Doesn't anyone read these cautionary
tales?
By Dissent,
December 12, 2012 7:56 am
Danny Garcia reports
on some good news for Miami Family Medical Centre in
Australia. As I previously noted, their patient
records had been encrypted by an overseas hacker who was
demanding ransom to give them the encryption key:
Garcia reports that Essential IT
Services, a Gold Coast based reseller, was able to
get them back into their data.
One of the take-home messages from this
incident was that you
should not leave your backups on the same server and connected to the
Internet. The medical
center had backups, but they, too, had been locked.
“The backup
system in place was pretty good but the recovery of the data and
getting them up and running has been a bit of a job”, said Jason
Fillmore, who is the managing director at the reseller firm.
Fillmore said
hackers have not left a single stone unturned to make the case
complicated. But, it was great to know that their
client has recorded their backups on DAT as well. [I suspect this
means Digital Audio Tape, but that makes me wonder why it wasn't
mentioned in earlier articles. (Perhaps management didn't know?)
Bob] Work is going to repair the system, said Fillmore,
who affirmed that the centre system will be fully operational by next
week. It means that the centre will be back after one week, which is
after two weeks of attack.
Are we fighting “virtual crime
syndicates?” A multi-jurisdiction investigation must take some
serious coordination, or do we wait until the arreats to tell other
countries?
Facebook
helps FBI take down $850M botnet crime ring
Facebook helped the FBI take down an
international crime ring that used a botnet to infect 11 million
computers and steal more than $850 million, one of the largest
cybercrime hauls in history.
… The FBI said the arrests occurred
in Bosnia and Herzegovina, Croatia, Macedonia, New Zealand, Peru, the
United Kingdom, and the United States.
… The FBI did not elaborate on how
it arrived at its $850 million theft figure, but that haul easily
dwarfs the Eurograbber, which was revealed last week to have stolen
about $47 million from European banking customers in the past
year. The Yahos spoils also surpass the take by the Zeus botnet
crime ring, which infected an estimated 13 million computers with
malware to steal
more than $100 million.
“This way to the egress!” (The
victory of curiosity over common sense?)
"QR codes are very handy for
directing users to specific sites by simply scanning them with their
smartphones. But the ease with which this technology works has also
made it a favorite of malware peddlers and online crooks, who have
taken to including QR codes that lead to malicious sites in spam
emails. They have also begun using the same tactic in the physical
world, by printing
out the malicious QR codes on stickers and affixing them on
prominent places in locations where there is a lot of foot traffic.
According to Symantec Hosted Services director Warren Sealey, these
locations include airports and city centers, where the crooks stick
them over genuine QR codes included in advertisements and
notices, and most likely anywhere a person might look and be tempted
to scan them."
For my Ethical Hackers...
"Darren Nix works for 42Floors,
a business that uses its website to help people find office space.
He recently received a marketing email for a service that offered to
identify visitors to his website. After squeezing some information
out of the marketer and playing around with a demo account, he now
explains exactly how
sketchy companies track your presence across multiple websites.
The marketer offered to provide Nix with 'tracking code that would
sit in your web site' which would 'grab a few key pieces of data from
each visitor.' This includes IP addresses and search engine data.
The marketer's company would then automatically analyze the data to
try to identify the user and send back whatever personal information
they've collected on that user from different websites. Thus,
it's entirely possible for a site to know your name, email address,
and company on your very first visit, and without any interaction on
your part. Nix writes, 'A real-world analogue
would be this scenario: You drive to Home Depot and walk in.
Closed-circuit cameras match your face against a database of every
shopper that has used a credit card at Walmart or Target and
identifies you by name, address, and phone. If you happen to walk
out the front door without buying anything your phone buzzes with a
text message from Home Depot offering you a 10% discount good for the
next hour. Farfetched? I don't think so. ... All
the necessary pieces already exist, they just haven't been combined
yet.'"
What should we adopt, what should we be
wary of?
December 11, 2012
Privacy
International - A New Dawn: Privacy in Asia
"Privacy has truly become an issue
of global resonance. A quick glance at policy agendas in countries
around the world shows that privacy and surveillance issues are
increasingly important. The challenge, however, is improving the
ability of governments and policy stakeholders to engage in a policy
debate that is informed about the dangers of surveillance and the
importance of protecting privacy. This is the primary objective of
our Privacy in the Developing World programme. In this report, A
New Dawn: Privacy in Asia, we summarise our partner’s research
into privacy in developing countries across Asia. The experiences of
privacy in these countries are illustrative of the many opportunities
for and challenges to the advancement of privacy, not only the
developing world but across the world. Click here
for individual country reports for India, Pakistan, Bangladesh,
Indonesia, Nepal, Malaysia, Thailand, Hong Kong, China and the
Philippines."
Always was a fan of Science Fiction.
Fortunately, I speak enough Japanese to order beer...
"Yesterday the National
Intelligence Council (NIC), which is made up of 17 U.S. government
intelligence agencies, released the 140-page report Global
Trends 2030 Alternate Worlds. In all four
of the alternative visions of the future, U.S. influence declines
and it may be regarded more as a 'first among equals.' By 2030, the
West will be in decline and Asia will wield more overall global power
than the U.S. and Europe combined. 'China alone will probably have
the largest economy, surpassing that of the United States a few years
before 2030,' the report states. 'Megatrends' include an overall
reduction of poverty and the 'growth of a global middle class.' NIC
also sees a potential world of scarcities as the demand for food and
water increase as the world's population swells from 7.1 billion to
8.3 billion people. Advances in health technologies will help people
live longer, but 60% of the world's population is expected to live in
an urban environment. The report also addresses technological
augmentation: 'Successful prosthetics probably will be directly
integrated with the user’s body. Brain-machine interfaces could
provide “superhuman” abilities,enhancing strength and speed, as
well as providing functions not previously available.'"
Another “Asian power” rising? “Oh
look, the maniac has a gun and has shown us he can use it.”
virtualXTC writes with news that North
Korea, in defiance of international pressure to halt development and
testing of long-range weaponry, launched
a multi-stage rocket which successfully followed its intended
trajectory. The North Korean government claims
a weather satellite was placed into orbit. [They
also claimed that the Onion article naming Kim Jong Un the sexest man
alive was fact. Bob]
"South
Korea has confirmed the launch time, and Japan has confirmed that
the rocket went over Okinawa. Two stages of the rocket have
successfully avoided other countries and fallen into the sea. While
it is still unconfirmed as to whether or not North Korea actually put
a satellite into orbit, it seems clean that sanctions have failed to
curb North Korea's quest for more powerful weaponry."
Stupid law. “There is a 0.0000001
chance that you will use this to pirate copyrighted material, so you
should pay us the same fee we collect on a sale.” Perhaps I should
calculate the odds of me winning a lawsuit against the RIAA and
asking them to pay me the full amount now...
"Depending on where you are in
the world, blank media may have a secondary tax applied to it. It
seems ludicrous that such a tax even be considered, let alone be
imposed, and yet an Austrian rights group called IG Autoren isn't
happy with such a tax covering just physical media; it
wants cloud storage included, too. At the moment, consumers in
Austria only pay this tax on blank CDs and DVDs. IG Autoren wants to
expand that to include the same range of media as Germany, but also
feels that services
like Dropbox, SkyDrive, Google Drive etc. all fall under the blank
media banner because they offer storage,
and therefore should carry the tax — a tax
consumers would have to pay on top of the existing price of each
service."
(Related) Useless law. Note that this
doesn't actually provide any protection from lawsuits, at least in
Canada.
"Ars Technica reports that
Voltage Pictures, the studio behind the infamous Hurt
Locker debacle,
has requested
subscriber information for thousands of TekSavvy customers in
relation to alleged copyright infringements. In their official blog,
TekSavvy clarifies the situation and provides further reassurance
that they
will not release any private customer information without a court
order. They have also posted the
legal documents containing both the official notice and list of
films that are the subjects of the alleged infringements. However,
several questions remain to be answered: will Canadian courts be
amicable to these tactics after changes to copyright law were made
specifically to prevent the predatory legal entanglement of Canadian
citizens? Will the studio actually attempt to pursue the situation
beyond the proliferation of threatening extortion letters? How would
the already-clogged courts react to what amounts to denial-of-service
attack on the judicial system?"
It's annoying, but it's not yelling
“Fire!” In a crowded theater. If they loose, will I be able to
use the ruling to block those annoying political ads?
"ccAdvertising, a company
purported to have 'a long,
long, long history of pumping spam out of every
telecommunications orifice, and even boasting of voter suppression'
has asked
the FCC to declare spam filters illegal. Citing
Free Speech rights, the company claims wireless carriers should be
prohibited from employing spam filters that might block
ccAdvertising's political spam. Without stating it
explicitly, the filing implies that network neutrality must apply to
spam, so the FCC must therefore prohibit spam filters (unless
political spam is whitelisted). In an earlier
filing, the company suggests it is proper
that recipients 'bear some cost' of unsolicited political speech
sent to their cell phones. The public can file comments with the FCC
on ccAdvertising's filing online."
Perspective Any bets on how many
providers will use this in their advertising?
"Netflix will start releasing
monthly ISP speed reports for the U.S. Google Fiber ranks at the
top. They say, 'Broadly, cable shows better than DSL. AT&T
U-verse, which is a hybrid fiber-DSL service, shows quite poorly
compared to Verizon Fios, which is pure fiber. Charter moved down
two positions since October. Verizon mobile has 40% higher
performance than AT&T mobile.' Hopefully
this will give consumers a better overall picture on how their ISP
performs compared to others."
Perspective
December 11, 2012
Pew
- The Demographics of Mobile News
The
Demographics of Mobile News Habits Men, College Grads and the Young
are more Engaged, December 11, 2012: - Younger Americans
demonstrate much stronger news habits in the mobile realm than on
other news platforms, according to a new study by PEJ in
collaboration with The Economist Group. Another finding, with
potentially significant implications for the news industry, reveals
that younger users are more responsive than other age groups to
advertisements in the mobile news space... Overall, news
consumption ranks high on mobile devices. Over a third report
getting news daily on the tablet and the smartphone, putting it on
par with other activities such as email and playing games on tablets
and behind only email on smartphones. The popularity of news remains
strong across all demographic groups studied, but is especially
prevalent among men and the college educated. On the
smartphone, differences also emerge in age and income."
Dilbert provides counterpoint for my
Statistics students.
No comments:
Post a Comment