If
you can't win the argument, leave the room. Did any of this make the
news here?
Putin
plans to leave G20 early after West blasts Russia over Ukraine
Russian President Vladimir Putin plans to leave the G20
summit early, a member of his delegation said, after Western leaders
blasted Moscow on Saturday for the crisis in Ukraine
and threatened more sanctions.
… Russia
denied it was involved in a recent escalation of military activity in
Ukraine,
where fighting has claimed more than 4,000 lives, but faced strong
rebukes from Western leaders, including U.S. President Barack
Obama and Canadian Prime Minister Stephen Harper.
… German Chancellor Angela Merkel said the European Union was
considering further financial sanctions against Russian individuals
because of the crisis in Ukraine.
… Putin also met French President Francois Hollande, and both
agreed to protect their ties from the effects of
sanctions, the spokesman said.
(Related)
France has a Billion reasons to “protect their ties” with
Russia.
Russia
Just Gave France A Final Deadline To Hand Over The Mistral Warship
Russia
has given France until the end of November to deliver the first of
two Mistral-class helicopter carriers currently stuck in a shipyard
in Saint-Nazaire, according to reports.
…
Since the onset of the Ukraine crisis the French government has
agonised over the €1.2 billion contract. After tense negotiations,
France succeeded in getting existing contracts excluded from the
European Union's package of sanctions against Russia over its role in
supporting rebels in eastern Ukraine.
This
is always on my Computer Security final in one form or another.
Identify
stupid things IT can do to defeat your security:
A) Fail to change default passwords.
B) Write the password on a sticky note and leave it attached to the
computer.
C) Give every user unlimited access.
Delwyn
Pinto reports:
When a small-time Tennessee restaurateur named Khaled Abdel Fattah
was running short of cash he went to an ATM machine. Actually,
according to federal prosecutors, he went to a lot of them. Over 18
months, he visited a slew of small kiosk ATMs around Nashville and
withdrew a total of more than $400,000 in 20-dollar bills. These two
individuals managed to hack and reprogram the ATMs using just the
keypad. These ATMs in question have an operator mode, using which a
lot of variables of the machine can be managed and set to default
mode. Most ATMs secure this mode by using a secret passcode.
Fattah, being a former bank employee, knew this code and abused it to
hack into the machines. Once hacked into the system, they
reprogrammed the machine to think it was dispensing $1 bills when it
reality it was dispensing $20 dollar bills. Once withdrawn, they
programmed the machine back so that their little exercise wasn’t
detected. [Surely
someone at the bank can count? Bob]
Read
more on TechWorm.
A
question for the more advanced Management of Computer Security class.
How much employee training is enough? Note that “internal
controls” detected and stopped the unauthorized changes. (Perhaps
as simple as calling or emailing the employee to confirm the change.)
But the phishers still had the hacked employee's data.
If
seven
of your employees fell for a phishing scam, I’d say that’s
pretty compelling evidence that you need to do more training of your
employees, wouldn’t you?
I'm
confused. As I read this, the compromised individuals were in the
database, not the subscribers accessing it. If these are “public
records,” why would this be considered a breach? Does aggregating
the data and making it easily searchable change the nature of
“public?”
West
Publishing Corporation, a
unit of Thomson Reuters, has notified the New Hampshire Attorney
General’s Office of a breach involving their Westlaw
subscription-only public records database.
In a letter dated November 4th to those affected, Senior Vice
President Andy Martens explained that on October 14, they detected
unusual search activity. Investigation revealed that some
subscribers’ passwords had been compromised and used to
access the database. The types of information involved included
addresses, date of birth, and in some cases, driver’s license
numbers and Social Security numbers. No bank account or credit card
information was involved.
In response to the breach, West removed external access to full
sensitive identifiers in public records, forced a password reset on
all public user accounts, and implemented
additional technological controls to detect and respond to
searches of more limited public records that also appeared
unauthorized. Federal law enforcement was also contacted.
West offered those affected two years of free credit monitoring with
Experian ProtectMyID Elite.
Nine
NH residents were notified. The total number of individuals notified
was not indicated in their report
to New Hampshire.
Defending
legality by not mentioning the law? This could be similar to driving
around town looking for a suspect's vehicle. You look at every car,
even if only long enough to dismiss it.
U.S.
Defends Marshals in Wake of Secret Cellphone Spying Report
The
Justice Department, without formally acknowledging the existence of
the program, defended the legality of the operation by the U.S.
Marshals Service, saying the agency doesn’t maintain a database of
everyday Americans’ cellphones.
…
A Justice Department official on Friday refused to confirm or deny
the existence of such a program, because doing so would allow
criminals to better evade law enforcement. [Because
that is Policy, not logic. Bob]
Interesting.
Could it be “because we're a monopoly in most markets.” Or is
there really an economic reason. Can't wait to see how they spin
this.
FCC
Questions AT&T: Explain Why Your Fiber-Optic High-Speed Internet
Nationwide Rollout Will be Delayed
The
Federal Communications Commission is seeking an explanation from AT&T
on why the company will be delaying the rollout of the fiber-optic
expansion for high-speed Internet.
AT&T
CEO Randall Stephenson previously said that the company will be
stopping its investments in its planned nationwide fiber upgrade plan
until matters on net neutrality are resolved.
…
The letter by the FCC is asking AT&T to reveal all the
documentation connected with the company's decision to halt its
investments and expansion. Included in the information being
requested by the FCC are the location and number of households that
would have received access to fiber networks in earlier plans of the
company and the same data for the company's current plans.
Additionally,
the FCC asked whether the
investment model of AT&T now shows that the deployment of fiber
networks is unprofitable, or if the company is expecting it to become
unprofitable after its purchase of DirecTV. [Interesting
way to ask if buying DirecTV was a huge mistake. Bob]
(Related)
An alternative take... (Translating the political politeness?)
FCC:
You, AT&T. Get in here and explain this 'no more gigabit fiber'
threat
US
watchdog the FCC is calling out AT&T for throwing a hissy-fit
over net neutrality and halting its gigabit-a-second fiber rollout.
…
The FCC, however, is not so convinced of AT&T's arguments that
it could lose money from the wider rollout of gigabit fiber, should
FCC enforce net neutrality rules, and so the commission wants to
check AT&T's math.
Big
Data Analysis. Interesting approach.
Attensity
Boosts Ability to Discover 'Unknown' Trends in Data
…
"Social analytics has largely been limited up
to this point by forming hypotheses and testing them – the hunting
and pecking for insights that traditional search requires you to do,"
Matsumoto said. "But there is a growing need for our customers
to be presented with findings that they didn’t know to look for.
These findings may be within their search topic, adjacent to it
or many degrees removed through nested relationships."
…
Matsumoto offered the example of the Amazon Firephone. Using
traditional search methodology, it is easy to see the product has a
low number of mentions. But a recent search on Attensity Q showed a
significant spike of interest in the Firephone on Sept. 16 that
Attensity attributed to growing interest in Amazon's Firefly
technology, which allows users to snap a picture of an object and buy
it from Amazon.
…
"With this information, an Amazon product marketer knows where
to focus his or her energy. At this point, they are much better off
than just wondering, 'How can I get more interest in my product,'
since they now have a theory to pursue," she said.
I
work in a very funny industry.
… Coursera
announced that it has struck a deal with the Department
of Veterans Affairs,
making one free
verified certificate available to each US veteran.
According to Coursera,
“this effort will expose Veteran learners to industry relevant
education and help them master new skills to succeed in today’s
workforce.” It’s fascinating
how the Obama Administration says it wants to crack down on
for-profit universities, and then happily funnels money to another
for-profit higher ed company. Tressie
McMillan Cottom responds.
Visit the Veteran
Employment Center to learn how to redeem your free credential
voucher.
…
Muslims in Montgomery
County, Maryland
asked the district to close schools on their two most important
religious holidays – ya know, like schools do for Christian and
Jewish holy days. “Instead, the school board voted 7–1 on
Tuesday to strip all mention of religious holidays from the calendar,
even though Christian and Jewish holidays remain official days off,”
reports
Libby Nelson for Vox.
…
A Huntsville, Alabama
school district “expelled 14 students last year based on the
findings of a private contractor who monitored students’
social-media activity as part of greater school security efforts,
according to a review by
The Huntsville Times. Twelve of them were black, drawing
concerns that the program unfairly targeted African-American
students.” [No
indication of specific laws or policies violated. Bob]
…
The Thurgood Marshall
College Fund and
the University of
Phoenix announced a
partnership
that will enable students at HBCUs to take online courses from the
for-profit university to supplement their on-campus work. [Future
market for “For Profit” universities? Bob]
…
Google
boasted
on its blog this week that the Chromebook
was the bestselling K–12 device in the third quarter of 2014.
…
In a partnership with Nature Education and Roche, UNESCO
has launched a free science
education resource, World Library of Science.
…
Clayton Christensen
doubles
down on his prediction that half
of all universities will be bankrupt in the next 15 years.
…
“Sixty-six percent of schools nationwide offer ebooks,
up from 54 percent in 2013.” More from the School Library
Journal’s annual “Ebook
Usage in U.S. School (K–12) Libraries” report.