For
my Ethical Hackers, another example of “low hanging fruit.”
Before you lay siege to the castle, ask if anyone would be kind
enough to lower the drawbridge for you.
Taylor
Amerding reports:
Plenty of people are careless with their own personal passwords –
using the same one for multiple sites, and/or making them so simple
that they are comically easy to crack – but hardly anyone would
intentionally sell them for a few bucks to someone they know would
use them to do them harm.
Apparently, however, some of them don’t have those qualms about
selling corporate passwords. A recent global survey
of 1,000 employees at large (more than 3,000 workers) organizations,
commissioned by vendor SailPoint, found that one
in seven would sell their password to an outsider for as little as
$150.
Read
more on CSO.
My
answer has always been “No!” Management is responsible for
ensuring the security is adequate and continues to operate correctly
– before there is a breach.
Krishna
Bahirwani reports:
Black Hat Asia ended with a discussion started by Black Hat founder
Jeff Moss on if security providers, should be held liable for data
breaches, because of the critical data they claim to “secure”.
The recent number of hacking incidents everywhere have made this a
widespread issue and security professionals worldwide have voiced
their opinions.
Read
more on DNA
India.
So
facial recognition is used to match the photo on the US passport with
the face of the person in front of the TSA agent? Has anyone ever
tried to enter the US this way?
DHS
– Privacy Impact Assessment for the U.S. Customs and Border
Protection
by
Sabrina
I. Pacifici on Apr 5, 2015
Privacy
Impact Assessment for the U.S. Customs and Border Protection 1:1
Facial Recognition Air Entry Pilot, DHS/CBP/PIA-025. March 11,
2015.
“The
U.S. Customs and Border Protection (CBP) is conducting the 1:1 Facial
Recognition Air Entry Pilot to allow Customs and Border Protection
Officers stationed at air ports of entry to use
facial recognition technology as a tool to assist them in determining
whether an individual presenting themselves with a valid U.S.
electronic passport is the same individual photographed in that
passport. The operational goals of this pilot are to
determine the viability of facial recognition as a technology to
assist Customs Border Patrol Officers in identifying possible
imposters using U.S. e-passports to enter the United States and
determine if facial recognition technology can be incorporated into
current CBP entry processing with acceptable impacts to processing
time and the traveling public while effectively providing CBPOs with
a tool to counter imposters using valid U.S. travel documents. CBP
is publishing this Privacy Impact Assessment to evaluate the privacy
risks of using facial recognition software at an air port of entry.”
Some
of the most highly sought after data, from some of the least secure
devices.
Heathcare
Internet of Things
by
Sabrina
I. Pacifici on Apr 5, 2015
Heathcare
Internet of Things – Jason Healey, Neal Pollard, and Beau
Woods.
“The
Internet of Things (IoT) of digital, networked technology is quickly
moving to the forefront of society, the global economy, and the human
experience. The IoT sometimes refers to colossal, impersonal
concepts like connecting electricity grids to the Internet for
economic or environmental considerations. But the IoT can be
intensely personal as well. In the world of healthcare, software
engineers are weaving networked medical devices into the fabric of
the IoT. These devices, which can be worn or even implanted inside
the body, are used to medicate, treat diseases, and maintain general
health and wellness. This report, a collaboration between Intel
Security and Atlantic Council’s Cyber Statecraft Initiative at the
Brent Scowcroft Center on International Security, explores
security risks and opportunities that networked medical
devices offer to society. It also provides recommendations for
industry, regulators, and medical professionals to maximize value to
patients while minimizing security risks arising from software,
firmware, and communication technology across these devices.
Individuals wear networked devices to learn more about themselves,
their diet, their exercise regimen, and their vital signs. Doctors
can adjust and optimize implanted medical devices, such as
pacemakers, quickly and accurately— and often with no need for
intrusive medical procedures. In hospitals, new devices network to
provide more effective and less expensive monitoring and treatments.
According to one estimate, these technologies could save $63 billion
in healthcare costs over the next fifteen years, with a 15-30 percent
reduction in hospital equipment costs.”
Perspective.
The
Office of the Australian Information Commissioner (OAIC) has issued
updates to the Australian Privacy Principle (APP) guidelines. The
APP guidelines were released in February 2014 ahead of the
commencement of privacy law reform, and are the primary guidance for
entities in how to interpret and comply with the APPs. These updates
have been made following feedback from stakeholders throughout the
first year of the new privacy laws.
…
to update guidance about ‘reasonable steps’ and examples for
consistency with the OAIC’s Guide
to securing personal information (2015).
…
A summary of the changes and a link to previous versions of these
Chapters of the guidelines is available on the APP
guidelines page of our website.
SOURCE:
Office of the Australian Information Commissioner’s Office
Think
of the requirement for a “certain kind of crazy.”
Zachary
D Spilman writes:
There is an interesting article about mental health issues in the
recent issue of the Military Law Review: Major Cara-Ann M. Hamaguchi,
A Precarious Balance: Managing Stigma, Confidentiality, and
Command Awareness in the Mental Health Arena, 222 Mil. L. Rev.
156 (Winter 2015) (available
here).
The article:
examines the conflict between privacy and the military mission, and
advocates for a better balance between the two by centralizing
information for commanders and establishing specific administrative
consequences for commanders and leaders who fail to respect
established privacy standards. This article also examines the
current uses of mental-health information for mission and readiness
requirements, and calls for more transparency for Soldiers. While
parts of this article apply to the entire spectrum of mental
conditions and disorders, this article focuses specifically on
combat-stress and Post Traumatic Stress Disorder (PTSD).
Read
more on the National Institute of Military Justice Blog CAAFlog.
Lawmakers
know better than the cop on the scene? Blind obedience to orders?
Are we going crazy?
Vegas
woman gets $200 distracted driving ticket for applying lip balm at a
red light
…
Stephanie Fragoso, 37, thought it was just another day at the wheel.
She was driving to take care of something at the Department of Motor
Vehicles, of all places, when she pulled away from an intersection,
and the officer who had stopped at the red light next to her pulled
her over.
He
told Fragoso that she was getting a ticket because she was putting on
makeup.
“I
said no, I was putting on Chapstick,” Fragoso told The Washington
Post.
Plus,
she was stopped at a red light. A red light!
…
Laws banning texting
or using a cellphone while driving have become ubiquitous. But
the one that snared Fragoso goes even further. And this week, police
in Las Vegas were cracking down: Fragaso said the officer told her
that drivers caught with
their hands anywhere but on the wheel were liable to be ticketed.
Tools
& Techniques.
How
to Share Your Windows Clipboard with Your Android Device & Vice
Versa
…
If you’re an Apple user, you may already know how to sync
your Mac and iOS clipboards. What about for Windows and Android
though? Among some incredible
clipboard managing tools you can use to become a cpro
at managing your clipboard, there are a few good options for
syncing
your clipboard.
…
Keep reading to find out the good, the bad and the ugly about these
five clipboard syncing tools.
For
my SciFi students.
Education
in Science Fiction
Arguably
the first work of science fiction, Frankenstein is a story
about technology and education (and monsters).
As a fan of the genre, I’m probably just as interested in the
depiction of education in science fiction as I am in the historical
and present-day narratives about education technology. I’m
particularly interested in how these are intertwined – Salman
Khan’s invocation of Ender’s Game, for example.
I
asked for recommendations on ed-tech SF on Twitter the other day (I
storified
the responses).
Now
I’ve started a bibliography,
building a list of novels, short stories, and movies that explore
education’s future. (Not all of these fit neatly into the SF
genre.)
For
my students. Could this be applied to other subjects?
Is
it Possible to Learn Spanish in Just 10 Days?
The
idea of learning
a new language in just 10 days sounds absurd. Learning a new
language completely will certainly take longer than that, but you if
done correctly, you can actually manage to lay down a solid
groundwork and actually begin speaking
Spanish (you may be able to apply these techniques to other
languages, too).
So
how can you pull this off? Just check out the infographic below and
follow the steps. Before you know it, you’ll be ready to talk in a
language other than your native one.
Via
Thomas
Cook
For
my Math students.
GraphFree
- An Online Graphing Tool for Students and Teachers
GraphFree
is a new online graphing tool for students and teachers. On
GraphFree students can enter plot graph points manually or enter an
equation or function to see a graph generated. Each
graph can then be saved as an image to use in a document, a
presentation, or in a SMART Notebook folder. GraphFree
provides a helpful gallery of tutorial videos and an extensive
guide for new users.
GraphFree
provides a nice alternative to some expensive graphing calculators
and apps. For a lot of high school students GraphFree will provide
all of the functions that they need. GraphFree can also be used by
teachers to simply download a blank graph to use for in-class
graphing assignments done on paper.
Chromebook
users might also want to take a look at these
Chrome apps for graphing.
Interesting.
Analyzing an “online footprint.” There IS an App
for that, but only the pointy haired manager would rely on it like
this. Business Intelligence students, take note!
No comments:
Post a Comment