Wednesday, March 20, 2013


North Korea regularly creates “border incidents” ranging from infiltrators to artillery barrages, where would this fall in the “not quite at the level where South Korea needs to respond massively?"
South Korea raises alert after hackers attack broadcasters, banks
South Korean authorities were investigating a hacking attack that brought down the servers of three broadcasters and two major banks on Wednesday, and the army raised its alert level due to concerns of North Korean involvement.
Servers at television networks YTN, MBC and KBS were affected as well as Shinhan Bank and NongHyup Bank, two major banks, the police and government officials said.  At least some of the computers affected by the attacks had some files deleted, according to the authorities.
"We sent down teams to all affected sites.  We are now assessing the situation.  This incident is pretty massive and will take a few days to collect evidence," a police official said.
The banks have since restored their operations, but the TV stations could not say when they would be able to get their systems back up.  Some workers at the stations could not boot their computer.
   South Korea's military said it was not affected by the attack but raised its state of readiness in response. None of the country's oil refineries, power stations, ports or airports was affected.
   North Korea has in the past targeted South Korea's conservative newspapers, banks and government institutions.

(Related)  Of course, it’s considered rude to start a war and then say, “Oops!”  
South Korea network attack 'a computer virus'


Always interesting, but I don't think I would go this far...
"Security guru Bruce Schneier contends that money spent on user awareness training could be better spent and that the real failings lie in security design. 'The whole concept of security awareness training demonstrates how the computer industry has failed. We should be designing systems that won't let users choose lousy passwords and don't care what links a user clicks on,' [Agreed, but we should also tell people why we did it that way... Bob] Schneier writes in a blog post on Dark Reading. He says organizations should invest in security training for developers. He goes on, '... computer security is an abstract benefit that gets in the way of enjoying the Internet. Good practices might protect me from a theoretical attack at some time in the future, but they’re a bother right now, and I have more fun things to think about. This is the same trick Facebook uses to get people to give away their privacy. No one reads through new privacy policies; it's much easier to just click "OK" and start chatting with your friends. In short: Security is never salient.'"


As we expose what was secret, do we force the government to try to push information about their programs even further into the “Black?”
Mark Rumold of EFF writes:
In a brief filed on Friday (PDF), EFF continued its fight against secret surveillance law, asking the D.C. Circuit Court of Appeals to order the release of a secret opinion of the Office of Legal Counsel (OLC).
The opinion was generated as part of a lengthy Inspector General investigation (PDF) into the FBI’s use of unconstitutional National Security Letters, so-called “exigent letters,” and other illegal methods of obtaining customer records. The OLC’s opinion provides the federal government with the authority to obtain private call-detail records in “certain circumstances,” without any legal process or a qualifying emergency, and despite federal laws to the contrary. So far, the DOJ has refused to disclose what those circumstances are, and has even refused to disclose the statute on which the government bases its purported authority.
Read more on Infosec Island.


What would the minimum required “evidence” be to send the cops on a “visit?”  Are we that over sensitive because of school shooting? 
Dad says Facebook photo of son with gun brought cops to house
   authorities in New Jersey … were allegedly alarmed by a Facebook photo of Josh Moore, aged 11, holding a .22 rifle
   The photo had been posted by his father, Shawn, to Facebook.  It showed Josh, in his camouflage outfit and rather bright sneakers.
Shawn Moore told his story to a forum on the Delaware Open Carry Web site.
He said he received a text from his wife that police and alleged members of the Department of Youth and Family Services had paid their home a visit.  It was, allegedly, not a social call.
Indeed, he posted a picture of police in what he describes as "tactical gear."
He says the authorities demanded to enter the house in Carneys Point, N.J., and check his guns.  His lawyer, on a cell phone speakerphone, was privy to all the discussions.
Moore insisted that he wouldn't open the safe where his guns are kept-- as no warrant was allegedly presented to him -- and that a lady from the Department of Youth and Family Services refused to identify herself.
The Associated Press says that neither the department nor the police were prepared to comment on the alleged visitation and its purpose.
Moore said none of his visitors had actually seen the photo.  He alleges they had merely received a phone call reporting its details.
The rifle was reportedly Josh Moore's 11th birthday gift.
   The more we insist on exposing who we are to people we don't know, the more hullabaloo seems to inevitably develop.  [I’ll be using that quote…  Bob]


Pro golfers have no expectation of privacy. Can I do the same to amateurs at my local public course? (Can you stop me?)
"In what seems like a surreal mixture of life imitating art, the Golf Channel has taken the wraps of a new camera drone. The hover camera appears to have 8 independent rotors supporting what looks like a gyro-stabilized HD camera. Though it is far from silent, the new drone will be on the course this week at the PGA Tour event taking place at Arnold Palmer Invitational at Bay Hill in Florida. No word on whether or not Lord Vader will be using these to monitor rebel activity on Hoth."

(Related)  Perhaps we should add “Drone Driving” to our Criminal Justice department? 
"Curricula and research projects related to drones are cropping up at both large universities and community colleges across the country.  In a list of 81 publicly-funded entities that have applied for a certificate of authorization to fly drones from the Federal Aviation Administration, more than a third are colleges...  Schools — and their students — are jockeying for a position on the ground floor of a nascent industry that looks poised to generate jobs and research funding in the coming years. 'We get a lot of inquiries from students saying, "I want to be a drone pilot,"' says Ken Polovitz, the assistant dean in the University of North Dakota's John D. Odegard School of Aerospace Sciences."


This will allow Amazon to start trading in “used” eBooks, right? Think of the negotiating advantage this gives them... Will we need an App to trace the chain of custody?
March 19, 2013
CDT - Big Win in Supreme Court Case on "First Sale"
CDT: "The Supreme Court issued a decision today that is a major win for everyone who relies on copyright law's "first sale" doctrine -- including the millions of Internet users who have flocked to Craigslist, eBay, and similar online tools to buy, sell, and "freecycle" all kinds of stuff. The case, Kirtsaeng v. Wiley, effectively asked the Court to consider whether copyright owners should fully control all downstream distribution of copyrighted items manufactured overseas. As CDT and technology industry allies explained in our legal brief in the case last summer, giving copyright owners this kind of indefinite stranglehold on foreign-made goods would be disastrous for everything from yard sales to libraries to the thriving online resale markets that are empowering individual Internet users and small businesses. It would mean that, before you could sell or even lend a legally purchased book (or DVD, or toy with a copyrighted logo, or device with built-in software, etc.), you would have to get the copyright holder's permission... In clear and decisive terms, today's decision confirms that, once you lawfully acquire a book or album or toy, you own it and can re-sell, lend, or give it away as you please. You don't have to try to determine where it was printed or manufactured before you put it up on Craigslist or eBay."

(Related)  Another dose of reality that the RIAA will simply ignore…
"European Commission's Institute for Prospective Technological Studies has published a study which concludes that the impact of piracy on the legal sale of music is virtually nonexistent or even slightly positive.  The study's results suggest that Internet users do not view illegal downloading as a substitute for legal digital music and that a 10% increase in clicks on illegal downloading websites leads to a 0.2% increase in clicks on legal purchase websites.  Online music streaming services are found to have a somewhat larger (but still small) effect on the purchases of digital sound recordings, suggesting a complementary relationship between these two modes of music consumption.  According to the results, a 10% increase in clicks on legal streaming websites leads to up to a 0.7% increase in clicks on legal digital purchase websites."  
It's worth noting that this study only measured the effect of piracy on online purchases, not on revenue from physical formats.

(Related)
March 19, 2013
Report - the reality of the public library ebook marketplace reflected in usage data from a selection of public libraries
Matt Weaver, Board member, Library Renewal, March 2013: "In order to serve our constituents with electronic content, libraries need to be able to understand how our collections are being used.  This paper aims to present library-centered usage data to help libraries make decisions with regards to e-content, and to counter media and industry hype.  Much has been written about the impact of major publisher changes on library lending, which are noted in the Sidebar. By looking at these events in the context of actual usage data, this report endeavors to demonstrate that a vendor-driven ebook model is neither extensible nor sustainable."


Just out of curiosity, how would you enforce this?  Perhaps there’s an App for that? 
Lionel De Souza writes:
The European Union’s Article 29 Data Protection Working Party (“WP29“), which consists of the 27 data protection authorities of the European Union Member States, has published its “Opinion on Apps in Smart Devices“, adopted on 27 February 2013 (the “Opinion“).
Read more on Hogan Lovells Chronicle of Data Protection.


Perspective.  Mobile replaces Cable?  More fun than texting while driving? 
ABC said to be developing live TV streaming mobile app


For my Intro to IT students...
The popularity of Android and iOS has put a target on their virtual backs. These operating systems are a new frontier for those who use malware to achieve nefarious goals. Many users don’t take security seriously and will happily download dangerous apps they’ve never dream of downloading to their PC.
App stores have hindered as much as they’ve helped. While they provide some policing, and remove known malware, they also lend a facade of credibility to everything they sell. Users assume apps have gone through rigorous testing, but that’s not true. You have to watch out for yourself – so here are warning signs to look for when grabbing a new app.


More places to look for the “perfect” textbook…
16 Companies Working On E-Textbooks Of The Future
The e-textbook movement stands to reshape instruction as new education technologies continue to fill classrooms via tablets and other mobile devices.
Meanwhile, the e-textbook market continues to evolve, and though many of the publishers’ names have remained the same, new players have emerged, and old companies are adopting new strategies.  Here are 16 names in e-textbooks that you should know about, as well as what each of them are doing to set themselves apart in a competitive new area of education:

No comments: