Another article for my IT Governance and Risk
management class.
Hackers
force Polish airline to cancel flights
Poland's LOT airline was forced to cancel around
10 foreign and domestic flights after hackers attacked its computers
on Sunday.
Airline spokesman Adrian Kubicki said the attack
temporarily paralyzed LOT's computers at Warsaw's Frederic Chopin
airport, disrupting the processing of passengers for the flights.
… LOT Airlines said no airborne planes were
affected.
A representative at LOT told CBS News on Monday
morning that the hackers attacked the airline's internet network,
affecting email and web access in their offices. It was not a
targeted attack to their flight plan computers.
The biggest effect, the airline official said, was
that they could not issue flight plans during the outage.
Do they have photos in these files? If not, I
guess I could get them from a Facebook page. Any Intelligence
service would be happy to have full dossiers on everyone who works
for a target.
Report –
hacker had access to U.S. security clearance data for one year
by Sabrina
I. Pacifici on Jun 21, 2015
Follow up to previous posting, Massive
hack of federal personnel files included security-clearance database,
again via Washington
Post: “The recently disclosed breach of the Office of Personnel
Management’s security-clearance computer system took place a year
ago, giving Chinese
government intruders access to sensitive data for a year,
according to new information. The considerable lag time between
breach and discovery means that the adversary had more time to pull
off a cyber-heist of consequence, said Stewart Baker, a former
National Security Agency general counsel. “The longer you have to
exfiltrate the data, the more you can take,” he said. “If you’ve
got a year to map the network, to look at the file structures, to
consult with experts and then go in and pack up stuff, you’re not
going to miss the most valuable files.”
Why would my Ethical Hacking students (for
example) be free to reverse engineer software when a government
agency, doing exactly the same thing, have to jump through hoops?
Have we lost perspective or does someone want to sell consulting
services to GCHQ? Perhaps they just want to deflect the kind of
lawsuits that the FBI seems to attract. See the next couple of
articles.
Andrew Fishman and Glenn Greenwald report:
British spies have received government permission to intensively study software programs for ways to infiltrate and take control of computers. The GCHQ spy agency was vulnerable to legal action for the hacking efforts, known as “reverse engineering,” since such activity could have violated copyright law. But GCHQ sought and obtained a legally questionable warrant from the Foreign Secretary in an attempt to immunize itself from legal liability.
GCHQ’s reverse engineering targeted a wide range of popular software products for compromise, including online bulletin board systems, commercial encryption software and anti-virus programs. Reverse engineering “is essential in order to be able to exploit such software and prevent detection of our activities,” the electronic spy agency said in a warrant renewal application.
Read more on The
Intercept.
“We don't have to explain why we put people on
the no-fly list and we don't have to explain why we take people off
the no-fly list. We're the US government and we do whatever we damn
well want to do!”
From Papers, Please!
Four days before a Federal judge was scheduled to hear arguments in a lawsuit brought by four Muslim US citizens who were placed on the US government’s “no-fly” list to try to pressure them into becoming informants for the FBI, the government has notified the plaintiffs in the case that all of them have been removed from the no-fly list.
The plaintiffs in Tanvir v. Lynch are continuing to press their claims, as are other US citizens challenging their placement on the no-fly list in retaliation for declining to inform on their friends, families, communities, and fellow worshippers. But we expect that, as has been its pattern, the government defendants will now try to get the case dismissed as “moot“.
Read more on Papers,
Please!
(Related) “We don't want anyone to know what we
do because we might have to stop it.”
DOJ
Prevailed Over Google on Email Privacy Case
by Sabrina
I. Pacifici on Jun 21, 2015
Ryan
Gallagher – The Intercept: “The Obama administration
fought a legal battle against Google to secretly obtain the email
records of a security researcher and journalist associated with
WikiLeaks. Newly unsealed court documents obtained
by The Intercept reveal the Justice Department won an
order forcing Google to turn over more than one year’s worth of
data from the Gmail account of Jacob Appelbaum (pictured above), a
developer for the Tor
online anonymity project who has worked with WikiLeaks as a
volunteer. The order also gagged Google, preventing it from
notifying Appelbaum that his records had been provided to the
government. The surveillance of Appelbaum’s Gmail account was tied
to the Justice Department’s long-running criminal investigation of
WikiLeaks, which began in 2010 following the transparency group’s
publication of a large cache of U.S. government diplomatic cables….”
[From
the article:
The Justice Department argued in the case that
Appelbaum had “no reasonable expectation of privacy” over his
email records under the Fourth Amendment, which protects against
unreasonable searches and seizures. Rather than seeking a search
warrant that would require it to show probable cause that he had
committed a crime, the government instead sought and received an
order to obtain the data under a lesser
standard, requiring only “reasonable grounds” to believe that
the records were “relevant and material” to an ongoing criminal
investigation.
Sounds like a tool for cults to ensure their mind
control is working.
Joe Cadillic writes:
Soon every churchgoer will be identified by facial recognition software! You read that right, churches will soon be using facial recognition software to identify you and your family.
The company website brags: “First of its kind, Churchix provides you with accurate data on members attendance in your events and services. The software also allows you to sort and manage your videos and photos.”
“Churchix was originally developed by us for a chain of international churches, which wanted to follow up with membership attendance at its events. Today it’s being used at a number of other churches in the US and in Indonesia” Moshe Greenshpan, the company’s CEO said.
Read more on MassPrivateI
“Hey guys! Look what I just noticed.” But if
you are dead, you forfeit your privacy rights?
Emily Nitcher reports:
Citing a federal law that has been on the books for 21 years, the Arkansas State Police began earlier this month withholding nearly all personal information from vehicle crash reports available to the public.
The agency contends the 1994 Drivers Privacy Protection Act, which prohibits personal information from motor vehicle reports from being made public, also covers police crash reports.
Read more on Arkansas
Online.
[From
the article:
The new policy means the
only personal information available on state police crash reports are
the names and hometowns of fatalities. All other
information, including the names of other drivers and passengers, is
withheld.
Critics of the new practice, which has already
been included in a lawsuit against the state police over its records
disclosures, are skeptical about the application of the federal law
and the 21-year delay in enforcing it.
Don't mess with Taylor! Some smart entrepreneur
will ask Taylor what the ideal music payment model (or models) should
be and thereby own the market. (I'm assuming she has some really
smart lawyers.)
Apple will
pay artists during three-month trial after Taylor Swift open letter
No more bad blood: Apple senior executive Eddy Cue
announced on Twitter that Apple Music will pay artists during the
service’s free, three-month trial period. The reversal of policy
comes one day after Taylor
Swift wrote an indictment of Apple Music on Tumblr titled “Dear
Apple, Love Taylor.”
… In an interview with Billboard, Cue
said it was Swift’s letter that spurred the company to make its
decision. “When I woke up this morning and saw what Taylor had
written, it really solidified that we needed a change,” Cue said.
“And so that’s why we decide we will now pay artists during the
trial period.”
Wally sounds like my students. They wait until
class starts to ask me if it is Okay to submit their papers late.
(It is not) I find it frustrating, they find it hurts their grades.
No comments:
Post a Comment