Probably too expensive. Insurance was
probably too expensive also.
Yesterday, federal prosecutors in
Brooklyn revealed that an international team of thieves had stolen
close to $45 million in the biggest ATM fraud case in history. The
heist required some hacking and a lot of orchestration, so news
organizations and police forces have been calling it high-tech and
"sophisticated."
Which it isn't, really! It's possible because the US--yes,
specifically the US--is wildly behind the times in terms of
transactional security, relying on a 50-year-old technology.
(Related) How will this change their
liability?
Dinesh Nair and Jessica Dye of Reuters
report that one of the card processors whose security was breached in
a $45 million global cyber heist was India’s ElectraCard
Services. No one has confirmed that officially, however, as
the sources spoke on condition of anonymity. You can read the
Reuter’s exclusive coverage here.
“We find it useful. Why would we
think it might be wrong?”
Amy Chozik and Ben Protess report on
what they NYT calls a privacy breach, but is also a security breach,
in my opinion:
A shudder went
through Wall Street on Friday after the revelation that Bloomberg
News reporters had extracted subscribers’ private
information through the company’s ubiquitous data
terminals to break news.
The company
confirmed that reporters at Bloomberg News, the journalism arm of
Bloomberg L.P., had for years used the
company’s terminals to monitor when subscribers had logged onto the
service and to find out what types of functions, like the news wire,
corporate bond trades or an equities index, they had looked at.
Bloomberg terminals, which cost an average of more than $20,000 a
year, are found in nearly every banking and trading company.
Bloomberg
said the functions that allowed journalists to monitor subscribers
were a mistake and were promptly disabled after Goldman Sachs
complained that a Bloomberg reporter had, while inquiring about a
partner’s employment status, pointed out that the partner had not
logged onto his Bloomberg terminal lately. [Following the “dang,
we've been caught!” protocol. Bob]
Read more on NY
Times.
Zachary Seward has a companion piece on
Quartz, called, What
Bloomberg employees can see when they snoop on customers.
“We find it politically useful. Why
would we think it might be wrong?” Obviously Tax laws are always
political.
"A
recurring theme in comments on Slashdot since the 9/11 attacks has
been concern about the use of government power to monitor or suppress
political activity unassociated with terrorism but rather based on
ideology. It has just been revealed that the
IRS has in fact done that. From the story: "The Internal
Revenue Service inappropriately flagged conservative political groups
for additional reviews during the 2012 election . . . Organizations
were singled out because they included the words 'tea party' or
'patriot' in their applications for tax-exempt status, said Lois
Lerner, who heads the IRS division that oversees tax-exempt groups.
In some cases, groups were asked for their
list of donors, which violates IRS policy in most
cases, she said. 'That was wrong. That was absolutely incorrect, it
was insensitive and it was inappropriate. That's not how we go about
selecting cases for further review,' Lerner said . . . 'The IRS
would like to apologize for that,' she added. . . . Lerner said the
practice was initiated by low-level workers in Cincinnati and was not
motivated by political bias. . . . she told The AP that no high level
IRS officials knew about the practice. Tea Party groups were livid
on Friday. ... In all, about 300 groups were singled out for
additional review. . . Tea Party groups weren't buying the idea that
the decision to target them was solely the responsibility of
low-level IRS workers. ... During the conference
call it was stated that no disciplinary action had been taken by
those who engaged in this activity. President
Obama has previously joked
about using the IRS to target people."
So it's not how they choose cases for
review (except when it is), and was not motivated by political bias
(except that it was). Also
at National Review, with more bite.
For my Computer Forensics class.
(Another reason to avoid “sexting?”)
Mobile photo-sharing app SnapChat
has one claim to fame, compared to other ways people might share
photos from their cellphones: the photos, once viewed, disappear from
view, after a pre-set length of time. However, it turns out they
don't disappear as thoroughly as users might like. New submitter
nefus writes with this excerpt from Forbes:
"Richard
Hickman of Decipher Forensics found that it's possible to pull
Snapchat photos from Android phones simply by downloading data from
the phone using forensics software and removing a '.NoMedia' file
extension that was keeping the photos from being viewed on the
device. He published his findings online and local TV station KSL
has a video showing how it's done."
Is this the proper way to do it?
Kevin Chen reports that an announcement
by LinkedIn is being met with some skepticism:
Next week,
LinkedIn will update its privacy policy to let
advertisers sponsor content on the LinkedIn feed. LinkedIn
announced the plans to change its privacy policy so as to not
surprise its users.
Beyond introducing
advertising changes on its platform, LinkedIn will also launch a
Privacy Portal, a one-stop shop for users to access all their
LinkedIn data. The company says it will also look to “clarify and
simplify” the policy’s language so that privacy details are
easier to understand.
Read more on The
Motley Fool.
One should have only impersonal
assistants.
CBC News reports:
Education Minister Jody Carr is facing calls for his resignation
after he admitted on Thursday that one of his political assistants
breached the privacy rights of a high school student.
Carr acknowledged
that his staffer released the mark the student earned on an exam and
the Opposition Liberals say based on precedent, Carr should step down
from cabinet.
Read more on CBC
News.
One would not expect the “Deer
Hunter” state to practice “Ready, Fire!, Aim” legislative
tactics. No doubt they argued that they “had to do something!”
Blaine Kimrey of Lathrop & Gage LLP
has a commentary on a breach notification law that passed the PA
Senate. As noted
previously on this blog, the bill extends existing data breach
notification responsibilities to state agencies, but also requires
notification of those affected within seven days. Kimrey writes:
After a series of
embarrassing governmental data breaches, the Pennsylvania Senate has
overreacted, imposing a seven-day notice requirement on governmental
entities faced with data breaches. While governmental entities
certainly should be held to the same data breach standards as private
industry, this seven-day requirement simply goes too far and ensures
that in responding to data breaches, Pennsylvania agencies will fail.
I agree.
You can read his full commentary on
Lexology.
The bill is now in the House, where it was referred to the Judiciary
Committee. The Governor’s office had informed me that if the bill
passes, the Governor will likely sign it.
Will logic prevail?
"The Federal Circuit has
divided CLS Bank vs. Alice Corp., a case about
various sorts of patents, including software patents. Although the
judges disagreed, to a lesser or greater extent, on the individual
parts of the ruling, more than half decided that the patents in
question — algorithms for hedging risk — were ineligible patent
matter, and that merely
adding an 'on a computer'-like clause to an abstract algorithm does
not make it patentable. Further coverage is available at
Groklaw,
or you can read the
opinion itself (PDF)."
For my Geeks.
Mozilla
offers developers phones to write Firefox OS apps
Mozilla has a deal for programmers:
We'll supply the phones if you supply the apps.
In an effort to ensure there will be
good Firefox OS apps in
the Firefox Marketplace, Mozilla is offering developer phones to
programmers who have compelling ideas for software. In a blog
post Thursday, Mozilla employee Havi Hoffman tried to drum up
interest:
If you can show
you've got a great app idea and the skill to build it, we'd love to
see your apps in the Marketplace when the Firefox OS launch begins
later this summer. And to sweeten the deal, we'll send a Firefox OS
Developer Preview device for you to work with now.
For my Intro to IT students...
This is the first article of a two-part
series where we will explore the benefits of creating a personal
website. Today, we’ll cover the common misconceptions that are
keeping you from creating an awesome personal website.
Myth 1: What I Do
Isn’t Interesting Enough To Have On a Website
Myth 2: I’m A
Private Person and I Don’t Like Being Known About
Myth 3: I Have No
Idea Where to Even Start
Myth 4: I Don’t
Know How To Code – Like, At All
Myth 5: Building A
Website Would Take Far Too Much of My Time
Above is a video
by Thomas Frank, the one who inspired me to build my own personal
website with his article The
Ultimate Guide To Building A Personal Website, which lives up to
its name and is a very good resource that I recommend for creating
your own self-hosted WordPress site.
Myth 6: Owning A
Website Is Way Out Of My Budget
… If you still don’t feel like it
can really benefit you, I highly recommend you follow up with the
second article in this series where we look at how it
can add value to your career.
There are also a ton of awesome
websites that you can use as inspiration. Thomas Frank, the guy I
mentioned earlier who wrote the ultimate personal website guide, put
together another article where he featured several of his own
readers’ websites. If you’re looking for some inspiration as to
what it should look like or have on it, those will definitely be a
help.
1. ONLINE LEARNING
2. ALTERNATIVE
CREDENTIALING PLATFORMS
3. TABLETS AND
SMARTPHONES
4. E-TEXTBOOKS
5.
LEARNING MANAGEMENT SYSTEMS
My weekly chuckle...
… A group of young boys at Driver
Elementary School in Virginia were suspended by
district officials for pointing pencils at each other and making
shooting noises. The district has a “no tolerance”
policy for violence and “there has to be a consequence,” said
a district spokesperson. [We have become a
nation of terrified wimps! Bob]
… USA
Today reports that Xerox is getting into the
grading papers business with a new product called Ignite “that
turns the numerous copiers/scanners/printers it has in schools across
the United States into paper-grading machines.” The article
invokes the phrase “game changer” so there ya go.
… PBS
aired a one-hour special of TED Talks on
education this week, featuring Bill Gates. The Gates Foundation’s
list of grants awarded to PBS is here.
… Bloomberg
reports that textbook publisher Cengage
Learning might file for
bankruptcy. “Cengage reported an operating loss of
$2.77 billion for the three months ended March 3.”