I suppose we needed a few examples of
how poor information sharing has been without President Obama's new
mandates, but two years? Where else could we lay the blame?
From the college’s press
release today:
Tallahassee
Community College, on Friday, announced that an unauthorized
acquisition of computerized data that may materially compromise the
security, confidentiality, or integrity of personal information
occurred in March 2011.
College officials
were recently notified of the breach of security by federal
officials. The federal investigation resulted in the conviction of a
Miami, Fla., man on one count of conspiracy to submit false claims to
the Internal Revenue Service, one count of access device fraud, and
two counts of aggravated identity theft.
“TCC values the
protection of private information, so we take this matter very
seriously,” said TCC Chief of Police David Hendry. “We have
identified the group of individuals whose information may have been
compromised, and we will immediately begin the process of contacting
each one.”
According to
Hendry, the College believes the breach occurred internally and
impacts approximately 3,300 individuals. An investigation into the
breach is ongoing.
Beginning Monday,
TCC will mail personalized letters to the persons potentially
impacted by the data breach. The letters will detail what steps
individuals can take to check the security of their identities; TCC
will also provide additional resources, including a TCC hotline to
provide further information.
If the federal investigation led to a
conviction, then the feds clearly knew about this for a while. Why
didn’t they inform the college before now? And why didn’t the
college discover this breach on their own two years ago? What does
the police chief mean that it occurred “internally?” Is he
suggesting an employee was implicated in wrongdoing or something
else?
Practically everyone is contributing to
the “Hacking for fun and profit” guidebook...
"Twitter,
Linkedin, Yahoo! and Hotmail accounts are open to hijacking
thanks to a flaw
that allows cookies to be stolen and reused. Attackers need to
intercept cookies while the user is logged into the service because
the cookies expire on log-out (except LinkedIn, which keeps cookies
for three months). The server will still consider them valid. For
the Twitter attack, you need to grab the auth_token string and insert
it into your local Twitter cookies. Reload Twitter, and you'll be
logged in as your target (video
here). Not even password changes will kick you out."
I've been screaming for better
security, so I should support a bank that offered it. But was it so
much more costly or time consuming (same thing) that they could not
make it the default option? In this case, it looks like “Dual
Control” was turned down because one of the two authorizers might
be out of the office. Saving a few bucks on a couple of Smartphones
cost them $440,000 (plus court fees)
More on the lawsuit and countersuit
between Choice Escrow and Land Title and
BancorpSouth, mentioned
previously on this blog. Tracy Kitten reports:
A federal court
has sided with a Mississippi bank in a lingering dispute with a
customer over financial losses linked to an account takeover incident
dating back to March 2010. That means the bank will not have to
cover the cost of the loss or pay damages.
On March 18, in a
summary
judgment filed in a U.S. District Court in Missouri, a
magistrate judge favored BancorpSouth in its legal dispute with
Choice
Escrow Land Title LLC over a $440,000 loss that resulted from
fraudulent wire transfers.
Read more on BankInfoSecurity.com.
(Related)
"In an effort to increase
security for user accounts, Apple on Thursday introduced
a two-step verification option for Apple IDs. As the 'epic
hacking' of Wired journalist Mat Honan proved, an Apple ID often
carries much more power than the ability to buy songs and apps
through Apple's App store. An Apple ID can essentially be the keys
to the Kingdom when it comes to Apple devices and user maintained
data, and as Apple explains, is the key to many important things you
do with Apple, such as purchasing from the iTunes and App Stores,
keeping personal information up-to-date across your devices with
iCloud, and locating, locking, or wiping your devices.' 'After you
turn [Two-step verification] on, there will be no way for anyone to
access and manage your account at My Apple ID other than by using
your password, verification codes sent your trusted devices, or your
Recovery Key, a support
entry announcing the new service explained."
(Related) Perhaps you should take
Apple up on the improved security...
Apple
ID password reset exploit reportedly in the wild
A new exploit lets anyone who knows
your birthday and e-mail address reset your Apple ID password,
according to a new report.
The exploit, described by The
Verge though not posted publicly, makes use of a special URL that
gets around the need for a security question, a security measure
Apple put
in place on all Apple ID accounts last April.
The reported exploit does
not work on accounts with two-step verification enabled,
which Apple
introduced yesterday, and does away with the security question in
favor of sending a four-digit PIN code to a cell phone that needs to
be entered along with the typical password.
"Apple takes customer privacy very
seriously," an Apple spokesperson told CNET. "We are aware
of this issue and working on a fix."
I never even considered that there
might be an 'honest to God” Red-Light camera advocacy group...
Red-Light
Cameras Can Stop Crime, Says Red-Light Camera Advocacy Group
One way to catch criminals is by giving
police departments access to red-light camera footage even when a
traffic violation isn’t involved, according to a nonprofit that
argues in favor of the law-enforcement devices.
The National Coalition for Safer Roads,
whose stated mission is to “save lives and protect communities by
demonstrating how red light safety cameras can improve driver
behavior,” announced the findings in a new study that contends the
cameras can catch criminals guilty of infractions far greater than
rolling through a red light. The coalition is funded
by American Traffic Solutions, a manufacturer of traffic-control
devices such as red-light cameras, so let’s just say the
researchers’ motives might not be entirely altruistic.
On the road to “Do Not Track?”
itwbennett
writes
"Do you
know what data the 1300+ tracking companies have on you? Privacy
blogger Dan Tynan didn't until he had had enough of being stalked by
grandpa-friendly Jitterbug phone ads. Tracking company BlueKai and
its partners had
compiled 471 separate pieces of data on him. Some surprisingly
accurate, some not (hence the Jitterbug ad). But what's worse is
that opting out of tracking is surprisingly hard. On the Network
Advertising Initiative Opt Out Page you can ask the 98 member
companies listed there to stop tracking you and on Evidon's
Global Opt Out page you can give some 200 more the boot — but
that's only about 300 companies out of 1300. And even if they all
comply with your opt-out request, it doesn't mean that they'll stop
collecting data on you, only that they'll stop serving you targeted
ads."
(Related) Tracking data is valuable...
"PayPal, Google Wallet and
other online
payment systems face higher transaction fees from MasterCard in
retaliation for their refusal to share data on what people are
spending. Visa is likely to follow suit. The amount that PayPal has
to pay MasterCard for every transaction will go up as the latter
introduces new charges for intermediated payment processors. This
change is on the grounds that such processors don't share transaction
details, which the card giants would love to get
hold of as it can be used to research buying patterns and the like.
Companies such as PayPal allow payments between users, so the party
(perhaps a merchant) receiving the money doesn't need to be
registered with the credit-card company. PayPal collects the dosh
from the payer's card, and deducts a processing fee before passing
the cash on to the receiving party. MasterCard would prefer the
receiver to be registered directly so will apply the new fee from
June to any payment that is staged in this way."
Inevitable I suppose, but don't the sex
offender laws strip offenders of any and all rights? (Colorado also
has a sex offender site: http://sor.state.co.us/)
Luke Duecy reports:
A group of
convicted sex offenders is suing three websites for posting their
photos and personal information and then allegedly charging them to
take the information down.
In their federal
lawsuit, the sex offenders claim that is extortion.
Read more on Komo
News.
Update: Courthouse
News has more on the RICO complaint, here.
The plaintiffs also allege violations of California’s right of
publicity law and intentional infliction of emotional distress.
What would Walter Cronkite say?
"Jack Mirkinson reports that
Pew Research Center's annual "State of the Media" study
found that, since 2007, CNN, Fox News and MSNBC have all cut back
sharply on the amount of actual reporting found on their airwaves.
Cheaper, more provocative debate or interview segments have largely
filled the void. Pew found that Fox
News spent 55 percent of the time on opinion and 45 percent of
the time on reporting. Critics of that figure would likely contend
that the network's straight news reporting tilts conservative, but it
is true that Fox News has more shows that feature reporting packages
than MSNBC does. According to Pew MSNBC made the key decision to
reprogram itself in prime time as a liberal counterweight to the Fox
News Channel's conservative nighttime lineup. The new MSNBC strategy
and lineup were accompanied by a substantial cut in interview time
and sharply increased airtime devoted to edited packages. The Pew
Research examination of programming in December 2012 found MSNBC by
far the most opinionated of the three networks, with nearly
90% of MSNBC's primetime coverage coming in the form of opinion or
commentary."
So they must have a simple way to
identify what are essentially
“electronic gambling devices” but for some reason they can't
close the operator down?
"Concerned
about their use as fronts for gambling operations, the Florida
legislature passed
a law banning Internet cafes. The law appears to be a reaction
in part to the recent stepping down of Lt. Gov. Jennifer Carroll,
embroiled in a scandal involving a company that operates Internet
Cafes. More ordinary cafes with Wi-fi, where you supply your own
computer (such as Starbucks), are not affected by the ban."
The nomenclature here is confusing; the
bill (PDF) (summary)
is clearly aimed only at "cafes" that are
essentially gambling venues; an Internet cafe wouldn't
violate the proposed rule merely by providing computers. Whatever
you think of prohibitions on gambling among consenting adults, the
bill itself is sort of amusing for its very specific loopholes for
bingo and "reverse vending machines."
Does this have potential?
Twitter
Needs to Deal With Misinformation. Here's How
… Zeynep Tufekci is a fellow at
Princeton University's Center for Information Technology Policy.
Earlier this month, Tufekci tweeted what she thought was the new
Pope's Twitter handle. It turned out that the username was a fake.
Although Tufekci corrected herself immediately after discovering the
mistake, it didn't stop people from seeing her older, incorrect
tweet.
In a blog post later, Tufekci called
on Twitter to create a feature that would alert innocent users to
misinformation. Her suggestion? Allow the creator of the original,
mistaken tweet to issue the offending tweet again, but this time with
a big "REDACTED" or "ERROR" sign on it.*
As a way to promote transparency and
accountability among users, this isn't a bad idea. But as Tufekci
points out, there's also no guarantee that everyone will see the
second tweet with the correction appended. Nor would the system do
anything to modify her original, mistaken tweet, which is still
living in cyberspace (she didn't delete it so that there would be a
record both of the error and the correction).
Given that some people almost certainly
saw just the wrong information and not the correction, I'd suggest an
addition to Tufekci's idea—a feature that:
- Lets users mark their own tweets as incorrect after the fact, much in the way that users are able to mark their tweets as "favorites" now; that then
- Flags the content publicly with a colored tab; and
- Alerts anyone who clicks "retweet" that the tweet has been marked as incorrect by the original user.
Now this looks interesting...
Friday, March 22, 2013
… Monosnap is now available for
Windows, iOS, and Chrome.
To get started using Monosnap
download the version that is appropriate for your device. Once
installed you can use Monosnap to capture a portion or all of your
screen. Like other screen capture tools you can write on your
captured images, draw arrows, and obscure parts of the image.
One neat option in Monosnap is capturing your screen
after a ten second delay. The delayed capture option gives you time
to get everything into place for the image. That's
particularly handy when you're trying to capture a pop-up box or
drop-down menu that otherwise would disappear when you click away
from it. You can save your screen captures on your computer or
upload them to a free Monosnap account.
Applications
for Education
Monosnap,
like other screen capture tools, could be used for creating
directions on how to use a new program or application. The option to
obscure parts of an image is useful if you want to hide contact
information that was accidentally captured in your screen capture.
All hail the Google! (Because most
students just think they know how to use it)
… We are vocabulary challenged
because we are lazy about looking up new words. Don’t be; you can
use a single dictionary like the excellent Dictionary.com
to learn new words…get their pronunciations
right…use synonym
dictionaries to find similar words…use a few slang
dictionaries to learn urban speak…have some fun with video
dictionaries…or just use Google.
For my rock 'n roll niece...
Thanks to guitar tabs being shared
online, playing songs on the guitar has become easier than before.
But sometimes, you need to see somebody play the song and visually
check out their chord progressions and other techniques.
… Soundslice is a free to use web
service that offers you guitar tabs of songs along with videos. You
can search the website for songs and find their guitar tabs. As the
tabs are shown, you will find a video of somebody performing the
song. The speed of the video can be slowed down so you can better
observe the things being played. You can create your own videos on
the site as well and share it with your friends and students to
instruct them.
- Also read related articles: 4
Awesome Websites To Find Guitar Chords For Songs.
No comments:
Post a Comment