacturer of an integrated email and brand protection platform, found that only 2.1 percent of domains had implemented DMARC. Furthermore, only 28% of all publicly traded companies in the world have fully implemented the protocol, while 41% have only enabled its basic level.

There can be many reasons for not adopting DMARC by an organization. “There may be a lack of awareness of the importance of implementing DMARC policies, as well as companies not fully aware of how to begin implementing the protocol,” said Ryan Witt, Proofpoint Industries Solutions and Strategy Leader. Explained.

“Additionally,” he continued, “the lack of government policy to mandate DMARC as a requirement may be a contributing factor.”

“Further, with the pandemic and the current economy, organizations are struggling to change their business models, so competing priorities and lack of resources are also likely factors,” he said.

Installing the technology can also be challenging. Craig Lurey, CTO and co-founder of Keeper Security, a provider of zero-trust and zero-knowledge cybersecurity software in Chicago, explained, “This requires the ability to publish DNS records, which requires experience in systems and network administration. is needed.”

Furthermore, he told TechNewsWorld: “Many layers of setup are necessary to implement DMARC properly. This needs to be closely monitored during the implementation and rollout of the policy to ensure that legitimate email is not being blocked. ,

no bullets for spoofing

Nicole Hoffman, a senior cyber threat intelligence analyst at Digital Shadows, a provider of digital risk protection solutions in San Francisco, agreed that implementing DMARC can be a daunting task. “If implemented incorrectly, it can break things and disrupt business operations,” she told TechNewsWorld.

“Some organizations hire third parties to assist with implementation, but this requires financial resources that need to be approved,” she said.

He cautioned that DMARC will not protect against all forms of email domain spoofing.

“If you receive an email that appears to be from Bob on Google, but the email actually originated from Yahoo Mail, DMARC will detect it,” she explained. “However, if a threat actor registers a domain similar to that of Google, such as Google3, DMARC will not detect it.”

Unused domains can also be a way to avoid DMARC. “Domains that are registered but unused are also prone to email domain spoofing,” Luray explained. “Even when organizations have implemented DMARC on their primary domains, failing to enable DMARC on unused domains makes them potential targets for spoofing.”

Unique challenges of universities

Universities can have their own difficulties when it comes to implementing DMARC.

“Many times universities don’t have a centralized IT department,” Brian Westnage, Red Sift senior director of global channels, told TechNewsworld. “Each college has its own IT department operating in silos. This can make it a challenge to implement DMARC across the organization as everyone is doing something different with email. ,

Witt said the ever-changing student population at universities, coupled with a culture of openness and information-sharing, can often conflict with the rules and controls needed to effectively protect users and systems from attack and compromise.

In addition, he continued, many educational institutions have an affiliated health system, so they need to comply with the controls associated with a regulated industry.

Funding at universities could also be an issue, noted John Bumbank, the principle threat hunter of Netenrich, a San Jose, Calif.-based IT and digital security operations company. “The biggest challenge for universities is under-funding of security teams – if they have one – and under-funding of IT teams in general,” he told TechNewsWorld.

“Universities don’t pay particularly well, so part of it is the knowledge gap,” he said.

“Many universities have a culture against enforcing any policies that may hinder research,” he said. “When I worked at a university 15 years ago, there were knock-down drag-out fights against the mandatory antivirus on workstations.”

costly problem

Mark Arnold, vice president of advisory services at LARES, an information security consulting firm in Denver, noted domain spoofing is a significant threat to organizations and the technology of choice for threat actors to impersonate businesses and employees.

“Organizational threat models must account for this prevalent threat,” he told TechNewsWorld. “Implementing DMARC helps organizations filter and validate messages and thwart phishing campaigns and other commercial email agreements.”

Business email agreement (BEC) is probably the most costly problem of all cyber security, maintained Witt. According to the FBI, BEC thieves lost $43 billion between June 2016 and December 2021.

“Most people don’t realize how exceptionally easy it is to spoof email,” Witt said. “Anyone can send a BEC email to an intended target, and there is a high probability of it getting through, especially if the impersonated organization is not authenticating their email.”

“These messages often do not contain malicious links or attachments, bypassing traditional security solutions that analyze messages for these traits,” he continued. “Instead, emails are sent only with text designed to prepare the victim to act.”

“Domain spoofing, and its cousin typosquatting, are some of the lowest-hanging fruits for cybercriminals,” Bumbenek said. “If you can get people to click on your email because it looks like it’s coming from their own university, you’ll get a higher click-through rate and, by extension, more fraud damages, stolen credentials and more.” See you successful cybercrime.”

“In recent years,” he said, “attackers have been stealing students’ financial aid refunds. There is a lot of money to be made by criminals here.”