What part of their security strategy
covers contacting customers? I find it hard to understand why anyone
would want to keep what is at least in part “customer service” a
secret. (And today you should assume everyone you contact is a
blogger.)
Yesterday morning, I received a call
from an 800-number that was only identified on my Caller ID as
“Toll-Free.” I didn’t pick up, but Googled the number and
found pages of reports, many of which suggested that the number,
presumably for Chase Fraud Detection, was a scam. Others claimed it
was for real. Not very reassuring.
An hour later, I received another call
from the same number. Knowing my husband had made two atypical ATM
withdrawals in the past 24 hours, this time I picked up. It was an
automated system that knew my husband’s name. It asked me to
verify my identity by entering my zip code. I hung up and called the
number on the back of my Chase debit card and asked for security and
fraud department.
It turns out that the call was for real
and they were attempting to verify the charges. The person I spoke
with assured me that the (800) 355-5265 number was their authorized
number for such calls.
Given how many phishing scams there are
and the possibility of spoofing numbers, the way Chase handles this
is not particularly wise, in my opinion. At the very least, the
caller ID should show Chase as the caller and not “Toll-Free.”
Even better, they should have an identified number that calls the
customer and says, “We are trying to reach you to verify certain
unusual charges on your card. Please call the number on the back of
your ATM card and ask for the fraud and security department. If you
can’t locate your card, call Chase’s main number, which you can
verify online, and ask for the fraud and security department.” Of
course, it would help if they actually put a dedicated phone number
on the back of the ATM card, too.
I related all of the above to the Chase
representative. I somehow doubt it will do any good, but really,
their system is not a good one in this day and age.
Update: This seems to
be a long-standing problem with Chase:
https://www.cs.columbia.edu/~smb/blog/2007-11/2007-11-16.html.
So why haven’t they addressed these security concerns? [Corporate
inertia Bob]
For my Security Manager (and my Comuter
Security students) who must notify students if there is a “problem”
on campus...
People set their phones to silent or
vibrate mode when in meetings, lectures, theaters, or anywhere else
where it would be rude if the phone made noise. But what if there’s
an emergency
and someone needs to quickly get in touch with you? We’ll show you
how to have your Android phone override silent mode and play an alert
when a text message containing something like “Emergency” or
“SOS” comes through.
Think this might happen?
Orin Kerr has more on the call for the
Supreme Court to tackle
the issue of cell phone searches:
Two weeks ago,
when DOJ
petitioned for rehearing en banc in United
States v. Wurie, the Fourth Amendment case on searching cell
phones incident to arrest, I
wrote that the petition for rehearing was a possible preview of a
future DOJ cert petition:
I wouldn’t be
surprised if this filing offers us a preview of a future cert
petition. The arguments in the petition resemble the kinds of
arguments that would be made in a cert petition to the Supreme Court,
and en banc review is relatively rare in the 1st Circuit. Plus,
Deputy SG Michael Dreeben argued Wurie before the original panel.
Filing a petition for rehearing may also be a way of keeping other
cases out of the Supreme Court in the short term; the possibility
of en banc review arguably keeps Wurie out of the split count.
Either way, stay tuned.
Well, the denial
of rehearing didn’t take long: Today the
First Circuit denied rehearing en banc. Notably, both Chief Judge
Lynch and Judge Howard authored separate statements asking the
Supreme Court to step in and review the issue.
Read more on The Volokh
Conspiracy
What would have prevented or mitigated
this? How would a manger know that this was anything other than a
normal review?
Tim Evans reports:
A Marion County
jury Friday awarded a woman $1.44 million after finding Walgreens and
a pharmacist violated her privacy when the pharmacist looked up and
shared the woman’s prescription history.
The lawsuit filed
in Marion Superior Court spun out of a tangled relationship between
the pharmacist, her husband and the man’s ex-girlfriend.
The verdict and
seven-figure award came at the conclusion of a four-day jury trial.
Read more on IndyStar.
Note that in this case, Walgreens was held liable for the conduct of
its employee. Walgreens has stated its intent to appeal.
Novel idea. No problem with the
search, but pay us for our time.
Apple
slapped with lawsuit over mandatory employee bag checks
Apple's policy of requiring its retail
store employees to undergo two mandatory bag searches per day has now
become grounds for a class action lawsuit.
Two former workers from Apple stores in
New York and Los Angeles filed a complaint in San Francisco federal
court on Thursday regarding this policy. These employees claim that
they had to stand in lines up to 30 minutes long every day for store
managers to check their bags and ensure they weren't smuggling home
stolen goods.
Adding up these daily waits, the
employees say they were deprived of dozens of hours of unpaid wages,
which totaled about $1,500 per year.
(Related) Another novel idea. I like
this one.
In a recent
decision, the Higher Regional Court of Hamburg (Oberlandesgericht
Hamburg) held that a privacy policy on a website which is not
compliant with the legal requirements under data privacy law
constitutes a breach of the German
Act Against Unfair Competition (Gesetz gegen den unlauteren
Wettbewerb – “UWG”) (decision dated 27 June 2013, case
number 3 U 26/12). This decision may not only have consequences for
German businesses but also for non-EU companies with German customers
or subsidiaries in Germany.
Read more on Hogan Lovells Chronicle
of Data Protection.
The economy is changing
being redefined. Does this have implications for future tax policy?
I have no idea.
McKinsey
– Measuring the full impact of digital capital
Measuring
the full impact of digital capital July 2013 | byJacques Bughin
and James Manyika
“On July 31, 2013, the US Bureau of
Economic Analysis will release, for the first time, GDP figures
categorizing research and development as fixed investment. It
will join software in a new category called intellectual-property
products. In our knowledge-based economy, this is a sensible
move that brings GDP accounting closer to economic reality. And
while that may seem like an arcane shift relevant only to a small
number of economists, the need for the change reflects a broader
mismatch between our digital economy and the way we account for it.
This problem has serious top-management implications. To understand
the mismatch, you need to understand what we call digital capital—the
resources behind the processes key to developing new products and
services for the digital economy. Digital capital takes two forms.
The first is traditionally counted tangible assets, such as servers,
routers, online-purchasing platforms, and basic Internet software.
They appear as capital investment on company books. Yet a large and
growing portion of what’s powering today’s digital economy
consists of a second type of digital capital—intangible assets.
They are manifold: the unique designs that engage large numbers of
users and improve their digital experiences; the digital capture of
user behavior, contributions, and social profiles; the environments
that encourage consumers to access products and services; and the
intense big-data and analytics capabilities that can guide operations
and business growth. They also include a growing range of new
business models for monetizing digital activity, such as patents and
processes that can be licensed for royalty income, and the brand
equity that companies like Google or Amazon.com create through
digital engagement.”
Who says there's nothing new under the
sun?
How
Category Creation Is Reinvigorating Classical Music
… the demand for classical music
was dying, at least in the traditional way. Symphonies were bleeding
money and becoming even more dependent on donations. Younger music
fans seemed less interested in paying for expensive tickets, wearing
fancy clothes, and committing two to three hours listening intently
without coughing or falling asleep. For a generation that's come of
age in the YouTube world, symphonies feel like an inefficient form of
entertainment.
This is where folks like the
Piano Guys may be saving classical music. They have
created
a new category for classical music: Fun, breakthrough innovation
in the form of five minute videos that showcase their classical music
skills, but also their CGI skills in creating fun, funny and funky
parodies. Instead of selling tickets, they post their videos and
sell advertising. (They also use the traditional model of selling
CDs — they were just signed by Sony last year.) If you haven't
seen the Piano Guys, watch a few of their videos and you may be
hooked. You'll laugh at their Star
Wars parody, be amazed at their
rendition of Pachelbel's Canon, or cry at their Les
Miserable tribute to our men and women in uniform...but I
guarantee you won't fall asleep.
Perspective. For my “Intro to”
students (Probably hundreds of Infographics each second too)
Infographic:
The Amount Of Online Activity That Goes On Every 60 Seconds
To
give us an idea on how fast and big the internet truly is,
Qmee
has created an infographic that shows us the amount of online
activity that goes on every 60 seconds.
According
to infographic ‘Online in 60 Seconds’, there are 2 million
searches on Google, 72 hours of videos uploaded onto YouTube, 42
thousands post every second and 1.8 million likes on Facebook, and
204 million emails sent every minute.
For my programming students...
… JavaScript has a wealth of
amazing tools and libraries, and if you use CoffeeScript, you can
make brilliant websites and tools without dealing with syntax which
makes your corneas bleed. It’s also CoffeeScript’s time to
shine, as more and more beginners look to JavaScript for their first
language due to its usage in client and back end web development, as
well as much of HTML5.
Aesthetically, CoffeeScript
looks and feels like Python or Ruby. It’s genuinely,
astonishingly beautiful, and adopts certain language conventions that
make it easy to learn.
… And yet, it compiles down to
JavaScript, allowing you to use it everywhere you use it, including
front end development and node.js. You can even use it with
jQuery.
… it’s probably a good idea to
grab it using the Node Package
Manager. The Node Package Manager (npm) is a little bit like
apt-get or Brew, but is only really used for getting Javascript
packages and libraries. Handily, NPM comes with node.js and is
available for OS X, Windows and all flavors of Linux.
For all my students... Please!
… Etiquette is an important social
construct that we tend to forget or ignore, but I would argue that
etiquette has never been more important
than now.
… Technology etiquette could easily
fall under the topic of “common sense” yet there are many who
remain ignorant
… There are entire articles
dedicated to etiquette
tips for email.
For the Swiss Army Software folder.
Lucid
Chart Now Works Offline - Create Mind Maps Offline
Lucidchart
is a nice tool for creating flowcharts, mindmaps, and graphic
organizers. Lucidchart offers a simple drag and drop interface for
creating flow charts, organizational charts, mind maps, and other
types of diagrams. Google Chrome users can now use Lucidchart
offline through the Lucidchart
Chrome app.
Lucidchart
charges business customers, but makes all of their tools free
for teachers and students.
...'cause you can never have enough
content.
… More Sites Like … allows you
to find all kinds of sites based on any other website.
To use the site, you simply type in a
search term or the URL of a website you want compared. It will show
you a list of websites based on the search term or URL, ranked by
popularity and similarity,
[Also see:
http://www.similarsites.com/
No comments:
Post a Comment