This is a long (but
instructive) post, so I'll point you to it rather than quote it all
here. These are questions their internal auditors would likely ask.
Who else might be interested? (can you say BoD)
Why
MilitarySingles.com’s denial of breach fails to convince me
April 12, 2012 by admin
Some breach reports really bother me.
The MilitarySingles.com
situation is a case in point. Despite their denial
of any breach, what I saw in the two data dumps leaves me with
the nagging suspicion that they were hacked. And so I contacted them
again almost two weeks ago, following their
last statement, to ask to speak with them about my concerns and
what I had found in analyzing some of the data. They never responded
to that request or got back to me.
So after mulling this over for a while,
I decided to post my concerns here. This will be a long post, so
bear with me.
If you were to ask an MBA
(Oh wait, I have one of those) he would tell you that leaving anyone
unsupervised was proof of bad management. I wrote a few programs to
tell me exactly what my people were doing and I explained to them how
the reports could (and did) protect them from wild accusations of
misconduct. Frequent reviews of the reports with my employees
reinforced the seriousness of “the rules”
Leaving
IT admins unsupervised is like putting “Dracula in charge of the
blood bank”
April 13, 2012 by Dissent
Ben Grubb reports:
About 40 per cent
of IT administrators go snooping through emails of employees,
particularly those of high-level executives, claims the chief
executive of a firm that manages the IT security of various
Australian companies and government agencies.
A company’s IT
admins have access to virtually every document company-wide –
including executive files, payroll information and medical data –
and many “can’t help themselves” in gaining access to emails,
says Carlo Minassian, founder and CEO of Earthwave, the North
Sydney-based firm that is hired by organisations looking to outsource
their IT security.
Read more on The
Age.
Definitely something I'll add to my
Intro t Computer Security course. (First, scare them Then, show
them a solution)
'Get
a Copy of What You've Shared on Facebook'
Faced a host of privacy investigations
around the globe and an initial public offering in the next few
works, Facebook is trying
extra hard to increase transparency and make users happy. The
latest effort is an expansion of the social network's "Download
Your Data" feature, a three-click process that lets you "Get
a copy of what you've shared on Facebook." The site first
launched this feature two years ago but only allowed users to get
a copy of their list of friends, photos, wall posts, messages, and
chat conversations. Now, you'll also get a list of your former
usernames and email addresses, all of your friend requests as well as
the IP addresses of all the computers you've used to
log on to Facebook. It's like a data-rich walk down
memory lane.
Read the full story at The
Atlantic Wire.
“We can (and do) therefore we (and
the government) must” Haven't I been saying this for years?
"Chief Judge Alex Kozinski of
the Ninth Circuit Court of Appeals candidly
discusses the future of privacy law in an essay published today
in the Stanford Law Review Online. Referencing an Isaac Asimov short
story, Kozinski acknowledges a serious threat to our privacy — but
not from corporations, courts, or Congress: 'Judges, legislators and
law enforcement officials live in the real world. The opinions they
write, the legislation they pass, the intrusions they dare engage
in—all of these reflect an explicit or implicit judgment about the
degree of privacy we can reasonably expect by living in our society.
In a world where employers monitor the computer communications of
their employees, law enforcement officers find it easy to demand that
internet service providers give up information on the web-browsing
habits of their subscribers.'"
"In a world where people post
up-to-the-minute location information through Facebook Places or
Foursquare, the police may feel justified in attaching a GPS to your
car. In a world where people tweet about their sexual experiences
and eager thousands read about them the morning after, it may well be
reasonable for law enforcement, in pursuit of terrorists and
criminals, to spy with high-powered binoculars through people's
bedroom windows or put concealed cameras in public restrooms. In a
world where you can listen to people shouting lurid descriptions of
their gall-bladder operations into their cell phones, it may well be
reasonable to ask telephone companies or even doctors for access to
their customer records. If we the people don't consider our own
privacy terribly valuable, we cannot count on government — with its
many legitimate worries about law-breaking and security — to guard
it for us.'"
Perhaps we could collect
these into a “How To” guide...
Unmasking Anonymous
Internet Speech in New York
April 12, 2012 by Dissent
Scott M. Himes writes:
Every day
innumerable people “speak” on the internet, through email, social
media, blogs, and other electronic writings, without disclosing their
identities (or by using fictitious ones). But the anonymity of
internet speech becomes an issue when one feels aggrieved by
anonymous (or pseudonymous) words. And although the First Amendment
protects anonymous speech, that protection is not absolute.
Increasingly, would-be plaintiffs — particularly those claiming
defamation based on internet speech — resort to the courts to
unmask the electronic speaker’s identity. New York’s pre-action
disclosure statute provides a well-suited mechanism for doing so,
although using it for this purpose raises unsettled issues.
Read more on Law
Technology News. The article provides a nice recap of cases in
New York when it comes to unmasking anonymous online speakers.
How should I take this? Millions of
legitimate users don't count? More likely, any possible defense is
to be attacked aggressively, because if they lose this they might not
get to fight another day...
U.S.
tries to silence MegaUpload lawyers on issue of user data
… U.S. officials shut down the
cyberlocker service, requested that the New Zealand government arrest
DotCom, and are now trying to extradite him to the United States.
U.S. officials have called the MegaUpload indictment the
largest online criminal copyright case ever brought.
Hanging in the balance of today's
hearing are digital files belonging to as many as 60
million people across the globe. Their files could be in
jeopardy if O'Grady decides to allow Carpathia Hosting, the company
that has housed the servers at its own expense since the service was
taken down, to delete the information on them or possibly sell off
the servers.
… Rothken says that all the parties
are in agreement that MegaUpload's data should be preserved save for
the U.S. government.
… Even the Motion Picture
Association of America (MPAA), the trade group representing the film
studios, has asked the court to save the data. The MPAA has said it
may need it should the studios want to file a civil complaint at a
later date against MegaUpload.
And should MegaUpload's attorneys be
allowed to speak, they will tell the judge that they can't defend
their clients properly without the server data, Rothken said.
“Those
who cannot remember the past are condemned to repeat it. ”
George Santayana
A business model that charges for free
broadcast TV? Sounds like the networks are jealous.
Shades
of 1984 Emerge in Broadcast TV Copyright Flap
In 1984, Hollywood was arguing that the
VCR and home taping would kill its business and wanted the Supreme
Court to outlaw the devices from Americans’ living rooms. Luckily
for Americans and Hollywood, the Supreme Court recognized the power
of innovation and the limits of copyright in a 5-4 decision that
helped unleash a revolution in home entertainment that included a
multi-billion-dollar market in videotape and DVD sales and rentals.
Fast forward three decades and we’re
right back to 1984. Broadcasters including ABC, CBS, Fox, NBC and
Univision are set to appear in court next month to urge a New York
federal judge to block the latest television-viewing technology they
claim will bankrupt their business model.
… To understand the latest legal
jockeying, substitute the term VCR with Aereo. The upstart, Aereo,
opened for business last month and supplies internet streams and a
DVR service for over-the-air broadcasts to its New York customers.
In other words, Aereo lets those in New York who want to watch
on their iPad what they can pull down for free from the public
airwaves to their TV with an antenna. For the moment, the
service is free, but will soon charge $12 monthly.
This just in: It was never
about a successful launch.
This
Just In: North Korea Still Sucks at Launching Rockets
The North Korean rocket launch that
gave
the world heartburn is a dud. Again. CNN reports that the
Unha-3 rocket blew up after failing to get its “Bright Star”
satellite into orbit. In case you’re counting, that makes them 0
for 4 since 1998.
Another free Office
Suite...
"The Calligra team has
announced the first
release of the Calligra suite of office and creativity
applications. This marks the end of a long development period
lasting almost one and a half year. It is the first release in a
long series which is planned to make improved applications every 4
months. Calligra is a continuation of the old KOffice project and it
may be interesting for KOffice users to know what they will get.
Some highlights are: a completely rewritten text layout engine that
can handle most of the advanced layout features of OpenDocument
Format (ODF), simplified user interface, support for larger parts of
the ODF specification (for example line endings like arrows), and
improved import filters for Microsoft document formats. There
are also two new applications: Flow for diagrams and flowcharts, and
Braindump for the note taking. Calligra Active is
a new interface for touch based devices and especially for the KDE
Plasma Active environment. Several companies have already used
Calligra as a base for their own office solution. One of them is
Nokia with their N9 high end smartphone where Calligra is embedded
into the so called Harmattan Office."
It might be interesting to
see what research attracts big bucks...
Crowdfunding projects through sites
like Kickstarter has become
incredibly popular lately. Can the same process of opening up
funding to "the crowd" work for academic and scientific
research?
A new site called Microryza
launches today to do just that.
You can read my story over on Inside
Higher Ed...
Huh. I've been doing that
for years, why aren't I rich instead of handsome?
Screw
University, Course Hero Curates YouTube Into Free Business and Coding
Classes
You can learn just about anything from
YouTube…if you’re willing to dig through millions of videos.
Luckily, Course Hero has
done the work for you, offering coherent classes by hosting
collections of the best educational YouTube videos and other content.
The newly launched
courses section of the eduTech startup’s site now has classes
in entrepreneurship, business plan development, and programming in a
variety of languages. Meanwhile, Course Hero offers crowdsourced
study guides, tutoring, and flashcards.
No comments:
Post a Comment