Wednesday, May 28, 2014

Local and probably impacting my student Vets.
Two laptops stolen from Denver's VA hospital
Two laptop computers containing information on 239 veterans have been reported stolen from the Denver VA Medical Center.
The laptops, used for mobile pulmonary tests, were discovered missing from a laboratory May 20, said Daniel Warvi , spokesman for the VA Eastern Colorado Health System.
"This was a crime," Warvi said. "Somebody broke into a locked lab and stole laptops. They weren't left in a coffee shop."

There's nothing wrong with our security, except of course it didn't work. And we're going to make some changes to improve our perfect security.
Clara O’Brien reports:
Streaming music service Spotify has become the latest company to be hit by a security breach as it admitted that it had uncovered “unauthorised access” to its systems.
However, the firm said its investigation had shown only one user’s data had been accessed, and said it was not aware of any increased risk to users as a result of the breach, and said no password, financial or payment information had been accessed.
Read more on Irish Times.

An “Internet of Things” creates a “target rich environment.” Why would we not hack the low lying fruit – they create more every day!
Botnet of PoS Systems Uncovered: IntelCrawler
Researchers at IntelCrawler have pulled the covers away from a cybercrime operation that has compromised nearly 1,500 point-of-sale (PoS) terminals and other systems around the world.
The firm calls the botnet 'Nemanja'. Composed of PoS terminals, accounting systems and grocery management platforms, the researchers said they discovered it earlier this year.
"The assigned name is related to potential roots of bad actors with similar nicknames from Serbia," according to a blog post by the firm.

Since the cost is really nominal, why wouldn't everyone do this?
Abby Sewell reports:
Following a break-in at a county health contractor’s office that led to the theft of computers containing personal information about more than 342,000 patients, Los Angeles County supervisors moved to tighten protocols for protecting data.
The county already requires that workers’ laptops be encrypted. The supervisors voted Tuesday to extend that policy to also encrypt all county departments’ computer workstation hard drives.
Read more on Los Angeles Times.

Is this “Pile on eBay” week, or are they really this screwed up?
eBay riddled with XSS flaws
eBay seems to be going through a rough road since it admitted the breach last week, as yet some more flaws are discovered that haven’t been fixed and can be exploited to hijack user accounts.
Jordan Jones, the security researcher who reported the major vulnerability in eBay’s website last week, has published details of a second vulnerability that hadn’t been fixed as of Monday.
… German security researcher Michael E has spotted another persistent cross-site scripting (XSS) vulnerability that allows the hacker to inject arbitrary HTML and JavaScript code into the eBay website to create auction pages with unauthorized JavaScript code. The malicious code in turn can steal the visitors’ account cookies, allowing attackers to hijack the users’ accounts.
The Hacker News reported that eBay “accepts the same login cookies again and again, even if the victims have logged out or reset their passwords.”

Ah, you finally noticed that, did you. Report should be worth reading!
Brokers use ‘billions’ of data points to profile Americans
Are you a financially strapped working mother who smokes? A Jewish retiree with a fondness for Caribbean cruises? Or a Spanish-speaking professional with allergies, a dog and a collection of Elvis memorabilia? All this information and much, much more is being quietly collected, analyzed and distributed by the nation’s burgeoning data-broker industry, which uses billions of individual data points to produce detailed portraits of virtually every American consumer, the Federal Trade Commission reported Tuesday.
The FTC report provided an unusually detailed account of the system of commercial surveillance that draws on government records, shopping habits and social-media postings to help marketers hone their advertising pitches. Officials said the intimacy of these profiles would unnerve some consumers who have little ability to track what’s being collected or how it’s used — or even to correct false information. The FTC called for legislation to bring transparency to the multibillion-dollar industry and give consumers some control over how their data is used.
Data brokers’ portraits feature traditional demographics such as age, race and income, as well as political leanings, religious affiliations, Social Security numbers, gun-ownership records, favored movie genres and gambling preferences (casino or state lottery?). Interest in health issues — such as diabetes, HIV infection and depression — can be tracked as well.

This is interesting.
Andrea Vance reports some changes in New Zealand:
Identity theft is to be outlawed with a fine of up to $10,000 under an overhaul of privacy laws.
The Government is to beef up the watchdog powers of the privacy commissioner. Organisations will also be required to report data breaches to the commissioner, and notify those affected in serious cases.
Penalty fines are to be increased and two new offences created.
Failing to notify the commissioner of a privacy breach or impersonating someone to obtain their personal information will be illegal and carry a fine of up to $10,000.
It will also be against the law to destroy documents containing personal information that a person has sought access to. [I don't recall seeing that one before. Bob]
Read more on Stuff.

You know Facebook's Privacy Policy is questionable when Iran wants the US to extradite Mark Zuckerberg.
Iranian judge summons Facebook CEO for breach of privacy
A conservative Iranian court opened a case against instant messaging services WhatsApp and Instagram while also summoning Facebook CEO Mark Zuckerberg over complaints of privacy violation, state news agency ISNA reported on Tuesday.

Perhaps one day I'll get an email from Google that says, “Bob, we've noticed you are going bald. Kick here for a list of products to keep you looking 'Mavalous.'”
After drones, Google and Facebook eye satellites to expand internet access
Google and Facebook already compete on PCs, mobile devices and recently their rivalry has moved to the skies, but a new report from The Information suggests it could move even further from land. Over the last year or so, both looked at drone maker Titan Aerospace before Google acquired it, adding to a portfolio that includes its Project Loon experiments. Not to be outdone, Facebook is said to have acquired a drone maker from the UK called Ascenta. The only thing left? Space. The Information follows up on claims that Google is looking at a satellite company called Skybox Imaging by noting recent hires and investments in companies that deal with satellite-delivered internet. Craig Barratt is named as leading several teams at Google developing wireless internet technology to connect the rest of the world (white spaces, municipal WiFi, community routers for businesses etc.) while Google X teams work on the drones and balloons. Facebook's interests in (the) space are not as well-documented, but we can only guess that the race will reach low-orbit soon, and collect a few more startups and giants as competitors. Maybe DirecTV made its deal with AT&T too soon?

Interesting contrast.
Army of robots to invade Amazon warehouses
CEO Jeff Bezos told investors at a shareholder meeting Wednesday that he expects to significantly increase the number of robots used to fulfill customer orders.
There are currently about 1,000 robot workers on Amazon floors. The increase won't change the number of actual people employed, an Amazon spokeswoman said.
The robots are made by Kiva Systems, a company Amazon bought for $775 million two years ago.

(Related) This might be because fast-food workers want $15 per hour.
Robots will replace fast-food workers

Questions. Not just self-driving but “completely human free!” What happens when the systems crash? You can't take control and putter on home, you are dead in the water (dead in the fast lane?)
Google's Self-Driving Car Prototype Ditches the Steering Wheel
… The small, Volkswagen Bug-esque vehicle does not have a steering wheel, accelerator pedal, or brake pedal, "because they don't need them," Google said in a blog post. Just get in, and Google's car will take you to your destination with the push of a button.

Interesting. If it was oil or even coal they would already be exploiting it. Probably not worth shipping to Europe to replace Russian gas.
Colossal peat bog discovered in Congo
The bog covers an area the size of England and is thought to contain billions of tonnes of peat.
Scientists say investigating the carbon-rich material could shed light on 10,000 years of environmental change in this little-studied region.
Dr Simon Lewis, from the University of Leeds, said: "It's remarkable that there are parts of the planet that are still uncharted territory."

For my “early adopter” students. Worth $170?
Mozilla’s new Firefox OS Flame smartphone is now available for preorder
After years of talking about a Firefox OS and a few different phone models, Mozilla is finally making its heralded Flame available.
The company announced today that it has opened preoders for the new Firefox OS Flame phone. Mozilla partnered with independent design house and manufacturer T2Mobile to manufacture the phone, and you can now preorder it through, according to a company blog post.

For my students who think the textbooks are written in a foreign language.
Google Buys Visual Translation App Word Lens – Then Gives It Away For Free
Google has always put a lot of work into their translation app, so much so that it has become a very effective and powerful app for getting yourself out of linguistic tangles. But now Google has gone one better by buying Word Lens, the visual translation app, and then giving it away for free for a limited time.
What makes Word Lens special? Simply this. If you see something written in a foreign language (such as a sign), you just point the iOS or Android app at it. It then translates the language into your chosen language, all in real time, using your phone’s built-in camera – no Internet connection required.
… As I said, everything is free for the moment – the app, and all of the language packs which must be downloaded and installed separately. But when the limited offer ends, whenever that may be, the app itself will be free but the language packs will have to be bought.
… Since Google hasn’t indicated when the limited offer will end, it’s best to grab this right now. The app is fantastic and should be on every phone, along with Google Translate and other great translation apps for travelling.

No comments: