I like it! (But it probably won’t happen.)
Equifax
Deserves the Corporate Death Penalty
Equifax is in trouble. The credit reporting
company failed to protect the personal financial data of as many as
143 million Americans. Equifax's failure exposed
not just names and addresses, but also Social Security numbers, birth
dates, drivers' license numbers, and credit card numbers. The
Federal
Trade Commission, Congress,
and about
40 state attorneys general are investigating the data breach, and
both the Massachusetts
attorney general and the city
of San Francisco are suing on behalf of residents whose
information was compromised.
That's a start. But it's not enough. Equifax's
failure calls for the corporate death penalty, through a rare but
vital procedure called judicial dissolution.
Under
the law of Georgia, where Equifax is incorporated,
the state attorney general
may file a lawsuit in state court to dissolve
a corporation if the corporation "has continued to exceed or
abuse the authority conferred upon it by law." (All
50 states have similar provisions.) State attorneys general don't
invoke these corporate death penalty statutes often, especially not
against large, well-known corporations. But Equifax could not have
obtained its unusually important position in our economy without the
privileges of a corporate charter conferred by law, and it has
forfeited its claim to those privileges.
This happens with patches for any useful flaw.
Russian
Hackers Exploit Recently Patched Flash Vulnerability
The
Russia-linked cyber espionage group known as APT28 has been using a
recently patched Adobe Flash Player vulnerability in attacks aimed at
government organizations and aerospace companies, security firm
Proofpoint reported on Thursday.
… APT28,
which is also known as Fancy Bear, Pawn Storm, Strontium, Sofacy,
Sednit and Tsar Team, started launching attacks using CVE-2017-11292
on October 18, Proofpoint said. It’s unclear if APT28 discovered
the exploit on its own, purchased it, or reverse engineered the one
used in the BlackOasis attack.
Nevertheless,
Proofpoint pointed out that the cyberspies are likely trying to take
advantage of the recently fixed vulnerability before
Adobe’s patch is widely deployed by users.
Another “why change the default” problem?
Since 2015, this site has been reporting on data
leaks due to misconfigured databases or devices that are indexed on
shodan.io or other specialized search engines. Many of the leaks I
have reported on involve AWS S3 buckets. And despite the fact that
Amazon has issued reminders and guidance to its customers about
securing buckets, there is still widespread leakage.
We all
know you can lead a horse to a security tool or advice, but you can’t
make them use it. With that in mind, kudos to Kromtech
Security for developing and making freely available a tool to help
administrators check whether their Amazon S3 bucket is allowing
public access when it shouldn’t be.
We decided to make a Simple tool that can help Amazon S3 users quickly check their S3 buckets for public access. The tool gives users a report that they can then use to shut down any unwanted public access to the S3 buckets and the valuable data they contain. This free tool can provide an extra layer of security so that users can be confident that their data is well-protected and is not accessible or being downloaded by unauthorised users.
Can we keep generating public interest or will
boredom (apathy) allow DoJ to win in the end?
Tim Cushing reports:
It’s amazing what effect a little public scrutiny has on government overreach. In the wake of inauguration day protests, the DOJ started fishing for information from internet service providers. First, it wanted info on all 1.2 million visitors of a protest website hosted by DreamHost. After a few months of bad publicity and legal wrangling, the DOJ was finally forced to severely restrict its demands for site visitor data.
Things went no better with the warrants served to Facebook. These demanded a long list of personal information and communications from three targeted accounts, along with the names of 6,000 Facebook users who had interacted with the protest site’s Facebook page. Shortly before oral arguments were to be heard in the Washington DC court, the DOJ dropped its gag order.
Read more on TechDirt.
Enough?
A Calendar
of Our Safety Work
As we
said last week, we’re updating our approach to make Twitter a
safer place. This won’t be a quick or easy fix, but we’re
committed to getting it right. Far too often in the past we’ve
said we’d do better and promised transparency but have fallen short
in our efforts. Starting today, you can expect regular, real-time
updates about our progress.
… Here is a calendar of the upcoming changes
we plan to make to the
Twitter Rules, how we communicate with people who violate them,
and how our enforcement processes work.
Perspective. Maybe Denver doesn’t need Amazon.
Denver-based
email company SendGrid files for initial public offering of stock
After months of speculation, SendGrid made it
official and filed documents this week for an initial public
offering.
… The company expects to list its common stock
on the New York Stock Exchange under the ticker symbol “SEND.”
SendGrid joins a rare list of Colorado tech
companies that have gone public in recent years. Earlier this month,
the parent of Golden-based HomeAdvisor
acquired Angie’s List and combined the two into a new company,
ANGI Homeservices, which began trading on the Nasdaq. In May, cable
provider WideOpenWest
in the Denver Tech Center began trading on the NYSE. In 2013,
Boulder-based Rally
Software went public, though it was later acquired by software
firm CA Technologies. Boulder-based telecom Zayo
Group went public in 2014.
Think Fortune can predict the future?
Welcome to the inaugural Fortune Future 50,
our new ranking of companies best positioned for breakout growth.
Produced in partnership with BCG, the Future 50 is divided into two
lists: the 25 Leaders (companies with a market value above $20
billion) and the 25 Challengers (those below $20 billion when the
ranking was done).
A stray thought: Should we ask AlphaGo Zero to
determine what we should ask it to learn?
Google
DeepMind AlphaGo Zero AI Can Now Self-Train Without Human Input
The new AI is the followup to the original
AlphaZero AI that dominated all human players in an ancient Chinese
game called "Go".
… AlphaGo Zero completed three days of
self-learning and then challenged AlphaGo for a match. Zero
decimated its predecessor winning 100 games out of 100. "AlphaGo
Zero not only rediscovered the common patterns and openings that
humans tend to play ... it ultimately discarded them in preference
for its own variants which humans don’t even know about or play at
the moment," said AlphaGo lead researcher David Silver.
Perspective.
The Future
of Truth and Misinformation Online
by Sabrina
I. Pacifici on Oct 19, 2017
Pew
Report, October 19, 2017– Experts
are evenly split on whether the coming decade will see a reduction in
false and misleading narratives online. Those forecasting
improvement place their hopes in technological fixes and in societal
solutions. Others think the dark side of human nature is aided more
than stifled by technology… A Pew
Research Center study conducted just after the 2016 election
found 64% of adults believe fake news stories cause a great deal of
confusion and 23% said they had shared fabricated political stories
themselves – sometimes by mistake and sometimes intentionally.
For my students, cable cutters or not.
Have
you dreamed of cutting the cord but never
been sure it’s right for you? Well, you’re in luck. This
weekend, you’ll be able to dip your toes in the water and see how
it feels.
It’s all thanks to Sling TV. The popular
television
streaming provider is offering a whole day of free viewing on
Sunday, October 22. But what precisely will be available? And how
do you get involved? Keep reading to find out.
For my Spreadsheet students. Is this going to be
better? ALWAYS worth looking.
Coda is a
next-generation spreadsheet designed to make Excel a thing of the
past
… Mehrotra began to
fixate on a question: what would documents and spreadsheets look if
they were invented today?
Coda,
a company Mehrotra co-founded with his fellow former Googler Alex
DeNeui, represents his answer to that question.
No comments:
Post a Comment