Saturday, February 20, 2016

Another victory for the hijackers. (And some really bad reporting?)
WBTW reports that a South Carolina school district is paying a ransom demand because they have no way to access 25 servers with elementary school data after their system was locked up by ransomware:
The Horry County school system remains locked out of several servers after a ransom computer virus got into the system last week.
Charles Hucks is the executive director of technology for Horry County Schools, he’s had non-stop 20 hour days this past week to try to restore locked up data. The virus was discovered last Monday. Servers were immediately shut down to stop the malware from spreading further, and that did interrupt some online services.
Hucks says HCS was not targeted to gain access to data, but a high-level encryption was used to lock up the data on the schools’ servers. As far as they can tell, nothing was stolen or removed, and staff and student information is safe.
Hucks says they have been able to back up most of the lost data, but 25 servers with information for elementary schools are still encrypted with no way to get in.
“And the only way we’ll get it back is to pay,” said Hucks.
Read more on WBTW.
[From the article:
Administrators approved an $8,500 ransom to unlock the servers, but they’ve had trouble making the payment. Hucks says the ransom had to be paid in Bitcoins, but purchasing them is more difficult than going to your local bank.
… “In the next few days we should know. We’re going server by server, back up by back up, to see exactly what we have and the time that it takes to back up, so that will be a business decision,” said Hucks.
Hucks says they’re willing to pay because it’s a small amount compared to the man hours already lost trying to solve the problem.
Even if the ransom is paid, and the data restored, there’s no guaranteed way to stop the same kind of thing from happening again, although Hucks says a repeat attack is highly unlikely.

Interesting what trickles out over time. Did someone change the password and now forgets what it is?
Apple-U.S. Escalate Battle Over San Bernardino Shooter's iPhone
… Apple executives said on Friday that they tried to help law enforcement unlock the phone, including sending engineers to San Bernardino. Apple employees attempted to help investigators reconnect the handset to a Wi-Fi network that Farook had used in the past, a move that would allow the data to be available because the phone would automatically back up and move outside Apple’s encryption barriers. But the effort wasn’t possible because the iPhone’s Apple ID password had been reset by a county official after the shooting.
Had the password not been changed, Apple said the court battle wouldn’t have been necessary.
… The confrontation shows no signs of a quick ending. Apple faces a Feb. 26 deadline to file its rebuttal to the government’s argument in court, with a hearing scheduled for March 22. Apple and FBI officials have been asked to testify in at least two congressional hearings.
… Apple has previously complied with prosecutors when they had a court order under the All Writs Act, a law that compels third parties to take “non-burdensome” steps to help law enforcement carry out search warrants. Apple’s cooperation changed recently when a judge in Brooklyn, in a case involving the iPhone of an accused drug dealer, questioned whether the government can still rely on that law.
… In the Farook case, the data the investigators are after is stored locally on the iPhone -- Apple has already provided the information that was backed up. The government doesn’t have the password and said it can’t keep entering random codes in hopes of eventually breaking in because that would trigger a security feature that automatically erases all the content on the phone.

(Related) Go to Harvard, learn how to state the obvious? Still, it is amusing.
Apple vs. the FBI Is Really, Really Complicated
… The lock-swapping mechanism required in this case would require Apple’s engineers to sit down at a computer and start writing. And that action, as courts recognized long ago, is speech. In Bernstein v. Department of Justice, the Electronic Frontier Foundation successfully argued that David Bernstein, then a graduate student at Berkeley, had a constitutionally protected right to publish his source code, despite the government’s efforts to block it. (Fittingly enough, the code was for encryption software, which the government tried to suppress on the theory that encryption software is a munition subject to export controls.) If code is speech, and the government is compelling Apple to code, then it looks an awful lot like the government is compelling speech. That does not resolve the issue, of course, but it opens up a new field for debate – one that has not receive enough attention.

(Related) John may be a bit delusional. Read and judge for yourself.
Why John McAfee’s offer to unlock San Bernardino iPhone makes sense
… Yesterday he posted an op-ed on Business Insider that explained his position on this matter, and why he thinks his solution would appease all parties involved.

The FBI's job is completely impossible – or am I too optimistic?
'Ricochet', the Messenger That Beats Metadata, Passes Security Audit
Although users are now saturated with options on mobile and desktop for encrypted messaging, very few of the tools available deal with the core problem of metadata. Even if the content of your messages is kept from prying eyes, it may still be possible for a resourceful attacker to see who you are, and who you're talking to.
Now, one program designed to tackle that problem head-on has passed its first professional security audit, signaling that it is on the right track for wider use. Ricochet, which is available for Windows, Mac and Linux, announced the audit results on Monday.

No doubt we (the university) will want to look into this. (There is an Education membership)
Microsoft, Intel, Samsung, & others launch IoT standards group: Open Connectivity Foundation
The Open Connectivity Foundation (OCF) is touted as an open IoT standards group to unify standards, expedite innovation, and “create IoT solutions and devices that work seamlessly together,” according to a press release. Founding members include Microsoft, Cisco, Electrolux, General Electric, Intel, Qualcomm, Samsung, ARRIS, and CableLabs, who will work together to create specifications and protocols to ensure devices from a myriad of manufacturers work in harmony.

