Saturday, February 28, 2015

Dumb and Dumber strike again? It's hard to escape technology.
GPS led to arrests in Denver jewelry heist
… Authorities say quick actions from Denver investigators and OnStar led to the arrest
… The robbers fled in a red SUV that was recovered in an alley nearby. A records checked determined that the owner of the Blazer was an Aurora resident, who told police he sold the car the following day to the suspects after he placed an ad on Craigslist.
The suspects came to the purchase in a newer Cadillac SUV with California plates. Law enforcement was able to determine the California license plate number and traced it back to a car rented Enterprise-Rent-A-Car in San Francisco.
Investigators then quickly contacted OnStar and determined that the SUV was driving in a southbound direction on Interstate 80 near Roseville, CA. The California Highway Patrol attempted to make contact with the Cadillac SUV, but the suspects fled, leading authorities on a high-speed chase which ended in a crash in the San Francisco area. The five were taken into custody after a short foot pursuit.


A small breach that raises a question...
Uber security breach may have affected up to 50,000 drivers
… In a statement, Uber’s managing counsel of data privacy, Katherine Tassi, said the company discovered on Sept. 17, 2014, that one of its many databases could have potentially been accessed because one of the encryption keys required to unlock it had been compromised. Upon further investigation, it found the database had been accessed once by an unauthorized third party on May 13, 2014.
The company said it could not say how the security vulnerability was first discovered because the matter was under investigation. [Suggests it was not Uber that discovered the breach Bob]

(Related) ...how aggressive should a breached organization be and will the courts support their quest for breach evidence?
FORK ME! Uber hauls GitHub into court to find who hacked database of 50,000 drivers
… The ride-booking app maker is trying to force GitHub [PDF] to hand over the IP addresses of anyone who visited a particular gist post between March and September last year.


If companies don't adopt Best Practices, governments will force them to.
Scott Weinstein of McDermott Will & Emery writes:
In the wake of recent breaches of personally identifiable information (PII) suffered by health insurance companies located in their states, the New Jersey Legislature passed, and the Connecticut General Assembly will consider legislation that requires health insurance companies offering health benefits within these states to encrypt certain types of PII, including social security numbers, addresses and health information. New Jersey joins a growing number of states (including California (e.g., 1798.81.5), Massachusetts (e.g., 17.03) and Nevada (e.g., 603A.215)) that require organizations that store and transmit PII to implement data security safeguards. Massachusetts’ data security law, for example, requires any person or entity that owns or licenses certain PII about a resident of the Commonwealth to, if “technically feasible” (i.e., a reasonable technological means is available), encrypt information stored on laptops and other portable devices and encrypt transmitted records and files that will travel over public networks. Unlike Massachusetts’ law New Jersey’s new encryption law only applies to health insurance carriers that are authorized to issue health benefits in New Jersey (N.J. Stat. Ann. § 56:8-196) but requires health insurance carriers to encrypt records with the PII protected by the statute when stored on any end-user systems and devices, and when transmitted electronically over public networks (e.g., N.J. Stat. Ann. § 56.8-197).
Read more on National Law Review.


Does this include TSA looking for nervous passengers?
EPIC Files Lawsuit for Details About Government “Pre-crime” Program
“EPIC has filed a Freedom of Information Act lawsuit about “Future Attribute Screening Technology”, a “Minority Report” program that purports to identify individuals who will commit crimes in the future. EPIC filed the complaint after the DHS failed to respond to EPIC’s FOIA request for information. EPIC charged that the agency uses secret algorithms to identify behavioral “abnormalities” that the agency claims indicate “mal intent.” “Minority Report” is a 2002 movie with Tom Cruise about “a special police unit is able to arrest murderers before they commit their crime.”


If this happened in a third world country, would the US be “suggesting” regime change?
Putin critic, Russian opposition leader Boris Nemtsov killed in Moscow


Cheap labor ain't so cheap any more? Competing for workers by offering minimum wage isn't working.
TJX to raise base pay to $9 an hour
… The announcement comes a week after Walmart announced pay increase.


Fun Facts? Not exactly Big Data, but could serve for a PDF scraping exercise.
Colorado releases trove of marijuana data
… Colorado's Marijuana Enforcement Division unveiled an official report documenting a trove of information about marijuana and edible pot sales, the size of the industry, and testing results.
… The state of Colorado was cranking out almost 17,000 new plants each day at the end of 2014.


Tools for my programming students?
8 of the Best Free Collaborative Tools For Programmers
… you’ll soon reap the benefits of the web apps I’m about to show you. If they seem weird or useless at first, just give them a few days to prove how useful they can be.


More for the student toolkit.
How to Search the Content of Your Files on Windows
… By default, Windows won’t look at the internals of every single file when performing your search. However, there is a way to enable this.
Not only can the Windows search be improved, but there are third-party programs that might offer you better search experiences.


Humor weekly.
Hack Education Weekly News
… The US Department of Education released model Terms of Service guidance “aimed at helping schools and districts protect student privacy while using online educational services and applications.” (It’s, um, interesting that the “best practice” guidelines suggest that TOS should say schools – not students – own the data, including all IP.)
… Much like its neighbor state Wyoming, Colorado is now looking at allowing concealed weapons at K–12 schools, repealing a law that makes schools “gun-free zones”. [Why should kids be the only ones with guns? Bob]
… Well here’s another business opportunity for MOOC providers: the Corrective Education Company offers online courses for those busted for shoplifting. Via Slate: [Is this extortion? Bob]
Imagine you're browsing at Bloomingdale's when a security guard taps you on the shoulder and accuses you of shoplifting. He takes you to a private room, sits you down, and runs your name through a database to see if you have any outstanding warrants. Then he tells you that you have two options. The first involves him calling the police, who might arrest you and take you to jail. The second allows you to walk out of the store immediately, no questions asked - right after you sign an admission of guilt and agree to pay $320 to take an online course designed to make you never want to steal again.
IBM is working with Elemental Path to build toys that use its Watson AI technology. The toys “will be capable of engaging in age-appropriate conversations with children.” What could possibly go wrong.
… A study by Jonathan Supovitz, Alan Daly and Miguel del Fresno looks at how Twitter has shaped debates about the Common Core. #thankstwitter

No comments: