Wednesday, February 03, 2016

I'm rather surprised that anyone in Congress noticed. Still, all they want to do is posture a bit. They will wait until there is a major security breach before asking that Harris be fired. No indication of technical degrees to go with his PhD in Organizational Management. No mention of any other job on his Linkedin profile.
Kelly Field reports:
Angry lawmakers hammered the Education Department’s chief information officer, Danny A. Harris, at a hearing Tuesday, accusing him of ethical lapses and failing to secure the agency’s “vulnerable” information systems.
“Cybersecurity for the federal government is a matter of quality management and effective leadership, not just tech,” said Rep. Will Hurd, a Texas Republican who is chairman of the U.S. House of Representatives information technology subcommittee. Lawmakers warned that the Education Department, which holds some 139 million unique Social Security numbers, is a “prime target” of hackers.
[From the article:
Mr. Harris, who has been CIO since 2008, [Since 2001, according to his Linkedin page Bob] was the subject of an investigation, concluded in 2013 by the department’s inspector general, that found he had hired subordinates to work on side businesses, failed to report more than $10,000 in income from those ventures, participated in a panel that awarded a contract to a friend, and helped a relative land a job at the agency. He has since taken part in "ethics counseling" provided by the department.
… Tuesday’s hearing occurred less than three months after the same committee held a hearing on the state of cybersecurity at the department. At that hearing, the department’s inspector general testified that "longstanding weaknesses" in the department’s information-security processes had left systems vulnerable to "serious security threats." The inspector said department officials had repeatedly failed to fix problems identified in security audits.
… "While we’re not here today to get anyone fired, lose the data and it’s a whole different story," Mr. Mulvaney warned. "As unpleasant as this hearing has been, it will be a whole different level of unpleasantness."




Another incident that flew under the radar.
Taobao, the Chinese equivalent of eBay, was reportedly hacked in October 2015, but it doesn’t seem to have made U.S. news. Marbridge Consulting writes:
Police in Zhejiang province recently convened a press conference to announce that a group of hackers obtained information pertaining to approximately 99 mln accounts on Alibaba Group’s C2C e-commerce site Taobao. The hack, which occurred between October 14-16, 2015, originated from rented space on Alibaba Group’s cloud services platform AliCloud. Of the 99 mln accounts in question, 20.59 mln are active user accounts with matching passwords. The hackers’ goal was to acquire the accounts in order to perform order brushing and supply manipulation on Taobao, as well as to sell to scammers.
A spokesperson for Alibaba Group explained that the exposed Taobao accounts were not the result of a direct hack of Taobao, but rather the suspects used acquired account information from non-Taobao accounts to check for matches against 99 mln Taobao accounts, thus discovering the 20.59 mln Taobao accounts in question. [reusing passwords? Bob]
The police report also included a criminal case involving Alibaba Group’s flagship international B2B e-commerce platform Alibaba.com. After gaining access to a seller account through an email phishing scheme, the criminals were able to defraud overseas purchasers of more than USD 1 mln by collecting payments without shipping goods. As of August 2015, Alibaba had received more than 1,700 complaints from foreign purchasers. In October 2015, police rounded up 25 suspects in Fujian province to crack the case open.
Read more on Marbridge Consulting.
I’m still surprised that I didn’t see this anywhere else, so am leaving Marbridge’s report as it is for now while I try to track down other sources about these incidents.




This must be hard for someone who thinks his wish is law.
Russians Find Ways to Bypass Latest Web Ban
As Vladimir Putin tightens his his grip over the Internet in Russia, the latest target is the country’s largest movie-sharing website. Last week, the Russian communications watchdog shut access to RuTracker.org, a local equivalent of the Pirate Bay. The blocking hasn’t quite worked out as planned.
Traffic to RuTracker during the first week after the ban's imposition fell by less than 15 percent, according to researcher LiveInternet.ru. On Sunday, the busiest day for the site, RuTracker received 11 million visits, compared with an average of 13 million before the ban.
Russians found ways to circumvent the blocks instituted by local Internet providers. Just as RuTracker advised its users, anonymizing tools allow them to continue accessing the site. Such software prevents Internet providers from detecting a user's location, so they can’t block access. Similar techniques are used by Web users worldwide to access versions of Netflix and other services outside their home countries, where the content available may differ from what's offered by the same company elsewhere in the world.




I think this makes more sense.
National Security Agency plans major reorganization
… In place of the Signals Intelligence and Information Assurance directorates — the organizations that historically have spied on foreign targets and defended classified networks against spying, respectively — the NSA is creating a Directorate of Operations that combines the operational elements of each.
“This traditional approach we have where we created these two cylinders of excellence and then built walls of granite between them really is not the way for us to do business,” said NSA Director Michael S. Rogers, hinting at the reorganization — dubbed NSA21 — that is expected to be publicly rolled out this week.
“We’ve got to be flat,” he told an audience at the Atlantic Council last month. “We’ve got to be agile.”




Are we heading toward jurisdiction “In the Cloud?” Will we need to expand the courts?
Hatch moves to swiftly pass key privacy bill
Sen. Orrin Hatch (R-Utah) has moved to speed passage of a key privacy bill that is linked to several transatlantic data sharing agreements.
The so-called Judicial Redress Act would give EU citizens the right to challenge misuse of their personal data in a U.S. court, a right U.S. citizens already enjoy in Europe.




I wonder if there are other collections or services that might be in the same boat?
Founder of Oyez.org seeks new manager and large purchase price
by Sabrina I. Pacifici on Feb 2, 2016
WSJ Law Blog: “For Sale: 61 years of Supreme Court oral arguments, including audio, transcripts and a suite of multimedia tools. It’s not on Craigslist yet, but Jerry Goldman says options are narrowing for Oyez.org, the private online archive of Supreme Court materials he has been building since the early 1990s and providing free to the public. Mr. Goldman, 70 years old, retires from teaching in May, and when he goes so does Oyez, currently hosted at Chicago-Kent College of Law. The project, which has two full-time staff members and several student employees, costs between $300,000 and $500,000 annually to operate, he says. The sticking point, however, isn’t the annual budget; Harvard Law School, for one, has offered to pick up the operating cost. But Mr. Goldman also wants to be paid for the sweat he’s put into his baby–or at least the intellectual property it represents—something he estimates is worth well over $1 million…”




Is this the best way to stay current?
The Directory of Twitter News Feeds
… Now when you open the Twitter homepage, they will show you to the top tweets across various categories without requiring you to sign up. The tweets are grouped in categories like Sports, Music, Food, etc. so it is easier than ever before to follow your interests.
… Not a problem as here are direct URLs (links) that will help you access all the Twitter category feeds without having to log out of your Twitter account. The list covers both US and India specific Twitter news categories. You can bookmark the pages that pique your interest and access them anytime, anywhere.




Could be amusing. Find a Data Management (or other) plan and have my students take it apart.
Annotation Studio - Annotate Shared Documents With Text, Video, and Images
Annotation Studio is a free document editing tool that I learned about a few weeks ago on Larry Ferlazzo's blog. This afternoon I finally gave it a try. The best way to describe what Annotation Studio offers is to think of it as Google Docs commenting if Google Docs supported videos and pictures in comments.
On Annotation Studio you can create a classroom in which you share documents. You can create documents from scratch by using the Annotation Studio text editor or you can import a Word document or a PDF. Once you have created a document you can share it with your class or you can make it public for anyone to comment on. The best aspect of Annotation Studio is that every annotation you add to a document can include videos, pictures, text, and hyperlinks.
Annotation Studio could be a great tool to use to help add further explanation to documents. By using the video option in your annotations you could highlight and illustrate a point for students. For example, you might highlight a part of speech in a document then add a video explanation of that part of speech to the annotation that you create.
Annotation Studio does require students to register in order to use the tool. That could be a limitation for use with younger students. The initial set-up of Annotation Studio wasn't a terribly intuitive process, but once I got the hang of it I found it to have a lot of potential for future use with students.




How much of this could I automate? Is outsourcing a viable option? Is there an “Online Footprint for Dummies?”
Job Hunting? Why You Need a Strong Online Footprint
For job seekers, the persuasive cover letter and germane resume have long been the way to get a foot in the door, and more recently, HR directors will rummage through Google to make sure nothing negative turns up. But now, the extent to which individuals have established a strong and compelling online presence is having an impact on who gets the interview and job. Actively building a digital footprint that proves presence in a professional community and expertise in the field is increasingly important.


No comments: