Someone has probably thought through
the Security implications. I don't think there is a concensus on
“Best Practices” yet, but it had better come soon!
November 19, 2012
Study
identifies different perceptions of bring your own device to work
InternetNews.com:
"While BYOD is a known trend, its actual impact and adoption
varies, depending on who you ask. According to a recent study
from security vendor Blue Coat,
IT staff and employees tend to view BYOD in different ways. While 71
percent of employees reported that they used their own devices to
access corporate IT, IT staff in the same survey said they
believed 37 percent of employees were accessing the network with
non-corporate devices. A study from security vendor
Webroot
seems to confirm there are a large number of employee-owned devices.
It reports that 73 percent of companies now have a mix of company-
and employee-owned mobile devices."
(Related) There is already large area
where organizations interface with client devices...
"While many mobile payments
startups are using both traditional and nontraditional authentication
methods, regulatory uncertainty still exists around liability
for fraud attacks on customers using mobile payments. Although
there haven't been any public attacks from fraudsters on alternative
mobile payments providers such as Square, LevelUp or Dwolla,
anecdotal stories are already circulating among security experts and
regulators of such attacks. One thing that still has to be worked
out in this area is regulatory oversight. 'The
regulators are not yet clear who owns the regulatory oversight for
these environments. These technologies tend to
fall through the cracks even in terms of card-present or
card-not-present.'"
Who speaks for the citizens, Mr.
Brother sir?
Senate
bill rewrite lets feds read your e-mail without warrants
A Senate proposal touted
as protecting Americans' e-mail privacy has been quietly rewritten,
giving government agencies more surveillance power than they possess
under current law.
CNET has learned that Patrick Leahy,
the influential Democratic chairman of the Senate Judiciary
committee, has dramatically reshaped his legislation in response to
law enforcement concerns. A vote on his bill, which now authorizes
warrantless access to Americans' e-mail, is scheduled
for next week.
Leahy's rewritten bill would allow more
than 22 agencies -- including the Securities and Exchange Commission
and the Federal Communications Commission -- to access Americans'
e-mail, Google Docs files, Facebook wall posts, and Twitter direct
messages without a search warrant. It also would give the FBI and
Homeland Security more authority, in some circumstances, to gain full
access to Internet accounts without notifying either the owner or a
judge.
Drones in “private” hands. “If
they fly within range, they are trespassing!” Interesting legal
question?
"Photos provided by the animal
rights group show
the multicopter smoking on the ground, with its lithium polymer
battery supply smoldering. Another photo shows the drone's video
camera smashed. The drone, dubbed 'Angel,' was a Cinestar 8
octocopter estimated at $4,000. This
wasn't the first time SHARK has been shot out of the sky. This
is the fourth drone that the group has lost while investigating
pigeon shootings. One drone landed on club property, and is the
subject of an ongoing lawsuit.
[From the comments:
… What I find interesting about
that figure is that the old tradition of defining 'national waters'
was historically been the max range of the shore cannons of the day.
Thus, defining 'personal air space' as
the max range of common arms* that a homeowner might have seems
pretty traditional.
… Of course if the drone is camera
equipped (almost guaranteed) you may be able to skip tresspassing
rules and use peeping tom type laws against it at almost any altitude
if it's filming parts of your property that would otherwise be
private...
(Related) Drones for Swabbies. You
don't have to fly to control remotely. Add a motor and you have a
really smart torpedo.
Drone
Boats Chase Targets, Titles in SailBot Regatta
… Why would we want sailing robots?
Aside from the beneficial learning experience for everyone involved,
there are applications for real-world use. The oceans are vast and
it takes a lot of fuel to motor around them, plus life at sea is
incredibly harsh. An autonomous vehicle could allow scientists —
or spies — to monitor much larger swaths of the seascape, and a
sail-powered drone could operate for much longer than a vehicle that
needs to carry fuel. On top of that, all the benefits of sending
machines instead of people into dangerous environments apply.
So, what can they do about it?
Parents,
Teens, and Online Privacy
Most parents of teenagers are concerned
about what their teenage children do online and how their behavior
could be monitored by others. Some parents are taking steps to
observe, discuss, and check up on their children’s digital
footprints, according to a new survey by the Pew Research Center’s
Internet & American Life Project.
- 81% of parents of online teens say they are concerned about how much information advertisers can learn about their child’s online behavior, with some 46% being “very” concerned.
- 72% of parents of online teens are concerned about how their child interacts online with people they do not know, with some 53% of parents being “very” concerned.
- 69% of parents of online teens are concerned about how their child’s online activity might affect their future academic or employment opportunities, with some 44% being “very” concerned about that.
I think she makes several points...
Advocates for renewal of the FISA
Amendments Act (FAA) often argue that the statute poses no more harm
to the privacy of innocent Americans than does the Wiretap Act, also
known as Title III. After all, when FBI agents are tapping a
suspected drug courier’s phones, his friends or mother may also
call. How is the FAA any different?
Actually, there are many important
differences between Title III, the FAA and even traditional FISA
intercept orders. These differences mean that FAA is
far more intrusive than Title III and poses a
categorically different threat to the privacy of innocent Americans.
Might be better if they gave these
folks a bit of time to think about their answers, but some useful
points do come out...
Why
privacy matters
November 19, 2012 by Dissent
Privacy International interviewed Cory
Doctorow, Kade Crockford, Jameel Jaffer, Dan Kaminsky, Chris
Soghoian, Marcia Hoffman, Moxie Marlinspike, Phil Zimmerman, Hanni
Fakhoury and Eli O at Defcon 2012. They’ve uploaded the video:
As often as I point out Facebook's
failures (a lot!) I suppose I should point to a good decision too.
Since many simple hacks are avoided, their costs may go down...
"Facebook this week will begin
turning
on secure browsing be default for its millions of users in North
America. The change will make HTTPS the default connection
option for all Facebook sessions for those users, a shift that gives
them a good baseline level of security and will help
prevent some common attacks. Facebook users have
had the option of turning on HTTPS since early 2011 when the company
reacted to attention surrounding the Firesheep
attacks. However, the technology was not enabled by default and
users have had to opt-in and manually make the change in order to get
the better protection of HTTPS."
[From the article:
HTTPS encrypts the connection between
the user's machine and the server on the other end, obscuring it from
attackers, even if they are able to sniff the traffic on the wire or
on a wireless connection. The technology is by no means a cure-all
for Web-based attacks, however, as there have been demonstrations of
attacks that enable third parties to snoop on encrypted traffic and
grab valuable data, such as usernames and passwords or financial
information.
Because we don't really know what
caused the DoJ to pick MegaUpload from the field of hundreds of
potential targets, is everyone making changes? Would “Customer
Controlled Encryption” change the game?
"On November 27, RapidShare
will start
putting a tight cap on outbound downloads for its free users.
Paid members will still have 30 gigabytes in outbound downloads per
day, but everybody else will be capped at one gigabyte. The change
is expected to further deter pirates from using RapidShare to
distribute copyright material on a large scale."
When “There's no App for that”
there is a Business Opportunity. I find it surprising that the music
sites don't know what their customers like and are paying for. Maybe
they just don't want to give the artists a barganing chip?
"Most
Slashdotters have been following the debate among the various players
in the music industry about how much money artists (and their labels)
get from traditional music outlets like radio and newer services like
Pandora or Spotify. But Zoë Keating, a professional cellist who has
a professional interest in the outcome of this argument, thinks
there's one
thing missing from all the proposals: more
data on who her audience is. Even digital services can't tell
her how many people heard her songs or where they're most popular.
'How can I grow my business on this information?' she asks. 'How do
I reach them? Do they know I'm performing nearby next month? How
can I tell them I have a new album coming out?'"
She proposes mandatory reporting of
information on listeners as part of royalties.
For my Disaster Recovery students
"At the end of October,
Hurricane Sandy struck the eastern seaboard of the United States,
leaving massive amounts of property damage in its wake. Data center
operators in Sandy's path were forced to take extreme measures to
keep their systems up and running. While flooding and winds knocked
some of them out of commission, others managed to keep their
infrastructure online until the crisis passed. In our previous
interview, we spoke with CoreSite, a Manhattan-based data center that
endured even as much of New York City went without power. For this
installment, Slashdot
Datacenter sat down with executives from IPR, which operates two
data centers—in Wilmington, Delaware and Reading,
Pennsylvania—close to Sandy's track as it made landfall over New
Jersey and pushed northwest."
(Related) Because too late come
quickly!
Perspective It should be interesting
to see if this is a true cost for monthly unlimited service or a
short time promo...
… Of
course, one of the big draws of Republic is its mobile plan. Republic
charges a flat rate of $19 per month for unlimited
talk, text, and data, which gained a lot of attention back
when the service first launched. Today, however, is the day that
Republic service becomes available for everyone, so you’re free to
sign up whenever you like.
The Motorola
DEFY XT will set you back $249 if you’re going through Republic, so
the initial payment isn’t exactly going to be cheap. There’s
also an extra $10 service fee on top of that, which includes shipping
and handling for your phone. Your first $19 monthly fee will be
charged once your phone ships next month, so by the time you get your
phone in the mail, you’ll be out $278 – and that’s if you only
order one phone.
Still, that hefty initial payment might
be worth it when you consider that you’ll only be paying $19 per
month from there on out. For unlimited talk, text, and data, that’s
a pretty significant discount over the major carriers
(most of which aren’t offering actual unlimited plans anymore), so
Republic might be worth checking out.
Having a massive ego, I never had this
problem.
"The recent anti-bullying
survey conducted by ABA
brings up some interesting
findings. According to it, more than 90% of the 1,000 11-16
year-olds surveyed said they had been bullied or seen someone bullied
for being too intelligent or talented. Almost half of children and
young people (49.5%) have played down a talent for fear of being
bullied, rising to 53% among girls. One in 10 (12%) said they had
played down their ability in science and almost one in five girls
(18.8%) and more than one in 10 boys (11.4%) are deliberately
underachieving in maths – to evade bullying. Worryingly, this
means our children and young people are shying away from academic
achievement for fear of victimization."
I'm bad at computer games. I can't
understand a word that Cricket lovers say (I swear it's no longer
English) So I will definitely not be downloading this one!
… You may not understand cricket in
all its nuances, but if you love hitting a ball out of the park with
a bat, you just might love Stick
Cricket. Stick Cricket is perhaps the most popular
cricket game in the Google Play Store.
… It is a free game with lots of
play options. If you want to go beyond that, there are in-app
purchases available which extend the play. The free game comes with
ads which really aren’t a bother at all.
No comments:
Post a Comment