Saturday, May 02, 2015

Unfortunately, your credit card information won't “stay in Vegas.”
A statement from the Hard Rock Hotel & Casino, linked from their home page:
The trust and loyalty of our customers is our highest priority, which is why, as a precautionary measure, we are writing to let you know of a security incident that may have affected your credit card information.
This incident may have allowed criminal hackers access to information about credit or debit cards used at certain Hard Rock Hotel & Casino Las Vegas retail and service locations. The information potentially affected includes names, card numbers, and CVV codes, but does not include PIN numbers or other sensitive customer information.
This criminal attack was limited to credit or debit card transactions between September 3rd, 2014 and April 2nd, 2015 at restaurant, bar and retail locations at the Hard Rock Hotel Las Vegas property, including the Culinary Dropout Restaurant. The attack did not affect transactions at the hotel, casino, Nobu, Affliction, John Varvatos, Rocks, Hart & Huntington Tattoo or Reliquary Spa & Salon.
Read the full statement here.
So far, they do not appear to have disclosed the number of customers who may have been impacted over the seven-month period. Nor did they include the kind of “we have seen no evidence of misuse” type of reassurance that many notifications include.




There never seems to be enough information to answer all my questions.
Heather Hourigan reports that a Fulton High School student has been arrested after hacking into the school’s computer system. The attack, allegedly by Austin Singleton, caused the network to go down for several hours, although personal information was reportedly not affected.
Read more on ABC and KOMU.
While the news stories focus on the student’s arrest, there’s no mention of what his motivation might have been, nor how id was able to sit in a classroom and manage to take down the network. What is the district is doing in terms of its network security to prevent a recurrence?
[From the KOMU article:
Through an investigation, the district's IT department traced the hacking back to a computer in one of the classrooms, where a student was confirmed being logged in on that computer at the time. [Was he at the computer? Was he even in the room? Bob]
[From the ABC article:
Police said 17-year-old, Austin Singleton, maliciously hacked into the Fulton School District's network causing it to go down for several hours.
Fulton superintendent Jacque Cowherd told ABC 17 News this hack did hurt the internal system.
That means student personal information and things of that nature was not compromised. [I can't follow that logic. Bob]
… "We assume that it was malicious, because anytime you take down the system it's malicious and we called the police," said Cowherd.
It was around 6:30 a.m. [What time to they start school in Missouri? Bob] on Thursday when Fulton School officials realized something was wrong with their system.
It was down for about three hours until the IT department pinned who was responsible. [Sounds like it was down only to determine who did it, not for any other reason. Bob]
… However, it happened police said Singleton was found to be the last one on the computer where the hacked originated. [Suggesting he wasn't there when the problem was detected. Bob]




There are probably hundreds of “countdown clocks” in the software – time to next engine maintenance for example. Looks like one of them does more than turn on the “Check engine” light.
Boeing 787s have a software bug that could shut off the plane mid-air
Boeing's 787 Dreamliners have been found to have a software glitch in their systems that could suddenly shut down all electrical power to the plane mid-flight, causing catastrophic situations.
The Federal Aviation Administration (FAA) has issued a warning against the bug after lab tests revealed that the Dreamliners' electrical generators went into a failsafe mode every 248 days or roughly eight months, after which, all four of the plane's main generator control units start to fail simultaneously.
A report on The Verge notes that the temporary solution to the problem is to periodically shut down the power systems. Boeing's own records state that all jets in the fleet have been powered off and turned back on as part of a routine maintenance and therefore, there is no immediate concern of the plane losing power.




Interesting. Imagine your health insurer doing the same thing.
Sean Poulter reports:
Insurers were being probed by police last night over the illegal sale of customer data.
The scam involves brokers passing the personal details of car accident victims to claims management companies.
The ‘cash for crash’ firms then cold-call clients to tout an injury compensation service.
Read more on Daily Mail.




“If at first you don't succeed, try, try again.” I didn't know that was a legal axiom.
Headline: Programmer Convicted in Bizarre Goldman Sachs Case—Again
… Sergey Aleynikov was first convicted in 2011 on espionage and theft-of-trade-secrets charges, stemming from allegations that he stole propriety source code from Goldman Sachs before leaving the firm to take a new job.
The following year, however, a federal appeals court reversed the conviction and Aleynikov’s eight-year sentence after determining that the code he helped develop for the high-speed trading firm was not physical property and therefore he could not be charged under the federal theft statute prosecutors used. The appellate court also ruled that Aleynikov had been wrongly charged and convicted of espionage.
The case drew a lot of attention because, as Aleynikov’s defense attorney argued at the time, the improper use of code should have been handled as a civil matter involving a breach of contract instead of a criminal matter.
The subsequent reversal of his conviction was significant since it set an important precedent for how code was viewed by the courts.
… Shortly after his federal conviction was overturned, the district attorney’s office in Manhattan found state laws under which they could charge him for the “unlawful use of secret scientific material” and the “unlawful duplication of computer related material”.
Today Aleynikov was found guilty under the first charge but acquitted of the second.




A summer reading list for my Computer Security students. All should be available from your local library.
6 Books About Online Privacy & Security You Need to Read




For my researching students. I rely on them to tell me what they like.
5 Apps for Getting More out of Wikipedia
Wikipedia is one of the most popular sites on the planet, and with good reason: it’s the fastest way to get an overview of almost any topic. And while it’s not a site without controversy, it’s hard to imagine the web without it.
Today Cool Websites and Games gives you tools for getting more out of Wikipedia, from alternative interfaces to games that force you to explore articles and think creatively.




For me, because clearly not all my students are getting it.
Improve Your Communication Skills with These 7 Websites
… Known as a “soft skill,” good communication is a subtle force that will open doors professionally, improve your relationships and increase your personal happiness.
These 7 online resources will help you become better at this all-important skill.




I feel the laughs building...
Hack Education Weekly News
… “Education Groups Were The Biggest-Spending Lobbyists In New York Last Year,” reports Buzzfeed’s Molly Hensley-Clancy. The pro-charter school group Families for Excellent Schools, Inc. spent $9.6 million on lobbying in 2014, outspending the next four highest groups on the list combined. [Apparently there is lots of money in trying new things in education. Bob]
Edsurge reports that a school district in Texas is piloting Desmos during the 8th grade STAAR tests as an alternative to graphing calculators.
… The MOOC Research Initiative has released a report on MOOC research – “Preparing for the Digital University,” written by George Siemens, Dragan Gašević, and Shane Dawson. (PDF) Stephen Downes responds in the OLDaily. George Siemens responds on Twitter. Stephen Downes responds in a blog post. George Siemens responds in a blog post. http://hackeducation.com/2015/05/01/hack-education-weekly-news/
Via University World News: “The number of Russian universities will be cut by 40% by the end of 2016, according to Minister of Education and Science Dmitry Livanov. In addition, the number of university branches will be slashed by 80% in the same period.” [Strange. Very strange. Bob]




Someone's mother must be so proud... Just the thing for stuffing into Christmas stockings?
New wearable sniffs your farts to tell you what not to eat
… Currently on Kickstarter, the project has been able to garner only 2 per cent of its fundraising goal with just 20 days more to go.




There are so many organizations I'd like to send this to. (Why do I so often think like Dilbert?)


No comments: