Wednesday, May 13, 2015

For my Computer Security students. Remember, the government wants to gather all your health data in one probably not too secure database. What a target!
Erin McCann reports:
The IT infrastructure office at the Department of Health and Human Services has some serious security problems. This after the office received a less than satisfactory security report card from the Office of Inspector General this week.
After reviewing the security controls at HHS’ Office of Information Technology Infrastructure and Operations, or ITIO, OIG officials found significant security deficiencies in several areas that could impact data security at multiple divisions of HHS.
Read more on HealthcareITNews.
[From the article:
"We identified some vulnerabilities that, if exploited, could have led to unauthorized disclosure, modification or unavailability of critical data," OIG officials wrote in the report.
Due to security reasons, those vulnerabilities were not specifically identified.
Other failings identified included improper antivirus management, inadequate tracking of IT assets and poor configuration management and USB port control access.
After conducting a similar review on HRSA IT security controls, the Office of Inspector General found similar deficiencies, with one of them being substandard encryption and anti-virus practices. HRSA which currently has a database of some 22 million people to whom it currently provides healthcare services.

The better trained your employees are, the more secure you are. What is security worth? Worth reading the entire post.
Today, Intel Security released the findings of their phishing quiz which tested consumer knowledge of, and ability to detect, phishing emails. The quiz presented 10 emails compiled by Intel Security and asked respondents to identify which of the emails were phishing attempts designed to steal personal information and which were legitimate. Of the approximately 19,000 survey respondents from 144 countries, only 3% were able to identify every example correctly and 80% of all respondents misidentified at least one of the phishing emails, which is all it takes to fall victim to an attack.
Cyberscammers use phishing emails to get consumers to click on links to websites they’ve created solely for the purpose of information theft. They trick users into typing their names, addresses, login IDs, passwords, and/or credit card information into fields on sites that look like they belong to real companies. In some cases, just clicking the link provided in the email will automatically download malware onto the user’s device. Once the malware is installed, hackers can easily steal the victim’s information without their knowledge.
Globally, the 35-44 year old age group performed best, answering an average of 68% of questions accurately. On average, women under the age of 18 and over the age of 55 appeared to have the most difficulty differentiating between legitimate and phony emails, identifying six out of 10 messages correctly. On the whole, men gave slightly more correct answers than women, averaging a 67% accuracy rate versus a 63% rate for women.
… For more information, please visit:

Another book on Privacy, on hold at my local library.
Randy Bean reports:
I recently attended a talk on the topic of intellectual privacy by Neil M. Richards, Professor of Law at Washington University in St. Louis, and author of the recently published book, Intellectual Privacy: Rethinking Civil Liberties in the Digital Age (Oxford University Press). The underlying message of his talk was bracing and cautionary. Privacy breaches, unethical hacking, and other invasions of data privacy so often lead to the establishment of guardrails and restrictions that limit our ability to experience greater convenience, enjoy more personalized consumer experiences, benefit from greater customer self-service, or learn from data that we now have access to. We don’t want to surrender our freedoms. We want the freedom to do with “our data” whatever we damn well please. Our intentions are good — upward and onward for the greater benefit of mankind, or for users of the next personalized mobile application.
Read more on Wall Street Journal.

In the post-Snowden era, it seems to be difficult to keep up all that Big Brother surveillance.
Russell Brandom reports:
On Monday, Washington state passed a new law requiring police to get a warrant before they use cell-site simulator tracking devices, known commonly as Stingrays. The devices have been widely deployed by law enforcement groups throughout the country but kept largely secret thanks to non-disclosure agreements and parallel construction techniques. The new Washington state law will be one of the most aggressive anti-tracking measures in the nation, although Virginia and Minnesota have adopted similar measures. It will also have an immediate effect on the Tacoma Police Department, which has been using a Stingray device in 2008.
Read more on The Verge.
[Parallel Construction defined:

(Related) Perhaps you should clear these more “innovative” ideas with the DA before you waste time and taint evidence? (Would it have been legal to put live police officers in place?)
David Kravets reports:
The Justice Department on Tuesday withdrew its appeal of a lower court’s December ruling that said it was illegal for police to attach a webcam to a utility pole and spy on a suspected drug dealer’s house in rural Washington state for six weeks.
The government did not comment on its decision to drop the appeal in a brief filing to the 9th US Circuit Court of Appeals.
Read more on Ars Technica.
[From the “illegal for police” article:
The Justice Department contended that the webcam, with pan-and-zoom capabilities that were operated from afar, was no different from a police officer's observation from the public right-of-way.
The government argued (PDF):
… US District Judge Edward Shea disagreed and ruled (PDF) that a warrant was necessary to spy on Leonel Vargas via a webcam controlled by local police.
… Strangely, the judge noted, when the authorities raided the house in May 2013, the camera was panned on nearby sagebrush and not the house.

Sort of like a 'fence' for stolen goods. In this case, the crammers trick users into clicking on a link then the ISPs launder the money for them. It's unclear if any of the crammers are refunding money.
Sprint, Verizon to pay $158 MILLION over bogus bill 'cramming' charges
… According to the FCC, the carriers looked the other way when dodgy companies signed customers up for services without warning them that would be billed recurring monthly charges.
Under the terms of the deal, Sprint will pay $68m in fines, while Verizon will cough $90m. Those figures will include $50m and $70m in consumer refunds, respectively.
The shady offerings – often advertised as offering horoscope readings or "life predictions" – hid the fact that they were subscription services that were billed as monthly recurring charges. A portion of the charges were kicked back to the telcos – 35 per cent in Sprint's case and 30 per cent for Verizon – which is why they are being held culpable.

A really interesting article.
What Is Strategy, Again?

This means my International students could use their smartphones to translate my lectures in real time!
Skype's amazing real-time Translator Preview now available to all
Your Star Trek-style universal communicator is ready for download.
Well, it's not exactly universal, but Microsoft's Skype Translator Preview is a step into the future. The company announced on Tuesday that the beta app is now available to all Windows 8.1 and Windows 10 Technical Preview users, no sign-up or wait list needed.
If you want to have a translated, spoken conversation with someone who speaks Italian, Mandarin, or Spanish, just download the free app from the Windows Store. Microsoft says Skype Translator works with almost any Skype client, meaning only you need to be the one with the Translator app enabled.
The app can also translate instant message conversations in more than 50 languages including the oh-so-geeky favorite: Klingon.
… During a Translator call, Microsoft advises you to use a headset with a microphone instead of a stand-alone mic. You should also use a wired connection rather than Wi-Fi. Translated calls also take longer to connect than a typical Skype call. You can find a complete list of Translator tips on Skype's site.

Clearly, I'm out of touch. I only recognize one name on this list.
How Much do the World’s Biggest YouTube Stars Make?
Who are the biggest money-makers on Google’s massive video service?
… Check out the infographic below for a fascinating breakdown of the dollars and cents. There’s also a fascinating look at the backstories of some of these YouTube superstars.
Check out the image and then hit the comments section below and let us know who are your favorite YouTube personalities out there right now!

For my non-geeky students. (The geeky one already know how)
Install Ubuntu On Your Computer Using a USB Flash Drive
Obtaining Ubuntu is super easy — all you have to do is download it from their website. But once you have the ISO file, what do you do with it? You could burn it to a DVD, or you can use a highly-reusable USB flash drive to get the job done.
Want to know more? Let me show you the entire process for every machine so you know exactly what you need to do to install Ubuntu properly on your computer with a USB flash drive.

Yeah, sure, I absolutely agree with Dilbert here.

No comments: