Saturday, November 29, 2014
This is kind of a big deal. Sit at home and install malware on credit card readers anywhere this company has clients? Sounds like a major hole to me.
Bill Smith reports:
Parking service provider SP Plus says its equipment at Evanston’s three downtown municipal parking garages was hacked to steal credit card data from drivers.
In a statement issued today, SP Plus says that the three Evanston garages, along with 10 more in Chicago and four in other cities, were affected by the security breach.
It says its payment card vendor notified it early this month that an unauthorized person had used that company’s remote access tool to connect to computers that process payment cards in the garages and install malware on the systems to steal the card data.
Read more on Evanston Now.
[From the article:
The company says the security breach at the Evanston garages started on Oct. 8 and that the last at-risk dates were Oct. 26 at the Church Street Garage, Nov. 1 at the Sherman Plaza Garage and Nov. 10 at the Maple Avenue garage. [Late notice again? Why? Bob]
If you have no idea what happened to your “security,” you could look for a way to spin the story to promote your latest movie. Next they'll claim the “Hacked by #GOP” translates to the “Geeks of Pyongyang!”
Sony Pictures Suspects North Korean Hand Behind Cyberattack
Sony Pictures still has no idea who is behind the catastrophic attack that rendered its company-wide computer system useless on Monday, but the company is not taking out the possibility that hackers from North Korea, possibly operating out of China, are behind the attack.
Re/code cites people familiar with the matter who say that Sony is investigating this particular line of thinking because of "The Interview", a soon-to-be-released comedy film about the assassination of North Korean leader Kim Jong-Un. The film, which stars actors Seth Rogers and James Franco, features two journalists who win a one-in-a-million interview with Kim Jong-Un, played by Randall Park. The journalists are then enlisted by the CIA to kill the North Korean leader.
As Kim Myong-chol, director for the Center for North Korea-U.S. Peace told the Daily Telegraph after seeing the film's trailer said, Kim Jong-Un is not happy about being the target of assassination attempts in a movie and warns that those behind "The Interview" will suffer "merciless retaliation". [It may appear that way to the managers at Sony! Bob]
Includes some security “Best Practices.” (Perhaps we should send a copy to Sony?)
Internet Security Threat Report 2014
… This year’s ISTR once again covers the wide-ranging threat landscape, with data collected and analyzed by Symantec’s security experts. In this summary, we call out seven areas that deserve special attention…
… If 2011 was the year of the breach, then 2013 can best be described as the Year of the Mega Breach. The total number of breaches in 2013 was 62 percent greater than in 2012 with 253 total breaches. It was also larger than the 208 breaches in 2011. But even a 62 percent increase does not truly reflect the scale of the breaches in 2013. Eight of the breaches in 2013 exposed more than 10 million identities each.
“Hey! I see you have added a “smart refrigerator” to your kitchen! I also notice that your Veggie-to-Beer ratio is a bit low.” My Ethical Hackers will be pleased that they no longer have to stumble upon the devices they hack.
Search engine for the Internet of Things
“Thingful® is a search engine for the Internet of Things, providing a unique geographical index of connected objects around the world, including energy, radiation, weather, and air quality devices as well as seismographs, iBeacons, ships, aircraft and even animal trackers. Thingful’s powerful search capabilities enable people to find devices, datasets and realtime data sources by geolocation across many popular Internet of Things networks, and presents them using a proprietary patent-pending geospatial device data search ranking methodology, ThingRank®. If you are concerned about asthma, find out about any air quality monitors in your neighbourhood; somebody working with a Raspberry Pi can find others round the corner using the same computing platform; if you notice a ship moored nearby, discover more about it by tracking it on Thingful, or get notified of its movements; a citizen concerned about flooding in a new neighbourhood can look up nearby flood monitors or find others that have been measuring radiation. You might even watch the weekly movements of a shark as it explores the oceans. The possibilities are unbounded! Thingful also enables people and companies to claim and verify ownership of their things using a provenance mechanism, thereby giving them a single web page that aggregates information from all their connected devices no matter what network they’re on, in categories that include health, environment, home, transport, energy and flora & fauna. Users can also add objects to a Watchlist in order to keep track of them, monitor their realtime status and get notifications when they change. [What a great tool for stalkers! Bob] Some of the well-known Internet of Things services that Thingful currently indexes include Weather Underground, Smart Citizen, the UK Met Office Weather Observations Website, and Netatmo, as well as others like Thingspeak, Air Quality Egg, The International Soil Moisture Network and The Sea Turtle Conservancy.”
Interesting (and huge) report.
Measuring the Information Society 2014
“The MIS Report, which has been published annually since 2009, features key ICT data and benchmarking tools to measure the information society, including the ICT Development Index (IDI). The IDI captures the level of ICT developments in 166 economies worldwide and compares progress made during the last year.
… The 6th edition of the ITU Measuring the Information Society (MIS) Report was launched on November 24th, in Tbilisi, Georgia, at the World Telecommunication/ICT Indicators Symposium (WTIS) 2014.”
For the Game Club database of “All Things Game!”
5 Sites For The Mario Lover In Us
My industry, God help me...
… The US Department of Education announced a plan to “strengthen teacher preparation.” The new guidelines, writes The Chronicle of Higher Education, “would require states to evaluate teacher-training programs based, in part, on how many of their graduates get and keep jobs and how much their graduates’ future students learn. Only programs deemed effective by their states would be eligible to award Teach Grants, which provide students with up to $4,000 a year.” [So best case we evaluate the education teaching students received based on the income of their students. Isn't that looking at what happened 5 or 10 years ago? Bob]
… Students in Finland will no longer learn handwriting, but will learn typing skills instead. I look forward to the responses from those who hail Finland as the model for all education reforms .
… Khan Academy has partnered with the Metropolitan Museum of Art.
Don't have much trouble with my Math classes...
7 Good Resources for Avoiding, Preventing, and Detecting Plagiarism
Thanks to an email from a kind reader I discovered that a couple of the resources about plagiarism that I reviewed in the past are no longer as good as they once were. Therefore, I have created this updated collection of resources for teaching students to how to avoid plagiarism along as well as resources for preventing and detecting plagiarism.
Education is the best prevention:
Purdue's OWL website is the number one place I refer students and parents to for questions not only about plagiarism, but also for questions about all parts of the writing process.
A Magical Guide to Avoiding Plagiarism is an infographic guide created by Kate Hart. A Magical Guide to Avoiding Plagiarism uses a Harry Potter theme to succinctly explain to students when and why they need to properly cite the sources of their information. I've embedded the infographic below, but I encourage you to visit Kate Hart's blog post about it as she goes into more depth on the topic of plagiarism.
Plagiarism.org, produced by the same people that produce the commercial plagiarism detection software Turn It In, has a free learning center for students and teachers. Plagiarism.org's learning center includes tips about avoiding plagiarism, definitions of plagiarism, and explanations of when you do or do not have to cite a reference. Plagiarism.org also hosts two recorded webinars addressing the topic of plagiarism in schools and how teachers can educate their students about plagiarism.
Tools and methods for detecting plagiarism:
The first thing I do when I want to check a student's work for plagiarism is to do a quick search onGoogle. If you notice that a student has strung together some phrases that you don't think they've written, put the suspected phrase inside quotation marks and search. You may also want to search on Google Scholar.
Plagiarism Checker created as a project for the University of Maryland, is an easy-to-use tool for detecting plagiarism. Simply enter a chunk of text into the search box and the Plagiarism Checker will tell you if and from where something was plagiarized.
Paper Rater is a free service designed to help high school and college students improve their writing. Paper Rater does basic spelling and grammar checks, but the real value of Paper Rater is that it tells students if their papers have elements of plagiarism. Paper Rater scans students' papers then gives students an estimate of the likelihood that someone might think that their papers were plagiarized.