Monday, September 08, 2014

We're supposed to learn from our mistakes. Computer Security managers are supposed to learn from everyone's mistakes. Anyone else with the same vulnerability?
Brian Krebs reports:
The apparent credit and debit card breach uncovered last week at Home Depot was aided in part by a new variant of the same malicious software program that stole card account data from cash registers at Target last December, according to sources close to the investigation.
[...]
A source close to the investigation told this author that an analysis revealed at least some of Home Depot’s store registers had been infected with a new variant of “BlackPOS” (a.k.a. “Kaptoxa”), a malware strain designed to siphon data from cards when they are swiped at infected point-of-sale systems running Microsoft Windows.
Read more on KrebsonSecurity.com.

(Related) If you still have the same vulnerability, you need to follow any argument that might work.
Tom Webb reports:
Target is asking a federal judge in St. Paul to dismiss a multibillion-dollar complaint filed by groups of banks stemming from last year’s massive data breach.
The banks claim Target was negligent in its handling of shoppers’ credit and debit card information, which allowed hackers to steal sensitive information about some 100 million U.S. consumers. The banks are seeking class-action status in the case.
But in a response filed Sept. 2, Minneapolis-based Target argued the banks’ costs aren’t its responsibility. Target argues that as a retailer, it is two steps removed from the banks and credit unions that issued the cards — and therefore, not liable under the law.
Read more on Pioneer Press.


Could be some interesting ideas. Hope they publish everything.
Google plans debates on 'right to be forgotten'
Google is holding seven public meetings across Europe to debate issues raised by the "right to be forgotten" ruling.
The ruling by the European Court of Justice lets people ask Google to remove some types of information about them from its search index.
Google opposes the ruling, which has led more than 90,000 people to apply for data about them to be scrubbed.
One privacy expert was sceptical about the meetings, saying they had more to do with PR than open discussion.
Data decisions
The first meeting takes place in Madrid on 9 September, with the other six due to be held in other European capitals before 4 November.
The meetings will be chaired and run by an advisory council Google set up in the wake of the ruling. The council includes Wikimedia founder Jimmy Wales, former privacy officials and ex-judges.


Eventually, we'll figure it out?
Regulating Law Enforcement’s Use of Drone: The Need for State Legislation
by Sabrina I. Pacifici on Sep 7, 2014
Smith, Michael L., Regulating Law Enforcement’s Use of Drone: The Need for State Legislation (September 5, 2014). Available for download at SSRN: http://ssrn.com/abstract=2492374 ..
The recent rise of domestic drone technology has prompted privacy advocates and members of the public to call for the regulation of the use of drones by law enforcement officers. Numerous states have proposed legislation to regulate government drone use, and thirteen have passed laws that restrict the use of drones by law enforcement agencies. Despite the activity in state legislatures, commentary on the drones tends to focus on how courts, rather than legislative bodies, can restrict the government’s use of drones. Commentators call for wider Fourth Amendment protections that would limit government surveillance. In the process, in-depth analysis of state drone regulations has fallen by the wayside. In this article, I take up the task of analyzing and comparing state laws regulating the government’s use of drones. While the oldest of these laws was enacted in 2013, the thirteen laws passed so far exhibit wide variations and noteworthy trends. I survey this quickly-expanding list of laws, note which regulations are likely to constrain government drone use, and identify laws that provide only the illusion of regulation. I advance the thesis that the judiciary is ill-suited to address the rapidly-developing area of drone technology. Long-established Supreme Court precedent leaves the judiciary with very little power to curtail government drone use. And were the judiciary to attempt the task of restricting law enforcement’s use of drones, the solutions proposed would likely be imprecise, unpredictable, and difficult to reverse. In light of these concerns, privacy advocates and law enforcement agencies alike should support the regulation of government drone use by state legislatures, and should look to existing laws in determining what regulations are ideal.”


Is there a large demand here?
A Tablet for Grandma
Tablets may seem easy to use, but the AARP is convinced that older Americans don’t feel that way. So the organization has developed a device just for them.
The non-profit group, which terms itself the nation’s largest advocate for Baby Boomers, on Friday will unveil a $189 tablet called RealPad that is designed to be easy to operate for people over 50–and to provide help if they get stuck.
… Another notable feature is free 24/7 technical support with live staff via a toll-free number or email, a benefit that will extend for the life of the product and accompany the device if it is sold, Bradwell says. Thanks to the Internet, technicians will be able to “see exactly what the user is doing” and provide help, he adds.


Might be some useful webinars here. If not, add your own.
– makes it easy for anyone to host a web conference or find one of the thousands already happening. Conferences on BigMarker are hosted by communities organized around a topic or goal. Over 5,000 communities host conferences on topics like Improving Life for Military Families and Professional Development for Teachers.


Infographic for all our students.
How To Be A Google Power User
Think you know how to use Google? Sure, we may know about couple of Google search tips. For most people though, this infograph will put our knowledge to shame. Bet you’ll find a few tricks you never knew existed.


Dilbert perfectly illustrates, “thinking outside the box.”

No comments: