Friday, October 02, 2015

Outsourcing has risks.
Hackers Stole Data on 15 million T-Mobile Customers
… T-Mobile says as many as 15 million people may have been affected by the data breach, an attack that didn’t compromise T-Mobile’s own systems but rather those of its credit partner — the data vendor and credit bureau Experian. To be clear, the hack hurts even non-subscribers to T-Mobile — credit applicants who for whatever reason ultimately went with another service.
Experian says no credit card or banking data was stolen as part of the attack, which began in September 2013 and wasn’t discovered until two years later, on Sept. 15.
But just because your financial information may be safe doesn’t necessarily mean the rest of your personal information is secure: names, addresses, Social Security numbers, birth dates and driver’s license and passport numbers were all leaked. Some of this data was encrypted, but Experian’s encryption may have been compromised, according to T-Mobile.
T-Mobile is offering two years of free credit monitoring to those who think they may have been affected. But it’s no small irony to note that the credit monitoring service is being provided by none other than Experian itself. [Makes me wonder why. Bob]
Experian says its own consumer credit database “was not accessed” in the incident, but the fact that any systems run by Experian were breached at all is problematic: Experian is one of the major credit scoring agencies in the country, and it safeguards vast amounts of data on everyday Americans.

Just so someone can say, “I did that!” It's a shame they can't see the damage they're doing.
Gigabytes of user data from hack of Patreon donations site dumped online
Hackers have published almost 15 gigabytes' worth of password data, donation records, and source code taken during the recent hack of the Patreon funding website.
The data has been circulating in various online locations and was reposted here by someone who said it wasn't immediately possible to confirm the authenticity of the data. Security researcher Troy Hunt has since downloaded the archive file, inspected its contents, and concluded that they almost certainly came from Patreon servers. He said the amount and type of data posted by the hackers suggest the breach was more extensive and potentially damaging to users than he previously assumed.

You don't see many hacks like this one. Clearly a Linux fan.
Someone Has Hacked 10,000 Home Routers To Make Them More Secure
Most router malware just sits on your home network and uses the device to launch further attacks. In particular, infected routers are useful for generating power for distributed denial of service (DDoS) attacks, where servers are flooded with traffic from hacked machines.
But there’s a curious kind of malware (if you can call it that) going around that not only cleans the device of other infections but even encourages users to update their passwords, according to research from security giant Symantec.
The Wifatch software, now resident on at least 10,000 routers running the Linux operating system, runs across a peer-to-peer network. When it discovers that a potentially vulnerable Telnet port – a port typically used to control functions on the device and is often protected with default, crackable passwords – Wifatch shuts it down. It then asks the user to change passwords and update the firmware on the router. Furthermore, Wifatch has a module that tries to remove “well-known families of malware targeting embedded devices”.
Symantec researcher, Mario Ballano, suspects a “white hat” vigilante might be behind the malware.

A complement to “Best Practice” reports. This is a list of things you need to fix, fast. Unfortunately...
Study Analyzes Corporate Security Practices Across Industries
Clint Gibler, a software security engineer at NCC Group’s Domain Services division and the author of the study, detailed the findings on Wednesday at the Virus Bulletin conference in Prague.
Running a commercial scanner on the systems of 100 organizations across ten industry verticals between February 2014 and May 2015 revealed a total of 908,000 security issues. The sectors analyzed by the researcher include charity, energy and utilities, financial services, health, IT, leisure and media, public sector (education and local), retail, and transport.
Once affected companies were notified about the existence of the flaws, the vulnerable Linux packages were all updated within a 20 week timeframe. On the other hand, only 75 percent of Microsoft patches were applied in a similar timeframe, with 10 percent of the Microsoft product issues being left unresolved even after a year.
The complete report will become available in the coming days. [I'll keep an eye out. Bob]

What could possibly go wrong?
This Creepy, Yelp-Like App Lets You Rate People Like Restaurants
Ever get the urge to rate your friends and colleagues like restaurants, stars and all? Exposing their strengths, but more likely their flaws, for all to see on the unforgiving and unforgetting Internet...forever?
Sadly, there’s an app for that. It’s called Peeple and it’s scheduled to go live in the Apple App Store in late November – that is, if the bitter backlash swirling virally around it doesn’t torpedo the catty reputation tool first.
… To use the controversial free app, you have to be 21 and have a Facebook account, and there’s no cowardly hiding behind anonymity. You must use your real name. You also need to know someone’s cell phone number to add them to Peeple’s database, which is straight creepy in our book.

(Related) Perhaps this article will help me understand this generation?
Digital Romance: The Teens Get It
On Thursday, the Pew Research Center released a report titled “Teens, Technology, and Romantic Relationships.”
… Fifty percent of teens have expressed interest in someone by friending them on Facebook or another social-media site, and 47 percent by commenting on or liking a post. Pew characterizes these interactions as “entry-level” digital flirting, often used by teens who have never dated before. But even for the older and more experienced, I think, they remain ways of dipping a toe in the ocean of romantic possibility while leaving yourself room to safely withdraw.

Well you wouldn't expect him to blame the Internet he invented or global warming, which he also invented.
Al Gore Blames the 2016 Election's Craziness on Television
… Speaking at the 2015 Washington Ideas Forum on Thursday, Al Gore did blame a technology for the race’s unpredictableness—but not the one people might think of.
… “Television pushed the printing press off of center stage, and now—still—the politicians spend 75 percent of their money on 30-second TV ads,” he said. “Political candidates have to spend three-quarters of their time begging rich people for money to get into the television square.”
And then, said Gore, “human nature being what it is,” politicians wind up thinking more about the interests of donors than the interests of constituents.

Well, that's one way to look at it. But I bet John Galt would be a rider.
The socialist case for Uber
Imagine that a left-wing union activist from Glasgow dreamed up an idea for a workers' ride-sharing cooperative. In this thought experiment, let's give this business a liberal-friendly name, "PeopleCar."
PeopleCar would not only help low-income folks get lifts to work cheaper, but it would be structured as a wealth-sharing collective in which 75% of the money made by the business would go directly to the workers running it. And it would be environmentally friendly because it reduces the number of cars on the road, reduces the demand for new cars, and the company would encourage its staff to use electric or hybrid vehicles.
Best of all, it's self-sustaining and massively popular with the workers who use it.
PeopleCar would be hailed as a huge success. Its founders would be heroes. You would love PeopleCar.
That company already exists in real life. It is called Uber.
But people on the left hate Uber, because they want to show solidarity with traditional taxi drivers.
Uber operates exactly the way I just described it, but instead of "PeopleCar" it has an unfortunate Nietzschean moniker which makes it sound like it is run by Nazis. It was founded by a shamelessly aggressive Ayn Rand fan named Travis Kalanick. He is not a bearded leftist from Scotland, the current home of British socialism. He comes from San Francisco, the current home of rapacious capitalists.

Well, I find it interesting. (And I liked the book “The Martian” too)
The Martian, and the Rise of Serial Publishing
This has led to a resurgence in serially published books, with The Martian, now a major motion picture, being the prime example.

Rethinking existing technologies. Brilliant.
This Bladeless Razor Has Raised More Than $2 Million On Kickstarter
The Skarp razor uses a small laser to cut through hair very close to the skin and claims to do so without any irritation. The device looks like a traditional razor and using a AAA battery, the device will last for about a month, according to the crowdfunding campaign description.
The $89, $139 and $159 early bird specials are sold out, so to pre-order the Skarp now costs $189.

(Related) Find out who owns that old technology?
Patent Searching Guide
by Sabrina I. Pacifici on Oct 1, 2015
Via Amy Riegelman – University of Minnesota: Patent Searching Tutorial – includes Google Patents and USPTO Patent Database.

Same question every quarter.
What’s the Best Way to Run Multiple Operating Systems on Your PC?

“Why is it always testing with you evil per-fessers?”
The Essential Guide to Mobile App Testing

About time! I start my Spreadsheet class on Tuesday.
Microsoft Office 2016: A Big Upgrade for Small Business
Office 2016 is finally available for Windows...

I wonder if I could place a couple of students there or even in the Colorado legislature?
Tech fellows to embed with Congress
A handful of technologists are slated to embed with members of Congress next year as part of a fellowship at New America's Open Technology Institute.
In its infancy, the the program will only place about three individuals with technology backgrounds into congressional offices. But the Open Technology Institute said it is the first of "several new projects" in the area.
… "Congress is struggling to keep up with technology in part because it doesn’t have a pipeline for tech talent. TechCongress will change that," Moore said in a statement.
The fellowship starts in January and the application deadline is at the end of the month. The program pays $52,500 over nine months.

No comments: