How should I classify this article? It's not
really computer security nor is it a privacy violation. Should we
call it 'being a corporate good citizen?' I would not have seen the
need to scan for child porn, but maybe I need to change my thinking.
This article makes it sound much more common than I would have
believed. Is there a threshold level (some statistical level of
occurrence) such that if I have no indication a crime is being
committed I should still look for evidence of that crime?
First Firms
Blocked Porn. Now They Scan for Child Sex Images
The first alarm came within a week. It meant an
Ericsson AB
employee had used a company computer to view images categorized by
law enforcement as child sexual abuse.
“It was faster than we would have wanted,”
says Nina Macpherson, Ericsson’s chief legal officer.
In a bid to ensure none of its 114,000 staff
worldwide were using company equipment to view illegal content, in
2011 the Swedish mobile networks pioneer installed scanning software
from Netclean
Technologies AB. While many companies since then have adopted
similar measures, few have been willing to discuss their experience
publicly.
… Since installing the system, Ericsson
says it has been dealing with around one alarm each month
– each one flagging an act that could lead to prosecution.
… The alerts – invisible to the person who
triggers them – are sent via e-mail and text message to Ericsson’s
group security adviser, Patrik HÃ¥kansson, a former detective chief
inspector from Sweden’s National Police IT Crime Squad. He’s
confident that the digital fingerprint system means the software only
raises the alarm when it detects images already on an international
child abuse blacklist.
“There are no false positives; the technology
won’t show up any pictures of children on the beach,” says
HÃ¥kansson.
His job is to confirm that the illegal pictures
have indeed been handled on company equipment, and by whom. In
the U.S. the FBI must be called immediately. In other
markets Ericsson can carry out some internal investigations before
involving law enforcement.
… Ericsson employees sign a form consenting to
being observed. Does that equate to spying on staff? As long as
companies are upfront and explain to employees they are being
monitored, there “can’t be any expectation of privacy,’’ says
Stuart Neilson, a London-based employment lawyer.
That’s important, because there
are also risks for any company that knows its equipment is being used
illegally and doesn’t act. “If the organization has
evidence that an employee has been accessing these sites but has done
nothing with that evidence, then the employer might be liable,’’
Neilson says.
For my Computer Security students. If you block
sites like Reddit, then you need to watch for people using these
“work arounds.” (What we really need is a system to reduce an
employees work hours by the time they spend on non-work tasks.)
How to
Browse Reddit at Work Without Getting Caught
Reddit
is addictive — so much so that many people can’t even go 24
hours without it. That kind of addiction is bad news when you work
in an office environment. It’s just too tempting and too
easy to Reddit
while you work.
So if you want to make it less obvious that you’re
wasting so much of your employer’s time, you should think
about using MSOutlookit:
This site replicates the content of Reddit but
wraps it up in the aesthetics of Outlook 2007. Each email displays
the username, title, and score of each post. You can switch
subreddits by changing the email category, but the selection is a bit
limited.
For my Chrome using students.
Meet eFast:
This Malware REPLACES Your Browser With Adware
Malware that targets the browser is nothing new.
But malware that replaces an already existing browser with
one designed to track online movements, hijack search traffic, and
fill each page with unwanted adverts? Yeah, that’s pretty
interesting.
The eFast Browser was discovered by the
MalwareBytes team a
few days ago, and it does all of the above, and more.
Perhaps the worst thing about eFast Browser is
that unless you’re especially observant, you might not even notice
it’s there, as it takes great pains to camouflage itself.
For starters, it looks and feels like the
bona-fide
Chrome browser, as it’s built on the Chromium Browser.
These take time and then the company doesn't want
to see reminders of its breach back in the news so I don't always
catch these settlements. As usual, they make a good case for
attending law school.
Sony's
Settlement With Employees Over Hacked Data Worth More Than $5.5
Million
Sony Pictures will be paying somewhere in the
neighborhood of $5.5 million to $8 million to resolve a class action
lawsuit over a large hack attack last winter that left the personal
information of employees and ex-employees vulnerable. The details of
the settlement were revealed in court papers on Monday night.
… The proposed deal contemplates a
$2 million cash fund to reimburse class members up to
$1,000 each for preventive measures taken to protect against identity
theft. Meanwhile, the
class action lawyers who represented the plaintiffs would be getting
almost $3.5 million.
Might be useful. Download a copy and see.
The California County Superintendents Educational
Services Association has
produced a data privacy guide for districts containing a range of
best practices, sample vendor contracts, and steps
to take when a data breach occurs.
This may just be Fox being Fox. On the other
hand, it may be another indication that the government is about to
dump on Hillary. How much has she irritated people? Stay tuned.
FBN
Exclusive: DOJ Officials Fear Foreign Telecoms Hacked Clinton Emails,
Server
Officials close to the matter at the Department of
Justice are concerned the emails Hillary Clinton sent from her
personal devices while overseas on business as U.S. Secretary of
State were breached by foreign telecoms in the countries she
visited—a list which includes China.
… The Justice Department officials also used
the words “reckless", “stunning,” and “unbelievable”
in discussing the controversy swirling around Clinton’s use of a
private, nongovernment email account, as well as her use of a
personal Blackberry, an Apple iPad, and home server while U.S.
Secretary of State. The
officials did not indicate they have any knowledge of a breach at
this point.
As for the effort to designate Clinton’s emails
as classified or unclassified, the Justice Department officials
agreed that, as one put it: “Every email she sent is classified
because she herself is classified, because she is both Secretary of
State and a former first lady.”
… FOX News recently reported that an
intelligence source familiar with the FBI’s probe into Clinton’s
server said that the
FBI is now focused on whether there were violations of the federal
Espionage Act pertaining to "gross negligence" in the
safeguarding of national defense information. Sets of emails
released show that Clinton and top aides continuously sent
information about foreign governments and sensitive conversations
with world leaders, among other things, FOX News reported.
If you really want to protect your communication,
don't rely on someone else to encrypt your data. Do it yourself
(it's fast and free) then if these bozos decrypt their “unbreakable”
encryption for law enforcement or for their own amusement, they will
find apparent gibberish. Let them ask you for the encryption key
like good little boys and girls.
Apple Tells
Judge It Can’t Unlock New iPhones
Apple Inc. told a federal judge that it “would
be impossible” to access user data on a locked iPhone running one
of the newer operating systems, but that it could likely help the
government unlock an older phone.
In
a brief filed late Monday, the company said “in most cases now
and in the future” it will be unable to assist the government in
unlocking a password-protected iPhone. The brief was filed at the
invitation of U.S. Magistrate Judge James
Orenstein, who is considering a request from the Justice Department
that he order Apple to help government investigators access a seized
iPhone.
… Judge
Orenstein, in
an earlier ruling in the case, was doubtful that he had the
authority to force Apple to help the government. The Justice
Department has said in this case and others that federal judges have
such power under the All Writs Act, an 18th-century law.
Think about cats out of bags. I may not tell you
everything I know, but I have no problem discussing any published
facts. Speculation is just that and I can come up with more
scenarios than you can possibly imagine. It's one of the things I
was trained to do.
Four weeks ago, Bart Gellman of the Century
Foundation delivered a keynote address at Purdue University’s “Dawn
or Doom?” colloquium. His topic was “The NSA, Edward Snowden,
and National Security Journalism.” As part of his lecture, Gellman
displayed slides of a handful of the documents that Snowden leaked
(some of which Gellman published in the Washington Post), which
describe certain NSA mass data collection programs, including
Upstream and PRISM. Purdue live-streamed the lecture, and told
Gellman it would be posted online shortly.
But Purdue has not posted the Gellman lecture
video. Nor, in all probability, will the video ever be posted ...
because it no longer exists: Purdue apparently “wiped” all
copies of the lecture video from university servers because it
contained screen shots of the Snowden documents. On October 8, the
organizer of the conference, Dr. Gerry McCartney, from Purdue’s
Chief Information Office, posted this statement on behalf of the
university, offering an alarming excuse for Purdue’s actions:
Purdue has been recognized as a national leader in its commitment to freedom of expression and free and open inquiry and debate. We reject entirely the notion that complying with clear federal law is in any way an abridgment of those principles. We have already acknowledged that perhaps a better way to comply would have been to block only the classified information in question. And if we can correct that situation, we will. But a speaker’s decision to exercise civil disobedience does not obligate Purdue to join him in that act.
I like anything that helps me understand the law –
God© knows I need all the
help I can get.
Perspective. It occurred to me recently that I am
no longer subjected to the dreaded, “Let me show you the slides of
our vacation!” Now the send me an email with pictures attached,
which I can ignore at my leisure.
Google Photos is less than half a year old, but
it's already hit a major milestone with more
than 100 million monthly active users, the company announced
today. The unlimited photo service comes with apps available on iOS,
Android, and on the web, and it was spun off from the company's
Google+ social network in May, to much rejoicing. Google Photos was
hailed
at launch for its simplicity and for combining many of the
disparate features of competitors like Dropbox's Carousel, Apple's
iCloud, and Yahoo's Flickr into a single service.
To hit 100 million users in just five months is no
easy feat. It took both Pinterest and Twitter about
five years to hit that benchmark. Even Instagram's explosive
popularity back in 2010 meant it still took the startup around two
and a half years to reach the 100 million mark.
Useful for my students or their children? Either
way, thanks Facebook! I need to explre this more, but it really does
look useful.
Announcing
the Launch of TechPrep
… At Facebook, we’re working on a number of
initiatives to widen the pipeline and build an inclusive culture.
After looking closely at the data, we realized that one challenge is
a lack of exposure to computer science and careers in technology, as
well as a lack of resources for parents, guardians, and others who
want to learn more. In the US, this lack of access is prevalent in a
number of underrepresented groups including Black and Hispanic
communities.
Today, we’re excited to introduce TechPrep,
a resource hub where underrepresented people and their parents and
guardians can learn more about computer science and programming and
find resources to get them started. TechPrep brings together
hundreds of resources, curated based on who you are and what you
need, such as age range, skill level and what kind of resource you
are looking for. The website is designed for both English and
Spanish speakers.
For any of my students who care.
100+
Animated Philosophy Lessons
Wireless
Philosophy AKA Wi-Phi is a project produced by philosophy
students and professors from Duke, Yale, Northern Illinois
University, MIT, and Duquesne University. The purpose of the project
is to philosophy through animated videos. There are currently more
than 100 videos available in the Wireless
Philosophy YouTube channel. The videos are organized into twelve
playlists covering topics like critical thinking and biases,
political philosophy, religion, Descartes, and linguistics.
This could be my students discussing homework.
No comments:
Post a Comment