Friday, November 13, 2015

The curse of Las Vegas? Amateurs can't be trusted?
CT Lottery: Game suspended after terminals ‘manipulated’
The CT Lottery has temporarily suspended the sales and cashing of its “5 Card Cash” because “some retailers may have intentionally manipulated the reporting mechanism on the terminal for their own personal benefit.”
It says new software is being changed “to further enhance the security features of the game.”
The Department of Consumer Protection believes some retailers may have intentionally manipulated the reporting mechanism on the terminal to win. DCP Commissioner Jonathan A. Harris said in a statement “the department is investigating the matter.”




For my Computer Security students, even though it's really about management. This also happens with software licenses. At some companies, it happen every year when the license expires. Every! Year!
Lapsed Apple certificate triggers massive Mac app fiasco
A lapsed Apple digital certificate today triggered a massive app fiasco that prevented Mac users from running software they'd purchased from the Mac App Store.
"Whenever you download an app from the Mac App Store, the app provides a cryptographically-signed receipt," explained Paul Haddad, a co-founder of Tapbots, the company behind the popular Tweetbot Twitter client, in an email reply to questions today. "These receipts are signed with various certificates with different expiration dates. One of those is the 'Mac App Store Receipt Signing;' that expires every two years. That certificate expired on 'Nov 11 21:58:01 2015 GMT,' which caused most existing App Store receipts to no longer be considered valid."
Whoops.
The result: Bedlam.
Until Apple replaced the expired certificate, users who booted up their Macs today were unable to launch the apps they had bought through the Mac App Store, the OS X version of the iPhone's distribution portal.
But even after Apple replaced the outdated certificate, many apps still refused to run or threw off scary error messages, including one that said the app was "damaged and can't be opened," and others that said the app was already being used on another Mac, when it was, in fact, not.




Another paper for my Computer Security students.
Emerging Cyber Threats Report 2016 – Impact of The Internet of Things
by Sabrina I. Pacifici on Nov 12, 2015
Georgia Institute of Technology Cybersecurity Summit 2015– “The intersection of the physical and digital world continued to deepen in 2015. The adoption of network- connected devices and sensors — the Internet of Things — accelerated and was expected to reach nearly 5 billion devices by the end of the year. The collection and analysis of big datasets shed light on a variety of subjects, from profiling consumers’ buying habits to forecasting the loss of Arctic ice. Companies, from Google to Apple to traditional car makers, focused greater efforts on creating autonomous vehicles with a near-term goal of a driverless car on the road by 2020. These trends continue despite obvious dangers. Ever-present devices and online tracking allow us to measure our activities, but give other third-parties unprecedented access to monitor those same habits. Automated systems are increasingly removing humans from operational loops, making everything from driving cars to diagnosing diseases less prone to human error, but at the same time, requiring that each device be trusted — a technology safeguard that does not yet fully exist. Attackers have shown that these dangers are not just theoretical. Online espionage groups exploited the trust relationship between two background-check suppliers and the U.S. Office of Personnel Management (OPM), leading to the exfiltration of perhaps the most significant cache of U.S.-focused intelligence to date. Two security researchers hacked a GMC Jeep Cherokee while a journalist was driving, resulting in a government-mandated recall of 1.5 million cars. To understand the dangers posed by our increasingly digital world, we need to study and define both the potential problems and necessary solutions. The annual Georgia Tech Cyber Security Summit (GTCSS) on Oct. 28, 2015 provided an opportunity for experts from academia, private industry and government agencies to come together and prepare for the challenges we face in securing an ever-more complex society. This is the 13th year that the Georgia Institute of Technology has hosted the event to support efforts to develop bold, new technologies and strategies that ensure the safety and security of government, industry and individuals..”




For all my IT students, but Computer Security in particular.
The Ethics Conversation We’re Not Having About Data
… From a data perspective, the news about Ashley Madison is the most cogent. This scandal may seem irrelevant to those who disdain the site’s shady business model, but you really should be paying attention. Here are five reasons why:
  1. Customers of the website presumably believe that the site owner has a strong desire to keep their data private. The website still fails to fend off hackers.
  2. Users who presume they are anonymous because they use pseudonyms on their profiles learn that data analysts have uncovered their identities via credit cards, and even stored the information in the databases.
  3. When customers ask for data deletion, even after these users pay the website to remove their data, the data continue to reside on the servers.
  4. Technologists discover that the programmers have made certain mistakes that allow over 10 million scrambled passwords to be decoded.
  5. After the hackers release the stolen data to the public, a horde of investigators immediately obtain the data, with the intention of discovering embarrassing personal details. These analysts see it as a rare opportunity to lay their hands on a massive, real-world dataset that typically is guarded tightly by businesses.




Amazing graphics. (and a new recording for my answering machine!) Does it even hint that Microsoft will lead us into the Promised Privacy Paradise?
Kieren McCarthy reports:
Microsoft has published what can only be described as a privacy manifesto.
The unusual online screed comes complete with interactive graphics, including a recording of the FISA court’s voicemail, and appears geared at pitching Microsoft as the protector of people’s global data.
Read more on The Register.




Privacy for those who don't think about privacy. (And for my Computer Security students as a training tool!)
Privacy Online Explained by Common Craft
Have you or your students ever wondered what happens to all of the data collected by your web browsing habits? Or have you wondered why Facebook shows you one set of advertisements while a friend sitting next to you might see completely different advertisements? It all comes down to data collection and online privacy. In their latest video Common Craft explains how privacy online is different than it is in the real world, what happens to your online data, and how that data was captured to begin with.




An example of (not much) Privacy.
Joel Hruska writes:
New research from Avast reveals just how easily compromised many so-called “smart” TVs actually are, as well as how little your consent to being tracked actually matters. This hack is unrelated to the investigation we discussed yesterday, concerning Vizio’s decision to sell identifiable user data to third-parties and advertisers, though many of these issues are interrelated.
Read more on ExtremeTech.




A question for those Balkinizing the Internet. How granular can we get. Will Centennial enact laws that conflict with Denver and have no relationship to federal law?
Andrew Blake reports:
Internet regulators in the Kremlin said this week that Twitter must begin storing the details of Russian users at facilities located within the country, walking back an earlier decision not to force the company into complying with a controversial, recently enacted data law.
Read more on Washington Times.




What if the driver was asleep in the back seat? How did the officer “flag down” the car? Does it respond to lights and sirens? Was someone watching a “cop cam” remotely?
Google self-driving car pulled over for going too slow
Beep, beep. A Google driverless car was pulled over in California. The problem? It was going too slow.
An officer in Mountain View, Calif., apparently saw traffic backed up behind the little, white vehicle. The car was traveling 24 mph in a stretch where the posted speed limit was 35 mph.
The officer realized it was self-driving car and pulled it over. The officer then “made contact with the operators to learn more about how the car was choosing speeds along certain roadways and to educated the operators about impeding traffic,” according to a post on the police department’s blog.
The car’s defense — its speed limit is set at 25 mph for “safety reasons,” according to a Google+ page.




Perspective. Clearly, I'm completely out of touch. What's a spotty fly?
Leaning power: Spotify names its most streamed track of all time
What might you think would be Spotify’s most popular track ever? Stairway to Heaven by Led Zeppelin, often claimed to be the greatest rock song of all time, and one of the most played on the radio? Michael Jackson’s Thriller, the title track of the biggest-selling album ever? Or Bing Crosby’s White Christmas, the most popular single of all time?
Answer: none of the above. In fact it’s a song released earlier this year, that didn’t top the charts in either the US or the UK, and which was released independently.
Lean On, by Major Lazer & DJ Snake (with MØ) has now received 526m plays worldwide, according to Spotify, overtaking the previous record holder, Thinking Out Loud by Ed Sheeran.




Colorado: toy supplier to the galaxy?
Sphero BB-8 is the 'Star Wars' toy you're looking for (hands-on)
When the "Star Wars: The Force Awakens" trailer dropped last November, one little astromech droid was the talk of the town: BB-8, the adorable spherical robot spotted zipping along the desert landscape.
The robot itself was designed and puppeteered by LucasFilm, but an actual working life-size model for public appearances was created by Colorado-based toy robot company Sphero. It was a perfect fit. Sphero's eponymous robot launched in 2011, a sphere that could be remote-controlled via a smartphone app.
Now that rolling toy has been adapted into a pint-sized BB-8, with an accompanying app that allows you to drive it around and send it on tiny adventures, coming in at a suggested retail price of $150, AU$250 or £130.




Imagine instantaneous communication over any distance.
Entanglement: A Milestone for Quantum Mechanics
A Dutch research team has proven a long believed aspect of quantum mechanics, namely that two particles can influence each other even across great distances.
… The long-distance influence of one particle on another was dubbed “spooky interaction at a distance” by none other than Einstein himself. Einstein did not believe in long distance interaction, but the new research suggests that this is one area where the world’s best-known physicist was wrong.




For the true music collector? MC Edison rap music?
Thousands of 100-year-old wax cylinder recordings available to stream
Before MP3s, before CDs and even before LPs there was the first commercial audio format known as the Edison wax cylinder.
This late 19th-century invention was capable of recording up to 3 minutes of sound on a cylinder made of wax (and later a metallic soap composite or plastic). It was eventually replaced by the popularity of the phonograph in 1929.
The University of California, Santa Barbara library is digitizing its collection of late 19th and early 20th century wax cylinder recordings and has placed over 10,000 songs online for anyone to stream and download.
The earliest wax cylinders were only able to be played about a dozen or so times before the wax wore out, but the pliability of the material meant that users could also record their own material.
… The searchable collection features everything from turn-of-the-century opera to mandolin solos to bizarre animal impressions. As you'd expect for audio recorded on violently degradable media, the quality of the recordings varies from "radio static" to "almost audible subway announcement."




This might help with the 'chatty' clumps of students in some of my classes.
Mega Seating Plan - Create Random or Organized Seating Charts
Mega Seating Plan is a free tool developed by a teacher for teachers. The purpose of Mega Seating Plan is to help you create seating charts from a spreadsheet of names. To create a seating chart in Mega Seating Plan simply import a spreadsheet of names, indicate where seats will be placed in your classroom, and then let Mega Seating Plan randomly assign students to seats. You can quickly alter the seating chart by dragging and dropping names on the chart.
Mega Seating Plan also has a random name selector tool built into it. To use that tool just pick a class list then click the center of your browser window to have a name randomly selected from the list.
Applications for Education
Mega Seating Plan could provide you with a quick way to shuffle the seating plans in your classroom. You might also use it to randomly create working groups in your classroom. To do that just arrange seats in groups then use the random assignment function to put students into working groups.


No comments: