I'm rather surprised that anyone in Congress
noticed. Still, all they want to do is posture a bit. They will
wait until there is a major security breach before asking that Harris
be fired. No indication of technical degrees to go with his PhD in
Organizational Management. No mention of any other job on his
Linkedin profile.
Kelly Field reports:
Angry lawmakers hammered the Education Department’s chief information officer, Danny A. Harris, at a hearing Tuesday, accusing him of ethical lapses and failing to secure the agency’s “vulnerable” information systems.
“Cybersecurity for the federal government is a matter of quality management and effective leadership, not just tech,” said Rep. Will Hurd, a Texas Republican who is chairman of the U.S. House of Representatives information technology subcommittee. Lawmakers warned that the Education Department, which holds some 139 million unique Social Security numbers, is a “prime target” of hackers.
Read more on Chronicle
of Higher Education.
[From
the article:
Mr. Harris, who has been CIO since 2008, [Since
2001, according to his Linkedin page Bob] was the subject
of an investigation, concluded in 2013 by the department’s
inspector general, that found he had hired subordinates to work on
side businesses, failed to report more than $10,000 in income from
those ventures, participated in a panel that awarded a contract to a
friend, and helped a relative land a job at the agency. He has since
taken part in "ethics counseling" provided by the
department.
… Tuesday’s hearing occurred less than three
months after the same committee held a hearing on the state of
cybersecurity
at the department. At that hearing, the department’s inspector
general testified that "longstanding weaknesses" in the
department’s information-security processes had left systems
vulnerable to "serious security threats." The inspector
said department officials had repeatedly failed to fix problems
identified in security audits.
… "While we’re not here today to get
anyone fired, lose the data and it’s a whole different story,"
Mr. Mulvaney warned. "As unpleasant as this hearing has been,
it will be a whole different level of unpleasantness."
Another incident that flew under the radar.
Taobao, the Chinese equivalent of
eBay, was reportedly hacked in October 2015, but it doesn’t seem to
have made U.S. news. Marbridge
Consulting writes:
Police in Zhejiang province recently convened a press conference to announce that a group of hackers obtained information pertaining to approximately 99 mln accounts on Alibaba Group’s C2C e-commerce site Taobao. The hack, which occurred between October 14-16, 2015, originated from rented space on Alibaba Group’s cloud services platform AliCloud. Of the 99 mln accounts in question, 20.59 mln are active user accounts with matching passwords. The hackers’ goal was to acquire the accounts in order to perform order brushing and supply manipulation on Taobao, as well as to sell to scammers.
A spokesperson for Alibaba Group explained that the exposed Taobao accounts were not the result of a direct hack of Taobao, but rather the suspects used acquired account information from non-Taobao accounts to check for matches against 99 mln Taobao accounts, thus discovering the 20.59 mln Taobao accounts in question. [reusing passwords? Bob]
The police report also included a criminal case involving Alibaba Group’s flagship international B2B e-commerce platform Alibaba.com. After gaining access to a seller account through an email phishing scheme, the criminals were able to defraud overseas purchasers of more than USD 1 mln by collecting payments without shipping goods. As of August 2015, Alibaba had received more than 1,700 complaints from foreign purchasers. In October 2015, police rounded up 25 suspects in Fujian province to crack the case open.
Read more on Marbridge
Consulting.
I’m still surprised that I didn’t see this
anywhere else, so am leaving Marbridge’s report as it is for now
while I try to track down other sources about these incidents.
This must be hard for someone who thinks his wish
is law.
Russians
Find Ways to Bypass Latest Web Ban
As Vladimir Putin tightens his his grip over the
Internet in Russia, the latest target is the country’s largest
movie-sharing website. Last week, the Russian communications
watchdog shut access to RuTracker.org, a local equivalent of the
Pirate Bay. The blocking hasn’t quite worked out as planned.
Traffic to RuTracker during the first week after
the ban's imposition fell by less than 15 percent, according to
researcher LiveInternet.ru. On Sunday, the busiest day for the site,
RuTracker received 11 million visits, compared with an average of 13
million before the ban.
Russians found ways to circumvent the blocks
instituted by local Internet providers. Just as RuTracker advised
its users, anonymizing tools allow them to continue accessing the
site. Such software prevents Internet providers from detecting a
user's location, so they can’t block access. Similar techniques
are used by Web users worldwide to access versions of Netflix and
other services outside their home countries, where the content
available may differ from what's offered by the same company
elsewhere in the world.
I think this makes more sense.
National
Security Agency plans major reorganization
… In place of the Signals Intelligence and
Information Assurance directorates — the organizations that
historically have spied on foreign targets and defended classified
networks against spying, respectively — the NSA is creating a
Directorate of Operations that combines the operational elements of
each.
“This traditional approach we have where we
created these two cylinders of excellence and then built walls of
granite between them really is not the way for us to do business,”
said NSA Director Michael S. Rogers, hinting at the reorganization —
dubbed NSA21 — that is expected to be publicly rolled out this
week.
“We’ve got to be flat,” he told an audience
at
the Atlantic Council last month. “We’ve got to be agile.”
Are we heading toward jurisdiction “In the
Cloud?” Will we need to expand the courts?
Hatch moves
to swiftly pass key privacy bill
Sen. Orrin Hatch (R-Utah) has moved to speed
passage of a key privacy bill that is linked to several transatlantic
data sharing agreements.
The so-called Judicial Redress Act would give
EU citizens the right to challenge misuse of their personal data in a
U.S. court, a right U.S. citizens already enjoy in Europe.
I wonder if there are other collections or
services that might be in the same boat?
Founder of
Oyez.org seeks new manager and large purchase price
by Sabrina
I. Pacifici on Feb 2, 2016
WSJ
Law Blog: “For Sale: 61 years of Supreme Court oral arguments,
including audio, transcripts and a suite of multimedia tools. It’s
not on Craigslist yet, but Jerry Goldman says options are narrowing
for Oyez.org,
the private online archive of Supreme Court materials he has been
building since the early 1990s and providing free to the public. Mr.
Goldman, 70 years old, retires from teaching in May, and when he goes
so does Oyez, currently hosted at Chicago-Kent College of Law. The
project, which has two full-time staff members and several student
employees, costs between $300,000 and $500,000 annually to operate,
he says. The sticking point, however, isn’t the annual budget;
Harvard Law School, for one, has offered to pick up the operating
cost. But Mr. Goldman also wants to be paid for the sweat he’s put
into his baby–or at least the intellectual property it
represents—something he estimates is worth well over $1 million…”
Is this the best way to stay current?
The
Directory of Twitter News Feeds
… Now when you open the Twitter homepage, they
will show you to the top tweets across various categories without
requiring you to sign up. The tweets are grouped in categories like
Sports, Music, Food, etc. so it is easier than ever before to follow
your interests.
… Not a problem as here are direct URLs
(links) that will help you access all the Twitter category feeds
without having to log out
of your Twitter account. The list covers both US and
India specific Twitter news categories. You can bookmark the pages
that pique your interest and access them anytime, anywhere.
Could be amusing. Find a Data Management (or
other) plan and have my students take it apart.
Annotation
Studio - Annotate Shared Documents With Text, Video, and Images
Annotation
Studio is a free document editing tool that I learned about a few
weeks ago on Larry
Ferlazzo's blog. This afternoon I finally gave it a try. The
best way to describe what Annotation Studio offers is to think of it
as Google Docs commenting if Google Docs supported videos and
pictures in comments.
On Annotation
Studio you can create a classroom in which you share documents.
You can create documents from scratch by using the Annotation Studio
text editor or you can import a Word document or a PDF. Once you
have created a document you can share it with your class or you can
make it public for anyone to comment on. The best aspect of
Annotation Studio is that every annotation you add to a document can
include videos, pictures, text, and hyperlinks.
Annotation
Studio could be a great tool to use to help add further
explanation to documents. By using the video option in your
annotations you could highlight and illustrate a point for students.
For example, you might highlight a part of speech in a document then
add a video explanation of that part of speech to the annotation that
you create.
Annotation Studio does require students to
register in order to use the tool. That could be a limitation for
use with younger students. The initial set-up of Annotation Studio
wasn't a terribly intuitive process, but once I got the hang of it I
found it to have a lot of potential for future use with students.
How much of this could I automate? Is outsourcing
a viable option? Is there an “Online Footprint for Dummies?”
Job
Hunting? Why You Need a Strong Online Footprint
For job seekers, the persuasive cover letter and
germane resume have long been the way to get a foot in the door, and
more recently, HR directors will rummage through Google to make sure
nothing negative turns up. But now, the extent to which individuals
have established a strong and compelling online presence is having an
impact on who gets the interview and job. Actively building a
digital footprint that proves presence in a professional community
and expertise in the field is increasingly important.
No comments:
Post a Comment