Okay, they look like
large balsa wood kit models. And neither one looks like the ones
displayed in their military parades. But consider a bit larger model
that could carry a nuke and you have a primitive cruise missile.
Take
a closer look at North Korea’s alleged drones
If these unmanned
aircraft look rudimentary, it's probably because they are: Not only
did they all crash, but with only a poor quality camera that could
not take video, and no way to broadcast the images, their use as a
spy plane is severely limited.
Despite their lack of
sophistication, however, the sudden appearance of these drones in
South Korea is causing some serious concern.
This is consistent with
“our customers are ignorant but really like playing with their
mobile devices.” If they work well enough to allow customers to
buy stuff, they work well enough.
Domingo Guerra writes
on Appthority:
Recently
Wal-Mart and Walgreens have both been
noted to have security vulnerabilities connected to their mobile
applications. Following recent revelations about the insufficient
security of mobile apps from other major corporations, such as
Target, Neiman Marcus, and Starbucks,
it is clear that big company names are still struggling to iron out
flaws in their mobile apps.
We
recently put the Wal-Mart and Walgreens apps through our mobile app
reputation analysis via the Appthority Service and found their
ratings to be the following:
- The Walmart iOS app earned an app reputation score of 23 out of a possible 100 points.
- The Walgreens app earned an app reputation score of 19 out of a possible 100 points.
These
findings are another reminder that big companies must prioritize and
invest further in security and privacy when it comes to rolling out
their mobile apps.
Since I get my news via
RSS feeds, and email claiming to be from a news website would be
highly suspicious.
News
Junkies Make Great Targets
… Unfortunately,
the truth remains that individuals are a weak link in the battle
against cyber criminals. Many continue to click on links or
attachments sent via email without taking any steps to verify the
origin of the email or the validity of the link or attachment. It
only takes one click to for an attacker to establish a foothold in
the target’s systems.
The
2013 Verizon Data Breach Investigations Report finds that sending
just three emails per phishing campaign gives the attacker a 50
percent chance of getting one click. With six emails the success
rate goes up to 80 percent and at 10 it is virtually guaranteed.
Social media helps spur success, enabling cyber criminals to gather
information about us so they know how to more effectively entice
targets to click on that malicious email.
[The
report: http://www.verizonenterprise.com/DBIR/2013/
Nothing really new, but
worth putting on the “response” bookshelf (in the “response”
folder) Note the lack of communication. If different agencies are
having problems with different components, they could ask for help
from agencies who did not have difficulty with that component. If
everyone is having problems with the same component, they need to
revise the component. (If a manager can't figure that out, they need
a new manager.)
From a GAO report
(GAO-14-487T) released today, the highlights:
The number of reported
information security incidents involving personally identifiable
information (PII) has more than doubled over the last several years
(see figure).
As GAO has previously
reported, major federal agencies continue to face challenges in fully
implementing all components of an agency-wide information security
program, which is essential for securing agency systems and the
information they contain—including PII. Specifically, agencies
have had mixed results in addressing the eight components of an
information security program called for by law, and most agencies had
weaknesses in implementing specific security controls. GAO and
inspectors general have continued to make recommendations to
strengthen agency policies and practices.
In December 2013, GAO
reported on agencies’ responses to PII data breaches and found that
they were inconsistent and needed improvement. Although selected
agencies had generally developed breach-response policies and
procedures, their implementation of key practices called for by
Office of Management and Budget (OMB) and National Institute of
Standards and Technology guidance was inconsistent. For example,
- only one of seven agencies reviewed had documented both an assigned risk level and how that level was determined for PII data breaches; two agencies documented the number of affected individuals for each incident; and two agencies notified affected individuals for all high-risk breaches.
- the seven agencies did not consistently offer credit monitoring to affected individuals; and
- none of the seven agencies consistently documented lessons learned from their breach responses.
Incomplete guidance
from OMB contributed to this inconsistent implementation. For
example, OMB’s guidance does not make clear how agencies should use
risk levels to determine whether affected individuals should be
notified. In addition, the nature and timing of reporting
requirements may be too stringent.
Download the full
report from GAO
Interesting. Worth a
read...
This new report
from Pam Dixon and Bob
Gellman for the World Privacy Forum explores the issue of predictive
scores that use information about your past to predict your future.
How accurate are these predictions? What impact can they have on
your life? What scores are predicting you?
Brief Summary of report
(provided by WPF):
This
report highlights the unexpected problems that arise from new types
of predictive consumer scoring, which this report terms consumer
scoring. Largely unregulated either by the Fair Credit Reporting Act
or the Equal Credit Opportunity Act, new consumer scores use
thousands of pieces of information about consumers’ pasts to
predict how they will behave in the future. Issues of secrecy,
fairness of underlying factors, use of consumer information such as
race and ethnicity in predictive scores, accuracy, and the uptake in
both use and ubiquity of these scores are key areas of focus.
The
report includes a roster of the types of consumer data used in
predictive consumer scores today, as well as a roster of the consumer
scores such as health risk scores, consumer prominence scores,
identity and fraud scores, summarized credit statistics, among
others. The report reviews the history of the credit score – which
was secret for decades until legislation mandated consumer access —
and urges close examination of new consumer scores for fairness and
transparency in their factors, methods, and accessibility to
consumers.
You can download the
report here
(.pdf)
How can broadcast TV
possibly survive without fees from Cable? How did they do it before
cable?
Dish Network, Echostar
and the American Cable Assn. are among those supporting Aereo in its
showdown with broadcasters in the Supreme Court.
They were among the
companies and organizations which filed briefs to the high court on
Wednesday, the deadline for amicus briefs in favor of Aereo. Oral
arguments in the Supreme Court are scheduled for April 22.
If Aereo is allowed to
continue, broadcasters say that cable and satellite operators could
merely start their own similar services and bypass having to
compensate them for retransmitting station signals, in what is now a
multi-billion dollar revenue stream.
I should be simple to
flag your WiFi, “Private.” Absent that, what should I assume?
From the
hard-to-believe-this-wasn’t-an-April-Fool’s-joke dept.:
David Kravets reports:
Google
wants the Supreme Court to reverse a decision concluding that the
media giant could be held liable for hijacking data on unencrypted
Wi-Fi routers via its Street View cars.
The
legal flap should concern anybody who uses open Wi-Fi connections in
public places like coffee houses and restaurants. That’s because
Google claims it is not illegal to intercept data from Wi-Fi signals
that are not password protected.
Read more on Ars
Technica.
Virtual tourism? Can I
still buy the T-shirts?
Angkor
Wat at Google: Just like being there (video)
Google street view technology in Google Maps now offers detailed
views of Cambodia's ancient temple complex Angkor Wat that enables
virtual tourism [See here].
One can now travel to Angkor Wat without ever leaving your living
room
For my Statistics
students (and the other professors) Windows, Mac or Online.
– If you’ve ever
tried to do anything with data provided to you in PDFs, you know how
painful this is — you can’t easily copy-and-paste rows of data
out of PDF files. Tabula allows you to extract that
data in CSV format, through a simple interface. And now
you can download Tabula and run it on your own computer, like you
would with OpenRefine.
No comments:
Post a Comment