I
wonder how common this is? One thing I insisted on as a security
manager was to regularly (monthly) report who had access to the
manager responsible for that asset and to the accessing employee's
manager. Apparently, that is not common banking practice?
Kathy
Hieatt reports:
The city is investigating a security breach into its bank accounts,
including at least one with more than $50 million, according to a
news release this afternoon.
Two city employees who are not with the Treasurer’s Office had
access to the city’s Bank of America checking accounts from home,
according to the release. The City Auditor’s Office discovered the
breach and had their access rescinded, it said.
Read
more on The Virginian-Pilot.
The
article provides a very good summary of de-identification. Could be
the starting point for my Ethical Hackers to re-identify people.
Elizabeth
Snell writes:
The de-identification of data is an important part of healthcare
technology, especially as the use of EHRs and HIEs becomes more
prominent. The HIPAA Privacy Rule states that once data has been
de-identified, covered entities can use or disclose it without any
limitation. The information is no longer considered PHI, and does
not fall under the same regulations and restrictions as PHI.
But why would a facility
need to de-identify data? What are the potential benefits of the
de-identification of data? HealthITSecurity.com decided to
dissect this aspect of HIPAA regulations, and explain what the
de-identifcation process entails and how covered entities could
benefit from the practice.
Read
more on HealthITSecurity.com.
This
should be interesting.
EFF
– Automakers Say You Don’t Really Own Your Car
by
Sabrina
I. Pacifici on Apr 3, 2015
News
release: “EFF is fighting
for vehicle owners’ rights to inspect the code that runs their
vehicles and to repair and modify their vehicles, or have a mechanic
of their choice do the work. At the moment, the anti-circumvention
prohibition in the Digital
Millennium Copyright Act arguably restricts vehicle inspection,
repair, and modification. If EFF is successful then vehicle owners
will be free to inspect and tinker, as long as they don’t run afoul
of other regulations, such as those governing vehicle emissions,
safety, or copyright law. You can support EFF’s exemption
requests by adding
your name to the petition we’ll submit in the rulemaking. Most
of the automakers operating in the US filed opposition comments
through trade associations, along with a couple of other vehicle
manufacturers. They warn that owners with the freedom to inspect and
modify code will be capable of violating a wide range of laws and
harming themselves and others. They say you shouldn’t be allowed
to repair your own car because you might not do it right. They say
you shouldn’t be allowed to modify the code in your car because you
might defraud a used car purchaser by changing the mileage. They say
no one should be allowed to even look at the code without the
manufacturer’s permission because letting the public learn how cars
work could help malicious hackers, “third-party software
developers” (the horror!), and competitors. John Deere even argued
that letting people modify car computer systems will result in them
pirating music through the on-board entertainment system,
which would be one of the more convoluted ways to copy media (and the
exemption process doesn’t authorize copyright infringement,
anyway).”
Would
the same logic exempt online schools? Note that Netflix has
committed to closed captioning – they don't want to exclude any
possible market segment.
The
Americans with Disabilities Act (ADA) does not apply to Netflix, a
federal appeals court ruled this week.
“Because
Netflix’s services are not connected to any ‘actual, physical
place[],’ Netflix is not subject to the ADA,” a three-judge panel
on the U.S. Court of Appeals for the Ninth Circuit ruled.
War
is an economic event. Not everyone understands that.
Experts
say that, by starting the war with Ukraine, Vladimir Putin, might
have lost the country irrevocably. The biggest loser of this
situation is the Russian gas giant, Gazprom.
Gazprom
has recently informed the Russian government that it would extend
lower prices for gas deliveries to Ukraine beyond the period of the
winter package which lasted until March 31st. The Kremlin agreed to
grant Kyiv a price that is in fact lower than today’s prices on the
European spot market. In the second quarter of 2015, Ukraine will be
buying gas from Russia at the cost of 254,18 US dollars per 1000
square metres. In 2014, Ukrainians were made to pay 485,5 US dollars
for the same quantity. How was this victory possible?
The
European Commission is to provide between 800 million to 1 billion US
dollars for Ukraine’s gas purchases. This money is supposed to
help the Ukrainians increase their gas storage at least 12 billion
cubic metres by November, which according to the Russians, is needed
for sustaining the transit of gas to European customers.
…
Mitigation of Gazprom’s stance is caused by the Kremlin’s
actions in Ukraine. Because of that, Gazprom’s
income in 2014 decreased by 70 per cent and decreased to
around 3,3 billion US dollars. As a result, Gazprom had to decrease
the dividend payments.
…
Gazprom has become the advocate of Ukrainian interests in the
Kremlin because the loss of Ukraine would be the kiss of death for
the company, especially in the time of decreasing oil prices,
diversification of energy and the decreasing demand for raw materials
in the EU. The sanctions, which cut off the Russian banks and,
therefore, also Gazprom from Western capital also add some pressure
to this situation.
Weekly,
I smile like a Great White.
Hack
Education Weekly News
…
The GAO has issued a very critical report about the Library
of Congress’s digital infrastructure. (The
LOC responds.)
…
“Stanford just made tuition free for families earning less than
$125,000 per year,” reports
Vox. This extends the university’s financial aid program that
currently applies to those earning less than $100,000 per year. [All
you have to do is get accepted. Bob]
…
Automated
homework grading at MIT.
If
you can make it work in Word, you can make it work in your Data
Analysis programs.
You
Should Learn Regular Expressions
Regular
Expressions, or RegEx, are used for searching patterns in text. For
instance, a RegEx like iP(hone|ad|od)s? will find mentions
of any iOS device in a document. Knowledge of Regular Expressions is
essential for programmers but they can be a great skill to have for
non-developers as well – people who use Microsoft Word or spend
hours inside Google Spreadsheets.
…
Lea Verou’s presentation
will give you a good overview of what Regular Expressions are and
what you can do with them. Jeffrey Friedl’s book – Mastering
Regular Expressions – is still the best printed reference for
RegEx newbies and masters. You can explore RegexOne,
an interactive Codecademy-like online tutorial for learning RegEx or
go here
for learning the basics of pattern matching.
RegExr
is like a visual playground for Regular Expressions. You enter the
text in one block and the RegEx in the other. As you edit the RegEx,
the matching strings are highlighted in the input text. You can also
hover over any character literal in the RegEx to know what it does.
RegEx101 is a
similar tool that also describes your RegEx in English as you write.
Regulex
and RegExper are
both open-source web apps that make it easy for you to understand and
read Regular Expressions. You enter a RegEx and the tools will
create a Railroad Diagram – for a string to match, it
should be able to successfully move from left of the diagram all the
way to the left along one of the available paths.
Windows
users can download Expresso,
a free program that will help beginners write both simple and complex
regular expressions through a visual builder. Instead of coding the
RegEx manually, you can select the components in a wizard. Reggy
for Mac and RegEx
Coach for Windows can also help you test regular expressions
outside the browser.
Tools
& Techniques for my students gathering data from social networks.
Find
The Best Instagram Web Viewer: Your Options Compared