All you have to do is ask and all secrets will be
revealed!
Another day, another successful phish compromising
employee data.
Add Endologix
to any list you’re compiling. You’ve probably already added
Seagate,
right? DataXu may also have been a victim of this
type of attack; it’s not totally clear from their notification.
And did I remember to tell you about Information
Innovators? Or that York Hospital
might have been hit the same way (it’s hard to be sure from their
notification)?
And maybe Turner
Construction? I’m pretty sure I already told you
about Central
Concrete, but at this point, my head is spinning from
all the reports, so maybe I forgot.
And if your business has escaped so far, be
sure to use this opportunity to warn all your employees about this
type of attack.
My Computer Security class was trying to figure
out how to steal a Billion yesterday. None of my students thought
that detailed instructions and codes would be available online. We
were convinced they had to have inside help.
Serajul Quadir reports:
Investigators suspect unknown hackers installed malware in the Bangladesh central bank’s computer systems and watched, probably for weeks, for how to go about withdrawing money from its U.S. account, two bank officials briefed on the matter said on Friday.
More than a month after hackers breached Bangladesh Bank’s systems and attempted to steal nearly $1 billion from its account at the Federal Reserve Bank of New York, cyber security experts are trying to find out how the hackers got in.
[…]
The hackers appeared to have stolen Bangladesh Bank’s credentials for the SWIFT messaging system, which banks around the world use for secure financial communication.
Read more on Reuters.
No doubt we will laugh at this later, and Apple
will offer FBI Special Agents huge discounts on the next generation
iPhone.
Apple Legal
Chief Eviscerates ’Cheap Shot Brief’ As FBI Threatens To Demand
iOS Source Code
The battle between Apple and the FBI over
unlocking the iPhone
5c belonging to one of the San Bernardino mass shooters is
getting nasty — really nasty. Although Apple and the U.S.
Government are set to see each other in court on March 22nd,
the two have been playing up their respective sides of the story to
the public for weeks.
… But perhaps the most troubling part of the
document [to Apple] is the government’s statements that it could
simply force Apple to hand over its source code if it doesn’t
comply with the unlocking demands. “The FBI cannot itself modify
the software on Farook’s iPhone without access to the source code
and Apple’s private electronic signature.
“The government did not seek to compel Apple to
turn those over because it believed such a request would be less
palatable to Apple. If Apple would prefer that course, however, that
may provide an alternative that requires less labour by Apple
programmers.”
… "It seems like disagreeing with the
Department of Justice means you must be evil and anti-American."
said Sewell during a conference call with reporters yesterday
afternoon. “The tone of the brief reads like an indictment. We’ve
all heard director Comey and Attorney General Lynch thank Apple for
its consistent help in working with law enforcement. Director Comey’s
own statement… that there are no demons here? We certainly
wouldn’t conclude it from this brief.
(Related) The Bully Pulpit should not be used to
spread Bull@#$%! Just saying.
Michael D. Shear reports:
President Obama said Friday that law enforcement must be legally able to collect information from smartphones and other electronic devices, making clear, despite divisions in his administration, that he opposes the stance on encryption taken by technology companies like Apple.
Speaking to an audience of about 2,100 technology executives and enthusiasts at the South by Southwest festival here, Mr. Obama delivered his most extensive declarations on an issue that has split the technology community and pitted law enforcement against other national security departments. Mr. Obama declined to comment specifically on the efforts by the F.B.I. to require Apple’s help in gaining data from an iPhone used by one of the terrorists in the December attack in San Bernardino, Calif.
But the president said that America had already accepted that law enforcement can “rifle through your underwear” in searches for those suspected of preying on children, and he said there was no reason that a person’s digital information should be treated differently.
Well, he just lost my vote. Oh, wait…
Read more on the New
York Times.
[From
the article:
“If, technologically, it is possible to make an
impenetrable device or system, where the encryption is so strong that
there is no key, there is no door at all, then how do we apprehend
the child pornographer?” Mr. Obama said. “How do we disrupt a
terrorist plot?” [Perhaps
the President is deliberately forgetting that we found Osama bin
Laden without even seeing his messages, let alone breaking
encryption. Bob]
(Related) Here is a company that says they CAN do
it. Why doesn't the FBI ever ask them?
Microsoft:
We Store Disk Encryption Keys, But We’ve Never Given Them to Cops
(Related) Wharton talks about Apple v FBI. No
conclusions.
Apple vs.
the FBI: What It Means for Privacy and Security
… The subject of corporate constitutional
rights is of great interest to professors Eric Orts and Amy Sepinwall
from Wharton’s legal studies and business ethics department.
Perhaps presciently, they recently penned the article, “Privacy and
Organizational Persons,” in the Minnesota Law Review that
foreshadowed this debate.
This is not a bad idea (giving credit where due)
A better idea would be to publish the code and pay a bounty to anyone
who identifies a bug.
Leveraging
American Ingenuity through Reusable and Open Source Software
Summary:
Today, we’re releasing for public comment a
draft policy to support improved access to custom software code
developed for the Federal Government.
… And if you want to see how these projects
are doing, the General Services Administration’s government
analytics platform—which
gives users a peek into how people are interacting with the
government online—released its code to the public, which has
already been used by local governments.
Old technologies are scrambling to learn how new
technologies can keep them in business.
Here's why
GM is buying an autonomous driving software firm
General Motors announced
Friday that it's acquiring Cruise Automation for Cruise's
deep software talent and rapid development capability -- a move
designed to further accelerate GM's development of autonomous vehicle
technology.
Over the past two months, GM has entered into a
$500 million alliance with ride-sharing company Lyft; formed Maven –
its personal mobility brand for car-sharing fleets in many U.S.
cities – and established a separate unit for autonomous vehicle
development.
"This acquisition announcement clearly shows
that GM is serious about developing the technology and controlling
its own path to self-driving and driverless vehicles," said Egil
Juliussen, research director for IHS Automotive.
(Related)
Ford
Creates New Business Unit Chaired by Ex-Steelcase CEO
Ford is creating a new unit tasked with investing
in and building out the automaker’s transportation services, a
business segment that includes car-sharing and ride-hailing.
The private subsidiary, called Ford Smart
Mobility, will be based in Palo Alto, Calif. with offices in
Dearborn, Mich., and will be chaired by Jim Hackett, former chief
exec at Mich.-based office furniture company Steelcase, the company
said.
So, all I have to do is link Amazon to my bank
account? What could possibly go wrong?
Capital One
to let users pay bills via Amazon’s Echo
Capital One has teamed with Amazon to let owners
of Amazon’s Echo smart speaker system pay their bills and get other
account information through voice commands.
Amazon’s Echo speakers use a voice-command
service called Alexa to help users perform various tasks, such as
turning on smart lights, playing music or setting a kitchen timer.
The number of so-called “skills” Alexa can perform has been
growing since the Echo became widely available last year and now
numbers more than 100.
The Capital One service will be the first time a
credit-card company has been involved, however. Capital One will let
users check their credit card balance, review recent transactions,
pay their credit card bill and perform other tasks simply by talking
to the device.
Users can sign up for the service via the Amazon
Echo setup app. There they can set up a checking account link if
they want to pay their credit card balance via the Echo.
Because governments throw money at anything that
promises to educate children?
Amazon eyes
up education, plans a free platform for learning materials
Back in 2013, Amazon acquired
(and continued to
operate) online math instruction company TenMarks to gain a
foothold in the online education space. Now it looks like Amazon is
taking those learnings to the next level. The e-commerce giant plans
to launch a free platform for schools and other educators to upload,
manage and share educational materials. Signs indicate that the
platform will be based around open
educational resources (OER) and will come with a ratings system
and interface that will resemble the commercial Amazon.com many of us
already know and use.
Earlier
this month, Amazon Education quietly opened an “Amazon
Education Wait List,” where educators could sign up to get an
alert for when a new, free platform opens for business.
… The development comes at an interesting
time, with companies like Apple
and Google
also sizing up how their own platforms and hardware can play a bigger
role in education services (and where
they might not). Amazon has made a point of noting that its OER
platform will be free and unlimited, but it comes amid a wider
education play that is more revenue focused.
… Whether this is free or not, the wider
e-learning market is massive, and something that Amazon, a bookseller
at its heart that already has students and teachers as customers,
cannot ignore. One researcher estimates
that by 2022, it will be worth $244 billion globally, up from $165
billion in 2014.
Another week closer to being educated.
Hack
Education Weekly News
… The state of California is weighing
outlawing
classes that “without educational content.”
… Via
the San Jose Mercury News: “Responding
to overwhelming public protest, a federal judge has
backtracked on the potential release of records for 10 million
California students – and decided that they won’t be provided to
attorneys in a special-education lawsuit.”
… “Universities Are Becoming Billion-Dollar
Hedge Funds With Schools Attached,” writes
Astra Taylor in The Nation.
… McGraw-Hill issued
a press release, touting that “in 2015 unit sales of digital
platforms and programs exceeded those of print in its U.S. Higher
Education Group for the first time.”
… Elsewhere in e-book-related news: “B&N
Ed Retires Its Digital Textbook Platform, Replaces It With
VitalSource.” And a nice reminder, as the NOOK
pulls out of the UK, meaning customers might lose access to
the digital materials they’ve purchased: “You
Don’t Own Your Ebooks.”
… Volley has raised $2.3
million in seed funding from Zuckerberg Education Ventures and
Reach Capital. Via Techcrunch: “‘This is so fast it feels
like cheating’ students tell Volley. The education startup’s
app lets students point their phone’s camera at a textbook page
or piece of homework, and instantly see resources about key facts and
tricky parts, prerequisites, and links to snippets of online classes
or study guides that could help.” The startup plans to build
“learning algorithms,” according
to Edsurge.