It sounds like the hack was only possible because personal data that should never have been anywhere near a public website wasn't properly controlled, so I don't have much sympathy for them on that score.
Would you be more sympathetic if the data in question was placed on their CMS by a contractor? From TFA:
"When it had contracted an IT company to build its website in 2007, it had decided against storing this data within the CMS, due to security concerns. But this was not properly communicated to the IT company, so the feature was built in anyway. BPAS had no knowledge it was collecting personal data in an unsecured manner.
As far as being hacked compared to continued careless releases, the latter seems to deserve a harsher penalty, and the fines here do seem to reflect that. Isn't this what we want to happen?
In general, yes. But in this case, no one was actually harmed - because the data in question was never made public. If the ICO fine was in proportion to the damage the BPAS hack caused, the ICO could've simply given a warning (or a token fine). As it is, the only real harm done here is by the ICO.
Absolutely true, but it's also worth pointing out that the charity didn't really disclose anything, they were hacked. In contrast, RBS continued to release financial data via fax for years after it was warned.
It's about time that some of these organizations (including banks and others)...Why is it a "heavy-handed" fine? It seems to me that when an organization endangers members of the public via negligence, they should receive a penalty that is sufficient to motivate them to change their practices....It seems to me that the annual salary of a couple of professionals, who probably ought to be fired anyway, seems about right.
I guess "heavy handed" is a relative term, so let's take a look at ICO's BPAS fine vs ICO's bank fine:
The ICO fined The Royal Bank of Scotland the grand sum of £75,000 in 2013*. The RBS Group had around £18 billion in income during 2012, and the top 2 executives received almost £4 million (excluding stock awards) in compensation. (RBS 2013 Financials)
The BPAS, on the other hand, had donations of around £27 million in 2013 (0.15% of RBS revenue), and their CEO is thought to earn around £120K (7.5% of RBS CEO pay). Yet they were fined £200,000 (2.67X the RBS fine).
Dunno. Seems kinda heavy handed to me.
* only instance of ICO fining a bank that I could find
And when do these ignorant dumbasses learn that being afraid of mass media just makes them look even more ignorant and backwards?
I know, right? Don't those Turkish government idiots realize that they can use mass media to distract, polarize and confuse their citizens? What a bunch of maroons.
First Meta Exchange (where CEO Autumn Radtke worked) only allows bitcoin to be used for purchases of the other virtual currencies they trade. BTC purchases of IMVU Credits, Lindens, Nuvo Notes, Toricredits and Friends Hangout Tokens are actually handled through bitpay.
In other words, First Meta Exchange wasn't really a "bitcoin exchange". Of course, if the headline read "Police Say No Foul Play In Death of Torricredits Exchange CEO Autumn Radtke", few would've clicked.
Why would he have to move/hire protection? I guess I can see that he might be paranoid enough to think it's necessary, but why would it be actually necessary?
Why? Because the poor man is about to get seriously Salingered.
Which makes it impossible for a private individual to do a Background Check. Remember, a background check for firearms sale purposes is DEFINED as using the NICS system.
A background check is defined that way only for FFL's. IOW, the only way a FFL can legally sell a firearm is by clearing the buyer through the NICS. Private citizens may perform a background check on a potential gun buyer (through the usual private channels) if it suits them. There is absolutely no federal law against doing so. The post I originally replied to suggested otherwise.
But tell you what, if you can show me a federal law that says "the only legal method of performing a background check prior to the sale of a firearm is through the NICS", I'll be happy to change my mind. : )
A precedent might have been set had the case been heard and tried. IANAL, but I doubt the dismissal will become case law.
Well, if the judge actually had the time to rule on Brown's attorney's motion for dismissal, the ruling would've made it into case law. As it happened, the US prosecutors *dismissed* the eleven counts related to the linking charge before the ink on Brown's motion was dry.
I wonder why the US prosecutors would do such a thing? [rolleyes]
... indeed it's *illegal* for said private individuals to perform such a background check, at least on the federal level.
There is no federal law restricting private individuals from running a criminal background check prior to selling a firearm. I guess what you mean to say is that private individuals can't use the federal NICS system to perform the check unless they are Federal Firearms Licensees registered with the FBI.
Since "Data Science" is dead, do we go back to using the old buzzwords? Or do we have to wait until some marketing MBA whiz-kid comes up with a sexy new word for "Analyst"?
FTFY. The hash doesn't denote anything. It is simply an identifier and has no value what so ever. It doesn't even denote a balance or anything in a ledger. It is just a digital number. The blockchain is just a way to tell who "has" the number.
If you look at the data in a BTC transaction, you will in fact see a numerical value of the transaction in bitcoins (satoshis). The hashes only serve to validate the wallet addresses involved in the transaction. So I'm not sure what you think you corrected in my post.
In any case, I prefer to use terminology that people unfamiliar with the inner workings of bitcoin can understand. If one looks at a BTC wallet, the number of bitcoins displayed is *exactly* analogous to a numerical balance in a ledger account.
Jesus, another "bitcoin is a commodity" post. And modded "Insightful" no less.
A "bitcoin" is nothing more than a number denoting an account balance in a ledger. So tell me, is it ideology or stupidity that makes you believe bitcoins are commodities?
Not exactly. The only thing you know is the addresses (wallets) where your BTC balances were transferred. Since there is no mechanism in the bitcoin protocol to reverse transactions, you would have to have access to the key(s) of the wallets controlled by the thieves in order to initiate a new transaction moving the BTC balances back to wallets you control.
IOW, the only way to recover stolen BTC is to identify the thieves and hack them back (or somehow coerce them to hand over the keys to their wallets).
The attackers moved the BTC balances from the Flexcoin "hot wallet" to their own wallets (accounts). As soon as the bitcoin network validated the transaction, the coins were effectively "spent" - i.e., successfully stolen.
Although Flexcoin labelled themselves as a "bank" what they really were was an EWallet service. Why people still use these web-based services to store their BTC balances is beyond comprehension.
Actually, pesky science says says the opposite. CP gives pedophiles an 'outlet' to relieve their sexual tension, and they are less likely to go after actual children.
If you could actually support your statement with some links to that "pesky science" you speak of, you probably wouldn't have to post as AC. Perhaps you wish to remain anonymous because you performed the research yourself? Or maybe you were a test subject?
Obviously you're not used to reading scientific literature.
It's...ahem...kind of dry at times. He was choosing his words carefully.
I guess you have a different understanding than I of what constitutes scientific literature. Personally, I don't believe the Guardian article where you've taken Lahav's quote qualifies as scientific literature, but perhaps you do. You seem to be saying as much.
No he doesn't mention Cambridge or Hawking by name. That I added of course...
...along with an assertion that what Lahav was really saying was that there's pseudo-scientific dogma that's holding back science. Are you aware of Lahav making such statements in the past? Perhaps you've spoken with Lahav on the matter?
...but I didn't just randomly pick a university & cosmologist...those are good examples of my point.
Who (besides you) believes that astrophysicists and other scientists don't want to challenge Hawking's "dogmatic" theories? Seems to me that if someone's smart enough to refute Hawking, they could make quite a name for themselves...wouldn't that provide an incentive for others to overthrow Hawkings dogma?
Fair job of refuting GGP's assertion that "people have forgotten the atrocities of the Soviets".
I say "fair" because of your grossly exaggerated figures on the death toll in the Ukraine, and your insinuation that there was something "fishy" about Putin taking over after Yeltsin resigned. Yeltsin appointed Putin to be his Prime Minister, and also made it clear he wished Putin to succeed him.
I'm also not seeing much in your post in support of Putin's Russia being just like the old USSR, other than pointing to Putin's ambitions and his repressive methods. The fact is the Russian Federation is nowhere near as economically/militarily powerful or politically influential as the USSR during the Cold War. Not even close. Likewise, the level of murderous atrocities committed by the former USSR goes far far beyond any crimes perpetrated by the Russian Federation. Those that want to compare the wrongs of the USSR of the past to the wrongs of the US of the present are fools.
And regardless of any status of moral authority after the Iraq war, the fact that the US got involved in Iraq in the way we did doesn't take away from the issue at hand in Crimea now, any more than "But NSA!!!" makes actions by FSB (or, more likely, criminal organizations who have quid-pro-quo agreements with FSB) any less bad.
Slashdot Mirror
It sounds like the hack was only possible because personal data that should never have been anywhere near a public website wasn't properly controlled, so I don't have much sympathy for them on that score.
Would you be more sympathetic if the data in question was placed on their CMS by a contractor? From TFA:
As far as being hacked compared to continued careless releases, the latter seems to deserve a harsher penalty, and the fines here do seem to reflect that. Isn't this what we want to happen?
In general, yes. But in this case, no one was actually harmed - because the data in question was never made public. If the ICO fine was in proportion to the damage the BPAS hack caused, the ICO could've simply given a warning (or a token fine). As it is, the only real harm done here is by the ICO.
Absolutely true, but it's also worth pointing out that the charity didn't really disclose anything, they were hacked. In contrast, RBS continued to release financial data via fax for years after it was warned.
It's about time that some of these organizations (including banks and others)...Why is it a "heavy-handed" fine? It seems to me that when an organization endangers members of the public via negligence, they should receive a penalty that is sufficient to motivate them to change their practices....It seems to me that the annual salary of a couple of professionals, who probably ought to be fired anyway, seems about right.
I guess "heavy handed" is a relative term, so let's take a look at ICO's BPAS fine vs ICO's bank fine:
The ICO fined The Royal Bank of Scotland the grand sum of £75,000 in 2013*. The RBS Group had around £18 billion in income during 2012, and the top 2 executives received almost £4 million (excluding stock awards) in compensation. (RBS 2013 Financials)
The BPAS, on the other hand, had donations of around £27 million in 2013 (0.15% of RBS revenue), and their CEO is thought to earn around £120K (7.5% of RBS CEO pay). Yet they were fined £200,000 (2.67X the RBS fine).
Dunno. Seems kinda heavy handed to me.
* only instance of ICO fining a bank that I could find
Weapons of Mass Media you mean.
And when do these ignorant dumbasses learn that being afraid of mass media just makes them look even more ignorant and backwards?
I know, right? Don't those Turkish government idiots realize that they can use mass media to distract, polarize and confuse their citizens? What a bunch of maroons.
First Meta Exchange (where CEO Autumn Radtke worked) only allows bitcoin to be used for purchases of the other virtual currencies they trade. BTC purchases of IMVU Credits, Lindens, Nuvo Notes, Toricredits and Friends Hangout Tokens are actually handled through bitpay.
In other words, First Meta Exchange wasn't really a "bitcoin exchange". Of course, if the headline read "Police Say No Foul Play In Death of Torricredits Exchange CEO Autumn Radtke", few would've clicked.
What say you?
I say that's a pretty shitty post.
I got that too. When I temporarily turned off NoScript for the site and clicked on the "Newsweek" graphic at the top, the article was then displayed.
Why would he have to move/hire protection? I guess I can see that he might be paranoid enough to think it's necessary, but why would it be actually necessary?
Why? Because the poor man is about to get seriously Salingered.
...oh yeah, mod AC up!
I stand corrected. Mods, hit me with "Overrated".
Which makes it impossible for a private individual to do a Background Check. Remember, a background check for firearms sale purposes is DEFINED as using the NICS system.
A background check is defined that way only for FFL's. IOW, the only way a FFL can legally sell a firearm is by clearing the buyer through the NICS. Private citizens may perform a background check on a potential gun buyer (through the usual private channels) if it suits them. There is absolutely no federal law against doing so. The post I originally replied to suggested otherwise.
But tell you what, if you can show me a federal law that says "the only legal method of performing a background check prior to the sale of a firearm is through the NICS", I'll be happy to change my mind. : )
A precedent might have been set had the case been heard and tried. IANAL, but I doubt the dismissal will become case law.
Well, if the judge actually had the time to rule on Brown's attorney's motion for dismissal, the ruling would've made it into case law. As it happened, the US prosecutors *dismissed* the eleven counts related to the linking charge before the ink on Brown's motion was dry.
I wonder why the US prosecutors would do such a thing? [rolleyes]
... indeed it's *illegal* for said private individuals to perform such a background check, at least on the federal level.
There is no federal law restricting private individuals from running a criminal background check prior to selling a firearm. I guess what you mean to say is that private individuals can't use the federal NICS system to perform the check unless they are Federal Firearms Licensees registered with the FBI.
Since "Data Science" is dead, do we go back to using the old buzzwords? Or do we have to wait until some marketing MBA whiz-kid comes up with a sexy new word for "Analyst"?
FTFY. The hash doesn't denote anything. It is simply an identifier and has no value what so ever. It doesn't even denote a balance or anything in a ledger. It is just a digital number. The blockchain is just a way to tell who "has" the number.
If you look at the data in a BTC transaction, you will in fact see a numerical value of the transaction in bitcoins (satoshis). The hashes only serve to validate the wallet addresses involved in the transaction. So I'm not sure what you think you corrected in my post.
In any case, I prefer to use terminology that people unfamiliar with the inner workings of bitcoin can understand. If one looks at a BTC wallet, the number of bitcoins displayed is *exactly* analogous to a numerical balance in a ledger account.
Jesus, another "bitcoin is a commodity" post. And modded "Insightful" no less.
A "bitcoin" is nothing more than a number denoting an account balance in a ledger. So tell me, is it ideology or stupidity that makes you believe bitcoins are commodities?
Not exactly. The only thing you know is the addresses (wallets) where your BTC balances were transferred. Since there is no mechanism in the bitcoin protocol to reverse transactions, you would have to have access to the key(s) of the wallets controlled by the thieves in order to initiate a new transaction moving the BTC balances back to wallets you control.
IOW, the only way to recover stolen BTC is to identify the thieves and hack them back (or somehow coerce them to hand over the keys to their wallets).
You can not hid secrets from the future with math.
I bought some Chinese food with BTC, and that message was in my fortune cookie. Coincidence? I think not.
The attackers moved the BTC balances from the Flexcoin "hot wallet" to their own wallets (accounts). As soon as the bitcoin network validated the transaction, the coins were effectively "spent" - i.e., successfully stolen.
Although Flexcoin labelled themselves as a "bank" what they really were was an EWallet service. Why people still use these web-based services to store their BTC balances is beyond comprehension.
(Posting AC due to unpopular facts below.)
Actually, pesky science says says the opposite. CP gives pedophiles an 'outlet' to relieve their sexual tension, and they are less likely to go after actual children.
If you could actually support your statement with some links to that "pesky science" you speak of, you probably wouldn't have to post as AC. Perhaps you wish to remain anonymous because you performed the research yourself? Or maybe you were a test subject?
Human Resources is stupid bizspeak that makes us sound like robots or something.
It's called "Human Capital Management" now. "Human Resources" sounded too socialist.
Trucker 1: "That thang looks like them French ticklers they sell in the john."
Trucker 2: "Where the hell'r you supposed to put a confederate flag on it?"
Trucker 3: "Betcha that truck has rear tire flaps with MALE silhouettes."
Obviously you're not used to reading scientific literature.
It's...ahem...kind of dry at times. He was choosing his words carefully.
I guess you have a different understanding than I of what constitutes scientific literature. Personally, I don't believe the Guardian article where you've taken Lahav's quote qualifies as scientific literature, but perhaps you do. You seem to be saying as much.
No he doesn't mention Cambridge or Hawking by name. That I added of course...
...along with an assertion that what Lahav was really saying was that there's pseudo-scientific dogma that's holding back science. Are you aware of Lahav making such statements in the past? Perhaps you've spoken with Lahav on the matter?
...but I didn't just randomly pick a university & cosmologist...those are good examples of my point.
Who (besides you) believes that astrophysicists and other scientists don't want to challenge Hawking's "dogmatic" theories? Seems to me that if someone's smart enough to refute Hawking, they could make quite a name for themselves...wouldn't that provide an incentive for others to overthrow Hawkings dogma?
Fair job of refuting GGP's assertion that "people have forgotten the atrocities of the Soviets".
I say "fair" because of your grossly exaggerated figures on the death toll in the Ukraine, and your insinuation that there was something "fishy" about Putin taking over after Yeltsin resigned. Yeltsin appointed Putin to be his Prime Minister, and also made it clear he wished Putin to succeed him.
I'm also not seeing much in your post in support of Putin's Russia being just like the old USSR, other than pointing to Putin's ambitions and his repressive methods. The fact is the Russian Federation is nowhere near as economically/militarily powerful or politically influential as the USSR during the Cold War. Not even close. Likewise, the level of murderous atrocities committed by the former USSR goes far far beyond any crimes perpetrated by the Russian Federation. Those that want to compare the wrongs of the USSR of the past to the wrongs of the US of the present are fools.
And regardless of any status of moral authority after the Iraq war, the fact that the US got involved in Iraq in the way we did doesn't take away from the issue at hand in Crimea now, any more than "But NSA!!!" makes actions by FSB (or, more likely, criminal organizations who have quid-pro-quo agreements with FSB) any less bad.
Quite true.