Tuesday, March 08, 2016

I don't bother blogging about small breaches, except when I can lump a bunch together like this.
Maryland’s Attorney General’s list for 2015 contains over 500 breach reports, many of which were never covered by the media. Here are two involving health or medical entities or health data, followed by some from the education sector that you may not have known about:
Dharani Jasthi DMD PC dba Today’s Dental Associates reported that they:
received an anonymous fax after close of business on June 24, 2015. The anonymous source stated that it found a document containing names, ages, social security numbers and dates of birth of 6 of Today’s Dental patients during a search of the apartment of a former Today’s Dental employee and was notifying Today’s Dental because the source understood it to be sensitive information.
N. Stephen Delgado O.D. of Columbia Eye Care (Columbia, MD) notified 20 Maryland customers after their safe was stolen:
Meanwhile, in the education sector:
  • Boston University, who reported a server breach in July, had another incident later in the year when an employee fell for a phishing scheme that came from a Nigerian IP address. This time, 174 students had their names, SSN, and in some cases, driver’s license numbers, acquired.
  • Nova Southeastern University, who first discovered a 2013 hack in 2014, reported another breach in November involving student and employee name, address, phone number, and SSN.
  • Wabash College reported that malware both exfiltrated personal information and locked up all files (ransomware). The personal information of 49 people who were alumni or friends of the college was exfiltrated, including SSN, credit card information, and/or bank account information. The college was able to restore files from backup, and did not pay the ransom demand.
  • Brandeis University notified 193 students after two computers were stolen from the Registrar’s office in October, 2015. The types of information involved included names, dates of birth, permanent and email addresses, phone numbers, student records information, and in some cases, SSN. The total number of students impacted was not disclosed.

You knew this was going to happen.
Justice Dept. Appeals Ruling in Apple iPhone Case in Brooklyn
In the latest volley in its high-profile fight with Apple, the Justice Department said on Monday that a federal judge in Brooklyn had erred last week in refusing to order the company to unlock a drug dealer’s iPhone.
… The two cases are very different in some ways — one involves a high-level terrorism investigation, the other an inquiry into a low-level drug dealer — but both center on whether the Justice Department can use a 1789 statute to force Apple to unlock an iPhone.
Unlocking the iPhone in the Brooklyn case would be far easier for Apple, because it involves a device running an older operating system with simpler encryption.

The NSA will have several, perhaps the FBI could invest in one?
MIT's new 5-atom quantum computer could make today's encryption obsolete
Much of the encryption world today depends on the challenge of factoring large numbers, but scientists now say they've created the first five-atom quantum computer with the potential to crack the security of traditional encryption schemes.
… The results of the new work were published Friday in the journal Science.
… A functional quantum computer large enough to crack traditional RSA encryption may still be in the future, but the U.S. National Security Agency is taking the possibility seriously. In January, it posted an FAQ on the technology's potential.
"If you are a nation state, you probably don’t want to publicly store your secrets using encryption that relies on factoring as a hard-to-invert problem,” said Chuang. “Because when these quantum computers start coming out, [adversaries will] be able to go back and unencrypt all those old secrets.”

Wow! The hack gets simpler as the technology matures? Looks like we're going backward here. NOTE: Any repository of unencrypted fingerprint data just became a much more valuable target!
Fake Fingerprints From an Inkjet Printer Can Fool Your Smartphone
Last year, when the Office of Personnel Management notified 22 million people that their personal information was compromised in a massive data breach, one in four received especially nasty news. For most hack victims, the sensitive personal data that was exposed included Social Security numbers, health and financial records, names of relatives, and past addresses. But 5.6 million people learned that their fingerprints were also stolen.
At the time of the announcement, OPM downplayed the importance of the stolen fingerprints. “Federal experts believe that, as of now, the ability to misuse fingerprint data is limited,” an OPM statement read. “However, this probability could change over time as technology evolves.”
That was in September. Now, researchers have developed a cheap and easy way to print out an image of a fingerprint with enough accuracy to fool commercially available fingerprint readers—using just a standard inkjet printer.
The method, outlined in a paper published last month, is certainly not the first one to produce fake fingerprints that are able to fool readers. But where earlier methods required more time and specialized materials, this new method is replicable in just about any home office.

I suspect Apple knew it was going to lose this one.
Supreme Court Denial Closes Apple's E-Book Case
The U.S. Supreme Court on Monday denied without comment Apple's petition for a review of a lower court ruling that it engaged in price-fixing of e-books.
The company now must comply with a US$450 million settlement it reached with 33 states and territories and a private class of e-book purchasers that, together with the U.S. Department of Justice, sued it over the issue.
However, e-book purchasers who were overcharged won't get their hands on any of the $450 million -- most of them would be reimbursed through automatic credits at e-book retailers. The credits could be used for future purchases, the DoJ said.

Okay, I was not expecting that!
Jury Awards Erin Andrews $55 Million in Nude Video Civil Suit
After two weeks in court, a Nashville jury has awarded sportscaster Erin Andrews $55 million on Monday, according to Law360.
Andrews filed a $75 million lawsuit against Michael David Barrett, the stalker who posted a nude video of the journalist he captured through a peephole, as well as the owner and operator of the Nashville Marriott where the crime took place. Over time, the video has been viewed nearly 17 million times. The stalker -- Michael David Barrett -- has since been sentenced to 30 months of jail time.
Overall, the jury found Windsor Capital 49 percent at fault and Barrett 51 percent at fault.

An Infographic for both my Computer Security and Data Management students.
Why Can’t We Buy a Self-Driving Car Yet?

For my Data Management students. Facebook was banned from providing free (Facebook oriented) Internet. Does Google have the right idea?
Google to provide internet connectivity in India through Project Loon in partnership with telecom companies
… Months after Google CEO Sundar Pichai partnered with Indian Government to provide WiFi internet access to 400 railway stations, the tech firm has now come up with an innovative method to provide internet connectivity through ‘Project Loon’, where by internet would be beamed in areas through air balloons floating hundreds of feet above the ground.
The news has been confirmed by Google’s managing director for South East Asia and India Rajan Anandan during an interview with The Economic Times.
… However, based upon the success of Project Loon trials in Sri Lanka and Indonesia, Google is now in talks with telecom companies, along with the Telecom Regulatory Authority of India (TRAI) to bring the internet service in parts of India on trial basis.
However, it is worth to know that the internet services would not be offered by Google from a philanthropic point of view. The services for the same would be charged.

Balloon-Powered Internet For Everyone

Perspective. Being rather anti-social myself, I struggle to understand how all this social stuff works. Would this be something that politicians could use?
Ben Horowitz backs rapper Ryan Leslie’s SMS commerce startup Superphone
… Here’s how Superphone works. Celebrities and other clients can distribute a special phone number connected to their Superphone account. Any time a fan calls or texts it, or buys something on one of their online stores and fills out a form, they get a welcome message prompting them to provide some personal info. That could include location, biographical info, or any data type the client wants to segment their audience by.
Superphone creates a next-generation phone book that’s actually more of a customer relationship management tool. For now it’s a web tool but the Superphone team hopes to have native apps available in the next few weeks. The Superphone dashboard lets clients view charts and graphs of who is paying for what so they can hone in on their most important fans.
… While everyone else buys ads, plays nice with the press, and, blasts out social media trying to reach fans, Superphone lets creators simply talk to the directly like they would any of their friends.

A little history of technology for all my students.
… in 1876, Alexander Graham Bell patented the telephone.
… by 1904, people worried that telephones were creating a race of left-eared people.
It’s easy to take for granted just how much the invention of the telephone changed cultural norms. For instance, take the art of eavesdropping. As Mark Twain wrote in our June 1880 issue, “I consider that a conversation by telephone—when you are simply sitting by and not taking any part in that conversation—is one of the solemnest curiosities of this modern life.”
Twenty-five years later, The Atlantic published a piece by Frederick W. Coburn on the development of the phone. “Once a community, like a family, has acquired the telephone habit, its members are never satisfied to revert to primitive conditions,” he observed.
… When other phone companies began to pop up, “the Bell Company brought infringement suits against all persons or concerns manufacturing or using telephones, save those operating under proper licenses from itself,” Weik wrote. What were called “the telephone cases” eventually reached the Supreme Court, which ruled in favor of Bell:
By the slender majority of one in the vote of the judges the claims of Alexander Bell had now secured the indorsement of the highest judicial tribunal in the land. From that decree there could be no appeal. By virtue of it every rival or competitor of the Bell Company was driven from the field, and that corporation rested, serenely content, in the undisputed ownership of one of the greatest benefactions that ever came to bless mankind.

More ways to waste time online.
5 Places to Watch TV Online You’ve Never Heard Of

For my gamers.
Internet Archive Revives 500 Classic Apple II Programs To Play In Your Web Browser
What would we do without the Internet Archive? In the past few months alone, the Internet Archive has posted a virtual museum of old 80s and 90s era malware and resurrected over 2,300 MS-DOS games — all of which were playable through your browser. Today, the non-profit is upping the ante with the release of 500 Apple II games that you can play for free (as always).
… As with previous software made available via the Internet Archive, the programs can be played using its JSMESS “play-in-a-browser” emulator. You don’t need to install any additional software mess around with emulators — you simply click on a screenshot of the title you wish to run and “presto” you’re transported 30 years into the past to relive a small slither of computing history.

Now I can put my handouts in a Kindle ready format! I bet they still won't get read.
Google Docs now lets you export files as an EPUB ebook
If you’re on the hunt for an easy way to convert your online documents to an ebook-friendly format, Google has quietly announced that it will now let you save your documents directly to .epub (EPUB).

Sort of the history of spreadsheets. For my Spring spreadsheet students to play with.
From VisiCalc to Google Sheets: The 12 Best Spreadsheet Apps
Just go to the VisiCalc page, press the Play button and wait for it to load, then get a blast from the past with a DOS-style interface with a real, working copy of VisiCalc.
… It might not be the tool you'll want to use to make your next budget, but with the VisiCalc manual in hand, it's a fun way to peek back at where it all started.

No comments: