Monday, August 03, 2015

Want a new life? Have $20.00? - What I'm reading 8/3/2015

HVD: The biggest foe is generally risk aversion. People in government are trained to not do things differently because there’s often really bad consequences when you try something differently and it fails. We run up against this all the time.
MD: I wish there were bad guys with top hats and handlebar mustaches because if there was some super villain behind a humongously dysfunctional project, all we would have to do is identify that person and take them out and everything would get better. That’s not the problem. The problem is just all of the things that inevitably happen when you try to coordinate 60,000 people in the VA to do the same thing at the same time. Even when somebody looks like they’re being a big pain, it’s just a function of their position in the bureaucracy and their role. Their interest is almost always wanting the same thing that we want, which is that they want the veterans to get a better experience, they want the disability claims to be adjudicated faster, but to them that doesn’t mean the same thing necessarily that it means to the person next to them.
Good luck to them, from what I have seen of Federal IT systems they will need it. 

(Interesting point made in the article btw, according to the interviewee the original cost $200,000,000 to develop and would have cost $70,000,000 per year to maintain.  The fixed site is $4,000,000 and $4,000,000.)

The Verge - Star Trek's original Uhura is going on a NASA mission -

Nichelle Nichols, aka the original Uhura from Star Trek, is going on a NASA mission. First mentioned in a Reddit AMA and then clarified in a post on Starpower, Uhura will be "among the first non-essential personnel to experience NASA's newest telescope: SOFIA."
It isn't, however, a mission into space: SOFIA ("Stratospheric Observatory For Infrared Astronomy") is built into a Boeing 747, which will take off from NASA's Armstrong Flight Research Center in California on September 15th.
Quartz - Here’s what your stolen identity goes for on the internet’s black market -

The going rate for a stolen identity is about twenty bucks.
Tens of millions of people have lost their private information in data breaches over the past few years. But what happens after that—how the data are leveraged for financial gain—remains murky. Many of those stolen records end up for sale on the anonymous, seedy area of the internet commonly known as the dark web.

So my question is how easy is it to turn that information into papers?  If I want to disappear with a new name and SSN.  How hard to buy an ID and make the switch?  Kevin Mitnick outlines how he did it in Ghost in the Wires but I am not sure that information is what could be called reliable.

Quartz - Oil prices are falling again. Here’s why -

The article outlines 3 reasons - 1) Softness in the China Market, 2) After shutting down wells in response to Saudi Arabia flooding the market American producers are turning them back on again, 3) People are anticipating Iran's full-fledged return to the world oil market.

SlashdotMicrosoft Creates a Quantum Computer-Proof Version of TLS Encryption Protocol

ZDNet - Federal Court's data breach decision shows new tilt toward victims, class-action lawsuits -

Last week, the U.S. Court of Appeals for the Seventh Circuit began to question the depth of on-going harm to victims by overturning a district court that had tossed a class-action lawsuit against Neiman Marcus over a 2014 data breach. The Court said victims had "standing," a right to file a lawsuit in federal court, over concerns of on-going problems.
Both the Seventh Circuit and the Ninth Circuit have begun to take a second look at the legal impact a breach has on victims - specifically in the long term. Both courts have recently concluded that victims do have a legal right to file a lawsuit (standing) over the long-term consequences of a breach.

I have said (as have many others) for a long time that the only way to start staunching these data breaches is to hold the companies liable.  Until they are hit in the pocket book there is no incentive to fix problems. 

Post a Comment

Cybersecurity Job Numbers from 3/11/2018 shows 285,681 open cybersecurity positions nation wide (not the 1,000,000 that I hear quoted so often).  The eight states with...