Thursday, March 06, 2014
It's pretty rare that a “C-level” executive hasn't insulated themselves sufficiently to avoid being held responsible for breaches. I wonder what is really going on here?
Target CIO Resigns After Data Breach
Retail giant Target said Wednesday that its chief information officer, Beth Jacob, has resigned effective immediately after the massive data breach late last year that exposed millions of customer payment card numbers and hurt company profits.
… According to Steinhafel, the company is conducting an external search for an interim CIO.
“We will also be elevating the role of the Chief Information Security Officer and hiring externally for this position,” he said. “Additionally, we will be initiating an external search for a Chief Compliance Officer."
Something for my Ethical Hackers: “Siri, find an easily hacked bank account and buy me a Bently.” There will be an App for that!
Apple Reportedly Plans To Open Siri To Third Parties (Just As Hackers Force It Open)
For anyone that wants Siri to do more than set iCal appointments and dictate SMS messages, there may be hope beyond a hack. Apple is reportedly working on allowing third-party services to integrate with Siri so that the iPhone’s digital assistant can carry out tasks — book flights or send texts on other messaging apps — which go beyond the services Apple can provide.
I don't suppose you could shut down the old company and spin up a new one each time you get a subpoena...
Robert Richardson writes:
According to one of the nation’s top digital civil liberties attorneys, U.S. companies have little legal recourse when powerful law enforcement agencies like the FBI make overreaching demands for their customers’ sensitive data.
In a presentation at last Thursday’s inaugural TrustyCon event, attorney Marcia Hofmann told attendees that the circumstances in which private email provider Lavabit opted to shutter its business might not be unique. Last summer Lavabit and Silent Circle, two providers of encrypted digital communications services, shuttered their services to avoid forced disclosure of their users’ data to U.S. government agencies.
Read more on SearchSecurity.
Pop quiz for congress and the Senate: 1) When is a background check mandatory? Hint: Not always! 2) If I do not “declare a willingness to break the law,” does that mean I am in compliance? 3) Will Facebook users do a better job that congress? Hint: How could they do worse?
Facebook Cracking Down on Illegal Gun Sales Planned on Site (2)
Facebook Inc. (FB:US) is cracking down on illegal gun sales planned through its website, seeking to prevent criminal activity and setting a precedent other social-media sites could follow.
Facebook will delete posts where users declare a willingness to break the law, such as to sell a gun without a background check or transport it across U.S. state lines, the company said today in a blog post. People who promote private sales of guns -- or other regulated goods and services -- might get a message from Facebook reminding them to comply with the law, while pages related to such activities will have to include language about the importance of following the law.
Students have no rights! Were there threats in these writings?
A former Moon Area School District student and his parents claim in a lawsuit moved to federal court on Wednesday that the township’s police violated his constitutional rights by seizing his personal journals and videos from his home and then showing them to school officials and other third parties.
Colin Schreiber, 20, and his parents Paul and Lora Schreiber, all of Moon, claim police lacked probable cause and obtained an overly broad search warrant in May 2011 after school officials contacted police about writings in Colin Schreiber’s personal journal, which he had with him at school.
Read more on TribLive.
...because all the worst laws are made by lawmakers?
Eric Goldman writes:
As regular readers know, I view state legislatures as currently the #1 threat to the Internet’s integrity. In the name of “protecting the kids” and “helping the Internet”, state legislatures are manufacturing a slew of anti-innovation laws that cumulatively threaten to “love” the Internet to death. Just try to keep pace with California’s legislature. This morning, I did a search at the legislative portal for the keyword “Internet” and found *415* bills in the current legislative session (2013-14). I don’t have time to peruse this legislative tsunami to find and analyze the numerous stinkers; but the pending bills that people are highlighting for me are characteristically horrifying.
Read more on Technology & Marketing Law Blog.
Dude, nothing works! We're doomed!
Deven Desai writes:
A core issue in U.S. v. Jones has noting to do with connecting “trivial” bits of data to see a mosaic; it is about the simple ability to have a perfect map of everywhere we go, with whom we meet, what we read, and more. It is about the ability to look backward and see all that information with little to no oversight and in a way forever. That is why calls to shift the vast information grabs to a third party are useless. The move changes little given the way the government already demands information from private data hoards. Yes, not having immediate access to the information is a start. That might mitigate mischief. But clear procedures are needed before that separation can be meaningful. That is why telecom and tech giants should be wary of “The central pillar of Obama’s plan to overhaul the surveillance programs [which] calls for shifting storage of Americans’ phone data from the government to telecom companies or an independent third party.” It does not solve the problem of data hoards.
Read more on Concurring Opinions.
Boo! (But they have huge PACs)
Obama administration sides against Aereo
The Obama administration has sided with the nation's television broadcasters in a pending Supreme Court case against Aereo, the Internet service that scoops up freely available television signals and streams them to paying subscribers.
A surefire indication that a game is popular?
Report: New Flappy Bird clone hits App Store every 24 minutes
Flappy Bird may be gone, but it's certainly not forgotten. A new report from Pocket Gamer has found that 60 new Flappy Bird clones were added to Apple's App Store February 28-March 3. That breaks down to 2.5 new clones per hour or one every 24 minutes.
To qualify as a Flappy Bird clone, games needed to have players guiding characters through a course of pipes (or pipe-like objects) hanging from the ceiling or emerging from the ground.
Some notable Flappy Bird clones have included Fall Out Bird (based on the band Fall Out Boy) and Flappy Bert, which was inspired by the beloved Sesame Street character. The original Flappy Bird saw more than 50 million downloads before created Dong Nguyen pulled the game down in early February, saying the game was "too addictive."
Another job for my Ethical Hackers!
Apple security rules leave inherited iPad useless, say sons
A man whose mother bequeathed her iPad to her family in her will says Apple's security rules are too restrictive.
Josh Grant, 26, from London, told BBC Radio 4's You & Yours his mother bought the tablet during her cancer treatment.
Since her death, they have been unable to unlock the device, despite providing Apple with copies of her will, death certificate and solicitor's letter.
Apple says its security measures have led the industry in helping customers protect lost or stolen devices.
I could make this blog pretty!
Getty’s Images Are Now Free for Twitter, Tumblr and Personal Blogs
Since its founding, Getty Images has charged for its photos. If a media company wanted to use a Getty photo, the company paid Getty for the rights to that photo. But the stock-photo agency noticed its photos increasingly appearing on social media and blogs that hadn’t paid for the rights—one result of images being easy to find in Google Image searches and on news sites.
So the Seattle-based photo agency has decided to make a huge portion of its photos free. On Wednesday, the company unveiled the embed tool, which will allow users to include images on websites, such as non-commercial WordPress blogs. The eligible images also come with buttons for Tumblr and Twitter, where a link to the image can be shared.
Take 8 minutes to watch this video.
Government surveillance — this is just the beginning
Privacy researcher Christopher Soghoian sees the landscape of government surveillance shifting beneath our feet, as an industry grows to support monitoring programs. Through private companies, he says, governments are buying technology with the capacity to break into computers, steal documents and monitor activity — without detection.