Normally, the Auditors would run their
checklist before products are released with “features” engineers
haven't considered.
"The much-hyped payment
application from Google on Android has been examined
by viaForensics and appears to store
some cardholder data in plaintext. Google wallet is the first
real payment system to use NFC
on Android. Version 2 of the PCI
DSS (the current standard) mandates the encryption of transmitted
cardholder data encourages strong encryption for its storage.
viaForensics suggest that the data stored in plain text might be
sufficient to allow social engineering to obtain a credit card
number."
(Related)
Stolen
iPhone? Your iMessages May Still Be Going To The Wrong Place
Some unlucky iPhone owners are
beginning to discover that, despite their best efforts to remove all
information from their stolen phones, thieves and unsuspecting buyers
are still able to send and receive iMessages as the original owner —
even after the device is registered under a new account. Almost
nothing seems to work — remote wiping, changing Apple ID passwords,
or even moving the old phone number to a new phone — and users are
becoming more than frustrated that thieves are so easily able to pose
as them.
Wait, don't tell me! Elections are
coming? Have any of these folks had a Privacy Pulse ever before?
Obama
fills vacancies on independent privacy board
December 16, 2011 by Dissent
Jim McElhatton reports:
President Obama
has named two lawyers and a former federal judge to an independent
privacy board recommended by the 9/11 Commission that has sat dormant
for years under he and President George W. Bush.
The nominations
Thursday fill out the five-member Privacy and Civil Liberties
Oversight Board, where vacancies have left the panel unable to meet
for years.
The Washington
Times reported on the vacancies in August. At the time, the White
House declined to say why the board had languished so long even as
critics openly called on Mr. Obama to fill the seats.
The appointments
Tuesday were David Medine, a partner at the WilmerHale law firm
specializing in privacy and data security; Rachel Brand, chief
counsel for regulatory litigation at the Chamber of Commerce; and
Patricia Wald, who served for 20 years on the U.S. Court of Appeals
for D.C.
…
The president
previously nominated James Dempsey, vice president of public policy
at the Center for Democracy and Technology, and Elisebeth Collins
Cook, a lawyer who worked for the Justice Department in the Bush
Administration.
Read more on The
Washington Times.
Okay, well, I wish he’d named someone
from EFF, EPIC, or the ACLU – or former Senator Russ Feingold –
as this panel sounds a bit too business/govt-friendly for my taste,
but time will tell. In the meantime, best of luck to the new panel
and get busy – our privacy is under siege.
Anyone want a drone? I'm NOT
suggesting that my Ethical Hackers are taking orders, but we are
curious about the hardware and software they use...
"Following up on the earlier
Slashdot story, the Christian Science Monitor now reports that GPS
spoofing was used to
get the RQ-170 Sentinel Drone to land in Iran. According to an
Iranian engineer quoted in the article, 'By putting noise [jamming]
on the communications, you force the bird into
autopilot. [You block the remote piloting signals Bob]
This is where the bird loses its brain.' Apparently, once it loses
its brain, the bird relies on GPS signals to
get home. By spoofing GPS, Iranian
engineers were able to get the drone to 'land on its own where we
wanted it to, without having to crack the remote-control signals and
communications.'" [This suggests
they know exactly where the Drone is supposed to land... Bob]
What could JPMorgan do with all that
computer time it saves? Offer other banks access to their computers
– sort of a calculation outsourcing option. This is also an
illustration of the type of computing that should thrive in the
cloud.
"JP Morgan is expanding
its use of dataflow supercomputers to speed up more of its fixed
income trading operations. Earlier this year, the bank revealed how
it reduced the time it took to run an
end-of-day risk calculation from eight hours down to just 238
seconds. The new dataflow supercomputer, where the
computer chips are tailored to perform specific, bespoke tasks (as
explained
in this Wall Street Journal article) — will be equivalent to
more than 12,000 conventional x86 cores, providing 128 Teraflops of
performance."
Go where your customers are.
Eventually, there will be Cloud all over the globe.
Amazon
Opens Data Center in Brazil
Amazon is opening a data center in Sao
Paulo, Brazil, its first in South America. The facility will provide
the region with quicker access to the company’s Amazon Web
Services, an “infrastructure cloud” that serves up various
computing resources, including processing power and storage.
Amazon data centers already serve four
regions in the U.S. and three others in Europe and Asia. AWS can be
accessed from anywhere, but it helps to have a data center in your
backyard.
(Related) Go where the raw materials
(smart people) are.
Apple
to Set up R&D Center in Israel,The First Ever Outside California
This will really upset some IT shops,
but they may be able to filter it out... (The comments don't reflect
much concern)
"Microsoft will be upgrading
all Windows XP, Vista and 7 users to the latest IE silently.
They are doing this because they have found a large number of
non-patched systems. Microsoft pointed out that Chrome and Firefox
do this regularly. They will start with Australia and Brazil in
January, then go world-wide after they have assured there are no
issues."
This is not new, but interesting to see
it move under its own power.
"Commercial satellite company
DigitalGlobe Inc. has announced that it has an image of the People's
Republic of China's first
functional aircraft carrier, taken during the carrier's first sea
trials in the Yellow Sea. The carrier was originally meant for the
Soviet navy, but its construction was halted as the Soviet Union
collapsed in 1991 and engineers in the Ukraine disarmed it and
removed
its engines before selling it to China in 1998 for $20 million.
The vessel, an Admiral Kuznetsov class aircraft carrier measuring
304.5 meters long, and having a displacement of 58,500 tons, has
been refitted for research and training in China. The Ministry of
National Defense says the steam-powered aircraft carrier has
completed all refitting and testing work as scheduled after its first
sea trial in mid-August, and was heading back out to sea for
additional scientific research and experiments. According to Andrew
S. Erickson at the US Naval War College, China's long term strategic
dilemma is whether
to focus on large-deck aviation or on submarines (PDF)."
[This earlier image
shows it with a few planes on its deck. No doubt training the
troops...
[Not quite as many
planes as the Nimitz carries...
Geeky stuff
New
“Android Training” Program Helps Developers Make Better Apps
… The team has just recently rolled
out a new beta initiative called Android
Training, which as you may be able to tell from the name, is
meant to teach developers how to create better apps.
Because backups are important!
… Enter Redo Backup, a
user-friendly live CD that makes cloning or restoring your entire
drive simple. Tell the program where you’d like your cloned drive
to be and you’re pretty much set.
(Related)
… While taking full backups of your
entire system is important, you may want to more frequently back up
really important directories or files.
… Microsoft
SyncToy is a free tool that lets you “pair” up folders for
either an echo clone or full synchronization. I’ll explain the
difference below. However, the point here is that before you can
automate the directory and file backups, you need to set up all of
the areas you want to copy and where you want the archived copy to
go.
One of the Blogs I read daily won an
EduBlog Award.
Thursday, December 15, 2011
Last night the 2011
Edublog Awards were given out. This year Free
Technology for Teachers won in the Best Ed Tech Blog category.
(Related) Find one for yourself!
Thursday, December 15, 2011
Whether you agree or disagree with
giving out awards for blogging, the Edublog
Awards are a good way to discover some excellent new-to-you blogs
to add to your RSS reader.
1 comment:
The post was really amazing and great to read. Thanks for sharing the great information to the community. Amazed to read.
Post a Comment