Thursday, May 05, 2016
Are we trying to get into the Guinness Book of World Records?
Millions of stolen email credentials shared online by Russian hacker
Tens of millions of stolen credentials for Gmail, Microsoft and Yahoo email accounts are being shared online by a young Russian hacker known as "the Collector" as part of a supposed larger trove of 1.17 billion records.
That's according to Hold Security, which says it has looked at more than 272 million unique credentials so far, including 42.5 million it had never seen before. A majority of the accounts reportedly were stolen from users of Mail.ru, Russia's most popular email service, but credentials for other services apparently were also included.
… Some 40 million of the credentials came from Yahoo Mail, 33 million were from Microsoft Hotmail, roughly 24 million were from Gmail, and nearly 57 million were from Mail.ru, according to Reuters. Thousands of others came from employees of large U.S. companies in banking, manufacturing and retail, and hundreds of thousands more reportedly were from accounts at German and Chinese email providers.
Now this is interesting. Would you believe that LAPD would keep this from the FBI?
LAPD hacked into iPhone of slain wife of 'Shield' actor, documents show
… LAPD detectives found an alternative way to bypass the security features on the white iPhone 5S belonging to April Jace, whom the actor is accused of killing at their South L.A. home in 2014, according to a search warrant filed in Los Angeles County Superior Court.
The bypass occurred earlier this year, during the same period that the FBI was demanding that Apple unlock the iPhone 5C of San Bernardino shooter Syed Rizwan Farook. The FBI eventually said it found another method for unlocking the phone without using Apple.
LAPD Det. Connie Zych wrote that on March 18, the department found a "forensic cellphone expert" who could "override the locked iPhone function," according to the search warrant.
The search warrant did not detail the method used by the LAPD to open the phone, nor did police reveal the identity of the cellphone expert. It's also unclear what operating system April Jace's phone had.
The latest “warm and fuzzy” report.
FROM 2013 to 2015, the NSA and CIA doubled the number of warrantless searches they conducted for Americans’ data in a massive NSA database ostensibly collected for foreign intelligence purposes, according to a new intelligence community transparency report.
The estimated number of search terms “concerning a known U.S. person” to get contents of communications within what is known as the 702 database was 4,672 — more than double the 2013 figure.
And that doesn’t even include the number of FBI searches on that database. A recently released Foreign Intelligence Surveillance Court ruling confirmed that the FBI is allowed to run any number of searches it wants on that database, not only for national security probes but also to hunt for evidence of traditional crimes. No estimates have ever been released of how often that happens.
A couple of interesting hypotheticals to kick around in my Computer Security class.
Susan Hennessey writes:
During the recent panel event at the Hoover Institution on using data to protect privacy, I had an interesting exchange with Laura Donohue of Georgetown Law, which I’ve been mulling over ever since.
I had made the argument that, in discussing information sharing and privacy, it is important to differentiate between different types of data. There are a number of areas in which privacy and security are mutually reinforcing, as a genuine operational matter and not just as a linguistic framing. In particular, I argued, where we can automate collection and processing of data, technology can increasingly promote both privacy and security. [I agree and extend this to Military Intelligence generally. Bob]
Donohue disagreed, and she had a pretty good line in response:
Read more on Lawfare.
(Related) Nothing specific. In fact, it sounds like what yearbook photographers used to do with those old fashioned camera thingies.
Katie Banks reports:
Police are investigating following teenage girls’ claims they were caught on camera without their knowledge or permission.
Shawnee police are now investigating one of their male classmates at Mill Valley High School in the De Soto School District for a possible privacy breach.
Students at the high school and their parents agree that the news of a teenage boy taking cell phone technology too far has caused some concern.
Families received an email on Tuesday from Mill Valley High’s principal. It says a student, using a cell phone, took photos and videos of female students in public places while at school.
Read more on Fox4KC.
My guess is that Donald Trump will not pick this as one issue to use against Hillary. I suspect he would be uncomfortable discussing technology. Okay, “uncomfortable” is not the right word. Nothing seems to make him uncomfortable.
Romanian hacker Guccifer: I breached Clinton server, 'it was easy'
… Guccifer’s potential role in the Clinton email investigation was first reported by Fox News last month. The hacker subsequently claimed he was able to access the server – and provided extensive details about how he did it and what he found – over the course of a half-hour jailhouse interview and a series of recorded phone calls with Fox News.
Fox News could not independently confirm Lazar’s claims.
In response to Lazar’s claims, the Clinton campaign issued a statement Wednesday night saying, "There is absolutely no basis to believe the claims made by this criminal from his prison cell. In addition to the fact he offers no proof to support his claims, his descriptions of Secretary Clinton's server are inaccurate. It is unfathomable that he would have gained access to her emails and not leaked them the way he did to his other victims.”
The former secretary of state’s server held nearly 2,200 emails containing information now deemed classified, and another 22 at the “Top Secret” level.
Federal judge opens the door to Clinton deposition in email case
… Judge Emmet Sullivan of the U.S. District Court for the District of Columbia laid out the ground rules for interviewing multiple State Department officials about the emails, with an eye toward finishing the depositions in the weeks before the party nominating conventions.
Clinton herself may be forced to answer questions under oath, Sullivan said, though she is not yet being forced to take that step.
“Based on information learned during discovery, the deposition of Mrs. Clinton may be necessary,” Sullivan said in an order on Wednesday.
Architecting the perfect automobile platform? What should your car do for you?
Ford Invests in Pivotal to Soup Up Its Software
Ford Motor Co. , like the rest of the auto industry, has a software problem: Elon Musk’s Tesla Motors.
Tesla has set the standard in the auto industry as the equivalent of an iPad on wheels, offering major software updates to improve vehicles.
On Thursday, Ford said it will invest $182.2 million in Pivotal Software Inc., a San Francisco-based software company expected to help Ford stay competitive as software and cars become one.
,,, FordPass includes a smartphone app that helps users with parking, car sharing, remote access to vehicles and other services. Ford ownership isn’t required to use the app, and Ford says that FordPass “aims to do for car owners what iTunes did for music fans.”
Is this the virtual assistant we’ve been waiting for? (Or merely a better pizza ordering App?)
Siri’s creators say they’ve made something better that will take care of everything for you
… The engineers erupted in cheers as the pizzas arrived. They had ordered pizza, from start to finish, without placing a single phone call and without doing a Google search — without any typing at all, actually. Moreover, they did it without downloading an app from Domino’s or Grubhub.
… The goal is not just to build great artificial intelligence. Companies see in this effort the opportunity to become the ultimate intermediary between businesses and their customers.
The best “new tool” ever!
Google aims to kill 'Death by PowerPoint' with new Slides
… The new features -- currently rolling out on Android, iOS and the Web app -- aim to make slide presentations more interactive. Audience members can ask questions and vote for which questions should get answered.
… Education is obviously one key market for Google. Mary Jo Madda got to interview Bose—Survey Says:
Bose believes that the Q&A feature [has] implications for teaching practices. [And] for students who may be afraid to ask for help.
“As a student myself, I've definitely been lost and confused in class. [Q&A] takes away the fear of asking questions. ... Other students who have up-voted your question are [undoubtedly] also confused.”
How to Use the New Q&A and Laser Pointer Features of Google Slides @googledocs
This could be amusing!
Feds make it easier for students to use drones
The Federal Aviation Administration (FAA) on Wednesday announced new guidelines meant to make it easier for students to use drones for academic purposes.
Students at accredited educational institutions will not need to get authorization from the FAA, according to the guidelines, or apply for an exemption from existing rules. Faculty members will also be able to use a drone without additional authorization, assuming they are assisting a student.
Some of my students have too much time on their hands. They might be perfect for this.
Did You Know You Can Earn Money Testing Mobile & Web Apps?
Those who do not study history are doomed to repeat it, but have we lost so much so quickly?
Police Called After Student Tries To Buy Lunch With $2 Bill
An eighth-grade student found herself in hot water for buying chicken nuggets for lunch last week – using a $2 bill.
Danesiah Neal, an eighth grader at Fort Bend Independent School District’s Christa McAuliffe Middle School outside of Houston, Texas, attempted to pay for lunch with a $2 bill given to her by her grandmother, Sharon Kay Joseph. However, cafeteria workers at the school didn’t believe that it was real – they never see $2 bills, apparently – and called the police. According to Neal, the police officer told her that she could be in “big trouble” for using the bill which they believed to be counterfeit.
… Some semblance of sanity eventually took over and school officials called Joseph, who confirmed that she had given the bill to her granddaughter to pay for lunch. In the meantime, the police (who apparently didn’t have much else to do that day) went to the convenience store where Joseph was given the bill. They also took the bill to a local bank where it was eventually determined to be real. Phony crisis averted.