Tuesday, November 27, 2012

We don't use SCADA in our Ethical Hacker exams, it's too easy.
"It is open season on SCADA software right now. Last week, researchers at ReVuln, an Italian security firm, released a video showing off a number of zero-day vulnerabilities in SCADA applications from manufacturers such as Siemens, GE and Schneider Electric. And now a researcher at Exodus Intelligence says he has discovered more than 20 flaws in SCADA packages from some of the same vendors and other manufacturers, all after just a few hours' work."


I suspect that companies wishing to “punish” whistleblowers must tread carefully. I wonder what pushes them over the line? That's why we teach our Ethical Hackers (wait for it) Ethics!
AT&T iPad Hacker’s Real Crime Was Embarrassing the Wrong People
… How to best disclose a newly discovered vulnerability is a matter of some controversy, and highly dependent on where one happens to be sitting. Vendors want the chance to address problems before they become public. Users want to know immediately about the flaws in the systems they depend on. The security community wants to study and build on new discoveries. Researchers want credit for their discoveries, and worry they might be “scooped” by someone else: publish or perish.
And everyone thinks their moral high ground is superior to all the others’.


Nothing gives you that warm, fuzzy feeling like assurances from the Pentagon.
Isaac Asimov's "Three Laws of Robotics"
  1. A robot may not injure a human being or, through inaction, allow a human being to come to harm.
  2. A robot must obey orders given it by human beings except where such orders would conflict with the First Law.
  3. A robot must protect its own existence as long as such protection does not conflict with the First or Second Law.
Pentagon: A Human Will Always Decide When a Robot Kills You
… Here’s what happened while you were preparing for Thanksgiving: Deputy Defense Secretary Ashton Carter signed, on November 21, a series of instructions to “minimize the probability and consequences of failures” in autonomous or semi-autonomous armed robots “that could lead to unintended engagements,” starting at the design stage (.pdf, thanks to Cryptome.org). Translated from the bureaucrat, the Pentagon wants to make sure that there isn’t a circumstance when one of the military’s many Predators, Reapers, drone-like missiles or other deadly robots effectively automatizes the decision to harm a human being.


It's right there on page 92, paragraph C, line 4, microprint line 29: “...frequently assume the role of village idiot...”
November 26, 2012
CRS - Roles and Duties of a Member of Congress
Roles and Duties of a Member of Congress: Brief Overview, R. Eric Petersen, Specialist in American National Government, November 9, 2012
  • "The duties carried out by a Member of Congress are understood to include representation, legislation, and constituent service and education, as well as political and electoral activities. The expectations and duties of a Member of Congress are extensive, encompassing several roles that could be full-time jobs by themselves. Despite the acceptance of these roles and other activities as facets of the Member’s job, there is no formal set of requirements or official explanation of what roles might be played as Members carry out the duties of their offices. In the absence of formal authorities, many of the responsibilities that Members of Congress have assumed over the years have evolved from the expectations of Members and their constituents."


Note the assumption that the child has a cell phone. Also, there is no explanation of how Mom remotely loads cash into the system.
Palm scanners get thumbs up in schools, hospitals
November 26, 2012 by Dissent
Brian Shane reports:
At schools in Pinellas County, Fla., students aren’t paying for lunch with cash or a card, but with a wave of their hand over a palm scanner.
“It’s so quick that a child could be standing in line, call mom and say, ‘I forgot my lunch money today.’ She’s by her computer, runs her card, and by the time the child is at the front of the line, it’s already recorded,” says Art Dunham, director of food services for Pinellas County Schools.
[...]
A palm scan’s precision record-keeping also avoids possible confusion if patients have the same name. For instance, a hospital system in the Houston area with a database of 3.5 million patients has 2,488 women in it named Maria Garcia – and 231 of them have the same date of birth, Bertrams says.
HT Systems president David Wiener won’t reveal revenue but says that since 2007, they’ve got more than 160 hospitals for clients and have scanned more than 5 million patients.
Read more on USA Today.
I think we can probably all agree that preventing confusion in identifying and treating patients is a good thing. Is there a down side or risk here? If so, what is it?
[From the article, for my Statistics students:
A palm scan's precision record-keeping also avoids possible confusion if patients have the same name. For instance, a hospital system in the Houston area with a database of 3.5 million patients has 2,488 women in it named Maria Garcia – and 231 of them have the same date of birth, Bertrams says. [And all of them in the hospital (and unable to speak) on the same day? Bob]


Beyond cookies...
November 26, 2012
AVG - How to Choose How You’re Tracked
AVG Official Blog: "All the latest versions of the major browsers today include do-not-track user preference controls, but these merely express your wishes. Many third-party sites will honor your request, but many don’t. And they only let you decide whether you want to block online tracking or not. AVG offers a do-not-track feature in its AVG Anti-Virus Free Edition. AVG takes it a step further by allowing you to customize your blocking preferences at a granular level. Permanent Identifiers - One company to be aware of is BlueCava. Unlike cookies, which can be blocked or removed, BlueCava provides tracking technology that allows sites to permanently identify whatever device you’re using to connect to the web. The good news is, you can opt-out by going to http://www.bluecava.com/preferences, but you have to connect using each device you want to remove from their system."


Note the picture of the ultimate Copyright Lawyer in action!
Facebook Debunks Copyright Hoax
A silly copyright notice is sweeping Facebook today, with users attaching pseudo-legalese to their status updates in a misguided effort to prevent Facebook from owning or commercially exploiting their content. Facebook has issued a formal “fact check” statement refuting the legalese.
The viral copyright notice last spread on Facebook in May and June. Now it’s back and garnering lots of attention.

(Related)
Just last week, Facebook decided to make some big changes to how it deals with user feedback on privacy issues, but one of the changes in the updated privacy policy went slightly unnoticed. Facebook says that they can now use the data it has about your likes and dislikes to show you ads outside of Facebook. In other words, the social network giant can display catered ads to you when you’re not even browsing Facebook.


Perspective
We all know by now that Apple earns a lot of money, and the company’s profit margins are insane, but just how insane are they? If you put their fiscal 2012 profit numbers next to other big contenders in the tech industry, all other companies pale in comparison. Apple made more money than Microsoft, eBay, Google, Yahoo!, Facebook, and Amazon combined.
Apple just recently wrapped up its fiscal year 2012 with a record profit of $41.7 billion and $156.5 billion in revenue. In comparison, The six companies mentioned above combined for a total profit of $34.4 billion. Furthermore, Dell, Intel, Acer, ASUS, IBM, HP, and Lenovo — nearly the entire PC industry — profited a total of only $19.4 billion combined.


Perspective Interesting that Walmart is number 7 (2.3%)
"A report out this morning pegs Amazon with a whopping 14% share of all daily Internet users — almost twice the nearest competitor (Ebay). And this number does not include all shopping sites absorbed by the growing Amazon empire. The original report has interesting graphics comparing Amazon to other retailers like Best Buy."


For my Website class. Making Google work for you.
November 26, 2012
Google FAQ - Keywords and search queries
"One of the best ways to ensure that your site appears for particular user queries is to make sure that your article naturally contains the words, names, and figures that are central to a particular news story. If you create an information-rich site that clearly and accurately describes your topic, you will improve your chances of appearing in our search results for relevant queries. Our crawler also makes use of a Google-specific metatag to help determine how to best classify your content. By implementing the news_keywords metatag you can specify which keywords are most relevant to your articles."


For my Statistics students – sampling in (almost) real time! Very interesting data display.
US electoral compass: how do political priorities change from state to state?
Social media monitoring experts Brandwatch have designed a radial representation of the variation in US electoral priorities by state. Using data from Twitter and online news websites, Brandwatch measured the proportion of Tweets and press discussions concerning each of 30 policy areas. Every topic was then assigned a percentage score for news articles or Tweets about each presidential candidate, and all 30 were ranked according to the proportion of discussions they featured in. Select a state and date range to filter the data, and move your cursor over a figure for more information. Policy areas are ranked on the right.


If we were to teach this, which school would it be in? Psych? Business? Computer Science?
The Rising Science Of Social Influence — How Predictable Is Your Online Behaviour?
… Recent developments and interest in academic research confirm that the study of social influence is a well-posted scientific problem. As online social networks become mainstream, their data allows scientists and companies to gain previously unprecedented insights into social phenomena. Nine out of ScienceDirect’s top 25 academic papers in Computer Science study human behaviour on online social networks. This summer Science, one of the most prestigious and hardest-to-get-into academic journals featured an article on identifying influential and susceptible members in social networks. And in addition there is a growing number of scientific meetings devoted to the study of online influence.


I have a problem with labeling education materials as K-12 or Elementary School or College level. Should you stop reading Mark Twain when you hit 18?
Monday, November 26, 2012
200+ Free Video Lessons, Apps, and eBooks for K-12
One of my favorite blogs, Open Culture, has long cataloged free and open resources for post-secondary education. Today, they launched a new collection of more than 200 free video lessons, apps, ebooks, and websites for K-12 students and teachers. The collection includes some of the usual suspects like Khan Academy, the Library of Congress, and NASA. The collection also includes some items that were new to me like this Shakespeare app and this Google Earth for science teachers resource.
[Some examples:
Bartleby.com Gives you access to free online classics of reference, literature, and nonfiction, including Strunk & White’s Elements of Style, The World Factbook, The Oxford Shakespeare, and The King James Bible.
CK-12: This non-profit provides “open textbooks” for K-12 students all over the world.
OER Commons: Discover a meta collection of free textbooks that can be sorted by subject and grade level.
iTunesU: Apple provides hundreds of free courses, lectures and academic talks, mostly suitable for older students. The easiest way to access the courses available on iTunesU is to visit our collection of 550 Free Online Courses from Top Universities.

(Related)
"When it comes to programming, the classroom is moving online. A new wave of start-ups has burst onto the scene over the last year, bringing interactive lessons and gamification techniques to the subject to make coding trendy again. From Codecademy — and its incredibly successful Code Year initiative — to Khan Academy, Code School and Udacity, online learning is now sophisticated and high-tech — but is it good enough to replace the classroom? 'We are the first five or six chapters in a book,' says Code School's Gregg Pollack in this exploration of online code classes, but with the number of sites and lessons growing by the week that might not be the case for long."

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)