A Different Spin on the Air War Against IS

Sunday evening 60 Minutes aired a segment titled Inside the Air War. The correspondent was David Martin, whose biography includes the fact that he served as a naval officer during the Vietnam War. The piece concluded with the following exchange and commentary:

On the day we watched the B-1 strike, that same bomber was sent to check out a report of a single ISIS sniper firing from the top of a building.

Weapons officer: The weapon will time out directly in between the two buildings.

This captain was one of the weapons officers in the cockpit.

David Martin: B-1 bomber.

Weapons officer: Yes sir.

David Martin: All that technology.

Weapons officer: Yes sir.

David Martin: All that fire power. One sniper down on the ground.

I thought the captain’s next words were right on target:

Weapons officer: Sir, I think if it was you or me on the ground getting shot at by that sniper we would take any asset available to make sure we were no longer getting, you know, engaged by that sniper. So, if I get a call and they say they’re getting shot at, and there’s potential loss of friendly life, I am absolutely gonna drop a weapon on that sniper.

It’s clear that Mr Martin was channeling the Vietnam experience of heavily trained pilots flying multi-million dollar airplanes, dropping millions of dollars of bombs on the Ho Chi Minh trail, trying to stop porters carrying supplies on their backs and on bicycles. I understand that concern and I share that theme. However, I’d like to offer another interpretation.

The ability to dynamically retask in-air assets is a strength of American airpower. This episode involved retasking a B-1 that had already completed its primary mission. By putting that asset to use again, it alleviated the need to launch another aircraft.

However:

By the time the B-1 arrived overhead the sniper was gone.

Weapons officer: What we did, however, find though was a tunnel system. So, in this case we dropped weapons on all the entry points that were associated with that tunnel.

Six 500-pound bombs.

Weapons officer: It was actually a perfect shack on the target.

This could be interpreted as a failure, because the sniper wasn’t killed. However, in another example of retasking and dynamic intelligence, the B-1 was able to destroy a tunnel system. This again prevented the launch of another aircraft to accomplish that new mission.

These are features of the 60 Minutes story that were not conveyed by the on-air narrative, but which I observed based on my Air Force experience. It doesn’t change the strategic questions concerning the role of airpower in theatre, but it is important to recognize the flexibility and dynamism offered by these incidents.

Pro tip: Manage your Google Now cards history with ease

 Image: Jack Wallen

Google Now is always collecting data and presenting it to you in an easy to consume fashion. The amount of data can get surprisingly overwhelming, and managing the history isn’t exactly as easy as you’d like. The amount of data can also cause issues with the presenting of cards on your Android device, and you might want to delete some or even all of your history to make managing it on your smartphone less of a hassle.

Delete some of your Google Now cards history

If you tap to view your card history by going to Now | Settings | Now cards, you will be prompted to open the page in a web browser. Instead of bothering with that, just point your desktop (laptop or mobile) browser to https://history.google.com/history/now. From that page, you can view your entire Google Now cards history and delete what you want (Figure A).

Figure A

Figure A

Figure A

 Image: Jack Wallen

Deleting some of the Google Now card history from within Firefox.

You can either delete an entire days worth of cards, or you can delete cards by time stamp.

From the History main page, you can also do a search by date. To do this, click the Calendar icon and then select the date from the popup calendar. Once you click the date you want to select, you will be transported to the listing of cards served.

It is also possible to search for cards; however, the History doesn’t display the information from individual cards (it’ll only show you if a card was a “directions” card, an “updates” card, a “Nearby events” card, etc.), so the search isn’t all that helpful.

Delete your entire Google Now cards history

There are two main reasons why you might want to delete your entire Google Now cards history:

  • You are concerned about security; and/or
  • Google Now cards aren’t functioning properly.

Follow these steps to delete the entire history.

  1. Log in to your Google account in the browser being used.
  2. Go to the History page.
  3. Click the Menu button (three vertical dots).
  4. Click Delete Options.
  5. In the popup window, select Advanced (Figure B).
  6. Select All Time.
  7. When prompted, click DELETE.

Figure B

Figure B

Figure B

 Image: Jack Wallen

Deleting your entire Google Now cards history.

Share your Google Now experiences

Do you take advantage of Google Now cards? If so, how do you make them work for you? Tell us in the discussion.

Also see

Mobile Payment Apps: Friend or Faux?

Leaves are changing colors, the weather is getting colder, and Pumpkin Spice Lattés are flowing through the veins of coffee lovers everywhere. It’s officially fall and with the change of season comes the beginning of the holidays. While you may steer clear of the lattés, there is one aspect of the holiday season that’s hard to ignore: shopping. Luckily, making purchases has become a breeze thanks to online shopping and mobile payment apps. Although they may relieve some of the pains of the holiday season, mobile apps can actually be the source of an even worse issue: having your credit card information stolen.

As a consumer, it’s hard to ignore the multiple reports of recent data hacks. Yet, when it comes to smartphone security, it’s easy to forget the importance of securing data. Many smart device users are willing to input credit card information into apps without having done security due diligence. This could be because even experts are torn on the subject. While some think that users should never trust mobile payment apps, others believe that these same apps could be safer than using a credit card in a retail store.

Physical credit cards can easily be put at risk. Skimmers at ATMs and large point of sale hacks or corporate retail/banking data breaches have left consumers all too familiar with the threat of data theft. However, mobile payment apps pose similar threats. With mobile payments, the potential to be put at risk is a direct result of how and where you store your data and the steps you take to protect that information.

The data you enter into an app has two places it can be stored: on your phone or in the cloud through the company that hosts the app server. But how can you know where your information is being hosted? Here’s one trick: if you input your payment information into an app on your mobile device and don’t have to re-enter it the next time you open that app; it’s being hosted on the server. Information on a hosted server has a higher potential to be hacked compared to your information being stored solely on your phone. Scary, right?

The sad reality is that whether you opt to use a mobile payment app or a physical card, there will always be someone out there looking to make a quick buck when they see a weak link in security armor.

If you do decide to use a mobile payment app, double check that you are making every possible effort to protect your information:

  1. Use credit, not debit. Through your debit card, a cyber criminal could potentially gain access to your checking account and ultimately drain the funds. Often times, credit cards have access limits and more sophisticated security measures than debit cards.
  2. Set up credit card alerts. Sure, it’s cliché, but it’s better to be safe that sorry. Keeping tabs on your card’s activity can help you stop a hack before it becomes a headache.
  3. Research, research, and research some more. Take a few extra minutes to research an app’s terms of service. A simple online search can give you insight into terms you may not know you’re accepting, like where your information is being stored. If an app is requesting unnecessary personal information, don’t download it.
  4. Secure your phone. McAfee® Mobile Security, for both Android and iOS offers a variety of protections to keep your mobile device safe.

As always, to keep up with the latest security threats, make sure to follow @IntelSec_Home on Twitter and like us on Facebook.

lianne-caetano

Windows 10 shares your files with the internet… here’s how to turn it off

hero

Image: Microsoft News

If you are one of the millions of users who have upgraded to Windows 10, you are likely to be very familiar with the Windows update process. Microsoft updates Windows 10 when it needs to be updated. It’s part of Microsoft’s master plan and is generally a good thing.

To facilitate efficiency in the Windows 10 update process, Microsoft has created a system it calls, in typical cryptic fashion, Windows Update Delivery Optimization. To put it in simple terms, when Delivery Optimization is on, Windows 10 will send updates from your computer to other computers on your local network or on the internet. That’s right, Windows Update Delivery Optimization is a peer-to-peer (P2P) network, which operates similarly to BitTorrent.

Default settings

Windows Update Delivery Optimization has two settings:

  • Setting 1 allows Windows 10 to share files with other computers on your local network only.
  • Setting 2 allows Windows 10 to share files with other computers on your local network and with other computers on the internet.

Setting 2 is the default for every edition of Windows 10 except Windows 10 Enterprise and Windows 10 Education; those editions default to Setting 1.

Windows Update Delivery Optimization is also active for any apps you purchase and download from the Microsoft Store.

Turn it off

This is a personal choice, but I really don’t like the idea of sharing files with strange computers out on the internet. I am sure Microsoft has taken every precaution to make these connections safe and secure, but it makes me uncomfortable, so I opt to turn off Windows Update Delivery Optimization. The settings are buried deep, so here is a step-by-step on how to change them.

First, open the Windows Update Settings screen. The easiest way to get there is to type it into Cortana—she’ll show you the way (Figure A). Click or tap the Advanced Options link on this page.

Figure A

Figure A

Figure A

Click or tap the Choose How Updates Are Delivered link on the Advanced Options screen, shown in Figure B.

Figure B

Figure B

Figure B

The Choose How Updates Are Delivered screen (Figure C) is where you can change the default settings for the Windows Update Delivery Optimization P2P system. You can opt to turn it off completely or you can leave it on but select the local network option.

Figure C

Figure C

Figure C

Remain calm

I know there will be some privacy advocates and security experts out there who will wail against Microsoft for choosing to turn on Windows Update Delivery Optimization by default. But this is not some evil plot. It is just another Windows 10 configuration setting we all should know about. After all, making the Windows 10 update process as efficient as possible is a noble goal. I choose to sacrifice some system efficiency to placate my own personal paranoia. What about you?

Also read…

Your thoughts

Did you turn off Windows Update Delivery Optimization? What was your reasoning?

The ways we accidentally give over our information on mobile

Wifi-BlogImage

Smartphones are pretty great, aren’t they? They’re small, portable and give us access to a world of information literally in our pockets.

But mobile devices’ small form also means we interact with them pretty differently than desktop computers. In fact, studies have shown that users are 3x more likely to click on a malicious link from their smartphone than a PC!

Enter, phishing

We’ve all received phishing emails: they are typically designed to look like messages from banks, credit card companies, and similar organizations. The emails often have urgent subject lines requiring action to lure you to a phony website that looks—at least on a cursory glance—legitimate. Think: “Please verify your account” or “2nd Collections Notice.”

After clicking on the link and believing that you’ve landed on the organization’s actual website, you may enter in your username and password—unknowingly disclosing your private information to scammers.

Tricky business

While phishing isn’t new, it does have unique repercussions when you receive malicious communications on mobile—and attackers know this. For one, it’s hard to see if a link is actually legitimate. On a PC, you can hover over a link to determine if it will redirect to a suspicious looking address, but on mobile that’s not the case.

It’s also harder to spot if you’re on a suspicious website, if you do end up clicking through. For instance, if you’re on a large monitor you may pick up on a URL reads “usbanki.com” instead of “usbank.com,” but on a mobile device it is much more difficult to spot this distinction. On PC you can also look for the “HTTPS” at the front of a URL, indicating that it is using a secure connection, but this is also not immediately evident on mobile where you have to click on the address bar and scroll to the front of the URL to determine if the site uses HTTPS.

Even incredibly tech-savvy people can fall prey to these schemes. The result? Your sensitive information gets in the hands of attackers who will likely use it for their gain.

Don’t get phished—get savvy

To avoid getting phished on mobile, the best thing is to avoid clicking on email messages and links that just don’t look right. Messages requesting your password, login details, or other important financial information should especially raise red flags. Know that your favorite social network, bank, or insurance company—basically any company that deals with sensitive information—will never ask for your password or other personal data via email.