At this level, it is
much more difficult to determine what was breached and what was
taken.
Tom McKay reports:
Security
researchers have identified a very,
very serious security hole in one of the
fundamental technologies protecting personal data all
across the Internet. OpenSSL, the cryptographic software library
that an estimated two-thirds of web servers worldwide use to connect
with end users and guard against digital eavesdropping, has been
vulnerable to hackers for as long as two years. It may be the
biggest security breach in the history of the Internet.
In
a blog post
published Monday, the OpenSSL researchers dubbed the critical
flaw “Heartbleed,” admitted that the glitch allows for easy,
untraceable breaches of secure systems, and announced the release of
an immediate fix.
Read more on PolicyMic.
[From
the article:
It's not theoretical.
The research team provided
evidence that with awareness of the bug, they were able to breach
Yahoo security and steal email logins and passwords without
leaving a trace.
… Until everyone
updates their servers, widespread knowledge of the bug could mean
open season for hackers. A
Tor Project blog post ominously said that "If you need
strong anonymity or privacy on the Internet, you might want to stay
away from the Internet entirely for the next few days while things
settle." Tumblr advises that you change all of your passwords
immediately, including for their own service
(Related) Probably
not, but a good start.
Everything
you need to know about the Heartbleed SSL bug
It's not yet “Skynet”
but it suggests that poor software testing can allow deadly bugs to
slip through. (When we create technology that can make decisions
autonomously, you car may choose to let you die.)
GM
Air-Bag Software Blamed in U.S. Petition to Recall Impala
… The Center for
Auto Safety, in a letter to U.S. regulators today, cited a government
petition by a former GM researcher who said he found a software fault
that can misread a passenger’s weight and render frontal air bags
inoperative.
… “This is a
design defect in every GM vehicle with the flawed algorithm” in the
software, said Clarence Ditlow, executive director of the
Washington-based Center for Auto Safety, which has been tracking
recalls and defects since it was founded in 1970.
NHTSA’s databases
don’t pinpoint the cause of air-bag failures, so it’s
not clear how many cases can be tied to a flawed algorithm,
Ditlow said.
As the value of “Big
Data” becomes more apparent, companies that are no longer
“required” to keep data may “Choose” to keep data.
This is huge.
AFP reports:
Europe’s
top court on Tuesday struck down an EU law forcing telecoms operators
to store private phone and email data for up to two years, judging it
too invasive, despite its usefulness in combating terrorism.
By
allowing EU governments to access the data, “the directive
interferes in a particularly serious manner with the fundamental
rights to respect for private life and to the protection of personal
data,” the European Court of Justice (ECJ) said.
Read more on Raw
Story.
The Court of Justice’s
press release can be found here
(pdf).
Apparently, there is no
App for that.
Cellphone
use in court keep interrupting this trial about smartphones
… U.S. District
Judge Lucy Koh has become increasingly frustrated during the first
few days of the trial pitting Apple against Samsung because the many
personal Wi-Fi signals interfere with a network the judge relies on
for a real-time transcript of the proceedings.
The phones also ring,
buzz and jingle, and can be used to take photos, a serious violation
of court rules.
Short answer: no! But
what if things change?
Richard Raysman and
Peter Brown write:’
…
courts have begun to confront a myriad of legal questions arising
from these incidents. Companies and employees have heretofore been
subject to suit in myriad jurisdictions as a result of data breaches
and disclosures. Heretofore, the results have not been consistent
and remain largely contingent on the facts of a specific controversy.
This article will discuss several pressing issues in the rapidly
evolving area of law responsive to data breaches, including:
litigating class action claims following a breach of consumer
personal data; instances of settlement of data breach claims; and
particularized data breach claims that arise after an involuntary
divulgence of medical records.
Read more on New
York Law Journal.
Scary stuff from the
insurance guys? Apparently profits aren't going up as much as
premiums.
588%
more for health insurance? It's true, survey finds
… Based on
information collected from 148 brokers, premiums around the country
increased an average 11% for group plans and 12% for individual
policies. And in some parts of the country, the rate increases are
even higher.
Premiums for individual
plans in Delaware increased a whopping 100%, followed by New
Hampshire at 90% and Indiana at 54%. In the small group market,
Washington state held the dubious honor with rates increasing 588%.
Pennsylvania small groups faced a 66% increase and in California,
employers can expect to pay premiums 37% higher than last year.
Morgan Stanley said
that while the rate hikes are “largely due to changes under the
[Affordable Care Act]” like the minimum essential benefit
requirement or increased insurer taxes, there are other factors at
work.
A Privacy Resource.
Welcome
to the home page of the European Data Protection Supervisor
by Sabrina
I. Pacifici on April 8, 2014
“The EDPS
is an independent supervisory authority devoted to protecting
personal data and privacy and promoting good practice in the EU
institutions and bodies. He does so by:
- monitoring the EU administration’s processing of personal data;
- advising on policies and legislation that affect privacy; and
- cooperating with similar authorities to ensure consistent data protection.”
A Security Resource
2014
Internet Security Threat Report, Volume 19
by Sabrina
I. Pacifici on April 8, 2014
Symanted – “The
Internet
Security Threat Report provides an overview and analysis of the
year in global threat activity. The report is based on data from the
Symantec Global Intelligence Network, which Symantec’s analysts use
to identify, analyze, and provide commentary on emerging trends in
the dynamic threat landscape.”
Obamacare links.
Affordable
Healthcare Act
by Sabrina
I. Pacifici on April 8, 2014
Healthcare.gov
- “You can read the Affordable Care Act by visiting the links
below. The health care law, sometimes known as “Obamacare,” was
signed March 23, 2010. Read the full law: The law has 2 parts: the
Patient Protection and Affordable Care Act and the Health Care and
Education Reconciliation Act. You can view them in PDF or HTML
formats below. You can also view an unofficial, consolidated version
that is more readable. In all cases, the documents are searchable
using the “Control + F” keys on your computer and typing in the
word or phrase you are looking for.
- Full Text of the Affordable Care Act and Reconciliation Act (PDF) This is not the official version, and we provide it for your convenience.
Official certified
full-text of the laws in PDF form:
- Certified full-text version: Affordable Care Act (PDF – 2.41 MB)
- Certified full-text version: Reconciliation Act (PDF – 257 KB)
Summary and certified
full-text version in HTML (web page) format:
For my students.
David
Miller's SlugBooks Out To Disrupt College Textbook Market
… Simply-said,
SlugBooks is a resource that helps college students save money on
their text books.
For my students.
You
Need No Development Skills To Create Professional Windows Phone Apps
For my students...
Who knew
Did you?
Me too,
neither..
10
Ways To Celebrate National Poetry Month
No comments:
Post a Comment