Saturday, June 13, 2015

Something unusual here. No indication that a change went wrong? Everything worked fine up until it didn't? Not the way things really work. Perhaps we should ask Hillary to reboot her servers?
Tech glitch at State Dept. halts new visas, passports
The State Department is suffering technical troubles preventing the agency from issuing visas and passports at its overseas postings.
In a notice on Friday, the department’s Bureau of Consular Affairs said that the glitches were affecting people from all over the globe, and ruled out a cyber attack as the cause.
“We are working as quickly as possible to pinpoint the root cause of our technical issues,” the department said.
… Because of the “technical difficulties” affecting systems that perform national security checks, the department cannot print out visas, passports or other travel documents at its foreign diplomatic missions, it claimed.
People applying for a passport from within the U.S. should not have a problem, however, nor should those applying for emergency passports for urgent travel. [Because there is no security check if it's an “emergency?” Bob]

(Related) Remember, these are the same folks who didn't notice that they had no access to Hillary's email and can't figure out why their passport system won't work. I'm less than confident that their assurances are trustworthy. (Then again, maybe they are using Hillary's super secure computers?)
US Says Confident No Security Breach in Iran Talks
The US State Department ... said Thursday it was confident there had been no security breach, after Swiss and Austrian investigators launched probes into alleged cyber-spying.
Spokesman Jeff Rathke told reporters that the US government was aware of the investigations that had been opened, and that Washington had "close working relationships" with both countries.
Swiss and Austrian investigators are separately looking into possible spying at the hotels. The Swiss attorney general's office said it had seized computer equipment on "suspicion of illegal intelligence services operating in Switzerland."
Israel, which is vehemently opposed to any nuclear deal with Iran, has denied its secret services were involved.
The probes come after Russian-based security firm Kaspersky Lab said a computer worm widely linked to Israel was used to spy on the negotiations.

I'm surprised they noticed.
FCC warns Paypal that policy might violate law
… The Federal Communications Commission’s enforcement bureau sent a warning to the payment processing company Thursday that its terms of service slated to take effect next month might violate the law.
As a condition of signing the users agreement, Paypal customers would be giving their consent to receive robocalls and texts from the company on any number it obtains.

Just in case I need to declare war...
The last time the U.S. Department of Defense published a comprehensive manual on the law of war was in 1956, when Richard Baxter set the standard. Much has happened since then–the U.S., in particular, has engaged in many armed conflicts and other military endeavors — and yet the 1956 Manual, although slightly amended, has never been superseded. In 1990 — that is to say, a quarter of a century ago — esteemed Department of Defense lawyer Hays Parks published a law review article in which he wrote that “the United States has undertaken a two-track program to ensure and enhance continued respect for the law of war. [A] comprehensive military review identified a need to update and significantly expand American military law of war manuals. A new Navy manual was published in 1987, and the new Army law of war manual will be completed in 1990.”
Well, here we are 25 years later and, believe it or not, the Department of Defense today published the long-awaited revised Manual, on behalf of the Department as a whole. (An Army-specific manual reportedly will follow shortly.)

Will this start another round of CIA-bashing?
CIA Releases Declassified Documents Related to 9/11 Attacks
by Sabrina I. Pacifici on Jun 12, 2015
“Today, CIA has released to the public declassified versions of five internal documents related to the Agency’s performance in the lead-up to the attacks of September 11, 2001. The documents can be found at CIA’s Freedom of Information Act (FOIA) online reading room at The first of these documents is a redacted version of the 2005 CIA Office of Inspector General (OIG) Report on Central Intelligence Agency Accountability Regarding Findings and Conclusions of the Report of the Joint Inquiry into Intelligence Community Activities Before and After the Terrorist Attacks of September 11, 2001. In 2005, then-CIA Director Porter Goss issued a public statement on the OIG report. In 2007, CIA publicly released a redacted executive summary of the report along with a statement from then-Director Michael Hayden. In response to FOIA requests for the full 2005 OIG report, CIA and other agencies conducted an extensive review of the nearly 500-page document in order to release information that no longer needed to be protected in the interests of national security. To further contribute to the public record on these events, CIA has also released today redacted versions of four other documents that relate to the 2005 OIG report and provide alternate views on the Agency’s performance prior to 9/11.

Perspective. Facebook does not rule the social networking world. They just think they do.
Facebook Now Cares About How Long You Look At Stuff In Your News Feed
… Facebook is tweaking its algorithms to account for a new metric: the amount of time you spend looking at things in your feed, regardless of whether or not you actively interact with it.
Scroll past something without stopping for long, and Facebook’s algorithms will slowly learn that you don’t particularly care for that sort of content.
Camp out on a post for a bit, though, and Facebook starts the timer behind the scenes. If you spend more time on this story than you spend on most things in your feed — studying a picture, perusing the comment thread — they’ll take that as a signal that it’s something you care about.
… It’ll be interesting/a little terrifying to see how this actually impacts what shows up in feeds, if only because it’s all so passive. Facebooks algorithm’s have thus far been largely tuned by what you’re liking/sharing/commenting on — actions that all require at least a modicum of conscious effort. Once things shift toward passive behavior analysis, Facebook’s News Feed begins to understand what you care about more than you ever could.

(Related) “A few seconds” is much too long to be competitive.
Facebook's Messenger App Hits 700 Million Users
Facebook’s standalone messenger app now has 700 million users, up from 600 million in late March. Announced by CEO Mark Zuckerberg on Thursday during Facebook’s annual investor meeting, the milestone represents a major win for the company—particularly considering the initial user push-back and outrage when the company first announced its decision to separate messaging from the main Facebook app last summer.
As Forbes reported in November of last year when Messenger hit 500 million users, the decision to split the messaging feature from the nucleus of the Facebook app was driven by a desire to simplify the messaging process for users. Zuckerberg laid out the rationale behind the Messenger app at a Facebook town hall meeting, where he said: “There are more than 10 billion messages sent every day on Facebook, but in order to get to your messages, you had to open up the app—which could take a few seconds—and then go to a separate tab. And what we saw was that all of the messaging apps that people were using and they relied on the most were—kind of—these dedicated, focused experiences.”

Perhaps my students could use these in the website class.
Smithsonian Digitizes For Download 40,000 Works of Asian and American Art
by Sabrina I. Pacifici on Jun 12, 2015
Via OpenCulture: “Like many major museums all over the world—including the National Gallery, the Rijksmuseum, The British Library, and over 200 others—the Freer/Sackler has made its collection, all of it, available to view online. You can also download much of it. See delicate 16th century Iranian watercolors like “Woman with a spray of flowers” (top), powerful Edo period Japanese ink on paper drawings like “Thunder god” (above), and astonishingly intricate 15th century Tibetan designs like the “Four Mandala Vajravali Thangka” (below). And so, so much more. As Freer/Sackler director Julian Raby describes the initiative, “We strive to promote the love and study of Asian art, and the best way we can do so is to free our unmatched resources for inspiration, appreciation, academic study, and artistic creation.” There are, writes the galleries’ website, Bento, “thousands of works now ready for you to download, modify, and share for noncommercial purposes.” More than 40,000, to be fairly precise.”

Because my students don't have enough distractions.
5 More Sites for Watching TV Online
TV is, in 2015, not a particular gadget anymore: it’s a category of entertainment. Some people watch “TV” on what’s called a “TV set”, but others watch it online.
If you’re in the latter category, Cool Websites and Tools is once again rounding up alternative sites to watch TV on. We aim to discover the sites you probably haven’t heard of yet. Last time we showed you 5 never ending video sites, which brought the channel surfing feel to the web. Today we’ve got a few sites like that for mobile and the desktop, along with a few general sites for finding things to watch.

For my biking and running students.
Plan and Share Biking and Walking Routes on Google's My Maps
… To create a biking or walking route map on My Maps first sign into your Google account then open My Maps. After signing into My Maps select the "draw a line" tool then choose "add biking route." To draw your biking route click on a starting location on the map then drag the line along a road. My Maps tries to predict where you are going to draw your route. The prediction feature can be handy when you're trying to make short biking routes. When you're making longer routes you will have to draw over the predicted lines if you don't want to use the suggested routes.

Once again, it's humor time!
Hack Education Weekly News
… “The Education Department is beefing up its oversight over the hundreds of different companies that colleges hire for a wide range of services that it says are somehow related to federal student aid dollars and therefore subject to regulation,” according to Inside Higher Ed. [This is likely to be a mess. Outsourcing is not in their skill set. Bob]
… “Oakton Community College (OCC) is insisting that a one-sentence ‘May Day’ email referencing the Haymarket Riot sent by a faculty member to several colleagues constituted a ‘true threat’ to the college president,” FIRE reports.
… Kennesaw State University has apologized to a student after a video of him attempting to meet with an academic advisor (and being accused of harassment for doing so) went viral.
… “Jott, a messaging app that works without a data plan or WiFi connection, has caught on among junior high and high school students,” says Techcrunch.
… The cost of developing an open textbook, according to Tony Bates: $80,000 - $130,000. [I use free student labor! Bob]
… Education Week has released a report called “Tech Counts 2015: Learning the Digital Way.” Among the stories: “Why Ed-Tech Is Not Transforming How Teachers Teach.”
… “Research” by the Fordham Institute’s Michael Petrilli on “What Twitter Says about the Education Policy Debate.”

Sometimes you should believe your technology.

Friday, June 12, 2015

The impact of security breaches are often understated in the initial announcements. (Possibly better than overstating.) But repeated “corrections,” each increasing the scope of the breach, really undermines the organizations credibility. Worse is having another group point out that you understated the breach. (By the way, how many people is that?)
Federal Union Says OPM Data Breach Hit Every Single Federal Employee
The American Federation of Government Employees claimed Thursday that all federal employees and retirees, as well as one million former federal employees, had their personal information stolen in the federal data breach disclosed by the Office of Personnel Management last week. If accurate, the claim–which was presented in a letter from the union’s president to the OPM–would expand the impact of the breach far beyond the four million federal employees the OPM said were impacted upon disclosing the breach last Thursday.
AFGE President J. David Cox, who represents more than 670,000 federal employees in the union, began his letter to OPM Director Katherine Archuleta by saying that “very little substantive information had been shared” with the union.
… On top of that, Cox said he believed that the government hadn’t encrypted the Social Security numbers, which he called a “cybersecurity failure that is absolutely indefensible and outrageous.” In his closing, Cox described the breach as an “abysmal failure” by the OPM to “guard data that has been entrusted to it by the federal workforce.”

Sure to be something interesting!
Big Parenting': How data and technology are changing our families
The annual Security and Human Behavior Workshop is not your average technology show. There are only a few dozen participants, and they are handpicked. There are no formal presentations, just quick 10-minute talks followed by a half-hour or more of free-flowing discussion. And the prized participants aren’t computer scientists. They are behavioral economists, medical experts, even magicians.
[Look at Past Workshops:

For my Computer Security students.
State-by-State Listing of Data Loss and Freedom of Information Legislation
by Sabrina I. Pacifici on Jun 11, 2015
DataLossDB – Open Security Foundation: “In order to request data breach notification reports from governments, several critieria need to exist. The state must have Freedom of Information or Open Records legislation. The state must have Breach Notification legislation, and the state must require notifications to a centralized authority (like an Attorney General, or a Consumer Protection division). At this time, only 12 states meet the requirements for gathering Primary Sources. 35 states have data loss notification legislation, but no centralized reporting. 4 states have no data loss notification legislation. See our Federal Data Breach Notification Legislation page for our analysis of federal legislation.”

For my Intro to IT studnets.
Think Before You Post: Can You Be Sued For Libelous Tweets and Facebook Posts?
In most countries around the world, saying or writing something that’s untrue and harms the reputation of another person is a civil offense. While this has been the case for centuries, most people were essentially immune from prosecution — unless you had a public platform reaching a wide audience, meeting the bar for defamation was next to impossible.
Social media changed this.
Now anyone with a Facebook or Twitter account can theoretically reach the entire Internet using population. If the message being shared is positive, the Internet can do wonderful things. If the message being shared is defamatory, there might be a very expensive lawsuit.

I've been saying this for years. Consumer complaints apparently do not outweigh Monopoly PACs.
U.S. Internet users pay more and have fewer choices than Europeans
by Sabrina I. Pacifici on Jun 11, 2015
“More than a quarter of Americans cannot go online at home to check their children’s grades at school, apply for jobs, pay bills or research health issues. They don’t have what has become a crucial service for participation in modern society: Internet service at home. The proportion of households with Internet service had been rising steadily for decades, according to the Pew Research Center, until the past few years when the adoption rate slowed. One reason? The high cost of broadband and the lack of competition that leads to those high prices. A Center for Public Integrity analysis of Internet prices in five U.S. cities and five comparable French cities found that prices in the U.S. were as much as 3 ½ times higher than those in France for similar service. The analysis shows that consumers in France have a choice between a far greater number of providers — seven on average — than those in the U.S., where most residents can get service from no more than two companies. The Center’s analysis echoes the findings of several studies on Internet pricing disparities worldwide.”

Technology changes fast and significantly. (Digest Item #3)
Twitter Breaks 140-Character Limit
Twitter is removing the 140-character limit for direct messages (Dms). Instead, from July, private messages sent via Twitter can be up to 10,000 characters in length. Which is a rather extreme change by any standards you care to mention. Public posts, more commonly known as tweets, will still be limited to 140 characters.
The character limit for private messages never really made much sense, and this change is well overdue. Developers are being warned in advance in order to reduce the chances of apps using the Twitter API from breaking.

Need a good example of inflation?
Zimbabwe finally ditches ‘worthless’ currency for the US dollar
… the RBZ said that accounts “with balances of zero to Z$175 quadrillion will be paid a flat US$5”.
“Hyperinflation” does not begin to explain the monetary problems in Zimbabwe, which denominates currencies with this many zeroes: 000,000,000,000.

Need a good example of wishful thinking?
Russia's military modernization plans, Armata tank imposing high cost on country
… President Vladimir Putin's expensive arms build-up faces major hurdles as Russia's economy sinks under the weight of Western sanctions and falling oil prices. The 22-trillion ruble (about $400-billion) program, which envisages the acquisition of 2,300 new tanks, hundreds of aircraft and missiles and dozens of navy ships, was conceived back at the time when Russia's coffers were brimming with petrodollars.

I'm not sure I understand this slideshow, and I probably should.
An investment bank made this epic presentation on the future of digital media
Investment banker Terrence Kawaja, founder and CEO of LUMA Partners, the company famed for its LUMAscapes, has a new, epic presentation on the state of digital media.
It takes a specific focus on digital media and marketing. The central themes are around "open" platforms versus "closed" ones.
The top 5 trends LUMA picks out for 2015 and beyond are: Programmatic, mobile, omnichannel/personalization, identity, and convergent TV.

For my Business Intelligence students.
Why marketers are betting big on predictive analytics
… Tapping into the analytics trend that's being felt throughout the business world as a whole, predictive marketing applies algorithms and machine learning to big data to help marketers direct their efforts in the most profitable directions. Predictive-analytics tools can help marketers gauge ahead of time what a particular customer will buy, for example, as well as when and how much. Equipped with that information, companies can tailor their campaigns accordingly.
Amazon is a shining example: Its recommendations engine reportedly accounts for roughly 30 percent of the company's sales.

A freebie for my Data Governance students.
DCIM for Dummies e-book
Data Center Infrastructure Management (DCIM) is the discipline of managing the physical infrastructure of a data center and optimizing its ongoing operation.

For my students who read (both of them)
Listen Up, Book Lovers: 10 of the Best Podcasts for Bibliophiles
… As a proud bibliophile myself, I am thrilled to get the chance to share some of my favorite podcasts about books and literature, as well as some crowd-sourced suggestions I wish I had been listening to for years.
There is some solid content here, so if you have the time to spare and are always on the lookout for great book recommendations, look no further. These will keep your “to read” list full, and offer some insightful commentary into the lives of authors everywhere.

Thursday, June 11, 2015

Even if you don't adopt “Best Practices,” you should not assume you are the first company ever to address this issue. My Computer Security students would easily identify the security failures listed here.
Weak Remote Access Practices Contributed to Nearly All PoS Breaches: Trustwave
In a new report from Trustwave, experts examined data from 574 breach investigations across the world from 2014. The researchers discovered that the number of PoS breaches they investigated jumped some seven percent compared to 2013 and accounted for 40 percent of the firm's investigations last year. By and large, those PoS compromises came down to a failure to control remote access.
Many businesses don't keep technical staff in-house, explained Karl Sigler, threat intelligence manager at Trustwave. As a result, much of the networking infrastructure and PoS systems are often fitted with remote access software to prevent technicians from having to be physically present every time there is a technical problem or a patch release, he said.
"Unfortunately, these remote access solutions are often poorly secured," he said. "They are often open publicly on the internet as opposed to being locked down with proper access controls to only allow the technician’s systems access. They not only typically have weak or no passwords, they usually also share the exact same password across all systems in order to make it easy on the remote technician. Maintaining and remembering unique passwords for every store is often considered too complicated."
The full report can be read here.

Not the type of Data Management my students would approve (if they wanted to pass my class) Data must be exchanged between the engines and the cockpit, but perhaps certain commands should be filtered out while the plane is airborne?
Fatal A400M crash linked to data-wipe mistake
A military plane crash in Spain was probably caused by computer files being accidentally wiped from three of its engines, according to investigators.
Plane-maker Airbus discovered anomalies in the A400M's data logs after the crash, suggesting a software fault.
And it has now emerged that Spanish investigators suspect files needed to interpret its engine readings had been deleted by mistake.
This would have caused the affected propellers to spin too slowly.
… The control systems of the A400M aircraft are heavily automated.
Each engine is run by a separate computer called an Electronic Control Unit.
… It was not foreseen that three propellers would be affected simultaneously, making it impossible to keep the plane airborne.

Does this make you feel better or worse?
Kaspersky Lab cybersecurity firm is hacked
One of the leading anti-virus software providers has revealed that its own systems were recently compromised by hackers.
Kaspersky Lab said it believed the attack was designed to spy on its newest technologies.
It said the intrusion involved up to three previously unknown techniques.
… Kaspersky Lab said that it had detected the breach in the "early spring", and described it as "one of the most sophisticated campaigns ever seen".
The malware does not write any files to disk, but instead resides in affected computers' memory, making it relatively hard to detect.
… This time, Kaspersky said, the malware was spread using Microsoft Software Installer files, which are commonly used by IT staff to install programs on remote computers.

Another article me Data Management and Business Intelligence students should be reading. (That's what us professors call a “HINT!”)
How to Get More Likes and Comments on Instagram, According to Science

For my Data Governance students. See? Just like the textbook says.
Many Organizations Lack Maturity to Address Security Risks: RSA
Nearly three quarters of global organizations lack the maturity to address cybersecurity risks, and size is not a determinant of strong maturity, according to RSA’s inaugural Cybersecurity Poverty Index.
The report from EMC’s security division is based on the responses of over 400 IT security professionals from 61 countries who were asked to self-assess the maturity of their cybersecurity programs using the NIST Cybersecurity Framework as a benchmark.
RSA has also noticed some differences when comparing critical sectors such as telecommunications, financial services, and government. The telecommunication sector ranked highest with half of organizations having developed or advantaged capabilities. At the other end of the chart we have the government sector, where only 18 percent of respondents are pleased with their capabilities.
It’s not uncommon for organizations to experience cyber security incidents that have a negative impact on business operations. RSA’s study shows that the more incidents an organization deals with, the more mature its capabilities are. More precisely, companies that reported 40 or more incidents in the past year are 2.5 times more likely to have developed or advantaged capabilities. On the other hand, 63 percent of the respondents with 40 or more incidents still admitted having an inadequate level of maturity.

For my Spreadsheet students (with tools for my Business Intelligence students!)
Power Up Excel with 10 Add-Ins to Process, Analyze & Visualize Data Like a Pro
… You can power up your Excel experience with add-ins. Ranging from data visualization to external databases, you’re bound to find something to push Excel into overdrive.
Power BI
It can be a little tricky to get used to, and it does have its own, separate interface, but it will enable you to build beautiful data analytics dashboards you can share with the entire company. And people will be impressed, especially if they haven’t seen it before. You can consult the detailed Power BI support pages to get started or when you’re stuck.
Send to Power BI
A nice little add-in that allows you to send your data directly to the Power BI dashboard and analytics tool.

For my Ethical Hacking students, just because...
5 Must-See Documentaries About Hacking and Hackers

Wednesday, June 10, 2015

If they are not “state sponsored” they may still be state trained. Does it benefit Russia to have some hackers it can blame for true state sponsored hacks? I think it does.
France TV Cyberattack Probe Focused on 'Russian Hackers'
The investigation into the cyberattack suffered by France's TV5Monde television channel in April is now focusing on "a group of Russian hackers", a judicial source told AFP on Tuesday.
The cyberattack was carried out by unknown persons claiming to represent the Islamic State group, who shut down transmissions and placed jihadist propaganda messages on the station's website, and Facebook and Twitter accounts.
But confirming information first published by L'Express newspaper, the judicial source said "the investigations are at this stage looking towards a group of Russian hackers designated by the name APT28."
In a report to be published on Wednesday, L'Express said APT28, also known as "Pawn Storm", had previously tried to hack the White House and NATO members, as well as targeting Russian dissidents and Ukrainian activists.

Are we getting closer to the true cost of sharing copyrighted material? Will prices also drop a couple orders of magnitude? Or is it just because they can now automate their offer to settle?
Like many other Hollywood studios, Warner Bros. sees online piracy as a major threat to its revenues.
Torrent sites such as The Pirate Bay represent a thorn in the side and the company is doing everything in its power to limit the damage.
For Warner Bros. this includes targeting individual users of these sites. Not just to warn them that they are breaking the law, but also by demanding money from alleged pirates.
Just recently the Hollywood studio started sending settlement demands to Internet subscribers whose accounts were used to download and share an episode of the popular sitcom Friends.
… To resolve the matter Warner Bros. offers the account holder an opportunity to settle the case, linking to the page below where the recipient can submit a payment of $20 to avoid further trouble.
… However, the automated settlement offers haven’t been without controversy. Warner Bros. and Rightscorp, the company behind the scheme, have been sued for abuse and harassment by several accused downloaders.

This is interesting. Would this ruling also impact the IRS?
Did A Judge Just Undermine The Administrative State With SEC Ruling?
A federal judge’s ruling against the Securities and Exchange Commission for using its own judges in an insider-trading case might be looked at in hindsight as the beginning of the end of an alternative system of justice that took root in the New Deal but has raised serious constitutional questions ever since.
In a 45-page ruling yesterday, U.S. District Judge Leigh Martin May in Atlanta issued an injunction halting administrative law proceedings against Charles Hill, a businessman the SEC has accused of reaping an illegal $744,000 profit trading in Radian Systems stock. The judge ruled that the agency violated the Appointments Clause of the Constitution by subjecting Hill to proceedings before an administrative law judge who isn’t directly accountable to the President, officials in charge of the SEC or the courts.
While it’s just a single ruling by a single judge on a seemingly arcane point of administrative law, the decision echoes the deep concerns some judges and academics have about extrajudicial proceedings, said Philip Hamburger, a professor a Columbia Law School and author of “Is Administrative Law Unlawful?,” a book that compares the modern administrative state to the Star Chamber operated by King James I.

I'm considering collecting Apps my students use – particularly those they think help them learn. But I'm curious about the “time wasters” too.
5 iPhone Apps Your Teenager Has Probably Installed

Tuesday, June 09, 2015

Congress might finally take some action. Lots of them are old enough to need drug pumps, pacemakers, etc. The FDA hasn't looked at this new technology seriously. I wonder how the manufacturers justify the liability risk?
Researcher warns drug pumps could be hacked to give fatal dose
A researcher says a line of IV drug pumps can be remotely hacked to deliver an incorrect, and possibly fatal, dosage of drugs to patients.
Security researcher Billy Rios told Wired that a range of pumps from manufacturer Hospira, including one line that the company stopped selling in 2013, include a flaw that allows someone to alter the device’s software to change the dosage.
Hospira is able to update the pumps’ firmware, but Rios says the devices aren’t able to recognize the difference between an update from the manufacturer or from another party. He also said a hacker could make it look as though the pump was still delivering the correct dosage of the drug.
… He also says he told Hospira about the flaw in one of the lines of pumps allowing hackers to deliver an incorrect dosage a year ago, but the company said it was not a problem. He then tested other pumps produced by the company. The Food and Drug Administration released an alert last month about vulnerabilities in the line of pumps that Rios says he warned the company about last year.

But is it still spreading?
Stuxnet Still Present in Some Organizations: Researchers
The notorious Stuxnet malware is still actively running on some computers and while the threat cannot be controlled by the original attackers, its presence demonstrates the weak security posture of these organizations.
Stuxnet, reportedly developed by the United States and Israel, is a worm designed to target industrial systems. The malware became known as the world’s first cyber weapons after it caused serious damage at Iranian nuclear facilities.
Now, five years after it was first discovered, Stuxnet infections still exist, according to Czech Republic-based security firm Kleissner & Associates, which operates the botnet monitoring system Virus Tracker.
In a paper published last week, titled “Internet Attacks Against Nuclear Power Plants,” the company provided some Stuxnet-related statistics from Virus Tracker. Kleissner & Associates has the ability to monitor Stuxnet infections because it has acquired two of the command and control (C&C) domains used by the worm and pointed them to Virus Tracker sinkhole servers.
According to Kleissner, there were at least 153 unique machines infected with Stuxnet in 2013 and 2014. Nearly half of these infections were traced back to Iran, but some infected devices had also been spotted in India, Indonesia, Saudi Arabia, Kazakhstan and China.

This is what happens when you let computers vote! (You have no constitutional right to drive.)
Poll: 1 in 4 Americans Supports Laws Restricting Human-Driven Cars
Never mind those occasional fender-benders, humans. Face it. Robots are better drivers than you because they don’t drive drunk, they don’t do drugs, they don’t doze off and they don’t get distracted.
… Removing humans from the driving equation might sound scary, but it seems more Americans could be warming up to the Jetson-esque idea. Some are even in favor of laws that would limit people driving cars, if the results of a poll recently conducted by the Ferenstein Wire, via Google Survey, are any indication.
Per the notably unscientific Internet-based poll, 27 percent of those surveyed -- more than one in four -- support laws restricting human-driven vehicles. In other words, they would be okay with giving up their right to drive in order to pave the way for possibly safer computer-driven cars.

There are about 1.7 million rear-end collisions on U.S. roads each year. Here’s how to stop them.
There are about 1.7 million rear-end collisions on U.S. roadways each year. About 1,7000 people die in those collisions and another 500,000 are hurt.
Many of those most-common-of-all car accidents could be avoided if auto makers begin making collision avoidance systems standard equipment in their vehicles, the National Transportation Safety Board said in a recommendation issued Monday.

Enough of these and you have a zone of barrage balloons. Makes it hard for me to fly my drones safely.
CDOT launching blimp to monitor I-25 traffic in Denver area
The Colorado Department of Transportation is launching a helium-filled "half-blimp, half-kite" above Interstate 25 on Tuesday for a three-day trial to see how well it monitors traffic, officials said.
The 1,600-cubic-foot device, called a SkySentry, will be tethered above I-25 and 70th Avenue and will use cameras to assess traffic conditions, CDOT spokeswoman Amy Ford said Monday.
Law enforcement agencies and other groups have used the device for monitoring, Ford said, but CDOT is the first department to use it for traffic-monitoring purposes.

Speaking of drones... Many NFL stadiums have overhead cameras that run on wires, but college and high school football programs will no doubt want this technology. (Perhaps I could write an App to turn players into little X's and O's to match the playbook?)
NFL team using drone to film practice
The National Football League’s Dallas Cowboys are using a drone to record footage of their practice sessions, ESPN reports.
The team uses the drone to capture footage directly overhead players in an attempt to supplement existing aerial cameras in other areas of its practice field, according to the report.

For my Risk Management students. Notice that TSA can not protect US infrastructure from “rouge bull squirrels.” Fortunately, they are not well organized.
Squirrel knocks out power to thousands in San Francisco bay area
… PG&E spokesman J.D. Guidi told the Contra Costa Times that power was down in cities east of San Francisco, including Berkeley and Oakland, on Monday night after a squirrel "impacted equipment" at the El Cerrito substation. He gave no details

For my students, all of whom seem to need it.
Skype Translator coming as app, Microsoft wants you to speak in 4 languages
Microsoft has announced that its Skype Translator, which can allow people to speak and understand 4 languages in real time, will be coming to computers as an app by the end of July.
… Skype Translator is a tool that integrates with Skype, a popular VoIP app that allows people to make voice and video calls using internet. With the Translator, according to Microsoft, people can talk to others in four languages -- Italian, Spanish, Mandarin and English. So for example if they you are an Indian and wants to talk to a Spanish person who doesn't know English, you can use the Translator feature. You can speak in English and it will be translated into Spanish in real time.
Skype Translator was first announced in December 2014. It was available to users through a web page. But now with Microsoft coming out with an app, more people will be comfortable using it.

I sense a challenge for my students!
These 5 SMS Services Offer You the Internet Without a Data Plan
… Today Cool Websites and Apps outlines services that take advantage of SMS to give you access to web services without actually connecting to the Internet. Call it the offline web.
Whether you’re hoping to make your dumb phone smart or just save money on your phone bill by ditching mobile data entirely, these apps give you access to information without the need for Internet access – thanks to SMS.

Send in the geeks! Some of my students will love this, others will see it as just another language to learn.
Swift Goes Open Source
Among all the talk about watch faces, music streaming and iOS 9 many failed to grab a hold of perhaps the biggest story of the day. Last year Apple introduced Swift, a revolutionary new programming language that makes it easy to get started programming, removing the reliance on Objective-C and simplifying much of the process involved in turning raw code into finished apps.
Despite a massive surge of interest, many were concerned that developing with Swift would see them hemmed-in to Apple’s ecosystem. Apple just burst that bubble by announcing that the language is to be made open source (“later this year”), providing all developers full access to Swift’s inner workings regardless of platform. It’s worth pointing out you’ll still need to pay the $99 developer fee to get your app listed on the App Store, but that doesn’t mean you can’t build Swift apps for another platform completely free of charge.
We think Swift is the next big programming language, the one that we’ll all be doing application and system programming on for 20 years to come,” said Craig Federighi, Apple’s SVP of software engineering. It’s also been updated to version 2.0, with an assortment of improvements and tools for porting your old Swift 1.2 code.

Monday, June 08, 2015

Suggests (to me at least) that there might be a business opportunity for services that can prove they don't invade your privacy. Big Brother is not inevitable.
New Study – Americans Losing Battle on Privacy Rights
by Sabrina I. Pacifici on Jun 7, 2015
The Tradeoff Fallacy – How Marketers Are Misrepresenting American Consumers and Opening Them Up to Exploitation – Joseph Turow, Ph.D.; Michael Hennessy, Ph.D; Nora Draper, Ph.D. June 2015. A Report from the Anneberg School for Communication, University of Pennsylvania.
“New Annenberg survey results indicate that marketers are misrepresenting a large majority of Americans by claiming that Americans give out information about themselves as a tradeoff for benefits they receive. To the contrary, the survey reveals most Americans do not believe that ‘data for discounts’ is a square deal. The findings also suggest, in contrast to other academics’ claims, that Americans’ willingness to provide personal information to marketers cannot be explained by the public’s poor knowledge of the ins and outs of digital commerce. In fact, people who know more about ways marketers can use their personal information are more likely rather than less likely to accept discounts in exchange for data when presented with a real-life scenario. The findings, instead, support a new explanation: a majority of Americans are resigned to giving up their data—and that is why many appear to be engaging in tradeoffs. Resignation occurs when a person believes an undesirable outcome is inevitable and feels powerless to stop it. Rather than feeling able to make choices, Americans believe it is futile to manage what companies can learn about them. The study reveals that more than half do not want to lose control over their information but also believe this loss of control has already happened.”

“We can, therefore we must!” Will this rise above “annoying?”
Eryk Bagshaw reports:
Sydney schools are employing “big brother” data collection technology to track whether students are finishing their homework, skipping classes as well as how much their parents are likely to donate.
This week it was revealed that 34 schools in NSW – including The King’s School and Barker College – were using software that allowed them to track how much parents were likely to donate based on the amount and type of emails they sent, the wealth of the suburb they live in, their volunteering efforts, and community involvement.
Read more on Brisbane Times.
[From the article:
Every time a student opens a textbook on their tablet or laptop in the digital textbook library, their school and teachers are able to track their movements.
… The program creates a mountain of data on how, when and where different types books are being read not only for schools, teachers, and pupils, but for text book publishers - an industry worth about $620 million in Australia.
… Calendars, cancellations, school notices, school information, school timetables, parent sick note forms and school documents are all digitised, their data kept so that a student's attendance or lack thereof can be mapped and patterns drawn out of it.
… "Right now individual teachers might not spot a student struggling in one class if they only see them a couple of times a week," Dr Timms said. [Australia must have really bad teachers. Bob]
… But there remain concerns over just how schools will keep all this data secure.

Oh, that's Okay then.
Google: The artificial intelligence we're working on won't destroy humanity

(Related) I've blogged about automating legal services before. (I can't find the part that says “In the future, lawyers will be loved.”)
How Machine Intelligence Will Transform the Role of Lawyers in the Delivery of Legal Services
by Sabrina I. Pacifici on Jun 7, 2015
The Great Disruption: How Machine Intelligence Will Transform the Role of Lawyers in the Delivery of Legal Services, John O. McGinnis & Russell G. Pearce, Fordham Law Review, Volume 82, No. 6. May 2015, pps 3041-3066.
Law is an information technology—a code that regulates social life. In our age, the machinery of information technology is growing exponentially in power, not only in hardware, but also in the software capacity of the programs that run on computers. As a result, the legal profession faces a great disruption. Information technology has already had a huge impact on traditional journalism, causing revenues to fall by about a third and employment to decrease by about 17,000 people in the last eight years and very substantially decreasing the market value of newspapers. Because law consists of more specialized and personalized information, the disruption is beginning in law after journalism. But, its effects will be as wide ranging. Indeed they may ultimately be greater, because legal information is generally of higher value, being central to the protection of individuals’ lives and property. The disruption has already begun. In discovery, for instance, computationally based services are already replacing the task of document review that lawyers have performed in the past. But computational services are on the cusp of substituting for other legal tasks—from the generation of legal documents to predicting outcomes in litigation. And when machine intelligence becomes as good as lawyers in developing some service or some factor of production that contributes to a service, it does not stop improving. Intelligent machines will become better and better, both in terms of performance and cost. And unlike humans, they can work ceaselessly around the clock, without sleep or caffeine. Such continuous technological acceleration in computational power is the difference between previous technological improvements in legal services and those driven by machine intelligence. This difference makes it the single most important phenomenon with which the legal profession will need to grapple in the coming decades. These developments have enormous implications for every aspect of law—legal practice, jurisprudence, and legal education. Here, we focus on one important consequence: the weakening of lawyers’ market power over providing legal services. We argue that these developments will generally increase competition. They will commoditize legal services, permitting clients to make easier price comparisons. They will also bring in new entrants, both as direct suppliers of services and low-cost providers of inputs to services of lawyers.”

Yeah, biometrics. Tools for my computer security students.
This US military-funded security company can tell who you are just from the way you touch your phone
… BehavioSec […] provides a layer of so-called biometric security that lets banks tell who you are just from the way you type, move your mouse or touch your phone screen.
BehavioSec tracks these movements and maps them against past interactions to see if they match up. If they don't — if you're typing much faster than normal or pressing a phone screen harder — the company will let the bank know it thinks someone else is trying to get into your bank account.

Ah, clarity!
Stopping the FUD: There is no yearly subscription fee for Windows 10
… Windows 10 will not have an annual fee. Windows 10 will not charge you a yearly subscription after the free-for-one-year upgrade offer expires.
… Between July 29th 2015 and July 29th 2016, you will have the chance to snag a free upgrade to Windows 10. After July 29th 2016, you will have to pay for a Windows 10 license.
… Microsoft may have confused people by mentioning Windows 10 "as a service" causing people to believe there will be a subscription fee of sorts. There is no subscription model for Windows 10. Instead, Windows 10 "as a service" simply implies that Microsoft plans to update the operating system with smaller, more frequent updates, rather than larger Service Pack-like updates. Think of it like an app that gets updated regularly.

For the student clubs? (Digest Item #3)
Popcorn Buzz Enables Group Calling
Japanese messaging startup Line has launched Popcorn Buzz, a free group calling service that lets up to 200 people take part in a single conversation. Only registered users can start a call, but even non-users can join an existing call by clicking on a shared URL.
Line states, “Popcorn Buzz can be used to talk with friends and family, catch up with classmates, make plans with club members, and more. Popcorn Buzz accommodates both personal and business usage, all for free.” Businesses could also use Popcorn Buzz.
Popcorn Buzz is initially available on Android, with an iOS version due at a later date. The app supports an impressive number of languages, including English, French, German, Spanish, Russian, Japanese, and Chinese.

Marcus Zillman seems to list almost every resource on whatever topic he chooses. May help my students research.
New on LLRX – Journalism Resources on the Internet
by Sabrina I. Pacifici on Jun 7, 2015
Via LLRX.comJournalism Resources on the Internet: Marcus P. Zillman’s new guide is a selective, comprehensive bibliography of reliable, subject specific and actionable sources of journalism resources and sites for researchers in all sectors. This guide will support your goal to discover new sources, refresh your acquaintance with sources you know but that have evolved, and provide additional strategic methods to locate and leverage information in your work.
[Some I find interesting:
The National Institute for Computer-Assisted Reporting maintains a library of federal databases, employs journalism students, and trains journalists in the practical skills of getting and analyzing electronic information
The Virtual Private Library™ creates private libraries powered by Subject Tracer Information Bots™ on various subjects

This one has some potential for amusement.
My Five Favorite Tools
The Classtools Fake SMS Generator is free to use and does not require students to register to use it. In the video below I demonstrate how to create a fictitious text message exchange between historical characters. As I mentioned in the video, the Fake SMS Generator could also be used to create visuals for lessons on cyber-safety and etiquette.