Friday, March 14, 2014
What would stop Putin if he chose to invade? Is anyone other than Russia moving troops? (We did move some F16s to Poland.)
Russia ships troops into Ukraine, repeats invasion threat
Russia shipped more troops and armor into Crimea on Friday and repeated its threat to invade other parts of Ukraine, showing no sign of listening to Western pleas to back off from the worst confrontation since the Cold War.
Russia's stock markets tumbled and the cost of insuring its debt soared on the last day of trading before pro-Moscow authorities in Crimea hold a vote to join Russia, a move all but certain to lead to U.S. and EU sanctions on Monday.
I feel so much better! But after scanning a dozen articles, I still have a few questions: Did he actually speak to the President or just a White House operator? If he did, why would the President waste time talking to Zuckerberg? (Oh yeah, campaign contributions) Would any of this have an impact on anything?
Mark Zuckerberg calls Obama to complain about NSA
Facebook founder Mark Zuckerberg on Thursday said he called President Obama to express frustration about the government's spying and hacking programs.
"When our engineers work tirelessly to improve security, we imagine we're protecting you against criminals, not our own government," Zuckerberg wrote in a Facebook post Thursday afternoon.
His concerns are based on the latest reports from investigative reporters at The Intercept, which reveal that the National Security Agency has weaponized the Internet, making it possible to inject bad software into innocent peoples' computers en masse.
The report is based on documents provided by ex-NSA contractor Edward Snowden.
Since they are “completely unregulated” perhaps my Ethical Hackers could demonstrate what they can do by gathering information on members of the state legislature... Just a suggestion. (Could we sell it to local news outlets?)
Lynda Lye writes:
Local law enforcement agencies across the Bay Area have so-called stingray devices, a powerful cellphone surveillance tool, and more are planning to acquire the technology, according to public records recently obtained by Sacramento News10. The devices are highly intrusive and completely unregulated. Although the Wall Street Journal reported in 2011 that they were being used by the federal government, the News10 records reveal for the first time that these devices are also in widespread use by local authorities stretching from San José to Sacramento. The revelations are troubling. Once again, we see the proliferation of powerful new surveillance tools, but without any rules to constrain their use. The acquisition of these devices is shrouded in secrecy and driven by federal grant money, which undermines local democratic oversight. Their actual use by local law enforcement reflects the all too common phenomenon of mission creep: Although the justification for acquiring these devices is “fighting terrorism,” agencies seem to be using them for ordinary criminal law enforcement.
Read more on ACLU
Speaking of regulation, have we every investigated a regulatory agency for failing to do their job? (Remember, the SEC was warned about Bernie Madoff several times.) Only fair if we want to point the finger of shame at Target for ignoring security warnings.
While South Korea’s Financial Supervisory Service (FSS) continues to deal with massive breaches in the financial sector, the Board of Audit and Inspection of Korea will now be investigating them:
The Board of Audit and Inspection of Korea began an inspection of the country`s financial watchdog agency Wednesday over a large-scale theft of customer information from some of local financial institutions. The state inspectors plan to investigate whether the Financial Supervisory Service (FSS) properly supervised financial institutions after some local credit card companies had 140 million cases of customer information stolen and sold to marketing firms in the country`s largest-ever data theft case. The move came after civic groups` petition last month for an inspection.
After taking office in March last year, Choi Soo-hyun, chairman of the FSS, failed to take proper follow-up measures after a theft of 140,000 cases of customer data from Citibank Korea and Standard Chartered Bank Korea, letting a much bigger theft happen. The FSS is responsible for the latest data theft case because it went no further than sending a letter of warning to financial companies involved in the incident. Nevertheless, the FSS rejected a civil petition for an inspection into the companies last week, saying that there is “nothing exceptionally new or major” in the case.
Read more on Donga.
(Related) Speaking of warnings being ignored, what would be the consequences of ignoring these?
HITRUST Announces Threat Briefings, Cyber Alerts for Healthcare Industry
The Health Information Trust Alliance (HITRUST) announced on Thursday that it will conduct monthly cyber threat briefings in partnership with the U.S. Department of Health and Human Services, and will warn organizations when HITRUST’s Cyber Threat Intelligence and Incident Coordination Center (C3) identifies high probability and impact cyber threats targeted at the healthcare industry.
The new efforts are designed to help organizations better understand current and probable cyber threats relevant to organizations in the healthcare industry and share best practices for cyber defense and incident response.
… According to a recent survey from the SANS Institute, a staggering 94 percent of all healthcare organizations said they have been victims of data breaches at some point. In its “Health Care Cyberthreat Report,” released Feb. 21, SANS said that despite the high number, organizations that have been breached but haven't disclosed the incidents, or haven't discovered it yet, aren't included in the tally.
These are becoming so common I keep thinking I've reported this case before, but apparently it was only a bunch of very similar cases..
Erin McAuley reports:
A high school unconstitutionally suspended a freshman for a harmless comment he wrote at home on his Facebook page, the boy and his family claim in court.
R.L., a 15-year-old from Manchester, Pa., and his parents, Jill and Michael Lordan, sued Central York School District, its Superintendent Michael Snell and Central York High School assistant principal Jeffrey Hamme, in Federal Court.
The Lordans say the defendants used “unconstitutionally vague rules as a basis for discipline” and exceeded their authority by punishing the boy for conduct that was off-grounds and out-of-school.
Read more on Courthouse News.
We’ve seen lawsuits like this before, of course. Anyone care to venture a guess how it turns out?
Their intent should have been to write down exactly what they meant to say.
Ralph C. Losey of Jackson Lewis writes:
The Computer Fraud and Abuse Act (“CFAA”) is an anti-hacker statute that prohibits unauthorized access, or the exceeding of authorized access, of computers connected to interstate commerce. 18 U.S.C. § 1030. Violators are subject to both criminal and civil liability. Employers have long taken advantage of the CFAA’s civil remedies to “sue former employees and their new companies who seek a competitive edge through wrongful use of information from the former employer’s computer system.” P.C. Yonkers, Inc. v. Celebrations the Party and Seasonal Superstore, LLC, 428 F.3d 504, 510 (3d Cir. 2005).
A majority of courts have to date construed the meaning of “unauthorized access” in the CFAA to include access for unauthorized purposes, such as to steal an employer’s information. They applied the anti-hacker statute even though the employee was authorized to access the computer system, just not for purposes of theft. Now a growing number of courts are stepping back from the expansive construction of what it means to be a “hacker” under the statute. They are instead limiting the CFAA to situations where the access to the computer itself was unauthorized, and disregarding whether or not the access was for a permitted use.
Read more on National Law Review.
You have phones owned by a company, issued to employees (with or without personal data) Employee owned phones used for the employers benefit (BYOD) And evey combination or variation you can think of...
Ronald K. L. Collins writes:
There has been quite a bit of news lately, along with general commentary on this blog, about the legality of police searches of the contents of an arrestee’s cell phone. The issue raised in United States v. Wurie, which the Court has agreed to review, is whether the Fourth Amendment permits the police, without obtaining a warrant, to review the call log of a cellphone found on a person who has been lawfully arrested. (The Court has also agreed to hear a companion case out of California: Riley v. California.) But there is more here than meets the constitutional eye, or so maintains Robert Corn-Revere, a noted First Amendment lawyer who is a partner at the Washington, D.C. office of Davis Wright Tremaine. Yesterday, he filed an amicus brief on behalf of the National Press Photographers Association and thirteen media organizations in support of the Petitioner in the Wurie case. What is interesting about this brief is the First Amendment argument Mr. Corn-Revere offers up to buttress the Fourth Amendment claim at stake in these cases.
Read more on Concurring Opinions.
[From the article:
Here is the media interest in all of this: “Of particular concern to Amici, media outlets increasingly rely on issuing reporters smart phones to take photographs and to record other story elements. Cell phone cameras are capable of taking high quality photographs and audio-visual recordings. And, because smart phones can connect to the Internet, it is easy for journalists to upload photo, video, audio, or text files to the Internet to file reports.” So opens this amicus brief.