Worth watching the video?
A Crash Course on Philosophy
Last fall I shared more than 100 animated lessons about philosophy. This week, through Open Culture, I learned about a new Crash Course in philosophy. The new video course stars Hank Green talking about the origins of philosophical thinking. As I've come to expect with Hank and John Green there is a fair amount of sarcasm in the videos. So far two segments of the course have been published. Both segments are included in the playlist embedded below.

Tools & Techniques Because we no longer teach cursive? I'll mention this to my students because I still pretend they take notes in my classes.
Microsoft fields another notetaking app: Plumbago
… Plumbago "is a digital notebook with technology that smooths out handwriting so your scribbles are easier to read later," explained Microsoft execs. The "handwriting beautification" technology involves matching strokes across the thousands written by a user in order to create more consistent handwriting.

Not just templates…
5 Sites with Microsoft PowerPoint Templates, & Other Tools
Participoll (Windows): Poll Your Audience During Your PowerPoint Presentation
Office Mix (Windows): Turn PowerPoint Presentations into Interactive Websites

Not just a screenshot.
The Instructional Technology Tool I Recommend in Email More Than Any Other
Every week I receive at least a handful of emails from readers who have watched one of my Practical Ed Tech tutorial videos and wanted to know how I created the video. Often those people want to know how I get the yellow circle to appear around my cursor in my videos. The answer to both questions is, I use Screencast-o-Matic to create my instructional videos.
Screencast-O-Matic is available in a free version and a pro version. The free version allows you to record for up to fifteen minutes at a time (that is plenty of time for most screencasts), publish to YouTube in HD, and save videos to your computer as MP4, AVI, and FLV files. The pro version ($15/year) includes video editing tools, unlimited recording lengths, a script tool, and removal of the Screencast-O-Matic watermark. Both versions of Screencast-O-Matic include a highlighted circle around your cursor so that viewers can easily follow your movements on the screen. A webcam recording option is included in the free and pro versions of Screencast-O-Matic.
… Screencast videos can be helpful in delivering instruction on how to use a program on a computer or how to use a website. You can also use screencasting tools to create short flipped lessons by capturing yourself talking over a set of slides that you display on your screen.

Ah good. It must be Saturday.
Hack Education Weekly News
Via Education Week: “CoSN Calls Broadband Access Outside School a ‘Civil Right’ for Students.”
The report, which calls the matter an issue of "civil rights," indicated that 75 percent of school district leaders have no data on their students' Internet access outside of school, while 70 percent of teachers nationally report assigning homework that requires access.
Via the Independent: “Pirate website offering millions of academic papers for free refuses to close despite lawsuit.”
… “MOOC provider Coursera claims it can identify test takers uniquely through its patented keystroke biometrics system.” Paul-Olivier Dehaye looks “under the hood.”
Via Inside Higher Ed: “Study suggests acceptance of online education still lags among high school students.”
Via the Daily Camera: “Conflict between Shakespeare and the Dead will cost CU athletics $100K.” (That’s the surviving members of the Grateful Dead, to be clear.) [Colorado kulture? Bob]

Friday, February 19, 2016

If the answer is yes, who is looking for evidence that this is happening? (Not just in the rankings of articles returned, but in the headline words. “Obama...good””)
Can Google influence election results?
by Sabrina I. Pacifici on Feb 18, 2016
“…[Search Engine Manipulation Effect] SEME’s near-invisibility is curious indeed. It means that when people – including you and me – are looking at biased search rankings, they look just fine. So if right now you Google ‘US presidential candidates’, the search results you see will probably look fairly random, even if they happen to favour one candidate. Even I have trouble detecting bias in search rankings that I know to be biased (because they were prepared by my staff). Yet our randomised, controlled experiments tell us over and over again that when higher-ranked items connect with web pages that favour one candidate, this has a dramatic impact on the opinions of undecided voters, in large part for the simple reason that people tend to click only on higher-ranked items. This is truly scary: like subliminal stimuli, SEME is a force you can’t see; but unlike subliminal stimuli, it has an enormous impact – like Casper the ghost pushing you down a flight of stairs. We published a detailed report about our first five experiments on SEME in the prestigious Proceedings of the National Academy of Sciences (PNAS) in August 2015. We had indeed found something important, especially given Google’s dominance over search. Google has a near-monopoly on internet searches in the US, with 83 per cent of Americans specifying Google as the search engine they use most often, according to the Pew Research Center. So if Google favours one candidate in an election, its impact on undecided voters could easily decide the election’s outcome.”

“Do. Or do not. There is no try.” Yoda
Hillary Clinton: "I've always tried" to tell the truth

If Apple fails, what will the FBI to demand of others?
Facebook, Google, Twitter, Woz, Trump, McAfee, Snowden, and more take sides on Apple vs. the FBI
… Here are some of the key (if not kooky) testimonies in the court of public opinion.
… On Thursday, the social media giant issued a statement acknowledging the “essential work” authorities do to keep us safe, but Facebook also pledged to “fight aggressively” against government efforts to curtail the security of tech products.
… Steve Wozniak
The Apple cofounder spoke to CNBC on Thursday about Apple’s recent privacy fight against the FBI.
“I’m not intimately involved in the fight, but I’m definitely against [the court order],” Woz said.
… Google CEO Sundar Pichai
Pichai took to Twitter to praise Cook for speaking out against the FBI’s demands. “Forcing companies to enable hacking could compromise users’ privacy,” Pichai wrote.
… Twitter CEO Jack Dorsey
Dorsey took to Twitter to share Cook’s letter and express his support for Apple.
… Donald Trump
I agree 100 percent with the courts. In that case, we should open it up,” Trump told “Fox & Friends,” as reported by Politico.
… Edward Snowden
Snowden posted on Twitter that Apple’s fight against the FBI is “the most important tech case in a decade.”

(Related) If the FBI had not gone public, would Apple have done what they asked?
How Tim Cook, in iPhone Battle, Became a Bulwark for Digital Privacy
… Apple had asked the F.B.I. to issue its application for the tool under seal. But the government made it public, prompting Mr. Cook to go into bunker mode to draft a response, according to people privy to the discussions, who spoke on condition of anonymity. The result was the letter that Mr. Cook signed on Tuesday, where he argued that it set a “dangerous precedent” for a company to be forced to build tools for the government that weaken security.

Imagine this connected to police dash-cams. “Oh look! A potential terrorist!”
Today, we're announcing the beta release of Google Cloud Vision API. Now anyone can submit their images to the Cloud Vision API to understand the contents of those images — from detecting everyday objects (for example, “sports car,” “sushi,” or “eagle”) to reading text within the image or identifying product logos.

You ain't been harmed unless you can prove you've been harmed.
Jason C. Gavejian writes:
The U.S. Court Appeals for the Eleventh Circuit has ruled that statutory damages under the Stored Communications Act (SCA) are not available in a case where the plaintiff did not incur any actual damages.
The case, Vista Marketing LLC v. Burkett, originated from an extremely contentious divorce proceeding.

Peter Sullivan, Christopher Escobedo Hart and Colin Zick of Foley Hoag write:
How much does the question of harm matter in cybersecurity law? The answer is: It depends on who is bringing the claim.
Businesses confronting data breaches can face litigation from private consumers as well as from governmental entities. Managing litigation risk varies in these contexts because of the limitations of bringing private rights of action. One such limitation is the requirement of proving actual harm in private actions. As explained further below, the bar for enforcement is lower when federal regulators bring an action against an entity. Businesses must be mindful that the lack of actual harm may not be an avenue to dismiss these claims. Employing best practices is still paramount in helping businesses mitigate the risks that come from private party suits and government enforcement actions.
Read their full article that includes mention of notable court rulings and their implications on Security, Privacy, and the Law.

Is this what Facebook should have done in India? Could we do this in Denver?
New York’s futuristic new pay phones don’t require any payment at all
New York's futuristic, high-tech pay phones -- which are embedded with touchscreen tablets – are finally going live on Thursday.
The name "pay phone" doesn't quite do it justice, of course. Yes, the city's LinkNYC terminals will allow you to make domestic phone calls. But they'll also let you surf the Web, pull up online maps and connect to city services like 311 and 911. And all of it will be free, thanks to built-in advertising.

Perspective. Perhaps there is hope?
Twitter’s Account Suspensions Are Surprisingly Effective Against ISIS
… According to J.M. Berger and Heather Perez, Twitter’s routine pruning of Islamic State-associated accounts has kept the size of the Islamic State’s propaganda network small, and has particularly damaged the reach and influence of the largest and most prominent accounts.
The researchers’ findings, published Thursday by the George Washington University’s Program on Extremism, temper a general sense of panic among government officials, sparked by the impression that the Islamic State is “winning” a propaganda war against the Western world.
Top lawmakers have lamented the effectiveness of the group’s grassroots-like Twitter apparatus, and have launched shaky attempts to counter it. In doing so, they have painted a picture of a well-oiled propaganda machine that floods Twitter, Facebook, and Telegram with pro-jihadi messages that inspire Westerners to either travel to Iraq and Syria, or commit acts of terrorism at home.

Perspective. A strong indication that smartphones are ubiquitous?
Volvo reveals plans to replace car keys with a smartphone app starting in 2016
The Swedish car maker has announced a pilot program kicking off in Sweden this spring that will offer cars without any kind of physical key or fob, with plans to make the system available commercially in 2017.

Because I'm teaching spreadsheets in the Spring…
How to Create Powerful Graphs & Charts in Microsoft Excel

Something our CJ students ca use?
California DOJ’s OpenJustice Platform Makes Local Law Enforcement Data More Transparent
OpenJustice, an interactive web platform developed by the California Department of Justice and spearheaded by the office of the attorney general, has today released a new set of criminal justice data for the sake of transparency and accountability.
It includes data from California’s 1,000-plus law enforcement agencies to allow for side-by-side comparison of agencies, like San Francisco Police Department versus Los Angeles Police Department. The new local data also includes information on the demographic information of both victims and offenders.

It can be free AND good.
The Public Domain Review
by Sabrina I. Pacifici on Feb 18, 2016
“Founded in 2011, The Public Domain Review is an online journal and not-for-profit project dedicated to the exploration of curious and compelling works from the history of art, literature, and ideas. In particular, as our name suggests, the focus is on works which have now fallen into the public domain, that vast commons of out-of-copyright material that everyone is free to enjoy, share, and build upon without restriction. Our aim is to promote and celebrate the public domain in all its abundance and variety, and help our readers explore its rich terrain – like a small exhibition gallery at the entrance to an immense network of archives and storage rooms that lie beyond. With a focus on the surprising, the strange, and the beautiful, we hope to provide an ever-growing cabinet of curiosities for the digital age, a kind of hyperlinked Wunderkammer – an archive of content which truly celebrates the breadth and diversity of our shared cultural commons and the minds that have made it. The Main Parts of the Site:
  • The Collections – The vast majority of the content exists in our curated collections of images, books, audio and film, in which we shine a light on curiosities and wonders from a wide range of online archives.
  • The Essays – Every two weeks we publish a new long-form essay in which leading scholars, writers, archivists, and artists offer insight and reflection upon the oft overlooked histories which surround public domain works.
  • Curator’s Choice – In this series each month a curator from a gallery, library, archive, or museum picks out highlights from their openly licensed digital collections. Contributors include The British Library, the Rijksmuseum and the UK National Archives.”

Thursday, February 18, 2016

This will disappoint my Computer Security students.
After computer hack, L.A. hospital pays $17,000 in bitcoin ransom to get back medical records
… While the shift Obama and many others pushed may have improved care, electronic medical records led to quite the unique hostage situation in Los Angeles this week. There, a hospital fell prey to a cyberattack — and the hospital has escaped its plight by paying hackers a $17,000 ransom.
… “On the evening of February 5th, our staff noticed issues accessing the hospital’s computer network,” he wrote. “Our IT department began an immediate investigation and determined we had been subject to a malware attack. The malware locked access to certain computer systems and prevented us from sharing communications electronically.”
What communications needed to be electronically shared? As Stefanek got around to pointing out a few paragraphs later, medical records.
… Could anonymous computer wizards potentially compromise care and get away with it?
“The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key,” Stefanek’s statement said. “In the best interest of restoring normal operations, we did this.”
… But Hollywood Presbyterian, owned by CHA Medical Center of South Korea, said not to worry.
“Patient care has not been compromised in any way,” Stefanek wrote. “Further, we have no evidence at this time that any patient or employee information was subject to unauthorized access.”

Local. I seem to remember asking these folks why they wanted to reinvent the wheel. They had no answer.
Elizabeth Harrington reports:
The Obamacare health exchange in Colorado faced “numerous weaknesses” and had “inadequate security settings,” leaving the personal information of enrollees vulnerable, according to a new audit.
The inspector general for the Department of Health and Human Services publicly released its review of Connect for Health Colorado on Wednesday, revealing the exchange had inadequate security measures in place for more than a year.
Read more on Free Beacon.
[From the article:
The report, which reviewed information security controls as of November 2014, did not go into specifics of Connect for Health Colorado’s vulnerabilities because of the “sensitive nature of the information.”
… The Colorado health exchange cost taxpayers more than $184 million to create, the audit said.
The audit marks the latest bad news for Obamacare in Colorado, after the state’s biggest co-op announced it was folding last year. Colorado HealthOP collapsed in October, leaving 83,000 Coloradans without health insurance.

Also for my Computer Security students. BYOD could be B-A-D.
How to prevent shadow IT
What do complex IT policies, outdated software and lack of IT-supported services have in common? They all contribute to shadow IT, which occurs when employees circumvent procedures to use unapproved services and software. The last thing employees want to do when working on a project is check in with the IT department, so how can IT provide employees with necessary resources so shadow IT is no longer an issue? These InfoSec professionals share their suggestions for preventing shadow IT before it becomes the new normal.

I guess I'll guess. (Do I sound like a politician?)
Max Metzger reports:
Hewlett Packard Enterprise’s (HPE) new cyber-risk report has not been shy in claiming legislators are ‘pushing research underground’.
The report, which HPE releases every year, coalesces all the company’s security research into one hefty, 100-page document. Among its conclusions this year were that governments are impinging upon the tech industry’s ability to develop, as well as squashing privacy rights in the wake of mounting international security threats.
Read more on SC Magazine.

I'm glad someone took the time to put this together.
Everything you need to know about the Apple versus FBI case

(Related) Support via an “amicus tweet?”
Google CEO Sundar Pichai backs Tim Cook over Apple-FBI controversy

(Related) Another part of the Big Brother strategy.
At last week’s Senate Intelligence Committee hearing on Worldwide Threats, FBI Director James Comey reiterated his call for a major expansion of the FBI’s surveillance authorities, but disingenuously downplayed it as fixing a “typo” in the law. In fact, Comey’s proposed fix, which he calls one of the FBI’s top legislative priorities, would be a major expansion of surveillance authority, and a major hit to Americans’ privacy and civil liberties. It would grant the FBI access to a range of revealing and personal details about Americans’ online communications — what are called Electronic Communications Transactional Records (ECTR), in legalese — without court approval.

Harm gets easier?
Ross Todd reports:
U.S. District Judge Lucy Koh’s first major ruling in data-breach lawsuits against major health insurer Anthem Inc. didn’t do much to clarify how the litigation itself will ultimately play out.
In her decision, Koh addressed for the first time the question of whether the loss of personal information constitutes harm under New York’s General Business Law, a consumer protection law similar to California’s Unfair Competition Law. It does, she ruled, rejecting arguments from Anthem and its lawyers at Hogan Lovells and expanding reasoning she has applied in at least one earlier data-breach case.
Koh’s ruling in In Re Anthem Data Breach Litigation builds on the Adobe decision. Like in Adobe, Koh recognized that the theft of personal identification information is a harm to consumers in itself separate from any subsequent misuse of it.
Read more on The Recorder.

You either love Al Gore or you teach both side of the argument?
Coverage of "Climate Confusion Among U.S. Teachers"
"Climate Confusion Among U.S. Teachers" (PDF), a paper in the journal Science describing the first nationwide survey of climate change education in the United States, conceived and funded by NCSE and conducted in collaboration with researchers at Pennsylvania State University, received extensive coverage in the press.
[From the PDF:
Content knowledge is not the only area in need of attention. Rejection of sound scientific conclusions is often rooted in value commitments rather than ignorance (16), and science teachers are not immune from this tendency. A question measuring political ideology was a more powerful predictor of teachers' classroom approach than any measure of education or content knowledge, with those leaning toward “It's not the government's business to protect people from themselves” most willing to teach “both sides” (table S8).

Perspective. Jack of all trades, master of none?
Amazon and Google Want to Take Over Your World
… Amazon is reportedly ramping up hiring for its own private clothing line, according to Women’s Wear Daily. The e-commerce king has flirted with the idea of launching its own label in the past, but the hiring binge WWD says is underway seems to suggest that it is turning from a dream to a reality.
… On Wednesday, Google Express said it is expanding into fresh grocery deliveries, bringing produce, eggs, meat, and other perishables to parts of San Francisco and Los Angeles.
… Google is entering an already-crowded space, where it faces competition from the likes of Instacart, Fresh Direct, Peapod, and Amazon, none of which make much profit in the notoriously tight grocery game. Like Instacart and Fresh Direct, Google is partnering with existing stores, including Costco and Whole Foods, giving them quick access to supply without the headaches Amazon faces owning its own inventory at risk of food spoil. But Instacart and Fresh Direct face their own limitations in terms of scale, a problem Amazon and Google, with their big data and billions of users, hope to avoid.

For my gamers.
Amazon launches free engine for video-game makers
Amazon Web Services is launching a free video-game engine to enable studios to make sophisticated games and connect them to the cloud.

Bad enough we no longer teach cursive, now we don't need writing in any form!
Too Lazy To Type? Twitter Now Lets iOS And Android Users Capture And Share Videos In Direct Messages
Typing out sentences to express your sentiments can be a tad taxing for the lazy you? Do you wish there was a simpler way of getting your message across on Twitter instead of typing within the character limit?
You're in luck! Twitter has now been updated to bring in a new feature that will enable users to capture and share video messages in Direct Messages.

Tools for the swamped?
When was the last time you opened that newsletter? What about the rest of the subscriptions flooding your inbox? Yea, that’s what we thought. With Unroll.Me you can take back your inbox by unsubscribing from unwanted subscription emails, hassle free. Just one click and they’re gone. Try it out, you wont regret it.

5 Incredible Tech Lawsuits That Shaped the Digital World

This reminds me to demo Google translate in my classes.
Google Translate Now Includes 103 Languages
… The most recent update adds support for Amharic (the second most widely spoken Semitic language after Arabic), Corsican (used on the French island of Corsica and Napoleon's first language), Frisian (the native language of more than half of Netherlands' Friesland province), Kyrgyz (used in Kyrgyzstan), Hawaiian, Kurdish (Kurmanji), Luxembourgish, Samoan (which uses only 14 letters), Scots Gaelic, Shona, Sindhi, Pashto and Xhosa.

Perspective (and amusement) No doubt a Republican version will follow.
The Perfect Democratic Stump Speech

Let's make an App for that!
Take Any of These 5 Courses and Make Your First Android App

Interesting. A smartphone for $3.74? This is creating a stir. Perhaps I should sic my students on the story…
Freedom 251: We answer your top 10 questions
The cheapest smartphone in the world -- the Freedom 251 -- costs just Rs. 251 and is apparently made by a Noida-based company called Ringing Bells. It was launched yesterday to more questions than answers.
… We have a letter from the Indian Cellular Association (ICA) written to telecom minister Ravi Shankar Prasad that estimates that this phone should cost at least USD 60 (approximnately Rs. 4,100).

Wednesday, February 17, 2016

How long can they go on operating like it's 1965?
A Hospital Paralyzed by Hackers
A hospital in Los Angeles has been operating without access to email or electronic health records for more than a week, after hackers took over its computer systems and demanded millions of dollars in ransom to return it.
The hackers that broke into the Hollywood Presbyterian Medical Center’s servers are asking for $3.6 million in Bitcoin, a local Fox News affiliate reported.
… Medical records that show patients’ treatment history are inaccessible, and the results of X-rays, CT scans, and other medical tests can’t easily be shared. New records and patient-registration information are being recorded on paper, and some patients have been transferred to other hospitals.

Is this about the encryption or the feature that erases the data after too many failed passwords? If the latter, can't they copy the file? (I bet they can) What does the FBI think is in the encrypted text? A list of co-conspirators? Correspondence with a lawyer? An Imam?
Apple vs. the FBI
… At issue is a court order issued Tuesday by Magistrate Judge Sheri Pym of the Federal District Court for the District of Central California ordering Apple to, in the words of The Associated Press, “supply highly specialized software the FBI can load onto the phone to cripple a security encryption feature that erases data after too many unsuccessful unlocking attempts.Wired adds that Apple’s compliance would allow the FBI to attempt to unlock the phone using multiple password attempts—a method known as bruteforcing. But Apple declined, calling for a public discussion, so its customers and citizens “understand what is at stake.”
Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.
… Apple points out that the FBI—rather than seeking congressional legislation—is seeking a new interpretation of the All Writs Act of 1789, which allows judges to “issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law.”

Apple can comply with the FBI court order
… I believe all of the FBI’s requests are technically feasible.

Why Have Americans Given Up On Privacy?
… a recent study by the University of Pennsylvania’s Annenberg School for Communication concluded that:
“[A] majority of Americans are resigned to giving up their data.”
Is this true? Is it a wider issue affecting more than just Americans? And why?

Believe whatever makes you happy. What would you do if the email said, “see the attachment for detailed attack plans?”
N.S.A. Gets Less Web Data Than Believed, Report Suggests
A newly declassified report by the National Security Agency’s inspector general suggests that the government is receiving far less data from Americans’ international Internet communications than privacy advocates have long suspected.
The report indicates that when the N.S.A. conducts Internet surveillance under the FISA Amendments Act, companies that operate the Internet are probably turning over just emails to, from or about the N.S.A.’s foreign targets — not all the data crossing their switches, as the critics had presumed.

How good should your software be if you will kill the people it identifies as terrorist? Let's apply it to people in Colorado and see what we get.
The NSA’s SKYNET program may be killing thousands of innocent people
In 2014, the former director of both the CIA and NSA proclaimed that "we kill people based on metadata." Now, a new examination of previously published Snowden documents suggests that many of those people may have been innocent.
Last year, The Intercept published documents detailing the NSA's SKYNET programme. According to the documents, SKYNET engages in mass surveillance of Pakistan's mobile phone network, and then uses a machine learning algorithm on the cellular network metadata of 55 million people to try and rate each person's likelihood of being a terrorist.
Patrick Ball—a data scientist and the director of research at the Human Rights Data Analysis Group—who has previously given expert testimony before war crimes tribunals, described the NSA's methods as "ridiculously optimistic" and "completely bullshit." A flaw in how the NSA trains SKYNET's machine learning algorithm to analyse cellular metadata, Ball told Ars, makes the results scientifically unsound.

For my Data Management students. I'm teaching like the answer is “yes!”
Does your company need a chief data officer?
It's a rare business today that doesn't depend on data in some significant way, but does that mean most companies need a chief data officer?
That's a question on more than a few executive minds in this big-data era, particularly as analyst firms wax increasingly enthusiastic about the role. Gartner, for instance, recently said it expects 90 percent of large organizations to have a chief data officer by 2019. Last August, Forrester found that 45 percent of global firms already have one, while another 16 percent said they planned to do so within the next year. Experian points to a similar trend.

(Related) Data, data everywhere, nor anyone who thinks.
The Internet Of Medicine Is Just What The Doctor Ordered
… IoT is just what the doctor ordered. It holds the key to lowering medical costs, improving quality and making healthcare more personalized, accessible and affordable for average patients.
Call it the Internet of Medicine (IoM). From a financial standpoint, the annual impact from IoM could soon exceed a trillion dollars a year — revenue, by the way, that will increasingly rely on recurring revenue arrangements.

Yesterday Wharton, today Harvard. Maybe this is important.
Lessons from Facebook’s Fumble in India
… As I’ve written previously, there are good reasons to like Facebook’s Free Basics initiative; I have argued that it is better for a society to provide even limited access to more people, than the status quo where close to 80% of the population has no internet access at all – as is the case in India.

Try those Data Analysis skills.
CIA Releases Declassified Documents to National Archives
by Sabrina I. Pacifici on Feb 16, 2016
“Today [February 16, 2016], CIA released about 750,000 pages of declassified intelligence papers, records, research files and other content which are now accessible through CIA’s Records Search Tool (CREST) at the National Archives in College Park, MD. This release will include nearly 100,000 pages of analytic intelligence publication files, and about 20,000 pages of research and development files from CIA’s Directorate of Science and Technology, among others. The newly available documents are being released in partnership with the National Geospatial Intelligence Agency (NGA) and are available by accessing CREST at the National Archives. This release continues CIA’s efforts to systematically review and release documents under Executive Order 13526. With this release, the CIA collection of records on the CREST system increases to nearly 13 million declassified pages.”

