More on the Equifax debacle.
Equifax
says it owns all its data about you – really!
Senate Commerce Committee Hearing –
Protecting
Consumers in the Era of Major Data Breaches – November 8, 2017:
“…“
Massive
data breaches have touched the vast majority of American
consumers,” said [Senator John] Thune [R- S.D.]. “When such
breaches occur, urgent action is necessary to protect sensitive
personal information. This hearing will give the public the
opportunity to hear from those in charge, at the time major breaches
occurred and during the subsequent response efforts, at two large
companies who lost personal consumer data to nefarious actors.”
Washington
Post – “The hearing into the data breaches — the fifth so
far — featured
testimony
from current and former officials from Equifax, Yahoo and
Verizon, and added to the uproar about the company’s policies and
its response to the breach. In one notable exchange, Sen. Catherine
Cortez Masto (D-Nev.) asked the interim chief executive officer of
Equifax, Paulino do Rego Barros, why consumers do not have a say in
opting in or out of the company’s data collection. “This is part
of the way the economy works,” Barros said. But he was swiftly
interrupted. “
The consumer doesn’t have a choice, sir.
The consumer does not have a choice on the data that you’re
collecting,” Masto said…” [emphasis added]
See
also – Testimony
and Statement for the Record of Bruce Schneier,
Fellow and Lecturer, Belfer Center for Science and International
Affairs, Harvard Kennedy School Fellow, Berkman Center for Internet
and Society at Harvard Law School. Hearing on “Securing
Consumers’ Credit Data in the Age of Digital Commerce” Before the
Subcommittee on Digital Commerce and Consumer Protection Committee on
Energy and Commerce United States House of Representatives.
1
November 2017.
A source of common (if not always the best)
practices.
BSIMM
The Building Security In Maturity Model (BSIMM,
pronounced “bee simm”) is a study of existing software security
initiatives. By quantifying the practices of many different
organizations, we can describe the common ground shared by many as
well as the variations that make each unique.
BSIMM is not a how-to guide, nor is it a
one-size-fits-all prescription. Instead, it is a reflection of
software security.
Another legal wrangle, and an indication of poor
crime scene procedure when phones are involved.
The FBI
can't figure out how to unlock the Texas church shooter's iPhone, and
Apple has offered help
Another fight between Apple and the FBI is
brewing, this time over an iPhone reportedly used by Devin Patrick
Kelly, the man who went on a shooting rampage on Sunday that left 26
people dead at a church in Sutherland Springs, Texas.
… Apple told Business Insider that it
contacted the FBI after it saw the press conference on Tuesday.
"Our team immediately reached out to the FBI
after learning from their press conference on Tuesday that
investigators were trying to access a mobile phone. We offered
assistance and said we would expedite our response to any legal
process they send us," an Apple representative said in a
statement.
… The Apple representative went on to confirm
that law enforcement had not yet asked for any help from Apple
accessing data on Kelley's phone.
The implication is that had law enforcement
contacted Apple sooner, it would have received tips and guidance that
could have helped it preserve access to the data on Kelley's phone.
For example, as a security measure, the
fingerprint sensor on iPhones won't work if the user hasn't used it
in the past 48 hours. That suggests that for the two days after the
rampage and after Kelley's death, but before the press conference,
law enforcement could have used Kelley's actual finger or a copy of
his fingerprint to access his phone.
Can I be anonymous anywhere?
Okay, this is the kind of ruling I especially
dislike. Law.com reports:
Glassdoor Inc., the online job-review
site, must comply with a federal grand jury subpoena that seeks
identifying information about anonymous users of the website, a
federal appeals court ruled Wednesday in rejecting the
company’s privacy claims.
A panel of the U.S. Court of Appeals for
the Ninth Circuit upheld an Arizona trial judge who had denied
Glassdoor’s effort
to quash the grand jury subpoena. The government is
seeking information about eight users who posted anonymous reviews
about a federal health care contractor under investigation for fraud.
San Francisco-based Glassdoor,
represented by a team from Perkins
Coie, argued that complying
with the subpoena would violate its users’ First Amendment rights
to anonymous free speech and to associate privately with a group, a
concept known as “associational privacy.”
And no, I still have no resolution on a grand jury
subpoena issued to Twitter for my details and the details of a few
lawyers because we were all tagged with an emoji in a tweet by Justin
Shafer. Shafer has been charged with cyberstalking an FBI agent in
Dallas. I was not even in any conversation with Shafer on Twitter,
but for reasons known only to him, he added me to a conversation and
tweeted a smiley to me and others. No words. just a smiley. And
this justifies a grand jury trying to unmask me on Twitter? Wow….
Perspective.
Once
considered a boon to democracy, social media have started to look
like its nemesis
The
Economist – “…Looking at the role that social media have
played in politics in the past couple of years, it is the fake-news
squalor of Gamergate, not the activist idealism of the Euromaidan,
which seems to have set the tone. In Germany the far-right
Alternative for Germany party won 12.6% of parliamentary seats in
part because of fears and falsehoods spread on social media, such as
the idea that Syrian refugees get better benefits than native
Germans. In Kenya weaponised online rumours and fake news have
further eroded trust in the country’s political system….”
Perspective. Companies will spend a lot of money
to protect a monopoly.
Sorry,
Comcast: Voters say “yes” to city-run broadband in Colorado
… Fort Collins voters said "yes" to
a ballot question that gives the city council permission "to
establish a telecommunications utility to provide broadband
services,"
The Coloradoan wrote.
… The anti-municipal broadband group, called
"Priorities First Fort Collins," spent $451,000 campaigning
against the broadband network ballot question. Priorities First Fort
Collins received nearly all of its funding from the Colorado Cable
Telecommunications Association and a group run by the city's chamber
of commerce. Comcast is a member of both groups that funded the
anti-municipal broadband campaign, while CenturyLink is a member of
the chamber.
The pro-municipal broadband group in Fort Collins,
the Fort Collins Citizens Broadband Committee, spent less than
$10,000 in the campaign.
… Colorado has a
state
law requiring municipalities to hold referendums before they can
provide cable, telecom, or broadband service. Yesterday, voters in
Eagle
County and
Boulder
County authorized their local governments to build broadband
networks, "bringing the total number of Colorado counties that
have rejected the state law to 31—nearly half of the state's 64
counties,"
Motherboard
wrote today.
Perspective. Note that
the police officers are writing paper tickets – isn’t there an
App for that?
Human at
fault in accident with Las Vegas driverless shuttle
The driverless electric shuttle bus that made its
debut downtown Wednesday was involved in a minor accident in its
first few hours of service, but the human driver of the other vehicle
was at fault, police said.
… Police determined that the shuttle came to a
stop when it sensed the truck was trying to back up. However, the
truck continued to back up until its tires touched the front of the
shuttle.
The truck’s driver was cited for illegal
backing.
(Related)
Why
Waiting for Perfect Autonomous Vehicles May Cost Lives
Some people think autonomous vehicles must be
nearly flawless before humans take their hands off the wheel. But
RAND research shows that putting AVs on the road before they’re
perfect improves the technology more quickly—and could save
hundreds of thousands of lives over time.
Better get that fence up quick! {Does the agent
in this picture have a hand grenade clipped to his vest?}
Border
Patrol losing agents faster than it can hire them
The U.S. Border Patrol is losing agents faster
than it can hire them, according to a new audit released Wednesday
that said competition with other federal law enforcement and the
difficulty of passing a
polygraph test have sapped the agency of nearly 2,000
agents it’s supposed to have.
More than 900 agents leave each year on average
but the Border Patrol only hires an average of 523 a year, the
Government
Accountability Office said in a broad survey of staffing and
deployment challenges at the key border law enforcement agency.
For history buffs.
Abraham
Lincoln Papers Now Available in Full Color Online
Library
of Congress: “The papers of Abraham Lincoln (1809-1865),
lawyer, representative from Illinois, and sixteenth president of the
United States, contain approximately 40,550 documents dating from
1774 to 1948,
although most of the collection spans from the 1850s through
Lincoln’s presidency (1861-1865). Roughly half of the collection,
more than 20,000 documents, comprising 62,000 images, as well as
transcriptions of approximately 10,000 documents, is online.
… Treasures in the collection include
Lincoln’s first and second inaugural addresses, his preliminary
draft of the Emancipation Proclamation, the two earliest known copies
of the Gettysburg Address (the Nicolay and Hay copies), his August
23, 1864, memorandum expressing his expectation of being defeated for
re-election in the upcoming presidential contest, and a condolence
letter written to Mary Todd Lincoln by Queen Victoria following the
assassination of Abraham Lincoln in 1865. The Lincoln Papers are
characterized by a large number of correspondents, including friends
and associates from Lincoln’s Springfield days, well-known
political figures and reformers, and local people and organizations
writing to their president…”
Anything to get rid of help my
students!
“Resume
Assistant” uses LinkedIn’s data to make Word a better résumé
builder
Resume
Assistant will detect that you're writing a résumé and
offer insights and suggestions culled from LinkedIn.
… The feature will also show job openings that
are suitable for your résumé directly within Word, putting résumé
writers directly in contact with recruiters.
… The Resume Assistant will become available
to Office 365 users that have opted in to the Insider early access
program on Thursday. ... Microsoft will then roll it out to other
Office 365 users more broadly over the next few months.