The curse of Las Vegas? Amateurs can't be
trusted?
CT Lottery:
Game suspended after terminals ‘manipulated’
The CT Lottery has temporarily suspended the sales
and cashing of its “5 Card Cash” because “some retailers may
have intentionally manipulated the reporting mechanism on the
terminal for their own personal benefit.”
It says new software is being changed “to
further enhance the security features of the game.”
The Department
of Consumer Protection believes some
retailers may have intentionally manipulated the reporting mechanism
on the terminal to win. DCP Commissioner Jonathan A.
Harris said in a statement “the department is investigating the
matter.”
For my Computer Security students, even though
it's really about management. This also happens with software
licenses. At some companies, it happen every year when the license
expires. Every! Year!
Lapsed
Apple certificate triggers massive Mac app fiasco
A lapsed Apple digital certificate today triggered
a massive app fiasco that prevented Mac users from running software
they'd purchased from the Mac App Store.
"Whenever you download an app from the Mac
App Store, the app provides a cryptographically-signed receipt,"
explained Paul Haddad, a co-founder of Tapbots,
the company behind the popular Tweetbot Twitter
client, in an email reply to questions today. "These receipts
are signed with various certificates with different expiration dates.
One of those is the 'Mac App Store Receipt Signing;' that expires
every two years. That certificate expired on 'Nov 11 21:58:01 2015
GMT,' which caused most existing App Store receipts to no longer be
considered valid."
Whoops.
The result: Bedlam.
Until Apple
replaced the expired certificate, users who booted up their Macs
today were unable to launch the apps they had bought through the Mac
App Store, the OS X version of the iPhone's distribution portal.
But even after Apple replaced the outdated
certificate, many apps still refused to run or threw off scary error
messages, including one that said the app was "damaged and can't
be opened," and others that said the app was already being used
on another Mac, when it was, in fact, not.
Another paper for my Computer Security students.
Emerging
Cyber Threats Report 2016 – Impact of The Internet of Things
by Sabrina
I. Pacifici on Nov 12, 2015
Georgia
Institute of Technology Cybersecurity Summit 2015– “The
intersection of the physical and digital world continued to deepen in
2015. The adoption of network- connected devices and sensors — the
Internet of Things — accelerated and was expected to reach nearly 5
billion devices by the end of the year. The collection and analysis
of big datasets shed light on a variety of subjects, from profiling
consumers’ buying habits to forecasting the loss of Arctic ice.
Companies, from Google to Apple to traditional car makers, focused
greater efforts on creating autonomous vehicles with a near-term goal
of a driverless car on the road by 2020. These trends continue
despite obvious dangers. Ever-present devices and online tracking
allow us to measure our activities, but give other third-parties
unprecedented access to monitor those same habits. Automated systems
are increasingly removing humans from operational loops, making
everything from driving cars to diagnosing diseases less prone to
human error, but at the same time, requiring that each device be
trusted — a technology safeguard that does not yet fully exist.
Attackers have shown that these dangers are not just theoretical.
Online espionage groups exploited the trust relationship between two
background-check suppliers and the U.S. Office of Personnel
Management (OPM), leading to the exfiltration of perhaps the most
significant cache of U.S.-focused intelligence to date. Two security
researchers hacked a GMC Jeep Cherokee while a journalist was
driving, resulting in a government-mandated recall of 1.5 million
cars. To understand the dangers posed by our increasingly digital
world, we need to study and define both the potential problems and
necessary solutions. The annual Georgia Tech Cyber Security Summit
(GTCSS) on Oct. 28, 2015 provided an opportunity for experts from
academia, private industry and government agencies to come together
and prepare for the challenges we face in securing an ever-more
complex society. This is the 13th year that the Georgia Institute of
Technology has hosted the event to support efforts to develop bold,
new technologies and strategies that ensure the safety and security
of government, industry and individuals..”
For all my IT students, but Computer Security in
particular.
The Ethics
Conversation We’re Not Having About Data
… From a data perspective, the news about
Ashley Madison is
the most cogent. This scandal may seem irrelevant to those who
disdain the site’s shady business model, but you really should be
paying attention. Here are five reasons why:
- Customers of the website presumably believe that the site owner has a strong desire to keep their data private. The website still fails to fend off hackers.
- Users who presume they are anonymous because they use pseudonyms on their profiles learn that data analysts have uncovered their identities via credit cards, and even stored the information in the databases.
- When customers ask for data deletion, even after these users pay the website to remove their data, the data continue to reside on the servers.
- Technologists discover that the programmers have made certain mistakes that allow over 10 million scrambled passwords to be decoded.
- After the hackers release the stolen data to the public, a horde of investigators immediately obtain the data, with the intention of discovering embarrassing personal details. These analysts see it as a rare opportunity to lay their hands on a massive, real-world dataset that typically is guarded tightly by businesses.
Amazing graphics. (and a new recording for my
answering machine!) Does it even hint that Microsoft will lead us
into the Promised Privacy Paradise?
Kieren McCarthy reports:
Microsoft has published what can only be described as a privacy manifesto.
The unusual online screed comes complete with interactive graphics, including a recording of the FISA court’s voicemail, and appears geared at pitching Microsoft as the protector of people’s global data.
Read more on The
Register.
Privacy for those who don't think about privacy.
(And for my Computer Security students as a training tool!)
Privacy
Online Explained by Common Craft
Have you or your students ever wondered what
happens to all of the data collected by your web browsing habits? Or
have you wondered why Facebook shows you one set of advertisements
while a friend sitting next to you might see completely different
advertisements? It all comes down to data collection and online
privacy. In their latest video Common
Craft explains how privacy online is different than it is in the
real world, what happens to your online data, and how that data was
captured to begin with.
[The
video: https://www.commoncraft.com/video/privacy-online
An example of (not much) Privacy.
Joel Hruska writes:
New research from Avast reveals just how easily compromised many so-called “smart” TVs actually are, as well as how little your consent to being tracked actually matters. This hack is unrelated to the investigation we discussed yesterday, concerning Vizio’s decision to sell identifiable user data to third-parties and advertisers, though many of these issues are interrelated.
Read more on ExtremeTech.
A question for those Balkinizing the Internet.
How granular can we get. Will Centennial enact laws that conflict
with Denver and have no relationship to federal law?
Andrew Blake reports:
Internet regulators in the Kremlin said this week that Twitter must begin storing the details of Russian users at facilities located within the country, walking back an earlier decision not to force the company into complying with a controversial, recently enacted data law.
Read more on Washington
Times.
What if the driver was asleep in the back seat?
How did the officer “flag down” the car? Does it respond to
lights and sirens? Was someone watching a “cop cam” remotely?
Google
self-driving car pulled over for going too slow
Beep, beep. A Google driverless car was pulled
over in California. The problem? It was going too slow.
An officer in Mountain View, Calif., apparently
saw traffic backed up behind the little, white vehicle. The car was
traveling 24 mph in a stretch where the posted speed limit was 35
mph.
The officer realized it was self-driving car and
pulled it over. The officer then “made contact with the operators
to learn more about how the car was choosing speeds along certain
roadways and to educated the operators about impeding traffic,”
according to a post
on the police department’s blog.
The car’s defense — its speed limit is set at
25 mph for “safety reasons,” according to a Google+ page.
Perspective. Clearly, I'm completely out of
touch. What's a spotty fly?
Leaning
power: Spotify names its most streamed track of all time
What might you think would be Spotify’s most
popular track ever? Stairway to Heaven by Led Zeppelin, often
claimed to be the greatest rock song of all time, and one of the most
played on the radio? Michael Jackson’s Thriller, the title track
of the biggest-selling album ever? Or Bing Crosby’s White
Christmas, the most popular single of all time?
Answer: none of the above. In fact it’s a song
released earlier this year, that didn’t
top the charts in either the US or the UK, and which was
released independently.
Lean On, by Major Lazer & DJ Snake (with MØ)
has now received 526m plays worldwide, according to Spotify,
overtaking the previous record holder, Thinking Out Loud by Ed
Sheeran.
Colorado: toy supplier to the galaxy?
Sphero BB-8
is the 'Star Wars' toy you're looking for (hands-on)
When the "Star
Wars: The Force Awakens" trailer dropped last November, one
little astromech droid was the talk of the town: BB-8, the adorable
spherical robot spotted zipping along the desert landscape.
The robot itself was designed and puppeteered by
LucasFilm, but an actual working life-size model for public
appearances was created by Colorado-based toy robot company
Sphero. It was a perfect fit. Sphero's
eponymous robot launched in 2011, a sphere that could be
remote-controlled via a smartphone app.
Now that rolling toy has been adapted into a
pint-sized BB-8, with an accompanying app that allows you to drive it
around and send it on tiny adventures, coming in at a suggested
retail price of $150, AU$250 or £130.
Imagine instantaneous communication over any
distance.
Entanglement:
A Milestone for Quantum Mechanics
A Dutch research team has proven a long believed
aspect of quantum mechanics, namely
that two particles can influence each other even across great
distances.
… The long-distance influence of one particle
on another was dubbed “spooky interaction at a distance” by none
other than Einstein himself. Einstein did not believe in long
distance interaction, but the new research suggests that this is one
area where the world’s best-known physicist was wrong.
For the true music collector? MC Edison rap
music?
Thousands
of 100-year-old wax cylinder recordings available to stream
Before MP3s, before CDs and even before LPs there
was the first commercial audio format known as the Edison wax
cylinder.
This late 19th-century invention was capable of
recording up to 3 minutes of sound on a cylinder made of wax (and
later a metallic soap composite or plastic). It was eventually
replaced by the popularity of the phonograph in 1929.
The University of California, Santa Barbara
library is digitizing its collection of late 19th and early 20th
century wax cylinder recordings and has placed
over 10,000 songs online for anyone to stream and download.
The earliest wax cylinders were only able to be
played about a dozen or so times before the wax wore out, but the
pliability of the material meant that users could also record their
own material.
… The searchable collection features
everything from turn-of-the-century
opera to mandolin
solos to bizarre
animal impressions. As you'd expect for audio recorded on
violently degradable media, the quality
of the recordings varies from "radio static" to "almost
audible subway announcement."
This might help with the 'chatty' clumps of
students in some of my classes.
Mega
Seating Plan - Create Random or Organized Seating Charts
Mega
Seating Plan is a free
tool developed by a teacher for teachers. The purpose of
Mega Seating Plan is to help you create seating charts from a
spreadsheet of names. To create a seating chart in Mega Seating Plan
simply import a spreadsheet of names, indicate where seats will be
placed in your classroom, and then let Mega Seating Plan randomly
assign students to seats. You
can quickly alter the seating chart by dragging and dropping names on
the chart.
Mega
Seating Plan also has a random name selector tool built into it.
To use that tool just pick a class list then click the center of your
browser window to have a name randomly selected from the list.
Applications
for Education
Mega
Seating Plan could provide you with a quick way to shuffle the
seating plans in your classroom. You might also use
it to randomly create working groups in your classroom.
To do that just arrange seats in groups then use the random
assignment function to put students into working groups.
No comments:
Post a Comment