Sunday, October 27, 2013

Has anyone asked if there were any websites that “could not” be hacked by a 12-year-old? Were any CIOs or even Computer Security managers fired?
12-year-old Canadian boy admits to hacking police and government sites for Anonymous
… The boy pleaded guilty to three charges related to hacking websites that included those of Montreal police, the Quebec Institute of Public Health, the Chilean government and some non-public sites.
The attacks took some of the sites offline for up to two days, at what police estimated as a cost of $60,000 in damages. A more detailed report will be handed over next month when the boy is sentenced, according to the Toronto Sun.


Local interest. What made them look at Muhtorov? Nothing. So they looked at everyone in Colorado and waited for something “interresting” to pop up?
Robert Barnes and Ellen Nakashima report:
The Justice Department on Friday informed a terrorism suspect in Colorado that it intends to use evidence against him gathered through the government’s warrantless surveillance program, a move that will likely lead to a constitutional challenge to the law.
It is the first time the government has informed a criminal defendant that it intends to use “information obtained or derived from acquisition of foreign intelligence information conducted pursuant to the Foreign Intelligence Surveillance Act.”
Read more on Washington Post.
[From the article:
The notification came in the government’s case against Jamshid Muhtorov, a refugee from Uzbekistan who lives in Aurora, Colo. He was charged in 2012 with giving material aid to the Islamic Jihad Union, and he and another man were suspected of trying to participate in a terrorist attack planned by the group.

(Related) It's only a concern if you rely on others to do your encryption. You use an encrypted service to mask your encrypted messages, which would stand out on an unencrypted service.
There’s a great write-up by Jennifer Granick on the Lavabit case and its implications for all of us. Do read it on JustSecurity.org.

(Related) Lessons learned when the “black helicopters” drop in on you? READ THIS ARTICLE
Mega CEO: Forget anonymous e-mail. Think privacy (Q&A)
The future of secure, private e-mail doesn't lie in Silicon Valley, or Silicon Alley, or even in the Northern Hemisphere, but in New Zealand.
At least, that's what Mega.co.nz Chief Executive Vikram Kumar wants to turn into a reality.
After Kim Dotcom's Mega shook up the secure storage world, offering a mind-boggling, industry-leading 50GB of encrypted free space, the company startled the world again by announcing that it would be building an encrypted e-mail service -- but only after the unexpected closure of Ladar Levinson's Lavabit.
In the wake of the unexpected secure e-mail service closures by Lavabit and Silent Circle, what does secure e-mail even mean? From his home in windy Wellington, New Zealand, Kumar spoke over Skype about what customers should and shouldn't expect from Mega.co.nz, and why he believes in the service's approach.


We can, therefore we must. Thinking is optional. (and “Thoughtful Politician” is an oxymoron.)
David A. Lieb of Associated Press reports:
Gov. Jay Nixon’s administration displayed “indifference to the privacy rights” of Missourians by gathering personal information about driver’s license applicants, according to a report Friday from a legislatively appointed panel.
Most of the procedures chided by the report have already been halted, but the panel nonetheless concluded that Nixon’s administration disregarded state law by implementing them in the first place.
Read more on News-Leader.com. I’m still trying to locate a copy of the report online. If anyone has a link, please let me know.


So is the evil or is they ain't?
Cory Scott of LinkedIn responds to some of the privacy concerns over their new product, Intro:
This blog post is intended to provide more information and address inaccurate assertions that have been made as a result of a product we launched on Wednesday called LinkedIn Intro. Many things have been said about the product implementation that are not correct or are purely speculative, so this post is intended to clear up these inaccuracies and misperceptions.
When the LinkedIn Security team was presented with the core design of Intro, we made sure we built the most secure implementation we believed possible. We explored numerous threat models and constantly challenged each other to consider possible threat scenarios. Here are some of the actions we took in advance of the launch
Read what steps they took on LinkedIn.


For my students, who (like Paul) should be thinking about this.
Paul Allen and the Machines: Teaching the next generation of artificial intelligence
… It's a hard problem, but it's one Allen is eager to solve. After years of pondering these ideas abstractly, he's throwing his fortune into a new venture targeted entirely at solving the problems of machine intelligence, dubbed the Allen Institute for Artificial Intelligence or AI2 for short. It’s ambitious, like Allen's earlier projects on space flight and brain-mapping, but the initial goal is deceptively simple. Led by University of Washington professor Oren Etzioni, AI2 wants to build a computer than can pass a high school biology course. The team feeds in a textbook and gives the computer a test. So far, it's failing those tests… but it's getting a little better each time.


Do you suppose Dilbert is commenting on government IT projects? (Me too)


Every week, intentional or not, humor.
USA Today covers the launch of Chartbeat, a new non-profit news organization focused on education policy and politics. Chartbeat is the result, in part, of the merger of New York-based GothamSchools and Denver-based EdNews Colorado, and the org is also building out local teams in Tennessee and Indiana.
… The price-tag for LAUSD’s iPad program continues to climb: $770 per tablet.
UC Davis officer John Pike, infamous for pepperspraying non-violent student protesters in 2011, has been awarded $38,000 “for psychiatric injuries for the way he was treated afterwards.” UC Davis has also settled with the students who were sprayed. They get $30,000 apiece. [Now I can define 'ironic' Bob]
… The Apollo Group (parent of the University of Phoenix) says it will lay off 500 staff, on the heels of news that its enrollments have declined almost 20%. But don't worry. The stock market approved.
… The LMS Instructure has launched a new grant program, offering $100,000 in funding “to spur technological innovation from within the educational system.”

No comments: