I'll
be at the Privacy Foundation seminar (
http://www.law.du.edu/index.php/privacy-foundation
) today, learning what could possibly go wrong with Internet
connected eCigarettes.
The
Cigarette That Charges for Every Puff
A
recent patent from Phillip Morris imagines a web-connected e-cig. It
could help users quit—but it could also open their pipe up to
tracking and hacking.
…
Once smartened-up, the Internet-connected pipe can do many things.
Not-so-usefully, it could let users initiate a puff from the
computer—in case, I suppose, old-fashioned inhaling gets too hard.
Slightly-more-usefully, it could automatically send doctors
information about how much tobacco was burned and for how long. That
feature could be especially handy if the cigarette’s user is
participating in a clinical trial, or trying—with someone or
something else’s help—to stop smoking.
…
In the patent’s ninth column, its authors propose one feature that
might help them understand smoking’s costs: pay-as-you-puff.
Smokers, it says, might want to charge themselves a little bit of
money every time they take a hit:
…
Goldman Sachs has identified e-cigarettes of all sorts as one
of the eight great disruptive technologies of 2014, and it’s
named the Internet
of Things as the
“next mega-trend.”
…
when you connect some previously dumb object to the Internet, it can
be both hacked, and you can be tracked.
…
And—perhaps most importantly, and as pay-as-you-smoke
testifies—when you connect an object to the Internet, you
don’t quite own it the same way as you did before.
“Contained?”
Bold words.
International
Dairy Queen Confirms Data Breach
International
Dairy Queen Inc. became the latest company to confirm a data breach,
announcing Thursday the “Backoff” malware affected payment card
information at 395 of its 4,500-plus U.S. locations.
…
The company said “based on our investigation, we are confident
that this malware has been contained.”
(Related)
Listed so you know when to panic!
12
Colorado Dairy Queen stores hit by data breach
Twelve
Colorado Dairy Queen and Orange Julius locations were among the 395
hit by information-thieving hackers nationwide since Aug. 1, the
company says.
Government,
thy name is not clarity. Something to keep an eye on.
Drew
Hansen reports:
As we reported, the Office of Personnel Management’s decision not
to renew two contracts with Falls Chuch-based US
Investigations Services LLC led
to the loss of 2,500 jobs. But it might also have set a
precedent for how government handles contractor breaches.
As a reminder, in July, the background checks division at USIS was
hit by a cyber attack that reportedly affected 25,000 government
employees. USIS suspected it to be “state-sponsored.” The
government quickly suspended work with USIS and then opted to drop
its contracts with the company.
Read
more on Washington
Business Journal.
If
the government was going to set a precedent of terminating contracts
for security or data breaches, they probably should have set it years
ago after a number of breaches involving SAIC, no?
In
this case, I wonder if the government would have cancelled the USIS
contract if it had not been for an earlier problem with USIS not
running the background checks it was supposed to run.
So
is it really one strike and you’re out? I think the answer is “not
really, but if your security is really abysmal, maybe.”
Picture
this...
Hundreds
Of Thousands Of Teens Have Had Their Snapchat Photos And Videos
Intercepted By Hackers
A
giant database of intercepted Snapchat photos and videos has been
released by hackers who
have been collecting the files for years. Shocked users
of the notorious chat forum 4chan are referring to the hack as "The
Snappening," noting that this is far bigger in scale than the
iCloud hacks that recently targeted celebrities.
Underground
photo trading chatrooms have been filled in recent weeks with hints
that something big was coming. Thursday night it finally arrived: A
third-party Snapchat client app has been collecting every single
photo and video file sent through it for years, giving
hackers access to a 13GB library of Snapchats that users thought had
been deleted.
This
has potential but has no RSS feed! Good idea poorly executed.
EFF
Launches IFightSurveillance.org and Counter-Surveillance Success
Stories
“The
Electronic Frontier Foundation (EFF) today launched
IFightSurveillance.org,
a new site showcasing digital privacy advocates from around the world
who are leading the fight against mass surveillance. The site
includes figures from the organization’s growing list of
Counter-Surveillance
Success Stories, a set of guides showing how individuals
and organizations have taken on state and corporate spying in their
own countries—and won. Translated into 16 languages,
IFightSurveillance.org
highlights images and quotes from activists, business leaders,
lawyers, and technologists.
Is
this a “Right to be Forgotten” issue or a “Free Speech”
issue?
Megumi
Fujikawa reports:
Google Inc. has suffered another setback on privacy issues, this time
in Japan, following a European court ruling that gave Internet users
the right to ask the company to remove information about them from
search results.
The Tokyo District Court on Thursday issued an injunction, ordering
Google to remove some Internet search results about a Japanese man
that are considered to be violating his privacy, representatives from
both sides said.
Though the Tokyo court order has far less sweeping implications than
the precedent-setting ruling by the European Court of Justice, it
touches on similar issues.
Read
more on WSJ.
Not
sure I get this. None of this is new. All of this has been
addressed and (more or less) solved.
Report
Examines Ways to Bridge Cybersecurity Workforce Gap
A
new report from the (ISC)² Foundation and University of Phoenix
highlights the challenges posed by the shortage of cybersecurity
professionals and identifies key ways for schools and businesses to
address the situation.
Culled
from conversations with tech industry, higher education and talent
development leaders, the report identifies key gaps challenging
employers related to competency, professional experience and
"education speed-to-market."
…
"With the rising demand for qualified cybersecurity talent,
industry leaders are increasingly calling for a common definition of
the scope of work that cybersecurity covers—and agreed-upon
competencies that cybersecurity professionals must demonstrate,"
according to the report. [The
Common Body of Knowledge has been out there for some time.
http://www.techrepublic.com/article/build-your-skills-learn-these-10-security-domains-to-obtain-cissp-certification/
Bob]
…
On the higher education level, the report recommends among other
things that schools build case studies into the curriculum to ensure
students have to apply their knowledge and skills in real-world
scenarios. [There are
several Computer Security lab tools to walk students through security
software or analysis tools. Bob]
…
In
regards to professional experience, the report recommends industry
associations support student membership, and advises employers to
hire interns and partner with universities. Colleges meanwhile
should create networking opportunities for students to use to build
their resumes and experience, the report
(PDF) adds.
Have
a GoPro camera? Planning to do something truly stupid? Be sure to
broadcast it live!
–
Watch or broadcast live events from your iPhone or iPad. Watch live
local news, sports, music, conferences and thousands of other events
broadcasting live from all over the world. Follow your friends and
get notified when they go live. Broadcast live from your device
camera to viewers watching on Livestream.com or Livestream apps.
No comments:
Post a Comment