Isn't this the wrong way to do things? You're
telling me that someone I deal with has really bad security (or is a
crook) but you won't tell me who it is?
Lucinda Borrell reports:
A data breach at an unidentified online retailer could have led to credit card users having their account details “compromised”, MoneySavingExpert has learned – resulting in Tesco Bank cancelling a number of its customers’ cards as a “precautionary measure”.
We don’t yet know who the online retailer is and it’s possible multiple credit card providers’ customers could have been put at risk. However Tesco Bank took action after being notified by Mastercard of the breach earlier this week, and is now in the process of identifying those at risk and cancelling their cards.
Read more on MoneySavingExpert.
Again, note that this incident is not specific to Tesco or
Mastercard. The breach is presumably at a retailer, so whatever card
you used with the unnamed retailer may be impacted.
Perspective. How many people does it take to
evaluate, suspend and perhaps reevaluate this many accounts? How
much of the job could be automated? Is this a common cost of doing
business on the Internet?
Twitter –
Combating Violent Extremism
by Sabrina
I. Pacifici on Feb 5, 2016
Twitter
news release: “Like most people around the world, we are
horrified by the atrocities perpetrated by extremist groups. We
condemn the use of Twitter to promote terrorism and the Twitter
Rules make it clear that this type of behavior, or any violent
threat, is not permitted on our service. As the nature of the
terrorist threat has changed, so has our ongoing work in this area.
Since the middle of 2015 alone, we’ve suspended over 125,000
accounts for threatening or promoting terrorist acts, primarily
related to ISIS…”
Not ready for prime time?
Every Step
You Fake: A Comparative Analysis of Fitness Tracker Privacy and
Security
… Today, we are releasing two sections of the
report so that consumers can know what companies are doing to secure
their personal information. The two sections being released are the
study background, and our technical methodology and findings.
Our key technical
findings include:
-
Seven out of eight fitness tracking devices emit persistent unique identifiers (Bluetooth Media Access Control address) that can expose their wearers to long-term tracking of their location when the device is not paired, and connected to, a mobile device Jawbone and Withings applications can be exploited to create fake fitness band records. Such fake records call into question the reliability of that fitness tracker data use in court cases and insurance programs.
-
The Garmin Connect applications (iPhone and Android) and Withings Health Mate (Android) application have security vulnerabilities that enable an unauthorized third-party to read, write, and delete user data
-
Garmin Connect does not employ basic data transmission security practices for its iOS or Android applications and consequently exposes fitness information to surveillance or tampering
Read
the full report. [Except
for the missing bits. Bob]
Resources?
Video
Roundup
It’s always great to attend security and privacy
conferences in person. But in cases where you have to miss an event,
online videos of the talks can be a great way to stay current with
the ongoing conversation.
Art, Design, and The Future of Privacy
As I promised back
in September, the videos of the event we co-hosted with DIS
Magazine at Pioneer Works
are available online. The DIS
blog had a great writeup with summaries of the different panels,
and you can find transcripts over at Open
Transcripts. I had a great time participating, and came away
with some great perspectives.
Do you think the FCC thought that companies might
lower prices? Me too, neither.
Verizon’s
New Video Service Tests Net Neutrality Laws
Verizon has confirmed that any video streamed
through its new Go90 service won’t count towards the data plans of
Verizon customers. That’s bad news for Netflix, YouTube, and other
competing streaming video services, which will continue to count
against your data cap—unless perhaps those companies participate in
one of Verizon’s FreeBee
program, which allows companies to underwrite their app’s bandwidth
costs on behalf of users.
The practice of exempting some internet usage from
a data cap is known as “zero rating,” and most
major internet providers are now dabbling in one form of it or
another. T-Mobile exempts video and music streaming from
various partners through its Music Freedom and Binge
On services. AT&T has been experimenting
with various forms of sponsored data in recent years. Sprint’s
prepaid
service includes some zero rated content. And Comcast allows
viewers to watch its Stream
TV service, which it classifies as a traditional cable television
service, on their computers without having it count towards data
limits.
Although these services certainly violate the
spirit of network neutrality by allowing providers to give certain
partners or themselves an advantage over competitors, zero rating
isn’t necessarily banned by the FCC’s Open Internet Order.
Just a simple way to move money out of China?
Chinese-led
investors plan to buy Chicago Stock Exchange
… The buyers are considering opening a stock
exchange in southwest China and also hope to list Chinese stocks in
the U.S., Chicago Stock Exchange CEO John Kerin said in an interview
Friday. The exchange needs the cash from the buyout to launch its
new trading products and platforms, Kerin said.
… Companies don’t exclusively list stocks on
the Chicago Stock Exchange as they do on the NYSE, Kerin said. But
after the buyout is complete, the Chicago Stock Exchange has plans
to allow small companies that don’t meet NYSE requirements to list
stocks on the exchange.
The exchange has been also working on an
on-demand auction product that is expected to be released
in the spring.
… The Chicago Stock Exchange is not a member
of the World Federation of Exchanges.
I wonder if “there's an App for that?” Steal
small amounts from lots of people.
Why a
Chinese Ponzi scheme that preyed on poor farmers should scare us much
more than Bernie Madoff’s fraud
… Last year, Ezubao, a peer-to-peer lending
platform which claimed to match investors with companies looking for
finance, sponsored the online broadcasts of the National People’s
Congress by a subsidiary of state-owned news agency Xinhua. With its
logo adorning the Great Hall of the People in Beijing, how could
savers doubt it was a trustworthy brand?
… One of the company’s executives has since
been reported as saying that 95 per cent of the projects it claimed
to invest in were fake. Reports suggest that some 880,000 people
have collectively lost $10.7 billion after falling for Ding’s hype.
The lessons of Ezubao are far more important than
those of the Madoff fraud. This wasn’t wealthy individuals taking
advantage of the greed of other wealthy individuals; this was a
near-state sponsored company capitalizing on Chinese citizens who
could least afford to lose their money.
… And Ezubao might just be the tip of the
proverbial iceberg when it comes to fraud among China’s burgeoning
wave of financial technology players. Last March, Dagong, China’s
credit rating agency, warned that some 1,250 online financial
platforms were at risk of going bankrupt. Its president, Xu Zhipeng,
cautioned that “a storm of credit risks is brewing in the
peer-to-peer lending industry”, which had grown threefold the
previous year to US$17 billion.
For my Data Management students.
Data
Quality Demands a Team Approach
With data becoming increasingly central to
business strategies, data quality management has never been more
important. So it is a little disheartening to see that just 40
percent of companies surveyed by 451 Research were very confident in
their organization's data quality or its data quality management
practices.
In fact the research,
sponsored by Blazent, found a complete lack of data quality
management practices for a surprising 8.5 percent of respondents.
IT departments are primarily accountable for data
quality at most of the surveyed companies, the research revealed.
Cross-functional teams and other employees are largely not held
responsible.
… IT typically does not take a strategic view
of data.
Data entry by employees was the top reason for
poor data quality, cited by 57.5 percent of respondents, followed by
data migration or conversion projects, mentioned by 47 percent, and
mixed entries by multiple users (44 percent).
Perspective. Replacing Gutenberg.
Early Wednesday morning, Google released
two electronic books in its Play Store. Unlike the countless e-books
already available — the digital equivalent of paperbacks — these
books are digitally native. They could never exist on the printed
page.
In collaboration with London-based book publisher
Visual Editions,
Google’s Creative Labs has been developing books — short stories,
really — intended for smartphones and tablets. The project,
Editions at Play,
is what Google calls “an
experiment in unprintable books.” What that means is still up
for debate.
Everything I need to know.
Hack
Education Weekly News
… Via
The New York Times: “Public Advocate Letitia James has sued the
New York City Education Department, saying a $130
million computer system meant to track services for
students with disabilities was a
failure.”
… “PARCC Scores Lower for Students Who Took
Exams on Computers,” says
Education Week. Also via
Education Week: “Comparing Paper-Pencil and Computer Test
Scores: 7 Key Research Studies.”
… Via
the Atlanta Journal-Constitution: “A Cobb County high school’s
new reliance on iPads for classroom work has some worrying students
without them could be left behind. Walton
High School is directing parents of its nearly 2,600 students to buy
iPads for their children to use in classroom assignments starting
this month. School officials have said iPads would be
available for check-out for students who couldn’t afford or didn't
own them, but only about a dozen are being provided for those
students to use.”
… Apollo Education, the parent company of the
University of Phoenix, has laid off 70 employees, the
Arizona Republic reports.
Tools & Techniques
5 Online
AIs You Can Put to Work Right Now
… DeepArt.io:
Your Photo, in the Style of a Famous Painter
Perhaps Dilbert will explain how the uses of
technology change over time.