If you don’t log/measure/manage/understand what
is happening on your computers, don’t suggest that you do.
The
Register – Equifax reveals full horror of that monstrous
cyber-heist of its servers
Equifax
reveals full horror of that monstrous cyber-heist of its servers –
146 million people, 99 million addresses, 209,000 payment cards,
38,000 drivers’ licenses and 3,200 passports – “Equifax has
published yet more details on the personal records and sensitive
information stolen by miscreants after they hacked its databases in
2017. The good news: the number of individuals affected by the
network intrusion hasn’t increased from the 146.6 million Equifax
previously announced, but extra types of records accessed by the
hackers have turned up in Mandiant’s ongoing audit of the security
breach. In February, in response to questions from US Senator
Elizabeth Warren (D-MA), Equifax agreed
that card expiry dates and tax IDs could have been among the siphoned
data, but it hadn’t yet worked out how many people were affected.
Late last week, the company gave the numbers in letters to the
various US congressional committees investigating the network
infiltration, and on Monday, it submitted
a letter to the SEC, corporate America’s financial watchdog.
As well as the – take a breath – 146.6 million names, 146.6
million dates of birth, 145.5 million social security numbers, 99
million address information and 209,000 payment cards (number and
expiry date) exposed, the company said there were also 38,000
American drivers’ licenses and 3,200 passport details lifted, too…”
[From
the article:
The cyber-break-in occurred because Equifax ran an
unpatched and therefore insecure version of Apache Struts, something
it blamed
on a single employee.
At February's RSA conference in San Francisco,
Derek Weeks of Sonatype claimed “thousands” of companies
continued to download vulnerable versions of Struts
(Related) As it often does, the Dilbert strip
sums up my opinion of Equifax’s management.
Remember, lots of paper ballots are still being
used, so this is no big surprise. On the other hand, would there be
evidence if electronic votes were changed? (See my Equifax comments,
above.)
No Evidence
Russian Hackers Changed Votes in 2016 Election: Senators
Hackers
backed by the Russian government attempted to undermine confidence in
the voting process in the period leading up to the 2016 presidential
election, but there is no evidence that they manipulated votes or
modified voter registration data, according to a brief report
published on Tuesday by the Senate Intelligence Committee.
… Nearly
all the targeted states observed attempts to find vulnerabilities in
their systems. These scans were often aimed at the website of the
Secretary of State and voter registration infrastructure, the Senate
panel said in its report.
In
at least six states, Russian hackers attempted to breach
voting-related websites, and in a small number of cases they were
able to gain unauthorized access to election infrastructure
components, and even obtained the access necessary for altering or
deleting voter registration data. However, it does not appear that
they could have manipulated individual votes or aggregate vote
totals.
Somehow, I kind of expected this. Will companies
fail in the same ratio?
European
regulators: We're not ready for new privacy law
Europe’s General Data Protection Regulation
(GDPR) has been billed as the biggest shake-up of data privacy laws
since the birth of the web.
There’s one problem: many of the regulators who
will police it say they aren’t ready yet.
The pan-EU law comes into effect this month and
will cover companies that collect large amounts of customer data
including Facebook and Google. It won’t be overseen by a single
authority but instead by a patchwork of national and regional
watchdogs across the 28-nation bloc.
Seventeen of 24 authorities who responded to a
Reuters survey said they did not yet have the necessary funding, or
would initially lack the powers, to fulfill their GDPR duties.
May be time to brush up on an old skill.
Google adds
Morse code input to Gboard
Google
is adding
morse code input to its mobile keyboard. It’ll be available as
a beta on Android later today.
… Google’s implementation
will replace the keyboard with two areas for short and long signals.
There are multiple word suggestions above the keyboard just like on
the normal keyboard. The company has also created a Morse
poster so that you can learn Morse code more easily.
Another option for those quick “explainers.”
Lensoo
Create – Create Whiteboard Videos on Your Phone or Tablet
Lensoo
Create is an app for creating whiteboard videos on your phone or
tablet. The app is available in an Android version and in an iOS
version.
To create a video on Lensoo
Create just open the app and tap the record button in the top of
the screen. You can then start drawing on the white canvas in the
app. Everything that you draw and type is captured in the video as
is anything that you say while drawing. You can pause the recording
then add a new page on which you draw while talking. When you're
finished just tap the "done" button to save your work.
One of the shortcomings of Lensoo
Create is that you cannot save your videos to your phone or
tablet's camera roll. Instead you have to create a free Lensoo
Create account to save your videos on their cloud service. Once
saved you can share links to your video. Lensoo says that you can
download your videos from your online account, but I haven't
been able to make that function work update: I tried it
again the next morning and I was able to download the video.
Lensoo Create could be a good choice for teachers
who want to make whiteboard videos to explain how to solve math
problems or anything else that is best illustrated with handwriting.
As a free app, it's not a bad option. That said, it's not quite as
good as the paid ShowMe
or Explain
Everything apps.
No comments:
Post a Comment