What more do you want on a Friday?
Ok, here’s details.
What more do you want on a Friday?
Ok, here’s details.
The Telegraph reports that the Gavle Goat for 2012 is up, and surrounded by guards, cameras, flame retardants, and arsonists.
Emergent Chaos has reporters on the
ground internet, ready to report on this holiday story of a town, a goat, and an international conspiracy of drunken arsonists. Stay tuned!
This years goat is shown in its pre-fire state. Note the pre-positioned fire extinguishers surrounding it, along with what one might describe as an altogether insufficient fence.
[Update: It turns out that the goat is blogging this year. Mixed English and Swedish.]
From the website:
Control-Alt-Hack™ is a tabletop card game about white hat hacking, based on game mechanics by gaming powerhouse Steve Jackson Games (Munchkin and GURPS).
Age: 14+ years
Game Time: Approximately 1 hour
You and your fellow players work for Hackers, Inc.: a small, elite computer security company of ethical (a.k.a., white hat) hackers who perform security audits and provide consultation services. Their motto? “You Pay Us to Hack You.”
Your job is centered around Missions – tasks that require you to apply your hacker skills (and a bit of luck) in order to succeed. Use your Social Engineering and Network Ninja skills to break the Pacific Northwest’s power grid, or apply a bit of Hardware Hacking and Software Wizardry to convert your robotic vacuum cleaner into an interactive pet toy…no two jobs are the same. So pick up the dice, and get hacking!
It’s often said that the TSA’s approach to threat modeling is to just prevent yesterday’s threats. Well, on Friday it came out that:
So, here you see my flight information for my United flight from PHX to EWR. It is my understanding that this is similar to digital boarding passes issued by all U.S. Airlines; so the same information is on a Delta, US Airways, American and all other boarding passes. I am just using United as an example. I have X’d out any information that you could use to change my reservation. But it’s all there, PNR, seat assignment, flight number, name, ect. But what is interesting is the bolded three on the end. This is the TSA Pre-Check information. The number means the number of beeps. 1 beep no Pre-Check, 3 beeps yes Pre-Check. On this trip as you can see I am eligible for Pre-Check. Also this information is not encrypted in any way.
So, apparently, they’re not even preventing yesterday’s threats, ones they knew about before the recent silliness or the older silliness. (See my 2005 post, “What Did TSA Know, and When Did They Know It?.)”
What are they doing? Comments welcome.
Stamford Police said Jevene Wright, 29, created a fictitious company called “Choice Point Screening” and submitted false invoices for background checks that were submitted to Noble Americas Corporation, an energy retailer firm located in Stamford. (Patrick Barnard, “The Stamford (CT) Patch“)
I don’t want to minimize the issue here. Assuming the allegations are correct, the company’s assurance in their trust of their employees is diminished, they may face compliance or contractual issues, and they’re out at least 1.4 million dollars, most of which has likely been spent. A good number of folks are having bad days, and I don’t want to add to that.
At the same time, I do have a number of comments.
First, Those background check services sure are expensive! I wonder how many people that was.
Hmmm, according to their website, “In the past six years Noble has grown from 1,500 employees to over 14,000.” I do wonder how many of the “background checks” came back with false allegations of past misconduct. If there were 14,000 people with no red flags, isn’t that something of a red flag in and of itself? I also wonder (in a law school hypothetical sort of way, and assuming with no evidence that Wright or an accomplice fabricated false reports on some people so that his fraud went undetected) what sorts of claims might be available to those denied employment based on those untrue statements?
Second, there’s something of a natural experiment here that lets us assess the value of background checking. Assuming Noble Americas Corporation runs a second set of background checks, I’m very curious to know how well spent that $2m* will have been: how many employees do they fire, having learned of something so heinous that the employee can’t be kept, and how many do they fire, having been handed a reason to get rid of a poor performer? (Naturally, those 2 numbers will be rolled into one.)
Lastly, there’s an interesting social engineering angle here. There’s a real company “ChoicePoint” now part of LexisNexis. (ChoicePoint was made famous for their awesome handling of a 2003 data breach, which this blog diligently covered.) So when naming a false background check company, Choice Point Screening seems like it might be a new brand for the company. An auditor, seeing all those background checks, is unlikely to focus in on the extra space. It’s a nice touch.
I am the very model of an amateur grammarian
I have a little knowledge and I am authoritarian
But I make no apology for being doctrinarian
We must not plummet to the verbal depths of the barbarian
I’d sooner break my heart in two than sunder an infinitive
And I’d disown my closest family within a minute if
They dared to place a preposition at a sentence terminus
Or sully the Queen’s English with neologisms verminous
For the full sing-along, please see Tom Freeman’s
The very model of an amateur grammarian.
National Geographic reports “Caffeinated Seas Found off U.S. Pacific Northwest.”
The problem, of course, is salinity. They should totally be pumping that caffine into somewhere we can make good use of it.
Maybe we could just edit attorneys’ memories of copyright laws?
On the off chance that you’ve been hiding under a rock, there’s been a stack of news stories about organizations (both private and governmental) demanding people’s Facebook passwords as part of the process of applying for jobs, with much associated hand-wringing.
In “I hereby Resign“, Raganwald discusses the downside to employers of demanding to look through people’s Facebook profiles:
I got her out of the room as quickly as possible. The next few interviews were a blur, I was shaken. And then it happened again. This time, I found myself talking to a young man fresh out of University about a development position. After allowing me to surf his Facebook, he asked me how I felt about parenting. As a parent, it was easy to say I liked the idea. Then he dropped the bombshell.
His partner was expecting, and shortly after being hired he would be taking six months of parental leave as required by Ontario law. I told him that he should not have discussed this matter with me. “Oh normally I wouldn’t, but since you’re looking through my Facebook, you know that already. Now of course, you would never refuse to hire someone because they plan to exercise their legal right to parental leave, would you?”
I think it’s a fascinating bit of chaotic blowback, and one that employers and applicants will be exposed to more and more as “social network background check” services help focus what search engines or marketers can already tell us.
In other words, be careful what you ask for, you might just get it.
For the first time in a long time, I’m tempted to set up a Facebook account.
Apparently, the project manager who found a vendor for the Vermont State Police car decals failed to consider a few things. Such as the risk that prisoners might want to have a little fun at the expense of the police.
You can see the fun if you study the image carefully here, or in a larger version at MSN Photoblog.
Found on that other bastion of privacy .
@RobArnold tweeted: “Someone thinks targeted Facebook ads are an effective way to ask for Firefox features. Any other Mozillians see this?”
The irony of using a targeted ad, on Facebook, to ask for more privacy protection…