- Payment of Breach Costs by Breached Entities: NAFCU asks that credit union expenditures for breaches resulting from card use be reduced. A reasonable and equitable way of addressing this concern would be to require entities to be accountable for costs of data breaches that result on their end, especially when their own negligence is to blame.
- National Standards for Safekeeping Information:
- Enforcement of Prohibition on Data Retention:
Wednesday, April 25, 2012
“Mr Chairman, Thank you for asking me to testify about medical device security. Those of you on the committee with pacemakers will want to keep a close eye on the Remote Control device in my hand...”
"The vulnerability of wireless medical devices to hacking has now attracted attention in Washington. Although there has not yet been a high-profile case of such an attack, a proposal has surfaced that the Food and Drug Administration or another federal agency assess the security of medical devices before they're sold. A Department of Veterans Affairs study showed that between January 2009 and spring 2011, there were 173 incidents of medical devices being infected with malware. The VA has taken the threat seriously enough to use virtual local area networks to isolate some 50,000 devices. Recently, researchers from Purdue and Princeton Universities announced that they had built a prototype firewall known as MedMon to protect wireless medical devices from outside interference."
Interesting, if low profile.
April 24, 2012
Guide - overview of significant cyber warfare events from the news
Cyberthings for Managers - overview of significant cyber warfare events from the news: "Cyberthings for Managers is created by Reuser’s Information Services to meet a growing demand by managers in the domain of cyber warfare for a quick overview of the most important events of the past weeks in the field, without being overwhelmed by technical details, individual incidents, or repetitions of earlier news. Cyberthings will list a summary of significant events in the world of Cyberwarfare from Governmental level down. There will be no listings of technical hacks, detailed descriptions of cyberweapons, repetitions of detailed cybercrime events, only the more strategic events will be covered." [via Marcia E. Zorn]
[Subscribe via email:
Subscribe? Mail ”subscribe cyberthings” to: firstname.lastname@example.org
Unsubscribe? Mail ”unsubscribe cyberthings” to: email@example.com
Archive. An archive of previous editions is maintained at http://www.opensourceintelligence.eu,
choose Products, then Publications.
You talk the talk, can you walk the walk? (and other Hollywood catch phrases)
April 24, 2012
CFA Report: How Identity Theft Services Measure Up to Best Practices
"The Consumer Federation of America (CFA) released Best Practices for Identity Theft Services: How Are Services Measuring Up?, which analyzes how well identity theft services are providing key information to prospective customers. The study is based on CFA’s Best Practices for Identity Theft Services, voluntary guidelines that CFA developed with the help of identity theft service providers and consumer advocates. Released last year, the best practices resulted from CFA’s first study of identity theft services in 2009, which raised concerns about misleading claims about the ability to protect consumers from identity theft, lack of clear information, and other troublesome practices."
Entirely too reasonable?
NAFCU Letter to Reps. Boehner and Pelosi on Cyber/Data Security
April 24, 2012 by admin
Via CUInsight, a letter that has some recommendations many readers might agree with:
… On behalf of the National Association of Federal Credit Unions (NAFCU), the only trade association exclusively representing our nation’s federal credit unions, I write today in regards to the issue of cyber security.
… With that in mind, NAFCU specifically recommends that the House consider the following issues related to data security as you tackle the broader issue of cyber security:
CYBERSECURITY Threats Impacting the Nation
The nation faces an evolving array of cyber-based threats arising from a variety of sources. These threats can be intentional or unintentional. Unintentional threats can be caused by software upgrades or defective equipment that inadvertently disrupt systems, and intentional threats can be both targeted and untargeted attacks from a variety of threat sources. Sources of threats include criminal groups, hackers, terrorists, organization insiders, and foreign nations engaged in crime, political activism, or espionage and information warfare.
… The number of cybersecurity incidents reported by federal agencies continues to rise, and recent incidents illustrate that these pose serious risk. Over the past 6 years, the number of incidents reported by federal agencies to the federal information security incident center has increased by nearly 680 percent.
Law School, outside the box?
"Brooklyn Law School's Incubator and Policy Clinic (BLIP) hosted its first 'Legal Hackathon.' Instead of hacking computer code, attendees — mostly lawyers, law students, coders, and entrepreneurs — used the hacking ethos to devise technologically sophisticated solutions to legal problems. These included attempts to crowdsource mayoral candidacies in New York City and hacking model privacy policies for ISPs."
Continuing my quest for the “Next Big Thing!”
How to Spot the Future
8 Visionaries on How They Spot the Future
Plan on a Browser with attached Cloud storage. Install Chrome on your thumb drive and you will be able to access your files from any computer. (No need to carry them through customs)
Google Set to Meld GDrive With Chrome OS
Who owns your files on Google Drive?
… When you upload or otherwise submit content to our Services, you give Google (and those we work with) a worldwide licence to use, host, store, reproduce, modify, create derivative works (such as those resulting from translations, adaptations or other changes that we make so that your content works better with our Services), communicate, publish, publicly perform, publicly display and distribute such content.
The rights that you grant in this licence are for the limited purpose of operating, promoting and improving our Services, and to develop new ones. This licence continues even if you stop using our Services (for example, for a business listing that you have added to Google Maps)."
They are completely open when stealing your data in Nigeria.
April 24, 2012
Millions of Harvard Library Catalog Records Publicly Available
News release: "The Harvard Library announced it is making more than 12 million catalog records from Harvard’s 73 libraries publicly available. The records contain bibliographic information about books, videos, audio recordings, images, manuscripts, maps, and more. The Harvard Library is making these records available in accordance with its Open Metadata Policy and under a Creative Commons 0 (CC0) public domain license. In addition, the Harvard Library announced its open distribution of metadata from its Digital Access to Scholarship at Harvard (DASH) scholarly article repository under a similar CC0 license... The catalog records are available for bulk download from Harvard, and are available for programmatic access by software applications via API's at the Digital Public Library of America (DPLA). The records are in the standard MARC21 format."
Wavii is quite simply a neat way to follow your favourite topics. Unlike your RSS feeds, Wavii is filtered so that only one headline for each story is shown to you. So, you’re able to keep track of the big events in each topic without being drowned in repeat information.
… Wavii only allows Facebook sign-in, which will upset a few people for sure.
For my fellow teachers. Perhaps we could create a lesson on how to create a lesson?
The Digital Education Revolution, Cont'd: Meet TED-Ed's New Online Learning Platform
… Back in March, TED, after realizing that teachers had begun using its iconic videos as instructional aides, launched a YouTube channel dedicated to educational videos.
Today, it's going a step further: TED-Ed is launching a suite of tools that allow teachers to design their own web-assisted curricula, complete with videos, comprehension-testing questions, and conversational tools. TED-Ed provides a template -- think Power Point slides, with populate-able fields -- that teachers can fill in with customized content: lesson titles, lesson links, student names, embedded video, test questions, and the like. Once saved, a lesson generates a unique URL, which allows teachers to track which students have watched assigned videos, how they've responded to follow-up questions, and, in general, how they've interacted with the lesson itself.
For my Starving Students (and cheap people, like me)
How to get the most free online storage
All cloud storage services offer a free plan, with varying levels of storage and features.
… let's take a look at the free upgrades some of these services are offering, and how you can take advantage of them today.
First, let's get the services out of the way that aren't currently offering free upgrades. SkyDrive, Google Drive, Cubby, and iCloud all start with a free plan, then if you need more storage you'll have to pay.