I’ve previously posted info on the Verticalscope
breach affecting 45 million. But I
never posted their breach announcement. As
I was just reviewing it, I noticed their response to the breach with respect to
new password requirements . I thought it was a bit different, and should be
mentioned here.
From the What We Are Doing part of their statement:
We are in the process of
invalidating passwords of all VerticalScope user accounts. We have posted a site security notification on
each site updating users on the potential risk to certain accounts, the
password reset and steps we are implementing to improve security. We are in the process of implementing stronger password rules (passwords now
require a minimum of 10+ characters and a mixture of upper- and lower-case
letters, numbers and symbols) along with automated
account password expiries to encourage more frequent password
changes. We will remind our users to use
good password practices (not using
the same password for multiple online accounts and using unique
strong passwords). We are in the process
of implementing additional safeguards to detect, alert and mitigate any future
brute force attempts, and have notified our third party vendors that interact
with our various forum API’s of the February breach to allow their own security
teams to investigate. We are continuing
our investigation and will be collecting information to provide to the
appropriate law enforcement authorities.
VerticalScope is taking steps to
strengthen account security. We were already using encrypted passwords and salted
hashes to store passwords, and our new password controls are intended to
further strengthen user security. We are
taking steps to investigate and test new encryption and security technologies
to further protect our users.
Why would you cut yourself off from your customers?
Well, I wanted to send an inquiry to LookBook
to ask them if they were aware of being hacked or a report
that their user database was up for sale, but there was no contact method on their web site, and the domain
lookup didn’t help, either. So I
resorted to tweeting to them, and hope that their Twitter team will escalate
the tweet to their security folks.
@lookbook Was lookbook.nu hacked? Are you aware of claims your user database is
up for sale? See this post: https://t.co/GiSAzrpkGq
— Dissent Doe (@PogoWasRight) June 26, 2016
A system where no one is responsible…
State Dept. scrambled on trouble on Clinton's server
State Department staffers wrestled for weeks in December
2010 over a serious technical problem that affected emails from then-Secretary
Hillary Clinton’s home email server, causing them to temporarily disable
security features on the government’s own systems, according to emails released
Wednesday.
The emails were released under court order Wednesday to
the conservative legal advocacy group Judicial Watch, which has sued the State
Department over access to public records related to the presumptive Democratic
presidential nominee’s service as the nation’s top diplomat between 2009 and
2013.
The emails, reviewed by The Associated Press, show that
State Department technical staff disabled software on their systems intended to
block phishing emails that could deliver dangerous viruses. They were trying urgently to resolve delivery
problems with emails sent from Clinton’s private server.
… Abedin and
Clinton, who both used Clinton’s private server, had complained that emails
each sent to State Department employees were not being reliably received.
… Days after the
technical crisis, on Jan. 9, 2011, an IT worker was forced to shut down
Clinton’s server because he believed “someone was trying to hack us.” Later that day, he wrote, “We were attacked
again so I shut (the server) down for a few min.” It was one of several occasions when email
access to Clinton’s BlackBerry smartphone was disrupted because her private
server was down, according to the documents.
Can you think of a better way?
Exclusive: Google, Facebook quietly move toward automatic
blocking of extremist videos
Some of the web’s biggest destinations for watching videos
have quietly started using automation to remove extremist content from their
sites, according to two people familiar with the process.
The move is a major step
forward for internet companies that are eager to eradicate violent propaganda
from their sites and are under pressure to do so from governments around the
world as attacks by extremists proliferate, from Syria to Belgium and the United
States.
… The
technology was originally developed to identify and remove copyright-protected
content on video sites. It looks for
"hashes," a type of unique digital fingerprint that internet
companies automatically assign to specific videos, allowing all content with
matching fingerprints to be removed rapidly.
Such a system would catch
attempts to repost content already identified as unacceptable, but would not automatically block videos that have not
been seen before.
(Related) Because
the poorer way is already in place.
How the US is working to defeat ISIS online
… The office is
also growing from 68 people earlier this year to about 150 now.
Its budget has grown from $5.6 million in 2015, to more
than $15 million this year. The
administration has requested $21.5 million for 2017.
… "We
recognize that it takes a network to defeat a network, so we're building a
network of partners because we believe we have a very good message, we're not
always just the most credible entity to convey that message," he
said.
"So we have partners that have a tremendous amount of
credibility that we're working with to make sure they have the tools and
capabilities to get out the word that Daesh is indeed a vicious awful
organization that is rife with hypocrisy and everything else," he said,
using a derogatory Arabic term for ISIS.
… "It's not
that it's not working, it's just frankly, it'll take some time to work through
the process." [It's not that it's not working, it’s just not working now? Bob]
Rep. Brad Sherman (D-Calif.) recently noted during the
House Foreign Affairs Committee hearing that the State Department currently needs 14 levels of review before sending
out a Tweet.
Those who receive State Department funding also have to
meet a bar, albeit a lower one, of six levels of review, he added. By contrast, he said, "If you're a
volunteer, you do a tweet."
(Related) And then
there’s the Google way…
USNews article – Google as global censor across all its
brands
by Sabrina
I. Pacifici on Jun 25, 2016
Robert Epstein, June 22, 2016: Google, Inc., isn’t just the world’s
biggest purveyor of information; it is also the world’s biggest censor.
“…But as the golden gateway to all knowledge, Google has rapidly become an essential in people’s lives – nearly as essential as air or water. We don’t let public utilities make arbitrary and secretive decisions about denying people services; we shouldn’t let Google do so either.” An outline of the list discussed in the article as follows:
“…But as the golden gateway to all knowledge, Google has rapidly become an essential in people’s lives – nearly as essential as air or water. We don’t let public utilities make arbitrary and secretive decisions about denying people services; we shouldn’t let Google do so either.” An outline of the list discussed in the article as follows:
1. The autocomplete blacklist.
2. The Google Maps blacklist.
3. The YouTube blacklist.
4. The Google account blacklist.
5. The Google News blacklist.
6. The Google AdWords blacklist.
7. The Google AdSense blacklist.
8. The search engine blacklist.
9. The quarantine list.
2. The Google Maps blacklist.
3. The YouTube blacklist.
4. The Google account blacklist.
5. The Google News blacklist.
6. The Google AdWords blacklist.
7. The Google AdSense blacklist.
8. The search engine blacklist.
9. The quarantine list.
Now you think of it?
Dem protest ignites debate about control of House cameras
Rank-and-file Democrats are calling for C-SPAN to be given
more control of cameras in the House after the blackout of their sit-in on gun
control.
The cameras in the House have long been under the control
of the majority party, despite vocal protests from C-SPAN and government
transparency advocates.
The First Amendment promises that I can tell you this.
MSU McLellan Free Expression Online Library
by Sabrina
I. Pacifici on Jun 25, 2016
“MSU Law’s First Amendment Law Clinic is the only clinical
program in the country solely dedicated to the protection of student speech and
press rights. Now, a $500,000 donation
from leading Michigan attorney and MSU Law Trustee Richard D. McLellan will
expand the clinic’s impact nationwide by creating a Free Expression Online
Library and Resource Center. The
McLellan Free Expression Online Library will provide answers to legal questions
and links to hundreds of sources on topics such as student censorship, invasion
of privacy, social media speech, libel and copyright issues. Students across the country will be able to
connect with MSU Law’s resources to protect their rights to free speech.”
Perspective.
Preparing for the self-driving car?
The Young and the Carless? The Demographics of New Vehicle
Purchases
by Sabrina
I. Pacifici on Jun 25, 2016
June 24, 2016 – The Young and the Carless? The
Demographics of New Vehicle Purchases, Christopher Kurz, Geng Li, and
Daniel Vine, Federal Reserve Board:
U.S. sales of new light vehicles have rebounded strongly
since the end of the 2007-09 recession and are considered one of the bright
spots of the recovery. Indeed, sales
totaled 17.4 million units in 2015, about the same rate as the all-time record
set in 2000 Personal vehicle sales, which exclude sales to businesses and
governments, have also rebounded strongly since the end of the recession… As sales have rebounded, some analysts have
noticed a shift in the age composition of new light vehicle buyers. Indeed, a number of recent studies and press
articles have documented a dramatic decline in young adults’ willingness to own
vehicles, particularly in the years since the 2007-09 recession. For example, Fortune recently cited
the decline in the fraction of new vehicles purchased by young adults–defined
as 18 to 34 year olds–as evidence that financial constraints for that age group
had increased and their interest in driving had decreased. As quoted in the article, young adults “just don’t think driving is cool–or even
necessary–anymore.” Similar
stories abound and often attribute these changes to the rising popularity of
social media, which reduces the need to travel, and alternative means of
transportation, such as ride-sharing, public transportation, and biking, which
reduce the need of owning a vehicle…”
For the next time I teach Math.
Review Questions – Underground Mathematics
I wrote earlier on the wonderful resources on Underground Mathematics
from the University of Cambridge. Thinking
about the new A level specifications I believe this site will
provide us with rich resources for these new specifications.
Each section includes Review Questions, look at Thinking about Algebra for example;
scroll down the different resource types for the Review questions for this
station.
Alternatively you can browse all the Review questions.
No comments:
Post a Comment