Tuesday, July 27, 2010

Interesting language. Makes it sound like they have their Computer Security act together! How novel.

http://www.databreaches.net/?p=12695

Hacked investment firm says hack intended as a launch pad

July 26, 2010 by admin

Attorneys for Resnick Investment Advisors in South Carolina have notified the New Hampshire Attorney General’s Office that in June 2010, the investment firm’s network was breached. The breach was discovered on June 22, and the means of attack identified and reported to the FBI.

An investigation into the incident reportedly indicated that the breach did not result in any client files being accessed or downloaded, and the firm notes that its security measures prevent downloading of any files. Based on an investigation by their IT service provider, the firm believes that the motive was not to access, alter, or acquire any client records but to use Resnick’s corporate identity to launch a malicious attack on another entity.

The firm began sending out notifications to its clients last week and offered them free credit monitoring services for a year.



Not sure how to interpret this. It would seem to fly in the face of the “government knows best” assumptions of “true believer” Democrats, but then that's only a label these days.

http://www.databreaches.net/?p=12704

North Carolina To Privatize IT Operations, Jobs

July 27, 2010 by admin

Paul McDougall reports:

Faced with a looming, $3 billion budget deficit, North Carolina is eyeing a major shakeup of its tech operations that could see the state outsource the bulk of its IT work to the private sector while consolidating other operations internally.

The state has launched a search for an outside consulting firm to help guide the reorganization, according to a memo Democratic governor Bev Perdue sent to state cabinet secretaries and agency heads. “The Office of Information Technology Services (ITS) issued a Request for Information to seek input and ideas from the vendor community for improving the delivery of IT in state government,” Perdue said in the memo, dated July 21st.

Read more on InformationWeek.


(Related) Here is (I suspect) one bidder... And come to think of it, didn't they back Obama in the last election?

http://techcrunch.com/2010/07/26/google-city-of-los-angeles-apps-delay-is-overblown/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29

Google: City Of Los Angeles Apps Delay Is Overblown



Allow me to point out that computer programs do not spontaneously spring into being. You must deliberately program them. You must also deliberately remove them when you determine they are no longer desirable.

http://www.pogowasright.org/?p=12353

Citi plugs privacy hole in iPhone banking app

July 26, 2010 by Dissent

Elinor Mills reports:

Citibank has fixed a flaw in its iPhone app that was inadvertently storing customer account data on the mobile devices, the company said on Monday.

“During a recent review, we discovered that our U.S. Citi Mobile iPhone banking app was accidentally saving information related to customer accounts in a hidden file on their iPhones,” the company said in a statement. “This information may also have been saved on their computer if they had been synchronizing their iPhone with their computer via iTunes.”

Read more on cnet. Spencer E. Ante has more on the background of the problem in the Wall Street Journal.



Wow!. Think of this as taking the Lower Merion School District's “how to spy on our students in their bedrooms” privacy model and expanding it globally under the the banner of “It's for the children” This is also using the Facebook model: First, become popular. Then introduce privacy violations.

http://yro.slashdot.org/story/10/07/27/1244258/Chatroulette-To-Log-IP-Addresses-Take-Screenshots?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Chatroulette To Log IP Addresses, Take Screenshots

Posted by CmdrTaco on Tuesday July 27, @09:44AM

"Chatroulette, the strangely addictive online game in which users are connected via webcam and microphone to random strangers at the click of a button, has had enough of users exposing themselves to the unsuspecting public, among other disgraces. The founder of Chatroulette has announced the company has hired developers to collect IP addresses and take screenshots of those users breaking the rules."



Unlikely to be of any interest to the iPhone users I know long ago ignored their contracts.

http://gigaom.com/2010/07/26/what-the-new-dmca-ruling-on-copyright-actually-says/

What the New DMCA Ruling on Jailbreaking Actually Says

The U.S. Copyright Office today clarified how it plans to enforce the Digital Millennium Copyright Act, making new exemptions for things like jailbreaking iPhones and ripping DVDs.

It might be exciting to think that it’s now legal to jailbreak iPhones for the purpose of installing software not approved by Apple or switching wireless carriers. But “jailbreaking is legal” is not what the ruling said. It simply said that jailbreaking is not a violation of copyright law.



Why I believe research that is public has a better chance of being “honest.” When you have the world world looking at your data and methods, little flaws and assumptions tend to pop out.

http://yro.slashdot.org/story/10/07/26/1857224/Major-Flaws-Found-In-Recent-BitTorrent-Study?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Major Flaws Found In Recent BitTorrent Study

Posted by Soulskill on Monday July 26, @03:51PM

Caledfwlch writes with a followup to news we discussed a couple days ago about a study that found only 0.3% of torrents to be legal. (A further 11% was described as "ambiguous.") TorrentFreak looked more deeply into the study and found a number of flaws, suggesting that the researchers' data may have been pulled from a bogus tracker. Quoting:

"Here's where the researchers make total fools out of themselves. In their answer to the question they refer to a table of the top 10 most seeded torrents. ... the most seeded file was uploaded nearly two years ago (The Incredible Hulk) and has a massive 1,112,628 seeders. The torrent in 10th place is not doing bad either with 277,043 seeds. All false data. We're not sure where these numbers originate from but the best seeded torrent at the moment only has 13,739 seeders; that's 1% of what the study reports. Also, the fact that the release is nearly two years old should have sounded some alarm bells. It appears that the researchers have pulled data from a bogus tracker, and it wouldn't be a big surprise if all the torrents in their top 10 are actually fake."

They also take a cursory look at isoHunt, finding that 1.5% of torrent files come from Jamendo alone, "a site that publishes only Creative Commons licensed music."



This is largely a poor job of reporting obvious security problems. But it raises an old concern. If organizations don't adequately secure their systems, should we continue to hold them blameless when security breaches are detected? Insurance companies set their rates based (partly) on how complete the security is. Should we insist the level of security be published as guide for consumers?

http://it.slashdot.org/story/10/07/26/2224232/How-Cyber-Spies-Infiltrate-Business-Systems?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

How Cyber Spies Infiltrate Business Systems

Posted by kdawson on Monday July 26, @06:52PM

"InfoWorld's Bob Violino reports on the quiet threat to today's business: cyber spies on network systems. According to observers, 75 percent of companies have been infected with undetected, [and 96% of “observers” have undetected brains. By definition, it's undetected until you detect it, but that doesn't mean it exists. If it's undetected, how do you count it? Bob] targeted attacks — ones that typically exploit multiple weaknesses with the ultimate goal of compromising a specific account. Such attacks often begin by correlating publicly available information to access a single system. From there, the entire environment can be gradually traversed enabling attackers to place monitoring software in out-of-the-way systems, such as log servers, where IT often doesn't look for intrusions. ' They collect the data and send it out, such as via FTP, in small amounts over time, so they don't rise over the noise of normal traffic and call attention to themselves,' Violino writes. 'There's probably no way you can completely protect your organization against the increasingly sophisticated attacks by foreign and domestic spies. That's especially true if the attacks are coming from foreign governments, because nations have resources that most companies do not possess.'"


(Related) Social engineering at the corporate level? Give us all your customer information and we give you some graphs back that you can use to justify pretty much anything you want to do.

http://yro.slashdot.org/story/10/07/27/0016216/UK-ISP-TalkTalk-Caught-Monitoring-Its-Customers?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

UK ISP TalkTalk Caught Monitoring Its Customers

Posted by kdawson on Tuesday July 27, @05:21AM

"The UK ISP TalkTalk has been caught using a form of Deep Packet Inspection technology to monitor and record the websites that its customers visit, without getting their explicit consent. The system, which is not yet fully in place, ultimately aims to help block malware websites by comparing the URL that a person visits against a list of good and bad sites. Bad sites will then be restricted. TalkTalk claims that its method is totally anonymous and that the only people with visibility of the URL database itself are Chinese firm Huawei, which will no doubt help everybody to feel a lot better (apply sarc mark here) about potentially having their privacy invaded."



Individuals often mistake their rights as equivalent to real citizens, like the police, rich folks and politicians.

http://yro.slashdot.org/story/10/07/27/0212232/Facing-16-Years-In-Prison-For-Videotaping-Police?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Facing 16 Years In Prison For Videotaping Police

Posted by kdawson on Tuesday July 27, @02:26AM

"The ACLU of Maryland is defending Anthony Graber, who faces as much as sixteen years in prison if found guilty of violating state wiretap laws because he recorded video of an officer drawing a gun during a traffic stop. ... Once [the Maryland State Police] learned of the video on YouTube, Graber's parents' house was raided, searched, and four of his computers were confiscated. Graber was arrested, booked, and jailed. Their actions are a calculated method of intimidation. Another person has since been similarly charged under the same statute. The wiretap law being used to charge Anthony Graber is intended to protect private communication between two parties. According to David Rocah, the ACLU attorney handling Mr. Graber's case, 'To charge Graber with violating the law, you would have to conclude that a police officer on a public road, wearing a badge and a uniform, performing his official duty, pulling someone over, somehow has a right to privacy when it comes to the conversation he has with the motorist.'"

Here are a factsheet (PDF) on the case from the ACLU of Maryland, and the video at issue.



An interesting conclusion.... Apparently you can talk about the Emperor's new clothes...

http://www.pogowasright.org/?p=12346

Appeals Court Protects Free Speech for Privacy Advocate

July 26, 2010 by Dissent

From EPIC.org:

Privacy Advocate Betty Ostergren has won in federal appeals court in her challenge to a state law designed to prosecute her for drawing attention to the state’s online publication of SSNs. In Ostergren v. Cuccinelli, the court ruled that the Commonwealth of Virginia may not prosecute Ostergren for publishing the SSNs of state officials available in public land records until the Commonwealth itself stops making these unredacted documents available. EPIC filed a “friend of the court” brief in support of Ostergen, urging the court to hold that the First Amendment protects Ostergren’s speech. For more information, see EPIC Ostergren v. McDonnell, EPIC Social Security Numbers, and EPIC Identity Theft.

Woo hoo! Congratulations, Betty!



Interesting. Does it explain the reluctance of the newspaper industry (or RIAA) to innovate?

http://www.bespacific.com/mt/archives/024800.html

July 26, 2010

The Effect of Market Leadership in Business Process Innovation: The Case(s) of E-Business Adoption

The Effect of Market Leadership in Business Process Innovation: The Case(s) of E-Business Adoption, Kristina Steffenson McElheran, Working Paper 10-104, Harvard Business School

  • "This paper empirically investigates how market leadership influences firm propensity to adopt new business process innovations. Using a unique data set spanning roughly 35,000 plants in 86 U.S. manufacturing industries, I study the adoption of frontier e-business practices during the early diffusion of the commercial internet. Theory predicts that firms with greater market share will be more likely to adopt innovations that build on their existing strengths, while they will resist more radical technological advances. While prior work primarily focuses on product innovation, I extend the logic into the business process setting to find that leaders were far more likely to adopt the incremental innovation of internet based e-buying. However, they were commensurately less likely to adopt the more strategically sensitive and complex practice of e-selling. This pattern is remarkably robust, holding across a wide range of industries and controlling for factors such as productivity and related technological capabilities. The results are explicated by a framework I develop for understanding the drivers of this behavior and making it possible to classify business process innovations as radical or not. While greater market share promotes adoption of all types of business process innovations, this effect is outweighed by additional co-invention and coordination costs whenever a technological advance address strategically sensitive and complex business processes that must also span the firm boundary."


(Related) Why the mud is sticky... A short article.

http://www.economist.com/node/16646290

Media's analogue holdouts

Digitisation and its discontents

Why some media outfits still refuse to go online

Jul 22nd 2010



Interesting application of the “move it into” part of “move it into the Cloud.” This could easily expand into a shared backup (even shared processing) application..

http://techcrunch.com/2010/07/27/zumocast-is-like-cloud-storage-without-the-cloud-or-the-cost/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29

ZumoCast Is Like Cloud Storage Without The Cloud, Or The Cost

ZumoCast is a new cloud storage service, sorta, minus the cloud. The application streams files directly from your home desktop computer to another Internet connected device.



This will (eventually) be very interesting. Anything you have a “Top Ten” list of get aggregated with everyone's lists to give you an Average ranking. Value will depend on how cleverly you define your list.

http://techcrunch.com/2010/07/27/listiki-offers-a-smart-way-of-gathering-opinion-through-crowdsourced-lists/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29

Listiki Offers A Smart Way Of Gathering Opinion Through Crowdsourced Lists

Listiki (a portmanteau of the words “list” and “wiki”) lets you crowdsource lists of, well, anything. This could be something as trivial as a list of the ‘top ten horror movies’ or something more self-serving like, I don’t know, ’5 must-read tech bloggers’. Lists can be as short or as long as you like and each item may also include a URL.

But here’s the clever bit: any list can, effectively, be cloned so that you can re-order items to your own taste (via drag ‘n’ drop) or even add, delete and/or replace them. Any changes made are interpreted in real time and ripple through to a ‘master’ list, aggregating the opinions of all contributors but without destroying your own version of the list. You can also, of course, view the original lists of other contributors to that subject. It’s pretty neat.



Mainly for teachers, but normal mortals can use it too.

http://www.freetech4teachers.com/2010/07/learn-it-in-5-tech-how-to-videos-for.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+freetech4teachers%2FcGEY+%28Free+Technology+for+Teachers%29

Monday, July 26, 2010

Learn It in 5 - Tech How-to Videos for Teachers

Learn It In 5 is a relatively new site that features short how-to videos for teachers. The videos are intended to help teachers quickly learn how to use some of the the web tools are essential to being a successful user of classroom technology. The videos cover tools like Skype, Diigo, VoiceThread, and more.



For illustrating differences...

http://www.freetech4teachers.com/2010/07/search-credible-26-search-engines-in.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+freetech4teachers%2FcGEY+%28Free+Technology+for+Teachers%29

Monday, July 26, 2010

Search Credible - 26 Search Engines in One

Search Credible is a search service that allows you to access 26 different search engines from one location. Included in the list of search engines Search Credible searches are Wolfram Alpha, EBSCO, ERIC, and the usual suspects such as Google, Bing, and Yahoo. To use Search Credible just enter your search term(s) then click on the search engine of your choice.



This could be HUGE! I can see developing tools for my Statistics class that are far easier to use than Excel...

http://www.freetech4teachers.com/2010/07/wolfram-alpha-launches-custom-widget.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+freetech4teachers%2FcGEY+%28Free+Technology+for+Teachers%29

Tuesday, July 27, 2010

Wolfram Alpha Launches a Custom Widget Builder

Computational search engine Wolfram Alpha has just launched a new widget building tool. The Wolfram Alpha widget builder will allow anyone to create a computational search widget. Once created the widgets can easily be embedded into Blogger, WordPress, iGoogle, and just about any other website or blog service. Published widgets appear in a gallery that is accessible to anyone that registers with Wolfram Alpha.

Creating a Wolfram Alpha Widget is a fairly straight-forward process. To get started, enter a search phrase such as "distance from Boston to New York in inches." In the second step you define the variables for your widget. This second step is the crucial step that I had to try a few times before I got it right. After completing step two the rest of the process is a simple matter of selecting the output format, widget theme, and writing a description of the widget.



A talk by one of my favorite bloggers. Don't let the word Math fool you, this is about teaching technology.

http://teachingcollegemath.com/2010/07/math-technology-to-engage-delight-and-excite-2/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TeachingCollegeMath+%28Teaching+College+Math%29

Math Technology to Engage, Delight, and Excite

We’re in a recession and so is your department budget. Luckily for you, there are lots of great programs and web resources that you can use to teach math, and most of these are free. Use the resources in this presentation to tackle the technology problems that haunt you and capture the attention of your math classes with interactive demonstrations and relevant web content.

Here is the video, audio, and slides from my keynote talk “Math Technology to Engage, Delight, and Excite” from the MAA-Michigan meeting in May 2010. There is also an iPad/iPod-friendly version here.

No comments: