Saturday, June 29, 2013

Can you say, “Clueless?”
Mitch Carr reports:
The State Alcoholic Beverage Control Commission revealed Thursday that credit card information for customers at ABC stores in Greensboro and elsewhere had been compromised.
In an email , public affairs director Agnes Stevens said, “It appears that an outside scammer has hacked into the computer/sales system used by Greensboro and several other local ABC boards.”
Stevens went on to say that along with Greensboro, stores within the Triad ABC Board’s jurisdiction had been compromised, too. That board runs stores in Winston-Salem and Forsyth County as well as one store in Yadkinville and one store in Oak Ridge.
Stevens did not respond to a follow-up email asking specifically which stores had lost information or if information from every one of those stores was in jeopardy.
[...]
In an update, he adds that the manager of Greensboro’s ABC stores says they found evidence of malware at some of the Greensboro stores.
Read more on Fox8.
[From the article:
The malware has been removed and additional software was installed in an effort to prevent any similar issues from reoccurring. [Anti-virus software? Bob]
Fred McCormick, the general manager for Greensboro’s ABC stores said they had known about a potential data compromise for “four or five weeks” and that they involved law enforcement when they discovered it.
McCormick said his board waited to stop taking credit and debit cards – a move the board made Wednesday morning – because it made the decision when law enforcement told the board that was the best course of action. [It's not negligence, it's stupidity. Bob]


For my Risk Management students
How to Have the IT Risk Conversation
I run a course at the MIT Sloan School called Essential IT for Non-IT Executives. Every time my colleagues and I come to the end of the course, we ask people what they considered the most important thing they learned. Surprisingly, many people say it was "how to have the IT risk conversation."
As one CFO told me, the phrase "IT Risk" contains two dirty words. The word risk makes him feel uncomfortable. And the word IT makes him feel incompetent. Not a good way to feel ready for a productive dialogue. But being able to talk about IT risk is essential if you are going to make the right decisions about how you use technology in your business.
From a business standpoint, IT risks affect four key objectives:
  • Availability: Keeping business processes running, and recovering from failures within acceptable timeframes
  • Access: Providing information to the right people while keeping it away from the wrong people
  • Accuracy: Ensuring information is correct, timely, and complete
  • Agility: Changing business processes with acceptable cost and speed


As if we didn't have enough to worry about?
When the Black Death exploded in Arabia in the 14th century, killing an estimated third of the population, it spread across the Islamic world via infected religious pilgrims. Today, the Middle East is threatened with a new plague, one eponymously if not ominously named the Middle East respiratory syndrome (MERS-CoV, or MERS for short). This novel coronavirus was discovered in Jordan in March 2012, and as of June 26, there have been 77 laboratory-confirmed infections, 62 of which have been in Saudi Arabia; 34 of these Saudi patients have died.
… This fall, millions of devout Muslims will descend upon Mecca, Medina, and Saudi Arabia's holy sites in one of the largest annual migrations in human history. In 2012, approximately 6 million pilgrims came through Saudi Arabia to perform the rituals associated with umrah, and this number is predicted to rise in 2013.


Might make an interesting Privacy Foundation speaker.
Josh Meyer reports:
The first week on the job for Nicole Wong, dubbed by many as the US’s first chief privacy officer, has been fairly, well, private. The White House has named Wong, 44, a former top lawyer for Google and Twitter, as the new deputy US chief technology officer in the Office of Science and Technology Policy. But the appointment came with little fanfare or official communication about her role, even though Wong could have influence far and wide—not only on internet issues, but on foreign policy, trade and human rights. Here’s why.
Wong is serving as a top deputy to the White House’s chief technology officer, Todd Park, according to OSTP spokesman Rick Weiss. Beyond that, Weiss wouldn’t elaborate on what Wong will be doing. He did say, however, that characterizing her simply as a “chief privacy officer” doesn’t fully describe her role.
Read more on Quartz.
[From the article:
Wong has a stellar reputation for aggressively protecting individual privacy rights, earned during many battles she fought against the Bush and Obama administrations during her eight years as Google’s vice president and deputy general counsel. She joined Twitter as its legal director just seven months ago. Friends and former colleagues say she has mastered the complexities of cutting-edge internet and social media technologies and how the law should or shouldn’t apply to them.


Is “Quixote-esque” a word?
EPIC – EU Officials Recommend Do Not Track by Default
Via EPIC: “The International Working Group on Data Protection released a white paper on online behavioral advertising. The group of leading privacy experts from around the world noted that web tracking allows companies to “monitor every single aspect of the behavior of an identified user across websites.” The Working Group also observed that the current efforts of the W3C to develop a DNT track standard could “remain a sugar pill instead of being a proper cure and would such be useless.” The Working Group recommended “the default setting should be such that the user is not tracked” and that there be no invisible tracking of users. Senator Rockefeller, the Commerce Committee Chairman, has introduced legislation to regulate the commercial surveillance of consumers online. For more information, see EPIC: Online Tracking and Behavioral Advertising and EPIC: Federal Trade Commission.”


Sounds like a “Drone authorization” bill.
Salvador Rizzo reports that the New Jersey Senate passed S2702 by a vote of 36-0 on Thursday.
The Senate measure (S2702) would let state, county and local police and fire departments and offices of emergency management deploy the drones, with some restrictions.
Officials would be able to use the devices in criminal investigations and events that “substantially endanger the health, safety and property of the citizens of this state,” including high-risk and missing-person searches, fires and forest fires, hurricanes, floods, droughts, explosions, acts of terrorism and civil disorder.
In each case, the agency chief would have to approve the drone’s use. Departments would have to log each time they used a drone and for what purpose, and submit that information yearly along with maintenance reports to the state attorney general.
Read more on NJ.com. The bill goes to the Assembly now.


If we make then write often, we should give them some useful technology. (Far cheaper than a textbook) They even offer a free trial.
MakeUseOf recently published Your Guide to Scrivener—a how-to manual for the popular writing program. Scrivener has been around since 2006, and it is a favorite application amongst novelists and screenwriters. As a full-time non-fiction tech writer, I can’t recommend Scrivener enough for actually starting and drafting writing projects. There are two versions of the application, one for the Mac OS X ($45.00) and the other for Windows PC ($40.00).
Scrivener is not a desktop layout application like Word and Pages, but it helps you organize and export your documents to other applications. In addition to being useful for full-time writers, I think Scrivener could be very useful to students and professors who write research papers, anyone who has plans to write a book, and even bloggers looking for an application to draft and manage blog posts.


Screen sharing when using your browser. Might be interesting in my Intro classes. Or answering student questions from home...
The act of sharing your screen usually involves installing a client, connecting to a server and inviting some people to join you (who might also need to install some software too) before it works. There are a few simpler solutions – such as using Google+ Hangouts, but that involves your audience having Google+ accounts and you’re limited by the maximum party size. Luckily there’s now an even easier way of sharing your screen, and it’s an extension for Google’s Chrome browser.
Dead Simple Screen Sharing is exactly as the name suggests – a very easy and straightforward way of sharing your screen with other people. Simply install the extension, click the button in the top right corner of your browser and you will be given a unique URL. You can then share this URL with other people, who will be able to see what you’re doing online without the need for plugins or extra software.


Somehow, I'll work this into my Statistics class. Interesting comparisons, % of degrees vs % in age group.
As More Attend College, Majors Become More Career-Focused
A popular article by Verlyn Klinkenborg last week in The New York Times Sunday Review lamented the decline of English majors at top colleges and universities.
… I am sympathetic to certain parts of Mr. Klinkenborg’s hypothesis: for instance, the potential value of writing skills even for students who major in scientific or technical fields, and the risks that specialization can pose to young minds that are still in their formative stages.
But Mr. Klinkenborg also neglects an important fact: more American students are attending college than ever before. He is correct to say that the distribution of majors has become more career-focused, but these degrees may be going to students who would not have gone to college at all in prior generations..


For my amusement...
… The non-profit Common Sense Media has launched a new tool for teachers called Graphite that will share ratings on education apps and websites. The ratings include grade level, subject area, platform, price, and teacher reviews. (There’s still a huge gap here in addressing Terms of Service and data ownership issues of education products.)

No comments: