Security breach perspective As the
value of a single credit card goes down, you can make up for it by
increasing your volume...
Theft
of 44K credit cards is tip of the iceberg, police say
… David Benjamin Schrooten, aka
"Fortezza," is being targeted by federal prosecutors for
allegedly hacking into computers and stealing massive amounts of
credit card numbers. Once he obtained the numbers, he allegedly sold
them in bulk quantities via different Web sites. The
44,000 is reportedly from just one sale.
Police caught onto Schrooten's alleged
heist last November after a Seattle restaurant owner contacted the
police. According to the Associated Press, several customers who ate
at the restaurant got suspicious charges on their cards. Some
were even getting charged $70 to $80 in as little as 10 minutes after
using their cards at the restaurant.
For my Disaster Recovery class.
“Sorry, we have no record of your account.” Many articles, no
real information.
IN:
Fire in Pathankot bank, data destroyed
June 11, 2012 by admin
Hope they had an off-site backup:
Pathankot: A fire
broke out in a branch of State Bank of Patiala here, destroying a
large amount of data, police said today.
According to
preliminary inquiry, the fire was caused by short circuit in the
computer room last night and was controlled after two hours of fire
fighting operations assisted by police.
No loss of life
was reported due to the fire.
The data loss due
to the fire in the computer room could be huge, Pathankot DSP Rajit
Singh said.
Source: ZeeNews.com
Perhaps the Privacy Foundation should
invite Phil back. This is how lawyers should talk to their
clients...
Phil
Zimmermann's post-PGP project: privacy for a price
… Zimmermann's new company, Silent
Circle, plans to release a beta version of an iPhone
and Android app in
late July that encrypts phone calls and other communications. A
final version is scheduled to follow in late September.
If everyone (NSA, TSA, DHS, NYPD,
MOUSE) starts flying these things over cities, we might see more
crashes in places normal air traffic avoids.
Navy
Loses Giant Drone in Maryland Crash
Somehow this doesn't make sense.
"Documents
released by the FBI provide an unusual inside look at how the agency
is struggling to penetrate 'darknet' Onion sites routed through
Tor, the online privacy tool funded in part by government grants to
help global activists. In this case, agents were unable
to pursue specific leads about an easily available child
pornography site, while files withheld indicate that the FBI has
ongoing investigations tied to the Silk Road marketplace, a popular,
anonymous Tor site for buying and selling drugs and other illegal
materials."
Sounds similar to the problems that
plagued freenet.
[From the MuckRock
article:
In this particular case, a citizen
reported stumbling upon [i.e the files were not
hidden Bob] a cache of child pornography while browsing
the anonymous Tor network's hidden sites, which are viewable
with specialized, but readily available, tools and the special .onion
domain. [How could they be “readily available” to everyone but
the FBI? Bob]
We're doomed!
June 11, 2012
Report
- "When the Government Comes Knocking, Who Has Your Back?"
- "When you use the Internet, you entrust your online conversations, thoughts, experiences, locations, photos, and more to companies like Google, AT&T and Facebook. But what happens when the government demands that these companies to hand over your private information? Will the company stand with you? Will it tell you that the government is looking for your data so that you can take steps to protect yourself? The Electronic Frontier Foundation examined the policies of 18 major Internet companies — including email providers, ISPs, cloud storage providers, and social networking sites — to assess whether they publicly commit to standing with users when the government seeks access to user data. We looked at their terms of service, privacy policies, and published law enforcement guides, if any. We also examined their track record of fighting for user privacy in the courts and whether they’re members of the Digital Due Process coalition, which works to improve outdated communications law. Finally, we contacted each of the companies with our conclusions and gave them an opportunity to respond and provide us evidence of improved policies and practices. These categories are not the only ways that a company can stand up for users, of course, but they are important and publicly verifiable."
Worth skimming theough?
UK:
#Intelligence
Source: Demos (UK)
The growth of social media poses a
dilemma for security and law enforcement agencies. On the one hand,
social media could provide a new form of intelligence – SOCMINT –
that could contribute decisively to keeping the public safe. On the
other, national security is dependent on public understanding and
support for the measures being taken to keep us safe.
Social media challenges current
conceptions about privacy, consent and personal data, and new forms
of technology allow for more invisible and widespread intrusive
surveillance than ever before. Furthermore, analysis of social media
for intelligence purposes does not fit easily into the policy and
legal frameworks that guarantee that such activity is proportionate,
necessary and accountable.
This paper is the first
effort to examine the ethical, legal and operational challenges
involved in using social media for intelligence and insight purposes.
It argues that social media should become a permanent part of the
intelligence framework but that it must be based on a publicly
argued, legal footing, with clarity and transparency over use,
storage, purpose, regulation and accountability. #Intelligence
lays out six ethical principles that can help government
agencies approach these challenges and argues for major changes to
the current regulatory and legal framework in the long-term,
including a review of the current Regulation of Investigatory Powers
Act 2000.
+ Direct
link to document (PDF; 405 KB)
We like this standard best: “It's off
by default (because that's best for us) and even when you turn it on,
we can keep acting like it's off.”
‘Do
not track’ privacy options should not be activated by default,
standards body proposes
June 12, 2012 by Dissent
The World Wide Web
Consortium (W3C), which is responsible for ensuring that web
technology is based on an agreed set of technical standards, has been
working on developing a new ‘do not track’ (DNT) controls system
for operation within web browser settings. It has said that the
controls should not to be set by default. Instead, internet users
would have to provide their “explicit consent” to activate them.
Jonathan Mayer of
Stanford University, who has been working on the new standard, said
that W3C had worked on a “compromise proposal” which would
prohibit online publishers using cookies to track their users’
online activity once those users had enabled the DNT option.
However, “affiliate information sharing” about
users can continue even once DNT controls have been activated,
Mayer said.
Read more on Out-Law.com.
Just out of curiosity, does State
actually have anyone on staff who understands technology?
State Department offers
Amazon up to $16.5M to hand out Kindles
The only e-reader fit enough to meet
the U.S. State Department's needs is the Kindle
Touch. The iPad
and Nook
simply won't do. The government has asked Amazon to negotiate a
no-bid contract of up to $16.5 million to pass out Kindles to the
country's embassies overseas. This was first reported by Nextgov.
If Amazon proposes a contract based on
the State Department's needs,
it would theoretically provide at least 2,500 Kindle Touches
preloaded with 50 titles each to the State Department; but this
number could grow because the government is looking to negotiate a
contract that could last up to five years.
Job opportunities for my Ethical
Hackers...
"In this TED Talk, Rory
Sutherland discusses the need for every company to have a staff
member with the
power to do big things but no budget to spend: these are the
kinds of individuals who are not afraid to recommend cheap and
effective ways to solve big company problems. This article argues
that, in the IT world, this person is none other than a
highly-skilled hacker. From the article: 'To the media, the term
“hacker” refers to a user who breaks into a computer system. To
a programmer, “hacker” simply means a great programmer. In
the corporate IT field, hackers are both revered as individuals who
get a lot done without a lot of resources but feared as individuals
who may be a little more “loose cannon” than your stock IT
employee. Telling your CEO you want to hire a
hacker may not be the best decision for an IT manager, but actually
hiring one may be the best decision you can make.'"
Fortunately, we no longer bother with
“ye olde textbooks” – each learning objective is a separate
collection of lectures, videos, websites and Apps...
First time accepted submitter discussM
tipped us to a story about a recently granted patent in which "a
system and method preventing
unauthorized access to copyrighted academic texts is provided in
which trademark licenses, discussion boards, and grade content are
integrated into a web-based system that aligns the interests of
teaching professionals, students, and publishers while also enhancing
the overarching academic mission to create and disseminate
knowledge." Quoting Torrent Freak: "As part of a course,
students will have to participate in a web-based discussion board, an
activity which counts towards their final grade. To gain access to
the board students
need a special code, which they get by buying the associated
textbook." But don't worry too much, from Ars: "Beyond the
legal questions, other experts suggested forcing students to buy
texts through such a system is unlikely
to be implemented. Professors have few incentives to make it
more difficult and to compel students even more than they already are
to buy textbooks, digital or analog. (A 2011 survey from UC
Riverside found that 78 percent of undergraduates 'bought fewer
books, bought cheaper books or read books on reserve to help meet
expenses.')"
(Related) For my students. Lots more
out there like these.
… We have published a number of
articles with links to programming video
tutorials, interactive
learning modules, and even our
own programming lessons, but sometimes, you might just need a
good book to immerse yourself in. Lucky for you, up next I’ve
gathered a list of legally free programming books
that can get you started with learning how to program, scripting and
even making your own websites.
Thinking
in C++ by Bruce Eckel
The author of the book also has written
various books on Java, Python and more, many of which are available
for free from his site.
Dive
Into HTML5 by Mark Pilgrim
Eloquent
Javascript by Marijn Haverbeke
Another resource to note is the
Non-Programmer’s
Tutorial for Python 3 from Wikibooks,
which indicates that it’s meant for individuals with no previous
programming experience, though I’m sure intermediate programmers
could also find the tutorial useful. There’s even a print-friendly
version for those that want a physical copy of the tutorial.
For additional resources to learn
Python, check out a more complete
list of Python-teaching sites.
(Related)
Monday, June 11, 2012
If you're looking to learn something
new or brush-up on your content area knowledge, Open Culture probably
has a course listing for you. The latest update to their list
of free and open online courses brought the total offerings up to
500. The course content is hosted on a variety of platforms
including iTunes, YouTube, and Vimeo. The courses come from notable
universities including Stanford, Harvard, and Yale. And thankfully,
the list is organized by subject area.
No comments:
Post a Comment