A breach at a basket (site) where (some) users
store all their eggs.
LastPass
Breached, Users Advised to Update Master Passwords
Officials
at password manager LastPass revealed the company has been
compromised in a data breach.
According
to LastPass CEO Joe Siegrist, an investigation into suspicious
activity detected and blocked on the company's network Friday has
revealed that LastPass user account email addresses, password
reminders, server per user salts and authentication hashes were
compromised.
"We
are confident that our encryption measures are sufficient to
protect the vast majority of users," he blogged. "LastPass
strengthens the authentication hash with a random salt and 100,000
rounds of server-side PBKDF2-SHA256, in addition to the rounds
performed client-side. This
additional strengthening makes it difficult to attack the stolen
hashes with any significant speed." [Which
I read as a jargon laced admission that eventual compromise is
inevitable. Bob]
… Rapid7
Security Engineering Manager Tod Beardsley said that he was pleased
to see that LastPass disclosed the breach in a weekend's time. He
added however that the attackers
apparently have all they need to start brute-forcing master
passwords.
"The
fact that the attackers are now armed with a list of LastPass users
by e-mail means that we may see some targeted phishing campaigns,
presenting users with fake “Update your LastPass master password”
links," said Beardsley.
I wonder how many times I have urged organizations
to turn on their logs. Without them it is very difficult to
determine what happened during breaches. That's why so many
organizations have difficulty determining what information was
compromised.
Log
management is leading use case for Big Data
Companies that have deployed Big Data solutions
are most likely to be using them for log management, according to a
study released last week by the SANS Institute. This security use
case was followed closely by data archiving, operational data
storage, advanced analytics, data discovery, and search.
According to the survey of more than 200
professionals in IT, security and compliance, more than half of the
55 percent of organizations that have deployed Big Data projects use
the technology for log management. In addition, of those who plan to
deploy Big Data in the next two years, 58 percent said that log
management is a priority.
Log data, intrusion alerts, and other types of
security-related information is a perfect fit for Big Data systems,
said Sam Heywood, director of the Cloudera Security Center of
Excellence at Cloudera, which sponsored the report.
The volumes are large, the information comes in a
variety of data types, and it's coming in at a high velocity.
… The study shows the level of trust that
companies are starting to put in their Big Data platforms, said
Heywood.
“Just letting you know we're serious.”
Facebook
taken to court by Belgian privacy watchdog
The country's Privacy Protection Commission (CPP)
also accused Facebook of tracking the browsing habits of non-users,
as well as its own members.
The action follows criticism of Facebook by the
same body in May.
Facebook said it was surprised that the CPP had
taken the "theatrical action" because it was due to meet
the watchdog this week to discuss its concerns.
The CPP said it took the decision because Facebook
did not provide "satisfactory answers" to the questions it
raised last month, according to a spokeswoman.
Facial
Recognition Stalemate Convinces Privacy Groups To Walk Out Of Tech
Industry Talks
Nine civil liberties and consumer groups have
abandoned talks with trade associations after the two sides failed to
find common ground over facial
recognition technology. Privacy groups have said companies like
Facebook should obtain an individuals' authorization before putting
someone's face in a database linked to their name and other personal
details.
Industry and privacy groups have spent 18 months
negotiating at the National Telecommunications and Information
Administration, a division of the U.S. Department of Commerce, to
create a voluntary code of conduct around the implementation of
facial recognition software. That ended Tuesday when the Electronic
Frontier Foundation, the Center for Democracy & Technology, the
American Civil Liberties Union and six others walked away, citing a
lack of cooperation.
“At a base minimum, people should be able to
walk down a public street without fear that companies they've never
heard of are tracking their every movement – and identifying them
by name – using facial recognition technology,” the groups said
in a statement to the New York Times. “Unfortunately, we have
been unable to obtain agreement even with that basic, specific
premise.”
Perspective.
Asia To
Surpass North America As Wealthiest Region In 2016; Fintech Set To
Change Wealth Management
Fast growth in Asia
and strong market performance drove much of the wealth growth in
2014, when worldwide assets reached a record-high $164.3 trillion,
according to the 2015 Global Wealth Report by the Boston
Consulting Group, Winning
the Growth Game. Wealth managers and advisory firms are also
anticipating the coming digital revolution in financial services,
though a tangible impact has yet to be felt.
… wealth in North America grew 5.6% to $50.8
trillion, making it the wealthiest region, but Asia-Pacific, not
including Japan, grew at 29.4% to $47.3 trillion. (Japan grew 2.5% in
2014.)
In fact, Asia-Pacific is expected to surpass North
America as the wealthiest region in 2016, with China (at 25% growth)
and India (at 44% growth) being the main catalysts.
(Related)
Number of
super rich in India tripled in 2014
One possible future?
What the
Office of the Future Might Look Like (Infographic)
Your Jetsons-esque
future could arrive sooner than you think, according to a recent
study from Johnson Controls, a Milwaukee, Wis.-based tech and
engineering firm that specializes in sustainable products. The
company put together a study that looks ahead 25 years to predict
what our offices and work days will look like in the future.
The authors of the study
foresee a future that is dominated by adaptable technology and
physical spaces.
Something I can use in many classes. I wish my
Data Management students thought about social media this way!
How Do You
Use Social Media? A 20-Something’s Theory of Social Media Niches
With the widespread use of major social media
platforms, it can be hard to understand why new ones keep being
created. Could this be because each social network actually only
fills one or two specific niches for users?
… How Many Apps Do We Need?
The fact of the matter is, if Facebook (or an
equivalent) was truly able to meet all of our online communication
needs there would be a limited market for other social media
platforms, and it would be unlikely for them to become successful.
Obviously, there are niches in communication that
major social media platforms have not been able to fill — leading
to the development and widespread use of new social media platforms.
Theory: A lot of these social
media niches exist because the development of any communication
feature comes at the expense of others.
For example, Facebook
is impossible for other social networks to compete with directly
because its popularity and use of your real name, real photos, and
real-life friend groups makes it an unparalleled resource for sharing
life events quickly with the people you care about. However, this
same functionality can make it an impossible platform for discussing
current events candidly, sharing photos as an event is occurring, or
for meeting people who have similar interests to you. Twitter,
Snapchat, and Tumblr, respectively, are three examples of apps that
have been developed to meet these communication needs.
… What Niche Does Each Social Media Platform
Fill?
[Nice
summary of 15 social media types follows Bob]
This is why I read Science Fiction. (Because the
future does not frighten SciFi authors.)
The
Earliest Accurate Predictions of Wikipedia, Skype, Netflix, Online
Learning, and The Internet Itself
No comments:
Post a Comment