OPM's version of events.
Information
about OPM Cybersecurity Incidents
by Sabrina
I. Pacifici on Jul 10, 2015
(Related) If OPM had a Board of Directors, would
they fire all the senior managers?
Add Adam Shostack’s post to your must-read list.
Here’s a snippet:
The National Journal published A Timeline of Government Data Breaches:
I asked after the root cause, and Rich Bejtlich responded “The root cause is a focus on locking doors and windows while intruders are still in the house” with a pointer to his “Continuous Diagnostic Monitoring Does Not Detect Hackers.”
And while I agree with Richard’s point in that post, I don’t think that’s the root cause. When I think about root cause, I think about approaches like Five Whys or Ishikawa. If we apply this sort of approach then we can ask, “Why were foreigners able to download the OPM database?” There are numerous paths that we might take….
Keep reading on Emergent
Chaos.
(Related)
Julie Hirschfield Davis reports:
Katherine
Archuleta, the director of the Office of Personnel Management,
resigned under pressure
on Friday, one day after the government revealed that two sweeping
cyberintrusions at the agency had resulted in the theft of the
personal information of more than 22 million people, including those
who had applied for sensitive security clearances.
Ms.
Archuleta went to the White House on Friday morning to inform
President Obama that she was stepping down immediately. She said
later in a statement that she felt new leadership was needed at the
federal personnel agency to enable it to “move beyond the current
challenges.”
Read more on The
New York Times.
I can see a few holes in this procedure. Probably
the FBI will ask for several months to check for records they should
already have in their possession.
The man accused of
killing nine people in a historically black church in South Carolina
last month should not have been able to buy the gun he used in the
attack, the F.B.I.
said Friday, in what was the latest acknowledgment of flaws in the
national background check system.
A loophole in the system and an error by the
F.B.I. allowed the man, Dylann Roof, to buy the .45-caliber handgun
despite having previously admitted to drug possession, officials
said.
Mr. Roof first tried to buy the gun on April 11,
from a dealer in South Carolina. The F.B.I., which conducts
background checks for gun sales, did not give the dealer approval to
proceed with the purchase because the bureau needed to do more
investigating about Mr. Roof’s s criminal history.
Under federal law, the F.B.I. has three days to
determine whether there is sufficient evidence to deny the purchase.
If the bureau cannot come up with an answer, the purchaser can return
to the dealer and buy the gun.
In the case of Mr.
Roof, the F.B.I. failed to gain access to a police report in which he
admitted to having been in possession of a controlled substance,
which would have disqualified him from purchasing the weapon. The
F.B.I. said that confusion about where the arrest had occurred had
prevented it from acquiring the arrest record in a timely fashion.
Mr. Roof’s application was not resolved within
the three-day limit because the F.B.I. was still trying to get the
arrest record, and he returned to store and was sold the gun.
Just another Thing on the Internet of Things?
There's a lot of money flowing alongside the data.
Carmakers
want to build a data business. So far they’re screwing it up.
In a move that will surprise no one, automakers
want to become a platform and plan to do this by limiting the data
they share with Apple and Google.
… The idea is that customers want to use their
smart phones as navigation devices and as the link to their music and
entertainment accounts–a battle carmakers lost by being slow to
adopt new technology and by charging a pretty penny for things like
upgraded map CDs—but auto companies still have detailed engine,
braking and other highly useful and technical data they can share
about the car’s performance and history. And that data is worth
something
… The stakes are potentially huge: General
Motors Co told investors earlier this year that it expects to realize
an additional $350 million in revenue over three years from the
high-speed data connections it is building into its cars.
Consultant AlixPartners estimates global revenues
from digitally connected cars will grow in value to $40 billion a
year worldwide by 2018, from $16 billion in 2013
(Related) So how can my students tap into that
money?
Cutting
through Internet of Things Hype
The Internet of Things
topped Gartner's list of most-hyped technologies last summer. But
compelling business cases for IoT are beginning to emerge.
… Dan Vesset, an
analyst at International Data Corp.,
stressed the importance of data monetization for IoT, focusing on how
it could be harnessed by media and other content-centric businesses
to add value. Citing Clive Humby, who is credited with saying that
data
is the new oil, Vesset used an oil refinery example.
"Data is valuable like crude oil, but it is
unrefined and has to be processed into valuable products," he
said. "That means it has to be broken down, analyzed and
reassembled."
… a company named
Schneider Electric
intends to literally build
a better mousetrap. Unlike the refrigeration case, an
IoT-enabled mousetrap offers significant business potential. By
adding sensors to traps, it becomes possible to offer a rodent
removal service rather than just selling traps. This switches the
business model from a one-time sale to a monthly subscription fee.
… Schneider Electric
it takings its realization that services are more important than
devices to other aspects of its electronics business. Instead of
selling thermostats, it’s now giving them away free to companies
that will pay a monthly subscription fee. To make this work, they
added sensors to the devices so they can detect sound, motion and
temperature.
If the temperature drops or no sound and motion
are detected, the system is programmed to conserve energy. The value
proposition: The company
guarantees a 20 percent energy reduction, which typically yields
greater savings than the monthly charge.
Interesting. Backup
power to the cellphone towers? Is 8 hours reasonable? After
hurricane Katrina, didn't it take a few weeks?
As landline phones move toward operation over the
Internet, the Federal Communications Commission wants to make sure
those lines are still able to get a signal during a power outage.
FCC Chairman Tom Wheeler on Friday proposed new
rules that would force phone providers to offer backup power for
customers to buy as they transition away from copper lines.
"IP-based
home voice services are more vulnerable to outages during
emergencies than their copper predecessors," FCC Chairman Tom
Wheeler said in a blog post.
… Phone companies would have to offer
customers the chance to purchase eight hours of backup power for an
emergency. That number would increase to 24 hours of backup power in
three years.
Gee, it must be
Saturday...
Hack
Education Weekly News
… “Texas’
New History Textbooks Are a Disaster.” “Louisiana
schools gain greater oversight, can now select textbooks.”
Gee, what could go wrong. Elsewhere in textbooks: “The
Great Common Core Textbook Swindle.”
… Via
The Chronicle of Higher Education: “The average amount that
college students spend on course materials appears to be declining.
But not necessarily because textbooks are cheaper. A growing number
of students, surveys show, simply skip buying required course
materials.”
… A
school district in Iowa will put body cameras on principals.
“The district spent about $1,100 to purchase 13 cameras at about
$85 each. They record with a date and time stamp, can be clipped
onto ties or lanyards, and can be turned on and off as needed. For
now, they won't be used to record all interactions with adults,”
says
The Atlantic. Body cameras on cops and body cameras on
principals – go ahead and make the connection about what that makes
schools…
… Carnegie Mellon
University plans to install sensors all over its campus, thanks to
$500,000 in funding from Google. According
to The Chronicle of Higher Education, “campus could be wired
with temperature sensors, cameras, microphones, humidity sensors,
vibration sensors, and more in order to provide people with
information about the physical world around them. Students could
determine whether their professors were in their offices, or see what
friends were available for lunch.” Gee, how did universities ever
survive without this.
No comments:
Post a Comment