Not sure of these statistics, or why they need to
be in this article. This kind of article panics CEO's to no purpose.
Humans: A
Data Security Strategy's Worst Enemy
… Sixty
percent of hackers can breach an organization's system
defenses within minutes. Risks and security incidents used to be
managed on a case-by-case basis, but that's no longer a viable
option. The number of security incidents increased by
48
percent from 2013 to 2014, and notable companies
including
Adobe, eBay, Target, and The Home Depot were among the victims.
… Training your employees to create strong
passwords and to securely share information is critical. Small
business owners must address any weaknesses among their employees.
But the question remains; how can you hold your employees accountable
for information security if you haven’t defined their
responsibilities? The
answer is simple; you can't.
(Related) and a follow-up.
Iain Thomson reports:
Iowa state lottery’s IT security boss hacked his employer’s computer system, and rigged the lottery so he could buy a winning ticket in a subsequent draw.
On Tuesday, at the Polk County Courthouse in Des Moines, Iowa, the disgraced director of information security was found guilty of fraud.
Eddie Tipton, 52, installed a hidden rootkit on a computer system run by the Multi-State Lottery Association so he could secretly alter the lottery’s random number generator, the court heard. This allowed him to calculate the numbers that would be drawn in the state’s Hot Lotto games, and therefore buy a winning ticket beforehand.
Read more on The
Register.
Difficult job.
http://www.theatlantic.com/technology/archive/2015/07/secret-service-online-threat-president/399179/
The Secret
Agents Who Stake Out the Ugliest Corners of the Internet
When President Obama launched his
Twitter account in May, people noticed his rapid
accumulation of followers, a silly
back-and-forth with President Clinton, but also something more
serious: the number
of hostile and threatening messages directed at the president.
… Context is crucial for evaluating the
seriousness of threats—both digital and analog—but online threats
offer a slightly different set of contextual clues than their offline
counterparts. And while much of the hate-filled commentary on the
Internet is routinely written off as hyperbole and ranting, threats
directed at the president are not so easily dismissed. So, every
day, the Secret Service Internet Threat Desk is faced with the
unenviable task of taking seriously some of the most extreme online
rhetoric and trying to identify potential assassins or terrorists in
the deluge of venomous messages directed at the president and his
family.
Just a reminder to my lawyer friends: There's this
new thing called encryption, it's available free and you could avoid
all this notifying and apologizing stuff. (I'm betting this was a
partner because underlings would not risk their job by failing to
secure the data.)
The California law firm of Atkinson,
Andelson, Loya, Ruud & Romo is notifying
clients after a personal laptop belonging to a member of the firm was
stolen while the attorney was on the MTS Trolley in downtown San
Diego on April 23.
Since that time, the firm has been working with
law enforcement but, to date, they have been unable to locate or
recover the stolen laptop computer.
According to the notification
letter signed by James H. Palmer, their General Counsel:
Working with outside computer forensic experts, we have confirmed that the laptop may have contained confidential information. We believe based on that investigation that the laptop contained personally identifiable information, including names, addresses, telephone numbers and social security numbers. The laptop did not contain driver’s license numbers but may have contained certain financial information and/or medical records of individuals. We have no reason to believe that the laptop was stolen for the information it contained. We also have no information indicating that this information has been accessed or used in any way.
Those being notified are offered free credit
monitoring and protection services with ID Experts service, MyIDCare.
Completely unrelated to the article above.
Honest!
Helen Lewis has a lengthy, and thought-provoking
piece on Nieman Reports that asks,
Journalists have been accused of invading privacy, threatening national security, and breaching copyright by publishing such stories, and their sources might lose their jobs, their freedom, or even their lives. So how should reporters and editors decide whether to publish and how much to redact? And what technical know-how do they need to protect whistleblowers?
It’s an issue I grapple with every week, if not
every day, and while I’ve established a general “policy” for my
sites based on my ethical standards and understanding of journalistic
ethics, I understand that others in the same position may reach very
different conclusions about what to do in any one situation.
Read more on Nieman
Reports.
To offer a worthwhile opinion of this article,
you'd need an expert in both Privacy and Anti-trust. Fortunately,
there is such an expert just down the road at the Sturm College of
Law and I can probably get Professor Soma to explain all this over
lunch. (And I'm always ready for a good lunch)
By Maureen K. Ohlhausen and Alexander Okuliar
in Antitrust Law Journal No. 1 (2015)
in Antitrust Law Journal No. 1 (2015)
Abstract:
Many people view Samuel Warren and Louis Brandeis’s 1890 work, The Right to Privacy, as the starting point for the consumer privacy laws in the United States. Warren and Brandeis’s concerns about the ability of technology to invade the private sphere continue to resonate today, 125 years later. The technology encroaching on privacy now is, of course, the Internet – or, to be more precise, the technologies that permit the tracking and aggregation of individual consumers’ online behavior and that support the many services that financially sustain the broader Internet ecosystem. As was the case in Warren and Brandeis’s day, numerous proposals have surfaced for how to defend expectations of personal privacy while still realizing the benefits of commercialized technology. Those defending free market principles argue that the best solution is little-to-no government intervention – consumer demand for privacy will create a market for privacy protections. Other commentators propose increased governmental scrutiny of the collection and use of consumer data online, and some even advocate unifying the competition and consumer protection laws to examine privacy through a competition lens. We focus this paper on evaluating this last proposal.
This article proceeds in three main parts. We begin with the historical development of privacy protections in the United States and the tension between privacy concerns and the growing value of consumer data in the digital arena. Next, we explore how the agencies and courts have applied the FTC Act and antitrust law in this area over the years and the reasoning behind the bifurcation of the FTC Act into separate spheres of competition and consumer protection law. This explains the historical separation of privacy as a consumer expectation from commercialized privacy and data. Third, we synthesize analytical factors from the historical approaches to privacy and offer them as guidance for distinguishing between competition and consumer protection issues at the intersection of competition law, consumer protection law, and privacy
Download the full article from FTC’s
site.
For my Ethical Hacking students: Write an App that
causes the bad guy's phone to dial the law enforcement agency of your
choice. Hard to believe this comes up very often
Kevin Koeninger reports:
A person who “pocket-dials” a third party during a conversation does not have a reasonable expectation of privacy, the Sixth Circuit ruled.
A panel determined that widespread knowledge of accidental calling and the availability of preventative measures mean that an individual on the receiving end of such a call does not violate privacy laws by recording the conversation. [Translation: If you screw up your security, don't ask the court for retroactive protection. Bob]
Read more about Huff v. Spaw on
Courthouse
News.
India (the government anyway) says any Right to
Privacy is not intentional.
The Tribune of India reports:
The central government told the Supreme Court on Wednesday that the right to privacy was not a fundamental right under the Constitution.
Central government’s arguments came when a Bench headed by Justice J Chelameswar and also composed of Justices SA Bobde and C Nagappan was hearing several petitions challenging the decision of some states to make Aadhaar cards compulsory for a several benefits such as salary, PF disbursements and marriage and property registration.
“Right to privacy is not a fundamental right under our Constitution. It flows from one right to another right. Constitution makers did not intend to make Right to Privacy a fundamental right. There is no fundamental right to privacy so these petitions under Article 32 should be dismissed,” Attorney General Mukul Rohatgi argued, adding that the Right to Privacy could be invoked to scrap the Aadhar scheme.
Read more on The
Tribune (India)
Some courts (Ninth Circuit) are headed that way.
On July 8, in noting NTEU’s lawsuit over the OPM
hack, I had questioned
the suit’s claim that the government breach constituted a
violation of their “constitutional right to informational privacy.”
Jennifer E. Canfield of Montgomery McCracken
Walker & Rhoads LLP also picked up on that point and discusses
the issue on Montgomery McCracken Data
Privacy Alert.
Any restriction has to be rational.
Jared Owens reports:
The NSW Court of Criminal Appeal has unanimously overturned a controversial decision that confined police use of surveillance devices to prosecuting the most serious offences, such as murder, terrorism and organised crime.
The judgment, handed down early this month, clears the way for listening devices to be used to obtain admissions from suspects for any indictable offence, even if they have asserted their right to silence.
Read more on The
Australian.
Might make an interesting demonstration for my
Computer Forensics students. All my students actually.
Google –
Download your past searches
by Sabrina
I. Pacifici on Jul 22, 2015
Google:
“You can download all of your past searches. This gives you access
to your data when and where you want.
Download a copy of your past searches
- Visit your Web & App Activity page.
- In the top right corner of the page, touch Menu > Download searches.
- Choose Create Archive.
- When the download is complete, you’ll get an email confirmation with a link to the data.
Note: Downloading your past
searches does not delete it from your Web & App Activity page.
Learn how to delete
your searches and browsing activity.
Where your downloaded data goes
When you download your past searches, a copy of
your activity will be saved securely to the Takeout folder in Google
Drive. You can download
the files to your computer if you want a copy on your computer.
Depending on the amount of data you’re downloading, you may be have
more than one file in your Takeout folder with your activity in it.”
I would not have thought first of Sony as a drone
company. Is “autopilot” legal in the US?
Sony to
Swoop Into Drone Market for Business Customers
Sony
Corp. is
starting a drone subsidiary to serve business customers, a foray into
a frontier already crowded with upstarts and technology giants.
Sony said on Wednesday it plans to create a drone
company called Aerosense through a joint venture with Tokyo-based
startup ZMP Inc., which specializes in autopilot technology.
Aerosense will offer services such as inspecting aged infrastructure
and surveying land that is difficult to access.
Confusing. At what point does an encounter turn
into an “arrest?” Is a traffic stop not recordable? What if you
happen to be talking to your attorney? (Not while driving of
course.)
Did Sandra
Bland have a right to record her police confrontation? Maybe not.
… "Get off the phone!" the officer,
Brian Encinia, told Bland after she got out of the car.
"I'm not on the phone. I have a right to
record, this is my property," Bland responded.
"Put your phone down, right now!"
Encinia ordered.
But did Bland actually have a right to record the
encounter? Maybe not.
"There are narrow circumstances in which
police can interfere with your right to record, and the
fact that they are arresting you is one of them,"
said Jay Stanley, a senior policy analyst with the American Civil
Liberties Union. "Without commenting on the specifics of this
case, if a police officer is in the course of arresting a person it's
legitimate for them to order the person to put down a device. But
it's not legitimate for the police officer to ask you to put down a
phone just for the purpose of prohibiting photography."
...or maybe we could gang a bunch of Smartphones
together and build our own Watson?
Your
Smartphone Will Power Stephen Hawking's Massive Extraterrestrial
Search
A $100 million alien life form search backed by
famed scientist Professor Stephen Hawking and web billionaire Yuri
Milner simply
would not work without the public’s computer processing power
– and you have the opportunity to participate with your PC, Mac,
tablet or even your phone.
Leaders
of the massive Breakthrough Listen search have rightly put
crowdsourced processing – and open source computing – front and
center in their 10 year search for extra terrestrial life.
… The project
will use the BOINC (Berkeley Open Infrastructure for Network
Computing) collaborative processing platform which is available to a
number of astrophysics, medical and mathematical endeavours. The
free BOINC app is available
for Android phones (alas, not iPhones) and the computer download is
here.
The cellphone app relies on Wifi and promises not to eat up phone
data.
I like the cars, can I afford the stock? Will
investing in cars you want to drive, rather than driverless cars,
still be a good idea when the states start forcing them off the road?
Might be useful for students or teachers.
50+ Google
Tools Tutorial Videos
Earlier today I conducted three webinars about
various Google tools for teachers. Each of those webinars was only
thirty minutes long so there wasn't a lot of time for individual
questions. Since the webinars ended I've had a bunch of emails from
folks looking for more instruction. My playlist of Google tools
tutorials currently has more than 50 videos covering topics like
Google Sites, Blogger, YouTube tricks, Google Calendar settings, and
Google Drive features. The playlist can be found
here
Should make for some interesting student
“research.”
AP Video
Archive available on YouTube
by Sabrina
I. Pacifici on Jul 22, 2015
The rise of video is undeniable – search has
progressively moved from words and concepts to images – and the AP
Archive is yet another example a shift from reading to watching. Via
YouTube – “The AP
Archive is the film and video archive of The Associated Press —
the world’s largest and oldest news agency. The entire AP Archive
collection [170,000 video clips] is now viewable on YouTube. New
material is added every day.” Google owns YouTube.
“He manages best who manages least?” OR “Go
away, Bob!”
No comments:
Post a Comment