Monday, January 30, 2012


Not so sophisticated... Our Scouts didn't think enough to send our Recruiters out to offer Ethical Hacking scholarships (Which are NEVER based on grades..)
CA: Students busted for hacking computers, changing grades
January 29, 2012 by admin
Iain Thomson reports:
Three high school juniors have been arrested after they devised a sophisticated hacking scheme to up their grades and make money selling quiz answers to their classmates.
The students are accused of breaking into the janitor’s office of California’s Palos Verdes High School and making a copy of the master key, giving them access to all the classrooms. They then attached keylogging hardware to the computers of four teachers, and harvested the passwords needed to access the central files of the school network.
They then used that access to change their grades slightly, nudging them up by increments so that all three got As. At the time they were caught, keyloggers were found on three other teachers’ systems, indicating the group was expanding its efforts.
Read more in The Register.


Did I miss this as it happened? Why would any firm help a hacker?
"The SEC has filed charges against a trader in Latvia for conducting a widespread online account intrusion scheme in which he manipulated the prices of more than 100 NYSE and Nasdaq securities by making unauthorized purchases or sales from hijacked brokerage accounts. The SEC also went after four online trading firms and eight executives who are said to have helped the hacker make more than $850,000 in ill-gotten funds. The SEC's actions occurred on the same day that the Financial Industry Regulatory Authority (FINRA) issued an investor alert and a regulatory notice about an increase in financially motivated attacks targeting email."
[From the article:
The SEC alleges that Igors Nagaicevs, who has not been served with the charges due to the fact he is overseas, broke into online brokerage accounts more than 150 times over the last 14 months, [Must be easy to do. Did the SEC send out alerts? Bob]
… To make matters worse, four firms were charged with allowing the transactions, because they did not register Nagaicevs as a legitimate broker. Each of the trading firms provided him online access to trade directly in the U.S. markets through an account held in the firm’s name.
“These firms provided unfettered access to trade in the U.S. securities markets on an essentially anonymous basis,” said Daniel M. Hawke, Chief of the SEC’s Market Abuse Unit.


“Security, it's not just for desktops anymore...”
"Kate Murphy writes that as cellphones have gotten smarter, they have become less like phones and more like computers, and that with more than a million phones worldwide already hacked, technology experts expect breached, infiltrated or otherwise compromised cellphones to be the scourge of 2012. Cellphones are often loaded with even more personal information than PCs, so an undefended or carelessly operated phone can result in a breathtaking invasion of individual privacy as well as the potential for data corruption and outright theft. But there are a few common sense ways to protect yourself: Avoid free, unofficial versions of popular apps that often have malware hidden in the code, avoid using Wi-Fi in a Starbucks or airport which leaves you open to hackers, and be wary of apps that want permission to make phone calls, connect to the Internet or reveal your identity and location."
Pickens continues: "One common ruse is a man-in-the middle attack when a target receives a text message that claims to be from his or her cell service provider asking for permission to 'reprovision' or otherwise reconfigure the phone's settings due to a network outage or other problem. Don't click 'O.K.' Call your carrier to see if the message is bogus. For the more paranoid, there are supersecure smartphones like the Sectéra Edge by General Dynamics, commissioned by the Defense Department for use by soldiers and spies which may soon be available to the public in the near future. 'It's like any arms race,' says mobile security consultant Michael Pearce. 'No one wins, but you have to go ahead and fight anyway.'"


“In order to save the data we had to destroy the data.” Didn't we find this strategy a bit lacking back in the late 60's? Anyone think this might help define the rights of honest customers who happen to get caught up in the netting of other fish?
MegaUpload data could be erased Thursday, says report
The Associated Press reports that in a letter filed last Friday in the MegaUpload piracy case, the U.S. Attorney's Office for the Eastern District of Virginia said Carpathia Hosting and Cogent Communications Group--companies MegaUpload hired to store data--may begin deleting that data come Thursday.
MegaUpload's assets have been seized by the government, and its bank accounts have been frozen, Hence, MegaUpload can no longer pay companies like Carpathia and Cogent for their services, the AP reports.
… Many millions of people worldwide have allegedly used MegaUpload's cyberlocker service to store and access unauthorized copies of TV shows, feature films, songs, porn, and software. But some customers used MegaUpload for above-board practices like sharing large (and legal) files and backing up legitimate files.


The TSA is going global (Teachers Strip-search Anyone?)
NZ: Principals want power to search students
January 30, 2012 by Dissent
Sam Thompson reports:
Principals want the power to search students for weapons and drugs this year.
Thousands of students are heading back to school this week.
President of the Secondary Schools Principals Association Patrick Walsh says guidelines were developed last year, but he wants the Education Act changed.
“Two give schools specifically the power of search and seizure, issues around weapons in schools and students bringing in drugs in schools are not going away and we believe that would act as an important deterrent.”
Mr Walsh says believes they can maintain the rights of students against blanket searches.
Read more on NewsTalkZB


“What do you expect when your mere scientific facts contradict my brilliant political opinion?” Remember, if they fire you before you blow the whistle, it's not retaliation... Is it?
FDA workers sue agency over monitoring personal e-mails
January 30, 2012 by Dissent
Ellen Nakashima and Lisa Rein report:
The Food and Drug Administration secretly monitored the personal e-mail of a group of its own scientists and doctors after they warned Congress that the agency was approving medical devices that posed unacceptable risks to patients, government documents show.
The surveillance — detailed in e-mails and memos unearthed by the scientists and doctors, who filed a lawsuit against the FDA in U.S. District Court in Washington this week — took place over two years as the plaintiffs accessed their personal Gmail accounts from government computers.
Read more in The Washington Post.


What your strategy is should match what your strategy seems to be... Perhaps a dialog with your customers BEFORE you spring draconian measures on them would be a friendlier approach? If you are selling an ongoing service, why do all your customers think they purchased a product?
"Studios and publishers are fighting back hard against the used game market, with the upcoming title Kingdoms of Amular, the latest to declare it will use a content lock. In this case, KoA ups the ante by locking out part of the game that's normally available in single-player mode. Gamers exploded, with many angry that game content that had shipped on the physical disc was locked away and missing, as well as being angry at the fact that content was withheld from used game players. One forum thread asking if the studio fought back against allowing EA to lock the content, went on for 49 pages before Curt Shilling, the head of 38 Studios, took to the forums himself. His commentary on the situation is blunt and to the point. 'This is not 38 trying to take more of your money, or EA in this case, this is us rewarding people for helping us! If you disagree due to methodology, ok, but that is our intent... companies are still trying to figure out how to receive dollars spent on games they make, when they are bought. Is that wrong? if so please tell me how.'"


'cause laws is laws even (especially?) when no two people can agree on their meaning...
January 29, 2012
Code of Best Practices in Fair Use for Academic and Research Libraries
"The Association of Research Libraries (ARL) announces the release of the Code of Best Practices in Fair Use for Academic and Research Libraries 2012, a clear and easy-to-use statement of fair and reasonable approaches to fair use developed by and for librarians who support academic inquiry and higher education. The Code was developed in partnership with the Center for Social Media and the Washington College of Law at American University. Winston Tabb, Johns Hopkins University Dean of University Libraries and Museums and President of ARL, said, “This document is a testament to the collective wisdom of academic and research librarians, who have asserted careful and considered approaches to some very difficult situations that we all face every day.”

(Related) See what I mean?
"Mitt Romney's campaign is airing an ad that is basically 30 seconds lifted from an NBC News broadcast and NBC is trying to stop them from using the ad. I found it interesting that the Romney campaign is invoking fair use to defend the ad. Romney adviser Eric Fehrnstrom said 'we believe it falls within fair use. We didn't take the entire broadcast; we just took the first 30 seconds.'"


A subtle change that points to the Cloud?
Meet Bill Gates, the Man Who Changed Open Source Software
… As more and more applications move from local data centers to “cloud” services such as Amazon Web Services and, yes, Microsoft Azure, the economics of software are shifting. In the past, businesses paid companies like Microsoft for software and loaded it on their own servers. Now, businesses pay to use online services instead. In offering open source software atop Azure, there’s a clear way for Microsoft to actually make money.
“With Azure, we make money from compute and storage and bandwidth,” says Hilf, who now oversees Azure. “We want to offer as many types of applications and as many types of systems as we can, so they can help that flywheel spin…. We don’t see [Node.js] on Azure as altruistic. We see it as a way to drive business.
… Yes, Microsoft is demanding — and in many cases, receiving royalties — from companies selling devices that run Android, an operating system based on Linux. This shows that its place in the world remains complicated. Though it’s moving to the web, it is still very much a company that makes money selling software — and it still has an interest in protecting this business. But these battles aren’t always what they seem. Android isn’t as much an open source project as a Google project.
The world is not black and white. And neither is the world of software. Not everyone realizes this. But Bill Gates did. And Microsoft is the better for it.

(Related) So, does he really get it? (And why do we need a national database of student and teacher information?)
"Discussing U.S. education in his 2012 Annual Letter, Bill Gates notes the importance of 'tools and services [that] have the added benefit of providing amazing visibility into how each individual student is progressing, and generating lots of useful data that teachers can use to improve their own effectiveness.' Well, Bill is certainly putting his millions where his mouth is. The Gates Foundation has ponied up $76.5 million for a controversial student data tracking initiative that's engaged Rupert Murdoch's Wireless Generation to 'build the open software that will allow states to access a shared, performance-driven marketplace of free and premium tools and content.' If you live in CO, IL, NC, NY, MA, LA, GA, or DE, it's coming soon to a public school near you."

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)