Tuesday, January 13, 2015

Interesting, but unlikely to get much coverage in the US. Someone now knows a lot about Turkish citizens. Enough to generate false backgrounds for terrorists?
Hasan Bozkurt reports:
The Presidency’s State Audit Institution (DDK) has revealed that the state failed to protect Turkish citizens’ ID information. The servers of the administration’s website has been easily breached, ID information of citizens have been stolen. These include the General Directorate of Population and Citizenship Affairs, the General Directorate of Land Registry and Cadaster, Revenue Administration, the Social Security Administration, the Ministry of Health and the Ministry of Justice.
Underlining that more than 70 million of Turkish citizens’ ID copies stored in GSM operators, in the report expressed that more than 50 million of citizens’ ID information stolen by third parties.
Read more on BGN News.


Embarrassing, otherwise trivial. (TIP: Don't use the password: “CENTCOMtwits”)
U.S. CENTCOM Twitter, YouTube Accounts Defaced By ISIS
A couple of official social media accounts of the United States' Central Command have been breached today, with the Islamic State militant group ISIS claiming responsibility.
Both the Twitter and YouTube accounts of the Central Command were accessed to change both the banner and profile picture, as well as add a couple of messages.

(Related) “See? We're 'doing something!'” Would any non-government group respond as quickly? In fact, even if they simply reiterate “Best Practices” this is a good thing, and I shouldn't give them too much grief.
Agency to host seminar on social media hacks
… The General Services Administration (GSA) announced it would hold a web seminar this Thursday to teach federal agencies how to guard against and respond to social media hacks.
The seminar was announced hours after U.S. Central Command's (CENTCOM) Twitter account was taken over by individuals claiming allegiance to the Islamic State in Iraq and Syria (ISIS).
… An arm of the GSA – called DigitalGov — helps federal agencies use social media and other digital services. On Monday afternoon, it began Tweeting out instructions on how to prevent social media attacks and set up two-step verification.
It also sent instructions via email on Monday to hundreds of social media managers in the federal government, offering similar guidance in case of a social media attack.
… After the Associated Press’s Twitter account was broken into last year, the agency warned that the government would have to guard against similar attacks.
It said it is easy to guard against the attacks, which are usually the result of “lazy device security.”
“In fact, what’s often blamed on social media hacking is rooted in poor account management: easy-to-guess passwords; passwords that aren’t changed periodically or after staff changes; or lazy device security such as unlocked computers or mobile devices,” the agency wrote in a blog post last year, which it linked to on Monday.


My students claimed “worries about security” were the number one issue holding Cloud Computing back in their organizations.
Data Security Concerns Still Challenge Cloud Adoption: Survey
The CSA's Cloud Adoption, Practices and Priorities Survey Report fielded responses from 212 participants
According to the survey, 73 percent said concerns about the security of data are a top challenge holding back cloud adoption. In addition, other top responses include concerns about regulatory compliance (38 percent) and loss of control over IT services (38 percent). Some 72 percent admitted they did not know how many shadow IT apps were within their organization but wanted to.


Knee-jerk over-reaction or just waiting for the inevitable terrorist event that “justifies” striping encryption?
David Cameron Hates Privacy
British Prime Minister David Cameron wants to ban apps that ensure user privacy by using end-to-end encryption. He made the pledge to act against this trend in light of the terrorist attacks in Paris which left 17 people dead.
Cameron asked and answered his own question, saying, “Are we going to allow a means of communication which it simply isn’t possible to read? My answer to that question is: ‘No, we must not.’” Actually, most sensible people would answer, “Yes, we must.
While encrypted services can be used by people plotting harm, they’re used much, MUCH more widely by people who care about privacy and security. Destroying the notion of end-to-end encryption is an absolute non-starter, effectively banning the likes of Whatsapp and Snapchat from operating in the UK.


Would you rather have the NSA pass relevant data to the FBI or give the FBI the resources they need to capture the data themselves. (Let's not ask if they really need the data.)
DOJ IG Report on FBI Access to NSA Surveillance Data
U.S. Federal Bureau of Investigation access to overseas surveillance collected by sister organization the National Security Agency has expanded in recent years, with the law enforcement agency gaining access to collected but unprocessed data in 2009, according to a report released by the government. The FBI’s access to email and other data collected from overseas targets in the NSA’s Prism program has been growing since 2008, according to a 2012 U.S. Department of Justice inspector general’s report declassified last Friday by the DOJ. The agency made the highly redacted inspector general’s report public in response to a Freedom of Information Act request by the New York Times. In 2008, the FBI began reviewing email accounts [Specific accounts or browsing through all of them? Bob] targeted by the NSA through the Prism program, according to the report and a New York Times story. Then, in October 2009, the FBI requested that information collected under the Prism program be “dual routed” to both the NSA and the FBI so that the FBI “could retain this data for analysis and dissemination in intelligence reports,” [with attribution? Bob] according to the IG’s report. And in April 2012, the FBI began nominating email addresses and phone numbers [I read this as the FBI “tasking” the NSA. That is definitely wrong in my humble opinion. Bob] that the NSA should target in it surveillance program, according to the document. The IG’s report, however, concluded that the FBI took a responsible approach toward the surveillance program. The FBI’s Prism team “implemented its targeting procedures with commendable deliberation, thoroughness and professionalism,” the report said.”


It's for the children!
Facebook Is Placing ‘Amber Alerts’ for Missing Children in News Feed
… Facebook said Tuesday it has partnered with the National Center for Missing and Exploited Children to include “Amber Alerts” in the news feeds of users near a child reported missing.
The alerts will appear in the second slot of the feed, along with a photo and details about the case.
The initiative highlights how social media has become a crucial source of information for many people.


But what if I don't “like” anything?
Facebook Is Now Better At Judging Your Personality Than Your Friends Are
A new study, published Monday in the journal PNAS, suggests that computers are now better judges of character than your friends, family, and even your partners.
The project, conducted by researchers at the University of Cambridge and Stanford, used an algorithm to calculate the average number of "Likes" a computer needs to draw a remarkably accurate identification of who you are.


Be careful what you wish for...
Google News Offline In Spain; Newspaper Publishers Are To Blame
Google isn’t serving up headlines from Spain on Google News, and Spanish users can’t access Google News at all. The reason: a Spanish law that requires Google to pay for the use of headlines.
Google’s response: shutting down the service entirely.
On December 16th 2014, Spain passed a law saying Spanish newspapers must be paid for content, even if they are willing to give it away for free.
… Publishers were not prepared for the consequences.
Enrique Dans, an information technology and systems professor of the Instituto de Empresa (IE) Business School in Spain, published an article on Medium arguing that the Google tax is greedy, and irresponsible. Professor Dans predicts that the law will be impossible to enforce, and if it is used to chase small companies and individual journalists, would only hurt the field of journalism.
… Spanish speaking people have rallied behind hashtags like #EnlaceLibre (#FreeLinks), and #Todoscontraelcanon (#EverybodyAgainstTheFee).
… many are even boycotting AEDE publications with the use of browser extensions like AEDE Blocker.
Predictably, with Google News dropped from the wire of Spanish headlines, Spanish publications aren’t seeing as much traffic as they used to. They lost anywhere from ten to fifteen percent of their regular traffic with the loss of Google News – and with it revenue.
France, Belgium, Germany, and Portugal have all considered similar laws, SearchEngineLand reports. For example: in 2012 Germany implemented ‘ancillary copyright’ for publishers, but ended up permitting ‘very small excerpts of text’ to be shown for free, – giving Google some leeway in presenting snippets in news searches.
All four of these other nations have worded their law such that a publisher can demand payment, but is not required to – a key difference from Spain’s approach.


I have some students who could use a job...
The powerful woman behind Intel’s new $300 million diversity initiative
… “A confluence of industry events has brought [the lack of women and minorities in technology] to the center stage, from the threats and harassment that have characterized the debate in the gaming world to the publication of hiring data and diversity statistics in the tech industry,” Intel CEO Brian Krzanich told the audience during his keynote address at CES.
… While Krzanich announced the newly-formed “Diversity in Technology” initiative, it’s Intel president RenĂ©e James who will be the one handling the day-to-day oversight of the investment.
… Intel’s plan, says James, is to use the money to help build a pipeline of female and underrepresented engineers and computer scientists. That includes funding programs that teach STEM (science, technology, engineering and mathematics) to young people in underserved areas, collaborating with higher education institutions, investing in women and minority-owned companies and creating bolder hiring and retention incentives and programs to encourage diversity within Intel.


No doubt we'll increase our 2 year degrees. Unless they define “community college” more restrictively than I think they can.
The Genius of Obama's Two-Year College Proposal
… Community colleges, which educate nearly half of the nation’s 24 million college students, are already far more affordable than public four-year institutions. The annual tuition at public community colleges is $3,260, less than half the $8,890 average in-state tuition at public four- year institutions. Obama’s initiative would reduce community-college tuition costs to zero for students across the economic spectrum—a plan that would cost the federal government $60 billion over 10 years. (It is possible, though not confirmed, that Obama will reserve Pell Grant money to offset other costs, such as books, transportation, food, and housing.)
… Some liberals even joined in the criticism. Because the program is not limited to low-income students, middle-income and even wealthy community-college students could benefit. Donald Heller, dean of Michigan State University's College of Education, told Politico, "Should we really be giving those kids free tuition when their families can pay?" And the Institute for College Access and Success called the proposal "a Wolf in Sheep’s Clothing," arguing that "making tuition free for all students regardless of their income is a missed opportunity to focus resources on the students who need aid the most."


Tools for my Business Intelligence students? (Can we turn these outward?)
How Are You Doing On Instagram? These Websites Will Tell You
… Whether you’re new to Instagram or a long-time user, these websites’ wide array of features are sure to help you better understand your Instagram community and let you know how you did this past year.

No comments: