Wednesday, January 17, 2018

I’m much more interested in the steps they’ve agreed to take now rather than before the breach.
There’s an update to the University of Central Florida breach that was first disclosed in early 2016. The Orlando Sentinel reports:
The University of Central Florida has agreed to spend an additional $1 million annually to protect students’ and employees’ personal information, according to a legal settlement reached with former students in the wake of a hacking that exposed 63,000 Social Security numbers.
UCF agreed to add three information security positions, designate a full-time internal senior information security auditor and tighten access to personal information, as part of the settlement filed in Orange Circuit Court late last year.
The FBI’s Jacksonville office investigated the incident, which became public in early 2016, but has not released information on how it happened.
Read more on Orlando Sentinel, but this is part of what’s wrong with these settlements:
The five plaintiffs named in the suit will each receive $500, and the university will pay $64,200 for attorney fees and costs.

No wonder they screwed up and issued a false alert.
Hawaii’s missile alert agency keeps its password on a Post-it note
… Serious questions have been asked about how the bogus missile alert could have been sent out, and what can be done to ensure that members of the public are more rapidly informed if more mistakes occur in the future.
My feeling is that although there was no foul play behind the false missile warning, HEMA might be wise to also look at its general approach to IT security.
As Business Insider describes, evidence has come to light that some of the organisation’s staff might be in the habit of sticking Post-it notes containing passwords onto their computer monitors.
That in itself is far from ideal, but what’s even worse is that these Post-it note passwords have been caught on camera by the media, and available for anybody to view on the internet.

How much should Amazon disclose?
Amazon won't say if it hands your Echo data to the government
Amazon has a transparency problem.
Three years ago, the retail giant became the last major tech company to reveal how many subpoenas, search warrants, and court orders it received for customer data in a half-year period. While every other tech giant had regularly published its government request figures for years, spurred on by accusations of participation in government surveillance, Amazon had been largely forgotten.
Eventually, people noticed and Amazon acquiesced.
… After its second report, we asked Amazon spokesperson Frank Fellows in July 2016 if the company would include data such as Echo audio, retail, and mobile service data in the future. He declined to comment.

My students have been asking about BlockChain.
Maersk, IBM create world's first blockchain-based, electronic shipping platform
Maersk and IBM today announced a joint venture to deploy a blockchain-based electronic shipping system that will digitize supply chains and track international cargo in real time.
The new platform could save the global shipping industry billions of dollars a year by replacing the current EDI- and paper-based system, which can leave containers in receiving yards for weeks, according to the companies.

Why didn’t Mark Zuckerberg write this article?

Get researching!
Dimensions – Next-generation research and discovery tool links 128 million documents
This is a free and fee based service launched by Digital Science – “Global technology company Digital Science is proud to announce the launch of Dimensions, a new platform that aims to democratise and transform scholarly search. A collaboration between six Digital Science portfolio companies (Altmetric, Digital Science Consultancy, Figshare, Readcube, Symplectic and ÜberResearch) and more than 100 research funders and universities, Dimensions offers a better, faster way to discover, understand and analyse the global research landscape, without wasting time searching for information across multiple poorly integrated tools. Dimensions breaks down barriers to discovery and innovation by making over 860 million academic citations freely available, and delivers one-click access to over 9 million Open Access articles.
… Built using real-world use cases, it combines advanced concept extraction, natural language processing, categorization and complex machine learning to create a flexible and robust tool that meets the most demanding modern research needs.”

No comments: