Saturday, April 18, 2015

This is one of those “We can, therefore we must” lawsuits. I'm hoping the court agrees with me that the mantra should be, “We can, but we should probably check with a lawyer before we do.”
There’s an update to a case I’ve been following on this blog since May, 2011 when Crystal and Brian Byrd first sued Aaron’s Inc. and Aspen Way. Their lawsuit encountered a number of obstacles along the way, but now it looks like it will go forward.
Atlanta Business Chronicle reports:
Class action alleging Aaron’s Inc. and a franchisee secretly collected thousands of computer webcam photos, screen shots and keystroke logs of customers will go forward, a federal appellate court has ruled.
You can access the Third Circuit Court of Appeals’ opinion here, and find previous coverage on this site by searching for “Byrd Aaron’s.”

For my Ethical Hacking students. This is not a “Get out of jail free” card.
New bill would protect security research hacking
Sen. Ron Wyden (D-Ore.) and Rep. Jared Polis (D-Colo.) introduced a bill Thursday that would exempt responsible hacking from prosecution under existing copyright law.
The security and academic community has long worried they could face legal action for basic research, which often involves examining computer networks in a way that may technically run afoul of the Digital Millennium Copyright Act (DMCA).

Should every company do this? You can't do much on the Internet without attracting users from the EU or other locations with unique privacy laws.
Mark Wilson reports:
Twitter has updated its privacy policy, creating a two-lane service that treats US and non-US users differently. If you live in the US, your account is controlled by San Francisco-based Twitter Inc, but if you’re elsewhere in the world (anywhere else) it’s handled by Twitter International Company in Dublin, Ireland. The changes also affect Periscope.
What’s the significance of this? Twitter Inc is governed by US law, it is obliged to comply with NSA-driven court requests for data. Data stored in Ireland is not subject to the same obligation.
Read more on BetaNews.

They may want to rethink this one, but Unions have lots of political clout.
Court: Union not responsible for Facebook threats
A federal court on Friday ruled in favor of the National Labor Relations Board (NLRB) arguing that it could not force unions to take down Facebook posts threatening workers for crossing a picket line.
Unlike in some public settings, a union is not responsible for the behavior of its members on a private online Facebook page, a three-judge panel on the U.S. Court of Appeals for the D.C. Circuit declared.
… In the comments, some union members criticized workers who crossed the picket line. One post, for instance, asked a rhetorical question about whether people on strike could “bring the Molotov Cocktails” to the hotel where “scabs” were staying.
The union as a whole did not endorse the posts, and the Facebook page could only be accessed by members of the union.
… However, the labor board’s acting general counsel issued a complaint claiming that the union had a “duty to disavow” the critical Facebook posts, just like it would have an obligation to disown misconduct on the actual picket line. Under the law, a labor union is responsible for the misbehavior of its members while they are on the picket line, unless it disavows it.
The Facebook page was merely “an electronic extension” of the picket line, the acting general counsel argued.
An administrative law judge rejected that argument and ruled in favor of the union.
On Friday, the appeals court agreed, saying that the private nature of the Facebook page made it different than a public picket line.

Well, maybe. Aren't most of their systems already monopolies?
Government lawyers don’t want Comcast and Time Warner Cable to merge
Antitrust regulators want to block the proposed megamerger between Comcast and Time Warner Cable , Bloomberg reported Friday.
… Consumer advocates have argued that the deal would reduce competition in the cable marketplace by putting too much power in the hands of a single company, allowing it to raise prices and exploit the public.
Justice Department officials may have reached the same conclusion, according to the Bloomberg report.
… When reached for comment by Fortune, a spokesperson for Time Warner Cable disputed the Bloomberg report, saying that regulators did not seem likely to recommend against the deal. “We’ve had no indication from the DoJ that this is true,” the spokesperson said.

In case you ever wanted to drive the Trans-Canada highway. Download a copy today!
New official map of Canada published online by the government
by Sabrina I. Pacifici on Apr 17, 2015
“This map (MCR 102) is the latest publication in the Atlas of Canada Reference Map Series. It is an update to the 1:6 000 000 paper map of Canada published in 2006. International, provincial and territorial boundaries and the 200-mile offshore Exclusive Economic Zone (EEZ) are featured on the map. All the national parks and reserves are shown including the Nááts’ihch’oh National Park Reserve of Canada, Northwest Territories, and Sable Island National Park Reserve of Canada, Nova Scotia, two of the most recently established parks. Major roads, railways and ferry routes are also depicted with the Trans-Canada Highway clearly represented across Canada from the Atlantic to the Pacific coasts.
… Published April 15, 2015.

Laughs come free with the job.
Hack Education Weekly News
Via The Toronto Star: “Toronto’s public school board hid a camera in the office of a principal suspected of misconduct, putting him under surveillance for ‘months’ before a caretaker found the device in a clock, says the Ontario Principals’ Council in an email to all Toronto administrators.” [Bad choices? Bob]
… Shocking, I know, but LAUSD is “‘extremely dissatisfied’ with the work of Pearson on its technology initiative.” Local NPR affiliate SCPR reports that the district is asking for a refund from Apple for the Pearson software that came bundled with its massive iPad purchase.
Blackboard has acquired Moodle hosting/consulting company Remote Learner UK. Terms of the deal were not disclosed.
… “Tutors aren't just for underachieving kids anymore,” according to Macleans. “They're the new normal.” Considering the story highlights parents who spend $700 to $800 a month on tutoring, I do have questions about who exactly can afford “normal.”

Trendy software for teachers.
How to Create a Short Flipped Lesson With Vialogues
Vialogues is a free service that allows you to build online discussions around videos hosted online and videos that you have saved on your computer. Registered users can upload videos to Vialogues or use YouTube videos as the centerpieces of their conversations. In the video embedded below I provide a short overview of how Vialogues works.
Vialogues could be a great tool to use to publish questions for your students to answer while they are watching a video that you have created or found online. You could also use the comments in Vialogues to simply call attention to a specific point made in a video. I'm thinking that I would write comments like, "make sure you know this when you write your essay."

Friday, April 17, 2015

Won't Sony be pleased. It's not bad enough that the hackers have your data, now consider the risk if everyone has your data.
Wikileaks has published the complete Sony leaks in a searchable database
Today, Wikileaks published a database of all of the data leaked from Sony Pictures in last year's hack, comprising 173,132 emails and 30,287 separate documents. The documents contain private legal opinions as well as sensitive conversations between executives, many of which were the subject of reports in the wake of the hack. "This archive shows the inner workings of an influential multinational corporation," WikiLeaks founder Julian Assange said in a statement. "It is newsworthy and at the centre of a geo-political conflict. [Did I miss something? I'd categorize the North Korea kerfuffle as business as usual. Bob] It belongs in the public domain. WikiLeaks will ensure it stays there."

For my Computer Security students. Plan, to avoid being caught in this trap!
The Rise of Cyber Extortion
Cyber extortions have taken on multiple forms, all focused on data – encrypting data and holding it hostage, stealing data and threatening exposure, and denying access to data:
Denial-of-service attacks
Holding sensitive data hostage
Holding AWS accounts hostage
As long as companies continue to pay ransoms when attacked, we should expect cyber extortion to continue in 2015.

Any country could pose a threat. The trick is knowing if you can handle it.
Iran Poses Growing Cyber Threat to US: Study
Iran poses a growing threat to America's computer networks and has launched increasingly sophisticated digital attacks and spying on US targets, according to a new report released Thursday.
Iran's far-reaching hacking efforts indicate the regime is searching for vulnerable infrastructure that could be hit in future cyber assaults, said the study by private cyber security company Norse and the American Enterprise Institute think tank.
The study cited data from a network of millions of sensors set up by Norse. The sensors are designed to look like real websites or other computer systems -- for banks or power plants -- that might attract the interest of a hacker.
The data showed Iran was staging cyber assaults and probes from inside Iran as well as outside the country.

For my Ethical Hacking students. A downside of the Internet of Things You Don't Actually Own Yet.
Troy Wilde reports:
Nevada lawmakers are considering legislation that would allow lenders to remotely shut off a person’s vehicle if he or she is a borrower late with their loan payment.
Assembly Bill 228 authorizes a person who finances the sale or lease of a motor vehicle to install a device which can be used to remotely locate or disable it.
Read more on Public News Service. The bill already passed committee and will likely be voted on by the full Assembly in the next few days.
And yeah, what could possibly go wrong?

Another example of “Think before you Tweet!” Not everyone shares your sense of humor.
Really, FBI, I know you’re under heavy criticism and all, but you need to lighten up sometimes.
Within 5 minutes of security expert Chris Roberts (@sidragon1) lightheartedly tweeting on a plane:
Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? “PASS OXYGEN ON” Anyone ?
Rafał Łoś (@RafalLos) jokingly responded:
…aaaaaand you’re in jail.
Nine hours later, we learned that Rafal Los’s prediction was amazingly close to what happened, as Chris tweeted:
and you are right….. 4 hours of discussions and I now no longer have any electronics
Not surprisingly, Chris declined to provide his decryption keys. As of this morning, he is still without his electronics and the feds have yet to provide a warrant.
Fox News has a write-up on the incident, here.
[From the article:
Chris Roberts of the Colorado-based One World Labs, a security intelligence firm that identifies risks before they're exploited, said two FBI agents and two uniformed police officers pulled him off a United Airlines Boeing 737-800 commercial flight Wednesday night just after it landed in Syracuse, and spent the next four hours questioning him about cyberhacking of planes.
… Wednesday night, FBI agents confiscated Roberts’ numerous electronic devices and computer files including his laptop and thumb drives and demanded he give them access to his data. They wanted to forensically image his laptop, but it is a company-owned asset with client information, research and intellectual property, some of which is sensitive in nature and encrypted.
So after consulting with his CEO, Roberts told the agents they would need a warrant, something they still have not presented.
… “You have one element in the FBI reaching out to people like me for help, but another element doing a hell of a job burning those bridges,” Roberts said.

For my Ethical Hacking students.
Andy Greenberg reports:
Hackers have for years bought and sold their secrets in a de facto gray market for zero-day exploits—intrusion techniques for which no software patch exists. Now a new marketplace hopes to formalize that digital arms trade in a setting where it could flourish: under the cover of the Dark Web’s anonymity protections.
Over the last month, a darknet marketplace calling itself TheRealDeal Market has emerged; it focuses on brokering hackers’ zero-day attack methods. Like the Silk Road and its online black market successors, TheRealDeal uses the anonymity software Tor and the digital currency bitcoin to hide the identities of its buyers, sellers, and administrators. But while some other sites have sold only basic, low-level hacking tools and stolen financial details, TheRealDeal’s creators say they’re looking to broker premium hacker data like highly sought-after zero-days, source code, and hacking services. In some cases, these are offered on an exclusive, one-time sale basis.
Read more on Wired.

The debate continues. So, when should a smartphone search be allowed?
Johanna Miller, the advocacy director for the New York Civil Liberties Union, writes:
A student’s cell phone isn’t a wallet or hairbrush. Its contents can be as personal as a diary.
In a Texas school district, for example, a teacher seized a student’s phone and searched her text-message history, discovering a private nude photograph she had sent to a friend. The teacher then shared the phone with the school district police officer.
And to make matters worse, the student got in trouble — she was suspended for 30 days because of “incorrigible behavior.”
In New York City, it’s a relief that the Michael Bloomberg-era ban on cell phones in city schools is over. For nearly a decade, the ban imposed needless burdens on kids and parents and served as an unnecessary flashpoint for confrontation between students and school staff.
But now that Mayor de Blasio is finally allowing city schools to catch up to the reality of the digital age, horror stories like the one in Texas show privacy protections for students must catch up in tandem.
Read more on the NY Daily News. Miller outlines some good suggests for setting standards and policies. Significantly, she rightly points out that constitutional rights do not vary from school to school and it should not be up to individual schools to decide under what conditions they can search a student’s cellphone.

(Related) A change of tune... (“It is wrong” would be sufficient.)
Dave Madsen reports:
WILBRAHAM, Mass (WGGB) — Protecting a student’s right to privacy. The Hampden Wilbraham Regional School Committee saying no to giving the company that oversees PARCC testing access to student’s (sic) social media accounts.
School committee members taking a stand for student’s rights to privacy. In a letter to the Massachusetts department of elementary and secondary education, Marc Ducey, chair of the regional school committee says, “It violated their privacy and is a slap in the face to our test proctors who are diligent in ensuring the test environment is protected. It is wrong.”
Read more on WGGB.

For my Disaster Recovery students.
RUMOUR: the Bloomberg outage was caused by a spilled can of Coke
Bloomberg terminals went down for nearly two and half hours on Friday and the cause is yet to be officially confirmed.
However, a source that works in the markets told Business Insider that the current rumour circulating around Bloomberg's London newsroom and television studio is that it was caused by "someone spilling a can of coke on a server somewhere."

A little light reading for my Data Management students. You know haw to gather data, how do you push it back out?
10 Tactics for Launching a Product Using Social Media

Should I be using this? I think it would just be redundant but it might be a fun way to spring “Pop Homework” on my students: “Read this article and write a short paper describing how their security failed. See you tomorrow!”
WhatsDue - Schedule and Send Reminders to Students
WhatsDue is a free service (available for Android and iOS) that enables teachers to create and send due date reminders to their students. Students receive the reminders as push notifications on their iOS and or Android devices.
Here's how WhatsDue works. First, the teacher registers for a free account on the WhatsDue website and creates a class or classes. Each class is assigned its own unique join code. Teachers then invite students and parents to join the class through the join code. Once students have joined the class they will begin receiving due date reminders on their mobile devices.
Teachers can create multiple classes and schedule multiple reminders for each class from one dashboard on the WhatsDue website. Students opening WhatsDue on their iPhones or Android phones will see reminders of approaching due dates and past due dates.
If you have been leery of using other reminder systems because of privacy concerns with phone numbers or two-way communication, WhatsDue might be for you. It doesn't require phone numbers and it doesn't have two-way communication. It also allows students to be reminded of assignments on a schedule that works for them. For example, they can set the app to remind them of assignments a day before or a couple of hours before an assignment is due.

Thursday, April 16, 2015

It's gonna keep on happening because their computers are not adequately protected. Nor are the backed up apparently.
AngelaJean Chiaramida reports:
A nasty computer virus that had some of the hallmarks of a “ransomware” attack hobbled the Salisbury Fire Department recently, destroying computer files and temporarily forcing staffers to resort to pen and paper.
The Salisbury Fire Department’s problem began about two weeks ago, when Souliotis’ desk computer started acting strangely when he went to use it that morning. He went through the normal procedure used by just about everyone when computers aren’t working right.
“We shut down the computer so we could reboot,” he said. “When we turned it back on, it just started to download a ton of stuff.”
The department called in its computer consultant, who went to work, Souliotis said, but nothing good resulted.
I lost every (computer) document I ever had,” he said. “It’s unbelievable. Who would ever think someone would do that.”
Read more on Newburyport News.

This was much cheaper than I had predicted. I wonder how much this represents per re-issued card? Was the rest covered by insurance?
Anne D’innocenzio and Marley Jay of AP report:
Target and MasterCard say they’ve agreed to settle lawsuits over the discounter’s pre-Christmas 2013 massive data breach.
Target said late Wednesday it has set aside up to $19 million for banks and credit unions issuing MasterCards that were caught in the data breach that compromised 40 million credit and debit card accounts between Nov. 27 and Dec. 15, 2013.
MasterCard Inc. said the money will be available to banks and credit unions for operating costs and fraud-related losses on cards believed to have been affected. The settlement will go into effect if at least 90 percent of eligible issuers accept the offer by May 20.
Read more on ABC.

Something for all my students to watch, not just the Computer Security students.
From the National Film Board of Canada (NFB):
An eye-opening personalized look at how online data is being tracked and sold.
Starting April 14, the online interactive documentary series Do Not Track will show you just how much the web knows about you―and the results may astonish you.
Conceived and directed by acclaimed Canadian documentary filmmaker and web producer Brett Gaylor, the 7-part series Do Not Track is an eye-opening look at how online behaviour is being tracked, analyzed and sold―an issue affecting each of us, and billions of web users around the world.
Read more on NFB. The first two episodes are already available.

Would lawyers do this to each other? I'm shocked! (Would lawyers typically scan the data delivered in discovery?)
Bill Bowden reports:
A lawyer representing three Fort Smith police officers in a whistleblower case said Monday that someone tried to hack into his computer by giving him an external hard drive contaminated with malicious software.
Matthew Campbell of the Pinnacle Law Firm in North Little Rock has been representing three current and former Fort Smith police officers in the lawsuit since January 2014.
Campbell had requested emails from the Fort Smith Police Department, and Sebastian County Circuit Judge James O. Cox ordered on May 9, 2014, that they be provided to Campbell as part of discovery in the case.
Campbell said he became suspicious when Douglas Carson, the attorney representing Fort Smith and its Police Department, sent him the computer hard drive in June 2014 by Federal Express. Normally, Campbell said, the defendants had provided him with requested documents via email, the U.S. Postal Service or through a cloud-based Internet storage service.
Mueller told Campbell the hard drive contained four “Trojans,” one of which was a duplicate.

Nothing resolved yet, but at least they articulate some core principles. Perhaps some good will come from this?
Toward a Social Compact for Digital Privacy and Security
by Sabrina I. Pacifici on Apr 15, 2015
Global Commission on Internet Governance -“The Global Commission on Internet Governance (GCIG) was established in January 2014 to articulate and advance a strategic vision for the future of Internet governance. In recent deliberations, the Commission discussed the potential for a damaging erosion of trust in the absence of a broad social agreement on norms for digital privacy and security. The Commission considers that, for the Internet to remain a global engine of social and economic progress that reflects the world’s cultural diversity, confidence must be restored in the Internet because trust is eroding. The Internet should be open, freely available to all, secure and safe. The Commission thus agrees that all stakeholders must collaborate together to adopt norms for responsible behaviour on the Internet. On the occasion of the April 2015 Global Conference on Cyberspace meeting in The Hague, the Commission calls on the global community to build a new social compact between citizens and their elected representatives, the judiciary, law enforcement and intelligence agencies, business, civil society and the Internet technical community, with the goal of restoring trust and enhancing confidence in the Internet.

One big measure for the student loan folks is completion rates. They seem reluctant to loan students money if they want to attend a school where higher percentages of student drop out. We try to give students every opportunity to succeed. Do we sometimes go too far?
Sophie Quinton writes:
At Georgia State University, algorithms alert advisers when a student falls behind in class. Course-planning tools tell students the classes and majors they’re likely to complete, based on the performance of other students like them. When students swipe their ID cards to attend a tutoring or financial-literacy session, the university can send attendance data to advisers and staff.
Colleges are analyzing all kinds of student data to figure out who needs extra support and when advisers and faculty should intervene. But as technology advances, and students’ offline and online lives become more intertwined, data analytics—particularly, predictive analytics—may raise more ethical questions.
Read more on The Atlantic.

Perspective. It may take 20 years for the full impact of a technology to be realized, and you never know for sure what the impact will be.
Until a few years ago, three-quarters of people in sub-Saharan Africa were cut off from the financial system. They had no relationship with a bank, making it difficult to send and receive money, or to get credit. But then a new, cheap device came along and quickly began improving the financial lives of millions of people. In a short span of time, mobile phones have radically altered personal finance in the region.
Twelve percent of all adults in sub-Saharan Africa use their phones for non-bank financial transactions, by far the highest rate of any region in the world, according to a report released Wednesday by the World Bank.
… Financial inclusion means having an account of some sort, either at a traditional institution like a bank or credit union or through a mobile money account. (Mobile money accounts are phone-based services, untethered to a financial institution, for paying bills and sending cash.) Either method allows people to pay bills more efficiently; to send and receive remittances; and to take the first step toward accessing credit to make larger purchases or start a business.

Perspective. It's not always easy to get the money.
Who Are The Scammers? Following The Money Stolen as Online Fraud

I have tried to explain why C-level salaries are so high. This is merely one reason.
A Spot in the C-Suite? Most Employees Say, 'No Thanks'
… A new survey by Saba, a talent management solutions provider, and HR research and advisory service found that only 11 percent of global employees want C-level positions. This is concerning for companies, whose current baby boomer executives are quickly approaching retirement age — and the effects of this "leadership gap" are already being felt. About one-third of human resource professionals surveyed said that their organization is struggling to find candidates for senior leadership roles, and nearly half said that leadership is the hardest skill to find in employees.

Once upon a time, billion dollar IPOs didn't sneak up on me.
Etsy Makes A Ticker Name For Itself; Valued At $1.8 Billion
Etsy, which has crafted an authentic brand out of its homespun ethos and given artisans of the maker movement a cookie-cutter path to distribution and, sometimes, sustainability or more, priced its IPO yesterday at $16 a share, adding up to a market valuation of $1.8 billion.

For my Data Management students who seem reluctant to create accounts on social media! Isn't that abnormal in today's world? (Perhaps I'm thinking of a younger crowd.)
Twitter Redesigns Homepage to Lure More Users
Twitter on Wednesday is giving its homepage a facelift to encourage visitors to try the service without logging in—possibly creating a new non-user audience that can still be served ads.

It's better than binge drinking...
Amazon Streams Orphan Black for Free
Assuming you have 10 hours to spare on Friday (April 17), you can watch every episode of Season 1 of Orphan Black thanks to Amazon. The online retailer is streaming the series for free 12:01 am to 11:59 pm (PDT) in order to promote Season 3, which is starting on BBC America this weekend.
Orphan Black is a rather strange mix of science fiction, drama, and comedy, which has built a cult following on both sides of the pond. It’s certainly worth watching for free, but you should probably read our short guide to binge-watching in order to prepare beforehand.

Wednesday, April 15, 2015

A very strange thing to say – unless of course it's budget time.
US Military Not Ready to Wage Digital Attack: Official
The US military is well equipped to defend the country against cyberattacks but is not yet ready to wage digital warfare, a senior defense official told lawmakers on Tuesday.
The military's cyber command, created in 2009, lacks the means to lead an offensive campaign in a fast-moving digital conflict, said Eric Rosenbach, the Pentagon's principal adviser on cyber security.
His comments were unusual because officials previously have suggested the military was ready to lead an offensive digital campaign if necessary.
Rosenbach told senators there was no shortage of resources or funding for cyber command but there were technical and manpower problems that had to be tackled.

Trust no one! (Can millions of PowerBall, MegaMillions, etc. losers sue to recover the cost of their tickets?) As I tell my Computer Security students, conversion (getting the cash) is the hardest part of computer thefts.
US lottery security boss charged with fixing draw
Eddie Raymond Tipton was the security director for the Multi-State Lottery Association when he was arrested in January by the Iowa Division of Criminal Investigations.
Prosecutors said he had been caught on CCTV buying the winning ticket. The $14.3m (£9.5m) prize was never claimed.
… The offline computer is housed in a glass room and in theory can only be accessed by two people at the same time. It is also constantly monitored by a video camera.
It is alleged Mr Tipton used his position as security director to change the video camera settings and record only one second in every minute. This would have given him enough time to enter the room and plug a thumb drive into the computer.
… The court filings suggest there was an attempt to claim the prize just hours before it was scheduled to expire by a company incorporated in Belize.

Emails are expensive. They may cost you your job.
Email Phishing Attacks Take Just Minutes to Hook Recipients
If you work in IT security, you’ve got one minute and 20 seconds to save your company from being hacked. This is not a drill. It’s the median time it takes for an employee to open a phishing email that lands on a company’s network and in their inbox, setting in motion a race to prevent data from leaking. That’s according to the new Verizon Breach Investigations Report,
… Verizon noted that 23 percent of recipients open phishing messages. But simply opening an email won’t necessarily install malware on a machine. More dangerous are the 11 percent of recipients who go so far as to click on malicious attachments.
… “Unfortunately, the proportion of breaches discovered within days still falls well below that of time to compromise,” Verizon notes in the report.
Typically, it takes months if not years to uncover a breach. In 2012, for example, FireEye reported that the average cyberespionage attack continued unabated for 458 days before the victim discovered the hack. Prior to this, it was normal to find attackers had been in a network two or three years before discovery.

Another security report.
Report Explores Evolution of Targeted Attack Tactics in 2014
As user habits evolve, so do the tactics of attackers. It should come as little surprise then that as enterprises upgraded to newer versions of Windows in 2014, the amount of 64-bit Windows malware being used in attack campaigns increased as well.
According to researchers at Trend Micro, this is just one example of how targeted attacks are evolving with the times.
"Government agencies remained the most favored attack targets in 2014," Trend Micro blogged. "In the second half of the year, we saw a spike in the number of attacks that targeted hardware/software companies, consumer electronics manufacturers, and health care providers."
The full report can be read here.

Coming soon to a law school near me?
Pablo Palazzi writes that providing data protection courses in law school is a growing trend in Latin America. Of note,
In Chile there is a seminar taking place on April 22 and 23 in the School of Law of University of Chile, in Santiago (Chile).
This year I will be teaching for the first time a data protection seminar in San Andres University. It is an eight week course designed to cover the general principles of privacy and data protection plus some special sectors like telecom, internet, credit reporting and marketing. The course is part of a Program of Internet law that we are unveiling this year in the School of Law of San Andres University and that will cover also other courses.

The medium is the message but not the person? Perhaps a bit more legal research is indicated? (Digest Item 1)
Judge Rules Against Content Owners
A District Court Judge in Florida has dealt a serious blow to content owners going after people pirating their movies. These filmmakers and movie studios have long argued that an IP address is evidence enough that someone has pirated a movie. But Judge Ursula Ungaro fundamentally disagrees with this assumption.
According to TorrentFreak, Judge Ungaro refused to issue a subpoena against someone accused of pirating action flick Manny based on nothing other than their IP address. When she asked the company bringing the claim to explain their thinking, they argued that doing anything other than granting a subpoena would set a “dangerous precedent.” They also suggested that “all other courts” have accepted the notion that an IP address equates to a person.
In response to these assertions, Judge Ungaro referenced other cases where courts have ruled against IP addresses being sufficient evidence, and dismissed the case against one particular IP address. Which is a small but significant victory against copyright trolls who maintain you’re guilty until proven innocent.

Perspective. My students have never known otherwise (even if they don't know who Moore is)
Report – 50 Years of Moore’s Law
by Sabrina I. Pacifici on Apr 14, 2015
SPECIAL REPORT: 50 Years of Moore’s Law The glorious history and inevitable decline of one of technology’s greatest winning streaks, IEEE Spectrum – “Fifty years ago this month, Gordon Moore forecast a bright future for electronics. His ideas were later distilled into a single organizing principle—Moore’s Law—that has driven technology forward at a staggering clip. We have all benefited from this miraculous development, which has forcefully shaped our modern world. In this special report, we find that the end won’t be sudden and apocalyptic but rather gradual and complicated. Moore’s Law truly is the gift that keeps on giving—and surprising, as well.”

I found this on Google News.
This is the most brutal quote from the EU investigation into Google's alleged monopoly
If you want to get an idea of just how negatively the European Commission on competition sees Google right now, then skip to this section of its statement on how it believes Google handles online shopping search results.

There's no way Google is going to pay Europe a $6 billion fine
… The EU probably wants Google to make a simple change
Margrethe Vestager, the member of the European Commission who issued its statement of objection, said that the Commission doesn't want to interfere with Google's design or search algorithm. Instead, it just wants the company to put the relevant shopping results at the top of its search pages — whether they're from Google or not.

I guess we can't have nice things!
Segway bought by Chinese rival Ninebot

For all my students. Should everyone have this App on their phones for emergencies?
FireChat: How to Chat Without Wifi or a Signal
Slow connection? Can’t find Wi-Fi? No problem! The FireChat app allows users to stay connected off the grid.
… Traditionally, users sent messages to each other through data or Wi-Fi networks. The messages are sent through a mobile network to a hotspot or cell phone tower. The data sent through to these data towers or Wi-Fi hotspots are then relayed through a centralized network and eventually the messages or data is received. During all of this data transfer period, your VPN is tracked. Though you can use a VPN service to protect your mobile data, information about your network can be tracked.
If you’re not sure how it works, read this excellent article on how to add security to your connection with a VPN.
Unlike most chatting apps, the FireChat app doesn’t rely solely on Wi-Fi or data – it doesn’t even need a hotspot or centralized mobile network to relay data. Instead, the app relies on peer-to-peer connections through wireless mesh networking via Bluetooth or Wi-Fi, technology built in the phone. As long as the FireChat users are within 100 feet of each other, they can connect and share massages.
Additionally, the ability to receive and request data without a centralized mobile network allows users of the FireChat app to stay “off the grid” and remain anonymous.
[Available for bot iOS and Android:

Tools for my students.
5 Minimalist RSS Readers Still in the News Feed Game
… the numbers show that RSS is still alive and will remain that way for years to come.
Plenty of alternatives to Google Reader have sprung up since its demise, but many of them are packed with too many features. Others, like Feedly, are still popular despite some shady history. But what if you want something simpler? A reader that delivers news without any distractions?
That’s when we turn to minimalistic RSS readers, which may not be so popular but are definitely worth trying. Here are a few that might work well for you.

Just because... (Digest Item6)
Stephen Hawking Does Monty Python
And finally, it’s not every day you see a theoretical physicist singing a Monty Python song. But today is that day. The theoretical physicist in question is none other than Stephen Hawking, and the Monty Python song he’s singing is Galaxy Song from The Meaning of Life.
Hawking has a close association with Python, having appeared in their live shows in London last year. But it’s still surprising to see and hear him performing Galaxy Song. This cover version is being released on digital and vinyl this weekend. Why? Why not?!

Tuesday, April 14, 2015

For my Computer Security and Ethical Hacking students: business is good!
Global cyberattacks on big business up 40 percent in 2014
Cyberattacks and cybercrime against large companies rose 40 percent globally in 2014, according to Symantec's annual Internet Security Threat study published Tuesday.
Five out of every six large companies – those with over 2,500 employees – were targeted with spear-phishing attacks or e-mail fraud in 2014, up 40 percent on year, the report showed. Attacks on small- and medium-sized companies, which accounted for 60 percent of targeted attacks, increased 26 and 30 percent, respectively.
… ransomware attacks, which restrict access to the computer systems they infect, increased 113 percent, driven by an over 4,000 percent increase in crypto-ransomware attacks.

(Related) What will you do when the hackers turn out the lights?
Attacks Against SCADA Systems Doubled in 2014: Dell
Cyber attacks against supervisory control and data acquisition (SCADA) systems doubled in 2014, according to Dell’s annual threat report, released Monday.
Dell SonicWALL saw global SCADA attacks increase against its customer base from 91,676 in January 2012 to 163,228 in January 2013, and 675,186 in January 2014.
Whereas the motive behind data-focused attacks is typically financial, SCADA attacks tend to be political in nature, since they target operational capabilities within power plants, factories, and refineries, rather than credit card information, Dell said.
… “Because companies are only required to report data breaches that involve personal or payment information, SCADA attacks often go unreported,” Dell said in its report. “As a result, other industrial companies within the space might not even know a SCADA threat exists until they are targeted themselves.”
A recent report published by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) showed that while ICS vendors have been targeted by various types of malicious actors, over half of the attacks reported to the agency in 2014 involved advanced persistent threats (APTs).
The full report is available online in PDF format.

I remember reaching the same conclusion in one of my MBA classes. Everyone else was trying to work around a hypothetical change in law, I found it much cheaper in the long run to move out of France.
Zack Whittaker reports:
A number of prominent French tech companies are threatening to pull out of the country in the wake of the introduction of a bill that they argue will put the entire French population “under surveillance.”
Seven companies, including web hosting and technology companies OVH, IDS, and Gandi have said in a letter to the French prime minister Manuel Valls that they will be pushed into de facto “exile” if the French government goes ahead with the “real-time capture of data” by its intelligence agencies.
Read more on ZDNet.

For my Statistics and Analysis students.
Here’s What Scientists Learned In The Largest Systematic Study Of Email Habits
… Even though email has been around for about two decades, researchers didn't have a good idea of how people were using it. For example, what is the average number of emails a person receives? Do people get overwhelmed by too much email? How long do threads go on?
To answer these questions, researchers from Yahoo labs looked at emails of two million participants who sent more than 16 billion messages over the course of several months--by far the largest email study ever conducted. They tracked the identities of the senders and the recipients, the subject lines, when the emails were sent, the lengths of the emails, and the number of attachments. They also looked at the ages of the participants and the devices from which the emails were sent or checked.
They found that the length of a reply and the number of messages sent in a thread were so predictable that algorithms could anticipate it very accurately. Younger people send faster, shorter replies, and men send shorter messages than women. Unsurprisingly, people respond more quickly to messages sent during working hours, and their responses are longer then, too. Emails tapped out on mobile devices were shorter. The more email a person received, the smaller percentage of messages they responded to, and those responses were shorter.

Should amuse my Data Management students to see that their Analysis will have to be “pushed” to mobile devices.
5 Mobile Trends That Are Changing the Way Business Is Done (Infographic)
… According to the Pew Research Center, 64 percent of Americans have a smartphone, up from 35 percent in 2011.
As those numbers continue to rise, an infographic from HR services company Randstad Technologies details some of the mobile trends to watch out for.
… For more on how businesses will work to reach their ideal customers, check out the infographic below.

Homogenizing EU laws? Summarized in one page.
Fair Copyright Reform for Libraries and Archives in Europe
by Sabrina I. Pacifici on Apr 13, 2015
The London Manifesto: “Fair copyright across Europe is essential. Without it we will fail to adequately support research, innovation and growth, and hinder the ambition for a digital single market. With it we will better foster knowledge across borders, meet the needs of disabled people and take full advantage of the digital age. We are calling for fair copyright that is fit for purpose and will benefit every European citizen.”

For when my students ask, “Why?”
The Economy Goes to College: The Hidden Promise of Higher Education in the Post-Industrial Service Economy
by Sabrina I. Pacifici on Apr 13, 2015
College-Educated Workers Now Produce More Than Half of the Nation’s Annual Economic Value, According to New Georgetown University study: “The findings contradict the fear that good manufacturing jobs of the past are being replaced with low – paid, dead-end service jobs (Washington, D.C., April 13, 2015) – College-educated workers make up only 32 percent of the workforce but now produce more than 50 percent of the nation’s economic output, up from 13 percent in 1967, according to a detailed historical analysis of industry data by the Georgetown University Center on Education and the Workforce. The dramatic increase in the economic value generated by college-educated workers is directly linked to the rise of a college-educated service economy. The Georgetown study finds that the mass production of standardized goods and services has been replaced by more complex consumer demands that include quality, variety, customization, convenience, production speed, innovation, and novelty. College-educated workers and flexible technologies have allowed the United States to achieve this rich mix of economic value at reasonable prices. The study also provides an explanation for the collapse of high-wage manufacturing jobs that on offered opportunity to high school graduates and the rise of an even greater number of high-wage service jobs that require college degrees. Since the end of World War II, the share of goods-producing jobs plummeted from 50 percent to less than 20 percent of all jobs while the overall economy added more than 80 million new jobs—meaning that the entire growth was due to new jobs in high – wage high – skill service industries such as finance, insurance, advertising, consulting, computers, education, and healthcare. This transition from a goods-producing to a service-oriented economy would not have been possible without tremendous increases in manufacturing productivity. Output per person in manufacturing almost tripled from $100,000 to $300,000 in real terms, while manufacturing employment decreased from 40 percent to 10 percent of all jobs. In turn, manufacturing’s productivity was driven by its better – educated workforce: the proportion of college – educated manufacturing workers grew from 20 percent to more than 50 percent. While the share of jobs in goods-producing industries declined overall since 1967 in the U.S. workforce, the share of workers with a four-year college degree or more increased from 13 percent to32 percent. Over 60 percent of the workforce now has at least some college education, up from just one-quarter of adults. High-wage jobsfor workers with no more than a high school education disappeared with the decline of manufacturing. During the same period the share of college jobs more than doubled and the college wage premium–the average salary of a college graduate compared to a high school graduate–went from 40 percent to 80 percent.”

(Related) Start thinking of LinkedIn as an EdTech company?
Data and Diplomas: On LinkedIn's Acquisition of

There's gotta be something here, I just need to take the time to look for it.
Our top-50 education apps: maths and numeracy

For my “Make your own textbook” students.
What Makes a Good Programming Tutorial?

Should I turn my Blog into a “talkie?”
Host your Podcasts on Google Drive for Free
… Where do you host the podcast files? If you have signed up for a web hosting account, you can use the rented space to host the podcast files else you may consider using Google Drive – it is free, you can host both audio and video podcast files and there are no known bandwidth restrictions.

For my toolkit. (Okay, maybe I'll tell my students too)
5 Sites with Printable Graph Paper, Puzzles, Maps, & More
PaperKit: Print Your Own Lined Paper
Jauntful: Printable City Guides Make a Clutter-Free Version of Any Site
GitPrint: Simple Tool for Printing Markdown
Printable Puzzles: Crosswords, Sudoku and More

Dilbert on “future awesomeness?”