My Ethical
Hackers get no points for these...
Power
Plants and Other Vital Systems Are Totally Exposed on the Internet
What do the controls
for two hydroelectric plants in New York, a generator at a Los
Angeles foundry, and an automated feed system at a Pennsylvania pig
farm all have in common? What about a Los Angeles pharmacy’s
prescription system and the surveillance cameras at a casino in the
Czech Republic?
They’re all exposed
on the internet, without so much as a password to block intruders
from accessing them.
… The latest crop
comes courtesy of San Francisco-based independent security researcher
Paul McMillan, who scanned the entire IPv4 address space (minus
government agencies and universities) and found unsecured remote
management software running on 30,000 computers.
“What
happens in Vegas, stays in Vegas.” OJ will be staying for 15-33
years.
Mikael Thalen reports:
The
Las Vegas Public Works Department has begun testing a newly installed
street light system around City Hall with wide-ranging capabilities
including audio and video recording.
According
to the Michigan based “Illuminating Concepts,” the system’s
main benefits include “energy management, security and
entertainment.” The Las Vegas setup includes such features as
emergency notification flashers, playable music and a sound
announcement system, all controlled from an Ipad.
[...]
The
Public Works Department claims they have no plans to use the system’s
surveillance cameras… for now, leading many to believe the plan is
already well underway as city-wide implementation is discussed.
“Right now our
intention is not to have any cameras or recording devices… it’s
just to provide output out there, not to get any feed or video feed
coming back,” said Public Works Director, Jorge Servantes.
Right, because we all
know mission creep is never possible. To see some areas where
Intellistreets has already been deployed, see their
site.
Read more on
StoryLeaks.com
“in loco
parentis” means you are acting for the parents, not acting
like a parent gone loco. Perhaps you should talk to the
parents before you start your surveillance?
Kelly Wallace reports:
Just
as parents are grappling with how to keep their kids safe on social
media, schools are increasingly confronting a controversial question:
Should they do more to monitor students’ online interactions
off-campus to protect them from dangers such as bullying, drug use,
violence and suicide?
[...]
David
Jones, president of the firm Safe Outlook Corporation, said two
school districts and three schools pay, on average, between $4,000 to
$9,000 per year for one of his technology products called
CompuGuardian and that he expects the number of schools participating
to go up. (Jones said he was not at liberty to reveal which schools
work with his company.)
His
product gives schools access to, among other things, reporting tools
that allow users to search key words connected to cyberbullying and
drug use, and to see whether students are researching topics about
dangers such as school violence.
It’s all “for the
children,” of course.
Read more on CNN.
This will
be so much easier when the government has all the information. Would
the state be able to grab blood from every doctor in town and run DNA
to find a serial rapist? Since the law is inadequate, could this
have been protected by contract?
I came across a case in
Texas on FourthAmendment.com
that gave me food for thought. From Owens
v. State 2013 Tex. App. LEXIS 13767 (Tex. App. – Houston
(1st Dist.) November 7, 2013):
In
State v. Hardy, the Texas Court of Criminal Appeals held that the
State’s subpoena of the results of blood tests conducted by private
medical personnel solely for medical purposes did not violate the
Fourth Amendment. State v. Hardy, 963 S.W.2d 516, 527 (Tex. Crim.
App. 1997). The facts in this case are similar to those in Hardy.
Here, the trial court found that (1) the police officer did not
suggest the blood draw or exert any influence over the hospital
staff; and (2) the blood draw was taken solely for medical purposes.
Because private actors conducted the blood draw and blood tests, the
hospital staff’s blood draw and test of it does not violate the
Fourth Amendment. See Hardy, 963 S.W.2d at 526. Although the State’s
later subpoena of the blood tests is a state action, the request for
records does not violate Owens’ reasonable expectation of privacy.
Id. at 527. We hold that the Fourth Amendment does not bar the
admission of Owens’ blood test results.
Some savvy readers may
think, “Well, sure, that makes sense.” But I was thinking about
whether patients might avoid treatment or wellness checks if they
feared that at some point, the state might subpoena their lab
results. A subpoena is a lower standard than a warrant based on
probable cause. Do we want states to be able to just
subpoena the results of psychiatric evaluations on private
citizens seeking help from private psychiatrists? Or does the Texas
opinion only apply to blood tests and physical examinations but
provide greater protection for mental health records? And have
courts in other states reached the same conclusion that such
subpoenas do not violate the Fourth Amendment?
The issue for the
courts may be the reasonable expectation of privacy under the Fourth
Amendment, but the issue for patients may be the confidentiality of
the doctor-patient relationship. Yes, our privacy practice notices
under HIPAA give some sense of required or permitted disclosures, but
I’d venture to say that most patients do not give much thought that
some day, the state might just subpoena their medical or mental
health records.
Who is ready to move on
Big Data? Auditors!
Thanks
to audit firms, Math Men are taking over Madison Avenue
Deloitte
has purchased Seattle digital ad agency, Banyan Branch. Price
Waterhouse Coopers has picked up New York digital creative shop,
BGT. And so it continues: business consultancies are aggressively
moving into what has traditionally been the marketing/advertising
space serviced by agencies and their holding companies. It’s a
sign that clients have finally woken up. For years, there was little
accountability by agencies for the vast amounts of money they
persuade clients to spend on “branding” exercises. Those Super
Bowl TV spots make a client CEO feel good on the golf course—but
are virtually impossible to relate to an effect on sales.
… Even
Sir Martin Sorrel, CEO of the world’s largest advertising holding
company, WPP, recently
proclaimed: “We are no longer Mad Men, we are Math Men.”
For my
researching students...
Congress.gov
Beta Legislative Site Readies for Prime Time as the new official
website – replacing THOMAS
by Sabrina
I. Pacifici on November 9, 2013
News
release: “The free legislative information website,
Congress.gov,
is transitioning into its permanent role as the official site for
federal legislative information from the U.S. Congress and related
agencies. The site, which launched in beta form last fall and
features platform mobility, comprehensive information retrieval and
user-friendly presentation, is replacing the nearly 20-year-old
THOMAS.gov. Beginning Nov. 19, typing Thomas.gov into a web
browser will automatically redirect to Congress.gov.
@Thomasdotgov Twitter followers will be transferred to the
@Congressdotgov account. THOMAS.gov will remain accessible from the
Congress.gov homepage through late 2014 before it is retired. When
the Library of Congress, in collaboration with the U.S. Senate, U.S.
House of Representatives and the Government Printing Office (GPO)
released Congress.gov as a beta site in the fall of 2012, it included
bill status and summary, member profiles and bill
text from the two most recent congresses at that time – the
111th and 112th. In the year since, Congress.gov has expanded with
the additions of the Congressional Record, committee
reports, direct links from bills to cost estimates from the
Congressional Budget Office, legislative process videos, committee
profile pages and historic access reaching back to the 103rd
Congress. Users have been invited to provide feedback on the site’s
functionality, and many of those suggestions have been incorporated
along with the data updates. Additional content will be incorporated
throughout 2014 – including nominations, treaties and
communications – before THOMAS.gov is formally retired. THOMAS,
named for Thomas Jefferson, was launched by the Library in 1995 as a
bipartisan initiative of Congress. It averages 10 million visits
each year. [Facebook had 164 million unique visitors in
September. So 10 million is less than 2 days on Facebook.
https://siteanalytics.compete.com/facebook.com/
Bob] The system has been updated over the years, but its
foundation can no longer support the capabilities that today’s
Internet users have come to expect, including access on mobile
devices. Using best practices for retrieving and displaying
information, the refined, user-friendly Congress.gov system makes
finding and using legislative information more intuitive,
comprehensive and accessible than the existing system.”
Run
through the rain or wait a few minutes?
– Available
for iOS & Android, Nooly is a weather app that
predicts the exact minute rain or snow will start, the
exact time light rain turns into thunderstorm conditions, and when
exactly the storm will end. Each one of Nooly’s predictions is for
an area of 0.4 square miles. Nooly predicts the minute rain
starts, but it is only for the US and southern parts of Canada.
“Ain't
technology wonderful?”
Motorola
wants to tattoo a mic on your throat
Every week, and it's
free!
… Khan
Academy and Getty Museum are partnering.
… The Wikipedia
Education Program, which has encouraged educators to have
students contribute to Wikipedia as part of their coursework, is
spinning out into its own non-profit, the Wiki
Education Foundation.
… “A
$1-billion plan to put an iPad into the hands of
every Los Angeles student and teacher could prove
difficult to sustain financially after about three years, based on
figures provided by the L.A. Unified School District.”
… A
story in the New Republic highlights more silliness emanating
from the Common Core State Standards – this time,
how the standards rate literature’s complexity. The CCSS has
adopted Lexiles, a rating system developed by the
MetaMetrics corporation, to ascertain how challenging reading
materials are. Apparently Hunger
Games is more complex
than the Grapes of
Wrath; Mr
Popper’s Penguins is
more complex than To
Kill a Mockingbird; and
Slaughterhouse Five
has a fourth-grade reading level.
