German Minister Seeks Rules to Attack Hackers on Foreign Soil
Germany is trying to beef up its cyber defense, after the
interior minister called for rules that allow nations to attack foreign hackers
targeting critical infrastructure.
… “We need
international rules, but also in Germany, that besides protection and defense
enable the tracing and also -- if needed -- the elimination of a foreign
server,” De Maiziere told ARD in an interview Sunday.
To help my Computer Security students think about “Access.”
And a point to consider for any
government health care system?
Gah. Soooo many leaks and breaches are due to default
settings that over-share. How hard is it
for software to set default settings to NOT share with everyone? C’mon, folks.
Sue Dunlevy reports:
THE private health records of
Australians can be accessed by more than half a million people under the latest
bungle with the $2.2 billion electronic My Health Record.
News Corp Australia has learned
that the privacy settings on the government’s computerised My Health Record, which lists
every medicine a patient takes and records every medical visit and procedure,
are automatically set on “universal
access”.
This means every registered
health practitioner in the nation — 650,000 people — can view them, not just the family GP, unless the patient
specifically requested to opt out.
Read more on The
Daily Telegraph.
For my gamers…
GameStop Investigating Major Credit Card Breach Of Online
Customer Data
… Security hound KrebsOnSecurity
heard from two unnamed sources in the financial industry that they received
alerts from a credit card processor indicating that GameStop was likely hacked
sometime between mid-September 2016 and the first week of February 2017. GameStop did not deny that its systems might
have been breached, telling the security blog that it has hired a professional
security firm to look into the matter.
… It is believed that hackers were able to obtain credit card
numbers, expiration dates, names, addresses, and card verification values (CVV2
codes), which are those three-digit (usually) numbers found on the back of
credit cards.
The hackers responsible may have
used special software (malware) to
record and transmit CVV2 codes before they get encrypted. Otherwise, it would be difficult to obtain
that data, as web retailers are now allowed to store CVV2 codes.
This whole process needs a re-think.
Hackers Infiltrate Dallas' 156-Siren Emergency Alert System
With Annoying Results
… some crafty
beings took advantage of the mobile emergency alert system to warn of, of all
things, a zombie apocalypse. It's hard to call an attack like that
malicious, but what it proves is that if someone did want to send out a
malicious message of some sort, this non-malicious message proved that it would
be possible.
… At this time,
Dallas police have not been contacted about the issue, but the FCC has
been. Engineers are working to figure
out just how this breach could have occurred, but it's currently believed that
the attack was a local one, and not performed outside of the area, which will
hopefully make it easier to track down.
Something to watch.
Alleged Russian hacker arrested in Spain at US request
An alleged Russian hacker has been detained in Spain at
the request of American authorities, an arrest that set cybersecurity circles
abuzz after a Russian broadcaster raised the possibility it was linked to the
U.S. presidential election.
… Such arrests
aren’t unusual — American authorities typically try to nab Russian cybercrime
suspects abroad because of the difficulty involved in extraditing them from Russia
— but Levashov’s arrest drew immediate attention after his wife told Russia’s
RT broadcaster that he was linked to America’s 2016 election hacking.
… She said that
when she spoke to her husband on the phone from the police station, he told her
he was told that he had created a
computer virus that was “linked to Trump’s election win.” [I think they mean
SPAM. Bob]
A lesson for my Computer Security students. How does ignoring a problem make it go away?
Wells Fargo Board Says Leaders Shrugged Off Scandal, Then Hid
It
Senior Wells Fargo & Co. managers failed to heed
warnings of spreading sales abuses for more
than a decade, treating thousands of fired employees as rogues, and
then downplayed the mounting terminations as the board began raising questions.
That’s the picture painted by a panel of independent
directors in a 113-page report after six months reviewing how branch workers
opened legions of accounts without customer permission.
… their findings
also prompted the board to claw back an additional $28 million from former
Chief Executive Officer John Stumpf for allegedly reacting too slowly.
This will become more interesting as we start using more
connected devices (e.g. Smart cars.)
When old technology broke, you could fix it yourself or
get a guy down the road to do it for you. If that failed, you could find a repair shop
that would get the job done for much less than going straight to the
manufacturer. With newer products, those
options are disappearing. It is
now often impossible to fix our own stuff.
This change was not accidental. Companies deliberately design products to
prevent us from finding replacement parts.
They don’t even make information available to repair shops. Manufacturers have actively undermined our
right to repair what we buy, and in doing so, they’ve called into question
whether we truly own our purchases at all. Increasingly, the answer is no.
This change places a financial burden on us, restricts
market freedom, and does lasting damage to the environment. In response, a growing number of people are
demanding a change. They are
insisting that our right to repair be enshrined in law.
Perspective.
Computing ain’t cheap!
Tech’s High-Stakes Arms Race: Costly Data Centers
Top
three cloud-computing firms have spent $31.5 billion in 2016 on capital
expenses and leases
Perspective. This
is one of many failed IT projects.
U.S. Immigration Agency Will Lose Millions Because It Can’t
Process Visas Fast Enough
Lost amid the uproar over the Trump administration’s crackdown
on undocumented immigrants is a change coming to the legal immigration system
that’s expected to be costly for both U.S. companies and the government itself.
… The new wrinkle
is that earlier
this week USCIS suspended so-called “premium processing,” a program that
allowed employers to pay extra to reduce visa wait times from as long as eight
months to just two weeks.
Officials have depicted the temporary stoppage as the
upshot of a “significant surge” in demand for expedited service, but, in
reality, it appears to reflect the agency’s own mismanagement and waste.
According to USCIS records, congressional testimony and
interviews with former agency officials, USCIS has plunged most of the
expedited program’s revenues from the last eight years — some
$2.3 billion — into a failed
effort to digitize the larger immigration system, leaving inadequate
resources to staff the H-1B portion that was its cash cow.
… Pausing
expedited service is likely to cause delays for tens
of thousands of applicants for new visas, mainly workers at universities or
research organizations, as well as foreign
doctors who receive H-1Bs in exchange for working in areas that are
medically underserved, according to USCIS data.
It’ll also cost USCIS up
to $100 million in lost fees, agency spokeswoman Carolyn Gwathmey
acknowledged.
Governing like a billionaire?
Donald Trump's travel expenses in 10 weeks cost US taxpayers
as much as Barack Obama spent in two years
Donald Trump’s trips to his luxury Florida resort have
already cost the US taxpayer at least $24 million (£19.2 million) - roughly as
much as Barack Obama spent on travel in the first two years of his presidency.
Mr Trump has spent seven weekends at Mar-a-Lago since taking office ten weeks
ago. It is estimated that each of these
trips costs at
least $3 million (£2.4 million), covering the President’s extensive security
detail.
For my (pale, sickly) gamers.
Something to tease my geeks with…
These Hackathon Hustlers Make Their Living From Corporate
Coding Contests
For my researching student.
Open Access Innovations Are Impacting Academic Publishing
by Sabrina
I. Pacifici on Apr 9, 2017
Chronicle of Higher Education: “Open-access advocates have
had several successes in the past few weeks. The Bill & Melinda Gates Foundation
started its own open-access publishing platform, which the European Commission may replicate. And librarians attending the Association of
College and Research Libraries conference in March were glad to hear that the Open Access Button, a tool that
helps researchers gain free access to copies of articles, will be integrated
into existing interlibrary-loan arrangements. Another initiative, called Unpaywall,
is a simple browser extension, but its creators, Jason Priem and Heather
Piwowar, say it could help alter the status quo of scholarly publishing… Like the Open Access Button, Unpaywall is
open-source, nonprofit, and dedicated to improving access to scholarly
research. The
button, devised in 2013, has a searchable database that comes into play
when a user hits a paywall. Unpaywall,
by contrast, has focused on creating a browser extension. “We want to do just one thing really well:
instantly deliver legal, open-access, full text as you browse,” says Mr. Priem,
who also started the altmetrics site Impactstory with Ms. Piwowar. When an Unpaywall user lands on the page of a
research article, the software scours thousands of institutional repositories,
preprint servers, and websites like PubMed Central to see if an open-access
copy of the article is available. If it
is, users can click a small green tab on the side of the screen to view a PDF. we’re able to deliver an OA copy to users more
than half the time,” says Mr. Priem…”
So my students can keep learning.
An RSS reader may be old-fashioned, but it’s still the
best way to tame the information that bombards us every day — and Feedly is still one of the
most popular RSS readers around. Though
it has Pro and Team plans with
power features, you can still do
a lot with a free Feedly account.
No comments:
Post a Comment