Wednesday, December 16, 2015

I guess Target didn't learn much from their massive security breach. If I had been teaching Ethical Hacking this Quarter, this would have made a nifty group project.
Dan Goodin reports:
According to researchers from security firm Avast, the database storing the names, e-mail addresses, home addresses, phone numbers, and wish lists of Target customers is available to anyone who figures out the app’s publicly available programming interface.
Read more on Ars Technica.
[From the article:
To our surprise, we discovered that the Target app’s Application Program Interface (API) is easily accessible over the Internet. An API is a set of conditions where if you ask a question it sends the answer . Also, the Target API does not require any authentication. The only thing you need in order to parse all of the data automatically is to figure out how the user ID is generated. Once you have that figured out, all the data is served to you on a silver platter in a JSON file.




Will reality match the dream?
Facebook, Google and Twitter agree German hate speech deal
Facebook, Google and Twitter have agreed a deal with Germany under which they will remove hate speech posted on their websites within 24 hours.
German Justice Minister Heiko Maas said the measures would ensure German law was applied online.
Social media cannot "become a funfair for the far right," he said.
The agreement follows reports of a rise [Rather vague. “Yeah, I read all about it in some Blog. They said they found more racist articles now that they can read.” Bob] in online racism in Germany as the country manages an influx of up to one million migrants and refugees in 2015.
… They would assess complaints using the benchmark of German law "and no longer just the terms of use of each network", he said.
"When the limits of free speech are trespassed, when it is about criminal expressions, sedition, incitement to carry out criminal offences that threaten people, such content has to be deleted from the net," Mr Maas said.




Completely optional, for now. Soon, “What do you have to hide?”
Rachel Emma Silverman reports:
Employers want workers to know what’s in their genes.
A handful of firms are offering employees free or subsidized tests for genetic markers associated with metabolism, weight gain and overeating, while companies such as Visa Inc., Slack Technologies Inc., Instacart Inc. recently began offering workers subsidized tests for genetic mutations linked to breast and ovarian cancer.
The programs provide employees with potentially life-saving information and offer counseling and coaching to prevent health problems down the road, benefits managers say.
Read more on WSJ.
What could possibly go wrong, right?




Perspective. That Internet of Things thing is growing in importance. (No hints about how this will work.)
IBM Bets on Watson With Global Research Center in Germany
… The company on Tuesday announced the opening of a new global headquarters and research lab in Munich for a division that will build Watson-based applications for Web-connected devices. The facility and eight other global centers are part of a $3 billion investment in the unit set out in March by Armonk, New York-based International Business Machines Corp.




Looks like Heartland has recovered from the 2008 breach (~100 million cards)
Global Payments to Buy Heartland Payment for $4.3 Billion
… “The combination of Global Payments and Heartland will be transformative for the worldwide payments industry,” Robert O. Carr, chief executive officer of Princeton, New Jersey-based Heartland, said in the statement.
As consumers replace cash and checks with electronic payments including credit cards and mobile phones, companies that process transactions are rushing to consolidate. Established firms are scooping up smaller competitors and merging with companies abroad, repositioning themselves as technology for handling transactions evolves.
… Global Payments had about 2.9 percent of the global transactions processing market in 2014, while Heartland had about 2.1 percent, according to the Nilson Report, an industry trade publication and data service.




I didn't think this would go over too well.
Philips Hue users outraged after firmware update blocks third-party light bulbs




There's an App for that! (Not really, but it won't be long.)
SEC Approves Plan to Issue Stock Via Bitcoin’s Blockchain
The Securities and Exchange Commission has approved a plan from online retailer Overstock.com to issue company stock via the Internet, signaling a significant shift in the way financial securities will be distributed and traded in the years to come.
Over the past year, Overstock and its freethinking CEO, Patrick Byrne, have developed technology for issuing financial securities by way of the blockchain, the vast online ledger underpinning the bitcoin digital currency. The blockchain is essentially an enormous database that runs across a global network of independent computers. With bitcoin, this ledger tracks the exchange of money. But it can also track the exchange of anything else that holds value, including stocks, bonds, and other financial securities. Overstock has already used the blockchain to issue private bonds, which did not require explicit regulatory approval. Now, the SEC has told the company it can issue public securities in much the same way.




Interesting (to me anyway) how closely this parallels what Prof. Soma has done for years at the Privacy Foundation seminars.
The New Rules of Presentations
… Make no bones about it – the defining factor in deciding where you sit on the presentation landscape is your audience. This might sound like I’m stating the blindingly obvious, but the reality is that few presenters make this leap. They’re too busy thinking about their slides, [Slides are forbidden. Bob] their breathing, or their attire to take a moment to ask themselves the simple question – how would the audience like to be presented to? Once you recognize that the audience is the most important stakeholder in the whole presentation process, it makes it a whole lot easier for presenters to focus on engaging with the people in front of whom they are standing.




Got Pi? (Registration with MakeUseOf required)
Download 4 Raspberry Pi eBooks For Free Right Now
Today, we have one of the coolest free eBook offers we’ve ever had. We’re talking about four free Raspberry Pi eBooks all in one awesome bundle! These books would normally sell for over $90, but until 12/20, you can get all of them for free!
… To redeem your copy and download the free eBook, just head over to this page and sign up for a free account.


No comments: