Thursday, November 09, 2017

More on the Equifax debacle.
Equifax says it owns all its data about you – really!
by Sabrina I. Pacifici on Nov 8, 2017
Senate Commerce Committee Hearing – Protecting Consumers in the Era of Major Data Breaches – November 8, 2017: “…“Massive data breaches have touched the vast majority of American consumers,” said [Senator John] Thune [R- S.D.]. “When such breaches occur, urgent action is necessary to protect sensitive personal information. This hearing will give the public the opportunity to hear from those in charge, at the time major breaches occurred and during the subsequent response efforts, at two large companies who lost personal consumer data to nefarious actors.”
Washington Post – “The hearing into the data breaches — the fifth so far — featured testimony from current and former officials from Equifax, Yahoo and Verizon, and added to the uproar about the company’s policies and its response to the breach. In one notable exchange, Sen. Catherine Cortez Masto (D-Nev.) asked the interim chief executive officer of Equifax, Paulino do Rego Barros, why consumers do not have a say in opting in or out of the company’s data collection. “This is part of the way the economy works,” Barros said. But he was swiftly interrupted. “The consumer doesn’t have a choice, sir. The consumer does not have a choice on the data that you’re collecting,” Masto said…” [emphasis added]
See also – Testimony and Statement for the Record of Bruce Schneier, Fellow and Lecturer, Belfer Center for Science and International Affairs, Harvard Kennedy School Fellow, Berkman Center for Internet and Society at Harvard Law School. Hearing on “Securing Consumers’ Credit Data in the Age of Digital Commerce” Before the Subcommittee on Digital Commerce and Consumer Protection Committee on Energy and Commerce United States House of Representatives. 1 November 2017.




A source of common (if not always the best) practices.
BSIMM
The Building Security In Maturity Model (BSIMM, pronounced “bee simm”) is a study of existing software security initiatives. By quantifying the practices of many different organizations, we can describe the common ground shared by many as well as the variations that make each unique.
BSIMM is not a how-to guide, nor is it a one-size-fits-all prescription. Instead, it is a reflection of software security.




Another legal wrangle, and an indication of poor crime scene procedure when phones are involved.
The FBI can't figure out how to unlock the Texas church shooter's iPhone, and Apple has offered help
Another fight between Apple and the FBI is brewing, this time over an iPhone reportedly used by Devin Patrick Kelly, the man who went on a shooting rampage on Sunday that left 26 people dead at a church in Sutherland Springs, Texas.
In a press conference on Tuesday, the FBI said it hadn't been able to access data on a phone used by the gunman. The Washington Post identified the phone as an iPhone.
… Apple told Business Insider that it contacted the FBI after it saw the press conference on Tuesday.
"Our team immediately reached out to the FBI after learning from their press conference on Tuesday that investigators were trying to access a mobile phone. We offered assistance and said we would expedite our response to any legal process they send us," an Apple representative said in a statement.
… The Apple representative went on to confirm that law enforcement had not yet asked for any help from Apple accessing data on Kelley's phone.
The implication is that had law enforcement contacted Apple sooner, it would have received tips and guidance that could have helped it preserve access to the data on Kelley's phone.
For example, as a security measure, the fingerprint sensor on iPhones won't work if the user hasn't used it in the past 48 hours. That suggests that for the two days after the rampage and after Kelley's death, but before the press conference, law enforcement could have used Kelley's actual finger or a copy of his fingerprint to access his phone.




Can I be anonymous anywhere?
Okay, this is the kind of ruling I especially dislike. Law.com reports:
Glassdoor Inc., the online job-review site, must comply with a federal grand jury subpoena that seeks identifying information about anonymous users of the website, a federal appeals court ruled Wednesday in rejecting the company’s privacy claims.
A panel of the U.S. Court of Appeals for the Ninth Circuit upheld an Arizona trial judge who had denied Glassdoor’s effort to quash the grand jury subpoena. The government is seeking information about eight users who posted anonymous reviews about a federal health care contractor under investigation for fraud.
San Francisco-based Glassdoor, represented by a team from Perkins Coie, argued that complying with the subpoena would violate its users’ First Amendment rights to anonymous free speech and to associate privately with a group, a concept known as “associational privacy.”
Read more on Law.com.
And no, I still have no resolution on a grand jury subpoena issued to Twitter for my details and the details of a few lawyers because we were all tagged with an emoji in a tweet by Justin Shafer. Shafer has been charged with cyberstalking an FBI agent in Dallas. I was not even in any conversation with Shafer on Twitter, but for reasons known only to him, he added me to a conversation and tweeted a smiley to me and others. No words. just a smiley. And this justifies a grand jury trying to unmask me on Twitter? Wow….




Perspective.
Once considered a boon to democracy, social media have started to look like its nemesis
The Economist – “…Looking at the role that social media have played in politics in the past couple of years, it is the fake-news squalor of Gamergate, not the activist idealism of the Euromaidan, which seems to have set the tone. In Germany the far-right Alternative for Germany party won 12.6% of parliamentary seats in part because of fears and falsehoods spread on social media, such as the idea that Syrian refugees get better benefits than native Germans. In Kenya weaponised online rumours and fake news have further eroded trust in the country’s political system….”




Perspective. Companies will spend a lot of money to protect a monopoly.
Sorry, Comcast: Voters say “yes” to city-run broadband in Colorado
… Fort Collins voters said "yes" to a ballot question that gives the city council permission "to establish a telecommunications utility to provide broadband services," The Coloradoan wrote.
… The anti-municipal broadband group, called "Priorities First Fort Collins," spent $451,000 campaigning against the broadband network ballot question. Priorities First Fort Collins received nearly all of its funding from the Colorado Cable Telecommunications Association and a group run by the city's chamber of commerce. Comcast is a member of both groups that funded the anti-municipal broadband campaign, while CenturyLink is a member of the chamber.
The pro-municipal broadband group in Fort Collins, the Fort Collins Citizens Broadband Committee, spent less than $10,000 in the campaign.
… Colorado has a state law requiring municipalities to hold referendums before they can provide cable, telecom, or broadband service. Yesterday, voters in Eagle County and Boulder County authorized their local governments to build broadband networks, "bringing the total number of Colorado counties that have rejected the state law to 31—nearly half of the state's 64 counties," Motherboard wrote today.
Another 16 municipalities also voted to opt out of that Colorado law yesterday.




Perspective. Note that the police officers are writing paper tickets – isn’t there an App for that?
Human at fault in accident with Las Vegas driverless shuttle
The driverless electric shuttle bus that made its debut downtown Wednesday was involved in a minor accident in its first few hours of service, but the human driver of the other vehicle was at fault, police said.
… Police determined that the shuttle came to a stop when it sensed the truck was trying to back up. However, the truck continued to back up until its tires touched the front of the shuttle.
The truck’s driver was cited for illegal backing.


(Related)
Why Waiting for Perfect Autonomous Vehicles May Cost Lives
Some people think autonomous vehicles must be nearly flawless before humans take their hands off the wheel. But RAND research shows that putting AVs on the road before they’re perfect improves the technology more quickly—and could save hundreds of thousands of lives over time.




Better get that fence up quick! {Does the agent in this picture have a hand grenade clipped to his vest?}
Border Patrol losing agents faster than it can hire them
The U.S. Border Patrol is losing agents faster than it can hire them, according to a new audit released Wednesday that said competition with other federal law enforcement and the difficulty of passing a polygraph test have sapped the agency of nearly 2,000 agents it’s supposed to have.
More than 900 agents leave each year on average but the Border Patrol only hires an average of 523 a year, the Government Accountability Office said in a broad survey of staffing and deployment challenges at the key border law enforcement agency.




For history buffs.
Abraham Lincoln Papers Now Available in Full Color Online
Library of Congress: “The papers of Abraham Lincoln (1809-1865), lawyer, representative from Illinois, and sixteenth president of the United States, contain approximately 40,550 documents dating from 1774 to 1948, although most of the collection spans from the 1850s through Lincoln’s presidency (1861-1865). Roughly half of the collection, more than 20,000 documents, comprising 62,000 images, as well as transcriptions of approximately 10,000 documents, is online.
… Treasures in the collection include Lincoln’s first and second inaugural addresses, his preliminary draft of the Emancipation Proclamation, the two earliest known copies of the Gettysburg Address (the Nicolay and Hay copies), his August 23, 1864, memorandum expressing his expectation of being defeated for re-election in the upcoming presidential contest, and a condolence letter written to Mary Todd Lincoln by Queen Victoria following the assassination of Abraham Lincoln in 1865. The Lincoln Papers are characterized by a large number of correspondents, including friends and associates from Lincoln’s Springfield days, well-known political figures and reformers, and local people and organizations writing to their president…”




Anything to get rid of help my students!
Resume Assistant” uses LinkedIn’s data to make Word a better résumé builder
Writing and updating your résumé is a task that few of us enjoy. Microsoft is hoping to make it a little less painful with a new feature coming to Word called Resume Assistant.
Resume Assistant will detect that you're writing a résumé and offer insights and suggestions culled from LinkedIn.
… The feature will also show job openings that are suitable for your résumé directly within Word, putting résumé writers directly in contact with recruiters.
… The Resume Assistant will become available to Office 365 users that have opted in to the Insider early access program on Thursday. ... Microsoft will then roll it out to other Office 365 users more broadly over the next few months.


No comments: