Pete recommends – weekly highlights on cyber security issues – February 22 2018

Subject: Not knowing Twitter credentials delayed Hawai’i “all clear”

Source: The Risks Digest — Forum on Risks to the Public in Computers and Related Systems

Not knowing Twitter credentials delayed Hawai’i “all clear” Lauren Weinstein <[email protected]>
Mon, 22 Jan 2018 21:34:54 -0800

The Governor of Hawaii is declaring that the long delay in his sending out the “false alarm” message after an incoming missile alarm was triggered in error, was due to his not knowing his own Twitter credentials. He had to find his public communications spokesperson—who normally ran his Twitter account—in order to get an “all clear” note out on Twitter. Supposedly he now knows his own username and password. I wonder if he has 2-factor enabled?

Subject: SureCall Infographic Shares Pro-Tips To Boost Cell Signal |

Source: AndroidHeadlines

Mobile devices have become a vital part of everyday life for a lot of people. So discovering that there’s been a drop in cell signal just when a call needs to be made or a message sent can be a hassle under the best circumstances and a real nuisance in others. Since smartphones have effectively replaced landlines, there are also a ton of circumstances that can happen in, whether that’s moving to a new neighborhood or taking a road trip. To help alleviate the problem, and in a bid to promote their signal boosting products, SureCall has now revealed 10 tips to aid users in making calls even when their cell signal begins to fade. Some of the tips are likely to be a bit obvious and, of course, they won’t work under every circumstance. Regardless, they are also completely free and bound to be useful to at least some smartphone users who may want to get more out of their smartphone and cell service under less than optimal conditions.

+ Infographic

Subject: Cryptocurrencies Come to Campus – The New York Times

Source: New York Times — Technology

The interest is a fueled by the rising price of virtual currencies over the last year. But they have created a host of issues that are worthy of study even apart from the price, professors in a variety of fields said.

For lawyers, virtual currency projects have challenged traditional legal categories and definitions of what constitutes a security or a commodity.

Regulators have been caught flat-footed as entrepreneurs have raised billions of dollars by selling virtual currencies without going through the traditional fund-raising channels, taking advantage of the legal fuzziness surrounding them.

For economists and business school professors, Bitcoin and other digital tokens have raised questions about the nature of money. The first lecture in the Berkeley class, for example, considered the development of Bitcoin against the history of money.

Subject: ID Fraud Hits All Time High: What You Can Do to Protect Yourself |


> Opening new accounts was yet another growth area for identity thieves in 2017, especially intermediary accounts like Paypal and Amazon, which thieves have discovered aren’t always noticed right away. These incursions can be caused by a guessing game based on data exposed and sold on the dark web, or poorly defended cell phone and email accounts. Once a thief gains access to one of these accounts they can re-set passwords, shipping addresses, bank accounts and the like directing all stripe of fraud. Text and email alerts about transactions don’t work if a thief changes your access credentials.

Javelin has issued five tips to help consumers ward off fraud.

Subject: What It Takes to Become a Cyber Expert – Nextgov

Source: Nextgov

I submit that anyone who says they are a “cyber expert,” isn’t.

Sadly, I’ve noted an ever-increasing number of folks who market themselves as cyber experts to audiences hungry for revelations on what they can do to solve every cybersecurity issue yet, as I review these so-called “cyber experts’” credentials and experiences, I’m left shaking my head in disbelief. Many of these so-called “cyber experts” do not have hands-on experience in core cyber skills, do not have any acknowledged industry certifications or credentials beside their own attestations, nor have even led organizations that operate significant information technology enterprises. While many are imposters or hucksters, others are legitimate highly skilled practitioners of one of the many cyber skill sets but certainly do not have deep experience across the many disciplines required to operate an effective cybersecurity program. Perhaps you too have encountered such self-proclaimed “experts” and are left wondering why they should be considered a cyber expert.

Brig. Gen. (retired) Greg Touhill, CISSP, CISM, is the president of Cyxtera Federal Group, former federal chief information security officer, and guest author for the (ISC)² U.S. Government Advisory Council Executive Writers Bureau.

Subject: NY top court says ‘private’ Facebook photos can be disclosed

Source: Reuters via Yahoo New–finance.html

NEW YORK (Reuters) – New York state’s highest court ruled on Tuesday that Facebook users may be required to turn over photos and other information that are relevant to litigation, even if they are shielded by “privacy” settings.

By a 7-0 vote, the Court of Appeals reinstated a trial judge’s ruling requiring a Manhattan woman who was disabled in a horse riding accident to turn over to the defendant horse owner an array of photos taken before and after her injuries.

Noting “significant controversy” over what information on Facebook deserves privacy protection, Chief Judge Janet DiFiore said it is appropriate to require disclosure of materials that are “reasonably calculated” to contain “material and necessary” evidence.

Posted in: Cybercrime, Cybersecurity, E-Government, Legal Research, Social Media