Saturday, March 07, 2015
Bold, innovative, worth emulating! Technology from the 1990's (1994 to be specific) arrives in Washington!
The Federal Trade Commission has enabled secure encrypted browsing on its entire government website.
… Some government websites use this the security layer throughout their entire site, while others do not. Soltani noted that it is a best practice, even though it is not a requirement for federal websites “at this time.”
… “As a quick primer, HTTPS encryption secures your communications while in transit with websites so that only you and the website are able to view the content,” he wrote.
Perhaps redundant, but worth repeating.
Last week Director of National Intelligence James Clapper released the 2015 Worldwide Threat Assessment of the US Intelligence Community and testified about it before the Senate Armed Services Committee. “Cyber” tops the list of “global threats” again this year. As others have noted (see here and here), the Assessment and DNI Clapper’s opening statement contained a number of reveals, including attributing the 2014 attack on the Las Vegas Sands Corporation to Iran and announcing that “the Russian cyber threat is more severe than we’ve previously assessed.” I want to focus in this post on a few additional issues raised by the Assessment: its effort to shift the debate on the nature of cyber risk; its emphasis on threats to integrity of information; and its repeated references to private parties as actors in national cyber strategy.
Something for my Computer Security students to consider. Might make a good paper... Threats are increasing as costs fall. New “Things” need to be secured. Most security isn't that secure. But there are new tools to help.
Bracing for the Cyberthreat Deluge
Almost 17,000 malware alerts surface every week, the Ponemon Institute recently found.
Only 4 percent of alerts were investigated, and traditional antivirus products missed nearly 70 percent of malware in the first hour, researchers discovered in a recent Damballa study.
Rescanning led to identification of 66 percent of the malware in 24 hours and 72 percent after seven days. It took AV products more than six months to create signatures for 100 percent of the malware.
… Phishing attacks are only going to become easier, because the level of technological knowledge needed to launch them is falling. Cybercriminals are building and selling phishing kits for between US$2 and $10, according to Symantec.
… Most companies "are only investing in security to check the box," remarked Ray Suarez, director of product management at Core Security.
"About 10 percent of the companies I talk to are serious about security and approaching it appropriately," he told TechNewsWorld.
At large companies, there are "often only two or three people who are in charge of 50,000-plus assets, and ... so they are totally reactive," Suarez said.
… Things will get even worse as the Internet of Things becomes more widespread.
Right now, 50 percent of manufacturers surveyed by IDC and Flexera Software said they had developed intelligent devices, and another 21 percent planned to make their devices intelligent over the next two years.
… Rapid discovery and remediation can prevent damage, he maintained. Even if a network has been hacked, antifraud solutions might help.
One example is a device-based authentication service from Iovation. It checks the device used at every online transaction to authenticate that it belongs to the account holder.
Think of this as an opportunity to suggest some collaboration tools?
The head of the CIA is ordering sweeping structural changes he says will allow officials to wield new technological powers and face down threats.
… As one major part of the shake-up, Brennan on Friday announced a new focus on the “digital revolution” by prioritizing cybersecurity issues and new technology.
To do so, the agency is creating a new office responsible for making sure that workers across the CIA are integrating digital tools into their work. [Not the way to do it. Bob]
“Once is an accident. Twice is coincidence. Three times is an enemy action.” Ian Fleming Just saying.
A Third Blast on Oil Trains Stirs Scrutiny
For the third time in less than a month, a train carrying flammable crude oil has derailed and burst into flames, prompting questions over whether stricter measures being considered to ensure their safety will be enough.
All three accidents involved a newer generation of tank cars that are supposed to be sturdier and safer than older models.
I look forward to laughing at education every week.
Hack Education Weekly News
… Legislators in Arizona have decided to completely eliminate state support for its three largest community college districts, including Maricopa and Pima. More details via Inside Higher Ed.
… Wyoming governor Matt Mead has signed a bill that will allow the topic of climate change to be taught in the state.
… Alibaba and Peking University are launching a MOOC platform.
… “Some Owners of Private Colleges Turn a Tidy Profit by Going Nonprofit.” [Why else would they? Bob]
… Versal, a startup that allows anyone to make online lessons, has left beta and partnered with Wolfram Research. (Wolfram gadgets will be available to Versal users.)
For my Statistics students. Know when to fold 'em.
Bluff too often, get called too often.
Bluff too seldom, never get called.
To Bluff or Not to Bluff
Game theorists take a different view on bluffing. For Ehud Kalai, a professor of managerial economics and decision sciences at the Kellogg School and founding editor of Games and Economic Behavior, bluffing is primarily computational, not psychological. To win in any strategic game, it pays to be unpredictable, and game theory offers models for how to keep one’s opponent guessing.
“It’s straight mathematics,” Kalai says. “If I bluffed all the time, obviously my bluffing would be ineffective. But it’s not effective to under-bluff, either, because then I’m not making enough use of my reputation as a non-bluffer. If you never bluff, or bluff very rarely, you can use this reputation to bluff more effectively and increase your long-term winnings.”
For my Data Management and Business Intelligence students. (and a do-it-yourself guide)
How to Become a Data Scientist
Data science has gone from a newly coined term in 2007 to being one of the most sought-after disciplines in the professional world. But what does a data scientist really do? And how can you break into the field? Here’s what you need to know if you’re looking to get the skills to become a data scientist.
Dilbert forecasts how women will achieve parity.