Saturday, December 03, 2016

I wondered about this yesterday.  They were talking “attacks” but articles did not mention any successful penetrations.  This may not be related to Russian claims that some nation-sponsored attack is pending.  It is also (probably) not another Swift / Bangladesh type attack.
Hackers try to steal $45m from Russia’s central bank
Regulator buries disclosure in 70-page report on risks to financial system
Hackers attempted to steal Rbs2.87bn ($45m) from Russian central bank correspondent accounts earlier in 2016, the country’s regulator said on Friday.
The Bank of Russia managed to prevent the theft of Rbs1.67bn by freezing accounts it said the hackers had opened to siphon away the stolen money and by blocking correspondent accounts, the regulator said.
The disclosure was buried in a 70-page twice-yearly report on risks to the Russian financial system that the central bank released on Friday.  The report did not say when the attempted theft took place or whether the remainder of the funds under threat had been stolen.

Were they unable to justify spending to prevent the breach?  “If you don't have time (budget) to do it right, when will you have time (money) to do it over?” John Wooden
Marie Weidmayer reports:
MSU will spend an estimated $2.9 million on identity theft protection in the wake of the data breach that exposed university records of about 400,000 people.
According to a statement from MSU President Lou Anna K. Simon, MSU will provide credit monitoring and identity theft protection free of charge to everyone affected.
“We have a reserve fund that we have set aside that is used to pay deductibles for insurance claims and general liability claims and the money will come from that reserve fund,” university spokesperson Jason Cody said.
Read more on The State News.

Automating hacking.  What.  You thought hackers couldn’t use technology to make their jobs easier? 
Press Trust of India reports:
It may take as little as six seconds for hackers to guess your credit or debit card number, expiry date and security code, say scientists who were able to circumvent all security features meant to protect online payments from fraud.
Exposing the flaws in the VISA payment system, researchers from Newcastle University in the UK, found neither the network nor the banks were able to detect attackers making multiple, invalid attempts to get payment card data.
By automatically and systematically generating different variations of the cards security data and firing it at multiple websites, within seconds hackers are able to get a ‘hit’ and verify all the necessary security data.
Read more on NDTV.

Check if you were hit by the massive 'Avalanche' cybercrime ring
The U.S. government has posted links for free scanning programs so companies and individuals can check their computers to make sure they weren't victims of a massive, international cyber criminal operation that was taken down Thursday after a four-year investigation.
   The U.S. Computer Emergency Readiness Team (US_CERT) has posted links to five scanners on its site. Europol has also posted a list of sites in multiple languages for potentially infected users.  The malware only affects systems running the Microsoft Windows operating system, according to US-CERT.
The Department of Homeland Security’s National Cybersecurity and Communications Integration Center, which includes US-CERT, will be providing victim notification to stakeholders, including Internet Service Providers, DHS said in a statement.

We have the data, let’s SWAT these people!
Todd Heywood reports:
Lansing Mayor Virg Bernero’s proposal aimed at regulating homegrown marijuana raises legal concerns and may even be unconstitutional, critics say.
The ordinance the mayor has called for would require the city-owned Lansing Board of Water & Light to monitor customers’ monthly electrical usage and report those using more than 5,000 kilowatts a month to enforcement agencies.
Read more on Lansing CityPulse.

See?  Trump is good for business!
After Trump’s Win, Secure Messaging App Signal’s Downloads Increase 400%
   “There has never been a single event that has resulted in this kind of sustained, day-over-day increase,” Moxie Marlinspike, the founder of Open Whisper Systems, the software nonprofit behind Signal, told BuzzFeed News.  Marlinspike interpreted the jump as a reaction to Trump’s win, and anxiety over the future of US surveillance.

No Internet, no problem?  That must be why old-fashioned print newspapers don’t see the harm.
Marcia Coyle reports:
The Detroit Free Press is asking the U.S. Supreme Court to reverse a court decision that restricts public access to the mug shots of federal criminal defendants.
Booking photos provide an “important window” into the government’s exercise of its police powers, the media outlet said in its petition in Detroit Free Press v. U.S. Department of Justice.
The U.S. Court of Appeals for the Sixth Circuit in July ruled that Congress intended to exempt mug shots from disclosure under the Freedom of Information Act because of “possible embarrassment and the existence of the internet.”
Read more on National Law Journal.

My Governance students have a hard time believing this.
Who's responsible for data compliance? 25% of executives don't know
   According to the 2016 State of Compliance survey conducted by data management and integration provider Liaison Technologies, one-quarter of top executives are unclear who in their organization is responsible for compliance. [They are.  Bob]  And nearly half (47 percent) of respondents to the survey of 479 senior and C-level executives said they don't know which compliance standards apply to their organizations.  [Their lawyers do.  Bob] 
   See the infographic below to learn more about the state of compliance.

(Related) Maybe they should not be concerned?
Kevin M. McGinty of Mintz Levin writes:
An attempt to impose liability on corporate officers and directors for data breach-related losses has once again failed.  On November 30, 2016, a federal judge in Atlanta issued a 30 page decision dismissing a shareholder derivative action arising out of the September 2014 theft of customer credit card data from point-of-sale terminals in Home Depot stores.  The dismissal of the Home Depot derivative action follows earlier dismissals of derivative actions arising from data breaches perpetrated against Wyndham and Target.
Read more on National Law Review.

From an editorial in the Tampa Bay Times:
In a four-month investigation, Tampa TV station WTVT-Fox 13 found that the DHSMV sells private driver records in bulk to more than 75 companies, despite federal and state laws deeming the information confidential.  The federal Driver Privacy Protection Act, passed in 1994, says state motor vehicle agencies cannot disclose personal information “without the express consent of the person to whom such information applies.”  Florida passed its own law a few years later.  Personal information is defined as photographs, Social Security numbers, driver identification numbers, names, addresses, phone numbers, and medical or disability information.  There are exceptions for government agencies carrying out official functions, private investigators, research activities and statistical reports, and some private businesses as long as the information is only used for verification purposes.  Bulk distribution of personal information for marketing or solicitation is permitted only with the individual’s express consent.
Fox 13 found that the DHSMV sells personal information about Florida’s 15.5 million licensed drivers and 18 million registered vehicles to private vendors, including two major data brokers.  The state claims it vets the companies to ensure they are entitled to the information under one of the law’s exemptions — but that vetting is limited to checking that the companies have business registration in Florida, the department told Fox 13.  What’s more, the state has no way to keep the information from being handed off or resold to third parties.
Read the full editorial on the Tampa Bay Times.  Given that Florida is a veritable hotbed of identity theft, you’d think the state and legislature would be looking to crack down on the sale of personal information that can be used to support an identity theft scheme.

We were discussing this yesterday in my Software Architecture class.  (By the way, they see voice commands (Siri, OK Google, Alexa, etc.) as the next wave of disruption.
Warding Off the Threat of Disruption
How quickly do companies need to respond to innovations that could upend their markets?  In “Keep Calm and Manage Disruption,” an article in the spring 2016 issue of MIT Sloan Management Review, Joshua S. Gans argued that companies may have more time than is commonly believed.
   That advice didn’t satisfy at least one reader.  Daniel Cohen, vice president of business operations and strategy at Adobe Systems Inc., a software company based in San Jose, California, wrote to explain why he thinks companies need to move swiftly to avert disruption before it affects their performance.  What follows is Cohen’s perspective, Gans’ response — and an informative dialogue about the importance of monitoring disruption in markets related to one’s own.

Social Media as a targeting tool.  Predator drones do not need to read the encrypted messages. 
ISIS tells members to stay off messaging apps
The Islamic State in Iraq and Syria (ISIS) is encouraging its members to avoid using encrypted messaging apps like WhatsApp and Telegram out of fear that U.S.-led coalitions are using their data to locate and target commanders, according to Reuters.
   Al-Naba has also called for members to turn off their phones before entering ISIS bases.
"Switch off your phone after you finish your communication and beware of the greatest disobedience of all — switching it on when you are in one of the offices," it said.  "As long as it has power, the phone is spying on you."

Will this allow Samsung to become “The First National Bank of the Exploding Smartphone?” 
Regulator Will Start Issuing Bank Charters for Fintech Firms
Firms offering online loans, smartphone payments and other financial-technology products would get new flexibility to expand and further shake up the U.S. banking industry under a proposed new federal policy.
A top regulator said Friday that his agency would for the first time start granting banking licenses to “fintech” firms, giving them greater freedom to operate across the country without seeking state-by-state permission or joining with brick-and-mortar banks.
The move could open the door to more competition between the old and new financial firms, and provide a bigger opening for some large tech companies to consider new ways to offer digital payments or other services.
   Today, virtually all technology companies join with banks in some fashion to access the payment system or make loans.
With a charter, fintech upstarts could possibly move to become independent from banking partners.

How Much You Should Be Charging for Your Freelancing Gigs (Infographic)
   Accounting software Freshbooks surveyed 2,000 of its customers to come up with median rates for six industries.
Check out the company’s infographic below to make sure you’re charging what you’re worth.

For my Statistics class: How to be wrong with confidence!
How Much The Polls Missed By In Every State
   The national polls are ultimately going to be off by only about 2 percentage points, which is not out of the ordinary historically speaking.  State polls however, missed by wider margins.  In 41 of the 50 states, the average of the polls underestimated Donald Trump’s margin of victory.  But they weren’t wrong by the same magnitude or in the same direction in every state.

Enough to make you a buyer?
$49 Windows tablets, $1,000 PC discounts, and 50% off Xbox games highlight Microsoft deals

This has become an “I hate Trump” rant.  I’ll skip that part. 
Hack Education Weekly News
   Via The Chronicle of Higher Education: “In a report released on Wednesday, the U.S. Government Accountability Office said the federal government would forgive at least $108 billion of student debt in the coming years, an amount higher than expected.”  More via NPR and Inside Higher Ed.  [Bad loans of taxpayer money?  Bob]
   Colorado Heights University will close, according to The Chronicle of Higher Education, after losing recognition by its accreditor.
   Via PRI: “Job retraining classes are offered to Rust Belt workers, but many don’t want them.”
   Common Sense Media looks at education applications’ use of encryption.  “Our findings indicate that a significant number of vendors do not provide even basic support for encryption.  While 52 percent of the 1,221 login URLs we surveyed require encryption, 25 percent do not support encryption at all, and an additional 20 percent do not require an encrypted connection.”

Friday, December 02, 2016

Many countries will test our new president to see what they can get away with.  This article suggests cyber-attacks may be part of the testing.
Destructive Hacks Strike Saudi Arabia, Posing Challenge to Trump
State-sponsored hackers have conducted a series of destructive attacks on Saudi Arabia over the last two weeks, erasing data and wreaking havoc in the computer banks of the agency running the country’s airports and hitting five additional targets, according to two people familiar with an investigation into the breach.
   Although a probe by Saudi authorities is still in its early stages, the people said digital evidence suggests the attacks emanated from Iran.  That could present President-elect Donald Trump with a major national security challenge as he steps into the Oval Office.
The use of offensive cyber weapons by a nation is relatively rare and the scale of the latest attacks could trigger a tit-for-tat cyber war in a region where capabilities have mushroomed ever since an attack on Saudi Aramco in 2012.
Unlike the Aramco attack or the one by North Korea against Sony Pictures in 2014, the latest was perpetrated by detonating a cyber weapon inside the networks of several targets at once, the people said.
   The ferocity of the attacks appears to have caught Saudi officials by surprise.  Thousands of computers were destroyed at the headquarters of Saudi’s General Authority of Civil Aviation, erasing critical data and bringing operations there to a halt for several days, according to the people familiar with the investigation.
Air travel, airport operations and navigation systems weren’t disrupted by the attack, the authority said in response to questions.  The attack affected office administration systems only, it said.
   As a candidate, Trump said little about cyber security but he has taken a consistently hard line on relations with Iran, including saying he would tear up the nuclear accord.
Possible Motive
Investigators piecing together the computer destruction are trying to determine a motive for the attacks, which occurred between Trump’s election and key OPEC meetings, the people said.
“Anyone who did this attack knows it has implications for the nuclear deal,” said James Lewis, director of the strategic technologies program at the Center for Strategic and International Studies in Washington.

What is going on here?  Will they simply declare victory on Monday?  Or will they need to invade the Ukraine to put a stop to it?
Russia Says Foreign Spy Agencies Preparing Cyberattacks on Banks
Russia accused foreign spy agencies of preparing cyberattacks in dozens of cities to try to undermine its banking system.
Attacks may begin on Monday with the goal “of destabilizing the financial system of the Russian Federation, including the activities of a number of major Russian banks,” the Federal Security Service, the successor body to the Soviet-era KGB, said in a website statement Friday.
The attackers plan to use servers based in The Netherlands that belong to a Ukrainian hosting company, BlazingFast, the security agency known as the FSB said.
   The FSB didn’t identify the spy agencies it said are involved in preparing the attack on Russian lenders.  Its announcement comes amid tensions over Ukrainian missile-defense drills taking place near Crimea, which Russia annexed in 2014.
   BlazingFast has “plenty of clients leasing our servers” and the company hasn’t been contacted by law enforcement, Chief Executive Officer Anton Onopriychuk said by phone in Kiev on Friday.
“We will conduct an internal investigation, but it will take a lot of time, as it’s like looking for a needle in a haystack,” he said.  “That’s why I can neither confirm nor deny this information at the moment.”

Not all small breaches have equally small consequences.
Dell Cameron reports:
A misconfigured storage device discovered by a security researcher in October left exposed thousands of internal files belonging to an explosives-handling company.
The files, which have since been secured, reportedly included details about facilities in three U.S. states where explosives are stored.
The leaky file repository belonged to Allied-Horizontal Wireline Services(AHWS), a leading wireline company with more than 400 employees and 70 wireline units throughout the United States.
Read more on The Daily Dot.

Phillet of Phishing network? 
Legal raids in five countries seize botnet servers, sinkhole 800,000+ domains
At one point, Avalanche network was responsible for two-thirds of all phishing attacks.
   A Europol release on the operation provided more details, stating:
[Five] individuals were arrested, 37 premises were searched, and 39 servers were seized.  Victims of malware infections were identified in over 180 countries.  Also, 221 servers were put offline through abuse notifications sent to the hosting providers.  The operation marks the largest-ever use of sinkholing to combat botnet infrastructures and is unprecedented in its scale, with over 800 000 domains seized, sinkholed or blocked.
The domains seized have been "sinkholed" to terminate the operation of the botnet, which is estimated to have spanned over hundreds of thousands of compromised computers around the world.

Another hack my ‘designated hackers’ can demonstrate to my Computer Security class.
Bug Allows Activation Lock Bypass on iPhone, iPad
Researchers have found a bug that can be used to bypass Apple’s Activation Lock feature and gain access to the homescreen of locked iPhones and iPads running the latest version of iOS.
   When a locked device is started, users are prompted to connect to a Wi-Fi network.  If the “Other Network” option is selected, the user must enter the name of the network and choose a security protocol (e.g. WEP, WPA2, etc.).  Depending on which protocol is selected, a username and/or a password must also be entered.
The problem, as researchers discovered, is that there is no limitation on the number of characters that can be entered into the name, username and password fields.  By entering very long strings into these fields, an attacker can trigger a crash that exposes the device’s homescreen.

…and so it begins.
FBI, GCHQ Get Foreign Hacking Authority
Changes to Rule 41 of the federal rules of criminal procedure come into force today, giving the FBI (with a judicially granted search warrant) authority to hack computers in any jurisdiction, and potentially overseas.  This happened just two days after the UK's Investigatory Powers Act (IPA) was granted royal assent and became law.  The latter gives Britain's Government Communications Headquarters (GCHQ) the legal authority to 'mass hack' outside of the UK.

It’s the ‘case detail’ that I find interesting.
How Often Does The News Media Bring FOIA Lawsuits?
by Sabrina I. Pacifici on Dec 1, 2016
The FOIA Project at the Transactional Records Access Clearinghouse: “Just how active is the news media in taking federal agencies to court when they don’t promptly turn over the records being sought?  Hard data to reliably answer this question has been extremely limited. today announces an ambitious initiative aimed at filling this void.  Starting with the case-by case records on virtually every FOIA suit now available on, the project team examined and classified each of nearly nine thousand individual names of plaintiffs for cases filed in federal district court since the beginning of FY 2001.  The result is what we have dubbed “The News Media List” now available at:  This never-before available interactive tool not only identifies each media organization and reporter, but also provides direct access to a variety of details about every case.  For more recent cases, a useful synopsis is given, along with descriptors of the specific issues involved.  Click on a “case detail” link to pull up the court docket, the actual complaint and court opinions (where available), and an up-to-date listing of the events and proceedings that have taken place.  To see who the most active FOIA media filers are, using this interactive tool you can sort by media name, or by time period and media category…”

Perspective.  Even politicians are becoming interested.
Blockchain tech is our financial future — America can get ahead of it
It may not have the sexiest of titles, but the new Congressional Blockchain Caucus could not have come at a better time.
Created by two lawmakers this fall, the bipartisan caucus is designed to raise legislators’ awareness of blockchain technology, an innovative software protocol that logs transactions in an online ledger distributed across multiple computer networks, allowing parties to validate the transfer of assets.
It’s a fast-growing business: financial firms are investing $1 billion in blockchain technology this year, and blockchain startups have received hundreds of millions in venture capital funding since 2013.
   The U.S. Federal Reserve, the People's Bank of China, the Bank of England and Central Bank of Russia have in recent months all signaled their interest in the technology.

Jobs for my techies.  And an article for my Software Architecture class.  Starbucks is another company you don’t think of as tech-driven.
As Schultz Steps Down, Next Starbucks CEO Brings Tech Savvy
After turning Starbucks Corp. into the world’s largest coffee chain, Chief Executive Officer Howard Schultz will hand the reins to a lieutenant who could solidify its role as a technology company.
   The move is a nod to the company’s growing reputation for innovation: It introduced the world’s first successful mobile-payment service, beating out the likes of Apple Inc. and Google Inc., and gets an increasingly large portion of its revenue from that source.
   Starbucks’ digital and technology prowess has put it ahead of its peers, allowing it to serve more customers faster.  Same-store sales rose 5 percent in the Americas region in the most recent quarter.  Mobile payments accounted for about 25 percent of U.S. transactions in that period.
Starbucks built on its tech leadership with an order-ahead feature, which lets customers select and pay for drinks in advance.  They then can pick up the beverages at a shop without waiting in line.

   In fact, our latest research with MIT, in which we interviewed more than 1,000 CEOs (from 131 countries and 27 industries, in organizations of varying sizes), shows that 90% of executives believe their businesses are being disrupted or reinvented by digital business models, and 70% believe they do not have the right skills, leader, or operating structure to adapt.  It’s not a good position to be in.

Pretty obvious they were out of touch, wasn’t it?
Margaret Sullivan on How Trump Trounced the Media

For all my students.  From your favorite Math tutor.
Facebook’s advice to students interested in artificial intelligence
Math.  Math.  Oh and perhaps some more math.
   Tech companies often advocate STEM (science, technology, engineering and math), but today’s tips are particularly pointed.  The pair specifically note that students should eat their vegetables take Calc I, Calc II, Calc III, Linear Algebra, Probability and Statistics as early as possible.
From this list, probability and statistics are perhaps the most interesting.  From what I remember about high-school, those two subjects are regularly dismissed as too-obvious strategies for skirting the informal AP Calculus preference of top colleges and universities (AP Statistics is often thought of as a cop-out by students).

Thursday, December 01, 2016

A simple “Internet of Things” hack.  Are we looking at a tool for the “perfect crime?”  Someone with a well documented heart problem suddenly dies from heart failure…  Would anyone bother to check the pacemaker’s logs?  (Do they keep logs?)  
Darren Pauli reports:
A global research team has hacked 10 different types of implantable medical devices and pacemakers finding exploits that could allow wireless remote attackers to kill victims.
Eduard Marin and Dave Singelée, researchers with KU Leuven University, Belgium, began examining the pacemakers under black box testing conditions in which they had no prior knowledge or special access to the devices, and used commercial off-the-shelf equipment to break the proprietary communications protocols.
From the position of blind attackers the pair managed to hack pacemakers from up to five metres away gaining the ability to deliver fatal shocks and turn off life-saving treatment.
Read more on The Register.

For my Ethical Hacking students.  It’s much easier to hack a system when you know exactly how it works.  
Why a hacker is giving away a special code that turns cars into self-driving machines
Here is a strategy for start-ups dealing with regulators who might shut down your product: Make it free.
Scrappy self-driving car start-up released a free software kit on Wednesday to help developers learn to build a device that can turn any car into an autonomous vehicle.
   A wave of companies in areas such as housing, DNA testing and aerospace is weighing whether to work with officials or to follow the playbook of companies such as Uber and Airbnb — asking forgiveness, but not permission, and seeing where the chips fall.
In Comma’s case, the strategy was an end run around the rulemakers.
   Shortly after the announcement at the TechCrunch Disrupt conference, Hotz was slapped with a warning letter from the National Highway Traffic Safety Administration.
   The code, which is available on the open-source collaboration platform GitHub, allows anyone (but really, hardcore hackers) to build a dashcam-like device that they can set up in their car.  The device plugs into a port in the car called a controller area network, or BUS (in most cars built after 2006).  Users must build the device with a 3-D printer and have an Android OnePlus 3 phone to run the code and provide the camera that can scan the road.

Interesting, but somewhat suspect.  I’d like to see more raw numbers.  How many ‘hackers’ did they survey? 
Report: Most cybercriminals earn $1,000 to $3,000 a month
Most cybercriminals make between $1,000 and $3,000 a month, but 20 percent earn $20,000 a month or more, according to a recent report.

For my Android using students.
   If you own an Android device running on anything older than Android 6.0 (Marshmallow) you should do two things: 1. Use this Check Point tool to see whether your Google account has been compromised, and 2. View the list of fake apps infected by Gooligan so you know what to avoid.

An escape from double-secret probation?
SAN FRANCISCO – CREDO Mobile representatives confirmed today that their company was at the center of the long-running legal battle over the constitutionality of national security letters (NSLs), and published the letters the government sent three years ago.
The Electronic Frontier Foundation (EFF) has represented CREDO in this matter since 2013—and the case, bundled with two other NSL challenges, has reached the United States Court of Appeals for the Ninth Circuit.  Until now, CREDO was under a gag order, preventing CREDO officials from identifying the company or discussing their role in the case.  In March, a district court found that the FBI had failed to demonstrate the need for this gag, and struck it down pending an appeal by the government.  But earlier this month, the government decided to drop its appeal of that order, leaving CREDO free to talk about why the legal challenge is important to the company and its customers.
   While the government has stopped pursuing the NSL gag orders on CREDO in this case, EFF’s two other NSL challenges are still being litigated in the appeals court.  EFF’s clients—who still must remain secret—argue that they are being unconstitutionally barred from discussion and debate about government use of NSLs and surveillance reform.

How would Coinbase know which of their customers were “U.S. taxpayers?” 
The government’s press release on an issue mentioned previously: a broad warrant for records on everyone who used Coinbase.  The government appears to be going on a fishing expedition with court authorization.  Oh well, the Fourth Amendment had a good run, I guess. 
A federal court in the Northern District of California entered an order today authorizing the Internal Revenue Service (IRS) to serve a John Doe summons on Coinbase Inc., seeking information about U.S. taxpayers who conducted transactions in a convertible virtual currency during the years 2013 to 2015.  The IRS is seeking the records of Americans who engaged in business with or through Coinbase, a virtual currency exchanger headquartered in San Francisco, California.
   The court’s order grants the IRS permission to serve what is known as a “John Doe” summons on Coinbase.  There is no allegation in this suit that Coinbase has engaged in any wrongdoing in connection with its virtual currency exchange business.  Rather, the IRS uses John Doe summonses to obtain information about possible violations of internal revenue laws by individuals whose identities are unknown.  This John Doe summons directs Coinbase to produce records identifying U.S. taxpayers who have used its services, along with other documents relating to their virtual currency transactions.

Something I definitely want to teach.
Tomorrow’s Business Leaders Learn How to Work with A.I.
Artificial intelligence is now on the syllabus at top-tier business schools.
Harvard Business School, Massachusetts Institute of Technology’s Sloan School of Management, France’s Insead and a handful of other programs recently have added M.B.A. courses on managing the applications and algorithms that help businesses make more informed decisions.

The timing is interesting.  Apparently, they saw little value in this until Hillary lost?
SearchEngineLand reports on how Google is tackling fake news
by Sabrina I. Pacifici on Nov 30, 2016
Ian Bowden reports: “Following the US election and Brexit, increased focus is being placed on how social networks and search engines can avoid showing “fake news” to users.  However, this is a battle that search engines cannot — and more fundamentally, should not — fight alone.  With search engines providing a key way people consume information, it is obviously problematic if they can both decide what the truth is and label content as the truth.  This power might not be abused now, but there is no guarantee of the safe governance of such organizations in the future.  Here are five key ways Google can deal (or already is dealing) with fake news right now.  They are:
  1. Manually reviewing websites
  2. Algorithmically demoting fake news
  3. Removing incentives to create fake news
  4. Signaling when content has been fact-checked
  5. Funding fact-checking organizations…”

(Related) Again, no thoughts about this until Trump.  Perhaps he is good for something?
Sam Thielman reports:
Public and private libraries are reacting swiftly to the election of Donald Trump, promising to destroy user information before it can be used against readers and backing up data abroad.
The New York Public Library (NYPL) changed its privacy policy on Wednesday to emphasize its data-collection policies.
Read more on The Guardian.

Perspective.  If you store ‘Big Data,’ it could take you quite a while to migrate it to the cloud.  No doubt this will soon be self-driving and will move from the US to Mexico to Canada to avoid subpoenas for your data.  Also raises the possibility of data lost due to traffic accidents. 
AWS Snowmobile – Move Exabytes of Data to the Cloud in Weeks
   In order to meet the needs of these customers, we are launching Snowmobile today.  This secure data truck stores up to 100 PB of data and can help you to move exabytes to AWS in a matter of weeks (you can get more than one if necessary).  Designed to meet the needs of our customers in the financial services, media & entertainment, scientific, and other industries, Snowmobile attaches to your network and appears as a local, NFS-mounted volume.  You can use your existing backup and archiving tools to fill it up with data destined for Amazon Simple Storage Service (S3) or Amazon Glacier.

My students should be interested.
This investment bank presentation breaks down the complicated digital ad industry in 2016
LUMA Partners has just released its annual State of Digital Marketing presentation.
This year it covers LUMA's views on the market, five industry trends — including the rise of artificial intelligence — and the future of the ecosystem with a specific focus on digital marketing.

Jobs for my students.
Winning the Digital War for Talent
Many traditional talent management processes weren’t designed for today’s increasingly digital world.  That’s why a new approach is needed.
   In our interviews with digital executives and analysts, we saw two distinct approaches to thinking about talent in an increasingly digital business environment.  Some companies expressed great interest in tapping into fluid talent markets made up of skilled contractors and consultants.  
   In contrast, other companies are focused on how to develop and manage existing employees for the long term.  Many of these companies invest heavily in new approaches to onboarding and continuous training and development.  They provide employees with opportunities to grow digitally, not only through technical training but also by offering carefully curated work experiences, different experiences over time, and career development support.

Probably works the other way too – places my students can advertise their skills?
By 2020, more than 40 percent of the U.S. workforce will be freelancers and contractors.  This is the direction we’re moving in, particularly for design and development jobs which tend to be project-based.

Too geeky for Santa.