Sneaky
trick #49 Most banks don't have outside “engineers” wandering
around working on their computers.
Eight
men have been arrested on suspicion of stealing 1.3 million pounds
($2 million) from a Barclays bank branch by tapping into its
computers, British police said Friday.
[...]
Detective
Supt. Terry Wilson said one of the arrested men is the
“Mr. Big” of British cybercrime.
Police
suspect that in both cases a gang member posed as an
engineer and installed devices on the bank’s computers
that allowed the suspects, in the Barclays case, to gain information
used to siphon money from the bank.
Read more of this story
on HuffPost.
[From
the article:
Police suspect that in
both cases a gang member posed as an engineer and installed a KVM on
the bank's computers that allowed the suspects, in the Barclays case,
to gain information used to siphon money from the bank.
"That would allow
them to log the keystrokes and the actual screen, so you could gather
passwords and see how people log into their systems," said
Graham Cluley, an independent computer security analyst. "Then
you could remotely access the computers as if you were sitting in
front of it. Effectively, it's like breaking into the bank in the
middle of the night."
[Related
reporting:
Santander
hacking plot: How did gang use keyboard video mouse to take control
of a bank's computers?
… Expert Chris
Pirillo, speaking on YouTube, explained how it worked. "The
idea behind KVM is that you can have one set of peripherals, a
keyboard, monitor and a mouse, to control many computers.
"An example is
that if you have multiple computers in a house and you want to
control them with relative ease you can have a KVM switch."
Once installed, the
technology would mean that a person keen to steal from a bank, could
effectively attempt to transfer cash from its computer systems from
the comfort of their own home.
According to police,
the gang arrested allegedly used this technology to control
of all the computers at the Santander branch in Surrey
Quays shopping centre
However, according to
the Spanish bank said they were unable to steal any money.
I have to
wonder if we've trained some privacy advocates too well.
NSA
job post for 'Civil Liberties & Privacy Officer' goes live
… President Obama
announced
during a press conference in August the plan to create the new
position, along with an NSA Web site devoted to greater transparency,
which, surprisingly to some, took
the form of a Tumblr blog.
Here's the job
listing in full
No doubt
Section II, Paragraph C, Line 4 says something like “and then a
miracle occurs.”
Somini Sengupta of the
NYT reports:
Kids.
The reckless rants and pictures they post online can often get them
in trouble, by compromising their chances of getting into a good
college or even landing them in jail. What to do about such lapses
vexes parents, school officials, the Internet companies that host
their words and images — and the law.
Now
California legislators are trying to solve the problem with the first
measure in the country to give minors the legal right to scrub away
their online indiscretions. The legislation puts the state in the
middle of a turbulent debate over how best to protect children and
their privacy on the Internet, and whether states should even be
trying to tame the Web.
Gov.
Jerry Brown has taken no position on the bill. He has until
mid-October to sign it, after which, without his signature, the
legislation becomes law.
Read more on
BendBulletin.com
Update: For
those seeking the text of the bill, it’s SB
568
[From
the article:
Some supporters of the
bill say Internet companies got off easy. The eraser bill does not,
for example, require companies to remove the deleted data from its
servers altogether, nor does it offer any way to delete material that
has been shared by others; a sensational picture that has gone viral,
in other words, can’t be purged from the Internet.
Interesting
in theory, unlikely in practice.
EFF
– Thirteen Principles Against Unchecked Surveillance Launched at
United Nations
Privacy
Advocates Call Upon UN Member States to End Mass Internet Spying
Worldwide: “Geneva – At the 24th Session of the United
Nations Human Rights Council on Friday, six major privacy NGOs,
including the Electronic Frontier Foundation (EFF), warned nations of
the urgent need comply with international human rights law to protect
their citizens from the dangers posed by mass digital surveillance.
The groups launched the “International Principles on the
Application of Human Rights to Communications Surveillance” at a
side event on privacy hosted by the governments of Austria, Germany,
Hungary, Liechtenstein, Norway, and Switzerland. The text is
available in 30 languages at http://necessaryandproportionate.org.
The document was the product of a year-long negotiation process
between Privacy International, the Electronic Frontier Foundation,
Access, Human Rights Watch, Reporters Without Borders, and the
Association for Progressive Communications. The document spells out
how existing human rights law applies to modern digital surveillance
and gives lawmakers and observers a benchmark for measuring states’
surveillance practices against long-established human rights
standards. The principles have now been endorsed by over 260
organizations from 77 countries, from Somalia to Sweden. Included in
the 13 principles are tenets such as:
Necessity:
State surveillance must be limited to that which is
necessary to achieve a legitimate aim.
Proportionality:
Communications surveillance should be regarded as a highly
intrusive act and weighed against the harm that would be caused to
the individual’s rights.
Transparency:
States must be transparent about the use and scope of
communications surveillance.
Public
Oversight: States need independent oversight mechanisms.
Integrity
of Communications and Systems: Because compromising
security for state purposes always compromises security more
generally, states must not compel ISPs or hardware and software
vendors to include backdoors or other spying capabilities.”
Big
Data is not automatically Big Money. If raw data was all you
needed, NSA would provide all the money needed to run the government.
Here are four steps
your organization can take in order to understand the value of your
data, and to plan for potential monetization:
Clarify
whether it’s really your
data
Understand
who would value it, why, and how much
Frame
up realistic aspirations for monetization
Test,
learn, and tweak
I'm on a
two week break between Quarters, so I might try one or two “free
online” movies...
– What
are you in the mood to watch right now? Movievisor helps you find
something to fill your cravings. Give Movievisor the thumbs up or
down, and it will customize its recommendations. Suggestions come
from Netflix, Amazon Instant and Hulu, with more sources to be added
soon. You can see reviews for each movie on the page as well.
First
question I ask in each class, “Who reads SiFi?” They will have
no problem with new concepts OR will drive me crazy with “What
if...” questions.
Why
Today's Inventors Need to Read More Science Fiction
… This fall, MIT
Media Lab researchers Dan Novy and Sophia Brueckner are teaching
"Science
Fiction to Science Fabrication," aka "Pulp to
Prototype," a course that mines these "fantastic imaginings
of the future" for analysis of our very real present. Over
email, I asked Novy and Brueckner about the books they'll be
teaching, the inventions that found their antecedents in those pages,
and why Novy and Brueckner believe it is so important for designers
working in the very real world to study the imaginary. An edited
transcript of our correspondence follows.
Every week
a new laugh...
… EdX
launched a new program, “the
XSeries,” that will offer certificates for students who
complete a sequence of classes offered on its MOOC platform. The
program starts with two series: Foundations of Computer Science
and Supply Chain and Logistics Management. These new certificates
will require an ID verification program, newly launched from edX too.
More details on the courses and the fees in
Inside Higher Ed.
… All
of the courses that make up the first year of Wharton’s
MBA program are now available online via Coursera.