Tag Archive for: Footprint

Measuring your carbon footprint? There’s no app for that • The Register


Column I recently installed an app that promised to measure my carbon footprint, then offer meaningful recommendations that could help me to reduce it.

I thought that sounded like a good enough offer that I was willing to endure a modestly nosey survey that gathered information about my lifestyle, income, and personal habits. The result was an indication that my footprint was in the “high” range.

I found that a little surprising. I did fly a lot, back when that was still a thing. But I don’t have a car, walk and bike everywhere, use renewably generated electricity, and am vegetarian.

The app informed me that 70 percent of my CO2 emissions came from an area defined simply as “purchases”.

Uh … ok? I tapped on that, to see if it might be broken down in any meaningful way, only to find that my rating was an estimate drawn from averages that may or may not have reflected my personal circumstances.

I’d like to believe that I tread lightly on the environment, though I know as a middle-class Australian that’s unlikely to be the case. In the absence of any meaningful information, how can I make changes? I could follow the app’s suggestions – though these seem to be more broad brushstrokes than highly targeted activities.

That leaves me little wiser than before I launched the app.

It’s not really the app’s fault. It’s doing the best it can to offer advice in an environment that almost completely lacks auditability, transparency, or solid sources of data.

When I buy an apple at the supermarket, I have no idea how much carbon was burnt bringing it to me, nor do I have any obvious way to learn this. That’s broadly true for almost everything – although here in Australia automakers are required by law to let you know how many litres of petrol it will burn to take you 100 kilometres (each litre of petrol adds around 2.2 kilograms of carbon…

Source…

A Look into Top Couriers’ Digital Footprint


Just as no man is an island, no company can perform core functions without other organizations’ help. This fact is highlighted in today’s age of outsourcing, partnership, and third-party connections. Unfortunately, threat actors have also found a massive opportunity in these relationships. Targeting a third-party vendor often allows them to target the vendor’s clientele.

In this post, we used our Third-Party Risk Management (TPRM) solutions to look at some of the popularly used express mail courier services that several companies worldwide partner with — FedEx, DHL, China Post, and UPS. These companies are often targeted since they have thousands, if not millions, of personally identifiable information (PII) in their records. In August 2020, for example, a Canadian courier became a victim of a ransomware attack, giving threat actors access to its customers’ personal details.

Potential “Unknowns” in the Digital Footprint of FedEx, DHL, China Post, and UPS

We gathered a total of 24,601 domains and subdomains containing the words “fedex,” “dhl,” “chinapost,” and “ups.” A vast majority of the subdomains were not owned by any of the courier companies, as confirmed by a bulk WHOIS lookup.

Indeed, only 40 domains appeared to be managed by the legitimate companies, as they matched WHOIS record details with the official couriers’ domain names. This number represents less than 1% of the total number of subdomains in our dataset. The table below shows the breakdown.

Company # of domains with matching WHOIS record details Percentage match
UPS 38 0.15%
DHL 1 0.00%
FedEx 1 0.00%
China Post 0 0.00%
TLD

We studied the top-level domain (TLD) distribution of the domains and subdomains obtained and ran them against the most abused TLDs known to direct visitors to phishing and botnet command-and-control (C&C) servers. Seven of the most abused TLDs made up more than half (53%) of the total number of subdomains.

The pie chart shows the TLD distribution of the subdomains under the .com, .net, .org, .de, .ru, .info, and .eu TLDs against all other TLDs not included in the list of most abused.

All seven TLDs were among the most abused by botnet operators. The .com TLD was also most favored by…

Source…