Saturday, November 08, 2014

Should be interesting to watch. I doubt there will be any sanction from regulatory agencies. NOTE: Twitter now seems to be the preferred contact method? Let's hope these guys are more current on their personal technology than they appear to be on security.
On September 3, SLC alleged that WakeMed was leaking patient information:
Status: Not Monitoring for Follow Up (Not a client)
SLC Security Services LLC has noted that this medical establishment has failed to secure patient records. Observed were patient name and date of birth as well as specific medical information. SLC Security Services LLC has confirmed the information in this report.
Additional Follow up: IT staff contacted us. We provided what information was known. The entity is not a client of SLC Security Services LLC. We are unable to verify if the company has resolved the issue at this time.
Update: As of 25 Sept 2014 this vulnerability still exist. We are seeing multiple PHI and PII from this source. The issue may be attributed to an outside source.
On October 31, SLC updated their report:
We have previously contacted both entities and neither entity responded to our notification letters.
Not only did Cape Fear Valley Health System allegedly not follow up on SLC’s report to them, they did not respond to an inquiry sent to them in September by
Neither Cape Fear Valley Health System nor WakeMed are listed on HHS’s public breach tool as having reported breaches to HHS.
Today, asked SLC Security via Twitter if they have reported their findings to HHS. also tweeted inquiries to WakeMed and Cape Fear Valley Health System to inquire whether they were aware of leaks and whether they were aware that their patients were being directly notified by SLC Security.
If I get responses, I will update this post.

(Related) “We don't need no stinking security!” No logs (or at least no review of the logs) either.
N.C. Dermatology Center Discovers Hacked Server Two Years After Attack
In another cowardly Friday afternoon data breach disclosure, Chapel Hill, N.C.-based Central Dermatology Center said that one of its servers was breached by hackers back in August of 2012, but that it has just become aware of the breach.
The company said that on September 25, 2014 it became aware that one of its servers had been compromised by malware, sparking them to immediately call in forensic experts to identify the malware and resulting fallout.
In addition to not discovering the breach until roughly two years later, the company acknowledged that they are not sure exactly what data the attackers may have gotten their hands on.

I suspect they will all go for fiber. Users will likely get gigabyte speed.
7 Colorado Towns Vote To Build Their Own Broadband Internet
As the FCC continues to debate the issue of net neutrality and fast lanes, while continuing issues with Internet Service Providers continue to plague internet users, 7 towns in Colorado have decided to branch out on their own. All 7 towns have voted to let their local governments offer internet service.
About 20 states have laws, mostly due to ISPs such as Comcast helping to get them passed, which make it difficult for a community to develop its own municipal broadband. But the rules in Colorado are unique. Colorado’s laws state that towns are able to pursue broadband if the resident’s approve the idea on an election ballot.
In Boulder, which has a population of 100,000 residents, 84 percent of the votes were in favor of allowing the city to provide high-speed internet, telecommunications, and/or cable television services to its residents, schools, libraries, businesses, and other users of these services. Similar votes were cast in the towns of Yuma, Wray, Cherry Hills Village, and Red Cliff in addition to the Rio Blanco and Yuma counties with a large majority of votes approving the measure.
However, the successful vote doesn’t mean that the government is required or guaranteed to start developing its own broadband internet service. But there is already “miles” of unused fiber to help the project get started.

My comic industry...
Harvard University has been spying on folks again. Last year it was caught searching faculty emails. This week, “the university acknowledged that as part of a study on attendance at lectures, it had used hidden cameras to photograph classes without telling the professors or the students.” The Chronicle of Higher Education write-up of the revelation contains this wonderful sentence: “But putting aside the question of whether the methodology was ethical, what did the researchers learn about classroom-attendance patterns from their study, and what were the motives behind the experiment?” Yes. Let’s put aside the ethics of surveillance and data collection in education. Carry on!
Ikeoluwa Opayemi, age 7, has been allowed back to school in Milford, Connecticut after her school reversed its decision to make her stay home due to fears of Ebola. Opayemi has been in Nigeria - where there is no Ebola.

Friday, November 07, 2014

What kind of third-party vendor would need access to Home Depot's self-checkout machines? Have they never heard of separation of duties?
Home Depot Hackers Got in Via a Vendor, Took E-Mails, Too
No one expected the news to get better on the Home Depot (HD) hack, and it hasn’t. Providing further details on Thursday of the playbook that hackers used to break into its systems, Home Depot disclosed that hackers stole 53 million e-mail addresses, on top of the data for 56 million credit cards...
The hackers used stolen credentials from a third-party vendor to enter the retailer’s network, Home Depot said in a press release. A third-party vendor was also the point of entry in last year’s breach at Target (TGT), which exposed some 40 million cards.
The hackers navigated Home Depot’s system to get to its self-checkout machines [which apparently had no firewalls or other access controls... Bob] in the U.S. and Canada and then deployed malicious software to steal card numbers, the statement said.
… Home Depot confirmed a breach of credit-card information at its stores on Sept. 8, six days after security blogger Brian Krebs reported signs of a hack. [Two months later, and they are still finding more problems? Bob]
… The hackers went for the 7,500 self-checkout lanes because those machines’ reference names in the computer system clearly identified them as payment terminals, [Why make it hard for the hackers? Bob] while some 70,000 standard registers were identified only by number, according to the Journal.

Read this article! I need someone to help me make sense of it. Will lawyers like this (since apparently I'll need a few just to access the Internet)
Rumored network neutrality approach might break the Internet instead of saving it
If current leaks are correct, the Federal Communications Commission (FCC) may be on the brink of not only undermining hope for strong, enforceable and legally sound network neutrality rules, but may also be taking steps that would ultimately disrupt the very principles that have governed the way the Internet has always worked.
The press reports do not explain what the new proposal would fully entail (in part because the ideas from which the latest proposal appears to be derived are complicated and new), but it could mean that Internet users would be swept into new relationships with Internet service providers (ISPs) they've never interacted with in the past. Based on what we do know from the press reports, we are deeply concerned about this new proposal in several respects: its ability to actually protect against blocking, discrimination and fees for prioritized access; the relative strength of the legal underpinnings the FCC would use to implement those protections; and, importantly, the ripple effects that such a proposal might have across the Internet and around the globe.
For Internet users, this approach would place their ability to access the legal content of their choosing on the shakiest of legal grounds, using a legal theory that can only incidentally afford that protection. Moreover, every piece of traffic sent (an email to a friend, a response to a click on a website, a streaming video on YouTube) could trigger a new legal relationship with an ISP on the other side of the world.
Reports suggest that the proposal flows from one or more ideas in the record. One begins with the recognition that two separate and legally distinct relationships exist in the exchange of traffic
… But the FCC may also be looking toward a second, similar proposal in the record that would recognize a simultaneous and congruous relationship among "remote hosts" and end users, and would leave the relationship between broadband providers and end users unregulated, while imposing protections instead on the relationship between the broadband providers and these newly defined "remote hosts." In contrast to the relationship created by the first proposal, the much more esoteric one created here would not be directional, and would cover every interaction on the Internet where traffic is exchanged.

I'll need some student “volunteers” to test the functionality...
Office Apps on iOS Are Now Free, Sort of
Microsoft finally brings real functionality to Office programs to iOS and Android devices for free. That means, starting today (Nov. 6), you won't need an Office 365 subscription to edit documents in the cloud.
The update breaks out each program (Word, Excel and Powerpoint) into its own app. All the apps are compatible with Dropbox integration for cloud storage. While iOS users can take advantage of the new apps today, Android fans will have to wait until early 2015 for Microsoft to bring over the new Office apps.
… What's the catch, you ask? Some advanced features such as adding columns and custom tables are still only available to Office 365 subscribers. In Word, you can change fonts, but changing a document from portrait to landscape format requires a subscription, as does Presenter view in PowerPoint.

(Related) Apparently, so does Microsoft.
Microsoft seeks testers for Office on Android tablets
Microsoft today began taking registration requests from Android tablet users for a beta of Office for Google's mobile operating system.
The final version, which Microsoft dubs "general availability," will be available in early 2015, Microsoft said, without naming a specific date or month. Meanwhile, the preview will be offered to those invited to the beta program within the next 7 days.
On the form potential preview participants were asked to fill out, Microsoft said that users must have an Android tablet with a screen size between 7-in. and 10.1-in. be running Android 4.4, aka KitKat; and forgo any OS updates during the time they use the preview.

For my students who read with their ears... Competition in good!
Scribd Adds Audiobooks To All-You-Read Library, Piling Pressure On Amazon
Scribd doesn’t take kindly to being cribbed.
In July, the San Francisco company woke up to find that had imitated one of its core services, introducing an all-you-can-read book subscription service that rivaled the “Netflix for books” model pioneered by Scribd and fellow competitor Oyster. With “Kindle Unlimited,” the Seattle retailer made it a selling point that it had more titles than the little guys, as well as something the others didn’t have: more than 2,000 audiobooks.
On Thursday, that distinction is no more as Scribd launched its own audiobook vertical, a collection that will feature 30,000 titles at no extra charge to subscribers.

(Related) Meanwhile, Amazon is headed off in another (Privacy ignoring) direction... Perhaps this speaker will read your books to you. If this device starts talking with other IoT devices, it could control your house! “I'm sorry Bob, I can't allow you to open the refrigerator door.”
Amazon Takes on Siri With 'Echo,' a Speaker You Can Talk To
… (AMZN) has launched "Amazon Echo," a speaker you leave on all day and give it voice directions, like Siri on an Apple (AAPL) iPhone.
As well as taking commands such as "Play music by Bruno Mars" or "Add gelato to my shopping list," Amazon said the device accesses the Internet to answer questions such as "When is Thanksgiving?" and "What is the weather forecast?"
Amazon said the speaker, which runs on Amazon Web Services, continually learns a user's speech patterns and preferences.
Users start the speaker up saying the wake up word, "Alexa."

TV over the Internet. CNN was first on Cable. Will being first help CBS win the market?
CBSN: About the streaming network
CBS News and CBS Interactive today launched CBSN, the first digital streaming news network that will allow Internet-connected consumers to watch live, anchored news coverage on their connected TV and other devices. At launch, the network is available 24/7 and makes all of the resources of CBS News available directly on digital platforms with live, anchored coverage 15 hours each weekday.

Thursday, November 06, 2014

Tools & Techniques. For my Ethical Hackers and Computer Security students.
OS X malware infecting connected iPhones, iPads
Researchers at network security company Palo Alto Networks have uncovered a new and sophisticated form of malware which attacks iOS devices through USB connections from OS X systems. They have called it WireLurker.
Palo Alto Networks says that "...this malware family heralds a new era in malware" and if the claims are true, the find is indeed significant. It is the first malware to generate malicious iOS applications automatically through binary file replacement and can infect installed iOS applications.
The company provides more detail in a report entitled "WireLurker: A New Era in OS X and iOS Malware." [Register for access Bob]
[From the report:
Characteristics of this malware family, including its ability to infect even non-jailbroken iOS devices

(Related) Keep up guys.
Stealthy Phishing Tactic Targets Online Shoppers
Researchers at Trend Micro say they have uncovered a crafty phishing technique that can help attackers steal information while flying under the radar of site owners.
… In the case of Operation Huyao, the attacker's malicious site acts as a relay for the original site, and as long as the victim is only browsing the page, they will only see the content they would on the legitimate site. When they go to enter payment information however, things change.
"It does not matter what device (PC/laptop/smartphone/tablet) or browser is used, as the attacker proxies all parts of the victim’s HTTP request and all parts of the legitimate server’s response," the researcher blogged.

Really nothing new here.
Top 5 Facebook Scams Revealed in Two-Year Study
A two-year study by Bitdefender sheds some light on the most popular types of scams on Facebook and who is falling for them.
The study examines more than 850,000 Facebook scams. Analyzing each of them revealed the following top five bait categories for attackers looking to hit users with spam, malware or other attacks: profile viewer scams (45.5 percent); Facebook functionality scams such as claims about adding a dislike button (29.53 percent); gift card/gadget giveaway scams (16.51 percent); celebrity scams such as death hoaxes (7.53 percent); and atrocity videos with subjects like animal cruelty (0.93 percent).
[The “top 5” cover 100%? Bob]

Perhaps a new topic for my Ethical Hacking class, “Quasi-Ethical Vigilantism?”
U.S. Mulls New Tactics to Stem Wave of Cyberattacks
As hacking attacks reach epidemic proportions, the US cybersecurity community is looking at new ways to step up defense, including counterattacking the hackers themselves.
Stewart Baker, a former assistant secretary of homeland security who now practices law in Washington, argues that limited "hacking back" could be justified, even though the legal issues are unclear.
Morally justified?
Baker said any actions a company takes outside its own network could be viewed as illegal, but there is a strong case to be made for reaching out to networks of third parties used by hackers to transit stolen data.
"I think you are morally justified for sure" in taking such actions, Baker told AFP. "And I think the probability of being prosecuted is very low."
Baker said if a firm can locate its stolen data and has a way to recover it, "they would be crazy not to."
"They can't wait for the government to get a court order. By the time that happened, everything is going to be gone."
But going beyond that, such as seeking to take out a hacker network, would mean "taking on risks" of legal liability.
US Justice Department guidelines caution against any retaliation.
Baker said the guidelines "don't quite say it's illegal, they say it's a bad idea."

Sure to get the attention of lawyers and insurance companies.
Daniel Tepfer reports:
In a case involving a Westport doctor’s office, the state Supreme Court has ruled that patients can sue for negligence if a medical office violates regulations that dictate how medical offices must maintain patient confidentiality.
This is the first time the state’s highest court has ruled regarding this issue. Connecticut now joins Missouri, West Virginia and North Carolina in similar rulings.
“Before this ruling, individuals could not file a lawsuit claiming violation of their privacy under the (Health Insurance Portability and Accountability Act of 1996) regulations,” said Trumbull lawyer Bruce Elstein, who brought the case. “It was for that reason that we filed a negligence claim, claiming the medical office was negligent when it released confidential medical records contrary to the requirements set forth in the regulations.”
Read more on CTPost.

“Stupid is as stupid does!” F. Gump
Warrant: Eric Frein surfed Internet while on the run
The man accused of ambushing two Pennsylvania state troopers, killing one, used a laptop and surfed the Internet during the weeks-long manhunt that ended with his arrest last week, according to court documents.
… The fact that Frein exposed himself to capture by using a cell phone is somewhat surprising, given that officials said he had conducted Internet searches on his home computer in the last two years with queries such as "can police track cell phone" and "how to escape a manhunt.
… Frein told investigators "he had used the laptop to access the Internet using open Wi-Fi accounts he could find in the area while he was evading authorities," according to the warrant. Because most wireless Internet routers' signals can't reach farther than a couple of hundred feet at most, Frein probably was quite close to homes or businesses that had unsecured Wi-Fi.

“Saving face,” government style? Our 'Right to know' vs. our 'Right to what the government wants us to know?'
ACLU slams no-fly zone over Ferguson
The Federal Aviation Administration (FAA) violated constitutionally protected free-press rights with a media-specific flight ban over Ferguson, Mo., earlier this year, the American Civil Liberties Union (ACLU) says.
The ACLU wrote a scathing letter to the FAA this week, accusing the agency of trying to “suppress aerial press coverage” during the events that unfolded after Michael Brown, an unarmed black teen, was shot to death by a police officer in Ferguson.
The FAA established a “no-fly zone” that was targeted at news helicopters, as well as drones, the ACLU charges.
"An air ban singling out media aircraft is an unacceptable and unlawful abridgement of the rights of a free press,” the ACLU wrote Tuesday. "It is particularly alarming when implemented during events at which law enforcement may be engaging in practices that violate constitutional rights.”

(Related) Perhaps this is a good place to point to an Infographic.
The Ethics of Data, Visualized
TRACEY WALLACE – Truth in Data: “Big data sparked public interest in the U.S. beginning with the NSA scandal. Suddenly, it was mass knowledge that not only could the government, or any entity, collect your social media, email or cell data, but they could use it against you. This concept certainly isn’t brand new, and it certainly was occurring long before the NSA’s data collection and use methods were revealed. In fact, social media platforms like Facebook are explicit in their Terms of Service as to whom your on-platform activity belongs. And, if you think it is you, you are wrong. Disable cookies from your browser and you won’t be able to use Facebook, Twitter, LinkedIn, Google and many otherwise free digital services. That’s because these platforms are not free. We all exchange our data for the service, and in turn receive more targeted ads based on who our friends are, what we say to them in email, who we retweet most often and what keywords are typically found in our digital resumes.
… In all, the biggest problem with data collection for most people is this: they didn’t know it was happening.
… Here, we break down how all the world feels about big data, the internet and how these two entities are affecting worldwide privacy and security.

Interesting. Perhaps I should “friend” Warren Buffet?
The Surprising Ways that Social Media Can Be Used for Credit Scoring
Many employers today are looking at the social media accounts of potential employees to get an idea of the type of person they might be hiring. They’re not the only ones — lending companies are also getting in on the act. And new research shows that some of the more unusual things you post or the people you might be connected to could have an impact on your credit score.
The paper, “Credit Scoring with Social Network Data,” was authored by Yanhao Wei, a Ph.D. student in economics at the University of Pennsylvania, Wharton marketing professors Christophe Van den Bulte and Pinar Yildirim, and Boston University professor Chrysanthos Dellarocas. Yildirim recently discussed their findings on the Knowledge@Wharton show on Wharton Business Radio, which you can find on SiriusXM Channel 111.
An edited transcript of the conversation appears below.

Inevitable. ...and simple physics. If I've printed a gun, I need ammunition. (I thought I was clever when I printed targets)
Shot Heard 'Round The 3D Printing World, A Bullet Designed For Printed Guns
It was only a matter of time before someone realized that a printer could produce a pistol, but early prints have proven to be of little threat. Why? Because traditional ammunition essentially destroys the printed firearm after a single shot, plus, misfires are common. In other words, the physics of the operation make it dangerous to be on the firing side, too. By and large, that's why you haven't seen an uproar of attention around 3D weapons -- they're just entirely too impractical to be worried about. [Not the proper way to assess risk. Bob]
That could change, however, as a crafter from Pennsylvania has revealed a handmade bullet that effectively wraps the shot in a barrel that will absorb the impact.

Something for my website students.
The Amazing Pattern Library

New technique to share with my spreadsheet class. (Google's answer to Office 365)
Google gives Microsoft office an awkward hug with new plugin
… Google has now created a Chrome plugin and new desktop Drive client that instead offers the chance to suck a document out of its cloud and into the desktop app of your choice.
… The company is also promising that when you save a document stored in Drive, the changes will be saved back to Drive.
The plugin, client, and Gmail account needed to get this going are all free to individuals.

(Related) I could use this in my spreadsheet class, but I'm leaning toward Statistics... (I have mentioned this in an earlier post.)
Zip Lookup - Demographics by Zip Code
Zip Lookup is a nice use of the Esri mapping platform. The map allows you to enter any US zip code to discover demographic data about that area. Whenever I see something like this I am skeptical of how well it will work for very small towns like the one that I live in (Woodstock, Maine). I was pleasantly surprised to find that Zip Lookup was quite accurate. In fact, it even included a blurb about the most popular satellite television stations in my zip code (my zip code is actually shared with a town, a village, and an unorganized township).

For my Android toting students.
The 8 Best Office Suites On Android For Getting Work Done

For my students who read...
Tools for Working With ePub Files In Your Browser
From time to time when you're conducting research online you may find yourself coming across an ePub file. While you may have a tablet that can read open ePub files, it may be more convenient to simply open the file in your browser. For example, when you just need to search a document rather than read the whole thing opening the ePub in your browser could save you some time. Here are a couple of tools for accessing ePub files in your web browser.
EPUBReader is a Firefox add-on that will allow you to read ePub documents within your browser. EPUBReader downloads ePub files and displays them directly in your browser. The video below offers a short demonstration.
Magic Scroll is a Chrome web app that you can use to read ePub files on your desktop or laptop even if you do not have an internet connection.

Dilbert gives you a PhD level understanding of Marketing in one cartoon!

Wednesday, November 05, 2014

For my Ethical Hackers. It's not just for lawyers communications with their clients.
From EFF:
In the face of widespread Internet data collection and surveillance, we need a secure and practical means of talking to each other from our phones and computers. Many companies offer “secure messaging” products – but how can users know if these systems actually secure? The Electronic Frontier Foundation (EFF) released its Secure Messaging Scorecard today, evaluating dozens of messaging technologies on a range of security best practices.
Read more of their press release here.
For the full Secure Messaging Scorecard:

Also for my Ethical Hackers and Computer Security students. Why spend (waste) time hacking when you can steal the whole (unencrypted) database so easily?
Jasmine Pennic reports:
68 percent of all healthcare data breaches since 2010 are due to device theft or loss, according to the 2014 Healthcare Breach Report from Bitglass. Despite the recent headlines of hacker attacks to hospitals, only 23 percent of healthcare data breaches were a result of cybercriminals compromising networks and exfiltrating data. The findings come from analyzing data on the United States Department of Health and Human Services’ “The Wall of Shame,” a database of breach disclosures required as part of the Health Insurance Portability and Accountability Act (HIPAA).
Read more on HIT Consultant.

The government loves Facebook users.
Social networking giant Facebook on Tuesday released its third Government Requests Report that are meant to provide greater transparency over the amount of data authorities try to source from it.
According to its latest transparency report, the California-based company received 34,946 data requests during the first six months of this year.
… In addition, it also saw a 19 percent rise in the amount of data held back due to the local laws. [Interesting, but no details in this article. Bob]

Interesting roadblock. Will it reinforce the FBI's call for easier access?
Adam Klasfeld reports:
Just in time for Halloween, a federal magistrate gave the government a fright by restricting its prodigious power to surveil cellphones.
U.S. Magistrate Judge Gabriel Gorenstein’s five-page order Friday does not identify any information about the manufacturer, suspect or alleged crime at issue in the case of on his docket. But his ruling is nonetheless notable for the hoops it will make the government jump through to crack a cellphone in the post-Edward Snowden age.
Read more on Courthouse News.

Perhaps the next big privacy kerfuffle?
Taylor Armerding reports:
Parents expect schools to keep track of their kids. But in the digital era, keeping track is vastly different than it was a generation ago, thanks to Big Data analytics.
According to its advocates, this is a very good thing. Gathering individual information on students can lead to “personalized” and “adaptive” learning platforms. If technology can help students become more successful, what’s not to like?
A lot, say privacy advocates, since the collection of information on students goes well beyond data used to shape individual curriculums.
Read more on CSO Online.
[From the article:
In a recent blog post in the New York Times, Barnes said data collection is not just about attendance, grades, disciplinary records and learning aptitudes.
“Data gathering includes health, fitness and sleeping habits, sexual activity, prescription drug use, alcohol use and disciplinary matters. Students attitudes, sociability and even ‘enthusiasm’ are quantified, analyzed, recorded and dropped into giant data systems,” she wrote.

(Related) “It's for the children!” Clearly, anyone who thinks the government is wrong is mentally ill and needs to be medicated or institutionalized.
Using the Sandy Hook Elementary School massacre as its justification, the Obama administration has recently given the psychiatric business and pharmaceutical industry a major gift by quietly introducing a behavioral and mental health program in public schools throughout the United States. The maneuver was initially laid out on January 16, 2013 in President Obama’s executive policy, Now is the Time: The President’s Plan to Protect Our Children and Our Communities by Reducing Gun Violence.
Professor James F. Tracy writes:
The document is partly devoted to articulating Obama’s proposed gun control measures that failed to move gain legislative traction in 2013. Yet an under-reported section of Now is the Timeis applied to “making schools safer” and “improving mental health services” for students. [1] While presented by the Obama administration as “commonsense solutions to gun violence,“ one is left to consider the long range implications of such an initiative, particularly in light of the Affordable Care Act and the psychopharmaceutical complex’s never-ending drive to expand its clientele.
Read more on Global Research.
[From the article:
Introducing psychiatric explanations and methodologies into school environments guarantees a growing customer base for the psychiatric profession and pharmaceutical industry. Alongside government’s increasing control of healthcare, the technocratic surveillance and management of everyday thought and behavior is likewise emerging as part of what is deceptively termed “wellness.”

Perspective. Technology addiction.
Are You Compulsive About Texting & Driving? Survey Says…You Could Be
… A new survey commissioned by AT&T* and Dr. David Greenfield, founder of The Center for Internet and Technology Addiction and Assistant Clinical Professor of Psychiatry at The University of Connecticut School of Medicine, found that twice as many people as self-reported cell phone addiction are showing compulsive phone behaviors – with three-in-four people admitting to at least glancing at their phones while behind the wheel.
… The AT&T DriveMode** app for iPhone is now available on the App Store – making it the first free no-texting-while-driving application offered by a major U.S. wireless carrier that works on the iPhone. The app is easy to use. It silences incoming text message alerts, turns on automatically when one drives 15 MPH or more and turns off shortly after one stops. When activated, it automatically responds to incoming SMS and MMS text messages so the sender knows the text recipient is driving. It also allows parents with young drivers to receive a text message if the app is turned off.
To learn more about It Can Wait, please visit
The AT&T DriveMode app is available for free on the App Store for iPhone or at

About time someone learned to work the new technology! This article provides a good primer for marketers.
How Taylor Swift Rocks Social Marketing … And How You Can, Too
It's Taylor Swift's world, and we're just living in it. Not only is she taking over the pop charts with her new album "1989," she's taking the Internet by storm, too.
Celebrities are already known for their huge social media followings, but Swift's online presence is more than just a growing collection of fans. The 24-year-old country-turned-pop superstar has truly mastered the art of social networking, and her album and concert ticket sales aren't the only thing that will benefit from her online strategies — your business can, too.
Swift already has 46 million followers on Twitter, nearly 13 million Instagram followers and over 71 million Facebook fans. But where the star truly shines is on her latest social networking conquest: Tumblr.
Back in September, Swift joined Tumblr much to the delight of her fans (also known as #swifties). But to understand why this is such a big deal, first you need to understand Tumblr. Here's a breakdown:

(Related) Maybe. Perhaps in the next election, advertising on Facebook will determine our next president?
How Facebook Could Skew an Election
… To entice you to Vote (or, at least, click that button), Facebook listed a couple friends’s names and some profile pictures, and told me that 1.8 million other people had already done the same. (Which is a little staggering, since polls hadn’t even opened on the West Coast yet.)
… Facebook believes that in 2010, its election-day module was responsible for more than 600,000 additional votes.
In other words, to paraphrase Harvard professor Jonathan Zittrain, the 2000 presidential election—where George W. Bush won Florida by 537 votes—could have been altered by a Facebook election button.
… A Facebook vice president told Sifry that the experiments were conducted primarily to find out if changing the text of the share button—from “I’m a Voter” to “I Voted” to something else—affected how many people clicked it. We won’t be able to confirm anything about those experiments, though, until next year, when the academic results of the experiment come out. And even then, it’s likely that Facebook conducted other user tests that it will never publish in an academic journal.

How things will populate the Internet of Things?
Nest announces deal with Irish utility to offer its learning thermostats for free
Nest announced a partnership today with Electric Ireland to provide its smart thermostat for free to customers who sign a 2-year contract with the utility.
Details of the partnership were not immediately available. Fadell said the Nest Learning Thermostat would be distributed by Electric Ireland which has 1.5 million customers.

Another interesting Internet of Things article. Will smart vehicles tell the driver what's happening, or just the manufacturer?
The Internet-Connected Engine Will Change Trucking
It’s happened to all of us. You’re driving down the road and the “check engine” light appears on your dashboard. It could be something simple, like time for an oil change, or it could be something bigger. What do you do? Lose your car for a day while you take it to a service station? Keep on driving and hope for the best?
If you’re a commercial truck driver, the stakes are higher. An unplanned repair visit means losing a day of revenue, and potentially hurting your delivery schedule, for a condition that might be very minor. But if you decide to keep driving, you risk something far worse happening to your engine – and your livelihood.

Why Libraries [Still] Matter
… Librarians apprenticed to degrees in information science to know how to find things, and they coupled that skill with a professional commitment to neutrality, or at least absence of bias…libraries — real ones concerned with guarding and curating knowledge — remain crucial to free and open societies, and not simply because their traditional services within academia, from curation to preservation to research, remain in high demand by scholars. More broadly, they crucially complement the Web in its highest aspirations: to provide unfettered access to knowledge, and to link authors and readers in new ways. Here’s why….”

Interestinger... Learn to argue like a lawyer?
FreeLawProject Rolls Out Oral Argument Audio
Announcing Oral Arguments on CourtListener “We’re very excited to announce that CourtListener is currently in the process of rolling out support for Oral Argument audio. This is a feature that we’ve wanted for at least four years — our name is CourtListener, after all — and one that will bring a raft of new features to the project. We already have about 500 oral arguments on the site, and we’ve got many more we’ll be adding over the coming weeks. For now we are getting oral argument audio in real time from ten federal appellate courts. As we get this audio, we are using it to power a number of features:

The problem is, they gave Surface 3 tablets to users already trained/addicted to iPads. They should target users who are not already committed – like adjunct professors of computer security...
Despite its partnership with Microsoft, CNN commentators are more interested in using their iPad
Earlier this year, sports commentators in an NFL game kept on referring to the Surface as “iPad-like tools”. Now we have another such mishap happening. During the ongoing election coverage, the Redmond-based giant provided the CNN commentators with its Surface Pro 3 tablets, but many of them appeared to be more interested in iPads, which was concealed behind the Surface tablet.

Are we seeing a Putin who does not understand economics (or does not realize the importance of a strong currency) Or is this an undeclared economic war? (Dog-pile on Russia?) Reagan out-spent their military, is this Obama realizing that (with a few favors from oil producing countries) he can really sanction Russia for disrupting the Ukraine? (Probably no)
The Russian Rouble Is Getting Destroyed Again...
Russia's currency is taking another nosedive in early trading, hitting new record-lows against the dollar and the euro. Falling oil prices have compounded fears about the country's economy causing foreign currency to flood out of the country. The problem now is that the falling value of the rouble is itself causing problems for Russian companies, driving up import costs, squeezing profits and making foreign currency debt repayments hugely more expensive.
In short, Russia faces a death spiral of a falling rouble feeding fears of an economic collapse, which drive the rouble down further.

Dilbert illustrates the power of communication, miscommunication and ego, all in one cartoon.

Tuesday, November 04, 2014

For my Ethical Hackers and my Computer Security students.
Map of Industrial Control Systems on the Internet
  • “What is an Industrial Control System? In a nutshell, Industrial control systems (ICS) are computers that control the world around you. They’re responsible for managing the air conditioning in your office, the turbines at a power plant, the lighting at the theatre or the robots at a factory.
  • Power Plants on the Internet? Really? You’d be surprised! A lot of big industrial stuff that you wouldn’t expect to find on the Internet is being put online. And the problem is only getting worse as more people expect to be able to manage their business from their iPad. A few examples
  • See the Presentation – The latest research that generated the above map is being presented at the 4SICS conference in Stockholm. Visit the website to see the video once it becomes available. 4SICS Conference
  • Why are they on the Internet? The main reason these devices get put on the Internet is to save time and money so you can have a single technician maintain your infrastructure from anywhere in the world! [and you can have a single hacker disrupt your infrastructure from anywhere in the world. Bob] It saves a lot of money and is the way of the future, you just need to pay attention to how you do it.”

I'll discuss this with my Computer Security students.
Cybersecurity Requires Proactive Approach: Ernst & Young
That the cyber threat landscape is growing increasingly rocky for many businesses is difficult to dispute.
According to a new report from consulting firm Ernst & Young, addressing that reality requires businesses take a proactive approach to security. That begins with laying a foundation for security, starting with conducting a security assessment, creating a roadmap and getting board-level support. Unfortunately however, more than half those surveyed by Ernst & Young said their organizations are challenged by a lack of skilled resources, and 43 percent said their total information security budget will stay roughly the same in the coming 12 months despite increasing threats.

Not doubt the FBI will start quoting this, if they didn't write the script in the first place. “You don't want the US to fall behind, do you Congressman?”
British spy chief: Tech firms aiding terrorism
American tech giants are making it easier for terrorists to go undetected, the leader of a top British intelligence agency said on Monday.
The head of the Government Communications Headquarters (GCHQ) — the British equivalent of the National Security Agency (NSA) — called for a new partnership between intelligence agencies and top tech companies, which have grown increasingly distrustful of government spying.
“[I]ncreasingly [tech companies’] services not only host the material of violent extremism or child exploitation, but are the routes for the facilitation of crime and terrorism,” GCHQ Director Robert Hannigan wrote in a Financial Times op-ed.

Tech industry demands more money for evidence swaps
Eight major tech industry groups are demanding that congressional leaders allocate more money to deal with legal treaties that allow the U.S. to share evidence with other countries.
The Justice Department is under “a severe strain” to process requests from foreign countries, the groups wrote to Capitol Hill leaders on Monday, while the demand from abroad has grown.
As a result, many foreign governments have tried to get digital evidence directly from American companies’ servers and computers, putting the tech companies in a legally tricky place where they could risk violating the law.

What have we been telling you?
Michael Price writes:
I just bought a new TV. The old one had a good run, but after the volume got stuck on 63, I decided it was time to replace it. I am now the owner of a new “smart” TV, which promises to deliver streaming multimedia content, games, apps, social media and Internet browsing. Oh, and TV too.
The only problem is that I’m now afraid to use it. You would be too — if you read through the 46-page privacy policy.
The amount of data this thing collects is staggering. It logs where, when, how and for how long you use the TV. It sets tracking cookies and beacons designed to detect “when you have viewed particular content or a particular email message.” It records “the apps you use, the websites you visit, and how you interact with content.” It ignores “do-not-track” requests as a considered matter of policy.
It also has a built-in camera — with facial recognition.
Read more on Salon.
[From the article:
More troubling is the microphone. The TV boasts a “voice recognition” feature that allows viewers to control the screen with voice commands. But the service comes with a rather ominous warning: “Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party.” Got that? Don’t say personal or sensitive stuff in front of the TV.
… The FBI will not have to bug your living room; you will do it yourself.
Of course, there is always the “dumb” option. Users may have the ability to disable data collection, but it comes at a cost. The device will not function properly or allow the use of its high-tech features. This leaves consumers with an unacceptable choice between keeping up with technology and retaining their personal privacy.

(Related) The default is always “full surveillance.”
Yael Grauer reports:
Opening TextEdit in your MacBook to jot down some notes may feel like the digital equivalent of scrawling on the back of an envelope. Unfortunately, those unsaved notes may not be as private as you think they are—and likely haven’t been for a while.
If you’re like the majority of Mac users, you may think your in-progress files—the ones you haven’t explicitly saved—are being stored directly on your hard drive. And with FileVault 2, a full-disk encryption feature included with your OS, Apple has made it easy to encrypt the contents of your entire drive, offering an additional layer of security if your laptop is stolen—especially if you store your own recovery key.
But security researcher Jeffrey Paul recently noticed that Apple’s default autosave is storing in-progress files—the ones you haven’t explicitly saved yet—in the cloud, not on your hard drive. (Surprise!) Unless you decided to hit save before you start typing, or manually changed the default settings, those meeting notes, passwords, and credit card numbers you jotted down in “Untitled 17” are living in iCloud.
Read more on Slate.

How objective is this type of review. Does it take ethnic (or teenage) slang into consideration?
Joanna Rothkopf reports:
Last year, in an effort to improve security, the Huntsville City School district paid an ex-FBI agent Chris McRae $157,000 to monitor the social media activity of its 24,000 students. The effort was part of a program called SAFe, Students Against Fear, where students and faculty could file anonymous tips to McRae who would look through their social media accounts for any questionable material, including drugs, weapons, gangs or sex.
Yes, the security program seems like an overreaction and a violation of students’ rights. More alarmingly, however, is that of the 14 students who were ultimately expelled, 12 were black even though only 40 percent of the district’s students are black.
Read more on Salon.

This should be interesting.
Chad Hatmaker writes:
The Employee Online Privacy Act of 2014 will take effect Jan. 1, 2015, and it will apply to any person or entity that employs one or more employees. This includes state and local governments, as well as private businesses, and any agent, representative or designee of employers.
The act prohibits employers from:
  • Requesting or requiring employees or applicants to disclose a password to a personal Internet account;
  • Compelling employees or a pplicant to add the employer or an employment agency to their contacts associated with a personal Internet account;
  • Compelling employees or applicants to access a personal Internet account in the presence of the employer to enable the employer to observe its contents;
  • Discharging, failing to hire, or penalizing employees or applicants for refusing to comply with any of the above prohibited actions.
Read more on Knoxville News Sentinel.

Something for us non-lawyers?
Bork’s “Legislative Intent” and the Courts
Ginsburg, Douglas H., Bork’s “Legislative Intent” and the Courts (November 3, 2014). Antitrust Law Journal, Vol. 79, No. 3, pp. 941-951, 2014; George Mason Law & Economics Research Paper No. 14-59. Available for download at SSRN:
“Robert H. Bork’s influence upon modern antitrust law is difficult to overstate. One of his lasting legacies is his analysis of the legislative history, text, and structure of the Sherman Act, which led him to conclude the intent of the Congress passing it was to maximize consumer welfare and economic efficiency. That conclusion was adopted by the Supreme Court in 1979 and has formed the foundation for antitrust policy and enforcement ever since. This article explains the rationale for Bork’s “consumer welfare” thesis, recounts the history of its rise and the objections it engendered from other academics, and summarizes its salutary effect upon antitrust law and business practices.”

We've been saying this for years. Still no serious attempt at a solution. Perhaps Ms. Swift can make one work?
Taylor Swift Reminds Everyone How Broken Online Music Is Right Now
On Monday, Taylor Swift removed her entire back catalog from the streaming service. The change was announced in a Spotify corporate blog post that even the Gray Lady called passive-aggressive, entitled “On Taylor Swift’s Decision To Remove Her Music from Spotify.”
“We love Taylor Swift, and our more than 40 million users love her even more,” says Spotify’s announcement. “We hope she’ll change her mind and join us in building a new music economy that works for everyone.”
Swift’s old albums—though not her newest, 1989—are still available on smaller streaming services, like Rdio and Beats Music.
… a Buzzfeed reporter couldn’t figure out the per-stream price of Adele’s “Rolling in the Deep.” One source told her it made 19 cents per 60 streams; another said it made .91 of a cent.
… By limiting fans’s effortless access to her entire discography, they might be able to incentivize them to buy its newest member.
In other words, writes Kastrenakes, “Swift and her label are in the extremely uncommon position of having the power to pull this off and likely benefit from it.”

Strange that we don't have majors in these technologies, yet.
Cell Phones, Social Media and Campaign 2014
“Cell phones and social media platforms like Facebook and Twitter are playing an increasingly prominent role in how voters get political information and follow election news, according to a new national survey by the Pew Research Center. The proportion of Americans who use their cell phones to track political news or campaign coverage has doubled compared with the most recent midterm election: 28% of registered voters have used their cell phone in this way during the 2014 campaign, up from 13% in 2010.

Might be useful for my “Intro to” classes.
Free Webinar - Storyboards In the Classroom
Next Tuesday at 7pm EST I will be hosting another webinar on using storyboards in the classroom. In this free webinar sponsored by Aaron Sherman and I will share strategies and resources for using storyboards in your classroom. Click here to register.
Webinar highlights:
  • The benefits of using storyboards and comics to illustrate ideas.
  • How to use to create storyboards.
Everyone who attends the live webinar will be entered into a drawing for door prizes from and
Registration is limited to the first 200 people. Complete the following form if you know that you cannot attend the live webinar, but you would like to watch the recording.

More hope for my education.
Learn Almost Anything Online; Find Out Where With SlideRule
… Which brings me to SlideRule. This site acts as a search engine for online classes, with over 18,000 courses indexed. Some happen in real time, others are on-demand; some are from universities, others from nonprofit organizations. You can search classes, or browse them by category, until you find something worth spending your time learning.
For years we’ve been showing you how to take free college courses online. If you want to take an online course, but aren’t sure where to start looking, check Slide Rule first.

For my Marketing students. Harvard says so!
7 Marketing Technologies Every Company Must Use

For my geeks.
Mozilla Teases Browser For Developers
Mozilla is releasing a new Web browser designed specifically for developers. The mysterious browser, currently known only as the Firefox Developer Browser (#Fx10), will launch on November 10. In the teaser trailer embedded above, Mozilla promises the new browser will “debug the whole Web” and be “unique but familiar.
Mozilla’s blog post goes some way to explaining the thinking behind the new browser for developers: “When building for the Web, developers tend to use a myriad of different tools which often don’t work well together. This means you end up switching between different tools, platforms and browsers which can slow you down and make you less productive.” The new developer browser is designed to “make your lives easier.
Interested parties are invited to sign up to the Mozilla Hacks newsletter to be notified as soon as the Firefox browser for developers is released.

There are lots of tools like this online.
Block Posters - Use Standard Printers to Print Posters
If you have ever come across an infographic that you thought would make a good classroom poster, you should take a look at Block Posters. Block Posters is a web-based tool to which you can upload a high quality graphic then divide it into letter-sized chunks for printing. Print out each section and put them together on a poster board to make your own poster.
Applications for Education
Most teachers and students don't have ready access to printers that can handle poster-sized paper, but they do have access to standard letter-size printers. When you find a great infographic that you want to display in your classroom, Block Posters is a good tool to use to print it out. Want to create a giant jigsaw puzzle? Block Posters could be useful for that too.