The
government seems to have difficulty following Best Practices. No
doubt hackers everywhere revel in their incompetence.
The
State Department said Friday it was “implementing improvements”
to its unclassified email systems, months after a breach in its
networks.
…
Last November, the department confirmed that it had detected
“activity of concern” in its systems, but ensured the public that
its classified systems had not been breached. Psaki’s statement on
Friday said the breach had also not touched its “core financial,
consular, and human resource systems.”
…
A U.S. official last fall told
CNN that the State Department hack was tied to the breach of
White House computers in October. Russian hackers were the primary
suspects in that hack, a charge that Russia has denied. As of
February, the Wall Street Journal reported,
the State Department still had not fully removed the malware planted.
For
my Computer Security students.
Cisco
2015 Annual Security Report
New
Threat Intelligence and Trend Analysis – “Despite advances by
the security industry, criminals continue to evolve their approaches
to break through security defenses. Attackers are realizing that
bigger and bolder is not always better. The Cisco 2015 Annual
Security Report reveals shifts in attack techniques, emerging
vulnerabilities, and the state of enterprise security preparedness.
Of
course your risk increases if you hold sensitive data. Hackers can
encrypt your data on your computers and demand payment for the
encryption key OR they can download your data and threaten to release
it. Which would cost your organization more?
Kaspersky
Lab writes:
Computer users in many countries are increasingly falling victim to
so-called encryption malware – programs that encrypt important data
on infected computers and then demand a ransom to decrypt it. In
2014, over 7 million attempts to carry out such attacks were made
against Kaspersky Lab users alone. Kaspersky Lab experts
have prepared an overview of the evolution of encryption malware, as
well as advice on how to avoid being affected by this threat.
[…]
Cybercriminals prefer to be paid in the Bitcoin cryptocurrency, which
offers them a sufficiently high level of anonymity. At the same
time, it is common for attackers to specify their rates in real-world
currencies, such as US dollars, euros or rubles. The cost of
decrypting data for home users starts at 1000 rubles (about $15) but
can be as high as several hundred dollars. If a corporate computer
is infected, the attackers’ demands increase five-fold.
Cybercriminals are known to have demanded ransoms as high as 5000
euros to decrypt files. Sadly, companies that have lost their data
often prefer to pay up rather than lose important information. It
comes as no surprise, therefore, that businesses are a prime target
for cybercriminals who use encryption malware to make money.
Read
more on Kaspersky
Lab.
(Related)
Rex
Mundi is back again. After hacking
Synergie
and dumping
data from Temporis
in January, the hackers, who have made a business of hacking
for profit, have announced that they have now hacked a diagnostic
laboratory in France, Labio.
And once again, they announced the hack on Twitter:
[Omitted]
…
In response to a tweeted question from DataBreaches.net, Rex Mundi
indicated that they had demanded €20,000
from Labio not to release the data.
Because
they
have followed through on
their threats in the past when organizations have not paid the
extortion demands, we’ll have to see what happens on Tuesday.
Other
entities hacked by Rex Mundi include Swiss bank Banque
Cantonale de Geneve, French loan company Credipret,
Swiss web hosting company Hoststar, Tobasco.be,
Z-Staffing.org, Easypay Group payroll company in Belgium,
Webassur, Thomas
Cook Belgium, Finalease Car Credit,
Mensura, Drake
International, Accord.nl,
ECAAssurances, Mutuelle La Frontaliere, and Domino’s
Pizza, among their targets.
...but
you can't fool all of the people all of the time.
Debbie
Kelley reports:
Are parents just being paranoid or are their concerns about the
privacy of student data that’s collected during computerized
testing and on surveys valid?
Perhaps some of both.
During a public hearing, the Colorado State Board of Education hosted
Thursday, officials from the Colorado Department of Education and
Pearson State Assessment Services tried to assuage fears and address
rumors about what data is being collected and why.
But State Board members and parents who attended say the responses
were not good enough. Some questions were not answered.
Read
more on The
Gazette.
I
hope they aren't teaching their students to do it this way...
Maybe
we should expect stupid behavior in response to apps with stupid
names?
Tim
Cushing writes:
Universities are still freaking
out over the fact that some of their students are racists and
assholes. But rather than deal with the inevitability that any
decent-sized grouping of people will contain a percentage of both,
they’ve opted to shoot the messenger: Yik Yak. Yik Yak provides a
platform for anonymous postings that can only be seen by others
within the same general location (1.5-10 miles). It also provides a
voting system. With enough downvotes, a post is removed.
Despite these key ingredients, students and administrators are
finding the app is to blame, rather than a portion of the people
using it. So, they do ridiculous things like call for a
ban of the app on campus — something almost completely
unenforceable and ultimately futile.
In some cases, they opt for other unenforceable and futile
efforts. The University of Rochester (NY) has discovered that local
posts on Yik Yak contain a number of unsavory statements, including
possible threats towards a student and racially-motivated activity.
This has prompted a completely ridiculous response from the
university’s legal team, which
has “demanded” that Yik Yak do a number of things, including turn
over a ton of information on users of the service.
Read
more on TechDirt.
This
is called, “Having a firm grasp of the obvious.”
Daily
Report: New Rules for Net Neutrality May Set Stage for Legal Battles
…
Opponents of the rules, including many of the leading Internet
providers, spent Thursday poring over the document. It was not known
who would file the first legal challenges, or exactly what legal
arguments would be made. Many experts, though, said the document
included plenty of opportunity for different interpretations.
(Related)
The FCC saying, “Trust us?”
FCC
Open Internet Order – Separating Fact From Fiction
“The
Open Internet Order: Preserving and Protecting the Internet for All
Americans – The Commission has released the full and
final text of the Open Internet Order, which will preserve and
protect the Internet as a platform for innovation, expression and
economic growth. An Open Internet means consumers can go where they
want, when they want. It means innovators can develop products and
services without asking for permission. It means consumers will
demand more and better broadband as they enjoy new Internet services,
applications and content.
Separating
Fact from Fiction
The
Order uses every tool in the Commission’s toolbox to make sure the
Internet stays fair, fast and open for all Americans, while ensuring
investment and innovation can flourish. We encourage the public to
read the Order, which reflects the input of millions of Americans and
allows everyone to separate myths from fact, such as:
Myth: This is utility-style regulation.
Fact: The Order takes a modernized approach to Title II,
tailored for the 21st Century.
Of
course I'll still respect you in the morning!
“We
frequently spend large amounts of money for no reason.”
Kashmir
Hill writes:
This week I got an angry email from a friend who had just rented a
car from Hertz: “Did you know Hertz is putting cameras in rental
cars!? This is bullsh*t. I wonder if it says they can tape me in my
Hertz contract.” He sent along this photo of a camera peeping at
him from out of his “NeverLost,”
a navigational device that the company has started putting in many of
its cars:
Read
more on Fusion
Reasonable,
but very un-geek-like.
SXSW
Declared a Drone-Free Zone
…
In a
press statement this week, the organizers behind the Austin,
Texas-based conference set out a no-drones policy, citing a city
ordinance. The group stressed concerns for safety should
“airwaves and/or frequency spectrums generally used in the remote
control of drones are too congested during the SXSW event to ensure
operation safe from interference.”
Suggests
a business opportunity: highly localized crime reporting.
Study
finds racial, ethnic divide in attention to crime news
“Crime
consistently ranks as one of the most
followed and discussed topics by the public, and it receives more
attention in local news
media than almost any other subject. A recent
Pew Research Center report reinforces these findings but also
suggests that certain groups of residents pay closer attention to
local crime than others in the three cities studied. A difference
that particularly stands out is between racial and ethnic groups. A
deep analysis of local news in Denver,
Macon, Ga., and Sioux City, Iowa, finds that in each city at least
three-in-ten people follow crime very closely and more than
half of residents often discuss crime with others.”
For
my Data Management and Business Intelligence students. Colorado
isn't in their top 10. Clearly they screwed up.
The
majority of jobs that require the use of large amounts of data are
relegated to about 10 states, according to a report released by the
Commerce Department.
The
report describing the importance of “data occupations”
on the economy highlights the huge growth in these high-paying jobs
over the past decade. The study defined the “somewhat amorphous”
term to mean jobs where the use of data is very important.
For
my students with kids in high school.
PrepFactory
Offers SAT & ACT Practice Exercises and Tutorials
Last
month PrepFactory
launched a free service for high school students to use to prepare
for the SAT and ACT. PrepFactory offers students a series of
tutorial videos and written tips to help them prepare for both tests.
After completing a tutorial students can test themselves in a series
of practice questions. Each question set is timed and limited to
chunks of ten questions at a time. Students can earn badges for
completing tutorials or question sets. In the video embedded below I
provide an overview of PrepFactory's features.
For
my geeky students.
Pi
Overdose? Here’s 5 Raspberry Pi Alternatives
…
Put simply, you feel as though you have mastered the Raspberry Pi,
that there is nowhere else left to go.
You’re
wrong: take a look at these five alternatives, each of which can open
a whole new world of DIY technology to you.
Every
Saturday, education laughs!
Hack
Education Weekly News
…
Florida’s problems with its online testing last week were partly
caused by “cyber attacks,” which is definitely the new “dog
ate my homework” excuse.
…
Colorado also faced technical
problems administering its PARCC assessments.
…
Via
The Register: “Toymaker
Mattel has unveiled a high-tech Barbie that will listen to your
child, record its words, send them over the internet for processing,
and talk back to your kid. It will email you, as a parent,
highlights of your youngster’s conversations with the toy.”
What could go wrong?
…
The Gates Foundation has a new higher ed agenda, according
to Inside Higher Ed, including to “create a national data
infrastructure that enables consistent collection and reporting of
key performance metrics for all students in all institutions that are
essential for promoting the change needed to reform the higher
education system to produce more career-relevant credential” –
which hopefully isn’t too inBloom-y, eh? [If
at first you don't succeed, rename and try again. Bob]
…
McGraw-Hill has surveyed
college
students about their technology usage. 81% said they studied via
a mobile device; 66% said it was important to be able to do so.
Perspective.
...and I touched my first computer in 1965. Wow, am I old or what?
Exactly 30 years ago, on Sunday, March 15, 1985, a computer company
in Massachusetts registered the world’s first dot-com domain:
Symbolics.com. And with that, the dot-com era officially began.