Saturday, February 06, 2016

Isn't this the wrong way to do things? You're telling me that someone I deal with has really bad security (or is a crook) but you won't tell me who it is?
Lucinda Borrell reports:
A data breach at an unidentified online retailer could have led to credit card users having their account details “compromised”, MoneySavingExpert has learned – resulting in Tesco Bank cancelling a number of its customers’ cards as a “precautionary measure”.
We don’t yet know who the online retailer is and it’s possible multiple credit card providers’ customers could have been put at risk. However Tesco Bank took action after being notified by Mastercard of the breach earlier this week, and is now in the process of identifying those at risk and cancelling their cards.
Read more on MoneySavingExpert. Again, note that this incident is not specific to Tesco or Mastercard. The breach is presumably at a retailer, so whatever card you used with the unnamed retailer may be impacted.




Perspective. How many people does it take to evaluate, suspend and perhaps reevaluate this many accounts? How much of the job could be automated? Is this a common cost of doing business on the Internet?
Twitter – Combating Violent Extremism
by Sabrina I. Pacifici on Feb 5, 2016
Twitter news release: “Like most people around the world, we are horrified by the atrocities perpetrated by extremist groups. We condemn the use of Twitter to promote terrorism and the Twitter Rules make it clear that this type of behavior, or any violent threat, is not permitted on our service. As the nature of the terrorist threat has changed, so has our ongoing work in this area. Since the middle of 2015 alone, we’ve suspended over 125,000 accounts for threatening or promoting terrorist acts, primarily related to ISIS…”




Not ready for prime time?
Every Step You Fake: A Comparative Analysis of Fitness Tracker Privacy and Security
… Today, we are releasing two sections of the report so that consumers can know what companies are doing to secure their personal information. The two sections being released are the study background, and our technical methodology and findings.
Our key technical findings include:
  • Seven out of eight fitness tracking devices emit persistent unique identifiers (Bluetooth Media Access Control address) that can expose their wearers to long-term tracking of their location when the device is not paired, and connected to, a mobile device Jawbone and Withings applications can be exploited to create fake fitness band records. Such fake records call into question the reliability of that fitness tracker data use in court cases and insurance programs.
  • The Garmin Connect applications (iPhone and Android) and Withings Health Mate (Android) application have security vulnerabilities that enable an unauthorized third-party to read, write, and delete user data
  • Garmin Connect does not employ basic data transmission security practices for its iOS or Android applications and consequently exposes fitness information to surveillance or tampering
Read the full report. [Except for the missing bits. Bob]




Resources?
Video Roundup
It’s always great to attend security and privacy conferences in person. But in cases where you have to miss an event, online videos of the talks can be a great way to stay current with the ongoing conversation.
Art, Design, and The Future of Privacy
As I promised back in September, the videos of the event we co-hosted with DIS Magazine at Pioneer Works are available online. The DIS blog had a great writeup with summaries of the different panels, and you can find transcripts over at Open Transcripts. I had a great time participating, and came away with some great perspectives.




Do you think the FCC thought that companies might lower prices? Me too, neither.
Verizon’s New Video Service Tests Net Neutrality Laws
Verizon has confirmed that any video streamed through its new Go90 service won’t count towards the data plans of Verizon customers. That’s bad news for Netflix, YouTube, and other competing streaming video services, which will continue to count against your data cap—unless perhaps those companies participate in one of Verizon’s FreeBee program, which allows companies to underwrite their app’s bandwidth costs on behalf of users.
The practice of exempting some internet usage from a data cap is known as “zero rating,” and most major internet providers are now dabbling in one form of it or another. T-Mobile exempts video and music streaming from various partners through its Music Freedom and Binge On services. AT&T has been experimenting with various forms of sponsored data in recent years. Sprint’s prepaid service includes some zero rated content. And Comcast allows viewers to watch its Stream TV service, which it classifies as a traditional cable television service, on their computers without having it count towards data limits.
Although these services certainly violate the spirit of network neutrality by allowing providers to give certain partners or themselves an advantage over competitors, zero rating isn’t necessarily banned by the FCC’s Open Internet Order.




Just a simple way to move money out of China?
Chinese-led investors plan to buy Chicago Stock Exchange
… The buyers are considering opening a stock exchange in southwest China and also hope to list Chinese stocks in the U.S., Chicago Stock Exchange CEO John Kerin said in an interview Friday. The exchange needs the cash from the buyout to launch its new trading products and platforms, Kerin said.
… Companies don’t exclusively list stocks on the Chicago Stock Exchange as they do on the NYSE, Kerin said. But after the buyout is complete, the Chicago Stock Exchange has plans to allow small companies that don’t meet NYSE requirements to list stocks on the exchange.
The exchange has been also working on an on-demand auction product that is expected to be released in the spring.
… The Chicago Stock Exchange is not a member of the World Federation of Exchanges.




I wonder if “there's an App for that?” Steal small amounts from lots of people.
Why a Chinese Ponzi scheme that preyed on poor farmers should scare us much more than Bernie Madoff’s fraud
… Last year, Ezubao, a peer-to-peer lending platform which claimed to match investors with companies looking for finance, sponsored the online broadcasts of the National People’s Congress by a subsidiary of state-owned news agency Xinhua. With its logo adorning the Great Hall of the People in Beijing, how could savers doubt it was a trustworthy brand?
… One of the company’s executives has since been reported as saying that 95 per cent of the projects it claimed to invest in were fake. Reports suggest that some 880,000 people have collectively lost $10.7 billion after falling for Ding’s hype.
The lessons of Ezubao are far more important than those of the Madoff fraud. This wasn’t wealthy individuals taking advantage of the greed of other wealthy individuals; this was a near-state sponsored company capitalizing on Chinese citizens who could least afford to lose their money.
… And Ezubao might just be the tip of the proverbial iceberg when it comes to fraud among China’s burgeoning wave of financial technology players. Last March, Dagong, China’s credit rating agency, warned that some 1,250 online financial platforms were at risk of going bankrupt. Its president, Xu Zhipeng, cautioned that “a storm of credit risks is brewing in the peer-to-peer lending industry”, which had grown threefold the previous year to US$17 billion.




For my Data Management students.
Data Quality Demands a Team Approach
With data becoming increasingly central to business strategies, data quality management has never been more important. So it is a little disheartening to see that just 40 percent of companies surveyed by 451 Research were very confident in their organization's data quality or its data quality management practices.
In fact the research, sponsored by Blazent, found a complete lack of data quality management practices for a surprising 8.5 percent of respondents.
IT departments are primarily accountable for data quality at most of the surveyed companies, the research revealed. Cross-functional teams and other employees are largely not held responsible.
… IT typically does not take a strategic view of data.
Data entry by employees was the top reason for poor data quality, cited by 57.5 percent of respondents, followed by data migration or conversion projects, mentioned by 47 percent, and mixed entries by multiple users (44 percent).




Perspective. Replacing Gutenberg.
Google Is Publishing Unprintable Books
Early Wednesday morning, Google released two electronic books in its Play Store. Unlike the countless e-books already available — the digital equivalent of paperbacks — these books are digitally native. They could never exist on the printed page.
In collaboration with London-based book publisher Visual Editions, Google’s Creative Labs has been developing books — short stories, really — intended for smartphones and tablets. The project, Editions at Play, is what Google calls “an experiment in unprintable books.” What that means is still up for debate.




Everything I need to know.
Hack Education Weekly News
Via The New York Times: “Public Advocate Letitia James has sued the New York City Education Department, saying a $130 million computer system meant to track services for students with disabilities was a failure.”
… “PARCC Scores Lower for Students Who Took Exams on Computers,” says Education Week. Also via Education Week: “Comparing Paper-Pencil and Computer Test Scores: 7 Key Research Studies.”
Via the Atlanta Journal-Constitution: “A Cobb County high school’s new reliance on iPads for classroom work has some worrying students without them could be left behind. Walton High School is directing parents of its nearly 2,600 students to buy iPads for their children to use in classroom assignments starting this month. School officials have said iPads would be available for check-out for students who couldn’t afford or didn't own them, but only about a dozen are being provided for those students to use.”
… Apollo Education, the parent company of the University of Phoenix, has laid off 70 employees, the Arizona Republic reports.




Tools & Techniques
5 Online AIs You Can Put to Work Right Now
DeepArt.io: Your Photo, in the Style of a Famous Painter




Perhaps Dilbert will explain how the uses of technology change over time.


No comments: