So a vendor turned off the security and someone
wandered into the “forbidden zone.” Unlikely to cost (or gain)
anyone the election. It is amusing however.
DNC:
Sanders campaign improperly accessed Clinton voter data
Officials with the Democratic National Committee
have accused the presidential campaign of Sen. Bernie Sanders of
improperly accessing
confidential voter information gathered by the rival campaign of
Hillary Clinton, according to several party officials.
Jeff Weaver, the Vermont senator’s campaign
manager, acknowledged that a low-level staffer had viewed the
information but blamed a
software vendor hired by the DNC for a glitch that allowed access.
Weaver said one Sanders staffer was fired over the incident.
The discovery sparked alarm at the DNC, which
promptly shut off the Sanders campaign’s access to the
strategically crucial
list of likely Democratic voters.
… NGP VAN, the vendor that handles the master
file, said the incident occurred Wednesday while a patch was being
applied to the software. The
process briefly opened a window into proprietary information from
other campaigns, said the company’s chief, Stu
Trevelyan.
… “Sadly, the DNC is relying on an
incompetent vendor who on more
than one occasion has dropped the firewall between the
various Democratic candidates’ data,” he said.
(Related) Why Hillary will have the DNC crack
down.
Bernie
Sanders Can Still Catch Hillary Clinton In Iowa
… Sure, she’s almost certainly going to win
the nomination. But if I were running the Clinton campaign, I’d
still be a little nervous. C linton’s lead in Iowa isn’t safe;
Bernie Sanders could win the caucuses. And with expectations for her
as high as they are, a Clinton loss in Iowa (or even an underwhelming
win) would cause her campaign a lot of heartache.
Another indication that the card readers (or
payment processors) are being tapped?
Brian Krebs reports:
Fraud analysts in the banking industry tell KrebsOnSecurity that the latest hospitality firm to suffer a credit card breach is likely Landry’s Inc., a company that manages a nationwide stable of well-known restaurants — including Bubba Gump, Claim Jumper, McCormick & Schmick’s, and Morton’s.
Update, 2:57 p.m. ET: Landry’s has acknowledged an investigation. Their press release is available here (PDF).
Read more on KrebsOnSecurity.com
[From
Krebs:
Industry sources told this author that the problem
appears to have started in May 2015 and may still be impacting some
Landry’s locations.
… Restaurants are a prime target for credit
card thieves, mainly because they traditionally have not placed a
huge emphasis on securing their payment systems. The attackers
typically exploit security vulnerabilities or weaknesses in
point-of-sale devices to install malicious software that steals
credit and debit card data.
Local. Probably not related to the Landry article
above.
Brian Krebs reports:
Sources at multiple financial institutions say they are tracking a pattern of fraud indicating that thieves have somehow compromised the credit card terminals at checkout lanes within multiple Safeway stores in California and Colorado. Safeway confirmed it is investigating skimming incidents at several stores.
Read more on KrebsOnSecurity.
In at least two locations where skimmers were
found in California, the skimmers did
not compromise any customer data, according to a corporate
spokesperson.
Not a lot of detail, but generally true.
That
Wearable Device Under Your Tree Is Their Next Target
Wearables are atop gift
lists this year as Fitbit continues to grow and Apple
is expected to sell six million Watches in the next month alone.
Wearable-renting company Lumoid
says it receives at least
one new wearable device each week saying they “sometimes
can’t keep up, especially now with the holiday season coming up.”
There are more wearables on the market than ever
before but experts like Good Technology’s John Herrema say
manufacturers aren’t prepared to keep such a massive scale of users
secure.
The pendulum swings again.
Over on TechDirt, Time Cushing writes:
It’s a lower-level decision but it still means something. Well, a couple of somethings. First off, it appears Connecticut law enforcement probably shouldn’t continue seeking “live” cell site location information without a warrant. It also appears the law enforcement agency involved doesn’t have access to a cell site simulator (Stingray, etc.).
Read more on TechDirt.
[From
TechDirt:
This sort of collection is nothing new. Many law
enforcement agencies act under the belief that location
information is just another business record, subject to fewer
restrictions and a lower level of privacy protections. Generally
speaking, courts have found the acquisition of historical cell
site location data without a warrant to have minimal impact on Fourth
Amendment protections. Using this information as a
tracking device, however, has generated plenty
of friction in the judicial system, something that probably won't
be resolved until the Supreme Court tackles it.
The FTC gets to brag, LifeLock get to keep on
scamming?
Identity
Theft Security Firm Fined $100 Million for Lapses
The US Federal Trade Commission said its
settlement with LifeLock came after the
company failed to comply with a 2010 federal court order
requiring it to secure consumers' personal information and
prohibiting deceptive advertising.
It is the largest monetary award obtained by the
commission in an order enforcement action, the FTC said.
"This settlement demonstrates the
Commission's commitment to enforcing the orders it has in place
against companies, including orders requiring reasonable security for
consumer data," said FTC Chairwoman Edith Ramirez.
… A
company statement Thursday said the settlement would "enable
LifeLock to move forward with a singular focus on protecting our
members from threats to their identity."
It
said the allegations by the FTC related to ads and practices that
have been discontinued.
"There
is no evidence that LifeLock has ever had any of its customers' data
stolen, and the FTC did not allege otherwise," the statement
said.
Too
many users (voters?) to lock them out for long.
A Brazilian court dealt a legal victory Thursday
to the popular app WhatsApp, hours after another judge suspended the
messaging tool.
In the second ruling, the court found that it was
unreasonable to cut off access to the app for tens of millions of
people because the company failed to comply with a court order.
Agence France-Presse said the service was working again in the
country.
Isn't this similar to the Kim Dotcom argument?
Internet provider Cox Communications is
responsible for the copyright infringements of its subscribers, a
Virginia federal jury has ruled. The ISP is guilty of willful
contributory copyright infringement and must pay music publisher BMG
$25 million in damages.
Today marks the end of a crucial
case that will define how U.S. Internet providers deal with
online piracy in the future.
Following a two-week trial a Virginia federal jury
reached a verdict earlier today (pdf),
ruling that Cox is guilty of willful contributory copyright
infringement.
The case was initiated by BMG Rights Management,
which held the ISP responsible for tens of thousands of copyright
infringements that were committed by its subscribers.
During the trial hearings BMG revealed that the
tracking company Rightscorp downloaded more than 150,000 copies of
their copyrighted works directly from Cox subscribers.
It also
became apparent that Cox had received numerous copyright infringement
warnings from Rightscorp which it willingly decided not to act on.
… A week before the trial started Judge
O’Grady issued
an order declaring that Cox
was not entitled to DMCA safe-harbor protections, as the
company failed to terminate the accounts of repeat infringers.
BMG also argued that the ISP willingly profited
from pirating subscribers, but the jury found that there was not
enough evidence to back this up.
The verdict is bound to cause grave concern among
various other U.S. Internet providers. At the moment it’s rare for
ISPs to disconnect pirating users and this case is likely to change
that position.
Perspective. Gee, the TV Ads make it sound so
much faster. Reality: The US isn't in the top 10.
Akamai:
Global average Internet speed grew 14% to 5.1 Mbps, only 5.2% of
users have broadband
Global average connection speeds rose 14 percent
year over year to 5.1 Mbps in Q3 2015. Unfortunately, just over 5
percent of users now have broadband speeds of at least 25.0 Mbps.
The latest figures come from Akamai,
which today published its quarterly State
of the Internet Report for Q3 2015.
Perspective.
12 Social
Media Facts and Statistics You Should Know in 2016
Obey the law, become a victim? Should we program
them to break the law when they think they can get away with it?
With some simple analysis (which may already exist) we will know when
humans are likely to “cheat” and just add that to their software.
Humans Are
Slamming Into Driverless Cars and Exposing a Key Flaw
The self-driving car, that cutting-edge creation
that’s supposed to lead to a world without accidents, is achieving
the exact opposite right now: The vehicles have racked up a crash
rate double that of those with human drivers.
The glitch?
They obey the law all the time, as in, without
exception.
… “It’s a constant debate inside our
group,” said Raj Rajkumar, co-director of the General
Motors-Carnegie Mellon Autonomous Driving Collaborative Research Lab
in Pittsburgh. “And we have basically decided to stick to the
speed limit. But when you go out and drive the speed limit on the
highway, pretty much everybody on the road is just zipping past you.
And I would be one of those people.”
This may explain a lot…
A former top aide to Hillary Clinton appeared to
joke with reporters that he wanted to avoid open records laws, years
before his and other Clinton aides’ use of private email accounts
became an issue for her presidential campaign.
“I want to avoid FOIA,” Philippe Reines,
Clinton’s combative former adviser, wrote in
an email to journalists Mark Halperin and John Heilemann in
February 2009, referring to the Freedom of Information Act.
The email was revealed Thursday as part of a
lawsuit
launched by Gawker earlier this year.
The message was apparently sent before Reines took
a job at the State Department and is being dismissed by his lawyers
as a joke.
Yet critics of Clinton are likely to view it more
seriously, given long concerns that the use of personal email
accounts by Reines, Clinton and other top officials not only skirted
government recordkeeping laws but may have jeopardized national
security.
(Related) Maybe? Could this be a common
practice?
Pentagon
Chief Admits 'Mistake' in Using Personal Email
US Defense Secretary Ashton Carter acknowledged
Thursday making a "mistake" when he used his personal email
for government business in the early part of his tenure, triggering
concerns hackers could access sensitive information.
Interesting App, but my wife, the “power
shopper” has “Buy now, have husband pay later” as her operative
philosophy.
Pinterest
Launches A New Way To Track Price Drops On Buyable Pins
Pinterest has a new way to entice users to come
back and buy things: keeping tabs on the price.
That comes in the form today of a new tool that
helps Pinterest users monitor price drops on products they’ve
pinned. When users save pins, they’ll get a heads up when a price
drops in the form of an in-app notification and an email. They can
then jump straight to that pin and make the purchase.
… In the end, this is likely about
getting Pinterest users to come back and buy products on Pinterest.
Though the company might not treat commerce as a strong monetization
channel just yet alongside its advertising business, it helps get
users to come back to Pinterest over and over again. That, in
general makes the service
more sticky — giving it an opportunity to better
monetize its user base.
For my students who read!
Shelfie
Helps You Find Ebook and Audiobook Versions of Books
Shelfie
is a neat Android and iOS app that can help you find audiobook and
ebook versions of your favorite books. To use Shelfie simply take a
picture of a book and the app will search for an ebook or audiobook
version of a book. Some of the ebooks and audiobooks that the app
locates are free and others require a purchase. The app also allows
you to create a shelf of your books.
No comments:
Post a Comment