An update. It's not the DNC's data at issue, it's
the Sanders campaign data that they can't get to. They (all
candidates?) store it on the DNC's database because it's cheaper and
nothing could possibly go wrong.
How Berned
Is Bernie Sanders By The DNC Data Breach?
… The fracas began on Wednesday morning, with
the crash of a software firewall that is supposed to prevent
campaigns from seeing the voter data compiled by rival candidates.
(All the Democratic presidential campaigns have access to the DNC
data, and can then add their own information and analysis to the
database.) The crash allowed members of Sanders’s staff to view
proprietary voter lists of the Hillary Clinton campaign, including,
according to news
reports on Friday, information
on voters less inclined to support the former secretary of state
in the critical early states of Iowa and New Hampshire.
To punish the Sanders campaign for the breach, the
DNC said the campaign could not have access to the party’s voter
data.
… The
DNC files are filled with public information — no
private information, à la credit card company hacks, would have been
compromised here — that’s been gathered from various secretaries
of state offices across the country. Those files contain names,
addresses, elections voted in, and in some states, date of birth and
gender.
Without access to these files, the Sanders
campaign’s ability to canvass voters in a targeted manner — go to
this house, but not that one — is lost, as are its capabilities to
create a tailor-made phone list to contact voters who are more likely
to #FeelTheBern. It basically means Sanders staffers have to
campaign like it’s 1999
… the campaign could have saved or printed
lists outside the NGP VAN system.
But the long-term effects are alarming enough that
the Sanders campaign filed a lawsuit in federal court on Friday
seeking to re-gain access to the DNC’s voter file, saying
that the committee was “attempting to undermine” its campaign,
and that the organization “continues to hold our data hostage.”
… Campaigns
gather information from voters that serve to enrich this file
— who a caller says they’ll vote for or whether a landline number
is dead are seen as valuable tidbits — and they agree to update the
system after the campaign so that future candidates can use it.
But what probably angers Sanders and his people
the most is being locked out of information they’ve collected on
potential Sanders volunteers. If a person whose door is knocked on
says they’d like to volunteer for the campaign, that’s quite a
boon, and the campaign would store that information away in the
system. When staffers were locked out of the NGP VAN system, they
would have lost access to these files, Klaber said.
Does the FBI see China in every hack? Maybe China
is in every hack. Or maybe they have a low threshold for
“sophistication?”
FBI probes
breach at Juniper Networks -CNN
… Juniper on
Thursday said it discovered two security issues that can affect
products or platforms running the ScreenOS software. It released an
emergency security patch, advising customers to update their systems
and apply the patched releases with "the highest priority."
(juni.pr/1msg7WM)
CNN reported that U.S.
officials are concerned because hackers who took advantage of the
flaw could access the network of companies or government agencies
that used the Juniper product.
The breach is believed
to be the work of a foreign government because of the sophistication
involved, U.S. officials told CNN. (cnn.it/1msgmkF)
The opposite of sophistication? Just think of it
as a password you were unlikely to guess. (What do 28 backspaces
spell in Chinese?)
The
Simplest Hack: Hitting The Backspace 28 Times Will Break You Into a
Linux Computer
Linux may be the operating system of choice for
some computer snobs, but there is apparently one giant flaw in it:
you can break into it really, really, really easily. All you have to
do is hit the backspace key enough times, something on the order of
28.
Wait, what?
Lorenzo
Franceschi-Bicchierai at Motherboard
does a pretty good job unpacking this. Essentially, the backspace
bug causes the system to bring up a Grub rescue shell. From this
shell, hackers have access to all the data on the computer, and can
use it to install malware, delete files, or outright steal them. The
bug was discovered by two researchers at the Cybersecurity Group at
the Polytechnic University of Valencia, and published
on the personal site of researcher Hector Marco.
The researchers indicate that the Grub problem
affects Linux systems from 2009 to the present date, though older
systems may be affected. Already, many major distributions,
including Debian and Ubuntu, have released emergency patches to fix
the problem. So if you're a Linux user and think you might be
affected, either try hitting the backspace key 28 times on the login
screen, or just install the patch and don't chance it.
Perspective. Who has the weakest security?
Sounds like a project for my Ethical Hacking class!
Target
Corporation Hops on the Bandwagon of Mobile Wallets
It seems like all retail giants are eager to offer
customers new ways to pay with a smartphone. First it was the
disruptive Apple Pay, which was joined by others including Samsung
Pay, Android Pay and the recently launched Walmart Pay. Now lobbying
its way in, is Target Corporation.
… sources mentioned that the country's fourth
largest retail chain has already undertaken certain decisions,
including which financial institutions and credit card companies to
partner with. Also, the company’s management is inclined to
process transactions through scanning technology, using the QR code
to establish communication with payment terminals, just as Wal-Mart
and Starbucks do. The company will eventually integrate the mobile
payment platform, with its existing mobile shopping app.
(Related) Perspective. Has anyone tried to
collect Best Practices for Apps?
Mobile App
Momentum Continues, Surveys Find
Companies are coming up with all kinds of new ways
to use mobile apps, from customer
service to an intranet
alternative. So it is no surprise that many businesses use at
least a dozen mobile apps. In a report
published today, Apperian, a provider of mobile application
management software, found that the mean number of apps across its
customers is nearly 35 while the median number is 13.
Interestingly, however, Apperian found that the
number of mobile apps deployed is not a leading indicator of an
organization's success with mobile apps. It is more important to
have mobile apps that support business processes aligned with
strategic initiatives, according to Apperian, which also found that
companies tend to deploy mobile apps meant for specific business
functions rather than mobile apps used by entire workforces.
Do you feel more secure?
Budget bill
heads to President Obama's desk with CISA intact
Earlier today, the US House of Representatives
passed a 2,000-page omnibus budget bill that contains
the entirety of the controversial Cybersecurity Information
Sharing Act. Just moments ago, the Senate passed
it too.
… Update: As expected,
President Obama has just signed the bill, enacting both the $1.1
trillion budget and CISA.
Goes to both security and privacy.
How to
Remove Hidden Personal Data in Microsoft Office
… Microsoft
Office creates and maintains a metadata file attached to your
document. Each time you send it, your details are passed forward to
the recipient, and anybody else that document moves forward to. This
is okay in certain situations, but at other times it can be handy to
clean your documents of any personal data before releasing them into
the wild.
… The
Document Inspector is an amalgam of all of the different
inspector services available to Microsoft Office. Their main
functions are to locate and remove any additional data from your
documents. Before using the Document Inspector, save
your current document.
I find it difficult to believe that Directors
would be unsatisfied with the information they receive (on any
subject) for long.
U.S.
Senators Introduce SEC Cybersecurity Disclosure Legislation
… The
legislation asks each publicly traded company to disclose information
to investors on whether any member of the company’s Board of
Directors is a cybersecurity expert, and if not, why having this
expertise on the Board of Directors is not necessary because of other
cybersecurity steps taken by the publicly traded company.
… A
study released earlier this year from the Ponemon Institute found
that 78 percent of the more than 1,000 CIOs, CISOs and senior IT
leaders surveyed had not
briefed their board of directors on cybersecurity in the last 12
months. In addition, 66 percent said they don't believe senior
leaders in their organization consider security a strategic priority.
A
separate survey
published in January by the National Association of Corporate
Directors (NCD) that found that more than half (52 percent) of the
1,013 corporate directors surveyed were not satisfied with the amount
of information they were receiving about cyber-security. In
addition, 36 percent said they were unsatisfied with the quality of
that information.
If you never ask yourself the question, you don't
have an answer when someone else asks. AKA: “We don't need no
stinking privacy!”
FAA Finally
Admits Names And Home Addresses In Drone Registry Will Be Publicly
Available
The FAA finally confirmed this afternoon that
model aircraft registrants’ names and home addresses will be
public. In an email message, the FAA stated: “Until the drone
registry system is modified, the FAA will not release names and
address. When the drone registry system is modified to permit public
searches of registration numbers, names and addresses will be
revealed through those searches.”
The NFL bit could be interesting. If many
companies grab content that requires specific (proprietary) Apps to
access, we'll need a new kind of TV guide – powered by Watson!
Apple Loop:
Multiple iPhone 7 Designs Leak, Tim Cook's $24 Billion NFL Dream,
Apple Fights Microsoft
… Is Apple really going to go after Thursday
Night Football? Reports came in this week that the NFL has reached
out to Apple for a potential bid, along with Amazon, Google, Yahoo,
and the more traditional broadcast partners. It’s
an idea championed by Forbes’ Eric Jackson, who believes a bid
from Apple of $4 billion over five years would bring in $24 billion
in profits:
The extra sales of Apple TVs, content via iTunes that people would then buy on their Apple TVs, plus incremental iPhone sales would all be new iOS ecosystem sales not currently factored in by Wall Street analysts in their current price targets for the Apple stock price.
