Interesting. They are so concerned about security
they looked into your device to make sure you were doing your part.
Amazon
forces some customers to reset passwords
Amazon has forced an unknown number of account
holders to change passwords that may have been compromised, just as
it heads into one of the busied shopping days of the year.
… The e-mail sent to affected users said that
the company had "recently discovered that your [Amazon] password
may have been improperly
stored on your device or transmitted to Amazon in a way
that could potentially expose it to a third party," according to
ZDNet.
Which statement do we believe, they are
investigating this article or they never comment on articles. Maybe
this was leaked like the original data was leaked?
Andrea Shalal reports:
The
U.S. Air Force is looking into how classified data about a
competition for a next-generation U.S. bomber found
its way into a report published by Forbes magazine,
according to several sources familiar with the issue.
Boeing Co and Lockheed Martin Corp this
month filed a formal protest against the Air Force’s contract with
Northrop Grumman Corp to develop the new long-range strike bomber, a
deal worth up to $80 billion.
Loren Thompson, chief operating officer
of the Lexington Institute think tank, published a detailed column on
the Forbes website the day the protest was filed, saying the estimate
that it would cost $21.4 billion to develop the plane was roughly
twice what the competing industry teams had bid.
The level of detail included in the
column raised concerns given the classified nature of the bomber
program, according to three of the sources.
[From
Reuters:
"The Air Force does
not comment on whether or not media articles might contain classified
information," said Major Robert Leese, an Air Force spokesman.
Is this related to the Starwood breach I posted on
Monday?
Hilton
confirms malware accessed payment info at its hotels
If you've stayed at one of Hilton's hotels in the
past year, you might want to check your credit card history. The
chain has
confirmed
a report that malware
compromised
its payment systems, putting your data at risk. The intruders
got in
between November
18th and December 5th in 2014, and
between
April 21st and July 27th this year. The malware didn't
expose home addresses or PIN codes, but it did get access to card
numbers, security codes and names -- enough that hackers could
potentially make purchases.
Hilton is quick to say that it eliminated the
rogue code, and it's offering a year's worth of free credit
monitoring if you're nervous. With that said, this is a story we've
heard
all
too often:
it's a
belated warning (about two months after a third-party discovery)
for data breaches that could have been devastating far earlier.
While there's no guarantee that Hilton could have stopped the
intrusions in the first place, it would have ideally notified
travelers the moment it realized that something was wrong.
A conspiracy of juveniles? TalkTalk should be
embarrassed.
From the Metropolitan Police:
A fifth person has been arrested in
connection with the investigation into alleged data theft from
TalkTalk.
On Tuesday, 24 November, detectives from
the Metropolitan Police Service’s Cyber Crime Unit (MPCCU) and
officers from Southern Wales Regional Organised Crime Unit executed a
search warrant at an address in Llanelli, Wales.
The 18-year-old boy [E] was arrested at
the address on suspicion of blackmail and taken into custody at a
Dyfed Powys police station.
Detectives continue to investigative.
Four other people have been arrested in connection with the
investigation.
What logic?
Well, this is different. A jury actually found for
a plaintiff who alleged snooping in her driver’s records – and
awarded her damages that included penalizing the Marion
County Sheriff’s Office for enabling the snooping. Nicki
Gorny reports:
An Ocala woman did
not suffer emotional distress when a former Marion
County Sheriff’s Office deputy snooped on her
driving record, an eight-person jury decided Thursday morning, but
she is entitled to $10,100 in damages.
After
approximately five hours of deliberation split between two days, the
jury found that former deputy Clayton Thomas twice violated the
federal Drivers Privacy
Protection Act by pulling up Kellean Truesdell’s
photograph on the Driver and Vehicle Information Database. The panel
awarded her punitive and statutory damages:
•
$100 in punitive damages against Thomas, punishing him for snooping
•
$5,000 in punitive damages against MCSO, punishing
the agency for enabling Thomas’ snooping through a “custom,
policy or practice”
•
$5,000 in statutory damages against Thomas and MCSO together,
recognizing two violations of the federal statute in regard to
Truesdell
So how did they manage to successfully hold the
sheriff’s office responsible? It seems that Thomas had been caught
misusing the DAVID database in 2012, resulting in a suspension of his
access for two months. But:
When
this suspension was lifted, Parmer emphasized, Thomas continued his
DAVID searches with no oversight or repercussions.
The
current sheriff is reportedly more proactive in auditing usage. [I'd
call that managing. Bob]
Will Mattel notify anyone if the child talks about
suicide or indicates she has been abused? If not, is there
liability?
“Prepare your daughter for a
lifetime of surveillance with Hello Barbie, the doll that records
children’s private conversations and transmits them to cloud
servers, where they are analyzed by algorithms and listened to by
strangers. Girls will learn important lessons, like that a friend
might really be a corporate spy, and that anything
you say can and will be used for market research.”
Read more on CCFC and then read Joe’s own post
about this topic on
MassPrivateI.
Clever. You give me all your personal information
and I'll give you a word cloud.
Paul Bischoff writes:
Lately, you’ve probably seen a couple
of your Facebook friends post the results of a quiz app that figures
out your most-used words in statuses. Or maybe you posted it
yourself.
[…]
The “quiz,” created by a company
called Vonvon.me, has risen to over 16 million shares in a matter of
days. It’s been written about in the Independent, Cosmopolitan,
and EliteDaily. Sounds fun, right?
Wrong. That’s over 16 million people
who agreed to give up almost every private detail about themselves to
a company they likely know nothing about.
[From
the article:
The app, like many Facebook quiz apps, is a
privacy nightmare. Here’s a list of the info quiz players have to
disclose to Vonvon.me:
-
Name, profile
picture, age, sex, birthday, and other public info
-
Entire friend
list
-
Everything
you’ve ever posted on your timeline
-
All of your
photos and photos you’re tagged in
-
Education
history
-
Hometown and
current city
-
Everything
you’ve ever liked
-
IP address
-
Info about the device you’re using
including browser and language
Gosh, I don't want anyone to know about that! I
admit I don't know the most requested sites – except Facebook.
European
privacy requests for search removals
Total URLs that Google has evaluated for removal:
1,234,092 URLs
Total requests Google has received: 348,085
requests
… Of total URLs requested for removal from
search results, these top ten sites account for 9%
The new toys just keep coming!
IBM Turns
Up Heat Under Competition in Artificial Intelligence
Programmers of artificial intelligence software
got a new tool to work with Monday, when
International
Business Machines Corp.
announced that a proprietary program known as
SystemML
would be freely available to share and modify through the Apache
Software Foundation.
… IBM is one of the three companies this year
to make available proprietary machine-learning technology under an
open-source license.
Facebook
Inc.
in February, released
portions of its
Torch
software, while Alphabet Inc.’s Google division earlier this
month open-sourced parts of its
TensorFlow
system.
When is free not good? When you competitor does
it? Given enough time, it is likely governments would offer services
like this. Probably within 200 years…
Facebook
expands controversial service in India
A controversial Facebook service offering free Web
services in some parts of India will now be available across the
country, CEO Mark Zuckerberg
said
in a Monday post.
The Free Basics service, offered through the
nonprofit Internet.org, allows customers on some wireless networks
around the world to use certain services, free of charge. That
service is now available to customers of Facebook’s local wireless
partner in India, Reliance Communications.
“As of today, everyone in India nationwide can
access free internet services for health, education, jobs and
communication through Internet.org's Free Basics app on the Reliance
network,” Zuckerberg said.
… Activists contend that the service, because
it could drive users to Facebook-provided applications, violates the
principle of net neutrality, which dictates that all traffic on the
Internet should be treated in the same way. That criticism has cost
the company: local partners on the project
dropped
out after the net neutrality concerns were raised earlier this
year.
Zuckerberg fought that argument at the time,
saying that these “two principles — universal connectivity and
net neutrality — can and must coexist.”
Oops! Why do we continue to believe that
governments know how to handle technologies?
Bangladesh:
Government 'mistakenly' cuts off internet
Officials announced on Wednesday that access to
Facebook, Viber and WhatsApp
had
all been blocked in the wake of a Supreme Court ruling upholding
death sentences for two men convicted of war crimes. But the
country's Telecommunication Regulatory Commission says it
accidentally cut off access to the internet across the whole country.
The web blackout started at around 13:00 local
time and lasted at least 75 minutes, according to the Bangladeshi
newspaper
The
Daily Star. "We restored the internet as soon as we
realised the mistake," says Shahjahan Mahmood, the commission's
chairman. The messaging services were blocked as originally planned
in order to maintain security, he says.
(Related) At least they are trying – if they
listen to him.
Jonathan
Mayer, Well-Known Online Security Expert, Joins F.C.C.
Among privacy groups in the United States,
Jonathan Mayer is known as a vocal advocate who has defended the
right of consumers to turn off online tracking of their browsing
activities.
Among digital security experts, Mr. Mayer is
known, among other things, as the Stanford computer scientist who
reported in 2012 that
Google
was bypassing privacy settings in Apple’s Safari browser by
placing bits of code in digital ads that tracked the sites users
visited. Google subsequently agreed to pay a $22.5 million fine to
settle
charges
by the Federal Trade Commission that the company had
misrepresented its privacy practices.
Now Mr. Mayer, 28, has a new handle: federal
regulator.
On Tuesday, the Federal Communications Commission
said it had hired Mr. Mayer as chief technologist in the agency’s
enforcement bureau.
… The F.C.C. declined to comment on whether
its enforcement bureau had opened investigations into reports by Mr.
Mayer before he was hired by the agency.
Just saying. This will give Apple the ability to
put Porky Pig's face on Donald Trump in real time.
Confirmed:
Apple Acquired Real-Time Motion Capture Firm Faceshift
Faceshift's real-time motion capture work in the
gaming and chat arena could be used for things like real-time avatars
for FaceTime video chats, but there are also more serious
applications such as biometrics for unlocking devices or authorizing
payments through facial recognition techniques.
Only 6 weeks late!
Kim
Dotcom extradition hearing reaches conclusion
… If, on the face of it, he rules there is
some merit in the US government's charges and a case to answer, on
the face of it, the quartet will be sent overseas.
However, should that be the case, an appeal of the
District Court's decision would not be a surprise since the last
three years has been dominated by legal wrangling in all New
Zealand's jurisdictions.
… Mr Mansfield said Megaupload was an internet
service provider and as such was covered by safe harbour provisions
in the Copyright Act.
That was not a defence to the allegations but a
complete bar from prosecution, he said.
The defence argued "Mr Dotcom's dream idea"
was created in response to large attachments being unable to be sent
via email and was "copyright neutral".
"What the US is effectively saying to
internet service providers is: 'you need to actively investigate
copyright infringement and stop it, because if you don't you'll not
only be civilly liable but criminally liable'," Mr Mansfield
said.
For my next Statistics class. Students have to
interpret results for themselves.
Not Even
Scientists Can Easily Explain P-values
… To be clear, everyone I spoke with at
METRICS could tell me the technical definition of a p-value — the
probability of getting results
at least as extreme as the ones
you observed, given that the
null
hypothesis is correct — but almost no one could translate that
into something easy to understand.
… We want to know if results are right, but a
p-value doesn’t measure that. It can’t tell you the magnitude of
an effect, the strength of the evidence or the probability that the
finding was the result of chance.
So what information can you glean from a p-value?
The most straightforward explanation I found came from
Stuart
Buck, vice president of research integrity at the Laura and John
Arnold Foundation. Imagine, he said, that you have a coin that you
suspect is weighted toward heads. (Your null hypothesis is then that
the coin is fair.) You flip it 100 times and get more heads than
tails. The p-value won’t tell you whether the coin is fair, but
it
will tell you the probability that you’d get at least as many heads
as you did if the coin was fair. That’s it — nothing
more.