Real estate, cybersecurity and other risks: links for May 8, 2019

Trial to Determine Army Corps’ Liability for Harvey Flooding

Banker and others who live upstream of the reservoirs allege the federal government violated the takings clause of the Fifth Amendment, which states that private property can’t be taken for public use without just compensation. Their lawyers say structures upstream of the reservoirs were built in areas known as flood pools, where water collects as the dams fill up.

Their attorneys say the federal government doesn’t own all the land that encompasses this flood pool and a portion of the flood pool is on private property.


Mozilla will block Firefox add-ons that contain obfuscated code

“We will be blocking extensions more proactively if they are found to be in violation of our policies. We will be casting a wider net, and will err on the side of user security when determining whether or not to block,” she noted.

“We will continue to block extensions for intentionally violating our policies, critical security vulnerabilities, and will also act on extensions compromising user privacy or circumventing user consent or control.”

A block means tha the add-on is disabled in Firefox and users are unable to override it and continue to use the extension.


Researcher Finds CSS-Only Method to Track Mouse Movements

“Aside from mouse tracking there’s a lot of other CSS selectors that could give away analytics for browsing behavior. :focus, for instance should be able to monitor which elements the user has active focus on, and the [value] selector has been known for a while to be able to effectively query input element. The rules around [value] changed to make it less powerful, but it can probably still be used just to tell if the user has started typing or has changed something (haven’t PoC’d that yet, but it should be possible)”


A war is brewing over lithium mining at the edge of Death Valley

Although lithium-ion batteries currently dominate the electric vehicle market, they face competition from an array of new, more affordable and environmentally safe technologies in development, said Parans Paranthaman, group leader of the chemical sciences division at Oak Ridge National Laboratory in Oak Ridge, Tenn.

“Lithium-ion batteries, which were developed in 1991, are the most viable in the near term,” he said. “But beyond lithium, there will soon be zinc, sodium, magnesium and potassium batteries, among others.”


IBM-Backed Project Creates Wi-Fi Network For Natural Disasters

Once the devices are connected, an emergency Wi-Fi network appears on smartphones directing users to a portal where they can send messages to first responders and civil defense teams.


Construction Cybercrime Is On the Rise

A cybercrime is often a trigger to action. In March 2016, a Turner employee fell for a phishing email and sent tax information on current and former employees to a fraudulent email address. “We notified federal, state and local law enforcement and involved legal, law enforcement, information technology and security experts,” says Chris McFadden, vice president for communications. “We secured identity monitoring services at no cost to all impacted employees, including their spouses or partners, for an original term of ten years. Since then, we expanded coverage to all Turner employees, who now have access to identity protection services, which are designed to recognize signs of unauthorized use of personal information and help our people respond.”

Turner also has put in place an employee resource site with answers to commonly asked questions, data security tips and links to training material and available external resources on the subject of cybersecurity and protecting personal information. The company also has a cybersecurity awareness outreach program for companies it does business with to arm them with information.

… the first six of CIS’ top critical security controls, which include making an inventory and securing control of hardware and software, continuous vulnerability management; controlling the use of administrative privileges; securing the endpoints; and maintaining, monitoring and auditing network activity.

But Villasenor adds, “You have to enforce cyber awareness training. One of our biggest threats is our own people. They can become victims very easily.”