Monday, November 28, 2016

Last Call For Straight Out Of The Comics


San Francisco Municipal Transportation Agency said on Monday it had contained a cyber attack, which disrupted its ticketing systems and forced it to offer free service to some customers during the Thanksgiving weekend. 
The agency, known widely as Muni, said it was the victim of a ransomware attack on Friday that affected internal computer systems including email, but had no impact on safe operation of transit services. 
The agency disabled fare gates from Friday to Sunday “as a precaution to minimize possible impacts to our customers,” Muni spokesman Paul Rose said in an email on Monday. 
Muni said on its website that “the situation is now contained and we have prioritized restoring our systems to be fully operational. 
It was the latest high-profile intrusion with ransomware, a pernicious type of computer virus that scrambles data on infected machines, sometimes making it impossible for organizations to deliver critical services. 
Attacks have increased sharply over the past year, with criminals targeting hospitals, police departments and other providers of critical services in the United States and Europe. Criminals typically charge a few hundred dollars to tens of thousands of dollars or more to provide digital keys that restore systems to normal. 
U.S. Federal Bureau of Investigation spokesman Prentice Danner said the agency was “in contact with Muni officials,” though he declined to say if the FBI had launched a formal investigation.

Ransomware is certainly nothing new, but taking down a major city's public transit system is the kind of thing information security experts have been warning us about for years.  Expect a lot more of this in the future, and soon.

In fact, if I were a budding Mr. Robot type, there's a certain 45th President of the US who has commercial and corporate interests all over the world that are exactly the kind of high-profile targets I'd be very, very, very interested in.

Just saying.

Let's Make A Deal, Or Something

Yet another indication over the weekend that Trump's Twitter tirade on the Wisconsin audit/recount is part of a larger plan as Trump transition team members spread out over the Sunday shows to imply that by supporting such an audit, Hillary Clinton will face consequences.

Donald Trump's incoming chief of staff suggests Hillary Clinton is backing away from a deal worked out between the two presidential campaigns on how the loser would concede to the winner.

Reince Priebus tells "Fox News Sunday" that Clinton's team "cut a deal" with Trump's team specifying that once The Associated Press called the race in favor of one candidate, the other would call within 15 minutes to concede.

Priebus says that's just what happened election night.

But now he's questioning whether Clinton campaign lawyer Marc Elias is backing down from that deal by announcing Clinton will participate in a recount in Wisconsin and may do the same in Michigan and Pennsylvania. The push is being led by the Green Party's Jill Stein.

AP's director of media relations, Lauren Easton, says AP "calls races when it is clear that one candidate has prevailed over the other. We have no knowledge of what the candidates do with that information until there is a public claim of victory or a concession."

Clinton "broke a deal", which by itself doesn't mean much more than posturing.  But combined with other Trump camp people on the Sunday shows, it demonstrates a pattern.  Take Trump spokesperson Kellyanne Conway on CNN's State of the Union talking about Trump's plans to prosecute Hillary Clinton in the future:

CONWAY: And so he said he wouldn’t rule it out. He said it’s just not his focus right now. I think he’s being quite magnanimous and at the same time he’s not undercutting at all the authority and the autonomy of the Department of Justice, of the FBI, of the House Committees, who knows where the evidence may lead if, in fact, it were — if the investigation were re-opened somewhere.

But this is the president-elect’s position right now and I would say he has been incredibly gracious and magnanimous to Secretary Clinton at a time when for whatever reason her folks are saying they will join in a recount to try to somehow undo the 70 plus electoral votes that he beat her by. I mean this — you know, I was asked on CNN and elsewhere, goodness a thousand times, will Donald Trump accept the election results? And now you’ve got the Democrats and Jill Stein saying they do not accept the election results. She congratulated him and conceded to him on election night. I was right there. And the idea that we are going to drag this out now where the president-elect has been incredibly magnanimous to the Clintons and to the Obamas is incredible.

If Priebus was delivering a message with a poison pen, Conway is delivering hers with a cinder block through the front window, and we're at the point where Trump's people are delivering naked threats against Clinton: drop the recount or else.

All evidence so far indicates Trump holds grudges for years, and that he expects to settle up every one of those grudges as President.  Nixon's infamous "enemies list" has nothing on Trump's coming incarnation.

E.T. Phone Loan

I've said in the past that phone metadata used by corporations was always a much larger day-to-day issue than the government using it (although to be fair, that was before Trump gets a hold of the NSA in January.)  But even if you don't know what the government is doing with your cell phone location and calling data, consumer credit ratings agencies will be happily buying that metadata from mobile carriers and using it to make credit decisions about you.

Financial institutions, overcoming some initial trepidation about privacy, are increasingly gauging consumers’ creditworthiness by using phone-company data on mobile calling patterns and locations.

The practice is tantalizing for lenders because it could help them reach some of the 2 billion people who don’t have bank accounts. On the other hand, some of the phone data could open up the risk of being used to discriminate against potential borrowers.

Phone carriers and banks have gained confidence in using mobile data for lending after seeing startups show preliminary success with the method in the past few years. Selling such data could become a more than $1 billion-a-year business for U.S. phone companies over the next decade, according to Crone Consulting LLC.

Fair Isaac Corp., whose FICO scores are the world’s most-used credit ratings, partnered up last month with startups Lenddo and EFL Global Ltd. to use mobile-phone information to help facilitate loans for small businesses and individuals in India and Russia. Last week, startup Juvo announced it’s working with Liberty Global Plc’s Cable & Wireless Communications to help with credit scoring using cellphone data in 15 Caribbean markets.

And Equifax Inc., the credit-score company, has started using utility and telecommunications data in Latin America over the past two years. The number of calls and text messages a potential borrower in Latin America receives can help predict a consumer’s credit risk, said Robin Moriarty, chief marketing officer at Equifax Latin America.

“It turns out, the more economically active you are, the more people want to call you,” Moriarty said. “That level of activity, that level of usage is what’s really most predictive.”

Did you catch that?  This is being used in Latin America and India so far, but what about the US?

In most cases, consumers must grant permission for their telecommunications records to be accessed as part of their risk assessment. One reason it’s taken the credit-risk industry some time to work out agreements with phone carriers or their representatives is because of negotiations over how to best protect client privacy.

Companies are also concerned about making sure they don’t make themselves susceptible to claims of bias. By checking phone records to see if a credit applicant associates with people with a poor track record of repaying loans, for example, lenders risk practicing discrimination on people living in disadvantaged neighborhoods. In addition, to comply with the Fair Credit Reporting Act in the U.S., a data provider must have a process in place for investigating and resolving consumer disputes in a timely manner -- something that telecommunications carriers abroad may not offer.

Several large phone companies contacted by Bloomberg declined to comment about whether they share data with financial institutions, and few of the startups or financial companies were willing to disclose their telecommunications partners.

So nobody's on record as doing this in the US yet.   Who wants to bet that this isn't already being shared with credit agencies in America yet?  How about with the incoming administration?

Yeah, if somehow your cell phone company isn't selling this information already to credit agencies, they will once Trump gets a hold of the FCC.  Oh, and who thinks this data won't be used to discriminate against people of color in 2017?

Count on it.

StupidiNews!