Centennial Man: 2014-07-13

Saturday, July 19, 2014

The NSA is in the intelligence gathering business. How else can it act and still achieve its goals?

Alex Abdo writes:

Earlier today, a former State Department civil servant named John Tye published an important op-ed in the Washington Post, explaining that the NSA has created a giant loophole in Americans’ right to privacy. While we now know a good deal about the NSA’s spying on American soil, Tye explains, the NSA’s powers to conduct surveillance on foreign soil should trouble us even more.

Surveillance on foreign soil takes place under Executive Order 12333, an authority that contains few meaningful protections for the privacy of Americans.

Friday, July 18, 2014

We know this can happen, yet we choose to ignore that troubling little fact.

http://www.bespacific.com/report-elite-russian-hackers-breached-nasdq-inserted-digital-bomb/?utm_source=rss&utm_medium=rss&utm_campaign=report-elite-russian-hackers-breached-nasdq-inserted-digital-bomb

Report – Elite Russian hackers breached Nasdaq and inserted a digital bomb

by Sabrina I. Pacifici on Jul 17, 2014

BloombergBusinessWeek – Mike Riley: “In October 2010, a Federal Bureau of Investigation system monitoring U.S. Internet traffic picked up an alert. The signal was coming from Nasdaq. It looked like malware had snuck into the company’s central servers. There were indications that the intruder was not a kid somewhere, but the intelligence agency of another country. More troubling still: When the U.S. experts got a better look at the malware, they realized it was attack code, designed to cause damage… While the hack was successfully disrupted, it revealed how vulnerable financial exchanges—as well as banks, chemical refineries, water plants, and electric utilities—are to digital assault. One official who experienced the event firsthand says he thought the attack would change everything, that it would force the U.S. to get serious about preparing for a new era of conflict by computer. He was wrong.”

(Related) Gee, maybe everyone should read “The Prince.”

http://www.bespacific.com/global-cybercrime-interplay-politics-law/?utm_source=rss&utm_medium=rss&utm_campaign=global-cybercrime-interplay-politics-law

Global Cybercrime: The Interplay of Politics and Law

by Sabrina I. Pacifici on Jul 17, 2014

The Centre for International Governance Innovation (CIGI) - Aaron Shull, June 2014

“Examining global cybercrime as solely a legal issue misses an important facet of the problem. Understanding the applicable legal rules, both domestically and internationally, is important. However, major state actors are using concerted efforts to engage in nefarious cyber activities with the intention of advancing their economic and geostrategic interests. This paper explores the recent unsealing of a 31-count indictment against five Chinese government officials and a significant cyber breach, perpetrated by Chinese actors against Western oil, energy and petrochemical companies. The paper concludes by noting that increased cooperation among governments is necessary, but unlikely to occur as long as the discourse surrounding cybercrime remains so heavily politicized and securitized. If governments coalesced around the notion of trying to prevent the long-term degradation of trust in the online economy, they may profitably advance the dialogue away from mutual suspicion and toward mutual cooperation.”

“If you build it, they will come.” (Makes me think I should start a new blog, titled: Field of Memes.)

Hogan Lovells White Paper Examines Governmental Access to Data in the U.S. and Latin America

Hogan Lovells today published Pan-American Governmental Access to Data in the Cloud, the fifth installment in a series of White Papers examining government access to data held by Cloud service providers. Examining the right of governments in the United States and Latin America to access data in the Cloud, the White Paper concludes that the physical location of Cloud servers does not significantly affect government access to data stored on those servers, and that it is fundamentally incorrect to assume that the United States government’s access to data in the Cloud is greater than that in the Latin American countries examined.

Read more on Hogan Lovells Chronicle of Data Protection.

“As goes France, so goes only France...”

One year of Data Protection Enforcement in France: what the CNIL’s Activity Report 2013 Reveals and what to expect in 2014

Marianne Le Moullec writes:

According to the French Data Protection Authority’s (“CNIL”) recently issued activity report for 2013 (http://www.cnil.fr/fileadmin/documents/La_CNIL/publications/CNIL_34e_Rapport_annuel_2013.pdf), the CNIL was especially busy in 2013. The main topics addressed by the CNIL in 2013 were the creation of a national consumer credit database, the right to be forgotten, the right to refuse cookies, the proposed EU Regulation, and, of course, the revelations concerning the U.S. Prism program and the surveillance of European citizens’ personal data by foreign entities.

[...]

With regards to of the CNIL’s auditing and sanctions in 2013, the CNIL’s priorities remained committed to training, promoting awareness on data protection and issuing guidance for companies. Imposing financial penalties remains an exception. Statistics of the CNIL’s auditing and sanctions activities in 2013 demonstrate this quite clearly

Thursday, July 17, 2014

Apparently, every state is already doing this. (Note to students: You can get SAS software FREE.)

CDC’s National Behavioral Risk Factor Surveillance System is spying on kids & parents

Joe Cadillic excerpts reports by Government Technology and MtAiryNews:

The Florida Department of Children and Families (DCF) is using data analysis to identify children and families most at risk, and thus inform how time and money is allocated. When the DCF started this project two years ago, the goal was to see fewer dead children — and that’s what the department says is happening while spying on children & families.

The SAS report helped DCF identify what the highest-risk children looked like on paper, creating a detailed profile. “We needed to understand a lot more of the common factors in those cases,” Carroll said, “and we needed to be able to take that information and refine what we were doing from a case practice standpoint to see if we couldn’t intervene in a more effective way to prevent some of those child deaths.”

Florida is one of 50 states [So, all of them? Bob] conducting the Behavioral Risk Factor Surveillance System (BRFSS) with financial and technical assistance from the Centers for Disease Control and Prevention (CDC).

Wednesday, July 16, 2014

Local: Another “we don't need no stinking encryption” breach. Also note that one of the first things we teach our Computer Security students is how to bypass “password protection.” (Who write these headlines? Did the laptop really cause the breach?)

http://www.9news.com/story/news/local/2014/07/15/stolen-laptop-causes-security-breach-for-dougco-schools/12717149/

Stolen laptop causes security breach for DougCo schools

… The district sent a letter to all of its employees recently stating the stolen computer contained some workers' Social Security numbers and bank account information.

The district said the computer was password protected but were notifying employees out of an "abundance of caution."

(Related) One of many, many encryption options.

http://www.securityweek.com/bring-your-own-encryption-it-right-choice-your-enterprise

Bring-Your-Own-Encryption: Is It the Right Choice for Your Enterprise?

Following the recent issues surrounding encryption and encryption tools, some organizations are turning to Bring-Your-Own-Encryption (BYOE), but experts warn that there are some aspects that need to be take into consideration before making the move.

To learn more about the advantage, disadvantages and the challenges posed by BYOE, SecurityWeek reached out to several experts in the field.

BYOE is a cloud computing security model that enables organizations [NOT indoviduals. Bob] to use their own encryption software and manage their own encryption keys. This is done by deploying a virtualized instance of the encryption software alongside applications hosted in the cloud to securely encrypt data.

Did you think you were immune?

http://www.securityweek.com/1-6-say-their-organization-had-least-5-significant-security-incidents-past-year-survey

1 in 6 Say Their Organization Had At Least 5 Significant Security Incidents in Past Year: Survey

A new report from ForeScout Technologies described a challenging world for IT security - one where one in six IT pros say their organization has had five or more significant security incidents in the past year.

The research, titled the '2014 Cyber Defense Maturity Report', was conducted by IDG Connect and features responses from 1,600 IT information security decision makers in organizations with more than 500 employees across five industries in the U.S. and Europe.

… Ninety-six percent of the 1,600 respondents said their organizations had at least one significant security event in the last 12 months, while 39 percent said there had been two or more. Though the majority of those surveyed said they were aware that some of their security measures were immature or ineffective, just 33 percent had high confidence their organizations would improve those controls.

"The top five sources of compromise recorded by survey respondents were phishing attacks, compliance policy violations, unsanctioned device use, unsanctioned application use and [unauthorized] data access, with as much as 25 percent of organizations across all vertical sectors experiencing five or more instances of phishing specifically in the past 12 months," according to the report (PDF).

This should be obvious. Apparently, it isn't.

http://www.securitybistro.com/?p=8888

Why Prompt Breach Notification Is Important

… According to a 2014 Identity Fraud Report by Javelin, nearly 1 out of 3 data breach victims in 2013 suffered identity fraud, compared with 1 in 9 in 2010. Obviously the connection between data breaches and fraud is growing. But the good news is that consumer awareness of breaches – and the potential for fraud on their accounts – is on the rise, too. This is probably because so many people have been notified one or more times about their personal data being compromised.

But notification is a good thing because it often prompts consumers to sign up for email or mobile alerts about their credit or checking accounts or to put fraud alerts on their credit reports. This makes data breach victims 15% less likely to suffer multiple fraud events compared with all fraud victims (i.e., the fraud doesn’t necessarily stem from a breach).

Tools & Techniques. Security for every small business. Something like this might work for lawyer-client communication... Just thinking...

http://krebsonsecurity.com/2014/07/wireless-live-cd-alternative-zeusgard/

Wireless Live CD Alternative: ZeusGard

I’ve long recommended that small business owners and others concerned about malware-driven bank account takeovers consider adopting a “Live CD” solution, which is a free and relatively easy way of temporarily converting your Windows PC into a Linux operating system. The trouble with many of these Live CD solutions is that they require a CD player (something many laptops no longer have) — but more importantly – they don’t play well with wireless access. Today’s post looks at an alternative that addresses both of these issues.

… The device I’ll be looking at today is not free, nor is the the tiny dongle that enables its ability to be used on a wireless network.

… The device, called ZeusGard, is a small, silver USB flash drive that boots into a usable browser within about 30 seconds after starting the machine. The non-writeable drive boots directly into the browser (on top of Debian Linux), and if your system is hard-wired to your router with an Ethernet connection, you should be good to go.

… At $24.95 for the basic ZeusGard and $14.95 for the wireless adapter, this device is likely to be more appealing to small businesses than the average Internet user.

Self-surveillance – 'cause you don't know where you've been?

Moves

http://www.moves-app.com/

– automatically records any walking, cycling, and running you do. You can view the distance, duration, steps, and calories burned for each activity. The app is always on, so there’s no need to start and stop it. Just keep your phone in your pocket or your bag. The app consumes battery power, so nightly charging is recommended.

(Ditto)

Visits

http://v.isits.in/

– With visits you can browse your location histories and explore your trips and travels. The unique map timeline visualization shows the places you have visited and how long you have stayed there. Add photos from Flickr to your visits and share your journey with your family and friends. Visits works with geo-tagged Flickr albums, data from Openpaths and Google Location Histories.

The “Right to be Forgotten” falls on hard times. I told you there would be a market for this service.

http://www.makeuseof.com/tag/google-unmasks-elite-hackers-ipads-can-give-rashes-tech-news-digest/

What Has Been Hidden From Google?

Hidden From Google is a new effort to track search results being hidden from Google as a result of the “right to be forgotten.” There are currently only a handful of examples of articles that have disappeared from Google search results, but Afaq Tariq, who created Hidden From Google, is asking for more tip-offs from eagle-eyed users.

As a rather fitting irony, the original articles are once again appearing in search results as a consequence of appearing on Hidden From Google. And people’s attentions are more likely to be drawn to them now than they were previously. The Streisand Effect strikes yet again.

One of those, “what's going on here” moments. Strangely, it looks like Western Union (and other “currency exchanges?”) sell the city stickers.

http://chicago.cbslocal.com/2014/07/15/clerks-office-extends-deadline-for-city-stickers-after-outages/

Clerk’s Office Extends Deadline For City Stickers After Outages

… Major outages with the city’s computer system led to long delays at currency exchanges throughout the city as Chicagoans raced to meet the original deadline of midnight Tuesday.

Another reason to move my students into the Cloud. (Does this mean Amazon gets to arm their drones?)

http://qz.com/235173/the-partnership-between-the-cia-and-amazon-will-revolutionize-intelligence/

The partnership between the CIA and Amazon will revolutionize intelligence

The intelligence community is about to get the equivalent of an adrenaline shot to the chest. This summer, a $600 million computing cloud developed by Amazon Web Services for the Central Intelligence Agency over the past year will begin servicing all 17 agencies that make up the intelligence community. If the technology plays out as officials envision, it will usher in a new era of cooperation and coordination, allowing agencies to share information and services much more easily and avoid the kind of intelligence gaps that preceded the Sept. 11, 2001, terrorist attacks.

… For the risk-averse intelligence community, the decision to go with a commercial cloud vendor is a radical departure from business as usual.

Another opportunity for my Ethical Hackers.

http://www.securityweek.com/google-quest-hire-elite-zero-day-hackers

Google On Quest To Hire Elite Zero-Day Hackers

… On Tuesday Google said it would create a new, “well-staffed” security team called Project Zero with the objective to significantly reduce the number of people harmed by targeted attacks.

“You should be able to use the web without fear that a criminal or state-sponsored actor is exploiting software bugs to infect your computer, steal secrets or monitor your communications,” Chris Evans, Researcher Herder at Google wrote in a blog post Tuesday. “Yet in sophisticated attacks, we see the use of “zero-day” vulnerabilities to target, for example, human rights activists or to conduct industrial espionage.”

This needs to stop, Evans said.

… Under Project Zero, Google says it will be committed to transparency, explaining that every bug they find will be entered in an external database.

Fun for my JavaScript students?

Breach

http://breach.cc/

– is described as a “browser for the HTML5 era”. Everything in the browser is a module, a web-app running in its own process. Construct your own browsing experience by selecting the right modules for you. The entire technological stack is open-source. Modify existing modules and create your owns to extend the behavior of Breach.

Al may be Weird, but he's also a genius.

http://www.makeuseof.com/tag/google-unmasks-elite-hackers-ipads-can-give-rashes-tech-news-digest/

Weird Al Details ‘Word Crimes’

Weird Al’s latest song, Word Crimes, tackles the tricky subject of bad grammar, particularly on the Internet. Word Crimes is a cover of Blurred Lines by Robin Thicke, but the original misogynistic lyrics have been replaced by examples of common grammatical errors.

As a grammar Nazi who has previously argued that typos need to be eradicated, I love Weird Al for writing this song. Let’s just hope people take notice of Word Crimes and stop making the ridiculous mistakes he rallies against.

Tuesday, July 15, 2014

Now here's an article I think every manager should read.

http://knowledge.wharton.upenn.edu/article/trust-verify-security-loopholes-can-undermine-online-compliance-training/

Trust but Verify: How Security Loopholes Can Undermine Online Compliance Training

Compliance training and supervision has always been the first line of enterprise- defense against legal, operational and reputational risk. Now, it is increasingly the final line of defense that determines how enforcement officials view an institution and, in turn, exercise their considerable discretion in assigning liability for regulatory violations.

Corporations face an evidentiary burden built upon the foundations of the late Senator Howard Baker’s Watergate inquiries. Institutions must not only be able to respond to the question, “What did you know, and when did you know it?”– they also must have a credible answer for: “What did you do to prevent this?”

By the same logic, does this ban the taking of fingerprints? How about mug shots?

VT: Pre-conviction DNA testing of arrestees after arraignment violates the search provision of state constitution

John Wesley Hall writes:

In a comprehensive opinion, the Vermont Supreme Court held Friday that pre-conviction DNA testing of arrestees after arraignment violates the search provision of the Vermont Constitution. It failed every point of analysis. State v. Medina, 2014 VT 69, 2014 Vt. LEXIS 71 (July 11, 2014)

Read more about this case on FourthAmendment.com.

Apparently, there is no specific penalty for stupidity. (There but for 50 or 60 IQ points, go I?)

AU: Medical centre in Narre Warren South breached privacy laws by keeping files in shed

Mex Cooper reports:

A medical centre that kept sensitive health records of nearly 1000 patients in a garden shed on a disused property in Melbourne’s south-east has been reprimanded for breaching privacy laws.

Boxes of records containing the personal details of patients were discovered at the Narre Warren South site when the shed at the Amberley Park Drive property was broken into in November 2013.

Australian Privacy Commissioner Timothy Pilgrim investigated and found the medical centre that owned the property had breached the Privacy Act by failing to properly secure the information.

The neglected files included names, addresses, Medicare numbers, dates of birth, occupations and results of medical investigations of about 960 patients who used the Amberley Park Medical Centre that operated at the address until April 2011. Most of the records related to patients who visited the centre prior to 2004.

Read more on The Age. I’d say the centre got off really easy – too easy – if all it has to do is do what it should have done in the first instance. What do you think?

“Look, you're just an ignorant parent. We're trained educators. You don't need to see the data we've been gathering for the government. Just trust that anything we tell you must be true.”

http://www.breitbart.com/Big-Government/2014/07/12/Student-Data-Tied-To-Common-Core-Off-Limits-To-Parents

Student Data Tied To Common Core Off-Limits To Parents

States that were awarded grants from President Obama’s Race to the Top (RttT) stimulus bill program agreed to implement the Common Core standards and to comply with the “Four Assurances,” one of which was the requirement of “Building data systems that measure student growth and success.”

The problem? Private student data is off-limits to parents.

In July of 2009, U.S. Secretary of Education Arne Duncan said, ”[W]e have more than $300 million available to help states build data systems that will drive reforms.”

In Colorado, for example, in addition to its $73 million RttT award, the state also received $17.4 million additional dollars to build the State Longitudinal Data System (SLDS) in 2010. Since all states now have an SLDS database, regional data centers have also formed that allow states to share and compare student data, creating what amounts to a national database of student information.

As Watchdog Wire reported in late June, local Colorado school districts are collecting detailed educational and psychological data on their students for use by private companies and the federal government. Parents, however, are having a hard time getting their hands on their own children’s information.

I think this takes us back to a “Black Hole” for data. Load the data without alteration into a trusted database. Provide only summarized answers to researchers – no actual data fields. Of course it's not perfect but is it adequate?

http://www.bespacific.com/silver-bullet-de-identification-still-doesnt-work/?utm_source=rss&utm_medium=rss&utm_campaign=silver-bullet-de-identification-still-doesnt-work

No silver bullet: De-identification still doesn’t work

by Sabrina I. Pacifici on Jul 14, 2014

Arvind Narayanan and Edward W. Felten...July 9, 2014

“Paul Ohm’s 2009 article Broken Promises of Privacy spurred a debate in legal and policy circles on the appropriate response to computer science research on re-identification techniques. In this debate, the empirical research has often been misunderstood or misrepresented. A new report by Ann Cavoukian and Daniel Castro is full of such inaccuracies, despite its claims of “setting the record straight.” In a response to this piece, Ed Felten and I point out eight of our most serious points of disagreement with Cavoukian and Castro. The thrust of our arguments is that (i) there is no evidence that de-identification works either in theory or in practice and (ii) attempts to quantify its efficacy are unscientific and promote a false sense of security by assuming unrealistic, artificially constrained models of what an adversary might do. Specifically, we argue that:

There is no known effective method to anonymize location data, and no evidence that it’s meaningfully achievable.
Computing re-identification probabilities based on proof-of-concept demonstrations is silly.
Cavoukian and Castro ignore many realistic threats by focusing narrowly on a particular model of re-identification.
Cavoukian and Castro concede that de-identification is inadequate for high-dimensional data. But nowadays most interesting datasets are high-dimensional.
Penetrate-and-patch is not an option.
Computer science knowledge is relevant and highly available.
Cavoukian and Castro apply different standards to big data and re-identification techniques.
Quantification of re-identification probabilities, which permeates Cavoukian and Castro’s arguments, is a fundamentally meaningless exercise.

Data privacy is a hard problem. Data custodians face a choice between roughly three alternatives: sticking with the old habit of de-identification and hoping for the best; turning to emerging technologies like differential privacy that involve some trade-offs in utility and convenience; and using legal agreements to limit the flow and use of sensitive data. These solutions aren’t fully satisfactory, either individually or in combination, nor is any one approach the best in all circumstances. Change is difficult. When faced with the challenge of fostering data science while preventing privacy risks, the urge to preserve the status quo is understandable. However, this is incompatible with the reality of re-identification science. If a “best of both worlds” solution exists, de-identification is certainly not that solution. Instead of looking for a silver bullet, policy makers must confront hard choices.”

From a collection of articles...

http://www.makeuseof.com/tag/cheap-windows-laptops-spies-manipulating-internet-tech-news-digest/

[For my Ethical Hackers:

British Spies Manipulate The Internet

Another day, another revelation into how the security services are affecting our everyday lives. This one concerns British spies working at GCHQ (Government Communications Headquarters) who, according to documents obtained by NSA whistleblower Edward Snowden, regularly manipulate the Internet.

As detailed by The Intercept, the Joint Threat Research Intelligence Group (JTRIG) allegedly has the capability to

“change [the] outcome of online polls,” [and online elections? Bob]

enact the “disruption of video-based websites hosting extremist content,”

“artificially increase traffic to a website,” and

launch a “distributed denial of service using P2P,” amongst other things.

This document has been revealed at a time when the British Government is rushing through legislation giving them greater surveillance powers over ordinary citizens.

Oh, the horror, the horror... Wait a minute. Maybe they just like my blog?

http://www.makeuseof.com/tag/interest-privacy-will-ensure-youre-targeted-nsa/

Your Interest in Privacy Will Ensure You’re Targeted By The NSA

Have you ever wondered if you’re on an NSA observation list? Turns out that if you’ve even thought about it (or online privacy in general), you’re probably more likely to be on one. A few concerning news updates regarding mass surveillance by the NSA within the past week, including revelations from an analysis of the XKeyscore data collection system, have given us an idea of who might be among the NSA’s “targeted” individuals.

Dilbert illustrates the slippery slope of Privacy.

http://dilbert.com/strips/comic/2014-07-15/

If I know all your friends, can't I easily deduce your identity by seeing who is NOT listed?

http://www.securityweek.com/secret-app-raises-25-million-shifts-focus

Secret App Raises $25 Million, Shifts Focus

The fast-growing anonymous mobile app Secret said Monday it had raised $25 million in venture capital and would expand as a social network connecting Facebook friends.

A new feature announced by Secret -- which up to now was an anonymous messaging board -- allows users to log in with Facebook and share with friends without revealing their identities.

"Facebook Login has been our top requested feature, for good reason," the Secret team said in a blog post. "Our community members want more friend content in their stream, beyond simply the contacts from their phone.

Facebook Login gives any user the option to (completely anonymously) connect Secret to Facebook and populate your stream with Facebook friends."

Next, Congress will want the FDA to approve all hand-held technology.

http://news.msn.com/science-technology/got-a-rash-ipad-other-devices-might-be-the-cause

Got a rash? iPad, other devices might be the cause

Recent reports in medical journals detail nickel allergies from a variety of personal electronic devices, including laptops and cellphones.

… Jacob said evidence suggests nickel allergies are become more common, or increasingly recognized. She cited national data showing that about 25 percent of children who get skin tests for allergies have nickel allergies, versus about 17 percent a decade ago.

For my students and a few friends I've been trying to talk into writing a blog. (You know who you are!)

http://www.freetech4teachers.com/2014/07/turn-your-blog-into-book.html#.U8UmskCmVw0

Turn Your Blog Into a Book

BlogBooker is a free service that allows you to turn your the contents of your Blogger blog into a PDF. Using BlogBooker is a fairly straight-forward process. BlogBooker walks you through each step of the process except for the very first step which might sound a little too "techy" for some Blogger users, but it's actually quite easy. The first step in using BlogBooker is to export the contents of your blog as an XML file. This is actually easy to do in Blogger. Step one is to open the "settings" menu of your Blogger blog. Step two is to select "export blog" under "basic" menu. Step three is to click "download." Don't worry, exporting the contents of your blog will not remove any content from your blog. After you've completed the export process, jump over to BlogBooker and follow their directions for completing the transition from XML file to PDF.

Applications for Education

Turning a classroom blog into a book is a great way to show students and their parents how much they have written in a semester.

Perhaps someone who actually teaches this stuff can set me straight. Is this useful?

http://www.freetech4teachers.com/2014/07/storyboard-that-releases-new-teacher.html#.U8Umn0CmVw0

Storyboard That Releases New Teacher Guides

Storyboard That provides templates in which you can create your stories in a comic strip style. To help you create your story Storyboard That provides dozens of scenes, characters, and text bubbles to fill your storyboard's frames. Each element that you drag into your storyboard's frames can be re-sized, rotated, and re-positioned to your heart's content. Your completed storyboard can be saved as a comic strip, saved as a set of images (one image for each frame), or saved as a set of PPTX slides.

This week Storyboard That added three new guides for teaching classic literature with storyboards. The new guides provide great ideas for teaching Macbeth, Romeo & Juliet, and The Great Gatsby with storyboards. Each of the guides include a set of essential questions, alignment to Common Core standards, and templates for character analysis. The templates also include ideas for using comics in which students analyze the elements of plot in each story.

A heads-up for my students.

http://www.chicagotribune.com/business/ct-student-loan-scams-0715-biz-20140715,0,4541450.story

Scams target people struggling with student loan debt, Illinois says

… Broadsword Student Advantage LLC, requested money upfront, Brown said. It wanted $299 the first month, $199 the second month, then $99 — then the student-loan reduction would kick in, she said.

"If it sounds too good to be true, it probably is," she said.

When she called the U.S. Department of Education, a representative warned her against giving money to debt-settlement firms. The federal program that the company said she could use — the Public Service Loan Forgiveness Program — wouldn't take effect until 2017, he said, according to Brown.

For my students, who never heard of note taking Apps...

http://www.makeuseof.com/tag/5-ways-get-productive-microsoft-onenote/

5 Ways To Get Productive With Microsoft OneNote

… It was about two years ago that Saikat described just how awesome OneNote can be. In that article, he explained that you could sync your offline OneNote to itsAndroid or iPhone apps – transforming this desktop organizational tool into a mobile productivity toolkit.

Centennial Man

Saturday, July 19, 2014

Friday, July 18, 2014

Thursday, July 17, 2014

Wednesday, July 16, 2014

Tuesday, July 15, 2014

Search This Blog

Followers

Blog Archive

Links

About Me