Tuesday, March 03, 2015
Perhaps a corollary to “Those who do not study history are doomed to repeat it?” Think, “Those who do not do an adequate legal review are doomed to have an AG somewhere do it for them.” Or maybe, “Those who do not ask, 'What could possibly go wrong?' are doom to find out?”
Connecticut AG office investigating Lenovo’s use of Superfish software
… The investigation launched by Jepsen’s office will look into Lenovo’s sales of laptops which are pre-loaded with Superfish software.
Initiating the probe, Jepsen’s office sent letters to Lenovo as well as privately-held software maker Superfish last week, seeking information about the partnership of the two companies. Lenovo and Superfish have been asked to provide details like contracts and emails which discuss their collaboration.
No doubt my new book, “How to use new technology to steal even more!” will be a best seller.
Nandita Bose reports:
New technology about to be deployed by credit card companies will require U.S. consumers to carry a new kind of card and retailers across the nation to upgrade payment terminals. But despite a price tag of $8.65 billion, the shift will address only a narrow range of security issues.
Credit card companies have set an October deadline for the switch to chip-enabled cards, which come with embedded computer chips that make them far more difficult to clone.
Read more on Reuters.
[From the article:
… U.S. banks and card companies will not issue personal identification numbers (PINs) with the new credit cards, an additional security measure that would render stolen or lost cards virtually useless when making in-person purchases at a retail outlet. Instead, they will stick with the present system of requiring signatures.
… Chip technology has been widely used in Europe for nearly two decades, but banks there typically require PINs. Even so, the technology leaves data unprotected at three key points, security experts say: When it enters a payment terminal, when it is transmitted through a processor, and when it is stored in a retailer’s information systems. It also does not protect online transactions.
"The simplest way to circumvent chip-and-PIN is to use a stolen card number to make an online purchase," said Paul Kleinschnitz, a senior vice-president for cyber security solutions at card processor First Data Corp.
AVG apparently sees facial recognition as another form of virus?
AVG creates facial recognition blocking glasses
… AVG's new concept invisibility glasses which were presented at in Barcelona for the MWC 2015. Once you put them on, you're rendered instantly invisible to facial recognition software.
… AVG's glasses aren't available for purchase. They were designed just to be a concept model and get everyone talking about the big issue of online privacy. AVG is a security company that has been protecting consumers and their privacy from malware like last week's PowerOffHijack. These glasses are really a project that is symbolic of society's ever-growing lack of privacy and the extremes that we now have to take to protect it.
Let's see. This means no one responsible for computer security at the State Department noticed that there was no activity in the “SecretaryOfState@gov.us” account, no backups/history files were being created, and every email came from “HillaryForPresident.org?” Apparently the State Department does not work well at several levels.
Hillary Clinton's use of private email address while secretary of state draws scrutiny
Former Secretary of State Hillary Clinton used a personal email account to exclusively conduct official business during her time at the State Department, a move that raises questions about access to the full archive of her correspondence, as well as the possibility that she violated federal law requiring official messages to be retained for the record.
The existence of the account was discovered by the House select committee investigating the deadly 2012 attacks on the U.S. Consulate in Benghazi, Libya, and was first reported by The New York Times.
Clinton did not even have a government email address during her tenure as America's top diplomat, which lasted from 2009 to 2013, and The Times reports that her aides took no action to preserve her emails on department servers, as required by the Federal Records Act.
It's complicated. (Even lawyers think so)
A notification to the New Hampshire Attorney General’s Office from McDermott Will & Emery LLP provides a useful illustration of how some organizations may be struggling to determine their notification obligations to states as a result of the Anthem breach:
If a law firm has trouble figuring out their obligations, can you imagine what others are struggling with? Coincidentally, perhaps, an attorney at McDermott Will & Emery recently wrote an article on how states may be moving to require encryption as a result of breaches such as the Anthem breach.
Using the “obvious” checklist,, are we?
Legislation to Facilitate Cybersecurity Information Sharing: Economic Analysis
Legislation to Facilitate Cybersecurity Information Sharing: Economic Analysis. N. Eric Weiss, Specialist in Financial Economics. February 23, 2015.
“Data breaches, such as those at Target, Home Depot, Neiman Marcus, JPMorgan Chase, and Anthem, have affected financial records of tens of millions of households and seem to occur regularly. Companies typically respond by trying to increase their cybersecurity, hiring consultants, and purchasing new hardware and software. Policy analysts have suggested that sharing information about these breaches could be an effective and inexpensive part of improving cybersecurity. Firms share information directly on an ad hoc basis and through private-sector, nonprofit organizations such as Information Sharing and Analysis Centers (ISACs) that can analyze and disseminate information. Firms sometimes do not share information because of perceived legal risks, such as violating privacy or antitrust laws, and economic incentives, such as giving information that will benefit their competitors. A firm that has been attacked might prefer to keep such information private out of a worry that its sales or stock price will fall. Further, there are no existing mechanisms to reward firms for sharing information. Their competitors can take advantage of the information, but not contribute in turn. This lack of reciprocity, called “free riding” by economists, may discourage firms from sharing. Information that is shared may not be applicable to those receiving it, or it might be difficult to apply.”
For my students, even if they don't know it.
Matthew Johnson of Cooley LLP writes:
In January 2015, the US Department of Education has issued an advisory to all elementary and secondary schools on data privacy and security issues to be considered in negotiating agreements with online service providers or mobile applications. The Department also released “Model Terms of Service” that provides specific recommended provisions for such agreements, along with a short video dramatizing its recommendations.
Is the Department of Education Changing the Law Regarding Student Data Privacy?
No. This guidance document does not change the statutory or regulatory requirements related to data privacy and security in the educational field. In fact, the Department is quite explicit that the guidance embodied in the “Model Terms of Service” goes beyond what is required by the Family Educational Rights and Privacy Act (“FERPA”) and other federal laws.
Read more on Lexology.
...and we thought Texting while driving was a bad idea! (There must be a pun somewhere about this new way to get gas) Probably not just food.
Visa Partnerships Bring In-Car Purchase Experience
At the Mobile World Congress in Barcelona on March 2, Visa, Accenture and Pizza Hut announced a new proof-of-concept connected car program that will enable drivers to order and pay for pizza using car dashboard software. The partnership will combine Visa Checkout’s payments features, Accenture’s technical foundation to integrate the diverse technologies within the prototype and Pizza Hut’s mobile app ordering procedures as part of a trial network that will come to Northern California sometime this spring.
… Outside of the Pizza Hut partnership, having the ability to leverage Accenture’s technology could bring the innovative mobile food ordering experience to other merchants.
Not much there yet, but has potential for my programming students.
The Open Source Squad at the GSA
A team of open source evangelists is working within the General Services Administration as part of a federal initiative for more transparent government use of technology.
… The hub of this push for open source consolidation for government agencies is 18F's GitHub account.
… 18F developed a dashboard that lists all of its projects with a brief description. The progress of each is labeled with a tag indicating one of four development stages.
… The 18F GitHub site is at least one of two separate attempts by unconnected federal entities to spread the word about open source for government use. Govcode.org is another such effort.
No system-wide set of standards exists for software selection.
(Related) This could also be a tool for my Big Data students.
Government Agencies Turn to IFTTT to Make APIs Accessible
IFTTT (which is rebranding its main service as IF) is an API aggregation service that lets users create simple workflows triggered by specific events.
… With the TOU in place, agencies are now seeking the help of developers in understanding what APIs and workflows would be best set up as IFTTT channels.
A question for Class Action lawyers: Any money in age discrimination lawsuits? (Article 1)
Tinder Plus Costs More for Older Users
Dating app Tinder has launched its long-awaited premium service called Tinder Plus. But, rather controversially, it’s charging older users looking for love more money than it’s charging younger users looking for love.
In the U.S., users under the age of 30 will be charged $9.99-per-month for the upgrade, while users over the age of 30 will be charged $19.99-per-month. In the U.K. it’s even worse, with users under the age of 28 charged just £3.99 ($6), with users over the age of 28 charged £14.99 ($23).
… Tinder has defended the Tinder Plus business model, suggesting that, “during our testing we’ve learned, not surprisingly, that younger users are just as excited about Tinder Plus, but are more budget constrained and need a lower price to pull the trigger.” Which is an explanation, but not really a legitimate excuse.
Thankfully, there is an easy way to cheat the system, as Tinder pulls its information directly from Facebook when you sign up to use the service. So, if you were to, let’s say, change your year of birth on Facebook to qualify for the lower price, there isn’t much Tinder could do to stop you. Not that we’re suggesting you do anything so underhanded, obviously.
Definitely something for my gamer/geeks. (Article 3)
Epic Releases Unreal Engine 4 Free
Epic has announced that Unreal Engine 4, its cross-platform game engine, is now available for free to anyone who wants to use it. This is the full C++ source code which supports Windows, Mac, iOS, Android, Linux, and more besides.
Epic launched Unreal Engine 4 in March 2014, charging budding game designers $19-per-month plus five percent of the gross revenues made on any game released commercially. Now, the $19 fee is gone, and Epic wants five percent of any revenues over $3,000-per-quarter. Larger development studios can still negotiate their own deals.
For my students?
Princeton-Founded 'Friendsy' App Looking to Recapture Facebook's Early Magic
… The app is the brainchild of Princeton seniors Michael Pinsky and Vaidhy Murti, and is only available to verified college students with email addresses ending in ‘.edu.’ Pinsky and Vaidhy Murti created the company in 2013 because they felt as if competitors like Facebook, Tinder and Yik Tak failed to help students branch out of their social circles, according to the company.
“We’re trying to do to Tinder what Facebook did to Myspace,” Murti said in a statement. [I admit I have no idea what that means Bob]
For my researching students. Very cool! Enter the topic you are most interested in researching.
View Webs of Related Search Terms on WikiMindMap
Earlier today on the FreeTech4Teachers Facebook page someone asked if there is a way to create a mind map of Wikipedia entries. WikiMindMap.org does exactly that. On the site you can enter a search term and almost instantly see a web of related topics. In the video embedded below I provide a short overview of WikiMindMap.org
WikiMindMap.org can be a great tool for students who need a little bit of help altering their search terms. WikiMindMap.org can also be helpful to students who need to narrow the focus of their research from a broad topic to narrower subtopic.
Also for my students.
5 Effective Tools to Encrypt Your Secret Files
… We have seen how encryption tools like Bitlocker and secure zipping tools such as 7-Zip work. So here are 5 we have not already covered.
Something my students can use to coordinate team projects?
How to Use Strikeapp.com to Manage Tasks
A couple of weeks ago I wrote a post about a couple of sites that students can use to keep track of tasks. One of those sites was StrikeApp.com. There have been a few questions asked about it on the FreeTech4Teachers Facebook page so to answer those questions I recorded the short video that you see embedded below.
… One of the things that I like about StrikeApp.com is that students don't have to register on the site in order to use it. They simply start creating lists and each list is assigned a URL that they can share with you, their parents, or their classmates.
A bibliometric mapping of open educational resources
A bibliometric mapping of open educational resources, Airton Zancanaro, José Leomar Todesco, Fernando Ramos, The International Review of Research in Open and Distance Learning (IRRODL) Vol. 16, No. 1 (2015)
Dilbert has brilliantly summarized everything you need to know about performance reviews.