Saturday, April 04, 2015
I wonder how common this is? One thing I insisted on as a security manager was to regularly (monthly) report who had access to the manager responsible for that asset and to the accessing employee's manager. Apparently, that is not common banking practice?
Kathy Hieatt reports:
The city is investigating a security breach into its bank accounts, including at least one with more than $50 million, according to a news release this afternoon.
Two city employees who are not with the Treasurer’s Office had access to the city’s Bank of America checking accounts from home, according to the release. The City Auditor’s Office discovered the breach and had their access rescinded, it said.
Read more on The Virginian-Pilot.
The article provides a very good summary of de-identification. Could be the starting point for my Ethical Hackers to re-identify people.
Elizabeth Snell writes:
The de-identification of data is an important part of healthcare technology, especially as the use of EHRs and HIEs becomes more prominent. The HIPAA Privacy Rule states that once data has been de-identified, covered entities can use or disclose it without any limitation. The information is no longer considered PHI, and does not fall under the same regulations and restrictions as PHI.
But why would a facility need to de-identify data? What are the potential benefits of the de-identification of data? HealthITSecurity.com decided to dissect this aspect of HIPAA regulations, and explain what the de-identifcation process entails and how covered entities could benefit from the practice.
Read more on HealthITSecurity.com.
This should be interesting.
EFF – Automakers Say You Don’t Really Own Your Car
by Sabrina I. Pacifici on Apr 3, 2015
News release: “EFF is fighting for vehicle owners’ rights to inspect the code that runs their vehicles and to repair and modify their vehicles, or have a mechanic of their choice do the work. At the moment, the anti-circumvention prohibition in the Digital Millennium Copyright Act arguably restricts vehicle inspection, repair, and modification. If EFF is successful then vehicle owners will be free to inspect and tinker, as long as they don’t run afoul of other regulations, such as those governing vehicle emissions, safety, or copyright law. You can support EFF’s exemption requests by adding your name to the petition we’ll submit in the rulemaking. Most of the automakers operating in the US filed opposition comments through trade associations, along with a couple of other vehicle manufacturers. They warn that owners with the freedom to inspect and modify code will be capable of violating a wide range of laws and harming themselves and others. They say you shouldn’t be allowed to repair your own car because you might not do it right. They say you shouldn’t be allowed to modify the code in your car because you might defraud a used car purchaser by changing the mileage. They say no one should be allowed to even look at the code without the manufacturer’s permission because letting the public learn how cars work could help malicious hackers, “third-party software developers” (the horror!), and competitors. John Deere even argued that letting people modify car computer systems will result in them pirating music through the on-board entertainment system, which would be one of the more convoluted ways to copy media (and the exemption process doesn’t authorize copyright infringement, anyway).”
Would the same logic exempt online schools? Note that Netflix has committed to closed captioning – they don't want to exclude any possible market segment.
The Americans with Disabilities Act (ADA) does not apply to Netflix, a federal appeals court ruled this week.
“Because Netflix’s services are not connected to any ‘actual, physical place,’ Netflix is not subject to the ADA,” a three-judge panel on the U.S. Court of Appeals for the Ninth Circuit ruled.
War is an economic event. Not everyone understands that.
Experts say that, by starting the war with Ukraine, Vladimir Putin, might have lost the country irrevocably. The biggest loser of this situation is the Russian gas giant, Gazprom.
Gazprom has recently informed the Russian government that it would extend lower prices for gas deliveries to Ukraine beyond the period of the winter package which lasted until March 31st. The Kremlin agreed to grant Kyiv a price that is in fact lower than today’s prices on the European spot market. In the second quarter of 2015, Ukraine will be buying gas from Russia at the cost of 254,18 US dollars per 1000 square metres. In 2014, Ukrainians were made to pay 485,5 US dollars for the same quantity. How was this victory possible?
The European Commission is to provide between 800 million to 1 billion US dollars for Ukraine’s gas purchases. This money is supposed to help the Ukrainians increase their gas storage at least 12 billion cubic metres by November, which according to the Russians, is needed for sustaining the transit of gas to European customers.
… Mitigation of Gazprom’s stance is caused by the Kremlin’s actions in Ukraine. Because of that, Gazprom’s income in 2014 decreased by 70 per cent and decreased to around 3,3 billion US dollars. As a result, Gazprom had to decrease the dividend payments.
… Gazprom has become the advocate of Ukrainian interests in the Kremlin because the loss of Ukraine would be the kiss of death for the company, especially in the time of decreasing oil prices, diversification of energy and the decreasing demand for raw materials in the EU. The sanctions, which cut off the Russian banks and, therefore, also Gazprom from Western capital also add some pressure to this situation.
Weekly, I smile like a Great White.
Hack Education Weekly News
… The GAO has issued a very critical report about the Library of Congress’s digital infrastructure. (The LOC responds.)
… “Stanford just made tuition free for families earning less than $125,000 per year,” reports Vox. This extends the university’s financial aid program that currently applies to those earning less than $100,000 per year. [All you have to do is get accepted. Bob]
… Automated homework grading at MIT.
If you can make it work in Word, you can make it work in your Data Analysis programs.
You Should Learn Regular Expressions
Regular Expressions, or RegEx, are used for searching patterns in text. For instance, a RegEx like iP(hone|ad|od)s? will find mentions of any iOS device in a document. Knowledge of Regular Expressions is essential for programmers but they can be a great skill to have for non-developers as well – people who use Microsoft Word or spend hours inside Google Spreadsheets.
… Lea Verou’s presentation will give you a good overview of what Regular Expressions are and what you can do with them. Jeffrey Friedl’s book – Mastering Regular Expressions – is still the best printed reference for RegEx newbies and masters. You can explore RegexOne, an interactive Codecademy-like online tutorial for learning RegEx or go here for learning the basics of pattern matching.
RegExr is like a visual playground for Regular Expressions. You enter the text in one block and the RegEx in the other. As you edit the RegEx, the matching strings are highlighted in the input text. You can also hover over any character literal in the RegEx to know what it does. RegEx101 is a similar tool that also describes your RegEx in English as you write.
Regulex and RegExper are both open-source web apps that make it easy for you to understand and read Regular Expressions. You enter a RegEx and the tools will create a Railroad Diagram – for a string to match, it should be able to successfully move from left of the diagram all the way to the left along one of the available paths.
Windows users can download Expresso, a free program that will help beginners write both simple and complex regular expressions through a visual builder. Instead of coding the RegEx manually, you can select the components in a wizard. Reggy for Mac and RegEx Coach for Windows can also help you test regular expressions outside the browser.
Tools & Techniques for my students gathering data from social networks.
Find The Best Instagram Web Viewer: Your Options Compared