Friday, January 29, 2016

Interesting. Read the whole post.
Jon Swaine and George Joseph report:
Private files belonging to America’s biggest police union, including the names and addresses of officers, forum posts critical of Barack Obama, and controversial contracts made with city authorities, were posted online Thursday after a hacker breached its website.
The Fraternal Order of Police (FOP), which says it represents about 330,000 law enforcement officers across the US, said the FBI was investigating after 2.5GB of data taken from its servers was dumped online and swiftly shared on social media. The union’s national site,, remained offline on Thursday evening.
“We have contacted the office of the assistant attorney general in charge of cyber crime, and officials from FBI field offices have already made contact with our staff,” Chuck Canterbury, the FOP’s national president, said in an interview.
Read more on The Guardian.
Joseph Cox of Motherboard takes a more critical look at the data and questions why FOP’s statement about the incident attributed the hack to Anonymous, as there’s nothing about this incident to suggest the involvement of Anonymous. The FOP’s statement not only misattributes the hack (perhaps that’s intentional, though?), but consistently misspells “breach:”
… An individual known as @CthulhuSec on Twitter took responsibility for dumping the data, but not for hacking/acquiring it, as explained in this statement.

Worth browsing.
FTC Announces Significant Enhancements to
by Sabrina I. Pacifici on Jan 28, 2016
“For the first time, identity theft victims can now go online and get a free, personalized identity theft recovery plan as a result of significant enhancements to the Federal Trade Commission’s website. The new one-stop website is integrated with the FTC’s consumer complaint system, allowing consumers who are victims of identity theft to rapidly file a complaint with the FTC and then get a personalized guide to recovery that helps streamline many of the steps involved. The upgraded site, which is mobile and tablet accessible, offers an array of easy-to-use tools, that enables identity theft victims to create the documents they need to alert police, the main credit bureaus and the IRS among others.”

Trust but verify? What would advance notice of an attack on Iranian nuclear facilities be worth?
Snowden files reveal US and UK spied on feeds from Israeli drones and jets
A joint UK-US intelligence programme has been spying on electronic feeds – including video – from Israel’s military drones and jet fighters going back to 1998.
In a potentially embarrassing disclosure for Israel, which prides itself on its technical capabilities, a new release from material held by the former NSA contractor Edward Snowden has revealed that UK and US intelligence officials have been regularly accessing Israeli cockpit cameras even in the midst of operations in Gaza and Lebanon.
Codenamed Anarchist, the programme was revealed by the Intercept, a US website edited by Glenn Greenwald.
… The drone feeds were reportedly hacked using freely available software similar to that used to access subscriber-only TV channels, the report said.
… In one memo reporting on interception of an Israeli drones, an official in Cyprus noted: “Our ability to collect and track and report this activity is important for the initial detection and tip-off for any potential pre-emptive or retaliatory strike against Iran.” [Thought so. Bob]

Somehow I don't see this as a victory. The attack tried to deny access to your website. Shutting it down did exactly that. Where is your victory?
Cyber Attack Targets Britain's HSBC Bank
"HSBC UK Internet banking was attacked this morning. We successfully defended our systems," HSBC UK tweeted. "We are working hard to restore services, and normal service is now being resumed," it said.
A spokesman specified that the attack was a "denial of service attack", which slows down or disables a network by flooding it with communication requests.
Users attempting to access the bank online were met with a message saying: "Sorry, there appears to be a system problem. Please try again later."

We don't need no stinking encryption!” “We do need to follow existing procedures!”
VICTORIA—In an investigation report released today, B.C. Information and Privacy Commissioner Elizabeth Denham found that the Ministry of Education failed to protect the personal information of 3.4 million B.C. and Yukon students stored on a portable hard drive.
… The ministry used the portable hard drive as a backup for the purpose of disaster recovery of ministry research data. The information was moved from a secure server to the hard drive in an attempt to decrease electronic storage costs, and was ultimately sent to an off-site warehouse for storage.
The ministry declared the hard drive to be lost when employees were unable to locate it in the warehouse after a series of extensive searches.
… The ministry did not ensure the information was encrypted, did not store the portable hard drive in an approved off-site warehouse and did not adequately document the contents or location of the portable hard drive.
… “There are many important lessons to be learned from this investigation, not only for the Ministry of Education, but for other public agencies as well. This is an example of a breach that was completely preventable. If the ministry had implemented any one of a number of safeguards and followed existing policy, the breach would not have happened.
… Investigation Report F16-01: Ministry of Education is available at:

Drones could get really expensive.
Unmanned Aircraft Operations in Domestic Airspace : U.S. Policy Perspectives and the Regulatory Landscape
by Sabrina I. Pacifici on Jan 28, 2016
Via FAS – CRS report – Unmanned Aircraft Operations in Domestic Airspace: U.S. Policy Perspectives and the Regulatory Landscape. Bart Elias, Specialist in Aviation Policy. January 27, 2016.
“…Many of the commercial applications envisioned for UAS, such as express package delivery, remote monitoring of utilities and infrastructure, and imagery collection and analysis to support precision agriculture, most likely will not be viable without development of technological capabilities that allow for the complete integration of UAS in the national airspace. These include technologies to enable drones to sense and avoid other air traffic ; manage low-altitude airspace and detect and prevent unauthorized use of airspace; mitigate risks to persons and property on the ground; provide secure command and control linkages between drone aircraft and their operators; and enable automated operations. There are also issues related to operator training and operator qualification standards. A number of bills introduced in the 114th Congress address UAS safety, and these topics may be considered in further detail in forthcoming FAA reauthorization debate…”

Who is gullible here? Journalists? Politicians? The public?
The myth of the ISIS encrypted messaging app
Despite widespread media reports to the contrary, an app created for Islamic State militants to send private encrypted messages does not exist, a Daily Dot investigation found.
On Jan. 12, Defense One reported that the Islamic State allegedly built a new Android app called Alrawi for exchanging encrypted messages, based on claims from self-proclaimed online counterterrorism outfit Ghost Security Group (GSG). The claim was quickly reprinted by Newsweek, Fortune, TechCrunch, and the Times of India—the largest English-language newspaper in the world—among many others.
… Followers of ISIS, excited by the news of a custom encrypted messaging app, asked on forums and social media where they could find the app, but we found no instances of anyone able to share it. Western security experts wondered why they couldn’t find a copy on any of the official or unofficial ISIS channels. [Anyone who asked is a terrorist? Bob]

Amusing and perhaps thought provoking.
Hype vs. Reality: A Reality Check on the Internet of Things
The Internet of Things has plenty of hype — it’s going to be big, really big — but also plenty of detractors. The naysayers breathily predict everything from the surveillance state to a wrecked economy to people enslaved by machines. Here are nine bits of information to consider:

We'll pay you to borrow money from us. The rate is -0.1%
Stocks Rally on BOJ Surprise Cut
… “I’m amazed at the power central banks have over markets,” said Mr. Dryden. “We saw it last week with the European Central Bank, and now Japan—it just takes a little bit of action for a big move in equities,” he added.
By applying negative rates, the Bank of Japan is trying to keep the yen from strengthening while demonstrating its resolve to stimulate inflation, strategists said.

This is one my students did not come up with this week. (I can't tell you about some of the others because they might start those businesses themselves.)
This Startup That Fills Your Gas Tank on Demand Just Raised $9 Million
… With the Booster app, you can request your car to be filled up with gas while you are at work.
The team has hit a nerve. Billed as the “Uber for gas” in its Crunchbase profile, Booster announced today that it has raised a $9 million series A round from Madrona Venture Group, Version One Ventures and RRE Ventures, according to the public fundraising database. Currently, Booster services are available in the San Francisco Bay area and the Dallas-Fort Worth area.
… To “order” a tank of gas, customers download the free app and then order a fill up between 7 a.m. and 4 p.m. Booster uses “proprietary” GPS technology to locate your vehicle and confirms it is yours with the make, model, color and license plate. A large industrial truck full of gas then fills your tank. Customers must leave their tanks ajar while waiting for the service. [Opportunity! We need an APP to allow Booster to unlock your gas cap. Could be worth billions! Bob]

(Related) They had several variations of this one.
Uber wants to be your express delivery service for everything
Uber announced today its plans to expand its application program interface, or API, project to its nascent delivery service, UberRUSH. By adding just a few lines of code, businesses such as Nordstrom and 1800flowers can now integrate UberRUSH's one-hour delivery service directly into their digital products.

Amazon shares plunge as record profit still misses estimates
… "By comparative retail standards, Amazon's level of profitability is still painfully weak," said Neil Saunders, head of retail analyst firm Conlumino, who is still positive on Amazon's prospects. "For every dollar the company takes, it makes just 0.75 of a cent in profit."

Coming soon?
Starry Eyes Speedy Internet Access
Project Decibel on Wednesday announced Starry, a company that promises easy broadband Internet access at speeds of up to 1 GB with no caps….
Initial deployment will be a beta in Boston in the summer.
Starry has an FCC license to run pilots for 24 months in Boston and 14 other cities: New York, Washington, Los Angeles, San Francisco, Dallas, Houston, Philadelphia, Detroit, Atlanta, Miami, Minneapolis-St. Paul, Seattle, Denver and Chicago.

All my students should read this.
Facebook for Business: Everything You Need to Know
… If you're ready to take on Facebook for your business, here's everything you need to know to get you started.

(Related) and this!
This is how you live stream on Facebook

No comments: