Tags: dominick cruz, Election, losing, mma, Trump, ufc, winning
In light of the responses to the recent presidential election and the bombardment of media commentary and celebrities acting like petulant children who lost at a game of checkers, I felt it was appropriate to post a very insightful interview by a classy fighter. Dominick Cruz has been a top tier fighter for over 10 years and was a two time bantamweight UFC champion until his recent loss. During the interview Dominick showed immense class when asked about his loss. This is a lesson for us all and for our children. As Mr. Cruz so eloquently states: “Loss is part of life. If you don’t have loss you don’t grow. This (losing) isn’t tough…this is life.”
SwimOutlet.com Breached in 2016 – 51 days later..and after the holidays…we were notified. January 19, 2017Posted by Chris Mark in Data Breach, Uncategorized.
Tags: Breach, compromise, credit card, CVV2, debit card, dta, fraud, hack, payment card, PCI DSS, swimoutlet.com, yogaoutlet.com
This is a post to notify those who may be affected. Yesterday I received the following letter in the mail. It was sent in a nondescript envelope and nearly discarded as ‘junk mail’. Upon opening the letter I was shocked to read that my wife’s credit card data appears to have been compromised at SwimOutlet.com. It should be noted that the same infrastructure is used by YogaOutlet.com. In reading the letter provided to the State of Oregon’s Attorney General, it appears that over 6,200 Oregon residents likely had their data stolen.
Within the letter there is a curious statement that says: “The information at risk as a result of this event includes the cardholder name, address, phone number, email address, card number ,expiration date, and CVV“. For those in the credit card industry the inclusion of CVV is very troubling. Under the card brand operating regulations and PCI DSS standard, it is prohibited for a merchant to retain CVV subsequent to authorization of the charge. This particular type of data (actually the CVV2 or equivalent data) is what is needed to authenticate a transaction. In short, the likelihood of fraud increases exponentially when a criminal captures CVV2 type data. It is certainly curious that this ‘prohibited data’ is listed as an element that may have been stolen.
In reviewing the SwimOutlet.com website I notice a conspicuous absence of any form of notification on their website. Their blog is filled with helpful tips on swimming better and eating better but there is no mention of the fact that their user’s credit and/or debit card data was stolen. A review of their Facebook page has the same conspicuous absence of any notification or information. Their Twitter feed is also absent of any information.
If one looks at the timeline of events, there are some disturbing (to me, at least) items. On October 31st, 2016 SwimOutlet.com “…began investigating unusual activity reported by (our) credit card processor.” On November 28th, 2016 SwimOutlet.com received ‘confirmation’ that their systems were ‘hacked’ yet the notice states that data may have been compromised as late as November 22nd, 2016. I have been involved in numerous data breach investigations and incidents. “unusual activity” notifications by credit card processors are ‘notifications of fraud’. This is a major red flag that the merchant HAS been breached. The notice then provides a qualified statement in saying that the beach: “…may have compromised some customers’ debit and credit card data…” Again, if notified by the credit card processor then the data ‘may not’ have been compromised it almost certainly was compromised.
What is most disturbing to me is that SwimOutlet.com had confirmation on November 28th, 2016 that they were breached. They had confirmation as early as October 31st, 2016 of ‘unusual activity’ yet chose to wait until AFTER the holiday season to notify affected consumers. Criminals are not stupid. They steal credit card data before the holidays to be used over the holidays when the fraud systems are often ‘detuned’ by retailers and the volume of transactions creates noise in which fraud is often harder to identify. By waiting until January 12th (we received the letter on January 17th, 2017) it created a situation in which we were blissfully unaware that our data had been breached. If we had been notified before the holiday season, we could have cancelled the card immediately and been saved the inconvenience and possible cost associated with this situation.
In the notice SwimOutlet.com does: “…encourage (me) to remain vigilant against incidents of identity theft and fraud.” This would have been sage advice BEFORE the holiday season. It begs the question why a major online retailer would wait until after CyberMonday and after the holiday season to notify of a breach?
Finally, SwimOutlet.com reassures the recipient that “We take the security of our customers’ information extremely seriously…” and that: “…you can safely use your payment card at http://www.swimoutlet.com”. In light of the method and delay of notification I am going to personally take my business elsewhere.
The Ridiculous Myth of Autism & Vaccines: “Cum Hoc Ergo Propter Hoc” January 10, 2017Posted by Chris Mark in Uncategorized.
Tags: Anti Vaxxers, autism, jenny mccarthy, Robert dinero, robert f kennedy jr, Trump, vaccines, vaxxed
1 comment so far
I am the father of a wonder little 7 year old Autistic boy. He is funny, clever, happy and generally a joy to be around. 3 years ago his school called and asked that I pick him up as he was coughing. I took him to the Dr. and imagine my surprise when my son was diagnosed with WHOOPING COUGH!..yes…WHOOPING COUGH in 2015. 18 other kids were diagnosed, as well. Why? Because some “enlightened” parents in Park City, UT decided against vaccinating their children. Now..before I hear that “Tyler should have been vaccinated”..he was. Only..it does not reach full effect for several weeks. Even better? I had to cancel all my business travel as i could be a ‘carrier’ and infect the plane.
I am always disturbed when I read about celebrities, politicians and others perpetuating the myth (yes it is a myth) that vaccines cause Autism. Today, President Elect Donald Trump nominated ‘Anti-Vaxxer’ shill Robert F. Kennedy Jr. to “lead a study on vaccines”. If he is already an avowed ‘anti vaxxer’ I question his objectivity on leading such a study.
So where did the Autism/Vaccine link (there is none) originate? Simple. “Dr.” Andrew Wakefield, who has since had his medical license revoked, published a research paper in 1998 in which he claimed a link between the MMR Vaccine and Autism. In addition to having a financial conflict of interest, 10 of the 12 contributing authors of the paper published a retraction which read:
“We wish to make it clear that in this paper no causal link was established between (the) vaccine and autism, as the data were insufficient. However the possibility of such a link was raised, and consequent events have had major implications for public health. In view of this, we consider now is the appropriate time that we should together formally retract the interpretation placed upon these findings in the paper, according to precedent.“
The Lancet formally retracted the article stating: “Following the judgment of the UK General Medical Council’s Fitness to Practise Panel on Jan 28, 2010, it has become clear that several elements of the 1998 paper by Wakefield et al are incorrect, contrary to the findings of an earlier investigation. In particular, the claims in the original paper that children were “consecutively referred” and that investigations were “approved” by the local ethics committee have been proven to be false. Therefore we fully retract this paper from the published record ”.
In short, Dr. Wakefield perpetrated fraud. Unfortunately, the damage was already done. Actors and numerous ‘Hollywood’ elite jumped on the story and began promoting the false science behind the fraud. Jenny McCarthy, Jenna Elfman, Rob Schneider, Robert DeNiro and Donald Trump all jumped on Anti-Vaccine bandwagon. The “anti vaxxer” movie Vaxxed (by Wakefield) only added fuel to the fire and continued to encourage people to forgo vaccinations.
So what is the prevailing “link” between Vaccines and Autism? Good question. It is a common logical fallacy known in Latin as Cum Hoc Ergo Propter Hoc or “with this, therefor because of this”. In short, children are getting vaccinated around the same age that children begin developing in such a way that Autism is presenting to parents and doctors. Some people assume that because the Autism presentation followed the vaccine that the vaccine must be the cause. This is a simple mistake of confusing potential correlation with causation. For more information on the philosophical underpinnings of ’cause’ please read my post here. The point that I will make again (and the CDC and all respectable medical professionals) is that Vaccines do NOT cause Autism.
Those who are not vaccinating their children are relying on Herd Immunity of the community. The idea of Herd Immunity posits that a disease outbreak cannot occur of a high percentage of those in the community are vaccinated. Those forgoing vaccinations are, in effect, free riders on those who do. A larger issue relates to those who cannot be vaccinated due to compromised immune systems (think immunodeficiency diseases) and those who may not have yet had the vaccine. I have heard the argument numerous times: “If your child is vaccinated, then why do you care?” See my original example.
I will leave everyone with this NSFW explanation from Penn and Teller.
Security, Risk, and Bayes…oh my! January 6, 2017Posted by Chris Mark in Uncategorized.
Tags: adaptive, Bayes, conditional, DHS, hacking, Manunta, probability, risk, security, statistics, threat
add a comment
According to Dr. Giovanni Manunta, the term security does not yet have a commonly accepted definition and evokes numerous connotations among practitioners. Although often not well defined, the relationship between security and risk is well accepted among business, government, and security professionals (Department of Homeland Security, 2008). While providing fodder for debate to those tasked with the security of information assets, the ambiguous definition of security and the differences in risk analysis techniques create significant challenges to effectively protecting assets.
The practical relationship between security, risk, and decision making is articulated well by the US Department of Homeland Security as it is described as an approach for making and security decisions (DHS, 2008). This is further established in the NIST 800-37 Risk Management Framework:
“…For operational plans development, the combination of threats, vulnerabilities, and impacts must be evaluated in order to identify important trends and decide where effort should be applied to eliminate or reduce threat capabilities; eliminate or reduce vulnerabilities; and assess, coordinate, and deconflict all cyberspace operations…” (NIST, 2010. p. 3). (emphasis added) (more…)
Tags: democacy, index, Israel, jewish, john kerry, palestinians, polity, two state, west bank
On December 28th, 2016, while speaking on the Two State system proposed in Israel US Secretary of State John Kerry made the curious (frightening?) statement that Israel: “…can be Jewish or it can be democratic- It cannot be both.” The clear implication is that there is a binary choice (in Kerry’s mind) that Israel (and ostensibly every other nation in the World?) can either embrace religion or democracy – but not both. This concept necessitates some debate on what, exactly, “democracy” is and means.
To understand governance and democracy it is important to understand the concepts. First, let me make a bold statement (explained later in this article so keep reading)..”democracy is NOT a binary concept. A democratic country is not “Either democratic OR XYZ. Democracy is gauged on a scale.”
Democracy, while seemingly simple, can be a quite difficult concept to explain especially when considering the many different governments in the World. First…let’s understand democracy from a common source. Wikipedia states that Democracy:
“… is a form of government in which all eligible citizens have an equal say in the decisions that affect their lives. Democracy allows eligible citizens to participate equally—either directly or through elected representatives—in the proposal, development, and creation of laws. It encompasses social, economic and cultural conditions that enable the free and equal practice of political self-determination.”
A better resource (sorry Wikipedia) is the Center for Systemic Peace’s Polity IV project. The Polity IV project dataset compiles information from 1800-2015 related to various aspect of regimes. As stated on their website: “The Polity conceptual scheme is unique in that it examines concomitant qualities of democratic and autocratic authority in governing institutions, rather than discreet and mutually exclusive forms of governance.” The Polity project attempts to quantify and qualify governance and code them based upon their level of autocracy to democracy.
Democracy, as described by the Polity study, is defined by three factors. Each democratic government may implement these in different ways and in differing amounts. Democracy requires the “…existence of Processes and Institutions through which citizens can 1) affect their government 2) constrain the power exercised by the executive and 3) guarantee civil liberties.” (BTW: You can read this in Dr. Heather Mark’s Dissertation found here.)
There are numerous forms and styles of democratic governments. There are direct democracies in which citizens take part in the process directly. There are representative democracies (like the US) where the citizens vote for representatives who then represent the interests of their constituents. Each of these general types of government then have sub-types.
The US is a Presidential Republic, the UK is a Parliamentary Republic, and so on. It is much like dogs. All Rottweillers are dogs but not all dogs are Rottweillers. So is a Poodle more of a dog than a German Shepard? It is this type of question that the Polity study addresses. The Polity study ranks each form of government based upon the ‘democratization’ of the government. Countries can be more autocratic or more democratic. All governments will find themselves somewhere on the spectrum.
Governments with a score of +6 to +10 are counted as democracies, with the higher scores representing more democratic governments. A perfect 10 is reserved for those that are absolutely democratic. Those who range from a -5 to a +5 are considered Anocracies. As Polity states: “Anocracies are a middling category rather than a distinct form of governance. They are countries whose governments are neither fully democratic nor fully autocratic but, rather, combine an, often, incoherent mix of democratic and autocratic traits and practices.” Those with a score -6 to a -10 are Autocratic with a -10 representing complete autocracy.
All governments will fall somewhere in the spectrum. Simply because the United States is a Presidential Republic does NOT mean we are NOT a democracy any more than the ugly dog down the street is NOT a dog because it does not look like my rugged, handsome, purebred Rottweiler.
So where does Israel fall in the spectrum? Great question. Israel has, since its founding, been coded by Polity as a “perfect 10” through 2013 with only a dip to a 9 between 1965 and roughly 2000. In short, according to Polity, Israel is considered the “most” democratic country in the world! Even if one uses the UK’s Economic Intelligence Unit’s Democracy Index Israel is ranked at #34 in the world with a score of 7.77 out of 10 which make it a ‘Flawed Democracy” but..still democratic.
It is simply naïve and irresponsible for the sitting US Secretary of State to declare that a country must adhere to a single tenant to be considered ‘democratic’. It is not supported by definition, research, nor by the objective facts.
You can see the regime trends by country and year in the graphic below.