The Privacy Foundation is pleased to announce the Fall 2019 Privacy
Seminar: “AI &
Privacy: Ethical, Legal, and Technical Issues” Friday
Nov 1st 10:00 – 1:00 followed by lunch. For full
details and registration information:
https://www.law.du.edu/privacy-foundation
Or contact Vince Gonzales vgonzales@law.du.edu
303-871-6313
Always worth studying. Learn from the mistakes of
others or learn from your own mistakes.
Texas Chief
Information Officer Shares Lessons Learned from Ransomware Attack
… “These 23 organizations were impacted
because they failed to follow good cyber hygiene,” said Kimbriel,
discussing the incident during the annual National Association of
State Chief Information Officers convention in Nashville. “This
particular provider had other organizations that were also connected
in the same fashion and could have been impacted but because they
follow good cyber hygiene they were not.”
… In
response to the July attack, the Texas National Guard deployed
six-man cybersecurity teams who specialized in cybersecurity
responses to assist the affected municipalities.
A
similar declaration was not made in Colorado
after a 2018 hack on the state’s department of transportation until
10
days after
the attack.
How
does one miss this in testing? Probably used real data rather than
test data (which should incorporate flaws in every field and test
every step in the process).
Big
Discovery Bank security flaw
Discovery
Bank credit cards were affected by a security vulnerability that
allowed you to make online purchases without knowing a specific bank
card’s CVV.
The
card verification value (CVV) is the set of three digits printed on
the back of the card which acts as a security measure when making
payments online.
MyBroadband
received an anonymous tip stating that you could type in any three
digits for the CVV when buying something online with a Discovery Bank
card and the transaction would be approved. It appeared as though
Discovery was not checking the CVV to authenticate transactions at
all.
Individually,
not much. But remember, hackers steal millions of accounts at a
time.
What
Your Personal Information is Worth to Cybercriminals
… Full
packages of data that can be used to steal a US victim's identity
sell for $4-$10, the researchers say. These are called 'fullz'
and include at least the name, Social Security number, date of birth,
and account numbers.
The
price seems low but it can get as high as $65 when accompanied by
financial information, such as credit scores. The better the credit
score, the higher the price. A score of 700, for instance, increased
the fullz' value to $40.
Probably impacts many of my students.
Yahoo could
pay you $358 for its massive data breach settlement. Here's how to
claim it
Was
your Yahoo account among the 3
billion struck by
multiple data breaches between 2013 and 2016? You might be eligible
for a $358 payout or two years of free credit monitoring.
If
the settlement is approved by California courts, Yahoo could divvy up
more than $117.5 million among users whose names, email addresses and
passwords were stolen.
Eligible
users can submit claims at Yahoodatabreachsettlement.com
to
receive at least two years of free credit monitoring services by
AllClear ID.
If
consumers can verify that they already use a credit monitoring
service that they'll keep for at least a year, they can submit a
claim for $100 instead. The true amount may be more than that -- up
to $358 -- but it will
likely be less, depending on how many people submit claims.
Probably
similar here.
Australian
CEOs are too overoptimistic for cybersecurity, out of touch on
privacy
Only
6% of surveyed CEOs think their organisation has suffered a data
breach in the last year, but 63% of their CISOs say they have,
according to Unisys research. Big disconnect.
The
report, Cybersecurity
Standoff Australia [PDF],
describes CEOs as "overconfident and out of the loop".
A
tool for our Ethical Hackers?
OnionShare
Lets Anyone Host Anonymous Sites on the Dark Web
A
new version of the OnionShare program now allows you to easily create
basic anonymous dark web sites on Tor so that they cannot be
censored. This is particularly useful for those who wish to publish
information anonymously, but do not want to deal with the mechanics
of setting up their own dark web server.
… "This
website is only accessible from the Tor network, so people will need
Tor Browser to visit it," states the OnionShare
announcement for
this new version. "People who visit your website will have no
idea who you are – they won’t have access to your IP address, and
they won’t know your identity or your location. And, so long as
your website visitors are able to access the Tor network, the website
can’t be censored."
I
am willing to leave retirement to consult on CCPA (really to laugh at
your approaching doom).
New
Report Suggests Initial Compliance Costs for CCPA Could Reach $55
Billion
For
months, there has been speculation about how much the new California
Consumer Privacy Act (CCPA) would wind up costing California
businesses as they prepare for the sweeping new privacy legislation,
which is set to go into effect on January 1, 2020. According to a
new economic impact assessment prepared for the California state
attorney general by independent economic research firm Berkeley
Economic Advising and Research, initial CCPA compliance could cost
companies as much as $55 billion.
Don’t these people watch SciFi movies?
Workers
trust AI more than human managers
Workers
place more trust in robots and AI
than
their managers according to the second annual AI
at Work study
conducted by Oracle
and
Future Workplace.
When
an AI writes (and patents) a better AI will it also write a patent
lawyer App?
The
Patent Office Is Hunting for an Artificial Intelligence Expert
The
U.S. Patent and Trademark Office recently launched
a
recruitment effort to hire its first-ever senior-level artificial
intelligence expert to advance the agency’s applications of the
emerging technology and provide technical expertise to keep employees
on the leading edge.
… He’s
looking for someone to provide technical insights and expert
knowledge across the agency’s numerous AI initiatives. For
example, USPTO is implementing the technology in both patent search
and trademark image search to speed up its examiners’ ability to
spot fraud or whether the contents have already been submitted
before. The agency also applies AI to auto-classify patents and
connect them to the correct examiners more rapidly.
Could
be useful in my next Statistics class.
Crawl data
analysis of 2 billion links from 90 million domains offer glimpse
into today’s web
SearcEngineLand:
Data
analysis reveals the distribution of PageRank is highly right-skewed
meaning the majority of hosts have very low PageRank –
“The
web is not only essential for people working in digital marketing,
but for everyone. We professionals in this field need to understand
the big picture of how the web functions for our daily work. We also
know that optimizing our customers’ sites is not just about their
sites, but also improving their presence on the web, which it is
connected to other sites by links. To get an overall view of
information about the web we need data, lots of data. And we need it
on a regular basis. There are some organizations that provide open
data for this purpose like Httparchive.
It collects and permanently stores the web’s digitized content and
offers them as public dataset. A second example is Common
Crawl,
an organization that crawls the web every month. Their web archive
has been collecting
petabytes of data since 2011.
In their own words, “Common Crawl is a 501(c)(3) non-profit
organization dedicated to providing
a copy of the internet to internet researchers, companies and
individuals at no cost for the purpose of research and analysis.”
In this article, a quick data analysis of Common Crawl’s recent
public data and metrics will be presented to offer a glimpse into
what’s happening on the web today…”
Because my students never take notes! (and I
think my lectures are worth saving and savoring!)
Google’s
new voice recorder app transcribes in real time, even when offline
TechCrunch:
“At Google’s hardware event this morning, the company introduced
a new voice recorder app for Android devices, which will tap into
advances in real-time speech processing, speech recognition and AI to
automatically transcribe recordings in real time as the person is
speaking. The improvements will allow users to take better advantage
of the phone’s voice recording functionality, as it will be able to
turn the recordings into text even
when there’s no internet connectivity.
This presents a new competitor to others in voice transcriptions
that are leveraging similar AI advances, like Otter.ai,
Reason8,
Trint
and
others, for example. As Google explained, all the recorder
functionality happens directly on the device — meaning you can use
the phone while in airplane mode and still have accurate recordings.
“This means you can transcribe meetings, lectures, interviews, or anything you want to save,” said Sabrina Ellis, VP of Product Management at Google….”
For
my geeks.
The
Best Way to Search for Free Software Online
lifehacker:
“…you want
to
search for is “open-source” plus the general topic of whatever
app or service you’re trying to find. This won’t always
net
you an app that costs you nothing, but you’re likely to have better
luck. You can also search for “alternative to” a conventional
app that does something you don’t want to have to pay for (or check
out the
similarly named website )…”
No comments:
Post a Comment