Wednesday, August 08, 2012

There's nothing as good as a bad example...
How Not to Become Mat Honan: A Short Primer on Online Security
By now, you’ve probably read or heard about Wired staff writer Mat Honan’s journey through digital hell, in which hackers social-engineered Apple into giving them the keys to his digital life, allowing them to scrub his laptop, iPhone and iPad, hijack his and Gizmodo’s Twitter accounts and delete eight-years-worth of email from his Gmail account.
Honan admits to making a number of mistakes — such as failing to enable two-factor authentication and not backing up his data — that allowed the hack to escalate to the point from which there was no return.
In the hope of preventing you from experiencing a similar fate, we’ve listed a number of steps you can take to protect your data and your identity online. While nothing is foolproof — if hackers install a keystroke logging Trojan horse on your computer, all bets are off — these steps will help protect you from the tactics that Honan’s hackers used, and other ones out there.

A perspective on security? 86 / 50000 = 0.00172 or 0.172 percent. Clearly, we need a class on target selection!
August 07, 2012
Cyber Security Task Force: Public-Private Information Sharing
Cyber Security Task Force: Public-Private Information Sharing. This report is the product of the Bipartisan Policy Center’s Homeland Security Project, July 2012
  • "The attacks on information technology systems from a wide range of adversaries – including hacktivists, criminals, and nation-states – continue to grow.1 From October 2011 through February 2012, over 50,000 cyber attacks on private and government networks were reported to the Department of Homeland Security (DHS), with 86 of those attacks taking place on critical infrastructure networks. The incidents reported to DHS represent only a small fraction of cyber attacks carried out in the United States. [I always wonder how they “know” something no one will tell them about. Bob] The financial losses resulting from the theft of intellectual property and other sensitive information continue to increase dramatically, to say nothing of the loss of state secrets [Are they saying that 'state secrets' were lost to hackers? Bob] and damage to our national security."

This should be interesting...
Java Judge Orders Google and Oracle to Reveal Paid Bloggers
As the epic court battle over the Android operating system rolls on, the judge overseeing the case has ordered Google and Oracle to disclose who they paid to comment on the case.
In an unusual order, issued Wednesday, Judge William Alsup said that he was concerned that the parties in the case “may have retained or paid print or internet authors, journalists, commentators or bloggers who have and/or may publish comments on this issues in the case.”

An interesting approach...
By Dissent, August 7, 2012
The frustrating saga of Eric Drew, a cancer patient who had his identity stolen by a hospital worker, continues. Annie Youderian of Courthouse News reports:
A cancer survivor whose identity was stolen by a hospital worker can sue Chase Bank and a credit service company for reporting false information to credit-rating agencies, the 9th Circuit ruled Tuesday.
“This case lends credence to the old adage that bad things come in threes,” Judge Margaret McKeown wrote for the three-judge panel in San Francisco.
“Eric Drew is a cancer survivor, who required experimental leukemia treatment,” the ruling states. “During his treatment, Drew’s identity was stolen by a hospital worker. Finally, when Drew attempted to remedy the identity theft, the banks and credit rating agencies were allegedly uncooperative, and continued to report the fraudulently opened accounts, and in the case of one bank, the thief address was tagged as Drew’s.”
Drew’s ordeal prompted him to sue Chase Bank and FIA Card Services, among others, in 2006 for reporting false items to the credit-rating agencies.
Read more on Courthouse News.

“Only the government can ignore the need for a warrant. But if we do, we're immune from any downside.”
Ninth Circuit Court of Appeals Reverses Al-Haramain
August 7, 2012 by Dissent
Sadly, the Ninth Circuit Court of Appeals has reversed the decision in Al-Haramain, the only suit against the government’s Terrorist Surveillance Program that had prevailed. The reversal was based on the government’s claim that FISA’s civil remedies language did not trump sovereign immunity.
In their opinion, the court took special pains to respond to the government’s claims that the plaintiffs had engaged in ‘game-playing.’ It was a nice tribute to the plaintiffs’ attorneys and a gentle smackdown of the government’s counsel, but small consolation, indeed.
Given how Congress has gone with respect to FISA, I harbor no hope that Congress will remedy by this problem by amending FISA to provide stronger civil remedies for those whose rights may be infringed. After all, why hold the government truly accountable for warrantless surveillance, right?
Update: for a more detailed explanation of the case and ruling, see EFF”s post on the opinion and its implications.

“It could have been worse. We were gonna test for 'virginity' and force those who failed to change their Facebook status.”
Get Tested Or Get Out: School Forces Pregnancy Tests on Girls, Kicks out Students Who Refuse or are Pregnant
August 7, 2012 by Dissent
Tiseme Zegeye writes:
In a Louisiana public school, female students who are suspected of being pregnant are told that they must take a pregnancy test. Under school policy, those who are pregnant or refuse to take the test are kicked out and forced to undergo home schooling.
Welcome to Delhi Charter School, in Delhi, Louisiana, a school of 600 students that does not believe its female students have a right to education free from discrimination. According to its Student Pregnancy Policy, the school has a right to not only force testing upon girls, but to send them to a physician of the school administration’s choice. A positive test result, or failure to take the test at all, means administrators can forbid a girl from taking classes and force her to pursue a course of home study if she wishes to continue her education with the school.
Read more on ACLU’s blog.

We call it “The Mathematics of Ambiguity.”
August 07, 2012
A Primer on Mathematical Modelling in Economics
Rai, Birendra K., So, Chiu Ki and Nicholas, Aaron, A Primer on Mathematical Modelling in Economics (September 2012). Journal of Economic Surveys, Vol. 26, Issue 4, pp. 594-615, 2012. Available at SSRN
  • "The Commission on Graduate Education in Economics had raised several concerns regarding the role of mathematics in graduate training in economics (Krueger, 1991; Colander, 1998, 2005). This paper undertakes a detailed scrutiny of the notion of a utility function to motivate and describe the common patterns across mathematical concepts and results that are used by economists. In the process one arrives at a classification of mathematical terms which is used to state mathematical results in economics. The usefulness of the classification scheme is illustrated with the help of a discussion of Arrow's impossibility theorem. Common knowledge of the patterns in mathematical concepts and results could be effective in enhancing communication between students, teachers and researchers specializing in different sub‐fields of economics."

No comments: