I'm not sure how you
would program the site to do this. Random Number generator, I guess.
Should be as simple as backing out the last “Update” but I
suspect it will be more complicated. The website is still down.
Jon Camp reports:
Navy
veteran Sylvester Woodland said he couldn’t believe what he was
seeing Wednesday night when he logged onto the Veteran
Affairs’ E-Benefits website.
“It
gave me a different person’s name, each and every time I came
back,” Woodland said. At first I thought it was just a glitch,
but the more I thought about it, I said, wait a minute, this is more
than a glitch, this is a breach.”
Woodland
was on the VA’s E-Benefits website trying to track down his own
history for a bank loan. Instead, windows kept popping up displaying
other veterans’ medical and financial information.
“When
you click on these hyperlinks here, it takes you to the bank account,
the direct deposit, bank account, last four, what bank is it for,”
Woodland said. “I’ll bet he has no idea that I’m sitting here
in my house with his information.”
Read more on ABC.
A Guide to stealing 110
Million items? They never say this was used on Target, but that's
how it is being reported.
Report
to Government on Massive Theft of Credit Card Data From Retail
Customers
by Sabrina
I. Pacifici on January 16, 2014
KAPTOXA
POS Report Overview – “iSIGHT Partners, working with the U.S.
Secret Service, has determined that a new piece of malicious
software, KAPTOXA (Kar-Toe-Sha), has potentially infected a large
number of retail information systems. This software can find, store,
and then transmit sensitive information such as credit card and PIN
numbers. These findings are part of a need-to-know joint report
released today by the Department of Homeland Security, USSS, FS-ISAC
and iSIGHT Partners. The use of malware to compromise payment
information storage systems is not new. However, it is the first
time we have seen this attack at this scale and sophistication.
Importantly, this software contains a new kind of attack method
that is able to covertly subvert network controls and common forensic
tactics, concealing all data transfers and executions that may have
been run, rendering it harder to detect. Many retail
organizations may not know that they have been infected, or that they
have already lost data.”
A bit confusing because
the PDF states that they no longer do Criminal Record checks, but
then states that they do report prior convictions.
B.C.’s
Information and Privacy Commissioner Elizabeth Denham invites public
submissions on her investigation into the use of police information
checks. Interested citizens or groups are welcome to answer the
questions the Commissioner has posed in this consultation letter. In
addition, or alternatively, the public can provide our Office
whatever views they may have on the subject including any particular
experiences they have had with police information checks. We would
appreciate receiving these responses by email to info@oipc.bc.ca no
later than February 21, 2014.
Read the background and
more about this issue here
(pdf)
[From
the PDF:
There is an increasing
trend towards the use of police information checks as a screening
tool for employers to assist in determining the suitability of a
prospective employee or volunteer. While these individuals consent
to the conduct of the check before it takes place, it is unlikely
that an individual who refuses a check will still be considered for
an employment or volunteer position.
A bit geeky and still
incomplete.
A
Closer Look at the Target Malware, Part II
Yesterday’s story
about the point-of-sale malware used in the Target attack has
prompted a flood of analysis and reporting from antivirus and
security vendors about related malware. Buried within those reports
are some interesting details that speak to possible actors involved
and to the timing and discovery of this breach.
Yes, I can reach your
appliances, but I can't use them to empty your bank account. Or can
I?
The
Internet Of Things Has Been Hacked, And It's Turning Nasty
Don't say we didn't
warn you. Bad guys have already hijacked
up to 100,000 devices in the Internet of Things
and used them to launch malware attacks, Internet security firm
Proofpoint
said on Thursday.
It's
apparently the first recorded large-scale Internet of Things hack.
Proofpoint found that the compromised gadgets—which included
everything from routers and smart televisions to at least one smart
refrigerator—sent more than 750,000 malicious emails to targets
between December 26, 2013 and January 6, 2014.
… Pinging one
device brought up a login screen that said: Welcome To Your
Fridge. She typed in a default password—something like
“admin” or "adminadmin," Knight said—and suddenly had
access to the heart of someone's kitchen.
… “Embedded
operating systems deployed in firmware tend to be old, not patched
very frequently, and there are known vulnerabilities to virtually all
of them,” Knight said.
Fire up the Gulfstream,
I'm heading to Brussels! Oh, wait. I don't have a private jet.
Darn! Anyone want to make a large donation to my Blog? NOTE: I get
in free, so all I need is the jet.
You
are kindly invited to the seventh edition of the ‘Computers,
Privacy & Data Protection’ (CPDP) conference, to be held on
22-24 January 2014 in Brussels, Belgium. The conference will include
panels covering all current debates in the field: the data protection
reform in the European Union, PRISM, big data, privacy by design,
cloud computing, biometrics, and e-health and will have special
sessions on impact assessments, Roma empowerment in the digital era
and other topics. Over 60 panels are scheduled.
Read more of the press
release on phys.org.
[From
the article:
For more information
about:
- the programme: http://www.cpdpconferences.org/Programme.html
- the side events: http://www.cpdpconferences.org/SideEvents.html#top
- the art exhibition: http://www.cpdpconferences.org/SideEvents.html#Art
Members of the press
with an official press card can register free of charge as "press
on invitation"
What if that file of
random looking characters is a file of
random looking characters? How does one prove that gibberish is not
encrypted evidence? (Because apparently the police need not prove it
isn't)
Clink!
Terrorist jailed for refusing to tell police his encryption password
A convicted terrorist
will serve additional time in jail after he was found guilty of
refusing to supply police with the password for a memory stick that
they could not crack.
Syed Farhan Hussain,
22, from Luton, was handed a four-month sentence at the Old Bailey on
Tuesday after a jury took just 19 minutes to deliver the guilty
verdict.
Judge Richard Marks QC
sentenced him for not complying with a notice to give up his
password. The refusal was contrary to section 53 of the Regulation
of Investigatory Powers Act 2000, the UK's wiretapping law.
Police had issued
Hussain with the notice under section
49 of RIPA to force him to let the cops into his USB stick.
The judge said
Hussain's deliberate refusal to comply with a police notice and hand
over his password was a very serious matter because
it served to frustrate a police investigation, the BBC
reports.
Imagine deleting (or
forcing the deletion) of video showing teachers breaking the law.
Really bad idea. Wouldn't the Best Practice be to hold the phone
until Mom or Dad can see what the school wants to delete? Or is the
school saying, “We don't need no stinking parents?”
Luke Hammill reports:
It’s
been almost two months since controversy erupted at Hillsboro’s
R.A. Brown Middle School over staff
reviewing and deleting video on students’ cell phones. In its
first work session since the holiday break, the Hillsboro School
Board reacted Tuesday evening by examining its search and seizure
policies.
[...]
Hungerford
said the relevant court cases have given conflicting rulings about
how broad searches can be, but school officials must have “reasonable
suspicion” that a student violated school rules in order to search
him, and the search must be “reasonable in scope.” For instance,
if a student is reasonably suspected of stealing a football,
Hungerford said, a teacher cannot make him empty his pockets.
He
said he doesn’t think it’s a good idea for school officials to
ever delete material off of a student’s phone. Hungerford also
recommended that in a sensitive situation – he gave the example of
students texting each other photos of an exam – teachers or
administrators should direct students to delete the photos
themselves, and then discipline them for insubordination if they
don’t comply.
Read more on Oregon
Live.
Oh my, Justin Bieber's
privacy has been violated! Seriously, is this now normal police
procedure?
Cops
searching Justin Bieber's seized cell phone for egging clues
Police investigating
vandalism allegations against Justin Bieber are searching his cell
phone for clues after seizing the mobile during a raid of his
California home on Tuesday (14Jan14).
Cops descended on the
Baby hitmaker's Calabasas mansion after a neighbour complained to
authorities last week (09Jan14), when the singer was reportedly
discovered hurling eggs at his front door.
Detectives took
Bieber's iPhone away as evidence during the search, and tech experts
at the Los Angeles County Sheriff's Office are currently scanning the
device for any potentially incriminating photos, text messages or
other material.
… Officers are also
studying surveillance footage taken from Bieber's pad, which was
equipped with a "well operated" security system.
(Related)
Justin
Bieber is worried about what cops are going to find
on his cell phone, but we're told his issues involve nakedness and
drugs ... not so much eggs.
Law enforcement sources
tell us ... when they searched
Justin's house Tuesday, they
seized his cell phone ... took it right out of his hot little hands.
Sources say cops are interested in texts that could incriminate him.
Cops want to see if he texted someone after the fact and bragged
about the egging. One law enforcement source called it a "text
high 5."
Sources tell us ...
he's concerned more about drug discussions and references. Even if
cops find drug references, Justin's in the clear given there's no
physical evidence -- nonetheless J.B. is afraid it will leak out.
We're told he's also
concerned that there are naked photos in his phone, although we don't
know if they're action shots, selfies, etc.
And we're not even
going to mention bad grammar.
Will this force the
addition of a “working” light? Perhaps a little flag?
Ticket
for driving in Google Glass dismissed
It may have been the
most anticipated traffic court date ever.
Southern
California resident Cecilia Abadie appeared in
San Diego traffic court on Thursday for speeding and for wearing
Google Glass while driving. It is considered the first time someone
has been cited for wearing the face-mounted technology while driving.
Commissioner John Blair
threw out both charges, stating there wasn't enough evidence to prove
beyond a reasonable doubt that the Google Glass was turned on at the
time. It is only illegal to wear the device while driving if it is
operational.
… "It doesn't
necessarily answer the question everybody wanted: Is it legal to
drive down the road wearing Google Glass while it's operating?"
said William Concidine of My Traffic Guys. Concidine and his
partner, Gabriel Moore, are the traffic ticket attorneys who defended
Abadie in court on Thursday.
Amusing. I guess you
grab anything for a bit of attention when you are fund raising...
(This links to the AMA session)
Hi Reddit,
I am Daniel Ellsberg,
the former State and Defense Department official who leaked 7,000
pages of Top Secret documents on the Vietnam War to the New York
Times and 19 other papers in 1971.
Recently, I co-founded
the Freedom of the Press Foundation. Yesterday, we announced Edward
Snowden, NSA whistleblower, will be joining our board of directors!
Here’s our website:
https://pressfreedomfoundation.org
I believe that Edward
Snowden has done more to support and defend the Constitution—in
particular, the First and Fourth Amendments—than any member of
Congress or any other employee or official of the Executive branch,
up to the president: every one of whom took that same oath, which
many of them have violated.
Ask me anything.
Here's proof it's me:
https://twitter.com/DanielEllsberg/status/423520429676826624
Perspective. At the
start of each Quarter, I ask if there are any SciFi readers in my
classes. I'm happy to find one in 25. Owners of eBook readers is
about 1 in 15.
E-Reading
Rises as Device Ownership Jumps
The percentage of
adults who read an e-book in the past year has risen to 28%, up from
23% at the end of 2012. At the same time, about seven in ten
Americans reported reading a book in print, up four percentage points
after a slight dip in 2012, and 14% of adults listened to an
audiobook.
Though e-books are
rising in popularity, print remains the foundation of Americans’
reading habits. Most people who read e-books also read print books,
and just 4% of readers are “e-book only.”
Something we could get
at our school?
Yale
students made a better version of their course catalogue. Then Yale
shut it down.
A pair of Yale students
and brothers, Peter Xu and Harry Yu, built a site that let students
plan out their schedules while comparing class evaluations and
teacher ratings for the past three semesters. Thousands of Yale
students used it, apparently finding it a better resource than
similar sites run by the university. But this week, as the "shopping
period" where students are able to try out classes and finalize
their schedules began, Yale not only blocked the Web site from campus
networks, labeling it "malicious," but forced the brothers
to take it down or face disciplinary action.
For my Students. The
only concern I have is that $2.99 is $2.99 too much. But then, I
didn't spend $300-$500 for an iPad.
Collect,
Extract & Organize Research Fast With Summary Pro for iPad
… Web annotation
services like Diigo
(one
of my favorites) and the clipping
features provided by Evernote are great for collecting,
organizing, and reviewing research, but Summary Pro streamlines the
note clipping process and helps keep your research organized.
Summary Pro includes an
in-built web browser
… As you browse and
read articles and documents, you can tap on one of three cutting
tools (rectangle, circle, or free hand) and select content you want
to clip and save.
Next, swipe the
selection to the left and it gets saved in a folder.
Summary
Pro ($2.99)
Too cool for my
students? A great way to remind myself of all that Jazz I listened
to as a kid.
The
History of Popular Music, According to Google
Google unveiled a new
way to look at the history of music today, Music
Timeline.
Drawing on the songs
that reside in the collections of millions of Google Play users, the
company created a visualization of the popularity of various artists
and genres from 1950 to today.
No comments:
Post a Comment