Should “Best Practices” be selected to catch
the bad guy or to get your services back online quickly? Perhaps you
should contact the experts before you are hacked. Here
are just a couple of points the article is trying to make.
US-CERT’s
do’s-and-don’ts for after the cyber hack
Too often, agencies are erasing key forensic
evidence after a cyber attack.
… So with that rule to live by, US-CERT offers
these best practices:
General missteps
Hacked organizations shouldn’t automatically
initiate reactive measures to the network without first consulting
incident response experts.
… “This can cause loss of volatile data such
as memory and other host-based artifacts. We also see them touching
adversary infrastructure. It seems unusual, but we do,” she said.
“They are pinging or doing name server (NS) look up, browsing to
certain sites. Agency staff is trying to investigate the incident,
naturally, and they want to conduct the analysis on suspicious
domains or IPs. However, these actions can tip off the adversaries
that they have been detected. Again, a no-no. You don’t want to
do that.”
Resist pre-emptive password resets
Don’t erase audit logs
Nice to see proof it works both ways.
Joshua Phillipp reports:
Hackers released a list showing the phone numbers and home addresses of nine alleged ISIS recruiters, in countries including Turkey, Indonesia, Kuwait, and Iraq. Alongside this, one of the hackers behind the leak detailed how the terrorist organization recruits members using the Internet.
According to the hacker, who goes by the moniker “JhonJoe,” a favorite venue for ISIS recruiters is Twitter. When the recruiters find someone who expresses views similar to their own, they’ll make contact using the direct message function on Twitter.
“We ran a sting operation to uncover this,” said JhonJoe, in an interview on Twitter.
Read more on Epoch
Times.
“We're government security. You can trust us!”
TSA Master
Baggage Keys Compromised, Now Available Online For 3D Printing
When The Washington Post posted a story
about the "secret life" of TSA
bag handlers, it thought it'd spice up its presentation with a neat
shot of master baggage keys being spread in someone's hand like a
fan. As it happens, that was unwise, as when
it comes to standard keys like those used for baggage, all that's
needed to duplicate them is a clear image.
“Minority Report” is coming.
Joe Cadillic writes:
Your child’s writings, texts etc., could get them arrested and put on the Terror Watch List.
Future policing and incarceration is becoming a reality, a B.S. study called “Profiling School Shooters: Automatic Text-Based Analysis” alleges DHS, teachers and psychologists can identify future school shooters based entirely on a students writings!
What’s that you say? It can’t possibly be real? But the study was conducted with the Department of Education (DOE)!
Read more on MassPrivateI.
An extension of privacy or a tool for terrorists?
First
Library to Support Anonymous Internet Browsing Effort Stops After DHS
Email
Since Edward Snowden exposed the extent of online
surveillance by the U.S. government, there has been a surge of
initiatives to protect users’ privacy.
But it hasn’t taken long for one of these
efforts — a project
to equip local libraries with technology supporting anonymous
Internet surfing — to run up against opposition from law
enforcement.
In July, the Kilton
Public Library in Lebanon, New Hampshire, was the first library
in the country to become part of the anonymous Web surfing service
Tor. The library allowed
Tor users around the world to bounce their Internet traffic through
the library, thus masking users’ locations.
Soon
after [How
closely is DHS monitoring libraries? Maybe they are just mapping
TOR? Bob] state authorities received an email about it
from an agent at the Department of Homeland Security.
“The Department of Homeland Security got in
touch with our Police Department,” said Sean Fleming, the library
director of the Lebanon Public Libraries.
After a
meeting at which local police and city officials discussed how Tor
could be exploited by criminals, the library pulled the plug on the
project. [Because
deterring crime is more important than securing your communications
Bob]
(Related) Still making it sound like every crook
uses encryption, which contradicts their reports to Congress. If the
message is encrypted, we still have: Who called, who was called, time
the call was made, duration of the call, locations of caller and
person called, owner of each phone (usually), etc.
RT reports:
FBI Director James Comey continued his push for Silicon Valley to give the federal government backdoor access to encrypted data at a congressional hearing. However, the tech industry has told committee members that it’s not in their interest to help.
At a House Intelligence Committee hearing on Thursday, Comey said that he wants Silicon Valley to create a workaround that would give the federal government access to encrypted data in their programs and hardware, even though more than 140 tech firms have come out against the idea.
Read more on RT.
(Related) This is what the FBI really wants.
Lisa Eadicicco reports:
Siri will be able to perform an important new trick when Apple’s next iPhones come out.
The virtual assistant will always have an ear open, listening for users to summon it, ever ready to answer questions or to assist with certain tasks.
[…]
There are a lot of unanswered questions around these “always listening” devices, such as how they can use the data and who they can share it with.
“[The license agreements] have an extraordinarily wide latitude,” Bruce Schneier, a fellow at the Berkman Center for Internet and Society at Harvard Law, said to Business Insider. “And that’s a huge worry.”
Read more on Business
Insider.
Schools may need to re-think some of their
projects.
Kumar Singam reports:
Reliable sources have informed the Examiner that Montgomery County Public Schools (MCPS), the largest school system in Maryland, has installed LanSchool in Chromebooks distributed to students.
[…]
As the product brochure disarmingly mentions, LanSchool can be used for real-time monitoring of student activity on the computer. The website states that “Thumbnail monitoring allows the teacher to quickly view each student’s screen. At a glance, it is easy to see which students are on or off task. Administrators can monitor up to 3000 students at a time and dual-monitors are supported.” The website goes on to say that “LanSchool v7.8 automatically logs all keystrokes on student machines. (This can be disabled if your organization has policies against keystroke monitoring) Months of keystrokes are kept in a rolling log that can be watched in real-time or exported to a .csv file.”
[…]
The Examiner has confirmed through knowledgeable sources that MCPS did not obtain parental authorization for the use of the intrusive software from students who were given Chromebooks with LanSchool installed.
Read more on Examiner.com
Ah man. Are they taking away my right to ram
anyone that irritates me? That's unAmerican!
(Related) I'll be these guys don't get that
system. Only us second class citizens.
Dodge
Charger Pursuit Gets High-Tech System
Journalists (or anyone) could broadcast using
Periscope or a similar App, but this way they have a predefined
audience?
Journalists
Can Now Broadcast Live Over Facebook
Facebook wants more journalists to use its
platform as their distribution channel of choice. Now the company is
giving reporters a new tool: the ability to stream live on Facebook
itself.
Facebook said today that verified journalists,
experts, and other “influencers” will now be able to use its
Mentions app—formerly available only to select celebrities. The
app will allow journalists to post live to Facebook during breaking
news, for behind-the-scenes reports, or to host live Q&As with
followers, among other possibilities.
Is Microsoft expanding into hardware or (like
Amazon and Google) expanding into everything?
Juicy Rumor
Suggests Microsoft Looking To Rock Computing World With Possible AMD
Acquisition
If you thought that news of Windows
10 downloading in the background without your knowledge was the
biggest bombshell to come out of Redmond, Washington today, then
you’re sorely mistaken. A very interesting rumor is making
the rounds that has the possibility to send shockwaves through the
entire computing industry.
Microsoft is reportedly
in talks to acquire AMD, which would make things quite interesting
not only in the CPU sector (where AMD has played second fiddle to
Intel for years), but also in the graphics sector (where AMD dukes it
out with NVIDIA). For all its efforts to stand up to Intel recently,
AMD just hasn’t had much luck in making a noticeable dent in the
company’s massive share of the desktop, notebook, and server
markets. And even in the graphics sector, NVIDIA has opened up a
pretty significant lead in the discrete graphics market [PDF]
as far as sales are concerned.
Sony does it again? (Screws up, that is.)
Sony: Don't
Use Those 'Waterproof' Xperias Underwater
Turns out, Sony's "waterproof" Xperia
devices might not be so waterproof after all.
After talking up the waterproof capabilities of
its Xperia devices for years — even running marketing campaigns
showing people happily using its devices underwater — Sony now says
that they should not be submerged. As XperiaBlog
first reported, Sony recently revised its support page on water and
dust protection to warn people against taking a swim with their
gadgets.
"Remember not to use the device underwater,"
the site says.
Maybe someday that long, boring commute won't be
so bad...
European
Court Rules That Commuting Time Is Part of the Workday
If Dante had known the pain of traveling to and
from work, he would have made it a punishment in one of the circles
of hell. But a recent court decision in Europe might actually make
some workers want to commute longer.
On Thursday, Europe’s top court ruled that the
time spent commuting to and from work should count as part of the
workday. The ruling applies to employees who don’t have a regional
office to work out of, like electrical technicians, for example.
The time spent commuting to the first appointment
and driving home from the last appointment is to be considered part
of the work day, according to the
ruling, which was handed down by the Court of Justice of the European
Union in Luxembourg.
“I'm shocked, shocked I tell you!”
Iran says
finds unexpectedly high uranium reserve
Iran has discovered an unexpectedly high reserve
of uranium and will soon begin extracting the radioactive element at
a new mine, the head of Iran's Atomic Energy Organisation said on
Saturday.
The comments cast doubt on previous assessments
from some Western analysts who said the country had a low supply and
would sooner or later would need to import uranium, the raw material
needed for its nuclear program.
Sounds classified to me.
Exclusive:
New Emails on Secret Benghazi Weapons
On the third anniversary of the Benghazi terrorist
attack, emails reviewed by Fox News raise significant questions about
US government support for the secret shipment of weapons to the
Libyan opposition.
… As Fox News chief intelligence correspondent
Catherine Herridge first reported, a heavily redacted email released
to the Benghazi committee in May clearly states that on April 8,
2011, a day after the Turi/Stevens exchange, Clinton was interested
in arming the rebels using contractors:
"FYI. the idea of using private security
experts to arm the opposition should be considered," Clinton
wrote. Significantly, the
state department released emails blacked out this line, but the
version given to the Benghazi select committee was complete.
Perspective.
On the 3rd of September, 2015, Benedict
Evans, a veteran mobile industry analyst turned venture
capitalist, tweeted
a chart showing how traditional TV is losing its share of screen to
smartphones and tablets. While Mr. Evans’ chart was not the first
chart to alarm the cable industry, its timing was particularly
interesting, as it came exactly a week before Apple’s major update
of its Apple TV hardware. In fact, many financial and industry
analysts have predicted the demise of the cable industry since rumors
of a new Apple TV hardware or an Apple over-the-top streaming service
emerged
earlier this year.
… For
the first time ever, time spent inside mobile applications by the
average US consumer has exceeded that of TV.
While my students played video games?
Interview:
Seattle girls launch a balloon spacecraft to the edge of space, and
NASA takes note
Our guests on the GeekWire radio show this week
are Rebecca Yeung, 10, and Kimberly Yeung, 8 — two sisters from
Seattle who built
a spacecraft out of wood, broken arrow shafts and a high-altitude
balloon, sending it to the edge of space this past weekend.
Their project — and especially their handwritten
“lessons learned” — captured the attention of thousands of
people, including an exec at NASA’s Jet Propulsion Lab.
This could be useful.
Zoom -
Record Video Conferences in HD
Zoom.us is a great
service for hosting and recording video conferences in high
definition. I was introduced to it by Rod
Berger when he proposed using to record segments for the
#askRichardByrne video series that we're producing. I'm glad
he recommended it because it is a fantastic tool.
Zoom.us allows you
to record your video in a side-by-side format to equally feature both
people in the recording or switch between featuring one person more
than another in the video (click
here for an example). When you record through Zoom you're given
an HD video file to save locally as well as a separate HD voice
recording. Zoom isn't limited to just webcam views as you can also
share your screen through the service. Zoom's free
plan allows you to record for up to forty minutes in each video.
The number of videos that you can create is not limited.
Zoom
does require that you install a desktop client in order to call,
receive calls, and to record.
For my iPhone using students. Also note that this
is another example of “free” resulting in higher sales.
Camera+,
The Third-Party Camera App With 14 Million Users, Goes Free
Tap
tap tap, the company behind the popular third-party camera app
Camera+, is making its
flagship application free today. The
app
… Many app makers believe that offering a free
version of their app will hamper sales of their paid version, which
is why they’ll often roll out stripped-down, “lite” versions of
the app as a way to encourage users to upgrade to the full
experience.
… Then last year, tap tap tap ran a big
promotion with Apple which made the app – the full version –
available for free on the App Store. And what the company discovered
was surprising.
“With the Apple promotion, we definitely were
concerned that giving away the full version for free could
potentially hurt sales,” explains Casasanta. “We still decided
that it would’ve been worth the risk to try it out and when we did,
we were pleasantly surprised to find out that it actually helped
sales as we got a significant spike during the promotion and
afterward.”
That experience then prompted the company to
refocus on developing the free version of Camera+, which is available
today.
I do teach all this but I find it better to let my
spreadsheet students see that others think it's valuable.
5 Excel
Tools You Need Right Now
Powerful and complex, Microsoft Excel comes packed
with so many tools that it's often hard to know which tool can solve
a particular problem. Ever feel like it's easier to just keep doing
things the slow way simply because it works? But you deserve better
than that, so we've gathered five essential Excel tools that save you
time and effort. If you're not currently using them, it's time to up
your game.
Laugh educator, laugh.
Hack
Education Weekly News
… According
to Los Angeles Unified Superintendent Ramon Cortines, the
district is close to a $6 million settlement with Apple and Pearson
over its botched iPad program. [For
the failure of a $1.3 billion program? Someone has good negotiators.
Bob]
… Via
Inside Higher Ed: “The Texas State University System on
Thursday announced a Freshman Year for Free program in which students
can earn a full year of credit through massive open online courses
offered by edX and coordinated by a new nonprofit called the Modern
States Education Alliance. The only costs to students would be
either Advanced Placement or College Level Examination Program tests,
which would be passed after completing various MOOCs. Appropriate
scores would be required on the tests to receive credit from Texas
State campuses.”
… “Meet the Crowdfunded Professor,” says
The Chronicle of Higher Education. “He's left his tenured job
and gone online, solo.” (Related:
Ian Bogost on “Quit Lit.”)
… Richmond
Community College in North Carolina will offer free tuition to
high school students in the area: “The program, dubbed RichmondCC
Guarantee, promises two free years of college for students of public,
private and home schools who have at least a 3.0 grade-point average
and two college courses under their belts.”
… Via
ProPublica: “First Library to Support Anonymous Internet
Browsing Effort Stops After DHS Email.” The Kilton Public Library
in New Hampshire was using Tor, but police have pressured the library
to stop.
… “New
Personality Profiling Technique to Identify Potential School Shooters
Revealed in Study by Ben-Gurion University of the Negev Researchers.”
Gee, what could go wrong.
… Via
the US Census: back-to-school factoids.
… “US education is a $1.5 trillion industry
and growing at 5 percent annually,” says
McKinsey.