Here is the problem for the media: “These new technologies have greatly expanded the ability to gather and report news, but the same capabilities that make them a boon to journalists create a grave threat if they are subject to unrestricted warrantless searches incident to arrest.
A challenge for my students: How do you make money on rapidly falling prices?
Google's Drive SLASH: Can a Cloud BURST be far behind?
Google has slashed its online Drive storage prices so fast, it undercuts all of its rivals – and its own products. The Reg suspects the web king will dramatically lower its infrastructure-as-a-service storage prices as well in two weeks.
The dramatic price cut for Google Drive was announced on Thursday: storing 100GB of data in its systems per month has fallen from $4.99 to $1.99. Storing a terabyte now costs $9.99 a month versus $49.99 previously, and 10TB will set you back $99.99 per month.
… (You can still pick up a decent 1TB drive for about 60 dollars, working out to the low price of $5 a month over a year versus Google's $9.99.)
What may get IT admins rubbing their hands with glee is that this Drive price cut also falls far below the prices charged by typical infrastructure-as-a-service providers for barebones storage. Amazon Web Services's S3 service costs $8.50 per 100GB per month, and Microsoft's Windows Azure charges $6.80 for 100GB of locally redundant stored data a month.
More intriguingly, the Drive price cut undercuts the $6.30 Google charges for storing 100GB in its mainstream infrastructure-as-a-service Google Cloud Storage.
Perhaps so. Best I've seen anyway.
The World’s Greatest Azure Demo
… I’m going to cover 14 discrete topics all stitched up into one superdemo. The plan was to take about an hour per the title in the website you see above (this is a real live website I setup in the demo and push out to worldsgreatestazuredemo.com by the way), but I got, uh, a bit carried away. Only by another 22 minutes, but sometimes there’s just a story that wants to get out and it’s hard to hold it in.
For all my students. You can't write cursive, now you can forget how to type. (Requires Chrome)
– With Dictation, you can use the magic of speech recognition to write emails, narrate essays and long documents in the browser without touching the keyboard. To get started, just connect the microphone to your computer and click the Start Dictation button. Dictation uses your browser’s local Storage to save all the transcribed text automatically as you speak.
Depressing! $9.99 per month? With so many free books and free readers available? Still, if it works it may be worth it.
is an all-you-can-read eBook service for kids, designed to get kids to love reading. With Epic!, kids can access thousands of high-quality books, instantly at their fingertips. All books are carefully selected by children’s publishing experts, teachers and parents. Well-known titles, classics, and books from award-winning authors and illustrators are added weekly.
Students: More for your toolkit?
Discovery, Discussion, Demonstration - A Selection of My Favorite Resources
This afternoon at the Literacy Promise conference in Salt Lake City I gave a presentation on how I think about educational technology and some of my favorite resources that can be used in a wide variety of settings. The slides from that presentation are embedded below.
For my students. See what you can do without a Smartphone?
Toby Shapshak: You don't need an app for that
Are the simplest phones the smartest? While the rest of the world is updating statuses and playing games on smartphones, Africa is developing useful SMS-based solutions to everyday needs, says journalist Toby Shapshak. In this eye-opening talk, Shapshak explores the frontiers of mobile invention in Africa as he asks us to reconsider our preconceived notions of innovation.
Students: This is why we say you have it good, quit complaining!
4 Classic Operating Systems You Can Access In Your Browser
You can try Windows 1.0, Mac System 7, Amiga OS and DOS – along with a few games – without leaving your browser.
Welcome to the world of online emulators.
The history of computers is fascinating, but reading will only get you so far. If you really want to know what, say, Windows was like in 1985, you don’t need to find a computer from that age. A variety of enthusiasts have used existing emulators to offer classic systems on the Web. Here’s where to find them.
Would you prefer to see Windows 3.0? That’s the system most people are familiar with, and there’s an emulator for that, too.
Want a more recent nostalgia trip? Head to VirtualDesktop.org. This site doesn’t offer emulators, but you might not even be able to tell. You’ll see interactive screenshot tours of Windows and Mac systems. Everything works as you’d expect: click start, see the menu.