Thursday, June 07, 2012
Who's who for the Internet age? Who knows who. Who works with who Who is looking to date who.
eHarmony member passwords compromised
Dating site eHarmony confirmed today that passwords used by its members were compromised following reports of references to the site among allegedly stolen passwords that were posted to a hacker site.
… Earlier today LinkedIn said that some of its members' passwords were on a list that ostensibly had 6.5 million encrypted passwords.
(Related) “I can check your bank account, password, secret questions and pin number – for FREE!”
Do yourself a favor, don't check if your password was leaked. Ever.
Almost just as fast as the story started spreading, a link to LeakedIn.org was being passed around as a way to check if your password was leaked in the security breach. To figure out if you're affected, LeakedIn requires you to enter your account password. Your password is then converted to its SHA-1 equivalent and then is compared to the list of leaked passwords.
A red light means your password appears on the list, a green light means you are in the clear. At least, in theory.
Before you jump at the chance to check your password, ask yourself if it's really a good idea to enter your password on some random Web site. The answer should be an unequivocal no. You have no idea what is really being done with the information you enter.
If Mommy and Daddy can do this, what could NSA (or any nation so inclined) do?
… Kids are brilliant when it comes to the Internet and technology, and if you ask many parents what their kids are doing on that computer up in their bedroom, parents wouldn’t even know where to start looking to find out.
Monitor Teenage Computer With Care4Teen
To help those parents, there is a powerful, free online service available called Care4Teen. Care4Teen is both an application and an online service. You install the application on the PC that you want to monitor, and then you can create an account at the Care5Teen website that serves as your “dashboard” into all activities that take place on that computer.
… When you first install the application, you have the option to install it as an Invisible application so your kids won’t be able to uninstall the app from the computer.
… Once it’s installed, the first thing you’ll want to do is select the level of security that you want to enable. The restricted mode basically blocks all of the websites in the Care4Teen database where that most parents have identified as inappropriate for teens. Unrestricted mode allows everything through, but all websites are still monitored for inappropriate content – and those URL’s will get logged whenever such a webpage is identified.
Even more ubiquitous surveillance?
Google Reveals an Image-Capturing Street View Backpack and New 3-D Maps
Google’s Maps team introduced three new technologies on Wednesday: a feature to save offline maps in the Android Maps app, advanced 3-D models of entire cities in Google Earth, and a new Android-controlled “Street View Trekker” backpack for capturing Street View images where bikes, cars and planes can’t go.
… The Trekker is essentially a miniaturized version of all the gear Google packs into its Street View cars and tricycles, including a 15-lens camera that can shoot 46MP images.
Airtime curtails privacy for the sake of safety
The way Airtime works is by using Facebook as its log-in platform. At its basic level, Airtime allows simple video chat with users' Facebook friends, but take it up a notch and it lets people chat with strangers that have common interests.
So, as a way to keep its users safe, the service takes random secret photos of video conversations between anonymous users that are then scanned and reviewed for indecent behavior, according to MSNBC.
One aspect of “lawful”
June 06, 2012
Acting General Counsel releases report on employer social media policies
News release: "NLRB Acting General Counsel Lafe Solomon today issued a third report on social media cases brought to the agency, this time focusing exclusively on policies governing the use of social media by employees. The Operations Management Memo details seven cases involving such policies. In six cases, the General Counsel’s office found some provisions of the employer’s social media policy to be lawful. In the seventh case, the entire policy was found to be lawful. Provisions are found to be unlawful when they interfere with the rights of employees under the National Labor Relations Act, such as the right to discuss wages and working conditions with co-workers. “I hope that this report, with its specific examples of various employer policies and rules, will provide additional guidance in this area,” Mr. Solomon said in releasing the memo. Two previous memos on social media cases, which involved discharges based on Facebook posts, issued in January 2012 and in August 2011."
Is the FBI treating New Zealand law like it only applies to “second class citizens? (Like they do in the US) Well, yeah. But clearly the NZ government lawyers are pleading ignorance in many areas – e.g. apparently data isn't treated like 'real' evidence. If they must return the data, does that 'taint' their case?
FBI Illegally Pirated Kim Dotcom’s Data Out of New Zealand, File-Sharing King Charges
New Zealand lawyers for Kim Dotcom and associates allege that FBI agents committed an “illegal act” by cloning data from the file-sharing tycoon’s seized computers and FedExing it to the United States.
The cloned data was sent overseas just days after a judge decided a court hearing was needed to work out if the FBI agents were allowed to take the material, Dotcom’s lawyer Willy Akel told the High Court of Auckland Wednesday.
Akel said the FBI sent material back to the States without the New Zealand police having any say in the matter and that the police force had effectively lost control over it.
… The NZ government doesn’t deny the FBI whisked the data out of the country via sneakernet. But Crown lawyer John Pike, acting for the NZ Solicitor-General, denied that sending the cloned data overseas was illegal.
According to Pike, the relevant law only applies to physical material and not information, even though he acknowledged that information may be the most valuable thing seized in the January raid of Kim Dotcom’s mansion. Therefore, he argued, the content of the hard drives could be shipped overseas to the FBI.
Pike added that the none of the physical possessions had gone, and that that was the actual subject of the Solicitor-General’s undertaking.
Justice Winkelmann, who is hearing the case, may not be swayed by that sophistry, as she said material irrelevant to the case must be returned to Dotcom.
This was countered by Pike, who says it was too difficult to know what was relevant and what was not. Police have no clue what is relevant to the case, Pike said.
“Well, we kinda, sorta tried to do the right thing.”
IE 10′s ‘Do-Not-Track’ Default Dies Quick Death
The latest proposed draft of the Do Not Track specification published Wednesday requires that users must choose to turn on the anti-behavioral tracking feature in their browsers and software.
That means that Microsoft IE 10, which the company announced last week will have Do Not Track turned on by default, won’t be compliant with the official spec. Which means that tech and ad companies who say they comply with Do Not Track could simply ignore the flag set by IE 10 and track those who use that browser. Which means Microsoft has no choice but to change the setting.
Be careful what you wish for...
Pirate Bay cordially accepts RIAA's quest for censorship
The Recording Industry Association of America's CEO, Cary Sherman, testified before Congress today on "The Future of Audio." Although the minutes of the hearing aren't yet available, Sherman did publish a statement of his speech, according to TorrentFreak, which first reported this news.
In Sherman's statement, he stresses that online piracy must be stopped and one of the ways to do this is by having search engines, like Google and Bing, censor any results that could lead users to sites with illegally obtained copyrighted material.
… The Pirate Bay, being one of the biggest proprietors of pirated material, thinks this idea is just swell, according to TorrentFreak.
This is what it had to say on its blog:
Our competitors at the Recording Industry A**holes of America is trying to make sure that the search engines that compete with us have to stop linking back to us. This is really great news!
Right now about 10% of our traffic comes from these competiting search engines. With that ban in place that means that our traffic numbers probably will increase. Users will go directly to us instead and use our search instead. We'll grow even more massive. It's really hard to compete with Google, but if they can't index media search engines like us, we'll be the dominant player in the end.
Perspective. What would make a $100 degree worth $100? (What makes an online degree worth more than the paper it's not printed on?)
"Forbes reports on the latest project of Google Fellow Sebastian Thrun (the proponent of self-driving cars.) He's moved on to education now, believing that conventional university teaching is way too costly, inefficient and ineffective to survive for long. So he started Udacity, which aims to deliver an online version of a master's degree for $100 per student. From the article: 'Udacity’s earliest course offerings have been free, and although Thrun eventually plans to charge something, he wants his tuition schedule to be shockingly low. Getting a master’s degree might cost just $100. After teaching his own artificial intelligence class at Stanford last year—and attracting 160,000 online signups—Thrun believes online formats can be far more effective than traditional classroom lectures. “So many people can be helped right now,” Thrun declares. “I see this as a mission.”'"
(Related) Let's hope the baseline they establish is more effective than TSA screening.
"Secretary of Homeland Security Janet Napolitano today said the agency will form a cybersecurity workforce task group that will consider strategies such as expanding DHS involvement in cyber competitions and university programs, enhancing public-private security partnerships and working with other government agencies to develop a more agile cyber workforce across the federal government. The new task force will be co-chaired by hacking expert Jeff Moss who now works for the Homeland Security Advisory Council and Alan Paller is director of research at the SANS Institute."
I may require my Ethical Hacking students to use this on their collaborative project...
Hangouts is Google’s take on chat rooms. Like many times before, Google has turned a good idea into something incredibly useful, while preserving simplicity and ease of use and thus making it fantastic.
1. Free Video Chat With Up To 10 Participants
2. A More Intuitive Interface
Once you are in a Hangout that is. … figuring out how to join a Hangout can be a challenge
3. Integrated Apps
Unfortunately, you cannot broadcast and save your Hangouts privately.
5. Minimal Setup & Maintenance Requirements
A little Math humor and the answer to a very common question.