What would be the minimum level of
Cyber Attack that warranted a Cyber Reply? Would any level (e.g.
shutting down the New York Stock Exchange) merit a conventional
military reply?
"An official investigation into
a major cyber attack on South Korean banks and broadcasters last
month has determined that North
Korea's military intelligence agency was responsible. An
investigation into access records and the malware used in the attack
pointed to the North's military Reconnaissance General Bureau as the
source, the Korea Internet and Security Agency (KISA) said on
Wednesday. To spread the malware, the attackers went through 49
different places in 10 countries including South Korea, the
investigation found. The attacks used malware that can wipe the
contents of a computer's hard disk (including Linux machines) and
damaged 48,700 machines including PCs, ATMs, and servers."
An Ethical Hacker tool. Or as North
Korea might see it, a Target Aquisition tool...
"This is an article about a
search engine that is designed to look
for devices on the net that are not really intended to be viewed and
used by the general public. Devices include pool
filters, skating rink cooling system, and other goodies. 'Shodan
runs 24/7 and collects information on about 500 million connected
devices and services each month. It's stunning what can be found
with a simple search on Shodan. Countless traffic lights, security
cameras, home automation devices and heating systems are connected to
the Internet and easy to spot. Shodan searchers have found control
systems for a water park, a gas station, a hotel wine cooler and a
crematorium. Cybersecurity researchers have even located command and
control systems for nuclear power plants and a particle-accelerating
cyclotron by using Shodan. ... A quick search
for "default password" reveals countless printers,
servers and system control devices that use "admin" as
their user name and "1234" as their password.
Many more connected systems require no credentials at all — all you
need is a Web browser to connect to them.'"
Will we see more reports or will this
actually help to stop identity theft?
Joe Mont reports:
The Securities and
Exchange Commission on Wednesday adopted rules requiring
broker-dealers, mutual funds, investment advisers and other
“financial institutions” and “creditors” to adopt programs
for detecting and responding to cases of identity theft.
The
rules, adopted jointly with the Commodity Futures Trading
Commission also apply to the futures commission merchants, retail
foreign exchange dealers, commodity trading advisors, commodity pool
operators, swap dealers, and major swap participants that agency
oversees.
Read more on Compliance
Week.
[From the article:
Required programs must have policies
and procedures designed to: identify relevant types of identity theft
red flags; detect the occurrence of those red flags; respond
appropriately; and periodically update the identity theft program.
Why didn't they listen to their
auditors or lawyers?
Marino Eccher and Mary Divine report:
Brooke Bass spent
her legal career looking out for the best interests of police
officers.
They were looking
out for her, too, her lawyer says — but in a different way.
In the past eight
years, more than 100 entities across Minnesota — nearly all of them
law enforcement — accessed Bass’s private driver’s license
information more than 700 times, her attorney said.
That would make
her the subject of the biggest privacy breach to date in the state’s
increasingly broad and increasingly expensive license-data debacle.
Read more on Pioneer
Press.
Given how rampant the breaches have
been with this database, it will be interesting to see what happens
with statutory awards. This could be very costly for the state, but
I think it needs to be because they knew they had
problems and never really dealt with the access problems effectively
or seriously. Maybe if this really costs them, other
state agencies and other states will take this issue more seriously.
Questions for e-lawyers?
"As the age of autonomous cars
and drone surveillance draws nearer, it's reasonable to expect
government to increasingly automate enforcement of traffic laws. We
already deal with red light cameras, speed limit cameras, and special
lane cameras. But they aren't widespread, and there are a host of
problems with them. Now, Ars reports on a group of academics who are
attempting
to solve the problem of converting simple laws to machine-readable
code. They found that when the human filter was removed from the
system, results became unreasonable very quickly. For example, if
you aren't shy about going 5 mph over the limit, you'll likely break
the law dozens of times during an hour of city driving. On the
freeway, you might break it continuously for an hour. But it's
highly unlikely you'd get more than one ticket for either
transgression. Not
so with computers (PDF): 'An automated system, however, could
maintain a continuous flow of samples based on driving behavior and
thus issue tickets accordingly. This level of resolution is not
possible in manual law enforcement. In our experiment, the
programmers were faced with the choice of how to treat many
continuous samples all showing speeding behavior. Should
each instance of speeding (e.g. a single sample) be treated as a
separate offense, or should all consecutive speeding samples be
treated as a single offense? Should the duration of time
exceeding the speed limit be considered in the severity of the
offense?' One of the academics said, 'When you're talking about
automated enforcement, all of the enforcement has to be put in before
implementation of the law—you have to be able to predict different
circumstances.'"
Anti-social media? They clearly have
the “influence people” part down pat, it's the “win friends”
bit that needs more work...
Prosecutors in
Gothenburg have decided to file criminal charges against two teen
girls believed to be behind a “slut-shaming” account on Instagram
that caused local teenagers to riot last year.
Speaking with the
Svenska Dagbladet (SvD) newspaper, prosecutor Annika Boman said she
had decided to charge two girls, aged 15 and 18, with aggravated
defamation.
“Charges will
likely be formally filed at the end of April, but it may also take
longer. New information may emerge in the investigation,” she told
the newspaper.
Around 85 people
have been interviewed in the investigation, which was launched after
a mystery Instagram user took to the popular photo-sharing site to
“shame” male and female “teen sluts” in Gothenburg by
publishing pictures of them together with information about their sex
lives.
A riot ensued in
December 2012, as hundreds of high school students assembled outside
the Plusgynmasiet high school in an attempt to find the owner of the
anonymous Instagram account.
Read more on The
Local (Sweden).
[From the article:
Boman explained she must determine how
many of those who reported possible defamation crimes will end up
being included in the indictment, speculating that "not even
half" will make the cut.
(Related)
Toward the perfect e-Dossier?
Facebook
Will Peer Into Your Grocery Bag to Sell an Ad
Facebook has announced a new system
that lets advertisers target you based on what groceries you buy,
what car you drive, and what kind of phone you use. It’s just the
latest example of an emerging pattern at the social network –
follow the user all over the place to close more ad sales.
The bland name of Facebook’s new
“partner
categories” belies a bold mission: tying disparate real-world
data to Facebook’s online social graph. The system allows Facebook
advertisers to target groups of users based on loyalty card usage at
grocery stores and elsewhere, based on public records like auto
registration, and based on email addresses consumers give out at
retail checkout registers. Facebook can access such information
because it has partnered with companies that have spent years
compiling the databases, including Acxiom, Datalogix, and Epsilon.
There’s no question advertisers like
to have “total informational awareness,” as this sort of
data hoarding is called in defense circles.
Does every government agency get to
write their own rules?
Nathan Freed Wessler of the ACLU
writes:
Everyone knows the
IRS is our nation’s tax collector, but it is also a law enforcement
organization tasked with investigating criminal violations of the tax
laws. New documents released to the ACLU under the Freedom of
Information Act reveal that the IRS Criminal Tax Division has long
taken the position that the IRS can read your emails without a
warrant—a practice that one appeals
court has said violates the Fourth Amendment (and we think most
Americans would agree).
Last year, the
ACLU sent a FOIA request
to the IRS seeking records regarding whether it gets a warrant before
reading people’s email, text messages and other private electronic
communications. The IRS has now responded by sending us 247
pages of records describing the policies and practices of its
criminal investigative arm when seeking the contents of emails and
other electronic communications.
Read more on ACLU.
(Related) “We can, therefore we
must”
While the IRS claims it can read your
emails without a warrant, Washington police argue that law
enforcement can read your text messages without a warrant. From EFF:
The Electronic Frontier Foundation
(EFF) urged the Washington State Supreme Court Monday to recognize
that text messages are “the 21st Century phone
call” and require that law enforcement officers obtain a
warrant before reading texts on someone’s phone.
“Text messages are a ubiquitous form
of communication, and their context can be as private as any
telephone conversation,” said EFF Staff Attorney Hanni Fakhoury.
“We use texts to talk to our wives and husbands, our kids, our
co-workers, and more. Police should not be able to sift through
these personal exchanges on a whim – they must show probable cause
and get a warrant before accessing this information.”
In this case, police seized a cell
phone during a drug investigation and monitored incoming messages.
Officers responded to several texts, setting up meetings that
resulted in two arrests, without first getting a warrant.
Prosecutors have argued that no warrant was required because there
should be no expectation of privacy in text messages, as anyone can
pick up someone else’s phone and read what’s stored there. But
in two related amicus briefs filed Monday, EFF argues that searching
the phone for the texts without a warrant clearly violates the
Constitution.
“The state argues that just
because someone can intercept a communication, you should reasonably
expect that communication to be intercepted. That’s a
dangerous way to interpret the Fourth Amendment,” said Fakhoury.
“The prosecutors’ theory would eviscerate any privacy protections
in the digital age. We’re asking the Washington State Supreme
Court here to recognize what’s at stake and to require a warrant
before allowing officers to read text messages on a cell phone.”
Venkat Balasubramani of FOCAL PLLC in
Seattle, Washington, served as EFF’s local counsel in the cases.
For the full amicus briefs:
https://www.eff.org/cases/washington-state-text-message-privacy-cases
There ought to be a law... and here is
where you can find it?
April 10, 2013
New
Website for State Online Legal Information
Via Emily Feltren, AALL: "The
Digital
Access to Legal Information Committee (DALIC) has created a new
website to host information about the status of online legal
materials in every state with respect to authentication, official
status, preservation, permanent public access, copyright, and
universal citation. The new website brings together information from
AALL’s
National Inventory of Legal Materials and updates AALL’s
Preliminary Analysis of AALL’s State Legal Inventories, 2007
State-by-State Report on Authentication of Online Legal Resources,
and 2009-2010
State Summary Updates. State pages will be updated as
information changes. DALIC members will monitor the site and
periodically check in with AALL’s state working groups to ensure
the accuracy of the information."
Now that the court has held it is legal
to send broadcast TV over the Internet (at least the way they do it)
the networks seem to be going crazy. What revenue are they actually
losing?
"In response to Aereo's
recent win allowing per-user over-the-air antenna feeds to remote
devices, Fox COO Chase Carey said, 'We
need to be able to be fairly compensated for our content. This is not
an ideal path we look to pursue [...],' that path being a switch
to a subscription model. Spanish-language stalwart Univison may join
Fox, per CEO Haim Saban. Aereo replied, in part, 'When broadcasters
asked Congress for a free license to digitally broadcast on the
public's airwaves, they did so with the promise that they would
broadcast in the public interest and convenience, and that they would
remain free-to-air. Having a television antenna is every American's
right.' A switch to a pay-TV subscription model would stymie Aereo
but could hurt affiliate stations."
(Related)
CBS
joins Fox in considering subscription-only model
Perspective. It used to be that each
new Operating System was an improvement over the old.
"IDC says Windows 8 is partly
to blame for PC sales suffering
the largest percentage drop ever. 'As if that news wasn't'
troubling enough, it appears that a pivotal makeover of Microsoft's
ubiquitous Windows operating system seems to have done more harm than
good since the software was released last October.' According to a
ZDNet article, IDC originally expected a drop, but only
half the size."
Worth browsing...
April 10, 2013
OCLC
- MOOCs and Libraries Event Videos Now Available
Via
OCLC: "The "MOOCs
and Libraries: Massive Opportunity or Overwhelming Challenge?"
event took place 18-19 March at the University of Pennsylvania and
was broadcast live online. Hosted by OCLC Research and University of
Pennsylvania Libraries, the event featured thoughtful and provocative
presentations about how libraries are already getting involved with
MOOCs, and engaged attendees in discussions about strategic
opportunities and challenges going forward. More than 500 people
participated in this event: 125 attended in person and more than 400
attended remotely online." Links to the 11 individual videos
and a MOOCs
and Libraries video playlist that comprises all of these videos
are available at the links below, on the MOOCs
and Libraries event page, and on the OCLC
Research YouTube Channel. Look to the OCLC Research blog,
HangingTogether, for a
short series of postings that recap presentation highlights and
summarize outcomes from this event."
Indicates there are lots of programs
I'm not aware of...
SCIENCE
TECHNOLOGY, ENGINEERING, AND MATHEMATICS EDUCATION
In fiscal year 2010, 13 federal
agencies invested over $3 billion in 209 programs designed to
increase knowledge of science, technology, engineering, and
mathematics (STEM) fields and attainment of STEM degrees.
… Eighty - three percent of the
programs GAO identified overlapped to some degree with at least 1
other program in that they offered similar services to similar target
groups in similar STEM fields to achieve similar objectives.
Is the world ready for “The Collected
Wit and Wisdom of Centennial-man?”
NOOK Media, a subsidiary of Barnes &
Noble, Inc., announced yesterday the launch of NOOK
Press, a new and free self-publishing platform in which authors
can write, edit, collaborate, and publish high-quality e-books and
distribute them to millions of readers via NOOK Books and Nook
e-readers.
… NOOK Press allows independent
publishers and authors to use its online services to write, edit and
format new and existing manuscripts, collaborate with colleagues, and
monitor the sales of their self-published e-books. E-books published
through the platform are sold through NOOK Bookstores, and are made
available on BN.com, NOOK.co.uk, NOOK devices, and the free NOOK
e-reading software for Android, iPad, iPhone, Windows 8, Mac, and PC.
No comments:
Post a Comment