Equifax Breach Response Turns Dumpster Fire

I cannot recall a previous data breach in which the breached company’s public outreach and response has been so haphazard and ill-conceived as the one coming right now from big-three credit bureau Equifax, which rather clumsily announced Thursday that an intrusion jeopardized Social security numbers and other information on 143 million Americans.

Source: Equifax Breach Response Turns Dumpster Fire — Krebs on Security

How to permanently stop Windows 10 reboots after installing updates

If you do not want to wait for Anniversary Update (which will be released in July 2016) or if Active Hours is not a solution for you, you can permanently stop Windows 10 reboots after updates are installed if you follow the steps below.

via How to permanently stop Windows 10 reboots after installing updates

Just bought a refurbished I7 machine with Windows 10 Home edition to use for gaming  and run VMs via Virtual Box.  The VMs need to be up 24/7 if they are an active unit.   This box has a lot of RAM so it can run many VMs.  Microsoft brought them all down last night with an update then reboot.  This is totally unacceptable.  Most of the solutions on the web using gpedit.msc or regedit do not work on Windows Home since we are the lowest OS on the MS totem pole.

The procedure in the above website worked for Windows 10 Home.   Now I just have to wait a week or so to see if it really stops the auto reboot.  I don’t mind having to queue up updates that require reboot.  VMs  need to be shutdown gracefully.  Many people use their computers for doing things other than consuming mass media.

Encryption “would not have helped” at OPM, says DHS official

But when pressed on why systems had not been protected with encryption prior to the recent discovery of an intrusion that gave attackers access to sensitive data on millions of government employees and government contractors, she said, “It is not feasible to implement on networks that are too old.” She added that the agency is now working to encrypt data within its networks.

Source: Encryption “would not have helped” at OPM, says DHS official | Ars Technica

A consultant who did some work with a company contracted by OPM to manage personnel records for a number of agencies told Ars that he found the Unix systems administrator for the project “was in Argentina and his co-worker was physically located in the [People’s Republic of China]. Both had direct access to every row of data in every database: they were root.

Your Samsung SmartTV Is Spying on You, Basically

A single sentence buried in a dense “privacy policy” for Samsung’s Internet-connected SmartTV advises users that its nifty voice command feature might capture more than just your request to play the latest episode of Downton Abbey.

“Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party,” the policy reads.

via Your Samsung SmartTV Is Spying on You, Basically – The Daily Beast.

xkcd 1313: Regex Golf

I found that the hover text, “/bu|[rn]t|[coy]e|[mtg]a|j|iso|n[hl]|[ae]d|lev|sh|[lnd]i|[po]o|ls/ matches the last names of elected US presidents but not their opponents.“, contains a confusing contradiction. There are several last names (like “Nixon”) that denote both elected presidents and opponents. So no regular expression could both match and not match “Nixon”. I could only assume that Randall meant for these names to be winners and not losers (and in fact he later confirmed that was the correct interpretation).

So that got me thinking: can I come up with an algorithm to find a short regex that covers the winners and not the losers?

I started by finding a page that lists winners and losers of US presidential elections through 2000. Adding the 2004-2012 results I get:  …

via  xkcd 1313: Regex Golf

Apparently there is a Regex Golf game.

Type a regex in the box. You get ten points per correct match. Hit Enter to go to the next ‘level’.

US agency baffled by modern technology, destroys mice to get rid of viruses

EDA’s CIO, fearing that the agency was under attack from a nation-state, insisted instead on a policy of physical destruction. The EDA destroyed not only (uninfected) desktop computers but also printers, cameras, keyboards, and even mice. The destruction only stopped—sparing $3 million of equipment—because the agency had run out of money to pay for destroying the hardware.

via US agency baffled by modern technology, destroys mice to get rid of viruses | Ars Technica.

And you want these people in charge of economic development?

The underground economy of social networks

In a new study, Barracuda Labs analyzed a random sampling of more than 70,000 fake Twitter accounts that are being used to sell fake Twitter followers.

via The underground economy of social networks.

This underground economy consists of dealers who create and sell the use of thousands of fake social accounts, and Abusers who buy follows or likes from these fake accounts to boost their perceived popularity, sell advertising based on their now large social audience or conduct other malicious activity.

How to Buy a Facebook Girlfriend for $5

How to Buy a Facebook Girlfriend for $5.

The web service GirlfriendHire has what it takes to make real human relationships obsolete. And why not? Facebook has already diminished friendship to a cowering, anemic orphan of a concept. Next up: Sex and love. The site allows you to directly order a fake girlfriend for $5. It’s a deal. You’ll pay far more for a Match.com subscription, where you own only the chance of meeting someone.