...and eventually it will be your company,
Computer Security students. Interesting that the FBI had to tell
them about the passwords being on the Dark Net, but they immediately
knew for certain that they had not been breached.
Another
Day, Another Hack: Up to 320,000 Time Warner Cable Email Passwords
US telecoms company Time Warner Cable Inc
announced on Wednesday that up to 320,000 customers could have had
their email and password details stolen, Reuters
reports.
According to the news wire, Time Warner Cable said
that no evidence of a breach was found in the company's systems.
Instead, the details may have been obtained by directly targeting
customers themselves, perhaps through phishing emails or malware, or
by reusing credentials obtained via a data breach of another company.
A Time Warner Cable spokesperson told Reuters the
company was notified of the issue by the FBI.
So by default they were secure, but they changed
it to be less secure. What genius made that decision?
Greg Otto reports:
Nearly 12,000 Interior Department laptops are inadequately protected against the theft of personally identifiable information due to poorly configured software.
In a management advisory obtained by FedScoop, the department’s Deputy Inspector General Mary Kendall wrote that a large number of laptops have their full-disk encryption software configured to run post-boot user authentication, which can be hacked relatively easily. Interior laptops were previously set to run pre-boot authentication, the software’s default setting and the one recommended by the National Institute of Standards and Technology.
Read more on FedScoop.
Too big to care?
Doug Drinkwater reports what regular readers have
likely already noticed: following a data breach, customers are upset,
some will be reluctant to do business again with the entity, there
may be brand or reputation damage to the firm, but big businesses
survive and will continue to grow or rebound. So there may or may
not be reputation damage, but even if there is, it hasn’t turned
out to be as impactful as previous surveys and clarion calls might
suggest.
Although incident response impacts reputation
damage, reputation damage may not be as damaging to the bottom line
as companies had been told to fear.
Read more on CSO.
They’re only talking about big corporations (not surprisingly).
What about small businesses? Do they rebound or do they fold? Over
the years, I’ve reported on some cases where a business did not
recover from a breach and folded. And recently, I reported on two
data exposures where neither company has as yet recovered and it
appears at least one of them has just disappeared.
I have nothing to hide.
Oscobo
is a UK-based search engine trying to appeal to the privacy-conscious
folks who do not want to be tracked. From their privacy policy:
It’s pretty simple really. We are on your side. We will NOT store or mess around with your personal data.
What we don’t do…
We DO NOT store ANY data on our users:
NOT when you use our site.
NOT
when you leave.
NOT when you type
words in the search box.
NOT when
you come back.
No cookies, No tracking, No IP, nuttin…., zip…, nada….
We DO NOT know WHO you are, WHERE you have been or where you are GOING and we certainly DO NOT compile any profiles.
Set the fine low, settle fast, claim that a lot of
victories proves you are a champion of the people!
I’m not seeing any press release from NYS
Attorney General Schneiderman’s office yet, but Kenneth Lovett of
the NY Daily News reports that Uber has settled two probes
stemming from both its “God View” privacy breach scandal and
delayed notification of a breach involving drivers’ information.
In addition to paying the $20,000 fine to settle both probes, Uber, whose latest valuation was $62.5 billion, voluntarily agreed to comply with a number of provisions, according to a source who read the agreement.
[…]
Uber also agreed to encrypt rider geo-location information and adopt “multi-factor authentication” that would be required before an employee could access riders’ personal information.
In addition, the company formally agreed to conduct annual privacy and security training for employees, designate someone to supervise a privacy and security program, and maintain reasonable security practices, the source said.
Read more on the NY
Daily News.
Attorney General Schneiderman seems to be going
lightly with monetary penalties. His recent settlement with U. of
Rochester over another breach involved a $15,000
penalty. It looks like he’s trying to make a point and is more
focused on correction rather than punitive measures.
But sometimes, you have to fight. What
constitutes the “line” that Turkey crossed?
Twitter
files lawsuit against Turkish fine over 'terrorist propaganda':
source
Micro-blogging site
Twitter filed a lawsuit in an Ankara court on Thursday, seeking to
annul a fine by the Turkish authorities for not removing content
Turkey says is "terrorist propaganda", a source familiar
with the case told Reuters.
A Turkish official said
much of the material in question was related to the Kurdistan Workers
Party (PKK) which Ankara deems as a terrorist organization.
… Ankara has taken
a tough stance on social media under President Tayyip Erdogan and the
ruling AK Party he founded. It has temporarily banned access to
Twitter site several times in the past for failing to comply with
requests to remove content.
But the 150,000 lira
($50,000) fine, imposed by the BTK communications technologies
authority, was the first of its kind by Turkish authorities on
Twitter.
