Tuesday, October 30, 2012

Apparently, someone told them that it is possible for terrorists to be behind a hack.
"The Federal Bureau of Investigation (FBI) is finally stepping up its game when it comes to hackers. Maybe it was Anonymous that did it or maybe it was statements from the US Secretary of Defense two weeks ago, but either way, the FBI is now hunting hackers 24/7."
I'm happy that the FBI no longer has an investigation schedule when it comes to online crime, but I have to think that I'm not the only one who assumed they were doing this before.
[From the article:
The division’s main focus is now cyber intrusions, working closely with the Bureau’s Counterterrorism and Counterintelligence divisions. More importantly, the FBI-led “National Cyber Investigative Joint Task Force” (NCIJTF), as it’s being called, will share information with partner intelligence and law enforcement agencies, including the Departments of Defense, Homeland Security, and the National Security Agency.


Not exactly the “prisoner's dilemma” or is it?
Argument recap: Sensitive to lawyers’ dilemma
The Supreme Court showed Monday that it is genuinely troubled that the govenment, carrying on a sweeping program of wiretaps seeking to track terrorism activity, may be putting lawyers in a serious professional and ethical bind as they represent individuals potentially caught up in that eavesdropping. It was not immediately clear, though, whether that worry was deep enough to lead the Court to give those attorneys a right to sue to challenge the constitutionality of the global surveillance that seems to be tracking Americans’ conversations, too.
Although the government’s top lawyer in the Court, Solicitor General Donald B. Verrilli, Jr., argued that no one should be allowed in court to contest this program unless they can show that the government’s potential overhearing of sensitive legal conversations is close to a certainty, several of the Justices seemed wary of making it that difficult to bring a challenge when it is entirely likely that such monitoring has occurred, or will occur.
… The Solicitor General did not appear to have scored a hit when he argued that, if lawyers were cutting back on how they dealt with their clients, they were doing so because of ethical restraints, not because of the government’s surveillance. Justice Elena Kagan, in particuarly, seemed offended by that point.
… Verrilli’s strongest point, though, was that the Justices could trust a specialized federal court, the Foreign Intelligence Surveillance Court, which operates entirely in secrecy, to act as a sufficient check on excessive use of foreign intelligence wiretapping. Justice Antonin Scalia, in particular, was a strong defender of indulging in just that kind of trust. If there are constitutional violations, Scalia said, that court will ferret them out.
… And, Kennedy added, a lawyer who was representing an individual who might be targeted as a potential terrorist would actually “engage in malpractice” if that attorney did not take steps to protect conversations with the client or with the client’s family members from being monitored. Picking up on Justice Kagan’s repeated comments about lawyers’ ethical obligations to their clients, Kennedy appeared tempted to conclude that lawyers had, in fact, already suffered professional harm that might be sufficient to give them “standing” to sue to challenge the program.

(Related) But everyone is doing it! (We can, therefore we must!)
UK: Kent Police investigated in private data scandal
October 29, 2012 by Dissent
Just because you have the technology, it doesn’t mean you should use it.
Kent Police is under investigation over claims it is storing personal information on everyone arrested, even if no charges are brought.
The force is said to be one of six in England and Wales that uses special software to “interrogate” private mobile phones belonging to members of the public.
Details harvested can include calls and messages sent and received, internet activity, photographs and personal memos.


Sometimes, I don't want to know that “There's an App for that.” Note that it does take some interesting programming to separate skin from cloth...
The iPhone app that sucks out Facebook bikini pics
One should always appreciate those who truly understand the human psyche.
One should also always appreciate humanists who embrace the concept of honesty. They are so few.
Stunningly, there is now an iPhone app that manages to do both. It's called, with all due subtlety, Badabing.


A very similar reaction from my Statistics students...
By Dissent, October 29, 2012
Here’s a useful example of why my eyes glaze over at times when trying to make sense of breach statistics. Tim Smith of the Greenville News recently reported:
South Carolina state agencies and businesses over a three-year period reported dozens of computer security breaches that potentially could affect at least 410,000 people, a report obtained by GreenvilleOnline.com shows.
Much of that, according to a report by the state Department Consumer Affairs, came from healthcare organizations last year, which reported breaches affecting a possible 325,000 people.
The report does not include the most recent fiscal year, or the database theft earlier this year of almost 230,000 records from the Department of Health and Human Services, said Juliana Harris, spokeswoman for the agency.
So my first impression was that healthcare sector clearly accounts for the greatest percentage of records/individuals affected by reported breaches in South Carolina for the past three years. But does it also represent the largest percentage of breaches? So I read on:
Of the 56 disclosures, the healthcare industry, such as hospitals, submitted nine notices affecting 340,000 residents. Government agencies submitted six breaches affecting 35,000 residents; financial organizations turned in 12 breach notices affecting almost 19,000 consumers; and other industries submitted 29 notices affecting about 17,000 residents, according to the data from Consumer Affairs.
Healthcare organizations alone reported 325,000 people impacted from three security breaches in 2011, according to the data.
Using the three-year timeframe, 9 out of 56 = 16% of reported breaches were from the healthcare sector, a statistic that is considerably higher than the 7% statistic reported in Verizon’s 2012 breach report. Verizon, however, notes that their cases from this sector may be under-represented as many healthcare sector entities would not turn to Verizon to investigate a breach. SC’s 16% statistic is consistent, however, with the 15% all-time statistic for the healthcare sector from DataLossDB.org.
For 2011, however, healthcare sector breaches constituted 50% of all reported SC breaches (3 out of 6), while for DataLossDB.org, healthcare sector breaches constituted 18% of all 2011 breaches in that database. Frankly, I’m surprised South Carolina only got six breach reports in 2011 considering it was somewhat a “banner year” for breaches. Even though South Carolina does not require reporting to the state for breaches affecting fewer than 1,000, their report still seems surprisingly low to me.
But as importantly, we can’t really interpret SC’s statistics without knowing what percent of all entities the healthcare sector represents in South Carolina. If they represent 10% of all entities that might have to report breaches, then the 16% might indicate unusual trouble in the healthcare sector with respect to breaches. If, on the other hand, they represent 25% of all entities, then a 16% statistic reflects favorably on the sector.
Without additional information or context, interpreting statistics is often a puzzlement and is definitely not a task for the faint-hearted.
What seems clear, though, is that a lot of South Carolina consumers had their personal and/or health information compromised or put at risk over the past three years and that healthcare entities that maintain huge databases may make desirable targets for corrupt insiders or hackers. Verizon offers some suggestions for the healthcare sector. Their advice strikes me as sound.
And now if you’ll excuse me, I’m going to go put a cool towel over my eyes and forehead until the urge to make sense of statistics passes – for now, anyway.


Perspective It works, but you shouldn't count on it working? Should we fix this?
FDNY to NYC: Please don't tweet for help
With New York City inundated by Hurricane Sandy-driven storm surge, heavy winds, and emergencies throughout town, the FDNY is pleading with people not to use Twitter to call for help.
… It's not that the fire department categorically won't respond to calls for assistance on Twitter, however. It just doesn't want New Yorkers thinking they can depend on the microblogging service for help from the FDNY.


If this actually surprises anyone, we need to talk...
"A month before the controversial 'six strikes' anti-piracy plan goes live in the U.S., the responsible Center of Copyright Information (CCI) is dealing with a small crisis. As it turns out the RIAA failed to mention to its partners that the 'impartial and independent' technology expert they retained previously lobbied for the music industry group. In a response to the controversy, CCI is now considering whether it should hire another expert to evaluate the anti-piracy monitoring technology."


Includes info on at least 3 UAV (drone) systems...
October 29, 2012
2013 Army Weapon Systems Handbook
Via Steven Aftergood, Secrecy News: "The U.S. Army has just published the 2013 edition of its annual Weapon Systems Handbook, which is filled with updated information on dozens of weapon systems, the military contractors who produce them, and the foreign countries that purchase them... An appendix provides an informative breakdown of military industry contractors by weapon system and by the state where the contractor is located."

(Related) We have lots of drones, but the CIA isn't interested in killing a mere hurricane...
NASA Preps Drone Hurricane Hunters, But Misses Sandy


Too cool to ignore!
Shakespeare: Globe to Globe took place this summer and featured 37 plays being performed in 37 different languages in the rebuilt Shakespeare Globe theatre in London, England. Put on as a celebration of the impact that the playwright has had around the world, live audiences watched performers deliver famous lines in their mother tongues in the playwright’s spiritual home.
Nothing quite compares to the emotion, crowd and weather involved in watching a play performed in an open theatre, but that doesn’t mean you can’t enjoy the theatre at home. Luckily the whole season of unforgettable performances are available for viewing via The Space, a hub that provides free access to various artforms on the Internet and mobile devices.
[Jump directly to the plays: http://thespace.org/items/s00001ns


Free stuff for my Geeks?
"This election year, CodeWeavers is repeating its 'Great American Lame Duck Presidential Challenge' from 2008, and will be giving away free one-year subscriptions to Crossover Linux and Mac. 'On Wednesday, Oct. 31, 2012, beginning at 00:00 Central Time (+6 GMT), anyone visiting CodeWeavers’ Flock The Vote promotional web site (flock.codeweavers.com) will be able to download a free, fully functional copy of either CrossOver Mac or CrossOver Linux. Each copy comes complete with 12 months of support and product upgrades. The offer will continue for 24 hours, from 00:00 to 23:59, Oct. 31, 2012. ... The company had recently launched its 'Flock the Vote' challenge – a voter turnout initiative in which CodeWeavers promised free software for 24 hours if 100,000 people pledged to vote in the 2012 Presidential election.'"


Something for PowerPoint haters...
PowerPoint Killer Prezi Launches New Interface
Prezi, a popular alternative to Microsoft PowerPoint and other presentation applications, launched a new version of its interface today.
… For those not familiar, Prezi uses a map-like metaphor for creating presentations instead of a slideshow metaphor. This makes it possible to create non-linear presentations, or presentations that use spatial metaphors for organizing ideas, like mind maps.
The web version of Prezi is free, but if you want the desktop version or certain other features you’ll have to shell out for the Pro account, which costs $159 a year. But even free users can use the offline presentation viewers, so you never have to worry about shoddy conference wifi when giving a presentation. You can also use it for giving online presentations, bypassing the need to use WebEx.

No comments: