Privacy
Breaches
Friday,
November 6, 2015 10:00AM — 1:00 PM Followed by lunch∙
Privacy
Foundation at the University of Denver Sturm College of Law,
Ricketson Law Building, Room 290, 2255 E Evans Avenue, Denver,
Colorado 80208
Register
online at http://dughost.imodules.com/privacybreaches
or contact Privacy Foundation Administrator Anne Beblavi at
abeblavi@law.du.edu
Seminar,
CLE (3 hrs. pending) & Lunch $30 Free for DU Faculty &
Students
Interesting how quickly they are rolling up the
hackers. Makes me think it was a very amateurish hack – and
therefore TalkTalk's security was equally amateurish. Plenty
happening to keep this in the news.
TalkTalk
hack: MPs launch inquiry after police make fourth arrest
… To get a better grasp of the situation, the
UK's cross-party Culture, Media and Sport Committee has launched
an inquiry today into the recent attack. While TalkTalk is the
focal point -- MPs will look at the "nature" of the hack
and TalkTalk's response -- it'll also be considering the telecoms and
internet service provider (ISP) industry as a whole. Specifically,
the Committee wants to know what measures are being taken to stop
these sorts of breaches, how much money businesses are investing in
their defences, and whether response protocols could be improved.
Police have now arrested four individuals as part
of its ongoing investigation. Yesterday evening, detectives used a
search warrant at an address in Norwich, apprehending a
16-year-old boy in the process. He's suspected of Computer
Misuse Act offences and has since been released on bail. Officers
say he will likely be recalled in late March next year. A further
three arrests have taken place over the last 10 days; a 15-year-old
boy from Northern Ireland, a 16-year-old
from London and a 20-year-old
man from South Staffordshire. Police
haven't revealed their identities or drawn
any connections between them -- the short timeframe for
the arrests, however, points
to the involvement of an organised hacker group. [Or
multiple, unconnected hacks? Bob]
The vets in my classes are still a bit pissed at
OPM. This is just another indication of really poor management.
Dustin Volz reports:
Fewer than a quarter of 21 million federal workers hit by a major computer hack have been officially told that their personal information was compromised, six months after the breach was detected, a U.S. government official said on Tuesday.
About 5 million notifications about the hack have been sent out so far, a spokesperson for the U.S. Office of Personnel Management (OPM) told Reuters in an email.
Read more on Reuters.
[From
the article:
The Defense Information Systems Agency in
September awarded a $1.8 million contract to Advanced Onion, a
technology firm, to help locate and notify victims of the OPM breach,
which exposed names, addresses, Social Security numbers and other
sensitive information of current and former federal employees and
contractors. About 5.6 million fingerprints were pilfered, an
upwardly revised number from an initial estimate of 1.1
million.
… Despite the precaution, a prominent
cybersecurity researcher said on Monday there was no indication any
hacked OPM data was for sale on the black market, reaffirming the
likelihood that the hackers were working for a foreign country.
For my Computer Security students. How will you
defend, detect and mitigate?
FFIEC
Releases Statement on Cyber Attacks Involving Extortion
by Sabrina
I. Pacifici on Nov 3, 2015
“The Federal Financial Institutions Examination
Council (FFIEC) members today issued a statement alerting financial
institutions to the increasing
frequency and severity of cyber attacks involving extortion.
The statement describes steps financial institutions should take to
respond to these attacks and highlights resources institutions can
use to mitigate the risks posed by such attacks. Cyber attacks
against financial institutions to extort payment in return for the
release of sensitive information are increasing. Financial
institutions should address this threat by conducting ongoing
cybersecurity risk assessments and monitoring of controls and
information systems. In addition, financial institutions should have
effective business continuity plans to respond to this type of cyber
attack to ensure resiliency of operations. Financial institutions
are also encouraged to notify law enforcement and their primary
regulator or regulators of a cyber attack involving extortion. More
information about financial institution cybersecurity, including
information about mitigating the effects of destructive malware and
other threats, is available from the FFIEC at
www.ffiec.gov/cybersecurity.htm.”
Also for my Computer Security students: It is
possible your best efforts are not going to be enough.
Could the
Sony Hack Happen at Other Tech Firms?
Almost one year ago, a group of hackers with an
alleged connection to North Korea hacked
into the servers of Sony Pictures. The consequences of the
breach are still being felt: in
leaked scripts, in
terminated executives, in
class-action lawsuits, in
Jennifer Lawrence’s salary.
In our unscientific survey of technology industry
leaders, we asked: Could hackers pull off a similar attack on your
company?
The
overwhelming reply: Any
company is
vulnerable to such a hack.
(Related) Any company... (Holy mackerel snapper,
Batman!)
Shelley Chandler reports:
Investigators with the Vatican City police force arrested a high-ranking member of the clergy along with a Vatican employee for leaking confidential documents.
Read more on Wireless
Goodness.
Computer facilitated crime. See if you can find
what may have caused the exchanges to notice his trading.
High-frequency
trader convicted in first U.S. spoofing case
A jury on Tuesday convicted high-frequency trader
Michael Coscia of commodities fraud and "spoofing", in the
U.S. government's first
criminal prosecution of the banned trading practice.
… Coscia, owner of New Jersey-based Panther
Energy Trading, was accused of entering large orders into futures
markets in 2011 that he never intended to execute. His goal,
prosecutors said, was to lure other traders to markets by creating an
illusion of demand so that he could make money on smaller trades, a
practice known as spoofing.
… The trial spanned seven days, but the jury
in Chicago convicted Coscia on six counts of commodities fraud and
six counts of spoofing, all of the charges he had faced, after
deliberating for just about an hour.
… Coscia's firm had fewer than 10 employees.
However, he "entered
more large orders than anyone else in the world" in
nearly a dozen CME Group Inc markets ranging from corn and soybeans
to gold after he began using two algorithmic trading programs in
August 2011, prosecutors said during the trial.
… Coscia's case is U.S. v. Coscia,
14-cr-00551, U.S. District Court, Northern District of Illinois.
Perspective. The world is changing fast, Congress
is only half-fast at keeping up. However, I don't think new
technologies always need new rules. Some procedures/words may
change, but the concepts do not.
Amazon,
Apple and Google Unite Behind Financial Innovation Coalition
… “A technological transformation is going
to make financial services more accessible, more affordable and more
secure,” said Brian Peters, executive director of Financial
Innovation Now. “The challenge in Washington is making sure
policy-makers understand that, and they’re comfortable with it, and
they don’t apply old
rules to new technology.”
The contours of a changing world are already
visible: More than 2,500 banks and credit unions support Apple’s
mobile payments system, ApplePay, which is on track to be accepted at
some 1.5 million retail locations by the end of the year. Online
crowdfunding site Kickstarter helped raise more than $2 billion in
pledges for some 95,000 projects, while the peer-to-peer lending
marketplace LendingClub originated some $2.2 billion in loans in the
last quarter alone.
Goldman Sachs estimates $4.7 trillion in revenue
could be up for grabs as technology upends borrowing, lending, making
payments and investing.
We seem to be at the dawn of research via social
networks. Collectively, they probably reveal all our secrets.
From the University of Rochester:
Instagram could offer a novel way of monitoring the drinking habits of teenagers.
Using photos and text from Instagram, a team of researchers from the University of Rochester has shown that this data can not only expose patterns of underage drinking more cheaply and faster than conventional surveys, but also find new patterns, such as what alcohol brands or types are favored by different demographic groups. The researchers say they hope exposing these patterns could help develop effective intervention. [And better marketing to underage drinkers! Bob]
Read more on U.
Rochester.
I probably spend 60% of my “teaching” time
working at home – planning classes, grading papers, researching
resources, answering student questions, etc.
In US
Telecommuting for Work Climbs to 37%
by Sabrina
I. Pacifici on Nov 3, 2015
Gallup
– Jeffrey M. Jones – Thirty-seven
percent of U.S. workers say they have telecommuted, up slightly from
30% last decade but four times greater than the 9% found in 1995.
- Average worker telecommutes two days per month
- 46% of telecommuters do so during the workday
- Most say telecommuters just as productive as other employees
Thirty-seven percent of U.S. workers say they have
telecommuted, up slightly from 30% last decade but four times greater
than the 9% found in 1995. These results are based on Gallup’s
annual Work and Education poll, conducted Aug. 5-9. Technology has
made telecommuting easier for workers, and most companies seem
willing to let workers do their work remotely, at least on an
occasional basis if the position allows for it. Even though
telecommuting has become more common, the growth in the practice
appears to have leveled off in recent years. It is unclear how much
more prevalent telecommuting can become because it is really only
feasible for workers who primarily work in offices using a computer
to perform most of their work duties. Along these lines,
telecommuting is much more common among those who have had more
formal education, those who are upper-income and those who have
white-collar professions…”
I don't think this means we have all the Big Data
questions solved, but it might suggest where we are headed next.
Top 10
Rising and Falling Buzzwords in Tech Job Postings
… For the study,
Textio tracked more than 50,000 unique phrases commonly seen in tech
job listings, said Kieran Snyder, the company’s chief executive
officer. The startup compiled a list of terms that experienced the
biggest changes in impact, positively and negatively, over the last
year. Among the five biggest losers, none were turn-offs to job
candidates in 2014, which shows how fast the industry changes. Among
the top five buzzwords, only two were even on the map a year ago,
Snyder said.
Rising
Artificial
intelligence, Real-time data, High availability, Robust and
scalable, Inclusive
Falling
Big
data, Virtual team or V-team, Troubleshooting, Subject matter
expert, Drug-free workplace
Interesting, but I have a canned reply for 90% of
my school emails – “Yes, I'm quite sure you got an “F.” No,
I won't change it.”
Google's
New AI Will Reply to Your Emails so You Don't Have To
Later this week people who have the Inbox email
program on their iPhones or Android devices will soon have a new
option when it comes to replying to emails. Instead of coming up
with their own responses on their mobile devices, they’ll get to
choose between three options created by a neural network built
by Google researchers. Google claims it has built an AI that can
read incoming emails, understand them, and generate a short,
appropriate response that the recipient can then edit or send with
just a click.
… Compounding all of this is the issue of
privacy. Because Google can’t let its researchers read your
emails, it can’t actually check to see if its AIs are generating
the right responses outside of the researchers’ emails. And once
Google solved that problem, it found that its replies in many cases
were variations on the same reply, which wasn’t really very
helpful. The company had to build another neural network to teach
the computer how to recognize semantically similar replies and
discard those so it would come up with three different options for
the user to choose from.
Finally it had a surprising issue in that one of
the replies was almost always “I love you.” [Something
I never say to students. Bob]
On occasion, I am surprised by new applications of
technology. I shouldn't be, it's just another way for marketing to
get inside my head.
Marketers
Should Pay Attention to fMRI
Despite its popularity in academic settings,
functional magnetic resonance imaging (fMRI) machines are rarely used
as a marketing tool in the corporate world.
… Academic researchers are often attracted to
fMRI for its comprehensive ability to investigate a range of neural
activity across the entire brain. But for a CMO weighing costs
against immediate benefits, the cost of an fMRI-based study might
seem prohibitive. fMRI studies depend on access to specialized
equipment most commonly found in medical or university settings, and
the scanners require significant training to operate. Analyzing the
resulting data also takes expertise and time. What’s more, despite
being at least three times more expensive than traditional methods,
there has been scant evidence that fMRI reveals anything beyond what
could be learned by just asking people for their opinions, making the
technique hard to justify in a commercial setting.
We believe that may be about to change.
A number of recent studies suggest that neural
data recorded from relatively small groups of people (<30 ad="" and="" anti-smoking="" been="" behavior="" behavioral="" better="" but="" campaigns.="" can="" charity="" data="" donations="" even="" fmri="" from="" has="" in="" it="" market-level="" marketing="" music="" not="" of="" only="" outperform="" p="" persuasiveness="" predict="" predicting="" relative="" sales="" scans="" shown="" than="" the="" to="" tools.="" traditional="">
30>
Windows 10 is inevitable. Resistance is futile.
OEMs to
stop selling PCs with Windows 7 by October 31, 2016
In February last
year, Microsoft said that it would give a one year warning of
when systems with Windows 7 preinstalled would no longer be available
from OEMs. That time has finally come to pass. As spotted
by Ed Bott, there's now a date after which Windows 7 OEM
preinstalls will no longer be available: October 31, 2016.
That same date will also apply to Windows 8.1.
Windows 8 preinstalls will end a few months earlier than
that, June 30, 2016. This means that after October 31 next year, the
only version of Windows that will be available on a new system from a
PC builder will be Windows 10.
No comments:
Post a Comment