Twitter, in its
lawsuit, is arguing that the fine is against the law and should be
annulled, the source said.
My Data Management class was arguing about this
yesterday. (This could be a fun Quarter)
Dozens of Internet rights groups are pressing
Facebook to clean up its “unfounded and divisive” advocacy in
India around Free Basics, the social media company’s program to
offer limited Internet access for free.
The groups believe the program is at odds with net
neutrality. And in an open letter to Facebook CEO Mark Zuckerberg,
they accuse Facebook of making “disingenuous” claims that the
opposition is coming from a small group of critics.
… Facebook’s program is a partnership
between the social media company and a number of mobile carriers to
bring Internet access to many unconnected parts of the world. In a
process known as zero-rating, the Free Basics app allows mobile phone
users to have free access to dozens of different websites, including
news and jobs sites, Bing search, Wikipedia, ESPN, ACCuWeather,
Facebook and others.
The program has faced an uphill
battle in India since being unveiled last year. Many argue the
plan goes against net neutrality, the principle that no Internet
traffic or app should be prioritized above another. And the business
model of zero-rating — or exempting certain Internet traffic from
data caps — is a controversial topic that is still being debated in
the United States.
… UPDATE 3:19 p.m. — A Facebook Spokesperson
responded: "We respect the authors of the letter, but strongly
disagree with their facts and conclusions. First, in the only
nationally representative poll conducted in India, 86% of Indians
support free basics. Those who aren’t connected want inexpensive,
innovative new opportunities to come online. Second, there is no
credible evidence that this program discourages access to the full
internet — indeed, data from more than 35 countries suggests the
opposite. We do not believe it makes sense to halt a program that
accelerates economic development for those most in need. Third, the
Free Basics program does not discriminate between content providers.
The program has transparent technical requirements and any service
that meets them can participate. Fourth, while we share the signers'
commitment to net neutrality, we do not believe this important
principle was ever intended to deprive poor people of the opportunity
to experience the benefits of basic Internet services. Finally,
regulators around the world who have looked at this issue have
concluded that these types of programs can exist alongside strong net
neutrality rules."
Because symptoms are easier to address than
causes. Even if they can't articulate their concern, they do know
owning a gun makes them feel safer than anything politicians do.
Gun Stocks
Surge As Obama Issues Executive Orders On Gun Safety
… So in the wake of President Obama’s
efforts to strengthen existing gun laws, guns and ammo stocks are
once again jumping.
Shares of Sturm, Ruger & Co jumped 6.8% in
Tuesday trading, hitting their highest level in a full year. The
164-year-old Smith & Wesson, meanwhile, saw its stock surge more
than 12% and reach its highest price since July of 2007.
Can China lead us into a recession? I kind of
doubt it. Not likely to bring down the government either.
World stock
markets slide as panic in China spreads
… China’s share market traded for less than
30 minutes Thursday, slumping 7 percent before triggering the second
emergency market closure this week and generating talk of a crisis.
In Europe, the FTSE 100 index fell 2.5 percent in
early London trading, while Germany's Dax index slipped 3.5 percent.
In overnight trading, Standard & Poor’s 500-stock index futures
in the United States were 2.2 percent lower.
Against a backdrop of a weak economy and, some
argue, an overvalued currency, confidence in China had long been in
short supply. But investors also blamed ill-considered and poorly
explained moves by the authorities for fueling the panic this week.
Perspective. (Note that China was left out)
… Yet one
major region on Netflix’s world map remains dark: China, home to
nearly a quarter of the world’s broadband households. And in many
of the 190 countries where Netflix now is available — including
Turkey, Russia and Poland — the service is available in English,
but not the local language.
“We still have a lot of work to do,” Reed
Hastings, chief executive of Netflix, said in a telephone interview
Wednesday afternoon. “Because of the number of countries, it seems
like we are ahead of plan. But we still have China — we still have
a quarter of the world to go.”
Want to bet that Congress jumps on this? 'cause
everyone else is betting it will sink without a ripple.
This is absolutely disgraceful. Morgan Chalfant
reports:
More than 40,000 backlogged mail packages of veterans’ disability claims material were discovered at a VA regional office in Florida, according to a new report from the VA inspector general.
Investigators also found more than 1,600 boxes of unprocessed veterans’ claims material at a scanning facility with which the St. Petersburg, Florida, regional office was contracting.
Read more on Washington
Free Beacon.
Looks like hours of fun!
The New
York Public Library's Remarkable New Digital Collection
… The New York Public library has
digitized more than 187,000 images, all in the public
domain—meaning they’re freely available for anyone to use.
Is Dilbert pointing out the major difference
between my students and the managers they will work for?
No comments:
Post a Comment