Catching
up to the 9 year old script kiddies...
"The DHS and ICS-CERT are
warning users of some popular Tridium Niagara AX industrial control
system software about a series
of major vulnerabilities in the applications that are remotely
exploitable and could be used to take over vulnerable systems.
The bugs, discovered by researchers Billy Rios and Terry McCorkle,
are just the latest in a series of
vulnerabilities found in the esoteric ICS software packages that
control utilities and other critical systems. The
string of bugs reported by Rios and McCorkle include a directory
traversal issue that gives an attacker the ability to access files
that should be restricted. The researchers also discovered that the
Niagara software stores user credentials in an insecure manner.
There are publicly available exploits for some
of the vulnerabilities."
“Download our 'surveil yourself'
App!”
"Motorists are being invited to
help develop a new driving app that could earn them a discount of 'up
to 20%' on their motor insurance. British insurer Aviva is using
smartphone technology to create individual driver profiles
that will be used to calculate tailored pay-how-you-drive premiums.
The driver behavioral app, Aviva RateMyDrive, will monitor
motorists taking part in the test for 200 miles, including
acceleration, braking and cornering. This data is then turned into
an individual score which helps determine the motorist's premium,
with 'safer' drivers earning up to 20% off their deal."
Don't
worry, it's just that DHS worker bees don't know what policy DHS
executive leadership has implemented.
EPIC
FOIA – Documents Shed Further Light on Homeland Security Pursuit of
Crowd Surveillance
August 17, 2012 by Dissent
From EPIC.org:
New
documents obtained by EPIC under the Freedom
of Information Act provide further details on a DHS plan to use
an multiples
surveillance technologies to search people in public spaces.
Previous EPIC FOIA work produced records
about a similar DHS program, which the government agency subsequently
claimed
it had cancelled. However, the new documents obtained by EPIC show
that the DHS was still
pursuing mobile crowd surveillance as recently as 2011. The
technologies include “intelligent video,” backscatter x-ray,
Millimeter Wave Radar, and Terahertz Wave, and could be deployed at
subway
platforms, sidewalks, sports arenas, and shopping malls. For
more information, see EPIC:
EPIC v. DHS (Mobile Body Scanners FOIA Lawsuit) and EPIC:
Electronic Frisking
“So
if you ask to see an image, that's okay but we don't store the image
so you can't see it unless we think it's related to a crime in which
case you can't see it because it's evidence...” So what actually
changes?
Nation’s
police chiefs adopt drone code of conduct (updated)
August 16, 2012 by Dissent
Stephen Dinan reports:
The nation’s
police chiefs have adopted a code of conduct for their use of drones,
including letting any images captured by unmanned aerial vehicles, or
UAVs, be open to inspection by the public, and that the images not be
stored unless they are evidence of a crime or part of an ongoing
investigation.
The chiefs also
said that if they plan to fly drones over an area where they are
likely to spot criminal activity and where they would be intruding on
someone’s “reasonable expectations of privacy,” they should
seek to get a search warrant first.
Read more on Washington
Times.
Update: Thanks to Ryan
Calo, who pointed me to the full code
of conduct. The full code contains a statement on image
retention that was omitted in the media report:
IMAGE
RETENTION:
1. Unless required
as evidence of a crime, as part of an on-going investigation, for
training, or required by law, images captured by a UA should not be
retained by the agency.
2. Unless exempt
by law, retained images should be open for public inspection.
The “for training” in (1) seems
like a pretty permissive standard, and it would be better if that
were limited.
That
does it. I'm creating “None of the above” to accept donations.
Text
Message Donations Good for Democracy, Risky for Privacy
In June, the Federal Election
Commission announced
that political campaigns will soon be able to accept donations via
text message. This new option will empower thousands of citizens,
especially young and low-income people who have less money to give
but tend
to use cellphones at a greater rate, to participate more actively
in the political process.
… But this proposal also has a
potential downside: a loss of privacy.
An outdated patchwork of statutes has
created a complex web of standards governing law enforcement’s
access to communications handled by third-party providers. This
includes differential treatment for the content of communications and
for the “metadata” about those communications.
Actually,
this would explain a lot about the RIAA and MPAA.
Tools
to torture students? “Dude! No electric guitars? No window
shattering bass? No cursing? You call this music?”
"Just under two years ago
Musopen launched a Kickstarter campaign covered
here on Slashdot. Today that project is complete with the
release of a large amount of classical recordings into the public
domain. This brings an extensive collection of high quality
classical music into the public domain. The project music is hosted
on the
Musopen site, and on archive.org."
'cause
you never know when you might need a “∑” or a “μ” or a “∛”
… what if you want to type
something that is not readily available on the keyboard? If that’s
the case you need to check out PiliApp Symbol. It has hundreds of
symbols available for you to use however you wish.
Of
course this come out right at the end of my Statistics class. I
would like my students to give this a try.
How
Statwing Makes It Easier To Ask Questions About Data So You Don’t
Have To Hire a Statistical Wizard
… Statwing
is a Y-Combinator startup that translates the arcane technical
terminology into plain english so you can do data analysis on your
own.
So
many students don't know how to do this...
No comments:
Post a Comment