Saturday, July 18, 2015
Looks like another third party breach. Was the vendor held to CVS standards? (If so, all of CVS is vulnerable)
CVSPhoto.com goes dark in wake of breach: Should CVS customers worry?
CVS recently shut down its online photo services after discovering that a potential data breach may have compromised customer credit card information.
The drugstore chain did not say how many customers may have been affected, but said the breach was limited to transactions made through CVSPhoto.com; those who have made transactions in-store and through CVS’s main site, CVS.com, are safe.
… We are working closely with the vendor and our financial partners and will share updates as we know more.
“No evidence” translates to “We don't bother keeping logs” You would think that someone would “invent” better language for these press releases. Words that don't make your organization look totally incompetent,
UCLA Health announced today it was a victim of a criminal cyber attack. While the attackers accessed parts of the computer network that contain personal and medical information, UCLA Health has no evidence at this time [Are they expecting a miracle at some future time? Bob] that the cyber attacker actually accessed or acquired any individual’s personal or medical information.
UCLA Health estimates that data on as many as 4.5 million individuals potentially may have been involved in the attack, believed to be the work of criminal hackers. UCLA Health is working with investigators from the Federal Bureau of Investigation, and has hired private computer forensic experts to further secure information on network servers. [Because our current security sucks, Bob]
… We have taken significant steps to further protect data and strengthen our network against another cyber attack.” [Our security sucks significantly! Bob]
… UCLA Health detected suspicious activity in its network in October 2014, and began an investigation with assistance from the FBI. At that time, it did not appear that the attackers had gained access to the parts of the network that contain personal and medical information. As part of that ongoing investigation, on May 5, 2015, UCLA Health determined that the attackers had accessed parts of the UCLA Health network that contain personal information such as names, addresses, dates of birth, Social Security numbers, medical record numbers, Medicare or health plan ID numbers and some medical information. Based on the continuing investigation, it appears that the attackers may have had access to these parts of the network as early as September 2014. We continue to investigate this matter.
This too is infrastructure.
FCC Cracking Down on 911 Service Failures
For three hours last August, almost all T-Mobile US Inc. ’s about 50 million customers couldn’t reach 911.
The nationwide outage, disclosed on Friday, was at least the third major outage by a variety of telecom operators of the 911 call system in three years, raising concerns among federal regulators that the country’s emergency response system is becoming more vulnerable.
… In the past any outage was localized. Now it can affect millions of people in multiple states, whether they use cellphones or landlines.
Regulators slapped T-Mobile with a record $17.5 million fine for the malfunction that debilitated the part of carrier’s network that handles emergency calls.
Not real clear what this means. If DHS is scanning everything that comes into government sites (“incoming”) “amped up” can't mean increasing the volume of scans. So how do you scan more intensely? Broaden your “patterns?” Expand your definition of “malicious?” Then, if some bad actor invents a new way to hack into government systems, we will delete all the evidence because it did not appear to be a threat?
There’s A Plan to Immediately Purge Some Governmentwide Network Surveillance Data
After a series of stinging government hacks, the Department of Homeland Security said scans of incoming Internet traffic from the public would be amped up. It has been unclear how this monitoring might affect the privacy of citizens and employees.
Now, a little-noticed National Archives and Records Administration assessment offers some insight: Any surveillance data collected that does not trigger alarms will be erased pronto, according to a pending records disposal plan.
DHS’ National Cybersecurity Protection System, better known as EINSTEIN, collects streams of traffic containing, among other things, emails and Web-surfing habits, to flag patterns indicative of known malicious attacks.
Should be a great source of redactions.
On Thursday, a federal district court in New York issued its latest ruling in the ACLU’s long-running Freedom of Information Act (FOIA) litigation seeking the legal and factual bases of the 2011 drone strike that killed three Americans in Yemen. The 160-page opinion addresses hundreds of records withheld by the Justice Department’s Office of Legal Counsel (OLC), CIA, and Defense Department. The opinion itself is heavily redacted, a product of well over a month of classification review by the government, and a testament to the overbroad secrecy which has pervaded this litigation.
In 2013, the same court deferred to the government’s refusal to confirm or deny whether it possessed documents responsive to the ACLU’s FOIA request. But the Second Circuit conclusively rejected this argument, forcing the government to release a redacted version of a 41-page July 2010 OLC Memo, and ordering the agencies to submit indexes enumerating and describing the other withheld documents.
We remember privacy!
UK surveillance report affirms privacy concerns
by Sabrina I. Pacifici on Jul 17, 2015
The Guardian: “Privacy campaigners have secured significant concessions in a key report into surveillance by the British security agencies published on Tuesday. The 132-page report, A Democratic Licence To Operate, which Nick Clegg commissioned last year in the wake of revelations by the US whistleblower Edward Snowden, acknowledges the importance of privacy concerns. “Privacy is an essential prerequisite to the exercise of individual freedom, and its erosion weakens the constitutional foundations on which democracy and good governance have traditionally been based in this country,” the report says. It says that there are “inadequacies in both law and oversight that have helped create a credibility gap that has undermined public confidence”. The report proposes that the intelligence services retain the power to collect bulk communications data on the private lives of British citizens, but it also now concedes that privacy must be a consideration throughout the process. The report, written for the Royal United Services Institute (RUSI) by a panel that includes three former heads of UK intelligence agencies, also calls for an overhaul of existing legislation.”
Where have all the Spammers gone, long time passing
Where have all the Spammers gone, long time ago?
Where have all the Spammers gone?
Gone to Social Networks everyone.
Oh, when will they ever learn?
Oh, when will they ever learn?
Email Spam Rates Dip Below 50 Percent
… According to the latest Symantec Intelligence Report, the last time the security firm recorded a similarly low spam rate was in September 2003.
Years ago, you couldn't be a “good parent” without a copy of Dr Spock's “Baby and Child Care ” Now you need a global network?
Parents and Social Media
Social media networks have become vital channels for Americans’ daily interactions. Users rely on these platforms to keep in touch with family and friends, gather information and share what is important to them. This report explores how parents – 75% of whom use social media – turn to social media for parenting-related information and social support.
71% of all parents on social media try to respond if they know the answer to a question posed by someone in their online network.
Perspective. Some companies are worth more split apart. eg. Standard Oil
What’s Left of eBay After Shedding More Than Half of its Business
E-commerce giant eBay (EBAY) completed its PayPal spinoff on Friday, a plan that was announced in September of last year, after months of urging from activist investor Carl Icahn. Starting Monday, PayPal (PYPL) will be a separate publicly-traded company.
PayPal will be the bigger company post-split with analysts estimating that it will be valued at roughly $45 billion. eBay is expected to have a market cap of at least $30 billion.
… Now that the companies have split, here is what’s left of the eBay business:
eBay Marketplaces: This is the division that people associate with eBay.
eBay Classifieds: A competitor of Craigslist
StubHub: A platform for buying and selling tickets to concerts and events
(Related) Some do fine as they are.
Google market value surges $65 billion
Google Inc's shares surged over 16 per cent on Friday, adding about $65 billion to its market value, as strong growth in mobile ad revenue allayed concerns its YouTube business could be hurt by Facebook Inc's push into video.
The surge in the stock, which sent the Nasdaq composite index to a record high, came a day after Google reported better-than-expected revenue and profit for the first time in six quarters.
Google's Class A (with voting rights) shares surged 16.26 per cent to end at an all-time high of $699.62, a day after reporting strong ad revenue growth. It was Google's largest one-day percentage gain since April 2008.
(Related) And some just need a kind word.
Shares of Etsy, the e-commerce Web site for handmade and vintage items, jumped 31 percent on Friday — thanks to a positive brief mention by Google the day before.
I know a few innovative students...
Microsoft's new Office contest wants students to showcase their creativity
… The Microsoft PC Accessories team is hosting a contest where students write about how they use technology to be creative. Students will submit a Word document written with no more than 300 words to firstname.lastname@example.org. Contestants must also provide their name, the school name of where they attend, and an email address. The full rules for the contest are located here.
(Related) And this for people who don't have facility with words.
Taco Bell is helping lead the charge to add a taco. Several publications have suggested their own additions. And more than 15,000 supporters of the redheaded community are campaigning for representation on Change.org.
Now, Jeremy Burge, emoji afficianado and founder of a website called Emojipedia, has created a social media campaign called World Emoji Day, which he set for July 17 based on the calendar shown on iPhones. (Because of differences in how services and operating systems interpret code, the calendar reads July 15 on Twitter or no date at all on Android.)
… Emojipedia keeps track of the additions, including the most recent wave that added 41 characters, including a unicorn and a “nerd face.” [No, it does not look like me! Bob]
Joel Schneider, CEO of Bud+Breakfast Opens 3rd Location
July 16th marks the official launch of Bud+Breakfast’s San Ayre, Colorado location. San Ayre represents Bud+Breakfast’s third location and they have now doubled in capacity. The first continental, cannabis friendly, breakfast took place this morning and happy hour kicks off at 4:20 every day. Bud+Breakfast is the premier cannabis-friendly lodging and hospitality company in the United States.
My Saturday sillies!
Hack Education Weekly News
… ConnectHome: a new Obama Administration initiative to expand access to broadband to low-income families in order to address the “homework gap.”
… Students Matter, an advocacy group that sued California over its teacher tenure laws, is now suing 13 school districts in the state for not using test scores in teacher evaluations.
… The University of Michigan is going Nike with “a deal valued at $169 million that begins Aug. 1, 2016 and runs through 2027, with a school option to extend it to 2031. Nike will supply uniforms, footwear, apparel and equipment for all 31 varsity athletic teams. The financial terms total $122.3 million guaranteed, with Michigan receiving $12 million cash up front (due Thursday), $56.8 million in equipment and apparel and $53.5 million total in cash, paid annually.” [Better than Grants! Do you think they would sponsor our Math club? Bob]
… Software that UK schools are using to monitor students’ Internet use has a major security flaw: “a flaw in the company’s encryption protocols which could allow almost anyone to gain full access to computers running the Impero software, run software such as spyware on the systems, or access files and records stored on them.”
… According to a study from the Rennie Center for Education Research and Policy (as reported in The Atlantic), “dual-enrollment programs, where students take classes simultaneously in high school and at a local college, have proven especially successful at getting less-affluent and first-generation students into college – and through it.”
For our Business Communications students?
How to Get More Likes and Shares on Facebook, According to Researchers
For all my students.
Free Microsoft Word Resume Templates to Help You Land Your Dream Job
For the research toolkit.
Limit Your Google Search to Official US State Web Sites
by Sabrina I. Pacifici on Jul 16, 2015
Via ResearchBuzz who created this very useful app – “So I made a list of the fifty states, with these three domain types for each state, and dumped it into a custom Google search engine that’s available at http://www.google.com/cse/home?cx=017167864583314760984:iecnygefhky. Put in any keywords you want and your search results will be restricted to official state Web sites on.”
Set this next to our Windows 10 demo machine.
A Guide to the Windows 10 Start Menu
Dilbert perfectly illustrates our fascination with technology toys.