Friday, May 27, 2016

…and suddenly the banking system seems much less secure.
Michael Riley and Alan Katz report:
Investigators are examining possible computer breaches at as many as 12 banks linked to Swift’s global payments network that have irregularities similar to those in the theft of $81 million from the Bangladesh central bank, according to a person familiar with the probe.
FireEye, the security firm hired by the Bangladesh bank, has been contacted by the other banks, most of which are in Southeast Asia, because of signs that hackers may have breached their networks, the person said.  They include banks in the Philippines and New Zealand but not in Western Europe or the United States.  There is no indication of whether money was taken.
Read more on Bloomberg.

Do insurers routinely audit banks? 
Ken Kronstadt and Crystal Skelton of Kelley Drye & Warren LLP write:
Last week, the Eighth Circuit upheld a lower court’s ruling in State Bank of Bellingham v. BancInsure Inc., finding that a bank employee’s negligence in securing its computer network did not preclude coverage for a data breach resulting in a fraudulent funds transfer.  The decision affirms the lower court’s ruling granting summary judgment in favor of the Bank of Bellingham, holding that the loss was covered even if employee negligence contributed to the loss.
Read more on JDSupra.

The downside of those “double secret” hacks.
Patrick Howell O’Neill reports:
A federal judge has thrown out all the evidence gathered by the FBI using a hacking tool targeting Tor users in a child-porn investigation.
U.S. District Court Judge Robert Bryan on Wednesday shut down the FBI’s case against defendant Jay Michaud, a Vancouver middle-school teacher accused of downloading child porn through the Tor anonymity network while the FBI surreptitiously took control of a child-porn site called Playpen for two weeks in early 2015.
Read more on Daily Dot.
[From the article:  
Bryan's order came after the FBI refused to reveal the full code behind the hack.

One area of biometrics analyzes how you walk, why not extend that to how you drive?
Andy Greenberg reports:
The way you drive is surprisingly unique.  And in an era when automobiles have become data-harvesting, multi-ton mobile computers, the data collected by your car—or one you rent or borrow—can probably identify you based on that driving style after as little as a few minutes behind the wheel.
In a study they plan to present at the Privacy Enhancing Technology Symposium in Germany this July, a group of researchers from the University of Washington and the University of California at San Diego found that they could “fingerprint” drivers based only on data they collected from internal computer network of the vehicle their test subjects were driving, what’s known as a car’s CAN bus.
Read more on Wired.

How do I explain this to my students?  I tell them to hire a good lawyer.
Google Doesn’t Owe Oracle a Cent for Using Java in Android, Jury Finds
Google’s use of the Oracle’s Java programming language in the Android operating system is legal, a federal jury found today in a verdict that could have major implications for the future of software development.
The case, which has dragged on for six years, could have cost Google as much as $9 billion in damages had it lost.  But the decision affects more than just Google.  The case is important because it helps clarify the copyright rules around what programmers can borrow for their own work.  Programmers routinely borrow APIs from existing products either to ensure compatibility between products or simply to make it easier to learn a new product.  An Oracle victory could have seriously curtailed that practice, hindering the creation of new software.
   The ruling is good news for programmers in general, but the Electronic Frontier Foundation (EFF) has argued that techies and the public have already lost because of the earlier decision that found that APIs are subject to copyright.

Up ‘til now, cars have been blind? 
Intel buys a Russian machine vision firm for IoT devices and self-driving cars
Intel (NASDAQ:INTC) is buying Itseez, a Russian developer of computer vision algorithms and related technology for embedded systems.  Terms are undisclosed.
Intel: "This acquisition furthers Intel’s efforts to win in IoT market segments like automotive and video, where the ability to electronically perceive and understand images paves the way for innovation and opportunity.  Itseez will become a key ingredient for Intel’s Internet of Things Group (IOTG) roadmap, and will help Intel’s customers create innovative deep-learning-based CV applications like autonomous driving, digital security and surveillance, and industrial inspection."

IT Architecture, again.  Instead of a plain old computer screen you get a cute(?) little robot. 
Will Pizza Hut soon be run by robots?
Some restaurants have started experimenting with human-like robots instead of human cashiers, allowing consumers to pay for their meals without interacting with another person.  Although many restaurants have allowed digital ordering, either online, by kiosk or on tablets at the table, the practice of using humanoid, or human-like robots, is still in its earliest stages, and it’s primarily happening in Asia so far.  Experts say the robots could benefit restaurants and lead to wider adoption — if diners aren’t too freaked out by them.

Why I’m teaching two sections of my Computer Security class.
Cybersecurity recruitment in crisis
Globally cybersecurity is in crisis not solely from a lack of skilled personnel, but also from a lack of strategic direction and companies inability to hire staff in an expedient, effective and efficient manner.
ISSA, (ISC)2, ISACA, Cisco, and PwC have all released major studies showing the cybersecurity skills gap has reached a crisis point worldwide. The number of positions to be filled vary widely from each study, but the majority of them put the gap at over a million positions by the end of the decade. One might go so far as to call it a cybersecurity skills gulf. This is not a new challenge, but one that has been developing over time.

(Related) Security includes ethics?
Tech Savvy: Two Questions for Managers of Learning Machines
   The first, which Dhar takes up in a new article on TechCrunch, is how to “design intelligent learning machines that minimize undesirable behavior.”
   The second question, which Dhar explores in an article for, is when and when not to allow AI machines to make decisions.

Perhaps more for lawyers and future politicians? adds RSS and email alerts for researchers
by Sabrina I. Pacifici on
Via Emily Carr, LC – “…new email alerts and RSS feeds are now available from For more details, see New Email Alerts and RSS Feeds on
“Building on those email alerts, there is now an additional set of email alerts and the first RSS feeds that you can subscribe to from
  1. Most-Viewed Bills (email | RSS)
  2. Search Tips (email | RSS)
  3. Bills Presented to the President (email | RSS)
  4. On the House Floor Today (email | RSS)
  5. On the Senate Floor Today (email | RSS)
  6. In Custodia Legis: Law Librarians of Congress (email | RSS)”

Moneyball, but understandable!  Worth reading.
What a Minor League Moneyball Reveals About Predictive Analytics

(Related)  I see this as a business opportunity, 
Data Analytics Rarely Leveraged to Detect Fraud
A new report released by KPMG this week on fraud shows little major change when compared to previous reports - except perhaps that there are more female fraudsters today than there were previously.  Statistically, fraudsters tend to be male, management, working in groups colluding with outsiders, and aged between 35 and 55.  But there is one particularly worrying statistic: technology-assisted fraud is increasing while technology-assisted detection is falling.
   A major recommendation of the report (PDF) is the increased use of technological defenses.

Saturday silly a day early.
Hack Education Weekly News
   Via the AP: “A complaint filed Tuesday with Texas education officials accuses a charter-school network of abusing a visa program to import large numbers of Turkish teachers and violating state and federal laws by paying them more than American teachers.  The complaint also asserts that the network, Harmony Public Schools, skirts competitive bidding rules to award contracts to Turkish vendors.”
   Via Boing Boing: “JJ Abrams urges Paramount to drop its lawsuit over fan Star Trek movie.”  The lawsuit in question involves Paramount’s claim that the Klingon language is copyrightable.
   Via The New York Times: “Group Urging Free Tuition at Harvard Fails to Win Seats on Board.”

No comments: