Saturday, January 31, 2015

“Stupid is as stupid does.” F. Gump But don't worry. The DoJ insists that encryption will protect you. Please believe these straight talking politicians.
Jihadists Increasingly Wary of Internet, Experts Say
After having used the Internet profusely for propaganda and recruitment, jihadist organizations have realized that investigators are gleaning crucial information online and are increasingly concealing their web presence, experts say.
Apart from recent orders given to fighters to limit their exposure, erase the footprint of their online activity and avoid revealing too many place names or faces, the Islamic State and Al-Nusra Front groups are increasingly using the "Dark Web" -- the hidden part of the Internet protected by powerful encryption softwares.
In November, Flavien Moreau, a 28-year-old jihadist who travelled to Syria and then returned to France, was jailed for seven years exclusively on the basis of what he posted online.
And those who just months ago had happily posted videos, photos of themselves holding Kalashnikovs or of beheadings on Facebook have now realised that they were single-handedly building a case against themselves, if they ever decided to come home.
"We are starting to notice the beginnings of disaffection with Facebook -- they have understood that's how we get incriminating evidence," said Chadrys.

I was surprised it took six weeks, then I realized it was conducted by lawyers not auditors. They reviewed policies and procedures. Did they look at how those procedures worked in the field? Don't get me wrong. Good policies and procedures are the basis for good privacy, but that's only the start of an audit.
Devindra Hardawar reports:
The results from Uber’s six-week-long external privacy audit, spurred on by several high profile security controversies, are in. And, surprisingly, the final report looks positively rosy for the on-demand taxi company. “Uber has dedicated significantly more resources to privacy than we have observed of other companies of its age, sector, and size,” auditors from the law firm Hogan Lovells said in a statement.
Read more on engadget.

Government privacy?
Google, Twitter, Yahoo nabbing data
Companies including Google, Twitter, Yahoo and automatically obtain information from people visiting, according to analysis by congressional staffers.
The finding builds on news last week that dozens of data-tracking companies were able to obtain information about people visiting the federal healthcare website, potentially including information about their age, location and pregnancy status.
… According to the staff analysis, the information about visitors to is in some cases not transferred to outside companies until “long after” their visit, due to the site's use of cookies that can stay in a visitor's browser for years.

Follow-up. Still lots of questions. Was this sexting gone wrong? Is this a common occurrence?
Palatine Police Charge Fremd Student For Allegedly Sending Offensive Email
An 18-year-old Fremd High School senior from Schaumburg was charged by Palatine police today (Friday) with misdemeanor disorderly conduct for sending an offensive email.
According to police, on Tuesday, Jan. 27, an email message containing an offensive image was sent to student email accounts at both Fremd and Palatine high schools. Police did not disclose what type of image was sent out.

Perspective and history. I may be ready for a 6G phone.
The Ultimate History Of Cellular Technology

Sounds like a great tool for student papers at a Technical University.
America’s oldest news agency wrote 10X more articles by having robots do what reporters used to do
… AP produced roughly 3,000 articles on company earnings last quarter, 10X more than it used to, by using automated technology.
According to The Verge, AP has been able to do it by partnering with Automated Insights, a company that specializes in “robot journalism.” Automated Insights uses artificial intelligence and Big Data analysis to automatically generate data-heavy articles, such as earnings reports.

Strange, my female students wouldn't even look at the KickStarter page.
Here's Why and How Exploding Kittens Set a New Kickstarter Record for Most Backers
… Since the launch of the card game's crowdfunding campaign on Jan. 20, Exploding Kittens has now raised almost $5 million as of the evening of Jan. 30, well beyond the initial goal of only $10,000.

How lucky am I to work in an industry that so amuses itself...
Hack Education Weekly News
A proposed bill in Texas would allow teachers to use “force or deadly force on school property, on a school bus, or at a school-sponsored event in defense of the educator’s person or in defense of students of the school that employs the educator” – that is, to kill a student. [Was this not politically correct before this law? Don't interfere with little Johnny's expression of rage! Bob]
Proposed legislation in Colorado would teach schoolchildren about sex abuse (although it’s anticipated that Republicans in the legislature will kill the bill). [Because there are some things man was not meant to know? Bob]
A proposed bill in Kentucky would allow computer science courses to count as a foreign language requirement.
… The Department of Justice has agreed to pay Nicholas George $25,000 after detaining him at an airport for 5 hours because he had Arabic language flash cards in his pocket.
… Still struggling with its technology implementation – you guessed it – LAUSD, which this week announced it would delay distribution of some 19,000 laptops.

Fun for students?
Google Earth Pro is Now Free for Everyone
Google Earth Pro has been available for free to teachers with GAFE email accounts for quite a while. Now it is available for free to anyone who wants to upgrade to Google Earth Pro. Google announced this yesterday on the Google Lat Long blog. To get a license key for Google Earth Pro you just need to complete the form found here. \
Google Earth Pro offers at least nine features that are not available in the standard version of Google Earth. Those features include importing GIS data, mapping multiple points at once, measuring areas of polygons and circles, and automatically geo-locating imported GIS images.

Friday, January 30, 2015

This is very important to small businesses.
Angel Diaz writes:
Big or small, all bank accounts are susceptible to hijacking and fraudulent wire transfers. Banks ordinarily bear the risk of loss for unauthorized wire transfers. Two independent frameworks exist to govern these transfers: the Electronic Fund Transfer Act (“EFTA”) for consumer accounts, and Article 4A of the Uniform Commercial Code (“UCC”) for business accounts.
While the EFTA will ordinarily shield consumers from having to pay for most unauthorized charges as long as they provide notice to their bank, UCC §4A-202 shifts the risk of loss to the customer if the bank can show that (1) a commercially reasonable security procedure was in place and (2) the bank accepted the payment order in good faith and in compliance with the security procedure and any other written agreement or customer instruction.
Read more about the courts’ interpretations of these laws on Proskauer Privacy Law Blog.
[From the article:
The commercial reasonability of a security procedure is a question of law, and courts will consider several factors, including:
  • Customer instructions expressed to the bank
  • The bank’s understanding of the customer’s situation, [This should include the ability to identify “abnormal” transactions Bob] including the size, type, and frequency of payment orders ordinarily issued
  • Alternative security procedures offered to the customer
  • Security procedures in general use by similarly situated banks and customers.

A new trend? Broadcast sexting? Anti-social media? I think it will be important to see what is going on here.
ABC reports:
Palatine police are investigating a sexually explicit and obscene email sent Tuesday night to almost all of the 5,400 students at William Fremd High School and Palatine High School in Palatine, Ill.
The email was sent using the internal student email system.
Read more on ABC.
[From the article:
Some students told Eyewitness News that the sender was able to hack into the district's main email server using a router that switches IP addresses every two hours. [Good luck tracing that. Bob]

Are reporters really this ignorant about technology? From some articles I've read, it seems probable. (For example, not knowing the difference between “Delete” and “Backspace” keys.) Or this could be an attempt at disinformation. (That is probably too sophisticated for DoJ)
Watchdog: Attkisson wasn’t hacked, had 'delete' key stuck
A former CBS investigative reporter was not hacked by the Justice Department for writing critical stories about the Obama administration, according to an investigation by an independent watchdog.
An inspector general report concluded that Sharyl Attkisson's merely had her “delete” key stuck when text disappeared from her computer, and said there's no evidence that government officials erased stories.
… A summary of the Justice Department’s inspector general report obtained by The Washington Post and the Huffington Post disputes her claims.
The elimination of text in the video she posted “appeared to be caused by the backspace key being stuck, rather than a remote intrusion,” the DOJ report said.

If this is limited to their banks, I can see most companies exiting. Few would want to leave the consumer markets though.
China Wants US Companies To Hand Over Source Code, Use Stated-Sanctioned Encryption
China is demanding that American companies that sell software products to Chinese banks must hand over their source code to be reviewed. And, it gets even better. China also wants these same companies to begin using Beijing-sanctioned algorithms in lieu of their preferred algorithms.
… China's demands are downright outrageous, and if this rule is in fact put into place, it's hard to say exactly how things are going to play out. No company is going to be willing to hand over its intellectual property just because it's asked; in some cases it'd just be better to depart the country. Given China's other recent actions, it no doubt would prefer that to happen. To China, it sometimes makes sense to reinvent the wheel because those who invented it first cannot be trusted.

Anonymous ain't!
Privacy challenges
Analysis: It’s surprisingly easy to identify individuals from credit-card metadata.
In this week’s issue of the journal Science, MIT researchers report that just four fairly vague pieces of information — the dates and locations of four purchases — are enough to identify 90 percent of the people in a data set recording three months of credit-card transactions by 1.1 million users.
When the researchers also considered coarse-grained information about the prices of purchases, just three data points were enough to identify an even larger percentage of people in the data set. That means that someone with copies of just three of your recent receipts — or one receipt, one Instagram photo of you having coffee with friends, and one tweet about the phone you just bought — would have a 94 percent chance of extracting your credit card records from those of a million other people. This is true, the researchers say, even in cases where no one in the data set is identified by name, address, credit card number, or anything else that we typically think of as personal information.

Interesting, but we should have asked these questions years ago. Note that these questions parallel those we should ask when writing a Privacy Policy. (I only post the questions, not the discussion)
With each week, we seem to learn about a new government location tracking program. This time, it’s the expanded use of license plate readers. According to the Wall Street Journal, relying on interviews with officials and documents obtained by the ACLU through a FOIA request, the Drug Enforcement Administration has been collecting hundreds of millions of records about cars traveling on U.S. roads. The uses for the data sound compelling: combating drug and weapons trafficking and finding suspects in serious crimes. But as usual, the devil is in the details, and plenty of important questions remain about those details.
First, who approved the program, and under what circumstances?
Second, are there any limitations on how the data can be used?
Third, how long can it be kept?
Fourth, where else does the data go?
Finally, which other federal agencies are using license plate readers?

Economics according to Putin?
Russia Unexpectedly Cuts Key Rate as Economy Eclipses Ruble
Russia’s central bank unexpectedly cut its benchmark interest rate by two percentage points, letting the ruble slide as the economy sinks toward recession.
… “The central bank’s actions are becoming less and less predictable, which isn’t positive for the currency market,” Oleg Popov, a money manager at April Capital in Moscow, said by e-mail.
… The regulator shifted to a free-floating exchange rate ahead of schedule in November and burned through about $88 billion of reserves last year to prop up the ruble.

This is very difficult for my students to understand, but as Warren Buffet might say, “It's all about the cash flow!”
Amazon's Profit Shows How Few People Understand The Way The Company Works
Amazon revealed a profit Thursday, and Wall Street analysts were pleasantly surprised by it. Comments coming from some of them suggest they still don't understand the core philosophy of CEO Jeff Bezos and the way Amazon works.
… A lot of people believe that if a company never makes money, it must, fundamentally, go bankrupt. This isn't the case, as Amazon proves.
Here is how Amazon actually works: As long as the company can grow its revenues, it can spend any profit it makes on new lines of business that throw off more revenues. Those revenues may also be profitable, and those profits can in turn be immediately spent again on more growth. By eschewing profits, the company can also offer the lowest prices possible (which is why consumers are so loyal to it). Some parts of the company are profitable and fuel growth in others.

Skynet? Hardly. Remote control is a long way from autonomous.
Is the Future of War Autonomous?
… Some 40 percent of the U.S. aerial fleet is comprised of unmanned drones, and the Air Force is now training more drone operators than pilots.

I wasn't sure there was a large enough market in BYOD management. I still learn something every day.
Good wants to manage your smartphones for $3 a month, per user
Good Technology is hoping its cloud-based Management Suite for mobile devices will make life easier for IT departments that don't want to rely on products from multiple vendors to manage the seemingly countless phones and tablets that employees are using for work these days.
… Good is best known for the company's app containerization technology -- software that separates an app from other apps and the OS to improve security -- but has been expanding its offerings to include mobile- device and application management.
… Good's main competitors are VMware-owned AirWatch and MobileIron, according to Wallin. Unlike Good, they have both been expanding their tools to include the ability to manage desktops and laptops in addition to smartphones and tablets.
… In addition to the Management Suite, Good also offers an Enterprise Suite, a Collaboration Suite and a Mobility Suite, which offer more extensive functionality and cost between $5 and $15 per user and month.

Perspective. Contrast this with Google fiber at 1000Mbps. (I'm having a devil of a time finding the actual report.)
FCC Says You're Not a Broadband User Unless You're Getting 25Mbps Download Speed
The Federal Communications Commission changed the definition of broadband Internet, increasing the service's required download speed from the current 4 Mbps to 25 Mbps.
… In terms of broadband speed, the United States currently ranks 14th among all the nations in the world, according to data from Akamai Technologies, with an average speed of 11.4 Mbps.
South Korea is the leading nation with an average broadband speed of 24.6 Mbps, followed by Hong Kong, Switzerland, Japan and the Netherlands.

This will help my Business Intelligence students interpret their Twitter analysis. Won't it?
10 Things Katy Perry Can Teach You About Twitter Marketing
… Perry is now officially the most followed user on Twitter, making her even more popular than the President of the United States is on the social network.

For my Cable-free students.
How to watch the Super Bowl for free: Cut the cable cord!
If you're looking to watch Super Bowl XLIX online this Sunday, NBC has you covered.
Just like other networks that have offered a free live stream of the Super Bowl in previous years, NBC will make the 2015 game available through its NBC Sports website and mobile app.

A cute infographic I can hang in my classrooms.
Not Thinking About The Security Of Your Data? You Should Be
What can you do to protect your data? How can you make sure that your identity isn’t stolen? This infographic breaks it down in detail.

Useful resource.
Never trust a corporation to do a library’s job
Andy Baio, The Medium: “Two months ago, Larry Page said the company’s outgrown its 14-year-old mission statement. Its ambitions have grown, and its priorities have shifted. Google in 2015 is focused on the present and future. Its social and mobile efforts, experiments with robotics and artificial intelligence, self-driving vehicles and fiberoptics. As it turns out, organizing the world’s information isn’t always profitable. Projects that preserve the past for the public good aren’t really a big profit center. Old Google knew that, but didn’t seem to care. The desire to preserve the past died along with 20% time, Google Labs, and the spirit of haphazard experimentation. Google may have dropped the ball on the past, but fortunately, someone was there to pick it up. The Internet Archive is mostly known for archiving the web, a task the San Francisco-based nonprofit has tirelessly done since 1996, two years before Google was founded. The Wayback Machine now indexes over 435 billion webpages going back nearly 20 years, the largest archive of the web. For most people, it ends there. But that’s barely scratching the surface. Most don’t know that the Internet Archive also hosts:
That last item, the software collection, may start to change public perception and awareness of the Internet Archive.”

For my programming students.
A Free Course on Developing iOS 8 Apps
In the past Stanford has offered free online courses on developing iPhone and iPad apps. Their latest offering is a free iTunes U course on developing iOS 8 apps.
Before you get too excited about the course, note that it is not for people who don't have any prior programming experience. The prerequisites for the course require that you have experience with C language and object-oriented programming. If you're up for the challenge, this course could be a good opportunity to learn to develop iOS 8 apps.

Thursday, January 29, 2015

How important is your data? Would you notice that it was unreadable in less than 6 months? Would your database accept records without an edit? (e.g. a zipcode of “pZ3&g”?)
Cybercriminals Encrypt Website Databases in “RansomWeb” Attacks
researchers at High-Tech Bridge have spotted a new type of attack that threatens businesses.
The technique, dubbed “RansomWeb,” targets sensitive information stored in website databases. These attacks require a lot of patience, but they can be highly profitable for cybercriminals.
The attackers first compromise the targeted company’s Web application. Then, they modify server scripts so that data is encrypted on-the-fly before it’s inserted into the database. This encryption process happens over a long period of time to avoid raising any suspicion. Once the data is encrypted, victims are sent a ransom demand.
In one operation observed by researchers, the attackers encrypted the database of a financial company over a six-month period. During this time, even the backups were overwritten with encrypted entries, making it difficult to recover the data.

Think of it as an intelligence service that is actually doing its job. All you need to stop this is an accurate prediction of the data you will not need.
Canada taps Internet cables to track downloads
Canada’s top surveillance agency has been tapping into Internet cables to collect vast troves of upload and download data from popular file-sharing websites, The Intercept and CBC News reported.
The program, known as Levitation, indiscriminately sucks up and analyzes the records of up to 15 million downloads each day. The surveillance spans North America, Europe, the Middle East and North Africa.

After all, If he's got nothing to hide, why would this bother him (I'm not sure congress get's sarcasm. Or anything else) I will send the Congressman an email asking if I can have the surveillance details for our “Big Data” class.
Mike Masnick writes:
Rep. Jared Polis has a bit of a history of making hilarious, but incredibly on point, sarcastic and satirical suggestions in response to government officials saying something stupid. Last year, he asked the Treasury Department to ban dollar bills after Senator Joe Manchin asked the Treasury Department to ban Bitcoin. Polis, of course, took the same arguments Manchin used against Bitcoin and highlighted how dollar bills had the same characteristics.
His latest move is in response to Senator Marco Rubio’s ridiculous and clueless call for greater levels of mass surveillance of Americans. Rubio calls for new laws to force tech companies to help the government spy on everyone and also a permanent extension of the controversial Section 215 of the Patriot Act, the part of the law that was twisted by the DOJ and the NSA to pretend it means they can demand every phone record on every American because they might be able to sniff through it all and find something interesting.
Read more on TechDirt.

A business opportunity for my Ethical Hackers. If manufacturers will create “no fly” zones (based on GPS) as part of their operating software, replace the operating software (or delete the restrictions or remove the GPS antenna).
Drone maker will block DC flights after White House crash
The manufacturer of a drone that crashed on the White house grounds this week will introduce technology to block its machines from flying around downtown Washington, it said on Wednesday.
… Under the new mandatory software update, the drones will not be able to take off from or fly into a zone that extends 15.5 miles out from downtown Washington in all directions.
… Current FAA regulations make it illegal to fly a drone in Washington, even recreationally. [Not sure that is true Bob]
DJI has already programmed its machines to prevent them from flying into the airspace above many of the nation’s airports, which it imposes by keeping tabs on their GPS data.

Trust us, we'll protect your personal information. Except when we share it.” Includes a look at the UK, Australia and the US as well.
From the Office of the Information and Privacy Commissioner (OIPC) of Alberta:
In recognition of Data Privacy Day, the Office of the Information and Privacy Commissioner (OIPC) has released independent research it had commissioned to provide a privacy perspective on multi-stakeholder government information sharing projects.
The paper entitled Government Information Sharing: Is Data Going Out of the Silos, Into the Mines? provides an overview of government information sharing projects across Canada and internationally, potential frameworks for analysis, citizen expectations, and an examination of actions taken to protect privacy.
As the authors stated, this paper scratches the surface on the number of multi-stakeholder, citizen-centred government information sharing projects occurring but provides a critical look at the variety of projects undertaken, the concept of big data, the transparency or lack thereof involved in projects, and citizen reactions to different projects.
The paper concludes with an analysis of the risk involved in information sharing projects and proposals, including but not limited to legal authority, security management, organizational commitment to privacy, and public relations and communications.
The paper is available on the OIPC website at:

Darn! I was going to fly my “football inflation measurement” App.
Super Bowl is a 'no drone zone'
The Federal Aviation Administration (FAA) issued a warning Wednesday to remind fans of both football and unmanned aircraft that the Super Bowl is “strictly a ‘no drone zone.'” It is illegal to fly unauthorized aircraft, such as a drone, over or near any NFL games, not just Sunday’s championship game, according to the FAA. The same restriction also applies Major League Baseball games, several Nascar events and any college sporting event taking place in a stadium that seats at least 30,000 fans.

Okay, so I can't read a calendar. At least I found this reading list... I should remind myself to check next January.
It’s Data Privacy Day 2015, and Dave Piscitello (@SecuritySkeptic) compiled his reading list, which he has kindly shared with this site:

Perspective. Extrapolating existing trends.
What Will Social Media Look Like in 2015?
At the start of the New Year, many small business marketers think about what the social media landscape may look like as they strive to reach their business goals. It seems that each passing year brings more competition as social media platforms shift in popularity and networks continue to change the rules for marketers.
In this ever-shifting environment, we look at some of the social media marketing trends that small business owners can expect in 2015.

Big Data requires a Big Index?
Open Database Of The Corporate World
OpenCorporates aims to do a straightforward (though big) thing: have a URL for every company in the world. We’ve grown from 3 territories and a few million companies to over 75 jurisdictions and 55 million companies, and are working with the open data community to add more each week. How can we get hold of the data? We have a new API service, as well as our highly popular Google Refine reconciliation service (see documentation), and this allows access to the information as JSON or XML. If you need data in bulk, either for academic research work, for another cool open data project, or commercially, drop us an email at Under what licence is the data published? In collecting this information, and matching up to other data, OpenCorporates has acquired database rights, but we strongly believe this information should be freely reusable, and so make it available (to the extent that we have the rights) under the share-alike attribution Open Database Licence. For details, please see our licence page.”

Who would you pay $5 to hear?
Louis CK Releases Comedy Special Online
Controversial comedian Louis CK has released another comedy special online, cutting out the middleman and delivering his jokes directly to his fans. Louis CK: Live At The Comedy Store, CK’s first nightclub special, is available to stream online in 1080p or as a DRM-free download, and is priced at just $5.

Interesting. Trading on their name and their ability to replicate a “Best Practices” infrastructure.
Amazon's New WorkMail Targets Business Users
On Jan. 28, Amazon announced its latest business product, a cloud-based email and calendaring service called WorkMail that one analyst said could be the first of many follow-on offerings.
… Amazon will charge a monthly subscription fee of $4 per inbox, similar to what Microsoft and Google charge. The new Amazon service includes 50G of storage per user.
… Company officials said the advantage is companies won't have to invest in their own email servers and management software as that will also be handled by Amazon—which, among other things, will encrypt emails to help ensure their security.

Because: Hype!
Facebook Launches Super Bowl Experience
Facebook has launched the Super Bowl Experience just in time for Super Bowl XLIX on Sunday (Feb. 1). The Super Bowl Experience on Facebook, located at, focuses the whole Facebook experience on the Super Bowl before, during, and after the game.
The Super Bowl Experience features posts about the game between the Seattle Seahawks and the New England Patriots, real-time reactions to events on the pitch, play-by-play updates, and media content from news outlets covering the game. All of which saves you from ever leaving Facebook. Which is the idea.

An amusing look at how much fun it must be to spend big money. Infographic
Understanding Why Google Spends Billions on Acquisitions

Wednesday, January 28, 2015

My international students taking Ethical Hacking could create driver's licenses for any country they like. Local police would have no timely way to check.
Delaware aims to beat out Iowa, be 1st with digital licenses
Delaware is hoping to be the first to state in the country to allow drivers to use an app on their smartphones as their official driver’s license.
The Daily Times reports ( that the Delaware Division of Motor Vehicles is studying the issue after the Legislature adopted a resolution last week.
State officials say digital driver’s licenses won’t eliminate hard plastic licenses, [Why not? Bob] but would give drivers more options and convenience.

Only took them 14 months! “We need new laws because the one's we have are not flexible and technology-neutral.”
In light of ‘smart’ devices, feds call for privacy bill
Federal regulators are concerned about how the billions of “smart” bracelets, cars, thermostats and other devices are creating new avenues to threaten people’s privacy.
The Federal Trade Commission (FTC) on Tuesday unveiled a 71-page report calling for new legislation to help it crack down on companies who may abuse or fail to protect people’s data.
"Such legislation should be flexible and technology-neutral
… The report is an outgrowth of a 2013 workshop the FTC hosted on the rise of connected devices, which are expected to reach 50 billion worldwide in the next five years.

Apparently, this is not a large enough drain on Russian resources to be a concern – and they might wind up with another chunk of territory or even the whole country.
Has Russia's War Against Ukraine Reached a Point of No Return?
… The head of the so-called Donetsk People's Republic has officially stated that he intends to capture all of Donetsk province and that he rejects all forms of a ceasefire. Since, at present, his fighters control over a third of the region, his combined statements amount to a declaration of war on Ukraine and a determination to pursue the fight to the finish.
… Western hopes of a negotiated settlement of the conflict are thus effectively dead. Although there is photographic proof of a Russian military presence in eastern Ukraine (over 9,000 regular troops) and of continued Russian military equipment being brought into the region, the Kremlin continues to deny that it is present in or in any way connected to the fighting. In effect, that's another way of saying that it has no interest in anything but a proxy victory.

Anything strike you as off kilter here?
Statistics suggest Super Bowl 49 has kicked off a boom in 4K TV sales
When we look back on this year’s Super Bowl, we might see the spark that ignited a boom in sales of 4K TVs—at least in the U.S. market. Nevermind that the Super Bowl isn’t being broadcast in 4K (maybe next year, when it comes to Silicon Valley?)

For my Analytics students.
Finance Departments Need More Advanced Analytics
… "Finance departments are demanding more self-service analytics, more use of advanced analytics, and easier access to finance and operational data in order to analyze it," said Robert Kugel, senior vice president and research director at Ventana Research. "Advances in the tools for analyzing and reporting the data have made it possible to assess financial performance, process quality, operational status, risk and even governance and compliance in every aspect of a business."
… Most CFOs are good at the basics: financial statement analyses, modeling, forecasting and planning. Only a relative handful, however, apply economic and market indicators, price optimization techniques or profitability analysis on a regular basis. The result is that the bulk of finance departments are not harnessing predictive analytics in planning and forecasting.

For my Data Management students.
5 Alternatives to the Traditional Relational Database
The ongoing popularity of the Hadoop approach to data management should not blind us to the opportunities offered by other database technologies – technologies that, when used in the proper mix, can deliver adequate scaling to meet the demands of the endless 50 percent-plus yearly growth in data to be analyzed, along with higher data quality for better business decisions. The new(er) technologies basically can be categorized as follows:
  • In-memory databases
  • Hadoop/NoSQL
  • Virtualized or "federated" databases
  • Columnar databases
  • Streaming databases

An interesting article for all my students?
Top 3 Small Business Tech Trends for 2015

Tuesday, January 27, 2015

Perhaps we could look at this short list of “Best Practices” and check off Sony's failures. Turns out there were a lot of failures.
NSA Releases Defensive Strategies for Fighting Malware Targeting Corporate Data
The NSA's Information Assurance Directorate (IAD) issued a report this month laying out best practices for combating malware designed to steal or destroy corporate data.
The report, entitled 'Defensive Best Practices for Destructive Malware', seems in part aimed at dealing with the type of data-wiping malware at the center of the recent attack on Sony Pictures Entertainment.
"Once a malicious actor achieves privileged control of an organization's network, the actor has the ability to steal or destroy all the data that is on the network," report continues. "While there may be some tools that can, in limited circumstances, prevent the wholesale destruction of data at that point, the better defense for both industry and government networks is to proactively prevent from gaining that much control over the organization's network."

Enterprises Overly Reliant on Perimeter-based Defenses: Survey
Organizations are increasing investment in IT security, but even after a string of high profile data breaches in 2014, they aren't thinking beyond perimeter-based defenses, according to the latest Ponemon Institute survey.
The mega-breach at Target and other retailers served as a “wake up call” for senior managers at organizations to realize they needed better security. About 13 percent of senior management expressed extreme concern about their security posture before the Target breach was publicized, according to the survey. The number rose to 55 percent after the breach.
The recent attack at Sony where attackers dumped files containing “millions of instances of Social Security numbers” is an example of the kind of damage that can result when attackers get on the network and the information is not properly protected. “Organizations shouldn't be solely focusing on how to block the attack and they need to understand how vulnerable they are if the attackers get past the perimeter defenses,” Feinman said.

Oh, the horror!
Facebook was Down, Albeit Briefly
Facebook suffered an outage of around 40 minutes on Monday night (Jan 26), and the Internet immediately lost its head. Instagram, Tinder, Hipchat, Pinterest and others all seemed to be suffering similar fates at around the same time.
Lizard Squad (the hackers who took down Xbox Live and PSN over Christmas, and the Malaysia Airlines website this past weekend) claimed credit for the outage. However, Facebook blamed itself, stating, “This was not the result of a third-party attack but instead occurred after we introduced a change that affected our configuration systems.
Whoever was ultimately to blame, the panic that ensued online shows just how important Facebook is to many people. And for those still not convinced by the power of Twitter, the alternative social network proved its worth by allowing people to vent about Facebook’s temporary downtime.

An interesting question. Where besides Al Jazeera is it being asked?
Nathan Freed Wessler of the ACLU writes:
Cell site simulators, secret surveillance gear that tricks cellphones into transmitting their identifying information and location, have become a preferred method for law enforcement to track people’s whereabouts. Better known as stingrays, the devices mimic legitimate cell towers and induce cellphones in the area to transmit data to the government without ever alerting users. Even when police are looking for a particular suspect, the technology captures information about dozens, hundreds or even thousands of bystanders’ phones. Walls offer no protection, as the stingray’s signals pierce through the walls of homes and other private spaces, revealing otherwise private details about those inside.
Read more Al Jazeera America.

Police privacy – do they see this as being treated as second class citizens? (i.e. like everyone else?)
AP reports:
Sheriffs are campaigning to pressure Google Inc. to turn off a feature on its Waze traffic software that warns drivers when police are nearby. They say one of the technology industry’s most popular mobile apps could put officers’ lives in danger from would-be police killers who can find where their targets are parked.
Read more on NBC.

Imagine the security nightmare this creates. It's hard to tackle drones and you have no idea what their payload might be. Perhaps a giant plastic bubble?
Device, possibly aerial drone, found on White House grounds
… A device, possibly an unmanned aerial drone, was found on the White House grounds during the middle of the night while President Barack Obama and the first lady were in India, but his spokesman said Monday that it posed no threat.

Computer Security: “Things” are attaching to our networks far faster than security solutions become available.
Internet of Things Security Challenging Enterprise Networks: Survey
While there have increasingly been many predictions about the impact the Internet of Things (IoT) will have on organizations in the future, it appears that the number of non-traditional devices connected to corporate networks is already challenging enterprises.
According to a study by Atomik Research and security firm Tripwire, employed people working from home have an average of 11 IoT devices on their home networks, and nearly one in four have connected one of these devices to their enterprise networks. The devices run the gamut, with printers (27 percent), routers (22 percent), video equipment (20 percent) and video gaming consoles (14 percent) the most popular. Twenty-four percent of them admitted to connecting a personal smart device – other than laptops and cell phones – to a corporate network, and most said they are only "somewhat" concerned with the security of these devices.

I'm trying to make this point to my Data Management students. The uses for Big Data are limited only by your imagination. Each use suggests reasons for gathering more data.
DOJ spied on millions of cars to build real-time tracking database
The Justice Department has been secretly building a massive database to help federal law enforcement track the movements of millions of vehicles across the U.S. in real time, [Easy to do, but no reason to track “millions of vehicles” all the time. Bob] according to a report Monday in the Wall Street Journal.
The program is run by the Drug Enforcement Administration and tracks license-plate information from cameras placed on highways. The information gathered includes time, location and directional data.
… Officials had previously admitted that they track vehicles near the U.S. border with Mexico but had not disclosed that the program also tracks vehicles "throughout the United States," according to an email obtained by the Journal.

(Related) Know your baseline to know when things change.
Startup Uses Changes in Power Consumption to Detect Industrial Cyber Threats
Forget signatures, heuristics and sandbox analysis. PFP Cybersecurity, a Washington, D.C.-based cybersecurity startup, is taking a unique approach to detecting malware and threats within the IT supply chain as well as critical infrastructure such as industrial control systems.
According to the company, its anomaly-based detection technology uses changes in the pattern of power consumption or RF radiation, in order to detect a potential a security breach. By first creating a baseline by reading power fluctuations of a system under normal usage, and then through continuous monitoring, the startup claims that it can detect threats in milliseconds.

Does the RIAA know about this? Should they be offering incentives to achieve the same thing here?
Norway Has Figured Out How To Solve The Problem Of Music Piracy
New data from Norway reveals that music piracy has completely collapsed in the country. Music Business Worldwide is reporting that the country has hit upon a way to rely on streaming to encourage residents to enjoy music legally.
… In five years, the number of people admitting to illegally downloading files online has gone from 80% of survey respondents to just 4%. The survey also revealed that less than 1% of young people in Norway said that illegal downloads were their main source of music.
The IFPI says that income from streaming sites in Norway increased 60% from 2012 to 2013, and streaming accounts for 65% of Norway's music market. That's a big difference from other countries. The IFPI estimates that 27% of global digital music revenue comes from streaming services.
Streaming services like Spotify, Tidal and WiMP are big business in Norway, and it's these companies that the IFPI credits with reducing piracy. "We are now offering services that are both better and more user-friendly than illegal platforms," Thorge said.

Eventually, Putin's approval rating will fall. Won't it?
One-Fifth Of Russian Banks Could Collapse In 2015
The Russian banking sector is facing an annus horribilis with as many as 20% at risk of folding as the country's economic crisis takes its toll.
The Center for Macroeconomic Analysis and Short-Term Forecasting estimates that as many as 200 banks face collapse this year as a combination of bad loans and falls in the value of the ruble punish small- and mid-sized firms, Russian business daily Vedomosti reports.
Yesterday Russia's sovereign debt rating was downgraded to junk in a move that is likely to raise the cost of refinancing for these companies. To compound the problem, the move sent the ruble tumbling again to below 67 rubles to the dollar.

(Related) The joys of a managed economy? I thought that had been totally debunked years ago. An article well worth reading.
When Do Regulators Become More Important than Customers?

For my Big Data collection. A perfect dataset for my students to run through Gapminder?
IMF Offers Free Access to Its Online Economic Data
“The International Monetary Fund has launched a new platform to support its move to free data and to improve online global statistical dissemination. The new portal enables bulk data downloads and introduces dynamic visualization to showcase datasets that became available free-of-charge on January 1, 2015. The platform will help users better query, visualize, download, and share data. The databases include International Financial Statistics, Balance of Payment Statistics, Government Finance Statistics, and Direction of Trade Statistics. These will complement other free datasets available on the new platform. The data platform provides greater flexibility to perform dynamic data visualizations, including across time series and countries. The platform strengthens the narrative and analysis of any data and allows users to customize their data experience. The IMF will run its existing data portal located at alongside the new portal located at in parallel for three months to help transition existing users to the new platform. Users will be guided through the change via self-help tools, including training materials and a new self-service online knowledge repository with data and methodology, frequently asked questions, and technical details.”

For my Risk management students, but some interesting Data Visualization too.
Global Risks 2015 – World Economic Forum
“The 2015 edition of the Global Risks report completes a decade of highlighting the most significant long-term risks worldwide, drawing on the perspectives of experts and global decision-makers. Over that time, analysis has moved from risk identification to thinking through risk interconnections and the potentially cascading effects that result. Taking this effort one step further, this year’s report underscores potential causes as well as solutions to global risks. Not only do we set out a view on 28 global risks in the report’s traditional categories (economic, environmental, societal, geopolitical and technological) but also we consider the drivers of those risks in the form of 13 trends. In addition, we have selected initiatives for addressing significant challenges, which we hope will inspire collaboration among business, government and civil society communities.”

For my next Spreadsheet class. Things my students should not waste their time replicating!
7 Fun & Weird Things You Can Create With Microsoft Excel

For my students. Imagine what could happen if you could learn how this worked?
How to Become an Online Celebrity---and Get Paid for It
Some top bloggers can rake in an income of $100,000 a year from advertising that appears on their blog. On Twitter, an influential name can command $100 for writing a tweet mentioning a sponsor’s product, while a YouTube sensation can get $25,000 for making a video that talks about an advertiser.

(Related) Maybe my students will get rich this way...
The App Economy Is Now 'Bigger Than Hollywood'
… While reading a self-laudatory Apple press release, the technology business analyst Horace Deidu found something remarkable: The iOS App Store distributed $10 billion to developers in 2014, which, Deidu points out, is just about as much as Hollywood earned off U.S. box office revenues the same year.
Working from that data, Deidu makes a startling provocation:
Although the totals for Domestic (U.S.) Box Office are not the complete Hollywood revenues picture, Apple’s App Store billings is not the complete App revenue picture either. The Apps economy includes Android and ads and service businesses and custom development. Including all revenues, apps are still likely to be bigger than Hollywood.