Think strategically and security breaches take on
a whole different level of risk.
Why Did
China Hack Federal Employees' Data?
… There’s still a great deal that hasn’t
been explained about why and how the hack happened, and whose data
was compromised. (Angry federal employees took to the Facebook
page of the Office of Personnel Management to complain about
feeling left in the dark about the attacks.) There are, however,
some emerging answers to three key questions: Who did it, why, and
how it happened.
Early on, the government fingered Chinese hackers
in the leak. Bruce Schneier has
written for The
Atlantic about the dangers of uncritically accepting initial
attributions for attacks. The Chinese government has also rejected
the claim, saying that it’s a victim of hacking itself. (That’s
probably true—and the U.S. admits
that it also hacks foreign governments.) But officials says
there are fingerprints of known Chinese hackers.
… “They didn’t go to sell the data, which
is what criminal groups usually do,” James Lewis of the Center for
Strategic and International Studies told
The New York Times. The government and outside experts
think that, along with the fact that the leak targeted government
employees suggest an
elaborate effort to build a huge database of information on federal
employees. The data reportedly cover employees going back as
far as 1985, and includes information on employees who applied
for security clearances.
… The government will now institute two-step
verification—a step that longtime Atlantic readers will
remember James
Fallows exhorting them to take as early as the spring of 2011.
… Critics have also wryly noted that a huge
incursion into sensitive employee information tends to undermine the
government’s claims that its intelligence apparatus can protect
huge amounts of personal information swept up in surveillance
dragnets. As
one former senior official told the Times, “The
mystery here is not how they got cleaned out by the Chinese. The
mystery is what took the Chinese so long.”
I'm not sure you can turn off the wipe feature.
Perhaps a custom built browser?
When Joe Cadillic sent me a link to this article,
the headline sounded so far-fetched that I figured it was some wild
conspiracy theory. But it turns out it’s not.
Juliana DeVries reports that people are being
prosecuted under the Sarbanes-Oxley Act for destroying evidence –
including browser history – even if they were unaware that they
were under investigation at the time of the destruction!
The law was, in part, intended to prohibit corporations under federal investigation from shredding incriminating documents. But since Sarbanes-Oxley was passed in 2002 federal prosecutors have applied the law to a wider range of activities. A police officer in Colorado who falsified a report to cover up a brutality case was convicted under the act, as was a woman in Illinois who destroyed her boyfriend’s child pornography.
Prosecutors are able to apply the law broadly because they do not have to show that the person deleting evidence knew there was an investigation underway. In other words, a person could theoretically be charged under Sarbanes-Oxley for deleting her dealer’s number from her phone even if she were unaware that the feds were getting a search warrant to find her marijuana. The application of the law to digital data has been particularly far-reaching because this type of information is so easy to delete. Deleting digital data can inadvertently occur in normal computer use, and often does.
[…]
Hanni Fakhoury, a senior staff attorney at the Electronic Frontier Foundation, says the feds’ broad interpretation of Sarbanes-Oxley in the digital age is part of a wider trend: federal agents’ feeling “entitled” to digital data.
Read more on The
Nation.
As I read this, only law abiding drone operators
would be monitored and controlled. Hijack a drone (or leave off the
communications and control electronics) and like the hijacked planes
of 9/11, there is nothing NASA or the FAA or anyone can do about it.
Here’s another one I missed while I away at the
Health Privacy Summit this week, but thankfully, Joe Cadillic sent it
to me.
Mark Harris reports:
Verizon, the US’s largest wireless telecom company, is developing technology with Nasa to direct and monitor America’s growing fleet of civilian and commercial drones from its network of phone towers.
According to documents obtained by the Guardian, Verizon signed an agreement last year with Nasa “to jointly explore whether cell towers … could support communications and surveillance of unmanned aerial systems (UAS) at low altitudes”.
That $500,000 project is now underway at Nasa’s Ames Research Center in the heart of Silicon Valley. Nasa is planning the first tests of an air traffic control system for drones there this summer, with Verizon scheduled to introduce a concept for using cell coverage for data, navigation, surveillance and tracking of drones by 2017. The phone company is scheduled to finalise its concept by 2019.
Read more on The
Guardian.
Like BitCoins, this moves money outside the
control of governments. Will governments respond? Perhaps I could
combine BitCoins and mobile cash to create my own money? How much
would “One Bob” be worth? On second thought, don't answer that.
Disruptive
Financial Technology Startup – Mobile Payments
by Sabrina
I. Pacifici on Jun 6, 2015
Exponential
Finance: Who Will Be the Instagram or Uber of Finance? – Jason
Dorrier: “Abra
is exemplary of what happens when several digital technologies
converge in one product. Combining an Uber-like peer-to-peer network
with smartphone technology and blockchain, Abra literally stashes
the cash in your pocket on your smartphone. From there, users can
send cash as easy as they send a text. All
this happens without a bank. Abra’s founder, Bill
Barhydt, estimates we’re three years away from wireless
carriers cycling off every feature phone—simple cell phones—sold
when the iPhone and Android first came out. As smartphones become
ubiquitous in the developing world, it’s
possible many of the world’s unbanked billions in developing
countries will skip traditional finance, a little like how they
leapfrogged landlines for cell phones. It’s a radical
thought. But with Abra, it’s plausible that bank-free, digital
cash will be a force to be reckoned with.”
My weekly giggle generator.
Hack
Education Weekly News
… “Washington
State Passes Bill Strengthening Computer Science Education.”
[Actually: would establish
computer science standards, create a computer science teaching
endorsement, and make grants available to train teachers in the
subject in Washington state is now headed to Gov. Jay Inslee for his
signature.
… Via the NSBA’s Legal Clips blog: “Utah
Court of Appeals rules that video from school camera was subject to
FERPA disclosure restrictions because it was an ‘education
record.’”
… “Google
Teams with Udacity to Offer Nanodegrees.” “Thrun
sees nanodegrees as key to ed democratization.”
… “An
Increasingly Popular Job Perk: Online Education.” – “A
partnership between Southern New Hampshire and Anthem Inc., a
health-insurance company, will allow some 55,000 Anthem employees to
earn associate or bachelor’s degrees through the university’s
College for America, a competency-based assessment program.”
… It’s 2015 and school
districts are still freaking out about teachers interacting with
students on social media.
… Via
the BBC: “Schools are being offered new software that helps
teachers spy on pupils’
potentially extremist online activity. It alerts teachers if pupils
use specific terrorism-related terms or phrases or visit extremist
websites on school computers, laptops or tablets.”
… Via
the Orlando Sentinel: “What Orange County students – and
staff – post on social media sites such as Twitter, Facebook and
YouTube is now being monitored
by their school district to ‘ensure safe school
operations.’”
No comments:
Post a Comment