Saturday, August 23, 2014


This reads like the DHS knew about the Cyberattack in December 2013 (Target) but no one figured out that it was software based until late July 2014. I doubt that very much. What is really going on here?
Most U.S. Businesses Don’t Know They Were Caught Up In Massive Cyberattack
Is your payment information safe? It’s hard to know, considering many companies hit by the same cyberattack that hit Target don’t even know it.
According to a New York Times report published Friday, more than 1,000 businesses, including Supervalu and United Postal Service (UPS), were caught up in a breach affecting in-store cash register systems. The Department of Homeland Security issued an advisory that said millions of American payment cards have been affected by the hack.
At the end of July, the report says government agencies instructed companies to check for “Backoff” malware, a type of infection that occurs at the Point Of Sale. Since then seven companies have told the government their systems were hacked, but the Times says the Secret Service estimates more than 1,000 have not checked or stepped forward. Government agencies have instructed companies to search for the “Backoff” malware on their systems or enlist the help of antivirus companies.
[From the DHA notice:
… One particular family of malware, which was detected in October 2013 and was not recognized by antivirus software solutions until August 2014, has likely infected many victims who are unaware that they have been compromised.


Are hackers getting better or is it just better reporting?
Wow. At first I thought WantChinaTimes was just rehashing older news, but they’re not. They report:
South Korean authorities have unveiled a massive leak of personal information related to more than 70% of the population aged between 15 and 65 in the country. A hacker from China is one of the perpetrators, reports Duowei News, a news website operated by overseas Chinese.
The main perpetrator, last name Kim, was arrested along with over a dozen others for stealing and selling over 220 million items of personal information from 27 million South Koreans aged between 15 and 65, which accounts for about 72% of that demographic range, according to the South Jeolla Provincial Police Agency on Aug. 21.
The information had been stolen through hacking registrations on websites for online games, movie ticketing and ring tone downloads. A registration on any one of the websites can be used to trace registrations for the same person from other online service providers, the police said.
Read more on WantChinaTimes.com.
Kim Bong-Moon of Korea JoongAng Daily reports that 16 were arrested, and adds some details:
According to police, Kim reportedly received 220 million personal information items, including the names, resident registration numbers, account names and passwords, of the 27 million people from a Chinese hacker he met in an online game in 2011.
The police suspect he used the personal information to steal online game currency by using a hacking tool known as an “extractor,” which automatically logs on to a user’s accounts once the login and password are entered. He is also thought to have sold those cyber items for profit.
When passwords he received were wrong, he allegedly bought the personal information on the identification cards and their issue dates from a cellphone retailer in Daegu to change the passwords himself.


Fuel for debate? (No answers in this video)
Is Technology Shifting Our Moral Compass?
At this year's Aspen Ideas Festival, we asked a group of experts what new technologies like self-driving cars and drones might mean for our collective conscience. "When a technology first comes into the marketplace, there are always unintended consequences," says Ping Fu, chief strategy officer for 3D Systems.


I suspect the same things apply here.
OTTAWA, August 21, 2014 – Understanding a website’s privacy practices should not require a law degree or time-consuming search for relevant information, says Privacy Commissioner of Canada Daniel Therrien. Online privacy transparency has emerged as a significant concern and is among the key issues highlighted in the Commissioner’s 2013 Annual Report to Parliament on the Personal Information Protection and Electronic Documents Act, Canada’s federal private sector privacy law.


Big Brother fights terrorists!
Paul Ciocoiu reports:
The Romanian parliament passed a new law in June that makes it obligatory for all users of pre-paid SIM cards to register them, but the move designed to thwart terrorists has sparked an ongoing debate about whether the measure encroaches on the citizens’ right to privacy.


Russia demonstrates that they can cross the boarder whenever they want and do whatever they want in the Ukraine. Next week they may send in 40,000 AK47 carrying “vacationers” and Europe and the US will do nothing.
Truck Convoy Returns to Russia From Ukraine
The huge convoy of Russian trucks that entered war-torn eastern Ukraine on Friday, sharply escalating tensions, returned to Russian on Saturday after unloading food and medicine in the city of Luhansk, and the Russian government quickly declared its satisfaction with the operation.
Russia’s decision to send the convoy across the border without an escort by the International Red Cross or final clearance from the Ukrainian government in Kiev, had drawn harsh criticism. President Petro O. Poroshenko of Ukraine called it a “flagrant violation of international law.” Another senior Ukrainian official denounced it as a “direct invasion.” And NATO Secretary General Anders Fogh Rasumussen in a statement condemning the convoy’s entry, said it coincided with a “major escalation in Russian military involvement in eastern Ukraine.”


This could be very dangerous in the hands of anyone who dies not have a limitless budget.
Is the Future of Shopping No Shopping at All?
In a survey on what he terms "predictive shopping," Harvard Law professor Cass Sustein found that 41% of people would "enroll in a program in which the seller sent you books that it knew you would purchase, and billed your credit card." That number went down to 29% if the company didn't ask for your consent first.
But what if the products and services were different, like a sensor that knew you were almost out of dish detergent? Without consent, were people willing to have a company charge their account and send them more detergent? Most people (61%) weren't. But the results were a bit more interesting when Sustein did a similar survey among university students. While most still weren't into being charged automatically for books they might like, "69% approved of automatic purchases by the home monitor, even without consent." The professor posits that "among younger people, enthusiasm is growing for predictive shopping, especially for routine goods where shopping is an annoyance and a distraction."


We called them model airplanes and built them of balsa wood when I was a kid (shortly after the Wright brothers showed us how).
Drone-Rule Uproar Shows Hurdles to U.S. Commercial Rules
Hobbyists who’ve been flying unmanned airplanes and helicopters for decades asked the U.S. Court of Appeals for the District of Columbia Circuit (1002L:US) yesterday to block what they see as new restrictions imposed in June on the recreational flights.
Separate appeals were filed in the court by a drone investment group, Washington-based UAS America Fund LLC, and universities seeking broader access to unmanned aircraft for research.


Is there no justice? Where is the lawyer for the monkey?
Monkey selfie can’t be copyrighted: US regulator
WASHINGTON: US regulators have ruled in effect that the now infamous 'selfie' taken by a monkey that swiped a photographer's camera cannot be copyrighted — because it wasn't taken through a creative, self-aware process. In other words, it was more on account of an accident than smart thinking by the monkey or the photographer.


Does this suggest some business model that reviews/suggests Apps for specific groups of people? Like “Apps for Lawyers” or “Apps for students?”
Most U.S. smartphone owners don't give a fig about downloading new apps: ComScore
When it comes to apps, it seems people are as adventurous as 80-year old grandmas.
There are billions of apps out there (1.2 billion in the App Store and 1.3 billion in the Play Store), however, users have mostly shunned new apps and have stuck with ones they've already downloaded.
According to data from research firm ComScore, 65.5 percent of American smartphone users neglected to download a single app in a typical month. In its latest mobile app report, the company said that most of the remaining users that committed to a download only took in one or two apps. Only a small fraction of smartphone owners in the United States downloaded more than four apps per month.


Every week I find amusement.
The US Department of Education has given states a “reprieve” on using standardized tests to evaluate teachers’ performance. ['cause we were never serious about that. Bob]
The ACLU has filed a complaint over the Mendon-Upton School District’s iPad policies. The district allows low income students (those who are eligible for free or reduced lunches) to take their school-issued iPads home; others cannot.
Coursera and the Carlos Slim Foundation have partnered to launch Acceso Latino: “a free website created to provide U.S. Latinos easy access to tools and content about education, healthcare, job training, culture and more. This site will serve as a valuable resource to help Latinos succeed in the United States.”
Online preschool, I kid you not.
Compton Unified District school police are now authorized to carry semi-automatic AR–15 assault rifles.
Students in Dubuque Community School District will have to wear heart monitors in gym class. “The results will be transferred to an iPad and projected onto a big screen in the gym.” The data will be used to as part of a student’s grade. WTF. Who owns that data?
Northern Illinois University will restrict access to "political content," Wikipedia, Facebook, Twitter, Flickr, Pinterest, LinkedIn, and Foursquare via dorm WiFi.
68% of Americans think it should be a crime for children under age 9 to play in a park unsupervised.


Cheap and free Apps
Save On Double Dragon, R.Type & More Retro Classics, Plus Free Star Trek [iOS Sales]


For the student Book Club. (SciFI is good!)
The Hugo Awards


For my students. How would you use Watson? Teacher/tutor?
Remember when IBM’s “Watson” computer competed on the TV game show “Jeopardy” and won?
… IBM, a company with a long and successful tradition of internally-focused R&D activities, is adapting to this new world of creating platforms and enabling open innovation. Case in point, rather than keep Watson locked up in their research labs, they decided to release it to the world as a platform, to run experiments with a variety of organizations to accelerate development of natural language applications and services. In January 2014 IBM announced they were spending $1 billion to launch the Watson Group, including a $100 million venture fund to support start-ups and businesses that are building Watson-powered apps using the “Watson Developers Cloud.” More than 2,500 developers and start-ups have reached out to the IBM Watson Group since the Watson Developers Cloud was launched in November 2013.


So we should stop teaching and start training? How about if we teach the trainers?
It's Not a Skills Gap: U.S. Workers Are Overqualified, Undertrained
… Something is clearly broken in the labor market. The problem may not be the skills workers ostensibly lack. It may be that employers’ expectations are out of whack. That’s the premise of a paper by Peter Cappelli, a management professor at the Wharton School. For much of the twentieth century, it was up to industry to pluck smart, capable college graduates and turn them into quality workers. In recent decades, on-the-job training has declined. Companies want new hires to be able to “hit the ground running.”

Friday, August 22, 2014

Update.
Jennifer LeClaire reports:
The now infamous Target data Relevant Products/Services breach is still costing the company — and its shareholders — plenty. In fact, the retailing giant forecast the December 2013 incident cost shareholders $148 million. The company also lowered its full-year earnings forecast in the wake of the breach and its stock took a hit.
Read more on CIO Today.


Rare and interesting! Security managers: Send this article to everyone in your IT department!! Management means you know what is happening (and not happening) in your system.
An update to a breach previously noted on this blog.
Anna Burlson reports:
Three North Dakota University System employees who dealt in IT security have been put on administrative leave following a massive security breach last winter.
The personal information of more than 290,000 current and past NDUS students was vulnerable for four months before the hack was noticed Feb. 7. Several agencies looked into the security breach and found that the hacked server was most likely used as a “launch pad” for an overseas entity to access other servers.
Read more on Prairie Business.
[From the article:
At a State Board of Higher Education Audit Committee meeting Thursday, Lisa Feldner, vice chancellor for information technology and institutional research, said a workplace investigation revealed some employees didn’t think server security was part of their job.
… At a March meeting of the SBHE, Feldner blamed the server breach on a lack of intrusion-detection measures. Even though she was the state’s chief information officer for seven years before joining NDUS in May 2013, Feldner told the board she was unaware the highest level of intrusion detection had not been applied to the NDUS data network.
“I didn’t realize in my former life that we weren’t part of intrusion detection at the time,” Feldner told the committee Thursday. “I thought when we put them on the network ... I thought it applied to everyone.”

(Related)
David Weldon writes:
While retailers and healthcare organizations have dominated much of the data breach media attention in recent weeks, a new study finds that the nation’s colleges and universities are at even greater risk for cyberattacks.
In an email to FierceCIO, the security firm BitSight Technologies shared highlights of its new research report, “Powerhouses and Benchwarmers: Assessing Cyber Security Performance of Collegiate Athletic Conferences.” The report finds that as a sector, the nation’s top schools are at even greater risk for security breaches than are the retail and healthcare industries.
Read more on FierceCIO. You can request the full BitSight report here. Analyzing/comparing the data by athletic conferences doesn’t thrill me, but they do provide some useful information in the report.


For my Computer Security students. The technology for stealing your credit card information is evolving. (More a risk for the backward US)
Stealthy, Razor Thin ATM Insert Skimmers
An increasing number of ATM skimmers targeting banks and consumers appear to be of the razor-thin insert variety. These card-skimming devices are made to fit snugly and invisibly inside the throat of the card acceptance slot. Here’s a look at a stealthy new model of insert skimmer pulled from a cash machine in southern Europe just this past week.
The bank that shared these photos asked to remain anonymous, noting that the incident is still under investigation. But according to an executive at this financial institution, the skimmer below was discovered inside the ATM’s card slot by a bank technician after the ATM’s “fatal error” alarm was set off, warning that someone was likely tampering with the cash machine.
… Virtually all European banks issue chip-and-PIN cards (also called Eurocard, Mastercard and Visa or EMV), which make it far more expensive for thieves to duplicate and profit from counterfeit cards. Even still, ATM skimming remains a problem for European banks mainly because several parts of the world — most notably the United States and countries in Asia and South America — have not yet adopted this standard.


Ethical Hackers: Speed up your morning commute! This is true for any “Thing” on the Internet of Things.
Traffic lights are dangerously easy to hack
Anyone with a radio hooked up to a laptop can wreak havoc by remotely changing lights at will -- or by shutting them all down. That's according to findings by computer researchers at the University of Michigan.
"There's an assumption that these devices are secure. We all just trust them so much," said Branden Ghena, a computer science PhD student at the university and the lead researcher on the study. "This is critical infrastructure. We were shocked that was going on."
Azorian Cyber Security founder Charles Tendell said it's time we start seeing traffic lights as computers -- and treating them as such. Cities seeking to save money by installing smarter, automated systems shouldn't assume the equipment is safe.
"You shouldn't install this type of system without a security audit," he said.


Some people don't have a right to anonymity.
Apple, Google and Microsoft Ordered to Remove Secret App in Brazil
Apple, Google and Microsoft, have been given 10 days to remove the Secret and Cryptic apps (the Secret app client for Windows Phone users) from their respective app stores in Brazil.
… The disciplinary action was taken by Brazilian judge Paulo Cesar de Carvalho, according to local publication 'Link' (via Apple Insider), and is thought to be a consequence of public prosecutor Marcelo Zenkner recently proposing a ban on the Secret and Cryptic apps, claiming they violated Brazilian law which prohibits anonymous freedom of expression.
… The Secret app was introduced for iOS in February this year, and for Android in May. The app allows people to share what they are thinking and feeling with friends anonymously, without revealing their identity.
For those who are unaware, the Secret app is only available for iOS and Android devices. Windows Phone users have the Cryptic app instead, which acts as a third-party client for the Secret app.


How it's done in India.
Supratim Chakraborty of Khaitan & Co. writes:
Right to privacy has long been read into Article 21 (right to life and personal liberty) of the Constitution of India. However, with the proliferating use of the internet and the exorbitant rise in transfer of data through multiple technologies, the concepts of ‘data privacy’ and ‘data protection’ have started demanding greater attention than ever before. Therefore, such concepts were introduced in the Information Technology Act, 2000 (Act) through Section 43-A (Compensation for failure to protect data) and Section 72-A (Punishment for disclosure of information in breach of lawful contract).
Section 43-A primarily deals with compensation for negligence in implementing and maintaining reasonable security practices and procedures in relation to sensitive personal data or information (SPDI). Section 72-A deals with personal information and provides punishment for disclosure of information in breach of lawful contract or without the information provider’s consent.
Read more on Lexology.


How they do it in New York.
Rejecting claims by New York City government officials that taxi drivers have virtually no right of privacy while on the job, attorneys for The Rutherford Institute have asked a federal appeals court to declare unconstitutional the practice of requiring taxi cab drivers to attach GPS devices to their taxis in order to have their movements tracked. In filing a reply brief in Hassan El-Nahal v. David Yassky, Institute attorneys are calling on the U.S. Court of Appeals for the Second Circuit to follow the U.S. Supreme Court’s recent ruling that warrantless GPS surveillance of vehicles violates the Fourth Amendment’s bar on unreasonable searches and seizures, which would thereby render the New York City Taxi and Limousine Commission’s surveillance of taxi drivers an unconstitutional violation of drivers’ Fourth Amendment rights.
Read more on The Rutherford Institute.


Building a useful resource?
From their press release:
As schools increasingly rely on data to improve education, and as teachers increasingly rely on technology in the classroom to improve the learning experience, privacy concerns are being raised about the collection and use of student data. With ‘back to school’ now in full-swing, and to address both the promise and challenges surrounding privacy and data in education, the Future of Privacy Forum (FPF) today unveiled a first-of-its-kind, one-stop shop resource website providing parents, school officials, policymakers, and service providers easy access to the laws, standards and guidelines that are essential to understanding student privacy issues and navigating a responsible path to managing student data with trust, integrity, and transparency.
Check out FERPA/SHERPA, where they’ve already seeded the site with lots of links and resources, and a blog for parents by Olga Garcia-Kaplan.


Privacy? What privacy?
The Gmail Panopticon: The End of Privacy As We Know It?
It sounds like something from George Orwell’s 1984: a man sends a private e-mail and finds himself arrested for it. The e-mail wasn’t intercepted by an investigating police officer; the man wasn’t even under suspicion before his arrest. The e-mail was analyzed by an automated system that few people know about, and the offending e-mail was brought to the attention of the authorities.
Does this sound like a world you want to live in? That world is already here—and that system was used to catch a guy sending child pornography.
… Right now, they’re scanning images for child pornography. But, as some journalists have noted, Google is bound by the laws of the countries in which it operates, which means that governments could require that they turn over other sorts of information that’s found in their scans. This might sound like a stretch, but by accepting the terms and conditions of Gmail, we’ve given Google a lot of power to do what they want with our data.


Different strokes for different folks?
Baby Boomers Are Still Playing Words With Friends
College students love their Instagram. Baby Boomers still use Yahoo Mail.
These were some of the findings of a new report from the web traffic-monitoring company ComScore, which examines the most popular apps among American smartphone users. Mobile apps are now the most popular form of computing in the United States, period—more time is spent tapping away at screens than typing on desktop computers—and the report tries to give a marketer’s sense of the American app market, assessing the most popular genres of apps and whether iPhone users tend to be mostly young or old.


Another resource for my Math students.
Video Series: Introduction to Higher Mathematics
I’ve been searching lately for videos on introduction to higher mathematics and I found one series which is particularly easy to follow and with excellent explanation. The video series is titled Introduction to Higher Mathematics by Bill Shillito. The series discusses the topics like logic, set theory, relations and functions, modular arithmetic, etc. which are needed before taking a mathematics course.


Part of my “Guide for Students Who Think They Understand Tech.”
What Is The Cloud?

Thursday, August 21, 2014

An Ethical Hackers scorecard... An infographic for my Computer Security class. (Rankings are subject to debate.)
The 8 Biggest Security Breaches In History
In this digital age, almost all of your personal information stored electronically — credit cards, usernames, passwords, bank details, even photos and videos. Compare that with the past, when we used to only trust certain organisations — banks, for example. Are we now so carefree with our trust to allow almost anyone to store our private details for us?
Here’s a look at the worst security breaches in history, just to remind you that nothing is ever safe online.


Security theater.
Retired US airport body scanners fail to spot guns, knives
A type of body scanner in wide use across U.S. airports through last year fails to spot well-concealed weapons including guns and knives, computer security researchers contend.
The Rapiscan Secure 1000 full body scanner provides only "weak protection against adaptive adversaries," according to their paper, which will be presented on Thursday at the Usenix Security Symposium in San Diego. The researchers also set up a website with their findings.
"It is possible to conceal knives, guns and explosives from detection by exploiting properties of the device's backscatter X-ray technology," the paper said.
Although the Rapiscan Secure 1000 was retired from U.S. airport use last year, it is still used at court houses and prisons. Airports currently use millimeter-wave scanning technology, which the researchers have not tested.
… Part of the problem is that the manufacturers and the government have not allowed independent tests on such scanners for fear the disclosure of weakness could tip-off attackers to effective countermeasures, they wrote.
That strategy might be effective for some time, but it depends on maintaining tight purchase controls, they wrote.
"The root cause of many of the issues we describe seems to be failure of the system engineers to think adversarially," the paper said.


Intro to IT. The user as a test subject.
How Much Should You Know About How Facebook Works?
Every semester, Cornell professor Jeff Hancock asks his students to complete an experiment. First, he has them all Google the same search term. Then, he asks each student to turn to the right or left and compare the results on their screens.
What his students inevitably find, and what stuns many of them, he says, is how feeding Google an identical phrase can yield wildly different results. "They think your Google search is an objective window into the world," Hancock told me. "And they don't have a sense that they're algorithmically curated."
… Hancock co-authored a now infamous study about a secret Facebook experiment he and other researchers constructed to study emotional contagion. The work involved changing what users saw in their News Feeds as a way to manipulate their emotional states.
… One of Hancock's main areas of research has to do with "deception and its detection," according to his university website, a detail that people have asked him about, he says.
… Last month, Kate Crawford—a principal researcher at Microsoft—argued in these pages that users should be able to opt in to experimental groups. "It is a failure of imagination and methodology to claim that it is necessary to experiment on millions of people without their consent in order to produce good data science," Crawford wrote.


It's called, “being a victim of your own success.”
Google Hits Piracy Milestone
Google has a huge piracy problem, and it’s growing on a daily basis. According to TorrentFreak, Google is now asked to remove 1 million links every day, with copyright holders swamping the tech giant with DMCA takedown notices.
In 2008, Google received one request every six days, and now, in 2014, it receives one request every 8 milliseconds. The new record is 7.8 million in a single week, and the numbers are only set to increase from here on in.
Not all of these requests are honored, but the numbers are so vast that it must be getting more difficult for Google to determine which takedown requests are valid and which are bogus.


Remember, there are no weapons of mass destruction in the middle east.
Key Parts Of The Declassified US Report On The Chemical Weapons Attack In Syria
Below is the declassified U.S. intelligence assessment on the chemical weapons attack that took place in the suburbs of Damascus, Syria on August 21.
The administration considers it clear evidence that the regime of Bashar al-Assad carried out the attack with a nerve agent.
… Here's the full document: 08.30.2013++USG+Assessment+on+Syria (1)


Amusing and possibly useful.
Interactive Map of Breach-Notification Status
European member states are in the process of adopting laws and regulations that require businesses operating in their countries to notify government agencies and affected individuals when they experience breaches of personal data. Even as the EU Directive on Data Protection is being reviewed and might be replaced by a regulation, data breach notification laws, when adopted, will already apply in each Member State, mostly to telecommunications companies and Internet service providers. They are also expected to continue to evolve in how they are practically implemented before any Data Protection Regulation comes into force, which could ultimately mean that any entity processing personal data would be bound to data breach notification obligations. For many European companies, this will be a new experience fraught with challenges. American companies, in spite of their long experience with breach notification, will face new constraints and trigger points that will create a need for updating operational procedures and training EMEA staff.
See the map on Data Breaches Map. Rolling your cursor over a country’s name reveals the status of its laws.


For us winos...
Wine Stocks Directory Updated; New Research Shows US spent $21.2 Billion on Wine in 2013
New research from Canadean (http://www.canadean.com/) finds that in the US, women drink wine in order to relax and unwind, seeking good value options, whereas men are more likely to be wine buffs, searching for high quality and new drink experiences. In 2013 the US spent a total of $21.2 billion on wine. Women are the biggest drinkers accounting for 59% of consumption by volume compared to 41% for men.
According to Canadean’s new research, women desire products that will help them relax and unwind, with this need motivating over $6.7 billion in wine sales in 2013. Finding good value wine is also highly important to women: 15% of what they buy is driven by the search for products which give the best value for money. According to Catherine O’Connor, senior analyst at Canadean, this is partly due to women’s high wine consumption: Being more regular drinkers of wine than men, women look to find affordable offerings that allow them to enjoy the drink frequently without feeling guilt over their spending. This makes communicating value an essential part of how marketers should target women.”
Although they drink less wine than women, men spend more in the search for quality. Male wine consumers in the US are driven by the search for quality products and new drink experiences. Although they drink less wine than women, they spend considerably more money in their search for high quality products. Men spent $1.8 billion to meet this need in 2013, whereas women only spent $1.0 billion in their search for quality. Men are also driven to find products that offer new experiences, with this need fuelling $2.4 billion of their wine consumption compared to $2.2 billion of female consumption.”


Makes buying a used car safer.
DOT Launches Free, Online Search Tool for Recalls Using Vehicle Identification Number
by Sabrina I. Pacifici on Aug 20, 2014
“Every year, millions of vehicles are recalled in the United States due to safety defects or noncompliance with federal safety standards. To help car buyers, owners and renters know that their vehicles are safe and their safety defects have been address, the U.S. Department of Transportation’s National Highway Traffic Safety Administration (NHTSA) today unveiled a new, free, online search tool consumers can use to find out if a vehicle is directly impacted by a recall. The new tool is available on www.safercar.gov/vinlookup and provides consumers with a quick and easy way to identify uncompleted recalls by entering their Vehicle Identification Number (VIN). All major light vehicle and motorcycle brands can be searched… Also effective today, under the new NHTSA mandate, all major light vehicle and motorcycle manufacturers are required to provide VIN search capability for uncompleted recalls on their own websites. This data must be updated at least weekly. NHTSA’s new VIN look-up tool directly relies on information from all major automakers, and regularly updated information from the automakers is critical to the efficacy of the search tool. Consumers can find their vehicle identification number by looking at the dashboard on the driver’s side of the vehicle, or on the driver’s side door on the door post where the door latches when it is closed. Determining whether there is a recall that consumers need to take action on is easy. After entering the VIN number into the field, results will appear if the consumer has an open recall on their vehicle, and if there are none, owners will see “No Open Recalls…” Today’s announcement builds on NHTSA’s current efforts to provide consumers with information to help them make informed decisions, including the New Car Assessment Program (NCAP) 5-Star Ratings System, Recall envelope and Safercar mobile apps which provide on-the-spot information on crash protection features, advanced safety features, and recalls on new vehicles and many older models. In addition, NHTSA is working with the National Automobile Dealers Association (NADA) to help ensure that franchise dealerships across the United States become aware of and understand how to use the new VIN search tool.”


For students everywhere...
– is a global marketplace where you can find thousand of tutors from all parts of the world and learn a vast variety of subjects and topics online. Book quality affordable lessons from as low as $5. Pay for your lessons with your favorite credit card through a secure bank platform. Payments to teachers are only disclosed after lessons are completed and approved.


For my students who try that “TL;DR” stuff, a warning: These don't work all that well.
Too Lazy to Skim? Get The Gist With These Top 3 Summarization Tools
Ever looked at a long piece of writing and thought how convenient a quick summary would be? Felt too lazy to bother even skimming? Curious what the key points of your own writing are?
I tested a number of different free online summarization tools so you don’t have to. Just pick your favourite and off you go, ready to be lazier more efficient than ever at the click of a button.


For my App writing students.
Mobile App Development: Pressure on IT Will Increase
Forget about the frenzy surrounding mobile applications development abating or stabilizing anytime soon. Instead, it is going to increase over the next few years.
And all of those enterprise software vendor efforts to sell prepackaged mobile versions of their apps won’t make a big dent in your workload – internal development will continue to rule. Those and other surprises came out of a global survey and qualitative research report I was involved with over the past several months.
… The average number of mobile applications developed by the respondents’ organizations in the past year was nine. In addition, they purchased another nine from consultants, their enterprise software providers and other vendors. Most of the respondents’ organizations release a new version of a mobile app at least on a quarterly basis; 20% release a new app every month! And updates are even more frequent: 35% of the respondents update apps every month.
… Additional insights about the how and where of mobile applications development are included in the report. It is available here.


Free is good, copyright free is gooder.
The Public Domain Review - A Good Place to Find Public Domain Media
The Public Domain Review is a website that features collections of images, books, essays, audio recordings, and films that are in the public domain. Choose any of the collections to search for materials according to date, style, genre, and rights. Directions for downloading and saving media is included along with each collection of media.
As you might guess, nearly all of what I found in the collections on The Public Domain Review is content of a historical nature. The collections include short descriptions that explain the significance of the media you're accessing.
The Public Domain Review could be a great place to find historical media to use in history lessons, literature lessons, and art history lessons. If you're looking for colorful imagery to use as filler or backgrounds in slide presentations, the collections on The Public Domain Review are probably not your best bet. In that case, I would look to Pixabay for images that are in the public domain.


For my students, because we're a “Technical” university.
How do you Make Money on the Internet


Dilbert explains that even though working for Google is heaven, there's a catch.

Wednesday, August 20, 2014

A modern Willie Sutton would say, “It's where the PII is...”
Hospitals Increasingly Targets of Malicious Activity: Websense
According to Websense, there has been a significant global spike in malicious activity attempted against hospitals beginning in October 2013. August 2014 has seen a 600 percent increase in such activity compared to the average amount prior to October, according to the firm.
"Healthcare records hold a treasure trove of data that is valuable to an attacker directly, or for resale on the cyber black-market," said Bob Hansmann, director of product marketing at Websense. "Few records are so rich in valuable PII [personally-identifiable information] that can be used in a multitude of different follow-up attacks and fraud. Health records not only contain vital information on the identity of an individual…but also [are] often linked to bank, credit card, insurance and other financial information."


“We don't care what our users want.”
Allison Grande reports:
AOL Inc. disclosed on Friday that it doesn’t respond to signals sent by major Web browsers that indicate that online users don’t want their activities to be tracked across websites, although it said it may be willing to reconsider its position if the industry can agree on a uniform do-not-track standard.
As part of the latest update to the privacy policy that governs several of AOL’s online properties, the company inserted a new section on do-not-track signals that briefly explains how it intends to react when a Web browser sends it a signal that users don’t want their online activity tracked for behavioral advertising and other purposes.
Read more on Law360.


If your car talks to my car, can they both talk to Big Brother?
Vehicle-to-vehicle networks could save over 1,000 lives a year, US says
… The National Highway Traffic Safety Administration (NHTSA) is seeking input about a possible federal standard for vehicle-to-vehicle (V2V) technology, which would let cars automatically exchange information, such as whether they’re close to each other. The agency will accept comments from the public and industry for 60 days from when the advance notice of proposed rulemaking (ANPRM) is published in the Federal Register.
V2V would let cars do some of the work of driving or even accomplish things humans can’t, such as virtually “seeing” into blind intersections before entering them. It may be one step on the path to self-driving cars.


What makes the difference? Too close? Get a telephoto lens and get the same picture from a mile away. Disturbing? You won't see or hear the drone that snaps that picture. Intruding on your privacy? How do we measure that? If you are visible from the 37th floor apartment across the street should you really expect to be private?
Martin MacMahon reports:
Laws and regulations for drones need to be updated, according to a civil liberties group.
Micheal Vonn with the BC Civil Liberties Association says existing laws aren’t adequate for protecting peoples’ privacy.
Citizens are exempt from privacy legislation if they’re taking photographs for personal, journalistic, or artistic purposes,” she says. “What we hadn’t contemplated, of course, when we put that together, was the idea that that cameras might be flying up the 37th storey.”
Read more on News1130.


Looks like we're starting to address e-death.
Delaware becomes first state to give executors broad digital assets access
… Last week, Gov. Jack Markell signed House Bill (HB) 345, “Fiduciary Access to Digital Assets and Digital Accounts Act,” which gives heirs and executors the same authority to take legal control of a digital account or device, just as they would take control of a physical asset or document.
Earlier this year, the Uniform Law Commission, a non-profit group that lobbies to enact model legislations across all jurisdictions in the United States, adopted its Uniform Fiduciary Access to Digital Assets Act (UFADAA). Delaware is the first state to take the UFADAA and turn it into a bona fide law. While some states, including Idaho and Nevada, have some existing provisions pertaining to limited digital assets for heirs, they are not as broad as the new Delaware law.

(Related)
Twitter to remove images of deceased upon request
… Family members or other authorized people can request the removal of photos or video of deceased people on Twitter “from when critical injury occurs to the moments before or after death,” it said.
Twitter still refuses to provide account access to anyone, even if they are related to the person who has died.


As little minds are warped, so grows the adult.
Google May Start Grooming Little Googlers
Google is working on a plan to allow kids under 13 to have their own personal accounts on services such as YouTube and Gmail, according to reports.
Under the new system, parents will be able to set up accounts for their children, control their use of those accounts, and regulate the information collected about them, according to The Wall Street Journal.
Google declined to comment for this story, noting that it does not comment on rumor or speculation.
… Google's likely motivation is "a desire to compete with Facebook and other properties like Instagram, which see significant usage among kids under 13. It's seeking to cultivate the next generation of Google users," Sterling pointed out.


Apparently, I'm becoming a “source” for the student Gaming Club
Take A Coffee Break With These 6 Web Games


A least a couple I'll grab from the local library.
Books That Can Enhance Your Career Prospects


Dilbert continues a detailed analysis of the corporate legal function.