An
apology. Please forgive my earlier post on this topic. I should
have known the Computer Security people at the State Department would
have raised this issue. Just as I should have known they were
ignored.
State
Department cybersecurity staffers warned Hillary Clinton's office
that the secretary's private email service was more vulnerable to
hackers than the agency’s email service, Al Jazeera reported.
“We
tried,” an unnamed current employee told Al Jazeera. “We told
people in her office that it wasn’t a good idea. They were so
uninterested that I doubt the secretary was ever informed.”
…
it’s also led many to wonder whether the secretary exposed
department information to hackers by relying on an email server with
weak security measures.
…
noncommercial servers rarely contain the layers of digital security
offered by commercial data centers. Additionally, State Department
networks benefit from government programs that continuously monitor
for intrusions and unusual activity.
…
The State Department has insisted
no classified emails were sent through Clinton's personal account.
[Lack of a classification
stamp or header does not mean the data contained didn't require
classification. Perhaps when State actually looks at the rest of the
emails they will change their mind? Bob]
Background
for my Computer Security students.
The
History of Biometric Security, and How It’s Being Used Today
…
While law enforcement, and high-security facilities have been using
biometric identification for decades, we’re now living in a world
that is making a real push toward biometrics for both identification
and access-based technology in consumer goods.
This
push is bleeding into consumer markets in the form of fingerprint
scanners for automobiles, laptops and mobile devices, facial
recognition technology in computer software, and iris recognition
used in ATMs in some corners of the globe.
This
should be amusing. Might be fun to sic my Data Analysis students on
it.
Canadian
Journalists for Free Expression (CJFE) is excited to announce the
launch of the Snowden Archive, a comprehensive database of all of the
documents published to date from the Snowden leak.
Created
in partnership with the Faculty of Information at the University of
Toronto, the Archive is the world’s first fully
indexed and searchable collection of publicly released
Snowden documents.
The
Archive is a powerful resource for journalists, researchers and
concerned citizens to find new stories and to delve deeply into the
critically important information about government surveillance
practices made public thanks to Edward Snowden.
…
The Snowden Archive and additional
information on the project can be found at cjfe.org/snowden
For
my Computer Security students. A summary of 600,000+ incidents (all
in 2014).
Annual
Report to Congress: Federal Information Security Management Act
Annual
Report to Congress, February 27, 2015: “As cyber threats
continue to evolve, the Federal Government is embarking on a number
of initiatives to protect Federal information and assets and improve
the resilience of Federal networks. OMB, in coordination with its
partners at the National Security Council (NSC), the Department of
Homeland Security (DHS), and other agencies, helps drive these
efforts in its role overseeing the implementation of programs to
combat cyber vulnerabilities and threats to Federal systems.
…
The fiscal year (FY) 2014 FISMA report provides metrics on Federal
cybersecurity incidents, the efforts being undertaken to mitigate
them and prevent future incidents, and agency progress in
implementing cybersecurity policies and programs to protect their
networks. FY2014 proved to be a year of continued progress toward
the Administration’s Cybersecurity Cross Agency Priority (CAP)
Goal, which requires
agencies to “Know Your Network” (Information Security
Continuous Monitoring), “Know
Your Users” (Strong Authentication), and “Know
Your Traffic” (Trusted Internet Connection Consolidation
and Capabilities).”
(Related)
What makes this report worth $4300? (I'll probably never know)
Identity
Fraud Cost U.S. Consumers $16 billion in 2014
Identity
thieves were busy during 2014, but a new study estimates that U.S.
consumers actually suffered fewer losses than in the past.
According
to the 2015 Identity Fraud Study from Javelin Strategy &
Research, the number of identity fraud victims decreased slightly
last year, dropping by three percent from 2013. All totaled, Javelin
estimates 12.7 million U.S. consumers were victimized in identity
theft in 2014, compared to 13.1 million the previous year. Total
fraud losses fell as well, dropping from $18 billion in 2013 to $16
billion in 2014.
The
joys of Big Data.
Bob
Parks reports:
The NYPD is paying $442,500 for a three-year subscription to Vigilant
Solutions’ database of 2.2 billion licence plate images of cars
across America, according to Ars
Technica. Advocates in law enforcement say the tool will help
find suspects faster. Privacy advocates contend it could
dramatically increase the police’s ability to catalog and predict
the movements of everyday Americans.
Read
more on BoingBoing.
[From
the Ars Technica article:
"It
could take a decade or more for a constitutional challenge to
warrantless license plate tracking to reach the Supreme Court, if it
ever does," she wrote by e-mail. "In the meantime, police
nationwide have far too much power to track the movements of totally
law abiding people. Legislatures in the states and congress must act
quickly to pass laws bringing license plate reader technology in line
with the golden rule of American criminal jurisprudence: the probable
cause warrant."
…
According to the New
York Daily News, the NYPD will soon have access to the
Vigilant database that will allow investigators to “virtually
stake out a location." The system also alerts law
enforcement when a wanted vehicle turns up well outside of the Big
Apple. Vigilant’s software even includes the ability to perform
“associate analysis” to figure
out who that target frequently drives with. [Meaning
“drives where the suspect drives?” Bob]
…
Vigilant requires that its licensees—law enforcement agencies—not
talk publicly about its LPR database. According to the 2014 edition
of its terms
and conditions: "This prohibition is specifically intended
to prohibit users from cooperating with any media outlet to bring
attention to LEARN or LEARN-NVLS."
Privacy
down under.
Caroline
Bush and Amanda Graham of Clayton Utz write:
Although there is some legislative protection for Australians’
personal information, it doesn’t extend to every instance of what
might be considered as an invasion of privacy. Courts in the United
Kingdom have found that the cause of action of breach of confidence
may provide a remedy for people who are seeking to protect their
privacy in the absence of a statutory cause of action – and
Australian courts are beginning to follow them, as the recent Western
Australian decision of Wilson v Ferguson [2015] WASC 15
highlights.
Read
more on Clayton
Utz.
Privacy
across the pond.
Jennifer
Baker reports:
Activists have leaked the latest draft of Europe’s planned data
protection law – which is supposed to safeguard Europeans’
personal information when in the hands of businesses and governments.
The proposed rules have been agreed by the European Parliament. Now
Euro nations’ government ministers, who sit on the Council of the
European Union, are tearing the text apart, and rewriting large
chunks of it.
The 305-page
document [PDF] – obtained and published by Privacy
International, EDRi, Access and the Panoptykon Foundation – shows
the changes put forward by the council. The
four civil-liberties groups say ministers are effectively ruining any
chance of real data protection in the EU.
Read
more on The
Register.
The
law is imperfect and there is a difference between legal and wise.
This may be a good article to start that discussion. What would have
tipped this over the edge?
Stephanie
Castillo reports:
The University of Oregon (UO) is under fire for using a student rape
victim’s therapy records against her after she sued the campus for
mishandling her sexual assault case.
[…]
FERPA is a federal law that protects the privacy of students’
“education records.” These records refer to records directly
related to a student, plus records “maintained by an educational
agency or institution or by a party acting for the agency of
institution,” the U.S
Department of Education reported. While medical and
psychological treatment records are not defined as education records
at colleges and universities, “an eligible student’s treatment
records may be disclosed for purpose other than the student’s
treatment, provided the records are disclosed under one of the
exceptions to written consent.” One
such exception is a lawsuit.
Read
more on Medical
Daily.
“One
must keep one's largest market.” That rule overrides the “One
must protect customer privacy.”
Apple
already agreed to the tough Chinese rules that Obama is furious about
Obama's
sharp criticism on China's new rules for foreign technology companies
has been undermined by the
fact that Apple has already agreed to the plans, Quartz reports.
…
As
previously reported, Apple agreed in January to allow the Chinese
authorities to conduct "security audits" on its products to
ensure it's not sharing user data with the US government.
(Related)
On the other hand...
Alibaba
opens first U.S. data center, challenging Amazon in the cloud
Alibaba
is opening a data center in Silicon Valley — its first outside of
China — stepping up its competition with Amazon and ultimately
hoping to get U.S. companies to start using its cloud computing
services.
The
company’s Aliyun cloud-computing subsidiary announced
the move overnight, describing it as part of a new effort to
serve customers globally. A spokeswoman says the company “will
initially target Chinese enterprises based in the United States with
the plan to gradually expand its products and services to
international clients in the second half of this year.”
Higher
prices have support, but what about splitting that revenue?
…
Compensation for songwriters whenever a song is bought online or in
a CD is set by the federal Copyright Royalty Board and is currently
9.1 cents. Critics say that's far too low and argue that the market
-- not the government -- ought to be setting the prices for how much
songs are worth. The Songwriter Equity Act would have the Copyright
Royalty Board set compensation levels equivalent to their fair market
value. It would also broaden the scope of evidence that the federal
rate court can look at when determining how much to pay songwriters
when their songs are performed publicly.
How
Boeing gathers Big Data.
Why
big data matters to Boeing, and what it means for your next flight
…
“On a plane where we have 8,000 sensors capturing the 8,000 data
points per second … if we extrapolate that for more than 5,000
planes … and optimizing that and providing sort of real-time
optimization, (that) is where there is a huge benefit for our
customers,” said Rao. “But it is also a great opportunity for
our company as far as a revenue generation standpoint.”
In
total, Rao said Boeing is sitting on a treasure trove of about 100
Petabytes of data, and now the company is looking to
unlock that in new ways, benefiting its carrier customers and future
flyers.
Taylor
Swift has good IP lawyers?
Taylor
Swift, Trademarks and Music’s New Branding Model
If
you’re ready to “party like its 1989,” you’ll have to talk to
Taylor Swift first. The pop star recently applied to trademark that
phrase and others related to her songs — a move that marks a shift
in the industry, as artists, songwriters and music publishers
increasingly become independent brands.
…
Swift’s trademark quest could work out fine, or it could backfire,
according to R.
Polk Wagner, a professor at the University of Pennsylvania Law
School
…
“It’s a smart move,” adds Christopher
Jon Sprigman, law professor at New York University’s School of
Law
Interesting
Reid
Hoffman’s Two Rules for Strategy Decisions
Reid
Hoffman — the co-founder and chairman of LinkedIn and partner at
the venture capital firm Greylock — is a preeminent Silicon Valley
strategist.
…
Reid’s first principle is speed.
One of his most popular quotes is, “If you aren’t embarrassed by
the first version of your product, you shipped too late.” Another
is, “In founding a startup, you throw yourself off a cliff and
build an airplane on the way down.”
…
Reid’s second principle is simplicity
— simplicity enables speed.
Pour
le encourage les students. AT least my geeky students.
Developing
IoT Apps Is Easier Than You Think
Want
to develop IoT apps but put off by the complexity? It's actually
quite easy, if you let IoT development platforms do all of the heavy
lifting.
…
For enterprises, the promise of the
Internet of Things is clear: by sensing (and to a lesser extent
controlling) the physical world through networked "things"
it is possible to exploit previously invisible opportunities, expand
revenue and optimize operational systems and processes.
Networkable
sensors (and these could be anything from cameras and GPS receivers
to temperature, pressure or humidity sensors) are available off the
shelf and are cheap to buy. They may also be incorporated into
equipment your company already owns or purchases, like vending
machines, vehicles or refrigeration units.
Tools
for my students. Make that outline look geekier?
Two
Tools for Turning Outlines Into Mind Maps
Some
students prefer to see ideas organized in an outline style while
others see large concepts better when they're in a mind map format.
Text
2 Mind Map and MindMeister's
Google Docs Add-on bridge the gap between the outline format and
the mind map format. Both tools allow you to type an outline then
see that outline turned into a mind map.
To
create a mind map on Text
2 Mind Map type out an outline in the text box. After typing
your outline click "draw mind map" to have your mind map
created for you. If after creating your mind map you need to add
more elements to just add them into your outline and click "draw
mind map" again. Your mind map can be downloaded as a PDF or
PNG file. The mind maps that you create on Text 2 Mind Map can also
be shared via email, Facebook, or Twitter.
To
create a mind map with MindMeister's Google Docs Add-on create a
bullet point list in your document. Highlight your list then select
the MindMeister Add-on and click "insert as mind map." A
mind map will then be generated based on your list. There are a
couple of tips to note about MindMeister's Add-on. First, you cannot
edit the position of cells in the mind map. Second, you must use
bullet points or number lists generated by the list menus in Google
Docs. I tried just selecting a list without the bullet points and
MindMeister didn't create a mind map for me.
Another
tool for my students.
How
to Emulate Android and Run Android Apps on Your PC
In
many cases, Android apps are superior to desktop apps. They’re
compact, often better written, and have a low resource footprint.
…
several methods are available for you to choose from that will
enable you to run virtually any Android app on Windows, Linux, or Mac
OS X.
For
the Unix students.
Linux
Treasures: 11 Sublime Native Linux Apps That Will Make You Want To
Switch
For
my Ethical Hackers? Sometimes just one idea is worth reading the
article.
5
Email Tools & Utilities You Should Try
Have
you ever been in a situation where you needed to find
the email address of someone at a company, but you couldn’t
find it? Or perhaps you just need a faster way to look for the
address? Then Thrust is your go-to service.
Just
enter the person’s name and the company they work for, and Thrust
will start looking for their email. When it has found it, there will
be a clickable link to open a new email window with the address
already pre-populated and ready to go.
A
tool of immediate value to my students. (Hint, hint!)
Tagboard
- Follow Hashtags from Multiple Networks in One Place
Tagboard
is one of the tools that we looked at today in my NCTIES15
workshop about blogs and social media. Tagboard
is a free tool
that allows you to enter any hashtag like #NCTIES15 and view all of
the Tweets, Instagram pictures, Facebook posts, Google+ posts, and
Vine posts associated with that hashtag. All of the posts are
displayed in a bulletin board/ grid display. You can reTweet and or
reply to messages while viewing Tagboard, provided that you are
signed into your Twitter account.
One
of the things that I always mention in my talk about online personal
learning networks is that you don't have to always be connected in
order to benefit from having an online PLN. You can check in for
fifteen to thirty minutes per day during the commercial breaks of
your favorite television show and glean a lot of useful information
in that time. A tool like Tagboard
could enable to you catch up even faster because you will see more
messages in the same amount of screen space. You can also
participate in multiple social networks from the same screen while
using Tagboard.
Dilbert
explains the downside of discriminating against women.
No comments:
Post a Comment