Archive
Re-Tweet this post – it’s part of my plan to beat the recession
In order to beat the recession I need to expand. In order to expand I need a business loan. In order to get a business loan I need to improve my Klout.
No, really.
I went to the bank. No.
I went home, juggled some figures on the business plan to improve the bottom line projected profits and went back. No.
Apparently it has nothing to do with business potential, it has only to do with collateral. That is, I can have it if I can prove I don’t need it.
There must be another way. So I checked American Banker and found this in Thursday’s issue:
CAN is joining a growing list of companies chasing small business loans by using alternative data sourcing. These companies include Kabbage, which uses social media data as part of lending decisions… Lighter Capital also uses social networking data…
Big Data Comes to Small Business Online Lending
So I checked back into the earlier issues, and found this:
The company [Kabbage] is incorporating social media activity into its analysis now, Frohwein [founder and CEO] says. “We allow our customers to associate their Twitter and Facebook accounts. As our theory goes, the more active you are at keeping in touch, gaining followers, and responding to them, the more likely you’re running a solid, growing business and you’re worth an additional risk. Or there’s less risk associated with you so we can provide more cash or at a lower rate.”
The 10-Minute Small Business Loan
So that’s the plan; and that’s where you come in. Tweaking the bottom line of my business plan no longer works – but with your help I will be able to tweak the bottom line of my Klout score and get the low-interest business loan I so richly deserve. So please use the ‘share’ buttons below: tweet, like, repost, Reddit, whatever – or all – for this post. Do it for Christmas and the lulz, and I’ll still beat the system. You know I’m worth it.
Google removes Khosrow Zarefarid’s blog
On Thursday last, while I was traveling home from Infosecurity Europe, Khosrow Zarefarid (the Iranian software engineer who tried to get better protection for Iranian card details held by the banks) contacted me:
Whay my weblog was stoped from google site? Can you help me to solve this problem? I had about 1000000 viewer.
Believe me, his English is infinitely better than my Arabic (which doesn’t exist).
Not what you want to wake up to...
I couldn’t respond immediately because I was just about to board a peak-time train, and had neither elbow room nor a signal. It wasn’t until Monday that I managed to talk (despite an appalling telephone line) with Google’s Ryan Brack, Manager, Global Communications & Public Affairs.
“Our policy is not to talk about individual cases when it comes to the sort of issue here, which is either a violation of policy, specific content on a blog, etcetera. We just don’t talk about specific cases; but I wanted to give you some sort of piece of information so that you can be clear what Google’s policy is…” He then kindly gave me step by step instructions on how to navigate to the Google policy page, and particularly pointed me to the paragraph:
Personal and confidential information: It’s not ok to publish another person’s personal and confidential information. For example, don’t post someone else’s credit card numbers, Social Security numbers, unlisted phone numbers and driver’s licence numbers. Also, please bear in mind that in most cases, information that is already available elsewhere on the Internet or in public records is not considered to be private or confidential under our policies.
That was it. The line dropped again, almost certainly due to problems at my end (thanks again TalkTalk) and I gave up attempting further voice contact. I emailed:
Hi Ryan
My apologies – I’m having serious line problems ATM. The point I wanted to make is the [that] Zarefarid posted only part of the credit card numbers – enough for the user to recognize that he had them, but nor [not] enough for anyone to make use of them.
This was a clear case of whistleblowing. He had attempted to report the issue through the official channels but was ignored. So he chose this way, but without actually endangering anyone’s personal information (or card numbers).
That was more than 24 hours ago. No response whatsoever.
I don’t believe that Khosrow Zarefarid breached Google’s policy, although he clearly went up to the line. In this instance he was trying to prevent ‘personal and confidential information’ from ending up on the internet. I also believe that under such circumstances Google has a duty to warn the blog owner and provide means by which the blog content can be retrieved by the owner (this may have happened without me knowing about it – but I doubt it).
Google claims, in the same ‘content policy’:
Blogger is a free service for communication, self-expression and freedom of speech. We believe that Blogger increases the availability of information, encourages healthy debate and makes possible new connections between people.
We respect our users’ ownership of and responsibility for the content they choose to share. It is our belief that censoring this content is contrary to a service that bases itself on freedom of expression.
In this instance it did not live up to this ideal. In this instance, Google fell far short – and I appeal to Google to reverse this decision and come to some arrangement with Khosrow Zarefarid.
Keynote sessions from Infosecurity Europe 2012 – and a few other stories
Infosecurity Europe is over for another year. If you weren’t there, well I just suggest you make sure you get there next year. Meantime, here’s my take on a couple of the announcements and almost all of the keynote sessions:
Infosecurity Europe 2012: Minister of State for Universities and Science introduces the 2012 security breaches survey
The challenge, says the Rt Hon David Willetts, is that in order to get the economic and social benefits that the internet offers, we need to first tackle cyber security.
24 April 2012
PwC and Infosecurity Europe release the latest Information Security Breaches Survey
Significant attacks more than double, but one-in five companies still spend less than one percent of their IT budget on security, and more than half of small organizations do no security training at all.
24 April 2012
Russian cybercrime: what Russia is doing, and what it should be doing
Russian security company Group-IB says Russian cybercriminals made £2.3b in 2011; Russian-speaking cybercriminals made more than $4b; and worldwide, cybercriminals made more than $12.5b.
24 April 2012
Trustworthy Internet Movement Launches Pulse Tracker
The problem, says Pulse, is that we are telling users that this site has SSL, so it’s secure. That’s not necessarily true. We are promulgating a false sense of security, and we need to fix that.
25 April 2012
Infosecurity Europe 2012: defining risk management in the context of information security
The three companies represented on the keynote panel (G4S Secure Solutions, Steria UK, and Skipton Building Society) are very different; and their CISOs have very different views on the functioning of risk management within infosec.
25 April 2012
Infosecurity Europe 2012: the rising role of the CISO
Chaired by Quocirca’s Bob Tarzey, Network Rail’s CISO Peter Gibbons and Yell’s CISO Phil Cracknell led a lively discussion on the current and future role of the CISO.
25 April 2012
Ipswitch survey reveals the extent to which IT is losing control over data
IT needs governance; but users are choosing simplicity. In choosing and using their own non-sanctioned methods for data transfer, users are causing IT to lose control over its own data.
25 April 2012
Infosecurity Europe 2012: AET & APT – Is this the next-generation attack?
Advanced persistent threats (APT) and advanced evasive techniques (AET): what are they, who’s doing them, and what can we do about them?
26 April 2012
Has the time come to dump anti-virus?
Bit-9 asks the question that dare not be spoken: is anti-virus beyond its sell-by date? And is BYOD the final straw?
26 April 2012
Infosecurity Europe 2012: The ICO on better regulation and better infosec
Christopher Graham, the UK Information Commissioner, talks about his role as an information regulator and facilitator at Infosecurity Europe in London
26 April 2012
Infosecurity Europe 2012: Are we smart enough to secure smartphones?
Three heads of security from three very different organizations came together to discuss their practical and very different experiences in introducing a company BYOD strategy.
26 April 2012
Infosecurity Europe 2012: The insider threat – is it real?
While the primary security stance faces outwards and is designed to keep hackers and malware outside of the system, organizations are increasingly aware that their own staff are also a potential – and in some cases an active – threat.
27 April 2012
Infosecurity Europe 2012: The cloud – do you really know what you’re getting in to?
The cloud is new; but it’s been around for years. It’s insecure; but more secure than we fear. Two practitioners discussed the cloud of FUD.
27 April 2012
It’s the lack of understanding of virtualization that makes security an issue
A new study from Kaspersky Lab confirms an earlier one from Crossbeam Systems: it’s a lack of knowledge about virtualization that leads to fear for its security.
26 April 2012
