Friday, July 03, 2015

You need to demonstrate harm. Spending money to prevent harm is part of everyday risk management. How could you show that something Home Depot did (or didn't do) resulted in a specific, uniquely identifiable risk that you needed to take specific actions to avoid?
David Allison reports that Home Depot is seeking dismissal of a lawsuit filed by financial institutions by arguing that the financial institutions haven’t demonstrated any concrete injury traceable to Home Depot:
Home Depot goes to on say that “No individual bank alleges any harm that it specifically incurred as a result of the Home Depot data breach, and the majority of the types of damage the banks seek to recover are expenses voluntarily incurred to protect against possible future harm.”
The home improvement giant adds that “the banks’ complaint should be dismissed because the banks have not stated a single actionable claim against Home Depot.”
To read Home Depot’s complete response to the financial institutions’ lawsuit, click here.

My favorite kind of moron.
In Congress, bad policy ideas are like vampires: They are very hard to kill because they’re always somehow coming back from the dead. Such is the case with this year’s iteration of the Senate’s “cybersecurity information sharing” legislation, the Cybersecurity Information Sharing Act (CISA), offered by the chairman of the Senate Intelligence Committee, Sen. Richard Burr (R-NC).
The bill has been roundly criticized by a wide range of privacy and civil liberties groups, many of whom view the legislation as a de facto surveillance bill. Even though an attempt to attach CISA to the annual National Defense Authorization Act failed last month, rumors persist on Capitol Hill that CISA will rise from the dead in July and get another shot on the Senate floor, with the recent and massive hack of the Office of Personnel Management’s databases being used to justify moving forward with the bill.

Double Secret law? Like Dean Wormer treats Animal House (and in this case, the Animal Senate)
Alex Newman writes:
Senator Rand Paul (R-Ky.) and the group Republicans Overseas Action are planning a lawsuit against the Obama administration’s Treasury Department and the Internal Revenue Service, the latest effort to stop a deeply controversial scheme known as the Foreign Account Tax Compliance Act (FATCA) that turns constitutional privacy protections upside down. Represented by a leading constitutional attorney, Senator Paul is taking aim at a barrage of pseudo-treaties — so-called “Intergovernmental Agreements” (IGAs) — negotiated by the administration with foreign governments and dictatorships under FATCA to share personal data. Critics contend that the information-sharing agreements and the statute itself are unconstitutional for numerous reasons.
Read more on The New American.

Interesting. Has nothing to do with reality. Go figure...
Unisys Security Insights – Report for US
by Sabrina I. Pacifici on Jul 2, 2015
Consumers in the U.S. are most concerned about data breaches at retailers and government agencies. U.S. consumers indicated relatively lower levels of concern about data breaches at other organizations such as airlines, healthcare and telecom companies. Interestingly, the perceived threat of data breaches is low for banks and utilities, possibly reflecting traditional high levels of trust in the security of these organization
  • 44 percent American respondents are most concerned about their personal data held by retailers, as many consumers seem to be losing trust in retail data security owing to recent high profile breaches.
  • Concerns about unauthorized access to personal data held by U.S. government agencies is somewhat high (39 percent), also possibly due to the recent publicized breaches.
Perceptions concerning the effectiveness of biometrics on personal devices are mixed in the U.S. About one-third view biometrics as effective, while a similar proportion is unsure.”

Very Zen headline, very loud communication, very annoying students? Why it probably won't spread much beyond China.
How to Use a Texting App Without Sending a Text
Voice messaging—or sending short audio clips instead of text messages—has taken China by storm. Step on a Beijing subway and you’ll see people barking into their phones intermittently, as if they’re using walkie-talkies.
… In theory, voice messaging (also known as “push-to-talk”) should be popular everywhere. Rather than fumbling with a tiny pixelated keyboard, users simply press a button and speak. [Have you ever seen a Chinese keyboard? Bob] Typos are an impossibility, because the recipient gets a recording, not text. You can free up your other hand, and watch where you’re going—much safer than texting while you walk (or drive).

Not just for my programming students. Good advice translated to any area of study.
10 Tips To Becoming A Better Programmer

A cautionary tale for ALL my students.
Paper – Internet searching not a substitute for knowledge
by Sabrina I. Pacifici on Jul 2, 2015
“Searching the Internet for information may make people feel smarter than they actually are, according to new research published by the American Psychological Association. “The Internet is such a powerful environment, where you can enter any question, and you basically have access to the world’s knowledge at your fingertips,” said lead researcher Matthew Fisher, a fourth-year doctoral candidate in psychology at Yale University. “It becomes easier to confuse your own knowledge with this external source. When people are truly on their own, they may be wildly inaccurate about how much they know and how dependent they are on the Internet.” In a series of experiments, participants who searched for information on the Internet believed they were more knowledgeable than a control group about topics unrelated to the online searches. In a result that surprised the researchers, participants had an inflated sense of their own knowledge after searching the Internet even when they couldn’t find the information they were looking for. After conducting Internet searches, participants also believed their brains were more active than the control group did. The research was published online in the Journal of Experimental Psychology: General.”

No comments: