“Fortunately for the staff, we've
determined that this was a miracle...” An interesting case for my
Computer Security students.
Staff
won’t face discipline after UVic private data stolen
… “We’re not going to be taking
any discipline,” president David Turpin said, following the release
of a report by the province’s information and privacy commissioner
last week.
Elizabeth Denham’s report concluded
UVic breached the Freedom of Information and Protection of Privacy
Act when it failed to protect employees’ personal information.
“Given the amount and the sensitive
nature of personal information contained on the university mobile
storage device, coupled with the ease of encrypting the information,
there is simply no rationale for failing to encrypt
this information,” she said.
Turpin defended his employees simply by
saying they were responding to an internal audit that asked that a
backup device be made, in the event of an emergency.
“They prepared that, they stored it
in a locked box, in a locked safe, it was bolted to a concrete floor
in a locked room in a locked building, and they viewed that as a
reasonable security arrangement. … Unfortunately it turned out to
be inaccurate,” Turpin said.
The university has already taken steps
toward improving security on campus, including adding alarms and
mandating encryption standards for all electronic
devices. [Now they plan to follow Best Practices... Bob]
“We gotta do something!” Is this
it?
"Eighteen months after its
diplomatic cables
were exposed in the WikiLeaks breach,
the State Department continues
to lock down its confidential information,
while increasing its use of using social media. The agency is
deploying new security technology, including auditing and monitoring
tools that detect anomalous activity [Define
“Anomaly” in this context Bob] on the State
Department's classified networks and systems. State has also begun
tagging information with metadata to enable role-based access to
those who need it, and is planning to
implement public key infrastructure [Surely
they already encrypt their data... Bob] on its
classified systems by the summer of 2014. This is all taking place
despite the recent announcement that the IT budget will be cut by
nearly 5%"
From the article:
Like other
federal agencies, the State Department is consolidating data centers.
In the United States, it's going from 14 data
centers [State has 361 data centers total Bob] to four,
while classified processing from overseas offices is being done in a
handful of regional sites.
With data center consolidation comes
private cloud computing, and in particular,
infrastructure-as-a-service.
“When the Internet is outlawed, only
outlaws (and the government) will have the Internet” Clearly, all
programming languages would be illegal – they are used to create
evil software. This would even outlaw email (since that is a tool
for social engineering) Have these bozos even asked a hacker what
the impact of this law would be?
Watch
Out, White Hats! European Union Moves to Criminalize ‘Hacking
Tools’
The European Union is continuing a push
to criminalize the production or sale of ‘hacking’ tools, a move
that civil liberties advocates argue could make criminals out of
legitimate security researchers.
… The proposed
law, which was passed by the European
Commission’s Civil Liberties Committee last week, still has a ways
to go before going into effect – but the EFF’s international
rights director Katitza Rodriguez says now is the time to raise
awareness about the proposal.
… The text of the newest version of
the proposal has not yet been made public,
but the summary published by the committee indicates that prohibition
on ‘hacking tools’ remains.
The proposal also
targets tools used to commit offences: the production or sale of
devices such as computer programs designed
for cyber-attacks, or which find a computer password by which an
information system can be accessed, would constitute criminal
offences.
While the law seems aimed at
blackmarket tools that can be used to create malware infested sites,
it’s also likely to criminalize tools used by researchers,
developers and black hats alike – including tools like fuzzers,
the Metasploit
penetration testing tool and the wi-fi sniffing tool Wireshark.
(Perhaps even the command line would be outlawed.)
U.S. law remains murky or outright
dangerous for security researchers, hacktivists and curious citizens.
Provisions in the Digital
Millenium Copyright Act make it a crime to get around encryption
built into products, with only a few exceptions. And federal
prosecutors have tried to prosecute
citizens under federal anti-hacking laws for
violating the terms of service on a social network.
Interesting, but I doubt it would
fly...
April 05, 2012
Paper
- Applying the Insurable Interest Doctrine to 21st Century Financial
Markets
An
FDA for Financial Innovation: Applying the Insurable Interest
Doctrine to 21st Century Financial Markets -
Eric A. Posner, University of Chicago Law School; E. Glen Weyl,
University of Chicago; University of Toulouse, Toulouse School of
Economics, revised April 4, 2012
- "The financial crisis of 2008 was caused in part by speculative investment in complex derivatives. In enacting the Dodd-Frank Act, Congress sought to address the problem of speculative investment, but merely transferred that authority to various agencies, which have not yet found a solution. We propose that when firms invent new financial products, they be forbidden to sell them until they receive approval from a government agency designed along the lines of the FDA, which screens pharmaceutical innovations. The agency would approve financial products if they satisfy a test for social utility that focuses on whether the product will likely be used more often for hedging than for speculation. [Aren't they opposite sides of the same coin? I think oil is going to $200 per barrel and you think I'm an idiot... Bob] Other factors may be addressed if the answer is ambiguous. This approach would revive and make quantitatively precise the common-law insurable interest doctrine, which helped control financial speculation before deregulation in the 1990s."
- Related postings on financial system
Let's see, what word is defined as:
“doing the same thing over and over again and expecting different
results?” Oh yeah. Insanity
"Christopher Dodd, the former
Connecticut senator who now leads the MPAA, hasn't given up on his
dream of censoring the Internet. [That's
“Delusion” Bob] In an interview with
Hollywood Reporter, he said that Hollywood and the technology
industry 'need to come to an understanding' about new
copyright legislation. Dodd said that
there were 'conversations going on now,' about SOPA-style
legislation, but that he was 'not going
to go into more detail because obviously if I do, it becomes
counterproductive.' [Translation:
Everyone points out how stupid it is Bob]
Asked whether the
White House's decision to oppose SOPA
had created tensions with Hollywood, Dodd insisted that he was 'not
going to revisit the events of last winter,' but said he hoped the
president would use his 'good relationships' with both Hollywood and
the technology industry to broker a deal."
I resemble that remark! Back in the
mid-1980s I ran a BBS for the local chapter of what is now ISACA.
Pre-Wolrd Wide Web, but definitely not pre-Internet.
"The Slashdot readership is
probably split pretty evenly into two groups. There are those for
whom full-on Internet access has been available for their entire
computer-using lives, and then there are those who wanted to use the
Net from home before 1991, and who therefore had to use a BBS or an
online service. Here's a tour
of some of these services, including
Prodigy, Compuserve, and of course AOL. This should be a nostalgic
trip for the oldsters [Oh
my god, I'm an Oldster! Bob]
among us, and a history lesson for Gen Y readers."
We've known this for years! It also
applies to other sports. Just because we call a player an idiot, we
don't mean they are ignorant.
Elite
Soccer Players Are Smarter Than You Are
Top-tier players think more clearly,
quickly and flexibly than non-players, and there is a correlation
between cognitive ability and the number of goals and assists a
soccer
player scores, Swedish researchers found. The
study, published
in the journal PLoS One, says measuring
cognitive skill could predict a player’s potential.
“Our data suggest that measures of
executive functions with validated neuropsychological tests may
establish if a player has the capacity to reach top levels in
soccer,” the researchers wrote. “Thus, the present study may
change the way ball-sports are viewed and analyzed and how new
talents are recruited.”
It is generally accepted that
performing at the highest level requires as much intelligence as
strength and skill. The best footballers have an innate ability to
read a play and be in the right place at the right time. Think of it
as a sixth sense. Some call it “game intelligence.”
Perspective
Amazon
S3: 905 Billion Objects Stored, 1 Billion Added Each Day
Amazon has released
some fairly impressive numbers showcasing the growth of Amazon Simple
Storage Service (S3) over the years. By the end of the first quarter
of 2012, there were 905 billion objects stored, and the service
routinely handles 650,000 requests per second for those objects, with
peaks that go even higher. To put that in perspective, that’s up
from 262 billion objects stored just two years ago and up from 762
billion by Q4 2011.
Or maybe it’s more impressive when
you look further back: 2.9 billion in 2006, for example. And how
fast is it growing? Well, says Amazon, every day, over a a billion
objects are added. That’s how fast.
For my “Let's loin us some kultcha”
class
April 05, 2012
The
Google Art Project Expands Virtual Collection
FAQ:
"The Art Project is a collaboration between Google and 151
acclaimed art partners from across 40 countries. Using a combination
of various Google technologies and expert information provided by our
museum partners, we have created a unique online art experience.
Users can explore a wide range of artworks at brushstroke level
detail, take a virtual tour of a museum and even build their own
collections to share. With a team of Googlers working across many
product areas we are able to harness the best of Google to power the
Art Project experience. Few people will ever be lucky enough to be
able to visit every museum or see every work of art they’re
interested in but now many more can enjoy over 30,000 works of art
from sculpture to architecture and drawings and explore over 150
collections from 40 countries, all in one place. We’re also lucky
at Google to have the technology to make this kind of project a
reality."
For my Math students...
New
IBM App Presents Nearly 1,000 Years of Math History
Minds of Modern Mathematics, a new iPad
app released Thursday by IBM, presents an interactive timeline of the
history of mathematics and its impact on society from 1000 to 1960.
The app is based on an original,
50-foot-long “Men of Modern Mathematics” installation created in
1964 by Charles and Ray Eames. Minds of Modern Mathematics users can
view a digitized version of the original infographic as well as
browse through an interactive timeline with more than 500
biographies, math milestones, and images of relevant artifacts.
… Starting from the first French
pope to celebrated mathematician John von Neumann, users can see
every major math-related event or person in a visually impressive
layout. You can tap on an entry to read more about it, and view how
math events and math superstars relate in time to other historical
events, such as the First Crusade that seizes Jerusalem and the
signing of The Declaration of Independence.
And in case you (like me) haven’t
taken math since high school, the app also includes an “IBM
Mathematics Peep Show” of nine 2-minute animated clips that will
help you brush up on mathematical concepts like topology and
exponents.
The Minds of Modern Mathematics app is
available for free
on the App Store.
Easier than the way we did it in New
Jersey... And you don't need a switchblade!
No comments:
Post a Comment