I'm adding this to my “must see” movie list. Interesting read.
U.S. Hacked Into Iran’s Critical Civilian Infrastructure For Massive Cyberattack, New Film Claims
A new documentary on “Stuxnet”, the joint U.S.-Israeli attack on Iran’s nuclear program, reveals it was just a small part of a much bigger cyber operation against the nation’s military and civilian infrastructure under the code name “NITRO ZEUS”.

For my geeks
Windows 95 architect launches open-source, media-rich document creation platform for mobile devices
PowerPoint is fine for your business presentation, but getting your message across with a few pictures and text alone may not fit when you’re trying to give a product demo on a website or present your findings via email. That’s where a new project from Satoshi Nakajima comes in.
With Swipe, announced today, users can build media-rich documents with animations, video, vector graphics and audio via any touch-enabled device
… Swipe has a free demo app for iPhone in the app store now, and users can access the open-source code over on Github now to try the project before it is officially unveiled next month.

Tuesday, February 16, 2016

An increasingly common problem. (And remember, all lawyers are rich!)
Max Marbut reports:
You might think the data stored on your computer at home or work is relatively safe from theft or even tampering.
You would be wrong.
No one knows that better than attorney Thomas Brown of The Brown Firm.
The culprits left behind a digital message: Give them $2,500 and they would provide a key that would open the files.
Long story, short: they paid the ransom. Read more on Jax Daily Record.

(Related) For the toolbox.
How To Restore Lost Files From CrypBoss Ransomware
There’s great news for anyone affected by the CrypBoss, HydraCrypt, and UmbreCrypt ransomware. Fabian Wosar, a researcher at Emsisoft, has managed to reverse-engineer them, and in the process has released a program that is able to decrypt files that would otherwise be lost.

This should help us frame our privacy policies to get the most out of our users.
Pew – How Americans balance privacy concerns with sharing personal information
by Sabrina I. Pacifici on Feb 15, 2016
“Many Americans are in an “It depends” frame of mind when they consider a central trade-off of the digital era: Will you share personal information in return for a product, service or other benefit? A new report from Pew Research Center explores six different scenarios where Americans might encounter that privacy-related question. It finds that people consider a variety of things in making their decisions, such as the value of the benefit they are being offered, the circumstances of their lives, how they feel about the organization that is collecting the data, what happens to their personal data after it is captured and how long the data are retained. This report builds on other recent Pew Research Center survey results showing the emotions Americans feel as they struggle to understand the terms that govern sharing personal information with companies.”

Is this an election promise?
Bruce Vielmetti reports:
In a 4-3 decision, the Wisconsin Supreme Court has again broadened an exception to allow police to seize and use evidence obtained from private places without the owner’s consent to a search warrant.
The dissent called the majority’s interpretation so broad as to “swallow the Fourth Amendment,” which protects against unreasonable searches and seizures.
The decision Wednesday was also notable in that Justice Rebecca Bradley joined the majority that reversed the Court of Appeals, even though she had not heard arguments in the case, which occurred before her appointment Oct. 9 by Gov. Scott Walker.
Read more on JSonline.

For my Computer Security class. How much Privacy is too much?
Allan Loudell writes:
It’s certainly not the first time the Delaware Division of Public Health has done this, and it’s absolutely frustrating.
A day after announcing the first confirmed case of the Zika virus here in Delaware, health officials released a very few additional details. It was a wasted exercise.
We still don’t know where the woman traveled, the nature of her symptoms, her age, or her hometown. All in the name of privacy. Really? Hogwash.
Not hogwash at all, Allan.
Read more on WDEL.

A Computer Security class resource.
5 Sites to Learn the History of Malware
Have you ever wondered what computer viruses looked like before the Internet, and how they spread? Do you wish you could get a hands-on look at some of the most notorious malware in history?

Data for my data analysis students.
New on LLRX – Web Data Extractors 2016
by Sabrina I. Pacifici on Feb 15, 2016
Via LLRX.comWeb Data Extractors 2016 – Extracting data from the internet has become an increasingly high priority for organizations with teams that focus on mining and leveraging huge amounts of data as part of an effective, collaborative and actionable work product. Tools and protocols to extract content rich information are in demand as researchers seek to discover new knowledge at an ever increasing rate. As robots (bots) and intelligent agents are at the heart of many extraction tools, Marcus Zillman has created a compilation of a wide range of free, fee and collaborative sources, services and sites that offer users a range of approaches to extract information from the web.

You be the judge.
Search Hillary Clinton’s Emails
by Sabrina I. Pacifici on Feb 15, 2016

I wonder what this will morph into?
John Vibes writes:
The federal government spent $1 million to create an online database that will collect “suspicious” memes and track “misinformation.” The project, which is known as the “Truthy Database” is being funded by The National Science Foundation, but it seems as if the operation has some powerful political motivations.
Ironically enough, the project takes its name from a term that was popularized by television personality, Stephen Colbert.
Read more on Activist Post.

(Related) Chilling? Slippery slope?
Pre-Crime Is Here: How Police Assign a Facebook “Threat Score”
A recent story from The Washington Post gave the public a rare inside view of the social media monitoring capabilities of the Fresno police department, which is trialling a controversial piece of software called Beware. The piece has caused quite a stir over the software’s supposed proclivity for civil liberties violations.
… Law enforcement officers have likely been using social media for intelligence gathering since it became mainstream – even back in 2006, police arrested an underage boy in Colorado after he posted pictures of himself on MySpace with a number of firearms.
Social media’s use in investigations has only become more commonplace since then, and there are a number of stories testifying to its efficacy. In 2014, New York police seized over 250 illegally sold guns after an extensive investigation that started when officers noticed an aspiring rapper had posted images of guns in his studio on Instagram.
… Beware, when given an individual’s information, calculates a “threat score” based on, according to Intrado’s website,
billions of [publicly]-available commercial records in a matter of seconds—alerting responders to potentially dangerous situations while en route to, or at the location of, a 9-1-1 request for assistance.
The billions of points of data come from social media posts, arrest and other public records, commercial databases, and many other types of data, though exactly where they come from and how they’re translated into a green, yellow, or red threat score is a trade secret guarded by Intrado, the maker of the software.

More for our classroom debate.
How Facebook Lost Face in India
… Today, a few months later, Zuckerberg finds himself estranged from his Indian constituency. His Free Basics initiative has been banned by the Telecom Regulatory Authority of India (TRAI). Zuckerberg’s dream of being a pivotal part of Prime Minister Narendra Modi’s Digital India program has received a severe setback. And his target of “the next one billion” Facebook users – the first one billion was reached on August 24, 2015 – may have been postponed by months, if not years.
… “I am surprised that any country would be dumb enough to homogenize the Internet with no evidence of any benefit,” says Gerald Faulhaber, Wharton professor emeritus of business economics and public policy. “I’m afraid India has made a colossal economic blunderTwitter.
“I am not now and never have been a fan of network neutrality,” Faulhaber continues. “To me and many others in Internet space, it has been a solution looking for a problem. There is no evidence that such a problem exists, but here we are regulating the Internet — just like we regulated the old monopoly telephone system — with no evidence that there is a market failure that would justify such regulation.

Something for our Criminal justice students to watch for.
Law, Order and Algorithms
by Sabrina I. Pacifici on Feb 15, 2016
“A team of engineers uses computational analysis tools to scrape information from police-related incidents to reveal discrimination and reduce crime…. The project is led by computational social scientist Sharad Goel, an assistant professor of management science and engineering. He also teaches a course at Stanford Engineering that explores the intersection of data science and public policy issues revolving around policing. Among other activities, Goel’s team is building a vast open database of 100 million traffic stops from cities and towns around the nation. The researchers have already gathered data on about 50 million stops from 11 states, recording basic facts about the stop – time, date and location – plus any available demographic data that do not reveal an individual’s identity. These demographics might include race, sex and age of the person…”

For the Movie Club.
5 Ways You Can Buy or Rent Movies Cheaper Than Amazon

Why do I get the feeling that this won't go over with the folks at the MPAA?
Popcorn Time lets you pirate from a browser window, and its creators want it legal
… If you’re not familiar, Popcorn Time was a streaming entertainment platform that looked a lot like Netflix to the end-user, but in reality was a sort of front for a torrent system. In other words, Popcorn Time made what many consider an illegal activity — downloading copy-protected content — look as legit as streaming Netflix.
… now Popcorn Time is back, this time eschewing dedicated apps for the relative comfort of web browsers. This version of the service uses a browser plugin called Torrents Time to allow users to stream movies and TV shows by interacting with a remarkably simple browse-and-click interface. As of now, the platform is compatible with Windows PCs and Macs, and is open source, clearing a path for anyone to step in and create their own versions.
… To avoid entanglements, Previous Popcorn Time forks advised users to employ VPNs (virtual private networks) to mask their IP addresses and evade any civil action. Some VPN services specifically refuse to function with any active torrent traffic, whereas others operate with no such restrictions. The most widely suggested option was Anonymous VPN, which our source told us is still a good idea.
… “We believe that other than literature and poetry copyrights, any industrial work should be given a much more limited protection. The film and TV producers should be allowed a ‘novelty monopoly’ that allows them to recover their investment and make a profit, as high as they can,” he told Digital Trends via email. “But as soon as they are off the big screen, they must allow free access to the works. An alternative could be a small ‘token’ payment per view.

We should probably push this article to all of our students.
How to Get a Distraction-Free Computer in 10 Easy Steps
… If you have a lot of distractions, your attention is necessarily reduced.
This article will show you practical ways to eliminate each of the distractions that your computer (Mac or Windows) is responsible for.
Almost all distractions that our computers throw at us are useless or at best irrelevant at the time they crop up.
Each distraction serves as a trigger. It’s a trigger designed to take you away from what you should be doing, and convincing you to do something else.
Unless you have a good reason not to, it’s far best to remove these distractions (triggers) completely.

Things for my students to consider. (Infographic)
How the Heck Does an App Stand Out From the Crowd?
How does an app actually become successful? It’s hard out there for an app, as the infographic below demonstrates.

I've been wondering what to do with the schools large format printer…
NASA's New Posters and the Retro Travel Ads That Inspired Them
NASA’s Jet Propulsion Laboratory is out with a new collection of dazzling, retro-inspired tourism posters. They’re colorful odes to other worlds, designed in the spirit of WPA-era travel posters from the 1930s.