Therefore, they would have to model in all this additional revenue which would be prompted by large numbers of Americans and those internationally who love their NFL migrating to Apple to be able to stream the games on their Apple TV hockey pucks.
The Wall Street analysts would have to take their best guess of future profits flowing to Apple from this move (which I have argued is $24 billion) and multiply that number by the current forward price-to-earnings multiple which Apple has (which is 11x).
“Always bet on ignorance and intellectual
laziness.”
Furor over
Arabic assignment leads Virginia school district to close Friday
A Virginia county closed all of its schools Friday
because of intense backlash over a class assignment about Islam, with
some parents alleging that their children were being subjected to
Muslim indoctrination and educators emphasizing the importance of
exposing U.S. students to the world’s fastest-growing religion.
A high school geography teacher in rural Augusta
County asked students to try their hand at writing the shahada, an
Islamic declaration of faith, in Arabic calligraphy. The task,
community reaction to it, and a sudden influx of outrage from around
the country — including angry emails, phone calls and threats to
put the teacher’s head on a stake — led the school district to
close rather than risk disruption or violence.
… The shahada translates to: “There is no
god but God. Muhammad is the messenger of Allah.” Some
translations start with: “There is no god but Allah.” [Nothing
about ISIS at all? Bob]
Something to illustrate why my Data Management
students need Data Management. ('cause it never hurts to keep
pounding home the benefits of a good education!)
Microsoft
pursues analytics ambitions with Metanautix acquisition
Microsoft has furthered its pursuit of enterprise
analytics with the
acquisition of Metanautix, a company that makes it possible for
businesses to pull together all their data and gain insights into it.
Metanautix's product can pull information in from
a variety of private and public cloud data sources including
traditional data warehouses, NoSQL databases like Cassandra and
business systems like Salesforce. Once it's aggregated, businesses
can use SQL to query the resulting data pipeline in order to glean
insights from the information.
Perhaps I can have the university buy me some of
this – for my students of course.
Intercept –
A secret catalogue of government gear for spying on your cellphone
by Sabrina
I. Pacifici on Dec 18, 2015
“The
Intercept has obtained a secret, internal U.S. government
catalogue
of dozens of cellphone surveillance devices used by the military and
by intelligence agencies. The document, thick with previously
undisclosed information, also offers rare insight into the spying
capabilities of federal law enforcement and local police inside the
United States. The catalogue includes details on the Stingray,
a well-known brand of surveillance gear, as well as Boeing “dirt
boxes” and dozens of more obscure devices that can be mounted on
vehicles, drones, and piloted aircraft. Some are designed to be used
at static locations, while others can be discreetly carried by an
individual. They have names like Cyberhawk, Yellowstone, Blackfin,
Maximus, Cyclone, and Spartacus. Within the catalogue, the NSA is
listed as the vendor of one device, while another was developed for
use by the CIA, and another was developed for a special forces
requirement. Nearly a third of the entries focus on equipment that
seems to have never been described in public before…”
Just because it's cool (and local) You can see a
long way if you're high enough.
A New Kind
of Landscape Photography
Denver and the Colorado Rockies, as you’ve never
seen them before
… In the late morning, as it passed over the
Pacific, it turned back and looked at the continent to the east.
Gazing over Los Angeles; the Mojave desert; the Grand Canyon; and the
southern tip of Utah, it captured an image of Colorado.
My favorite Saturday reading.
Hack
Education Weekly News
… From
the Indy Star: "Scores on thousands of student exams could
be incorrect because of a computer malfunction that inadvertently
changed grades on Indiana's high-stakes ISTEP test, according to
scoring supervisors familiar with the glitch."
… Coursera has released a list of its “most
coveted certificates in 2015.” Number one: digital marketing.
… Colorado
College has suspended
a student for 6 months for derogatory comments he made on Yik Yak.
… Career Education Corporation says it will
close
all its Le Cordon Bleu schools, citing the new “gainful employment”
regulations.
… From Desmos (and Dan Meyer): Marbleslides.
What else would you call it?
Wookieepedia