Sunday, November 22, 2015

When it a hack not a hack? Perhaps it is when a hack allows social engineering resulting in an authorized individual taking an authorized action based on phoney authorization.
In September, it was reported that BitPay was suing its insurer, Massachusetts Bay Insurance Company, for reimbursement of $1.8M funds lost in a phishing attack in December 2014. Now the insurance company has moved to dismiss the suit. Stan Higgins reports:
However, in a 17th November court filing, MBIC has stated that it believes it was justified in rejecting BitPay’s claim, formally requesting the court to toss the suit.
At the heart of the dispute is whether the transfers in question were fraudulently executed.
Read more on CoinDesk, where they’ve uploaded the insurer’s response. It’s an interesting situation, because the criminals didn’t authorize the funds transfers – the BitPay executive did.

BitPay Sues Insurer After Losing $1.8 Million in Phishing Attack
… “The facts as presented do not support a direct loss since there was not a hacking or unauthorized entry into BitPay's computer system fraudulently causing a transfer of money. Instead, the computer system of David Bailey, BitPay's business partner, was compromised resulting in fictitious emails being received by BitPay."

Unlikely to suppress and impossible to remove the DA who delegated so it can't happen again? No wonder law enforcement shops for favorable judges.
Brad Heath and Brett Kelman report:
Prosecutors in the Los Angeles suburb responsible for a huge share of the nation’s wiretaps almost certainly violated federal law when they authorized widespread eavesdropping that police used to make more than 300 arrests and seize millions of dollars in cash and drugs throughout the USA.
The violations could undermine the legality of as many as 738 wiretaps approved in Riverside County, Calif., since the middle of 2013, an investigation by USA TODAY and The Desert Sun, based on interviews and court records, has found. Prosecutors reported that those taps, often conducted by federal drug investigators, intercepted phone calls and text messages by more than 52,000 people.
Read more on USA Today.
“Could undermine….” but how often do the courts just excuse conduct by saying law enforcement believed they could do what they did, and therefore, any motion to suppress is dismissed?

My Computer Security students will appreciate this. This has potential, let's see how they enforce it. The letter is very interesting!
H. Deen Kaplan, Harriet Pearson, Timothy Tobin, and Stephanie Handler write:
On November 9, 2015, Anthony Albanese, Acting Superintendent of the New York State Department of Financial Services (NYDFS), issued a letter to a wide array of federal and state financial services regulators that are part of the Financial and Banking Information Infrastructure Committee (FBIIC). The FBIIC members work together to enhance the reliability and security of financial sector infrastructure. Mr. Albanese’s letter outlines potential new cybersecurity regulations that would impact NYDFS-regulated financial institutions. The letter, which follows numerous steps taken by the NYDFS in recent years to better understand and mitigate cybersecurity risks, further positions the NYDFS as a leading regulator on cybersecurity issues in the U.S., particularly with respect to the financial sector. While no precise timeline was specified for enacting the potential regulations outlined, it appears likely that the NYDFS may formally propose comprehensive cybersecurity regulations in the months ahead.
Read more on Hogan Lovells Chronicle of Data Protection.

This could be a very big deal. (The next Big Thing?) I mentioned this last Thursday, but it needs some amplification. This is a much more in depth article.
Google App Streaming: A Big Move In Building “The Web Of Apps”
… Imagine if, in order to use the web, you had to download an app for each website you wanted to visit. To find news from the New York Times, you had to install an app that let you access the site through your web browser. To purchase from Amazon, you first needed to install an Amazon app for your browser. To share on Facebook, installation of the Facebook app for your browser would be required.
… For a short time before the web, it even seemed this was how online services would go. You had your AOL, your CompuServe, your Prodigy, your MSN — all online services that were disconnected from each other, some with unique content that could only be accessed if you installed (and subscribed to) that particular online service.
The web put an end to this. More specifically, the web browser did. The web browser became a universal app that let anyone open anything on the web. No need to download software for an online service. No need to download an app for a specific web site. Simply launch the web browser of your choice, and you could get to anything. Moreover, search engines like Google could point you anywhere, knowing you wouldn’t need to install any special apps.
The Disconnected World Of Apps
The growth of mobile and its app-centric world has been the opposite of the web. Until fairly recently, there’s been no seamless moving between apps. If you wanted New York Times news within an app environment, you had to download that app. If you wanted to interact with Facebook easily on mobile, you needed the Facebook app.
… Worse, there’s a small but growing number of app-only publishers and services. They have no web sites and thus nothing for Google or other search engines to point you at from mobile search results.
The Web Of Apps Begins
Wouldn’t it be nice if you could move between apps just as you do with the web? Major companies like Google, Apple, Facebook and Microsoft certainly believe so. That’s why over the past two years or so, they’ve all been pushing things like Google App Indexing, Apple Deep Linking & Universal Links, Facebook App Links and Bing App Linking.
For a general overview on these efforts, see our Marketing Land guide to app indexing and deep links. But the takeaway is that all these companies want to make it easier to go from any link — from a web page or within an app — and into another app, when appropriate.
… This is where Google’s big news today comes in. With app streaming, Google will effectively broadcast what you’re looking for within an app, without requiring you to download it at all. There’s no need to worry about whether you want to invest the time and bandwidth downloading some app for a one-time use. If it works as promised, you’ll be able to browse within apps with the same type of experience that you browse web pages.

Might be a fun writing class. Also might be a place for some of my students to sell their papers, which are clearly in the comedy genre.
Amazon Studios Launches Amazon Storywriter, Free Cloud Software For Screenwriters
In an effort to expand its original video content, including movies and TV series, Amazon announced this morning the launch of a free, cloud-based screenwriting software program called Amazon Storywriter. In addition, the company says it’s expanding to include drama submissions, and will no longer take a free option on scripts submitted to the Amazon Studios website, allowing WGA members to upload directly to the site.

No comments: