Tuesday, October 25, 2016
Don’t forget! The Privacy Foundation at the University of Denver Sturm College of Law is hosting their October Seminar:
Privacy and Encryption: The Clash of Law & Technology
Friday, October 28, 2016. $30 includes admission to seminar, reception, and 3-hour CLE credit. To register, contact: Maggie Stephenson, Faculty Support Specialist, 303.871.6044 firstname.lastname@example.org
Attention Ethical Hacking students! We have a new target.
'Driverless' beer run; Bud makes shipment with self-driving truck
Anheuser-Busch hauled a trailer loaded with beer 120 miles in an autonomous-drive truck, completing what's believed to be the first commercial shipment by a self-driving vehicle.
The trip happened last week in Colorado as Anheuser-Busch, collaborated with Otto, a subsidiary of Uber that is developing self-driving truck technology. The semi drove autonomously on the highway between Fort Collins, Colorado and Colorado Springs, Colorado.
Update. This was inevitable. All policies come from and if successful will benefit management. The proper argument is the unreasonable and unethical bits.
Former Wells Fargo Employees File $2.6B Lawsuit
by Sabrina I. Pacifici on Oct 24, 2016
Via FindLaw – Alexander Polonsky, et al. v. Wells Fargo, Los Angeles Superior Court, September 22, 2016.
“The lawsuit was filed by two former employees, but seeks compensation for any and all Wells Fargo employees penalized for not meeting sales quotas over the past 10 years. In September, the bank fired over 5,000 employees for opening some two million accounts in customers’ names without their authorization. The lawsuit claims Wells Fargo is punishing lower level employees for policies that came from, and were intended to benefit higher level executives: “Wells Fargo knew that their unreasonable quotas were driving these unethical behaviors that were used to fraudulently increase their stock price and benefit the CEO at the expense of the low-level employees.”
· See also the New York Times DealBook – Voices From Wells Fargo: ‘I Thought I Was Having a Heart Attack’: “The scandal at Wells Fargo over the creation of unauthorized accounts shook its customers’ faith in the bank, but it took an even sharper toll on the company’s workers. A number of them say they faced a stark choice: Create new accounts by any means possible, or risk being fired for falling short of their sales goals…”
How are users informed of the need to change a default password? Big red headlines on page one of the installation sheet or a mention in passing on page six?
Chinese Firm Says It Did All It Could Ahead of Cyberattack
A Chinese electronics maker that has recalled millions of products sold in the U.S. said Tuesday that it did all it could to prevent a massive cyberattack that briefly blocked access to websites including Twitter and Netflix.
Hangzhou Xiongmai Technology has said that millions of web-connected cameras and digital recorders became compromised because customers failed to change their default passwords.
… The hack has heightened long-standing fears among security experts that the rising number of interconnected home gadgets, appliances and even automobiles represent a cybersecurity nightmare. The convenience of being able to control home electronics via the web also leaves them more vulnerable to malicious intruders, experts say.
… "The issue with the consumer-connected device is that there is nearly no firewall between devices and the public internet," said Tracy Tsai, an analyst at Gartner, adding that many consumers leave the default setting on devices for ease of use without knowing the dangers.
(Related) Check your security!
… Bullguard, an industry-leading developer of security software, has an online tool called IoT Scanner. It scans any internet-connected device or network to see if there are any vulnerabilities that can be exploited to gain access to said device or network.
If it does find a security vulnerability, it’ll give you details of the problem that you can use as a first step toward bolstering your network security. Give it a try. It can’t hurt. Run the Deep Scan if you can.
Note that even if the IoT Scanner gives you the green light, you should know that there are some internet-capable devices that you should never connect to the Internet of Things.
How to build in a security problem?
Lyft customers face potential hack from recycled phone numbers
Giving up an old cell phone number for a new one may seem harmless. But for Lyft customers, it can potentially expose their accounts to complete strangers.