Tuesday, August 13, 2013

Does this offer the potential for new information on the breaches we know about and perhaps a few new ones? When and for how long was Nasdaq penetrated?
Hacker pleads not guilty to stealing 160M credit cards
One of the five men accused of perpetrating the largest hacking scheme ever prosecuted in the U.S., which culminated with the theft of more than 160 million credit card numbers, pleaded not guilty on Monday, according to Reuters.
The charges levied against Dmitriy Smilianets, 29, include conspiracy to commit wire fraud, wire fraud, and unauthorized access to computers. If convicted, he could spend the next 65 years in prison.
Smilianets is originally from Russia but was extradited to the U.S. from the Netherlands last year.
… According to Reuters, Nasdaq was also breached, but this information wasn't released until last month when the feds accused the group of five of carrying out the massive hacking scheme. Prosecutors told Reuters the Nasdaq breach didn't include the stock trading platform and that the hackers weren't able to get any money from this specific breach.
The hacking group's cyberattacks began in 2005 and lasted at least until the summer of 2012, according to federal prosecutors.

For my Ethical Hackers: come up with three more.
Change the Medium of Communication
To paraphrase Marshall McLuhan, the medium is the type of warrant needed. Typically the older the form of communication, the greater the legal protection it has.
… Land-line phone conversations are almost equally protected compared to letter mail, yet your phone records are available to the government as well. Once you step up to voice calls on a cell phone, the laws preventing the government from listening in tend get more lax. Text messaging even more so again. Because these cellular and WiFi communications fly through open air space, courts may find that there isn’t the reasonable expectation of privacy that governments afford land-line conversations.
Check Your Apps
Possibly the easiest way to compromise smartphone communications is to write an app that allows you access to everything on the phone, and then get people to download it.
Encrypt the Communication
… Encryption takes something that is meaningful to the average person and makes it gibberish that can only be made meaningful again through a complex mathematical process.
… By encrypting the data that is already on your phone, as in the article, How To Encrypt Data on Your Smartphone and using the methods in this article, you will have the closest thing to a spy phone that your average citizen can have.

Oh, is that all?
Orin Kerr found the Administration’s white paper on the legal analysis permitting bulk collection under Section 215 “a somewhat frustrating read.”
Read his commentary on The Volokh Conspiracy.

We need to train more “Big Data” analysts...
How Big Data Is Transforming Government
Turning Optimism into Reality: How Big Data Is Transforming Government: “The proliferation of Big Data has forced agencies to consider its great potential to revolutionize federal operations. The White House’s Big Data Initiative has invested $200 million in new research and development projects to use Big Data, and the use of Big Data in various agency activities ranging from performance tracking to budgeting has begun to take hold. As a result, many agencies are trying to train and/or hire a workforce to leverage Big Data, but in the current budget climate, new hires and investing in training courses is proving to be difficult or impossible. In order to evaluate agency efforts to leverage Big Data and provide insight on how agencies can best capitalize on the opportunities provided by Big Data given the current budget climate, the Government Business Council, with sponsorship from Booz Allen Hamilton, undertook a comprehensive research project that surveyed federal managers.”

(Related) It's George Orwell's FOIA?
UK – Freedom of Information – the next generation
By Steve Wood : “The evolution of the Freedom of Information Act (FOIA) will reach a key milestone on 1st September, as the new open data rights come into force. Changes to the law not only give new rights to request data in a form that means it can be re-used, but also give users the right to re-use that data, even commercially. It is a welcome upgrade for FOIA. The strong foundation we have in the current legislation is being enhanced by additional rights. Put simply, the more usable the data, the greater the potential to enhance accountability, transparency and economic growth. The ICO (Independent Commissioner’sOffice) is keen to play its part in the process. We’ve published new guidance on the changes, as well as an at-a-glance list of what public authorities can do to get ready for the changes. We’ve also highlighted a couple of possible pitfalls in providing the information. The changes are all about datasets, something defined in the new legislation. Section 102 of the Protection of Freedoms Act 2012 has amended sections 11 and 19 of the Freedom of Information Act, giving new rights to receive datasets in a form capable of re-use (e.g. CSV). For the first time, the Act now gives users the right to re-use datasets, under the terms of a specified licence – in most cases likely to be the Open Government Licence (OGL). The amendments also require public authorities to publish any requested datasets as part of their publication scheme, if appropriate. It is important to note that the changes do not give new rights of access – they are concerned with format and the ability to re-use datasets, once the public authority has decided that no exemptions or other provisions (e.g. costs, vexatious) in the legislation apply. The new Freedom of Information (Release of Datasets for Re-use) (Fees) Regulations 2013 have also been published today. These new regulations set out how a public authority can charge for making a certain datasets available for re-use – the costs they can recover and a reasonable return on investment.”

I think they are deluding themselves if they truly believe that this protects them from terrorists. I doubt it even inconveniences the bad guys...
Norwegian government stops Apple's aerial mapping of capital
The Norwegian government has denied a request from Apple to do a 3D mapping of the capital city of Oslo because of security concerns, according to news reports Monday.
Apple applied for a license from the government to fly over Oslo and take images, but Norway's National Security Authority rejected the application because the mapping would include military buildings, local newspaper Aftenposten reported (translated by Google Translate).
The publication said the U.S. embassy has actually stepped in to aid Apple, and Oslo's mayor also asked the NSA to reconsider.

'cause biggest doesn't always mean bestest..
43+ Alternatives to YouTube
Excellent educational content can be found on YouTube. However, not every teacher can access YouTube in his or her classroom. That's why a few years ago I compiled a big list of alternatives to YouTube. Over the years some of those sites have shut-down, started charging a fee, or have switched into another market. So this evening I went through and eliminated some sites from the list and added a few new ones. My favorite five alternatives to YouTube are listed below. You can see the complete list here. If you have a suggestion for an alternative to YouTube, please let me know.

Dilbert points out how NSA should have asked for data...

No comments: