Wednesday, June 24, 2015

Telling everyone that details of the breach are “classified” makes no sense if the Senators have already learned everything in the news and social media! Not surprising, politicians (even those who “run” government agencies) often make no sense.
Kaveh Waddell reports:
After weeks of revelations about cyberattacks that may have exposed the personal information of as many as 18 million federal workers, Katherine Archuleta, the director of the Office of Personnel Management, gave senators a classified briefing Tuesday to try to put lawmakers’ questions to rest.
But senators from both sides of the aisle say they were far from satisfied with what they learned behind closed doors.
Read more on National Journal.
[From the article:
… members of that subcommittee said they didn't hear anything new in the secret briefing later that day, even when it came to basic information about the extent of the hack.
"Generally we don't yet know the magnitude of the breach, or the consequences, or number of federal employees or personal information—the scope of the damage done," said Kansas Republican Jerry Moran. "So those questions that arose in this morning's hearing were not answered in this afternoon's classified briefing."

$19 million is the estimated cost of notifications and credit monitoring for affected employees, according to OPM director Katherine Archuleta, It’s not clear to me if she based that figure on the original 4.2M affected figure or a newer 18M estimate. And it doesn’t include notifications or credit monitoring for family members or others whose information was exposed in the employees’ files.
So expect the $19M figure to go up.
And up.
And then add in more forensics costs.
And more security upgrades.
And the cost of dealing with litigation.
And the cost in personnel time of dealing with this mess.
Yeah, this is a mess….

Something for my Ethical Hacking students. I wonder if we can reproduce it from the pictures. I bet we can. And a better antenna should increase the range a bit too.
Developed by researchers from Tel Aviv University and Israel’s Technion research institute, the device is built from components that total less than $300. While it uses techniques that have been demonstrated in the past—researchers have long known that the signals emitted by processors as they churn through calculations can be hijacked in order to obtain information—the team points out that it’s the smallest, cheapest implementation to date.

“All the better to serve you ads, my dear.” the Big Bad Wolf to Little Red Riding Hood (Internet fairytale version)
Google eavesdropping tool installed on computers without permission
Privacy campaigners and open source developers are up in arms over the secret installing of Google software which is capable of listening in on conversations held in front of a computer.
First spotted by open source developers, the Chromium browser – the open source basis for Google’s Chrome – began remotely installing audio-snooping code that was capable of listening to users.
It was designed to support Chrome’s new “OK, Google” hotword detection – which makes the computer respond when you talk to it – but was installed, and, some users have claimed, it is activated on computers without their permission.

Off hand I'd say the FAA is seriously underestimating the number of drones that will be in the sky. They also have to address conflicts on the radio control frequencies – you don't want me taking control of an Amazon drone!
Why Air Traffic Control Will Be Necessary for Future Drone Use
Drones, or unmanned aerial vehicles, could be the wave of the future. While they’ve been around for a number of years, only recently have they exploded in popularity. Businesses are even seeing the potential they have to offer, which could revolutionize the commercial landscape. The number of drones flying through the sky is expected to increase in the near future.
The FAA even predicts that by 2018, up to 7,500 drones (unmanned aircraft that weigh 55 pounds or less) will be occupying US airspace.
… At the moment, the FAA has released very few rules regarding the flight patterns of private drones. Those guidelines that have been released don’t necessarily make for a bright future for commercial drone use. On the positive side, the FAA says drone pilots don’t need an actual pilot license; all they have to do is pass a special test that gives them an operator certificate.

I suppose you could call it “convergence.” It might even make sense, but it could also be a harbinger of thing to come in the auto industry.
Nothing DRMs Like a Deere: Why Farmers Can’t Fix Their Own Tractors
John Deere, manufacturer of some of the world’s most popular tractors and farming equipment, recently submitted a letter to the U.S. Copyright Office asking it to forbid its customers from modifying the software that operates its machines. The implications here are huge: because of copyright laws, farmers cannot diagnose problems or make repairs on their own tractors.
… Six pages into John Deere’s letter to the Copyright Office, the company makes a jarring statement about ownership:
[…] the vehicle owner receives an implied license for the life of the vehicle to operate the vehicle, subject to any warranty limitations, disclaimers or other contractual limitations in the sales contract or documentation.

This is very strange. The Navy always gets the new/best toys, so what are they doing still using a 2001 operating system? (And can I use FOIA to get copies of the updates?)
Navy pays millions to keep using Windows XP
The Navy will pay more than $9 million to keep using Windows XP under a contract signed this month, Computerworld reported Tuesday.
The Space and Naval Warfare Systems Command (SPAWAR) will pay Microsoft $9,149,000 through the contract, which was approved earlier this month. It could eventually grow to be as large as $30,842,980 by 2017.

About time.
Data Requests Put Amazon Between Rock, Hard Place
Amazon's recently released first report on government requests for information revealed that from January to May, it received 813 subpoenas and 25 search warrants.
The company fully responded and provided all the requested information sought for 542 of the subpoenas. It partially responded and provided only some of the requested information for 126 of the cases, and it did not respond with any information for 145 cases. Amazon fully responded to 13 of the search warrants, partially responded to eight, and did not respond to four.

Big Data they can handle. I'm curious to see how quickly they can analyze DNA.
Google Partners With Broad Institute Of MIT And Harvard To Bring Genome Analysis Tool To Its Cloud Platform
Google today announced that it has partnered with the Broad Institute of MIT and Harvard to launch a limited alpha of the institute’s Genome Analysis Toolkit (GATK) on Google’s Cloud Platform and make it available as a service. The software, which was developed by the Broad Institute and helps scientists to quickly analyze genomic sequencing data, will be offered to academic researchers at no charge (though they will still have to pay for using Google’s Cloud Platform). Business users will have to license the software from Broad.
… DNA sequencing generates huge amounts of data (the raw data of the genome of one person takes up more than 100 gigabytes) and the Broad Institute has either sequenced or genotyped the equivalent of more than 1.4 million biological samples.

And yes, they have Jazz and Classical.
How Google thinks it can beat Apple Music and Spotify
While Apple, Spotify, and Pandora are all competing to become the dominant streaming music service, Google wants to make sure you haven't forgotten about its own music app: Google Play Music.

I wonder if I can use the Research and Report tools to help my students write better papers?
Google Launches News Lab
by Sabrina I. Pacifici on Jun 23, 2015
Official Google Blog: “…we’ve created the News Lab, a new effort at Google to empower innovation at the intersection of technology and media. Our mission is to collaborate with journalists and entrepreneurs to help build the future of media. And we’re tackling this in three ways: though ensuring our tools are made available to journalists around the world (and that newsrooms know how to use them); by getting helpful Google data sets in the hands of journalists everywhere; and through programs designed to build on some of the biggest opportunities that exist in the media industry today.”

Again, Wally illustrates a common Strategy failure. Like using an old (2008) textbook that makes no mention of social media!

No comments: