Not much detail yet. Note that this is another
young hacker (like those arrested for the TalkTalk hack). What are
they feeding them in England?
UK Man
Arrested In VTech Hack Investigation
A 21-year-old man has been arrested in the UK as
part of an investigation into the attack on Hong Kong-based
children’s toy maker VTech.
He was taken into custody this morning in
Bracknell, Berkshire, on suspicion of two offences under the Computer
Misuse Act 1990, the South East Regional Organised Crime Unit
(SEROCU) announced.
(Related) This is not going to work.
Stefan Armitage writes:
… Now, the European Union is on the verge of implementing new laws that would see children under the age of 16 banned from Facebook, Snapchat, Instagram and email, unless they have parental permission. The new regulations would see the age of consent for websites to use personal date raise from 13 to 16-years-old.
Read more on The
Viral Thread. Not surprisingly, there’s a lot of opposition to
the proposal.
Not exactly hacking in to Apple. More like
finding the results of phishing.
13 Million
MacKeeper Users Exposed
The makers of MacKeeper — a
much-maligned
software utility many consider to be little more than scareware
that targets Mac users — have acknowledged a breach that exposed
the usernames, passwords and other information on more than 13
million customers and, er…users. Perhaps more interestingly, the
guy who found and reported the breach doesn’t even own a Mac, and
discovered the data trove merely by browsing Shodan
— a specialized search engine that looks for and indexes
virtually anything that gets connected to the Internet.
IT helpdesk guy by day and security researcher by
night, 31-year-old Chris
Vickery said he unearthed the 21
gb trove of MacKeeper user data after spending a few bored
moments searching for database servers that require no authentication
and are open to external connections.
A lot of my students will be facilitating and (I
hope) securing the BYOD world.
Bye-bye
Intranet, Hello Mobile App
… "The corporate intranet in a mobile
environment is lousy. How do you make it work with a two-and-a- half
by 4-inch screen," said Jeff Corbin, founder and CEO of APPrise
Mobile, provider of an application development platform that can be
used to create native, mobile communications apps for employees,
investors and conference attendees, among other audiences.
Has the “click-wrap license” spread off the
Internet? Sounds like it.
Len Litchfield, M.D., writes:
So you are a health professional or knowledgeable consumer and think you understand the issues surrounding privacy and exchange of personal health information? So did I, until I recently became a patient and had the temerity (or is that foolishness and patience?) to actually read the consent when I went to the outpatient surgical center for a cancer screening procedure.
And what I read was — to say the least — disturbing. When it came to sharing my health information, there were no middle options: either it could be shared with other exchanges, vendors, consultants, and others nationwide, or I wouldn’t be able to get access when I really needed it — especially in an emergency situation.
Read more on MedPage
Today.
Because they have something better?
Matt Reynolds reports:
Human Rights Watch on Monday dropped legal claims over a Drug Enforcement Administration bulk-surveillance program, confirming the database used to store call records was destroyed this year.
“Today we can declare victory and voluntarily dismiss our case,” Human Rights Watch senior coordinator Henry Peck said in a statement, adding that while bulk collection still continues overseas “we can celebrate a small victory for transparency and legality today, and hope for further victories to come.”
Read more on Courthouse
News.
Should we “bulk collect” social media content?
If not, how would we identify individuals with “jihadist
tendencies?”
Immigration
officials prohibited from looking at visa applicants' social media
Homeland Security Secretary Jeh Johnson decided
against ending a secret U.S. policy that prohibits immigration
officials from reviewing social media posts of foreigners applying
for U.S. visas, according to a report by ABC
News.
Johnson decided to keep the prohibition in place
in early 2014 because he feared a civil liberties backlash and “bad
public relations,” according to ABC.
… A DHS spokesman told ABC News that in the
fall of 2014 after Cohen left, the department began three pilot
programs to include social media in vetting, but officials say it's
still not a widespread policy and a review is underway.
A draft regulation only 211 pages long? They're
not taking this serious.
Press
Release – FAA Announces Small UAS Registration Rule
The U.S. Department of Transportation’s Federal
Aviation Administration (FAA) today announced a streamlined and
user-friendly web-based aircraft registration process for owners of
small unmanned aircraft (UAS) weighing
more than 0.55 pounds (250 grams) and less than 55 pounds
(approx. 25 kilograms) including
payloads such as on-board cameras.
… Registrants will need to provide their name,
home address and e-mail address. Upon completion of the registration
process, the web application will generate a Certificate of Aircraft
Registration/Proof of Ownership that will include a
unique identification number for the UAS owner, which must be marked
on the aircraft. [Those
numbers will be for sale on the Dark Net shortly. Bob]
… The full rule can be viewed here:
www.faa.gov/news/updates/media/20151213_IFR.pdf
(Related) What took you so long?
… The Washington, D.C.-based Competitive
Enterprise Institute said Monday the FAA violated federal
requirements for allowing public comments on the drone registration
proposal, which usually lasts for a period of 30 to 60 days.
(Related)
Your Kid
Just Got a Drone. Should You Get Insurance?
… One of the only insurance policies designed
to cover hobbyist drone pilots comes from membership in the Academy
of Model Aeronautics, which charges adults $75 per year. All the
group's 185,000 members enjoy $2.5 million in personal liability
coverage from Westchester Surplus Lines Insurance, part of ACE Group,
and $25,000 medical coverage.
“Most of the claims we have are small claims,”
says Rich Hanson, the AMA’s director of government relations. The
most common case involves an out-of-control drone flying into a car.
The AMA declined to reveal how many claims on average are filed per
year.
Homeowner policies at Allstate, one of the largest
property insurers, will cover damage if a policyholder crashes a
drone and damages someone else’s property. But a “first-party
claim”—damage you do to your own home—isn’t covered, says
Allstate spokesman Justin Herndon.
(Related)
Fuel cell
keeps drones in flight for hours, not minutes
They will hold a grudge until you die, then have
you stuffed.
The RIAA has scored another win in a prominent
piracy lawsuit. The music group has prevailed in its case against
the 'reincarnation' of the defunct Grooveshark music service, with a
New York federal court granting more than $13 million in piracy
damages plus another $4 million for willful counterfeiting.
Last May, Grooveshark shut
down after settling with the RIAA. However, within days a
“clone” was launched
aiming to take its place.
Which reminds me…
Dotcom
ditches Coatesville mansion
Kim
Dotcom has moved out of the sprawling Auckland mansion that was the
centre of the armed raid in which he was arrested in 2012.
The internet
entrepreneur, who is waiting on a district court decision as to
whether he should be extradited to the United States, will take up
residence in an apartment on Princes Wharf from today.
He has also confirmed to RNZ he still owes about
$2 million in outstanding legal fees to his former New Zealand
lawyers.
Mr Dotcom began renting the mansion in
Coatesville, north of Auckland, in 2010 at a cost of $1 million a
year.
However, the ongoing cost of his legal battle to
stay in New Zealand had forced him to downgrade his accommodation to
a mere four-bedroom penthouse overlooking Waitemata harbour.
I thought the whole point was for everything to
communicate.
Philips
updates Hue firmware to block bulbs from rivals
It seems that the IoT wars are finally heating up
and Philips may have just fired the opening shot. The company has
just rolled out a firmware update to its Hue brand of
network-connected smart bulbs and one of if not the most significant
thing it does is to cut off connectivity with third party bulbs,
which is to say smart bulbs from its rivals like GE. This will, at
least for the time being, probably dash the hopes of some to have an
interconnected smart home, or at least smart lighting, with IoT
devices from different and competing brands.
Technically, Philips Hue
bulbs speaks the language of Zigbee, a wireless communications
protocol that many devices, including some routers and remote
controls, support. The purpose of such standards is to actually make
devices talk to one another. At least in an ideal world. Philips,
however, would prefer not to be so communicative.
Another attempt to summarize Privacy.
NISO
Releases Set of Principles to Address Privacy of User Data in
Library, Content-Provider, and Software-Supplier Systems
by Sabrina
I. Pacifici on Dec 14, 2015
“NISO [National Information Standards
Organization] has published a
set of consensus principles for the library, content-provider and
software-provider communities to address privacy issues related to
the use of library and library-related systems. This set of
principles developed over the past 8 months focus on balancing the
expectations library users have regarding their intellectual freedoms
and their privacy with the operational needs of systems providers.
The NISO
Privacy Principles set forth a core set of guidelines by which
libraries, systems providers and publishers can foster respect for
patron privacy throughout their operations. The Principles outline
at a high level basic concepts and areas which need to be addressed
to support a greater understanding for and respect of privacy-related
concerns in systems development, deployment, and user interactions.
The twelve principles
covered in the document address the following topics: Shared Privacy
Responsibilities; Transparency and Facilitating Privacy Awareness;
Security; Data Collection and Use; Anonymization; Options and
Informed Consent; Sharing Data with Others; Notification of Privacy
Policies and Practices; Supporting Anonymous Use; Access to One’s
Own User Data; Continuous Improvement and Accountability.”
Perspective. Mostly some trivial(?) examples, but
I see a trend here. Social media as ombudsman?
Did You Get
Screwed By a Company? Take It to Twitter!
The hoopla is over. Should we buy them? (Anyone
have a spare billion or two?)
Could A
GoPro Downgrade Help Fuel A Buyout?
… The downgrade cited slower growth, higher
inventory, slowing demand
on the drone business and stagnating product growth. We
first heard about it on Twitter.
… But let's take a look at the valuation. Do
we think the company will be around in 10 or 15 years to be able to
deliver the future earnings that you are paying for at today's price?
Yes, we do. Also, the company has zero debt, and that leaves their
balance sheet open for leverage in case they want to consider things
like a stock buyback or taking on debt to acquire companies or
finance future operations.
See what being politically correct will do to you?
New submitter scrote-ma-hote
writes:
From stuff.co.nz, news comes that the Church of the Flying Spaghetti Monster is now able to solemnize marriages. The registration was listed in the NZ gazette yesterday. The Registrar-General decided that the Church met the criteria in New Zealand for solemnizing marriages, as per the Marriage Act 1955, namely that the "principal object of the organization was to uphold or promote religious beliefs, philosophical or humanitarian convictions."
Something for my students to use. Congress asks
and these guys answer – then Congress ignores them.
CRSReports.com
– free access to CRS Reports
by Sabrina
I. Pacifici on Dec 14, 2015
“CRSReports.com
is a free web based repository of Congressional Research Service
(CRS) Reports. This digital library is dedicated to hosting an
extensive collection of CRS documents. All information provided by
CRSReports.com
is publicly available and can be accessed for free without sign-up or
registration. This growing collection of CRS reports is made freely
available to policy makers (including Hill staffers who while off of
the Hill may decide not to login into the Capitol intranet) and other
users for purposes beneficial to our political system and the public…
CRSReports.com
hosts but does not author CRS documents. CRS documents are written
by the Congressional Research Service an information resource within
the US Library of Congress. CRS does not serve members of the public
directly, they focus solely on assisting and informing Congress. CRS
serves the US federal legislative branch and in this manner
indirectly serves the public.”
-
CRSReports.com – “The Internet’s largest free and public collection of Congressional Research Service Reports.”
For my students. Slow my video to ¼ speed and
I'll still flunk you too fast to see! (The “F” is quicker than
the eye.)
Speed Up Is
YouTube’s Greatest & Most Underrated Feature
… After expanding the gear settings symbol
with a click, you can disable annotations, change the video quality,
edit subtitles, or change the speed — yes, YouTube allows you to
play the video in normal time, sped up at 1.25x, 1.5x, or 2.0x speed,
or slowed down to 0.5x or 0.25x speed.
No comments:
Post a Comment