Sunday, August 21, 2016
What does a Defense University do? Probably only a minor or peripheral target.
The China Post reports:
The National Defense University (NDU) Saturday confirmed that its computer system had been hacked in July but said that no classified information had been stolen.
Only ordinary academic research materials had been stolen, NDU said.
Read more on The China Post.
[From the article:
It added that it had already reinforced the firewall protecting its computer system. [Funny how often improved security become obvious after a hack. Bob]
Articles like this help Computer Security managers “sell” their budgets.
Protenus, who provide software to monitor, detect, and reduce insider mis-steps such as snooping and other egregious wrongdoing, has been writing a series of posts on the cost of a breach. In this week’s installment, they looked at the costs of forensics and notification. Considering I’ve recently been blogging about entities that don’t have insurance for breaches, some of the figures in their report might help get some entities off the dime to invest more in obtaining insurance for breaches.
Disclosure: DataBreaches.net has been collaborating with Protenus for the past few months to provide monthly statistics and analyses of breaches involving health data.
Like Dissent, I find this rather wishy-washy. Perhaps my students could develop an “Apology App” that generated phrases like: “We’re so sorry we were too lazy to secure your data.” “We apologize for failing to encrypt anything.” “We’re sorry your privacy meant so little to us.”
Natasha Bita reports:
Companies that lose or leak customers’ personal data will be forced to apologise or pay compensation for psychological harm under new laws blasted by business groups.
The federal government plans to introduce new privacy legislation this year, requiring banks, phone and internet providers, retailers and government departments to tell customers when data has been hacked or stolen.
Customers must be notified of breaches that cause “serious harm’’ — which the draft bill defines as physical, psychological, emotional, economic and financial harm, as well as “harm to reputation’’.
Patients will have to be told whenever health records are leaked, lost or stolen.
Companies risk $1.8 million fines if they fail to tell customers about data leaks under the proposed new law. But they can avoid prosecution if they pay compensation to customers, issue public or personal apologies, or agree to court-enforceable undertakings.
Wait. They can get out of any mitigation if they simply notify and apologize? Seriously?
Read more on The Daily Telegraph.
Related: There were a lot of responses to the proposal when it was opened up for consultation earlier this year.
Still searching for the App that grants “world domination!”
Facebook's Latest Assault On Snapchat Is Lifestage: An App For Teens, By A Teen
Facing increasing pressure from rival social networking service Snapchat, Facebook has launched yet another app in order to convince youngsters that its products are where it's at. The new app in question is Lifestage, which is essentially a video diary where users answer biographical questions about themselves. Rather than filling in answers with text, users record a small video snippet that others can view on the uploader's profile.
There's one catch though: only people under the age of 21 can use it. Once a user goes over that age, the app loses the majority of its functionality, with users only able to see their own profile and unable to communicate with anyone else.
Created by 19-year-old Facebook product manager Michael Sayman, he says that the inspiration of the app was to replicate Facebook back when users didn't run the risk of having their posts seen by their parents or other family members, while also making the app more relevant to the times by making it focused on video
… To start, while Lifestage is aimed at those aged 21 and under, the app has no means of verifying if users are as old as they say they are. Similarly, it can't actually confirm whether users are actually from the school they say they are from. While on the subject of schools, the app only lets users register to one school and prevents them from changing, meaning that users will need to get a new account if they ever transfer or when they graduate
More a collection of policies… Perhaps it could collect other things too?
Discover the open data policies -The Open Data, for non-lawyers
by Sabrina I. Pacifici on Aug 20, 2016
Via the Sunlight Foundation and OpenGov Foundation: “Open Data Policies Decoded provides the open data policies on one friendly website. Inline definitions, cross-references, bulk downloads, a modern API, and all of the niceties of modern website design. It’s like the expensive software lawyers use, but free and wonderful. This is a public beta test of Open Data Policies Decoded, which is to say that everything is under development. Things are funny looking, broken, and generally unreliable right now. This site is powered by The State Decoded.”