Sunday, February 16, 2014

If you were one of the Class Action lawyers suing Target, would this cause you to burst into giggles?
Target was warned of credit card data breach but failed to take adequate steps
Could Target have averted the credit card data breach that afffected over 70 million customers? Possibly, if new reports are to be believed. Two months prior to the Target hack that affected around 70 million credit and debit card holders, a computer analyst of the retail giant had warned the company about possible weaknesses of its payment system that can be exploited by cyber criminals.
The warning from Target computer security insider came following a series of reports received by the company from research firms and government advisories warning of possible new threats to payment terminals. The warning was initially ignored by Target, according to sources of The Wall Street Journal.
… "It is everyone's worst-case scenario. As an intelligence analyst, there is only so much you can do," the former Target employee told WSJ. [Amen, brother! Bob]
… Target has not issued a comment nor a denial that it ignored the warnings and recommendations of its cyber security analysts. However, the company informed the body of Congress investigating the matter that its payment systems passed an audit conducted in September. As of reporting, there are at least 53 lawsuits filed against Target in connection with the security breach.

Familiar name, but a small breach.
Kickstarter Hacked, Users Suggested to Reset Their Password
On Wednesday night, law enforcement officials contacted Kickstarter and alerted us that hackers had sought and gained unauthorized access to some of our customers’ data. Upon learning this, we immediately closed the security breach [Which suggests they knew how to secure this data before the breach, but hadn't bothered to do so. Bob] and began strengthening security measures throughout the Kickstarter system.
The folks at Kickstarter mentioned credit card details of the customers were not compromised, but some information was accessed, including information included usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords.

Shows just how big Flappy Bird was. (Still no word on why the author took it down, but “Marketing” still looks like the most likely explanaion. Can you say, “Coca Cola Classic?”)
Flappy envy: Google, Apple block games with 'flappy' titles
Flappy Pig. Flappy Super Hero. Flappy Plane. Call it Flappy Fever, but numerous games with “Flappy” in the title are cropping up in app stores and it looks like Google and Apple aren't having any of it.
… A writer for TechCrunch theorized that Apple may have had enough of the Flappy-esque games decimating its popularity charts, saying: "The 'Flappy Bird' craze reached mainstream media, which means everyday users who may not following [sic] every turning point in this ongoing saga are just hitting up the App Store and searching for a download."

(Related) An infographic summary...
The Rise And Fall Of Flappy Bird

Another case of overreach? The student created the page, therefore he is responsible for the comments others posted? Is this really the “Best Practice” response to a nasty Twitter page or the “Best Practice” to combat bulling?
Amber South reports:
Chambersburg Area Senior High School officials have discovered the identity of the student responsible for a Twitter page that became popular for cyber-bullying.
The student is being disciplined in accordance with district policy, according to a district statement. No legal action is being taken, added district spokesperson Tammy Stouffer.
The administrations of Chambersburg Area School District and CASHS, and the technology department, worked together to identify the student, according to a statement. The student’s name will not be revealed, due to the student privacy policy.
The discovery comes less than two weeks after Principal Buddy Chapel told students that he would find out who was behind CASHS Confessions, a Twitter page on which students could anonymously post comments about each other, most of which were negative.
Read more on Public Opinion.
Why is this blog-worthy? Because they’re handling it in-house and didn’t refer this to law enforcement. Now we might argue that if this was all done out of school, the district shouldn’t have any authority at all, but most courts have granted districts the authority to deal with situations that create emotionally unsafe or hostile environments in school as a consequence of out-of-school behavior. So under the circumstances, I’m pretty satisfied with the way this district has handled this situation.
[From the article:
I promise my students and parents that I will continue to work to create an understanding of being responsible digital citizens, and the potential longer-term consequences of cyber-bullying." [Lessons on the 1st Amendment are somehow unavailable. Bob]
… administrators would strictly enforce a cell phone ban, to prevent students from accessing the site while at school. His biggest concern, he said, was that a student bullied on the site would take his or her own life.
"No student is going to die on my watch because of this craziness," Chapel said at one of the assemblies.
… He said any student found to be an administrator on the site would get 10 days of out-of-school suspension and would undergo administrative review with a recommendation to the school board for expulsion.
Around the time that Chapel announced the assemblies were to take place, the CASHS Confessions page was taken down and replaced with a new page of the same name, but with a different Twitter handle. The page description basically stated that the page was a response to the administration's crackdown, and comments posted were directed at Chapel and other administrators.
"The action to address the issue of cyber-bullying would have been the same, regardless of the new sites being created," Stouffer said, when asked what role the administrator-bashing comments had on the administration's mission.
That page has since been taken down.
… Not including the student who created the page, CASHS earlier suspended three students for posting comments on CASHS Confessions. Some have disputed that they were negatively involved, but Stouffer has said the district can't share details on the suspensions because of the student privacy policy.

Perhaps we could learn how much of a “burden” this really is.
Robert Gehrke reports:
Utah Attorney General Sean Reyes has discontinued his office’s use of administrative subpoenas, a controversial law-enforcement tool that lets investigators gather certain Internet or cellphone records without getting a warrant, raising serious privacy concerns.
Instead, investigators in the attorney general’s office are now required to go to a judge and get an order allowing them to obtain the information they are seeking.
Read more on Salt Lake Tribune.

TANSTAAFL (There ain't no such thing as a free lunch) I must admit, I can't figure out which ads would result from “that idiot who teaches Math.”
Jeff Gould of Pewstone Research writes:
When it introduced a new privacy policy designed to improve its ability to target users with ads based on data mining of their online activities, Google said the policy didn’t apply to students using Google Apps for Education. But recent court filings by Google’s lawyers in a California class action lawsuit against Gmail data mining tell a different story: Google now admits that it does data mine student emails for ad-targeting purposes outside of school, even when ad serving in school is turned off, and its controversial consumer privacy policy does apply to Google Apps for Education.

Curves for my statistics students on Valentine's Day?
When You Fall in Love, This Is What Facebook Sees

Why do I get so many emails with this link? Stop it!

No comments: