Oh my gosh! We gotta
do something! (We gotta sound like we care, so we can get
re-elected!) I doubt the Congressman shops at Target (perhaps his
butler does) but we're talking 110 million votes!
Target
Corporation : Clay Demands Answers on Target Data Breach, Democrats
on House Financial Services Committee Seek Congressional Inquiry
Rep. William L. 'Lacy'
Clay Jr., D-Mo. (1st CD), issued the following news release:
In
the wake of the massive Target data breach that compromised more than
40 million credit and debit card accounts as well as exposing the
personally identifiable information of as many as 110 million
Americans, Congressman Wm. Lacy Clay (D) Missouri, the Ranking Member
on the House Financial Services Subcommittee on Domestic &
International Monetary Policy, joined with 16 fellow Democrats to
demand a congressional inquiry into the
critical failure to protect the personal financial information of
millions of Americans.
(Related)
Target
Attackers May Have Used RAM Scrapers
… The most probable
suspect is software known as a random access memory, or RAM, scraper,
which steals data in its unencrypted form from the main memory of an
infected computer.
While neither Target
nor Neiman Marcus have disclosed what tools the attackers used,
security experts suspect that POS
terminals at both retail chains had been compromised with
scrapers, which then stole credit card data and other account
information. Reuters first reported the link on 12 January.
“They are grabbing at
the stage before it is encrypted,”
Perhaps it's cheaper?
Save money where you can, because the total cost of this breach could
be huge!
idRADAR has some
comments about Target’s offer of an ID theft product. I found it
interesting to read because I wouldn’t have realized that what
Target negotiated was not the usual kind of product that checks all
three major credit reporting databases – Experian, Equifax, and
Transunion. The plan Target arranged with Experian only checks
Experian’s database.
Read
the article and see what you think. [The site
was down when I clicked over Bob]
Emails for the
paranoid?
Behind
the notification service of “Have I been pwned?”
A few weeks ago now I
launched the notification service for Have I been pwned? (HIBP).
The premise of the service is that whilst it’s great to be able to
go to the HIBP
website at any time and ask it if your account had been pwned,
what’d be really great is if it could just tell you
automagically if your email address appears in a data breach loaded
into the system in the future.
You phone is a phink!
If I don't have an expectation of privacy, how long before businesses
(or governments) have an expectation of snooping? Will it become
mandatory to own a SmartPhone?
Elizabeth Dwoskin
reports:
Fan
Zhang, the owner of Happy Child, a trendy Asian restaurant in
downtown Toronto, knows that 170 of his customers went clubbing in
November. He knows that 250 went to the gym that month, and that 216
came in from Yorkville, an upscale neighborhood.
And
he gleans this information without his customers’ knowledge, or
ever asking them a single question.
Mr.
Zhang is a client of Turnstyle Solutions Inc., a year-old local
company that has placed sensors in about 200 businesses within a 0.7
mile radius in downtown Toronto to track shoppers as they move in the
city.
Read more on Wall
Street Journal.
This is what happens
when we have no expectation of privacy in public? Really? And
businesses can do what government couldn’t do without a warrant in
some cases (or could the government do this, too,
legally, with no warrant?) [Why not?
Bob]
Consider this:
Turnstyle’s
weekly reports to clients use aggregate numbers and don’t
include people’s names. But the company does collect the
names, ages, genders, and social media profiles of some people who
log in with Facebook to a free Wi-Fi service that Turnstyle runs at
local restaurants and coffee shops, including Happy Child. It uses
that information, along with the wider foot traffic data, to come up
dozens lifestyle categories, including yoga-goers, people who like
theater, and hipsters.
So they’ve got the
identified data, presumably stored for future profiling expansion?
And how are those data protected from hackers?
I find this whole
tracking thing very concerning, don’t you?
Anything I can match to
you has privacy implications.
CBS reports:
As
CBS 2′s Maurice DuBois reports, stores are increasingly offering to
send customers email receipts, which are convenient and save paper.
But
if you choose an e-receipt, experts warn that convenience comes with
a price: your privacy.
“Once
you’ve given up your email address, that retailer can use it for
any purpose,” said consumer advocate Richard Holober.
Holober
said that includes sending you more emails, using it
for targeted marketing and even selling your information to a third
party.
In
New York and New Jersey, retailers cannot request personal
information such as an email address or phone number to complete a
credit card transaction. But asking for an email address to send a
receipt is a loophole in the law.
Read more on CBS.
It’s just another
reminder of the benefits of using an email service that allows
unlimited tagged e-mail addresses and self-expiring email addresses
(Related) Same
argument. Even if I only know when you turn your thermostat down, I
might know when you are out of the house. NOTE: Connecting a “dumb”
device to the internet makes it attractive (i.e. valuable) to those
jumping into the “Internet of Things.” I'm thinking about
developing a generic “Connection Thingie” that will make any dumb
device “Internet Ready!” Care to invest?
GOOGLE’S
$3.2m [Actually $3.2
billion Bob] acquisition of
Nest, a technology company best known for its “smart thermostat”
that tracks people in their own homes, has prompted fears over users’
privacy.
The
Nest Learning Thermostat uses motion sensors to
detect movement within a home, learns its user’s habits
and adjusts heat settings accordingly.
Nest
has previously only used user information to improve its products and
has not shared it with advertisers and other services, but technology
experts have suggested Google might have other ideas in mind.
Read more on The
Week.
Only 10?
Daniel Solove writes:
Why
does privacy matter? Often courts and commentators struggle to
articulate why privacy is valuable. They see privacy violations as
often slight annoyances. But privacy matters a lot more than that.
Here are 10 reasons why privacy matters.
Read Dan’s reasons in
this LinkedIn
post.
Is there anything you’d
add to his list?
Absent Child Porn, what
kinds of data would not be allowed into the US? The random searches
for drugs or bombs seems to make sense, even if truly random searches
are not very likely to detect anything. But what evil comes across
the border as data? Do they really expect to find evidence of
planned terrorist attacks? Bootleg copies of the latest movies?
What makes the investment of time and money worthwhile?
Jaikumar Vijayan
reports:
In
a boost for civil rights advocates, the U.S. Supreme Court upheld a
lower court decision that requires U.S. border agents
to have at least some cause for searching electronic devices
belonging to travelers at the nation’s borders.
The
court on Monday declined to review a 2013
decision by the U.S. Court of Appeals for the Ninth Circuit in a
case involving Howard Cotterman, who was accused of possessing and
transporting child pornography.
Read more on
Computerworld.
Over on Wired, David Kravets reports:
A
convicted sex offender’s loss at the Supreme Court today was
indirectly a boost to the privacy rights of travelers crossing the
border to the United States.
Without
issuing a ruling, the justices let stand an appeals court’s
decision that U.S. border agents may indeed
undertake a search of a traveler’s gadgets content on a whim,
just like they could with a suitcase or a vehicle. That is known as
the ”border search exception” of United States law, where
travelers can be searched without a warrant as they enter the
country. The Obama administration has aggressively used this power
to search travelers’ laptops, sometimes copying the hard drive
before returning the computer.
Read more on Wired.
[From
ComputerWorld:
However, the court also
held that in Cotterman's case, the government had acted on reasonable
suspicion because Cotterman had a prior conviction on
child molestation charges.
Perspective
App
Usage Exploded in 2013, Except for News and Magazine Apps
… The app analytics
firm Flurry [ http://www.flurry.com/
] put out a new chart showing the year over year growth in app usage
among various categories. Messaging and social apps continued to
surge, as did productivity apps. Even games, which consumed an
enormous amount of time already, continued to grow at a rapid clip.
But take a look at the
shortest bar in the chart: News & Magazines. Media
companies have spent so much time and money generating apps, but they
just aren't working. Sure, they're growing, but far slower than the
rest of the mobile world.
Prime Numbers – For
my Math students.
[And how to program
it:
http://mathlesstraveled.com/2012/10/05/factorization-diagrams/
No comments:
Post a Comment