Mahmoud

California’s Housing Policy Is Holding Back Its Climate Policy

Elon Musk on public transit:

"It's a pain in the ass. That's why everyone doesn't like it. And there's like a bunch of random strangers, one of who might be a serial killer, OK, great."

""The man trying to build tunnels around the country is awfully unimpressed by the basic concept of shared, mass transportation."

@mattdpearce: first thing I thought of was that Danish inventor guy and his private murder submarine.

@Vinncent: Thinking everyone is a serial killer is a very normal thing to do, rather than serial killer behavior. hey I'm just asking questions

@alexnpress: in musk's defense, if I'd spent years of my life working with peter thiel, I'd probably think there were a lot more serial killers in the world than there actually are

@nandelabra: There's really no way to prove that neither he nor Peter Thiel are in fact not low-rent Patrick Batemans.

@YePirateLiberal: I will eat my own hat if @elonmusk has ever ridden San Francisco's (efficient, if shabby) BART train or (quaintly adequate) Muni trolley as anything but a publicity stunt to "prove how terrible they are".

@collumbo: In fairness getting public transport to / from your hollowed out volcano can be a challenge

@MyDickerson: Have you considered that you don't hate public transit, you just hate the poor? This is so removed from the actual experience of riding the bus. You are a misanthrope.

@brandcoachkelly: Serial killers don't drive? I mean it seems that would be a better way to get away with the crime, but ok!

Previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously.

, so I signed up for a free trial of Spotify and then Tidal. The default tier of Spotify sounds awful, but that's to be expected; if you upgrade to premium, you get "real quality" music, which sounds okay, roughly like the music I already had on my iPhone.

I figured there was basically no chance I'd be able to tell the difference between that and Tidal's "Hi-fi" tier (lossless compression, ~1.4Mbps), given that I don't have particularly high-quality audio equipment (ok, Bose headphones, known more for their noise cancelling than professional-grade audio fidelity).

I was wrong. I can tell the difference. (No, it's not just louder and it doesn't just have more bass.) In fact, it sounds like I remember CDs sounding back in the 1990s. Go figure. I had thought my ears just got worse with age, but no, just this once it wasn't me, it was whole world that degraded.

Sigh.

[There's this kinda weird "scratchiness" in compressed music in the mid ranges, eg. vocals, that kinda crept up on me over the years. Listening to uncompressed music for the first time in forever was a real "wait a minute..." feeling.]

I'm almost 100% sure I'm not an audiophile, so all in all, I'm pretty confused by this.

We all understand, on some level, that as adults we must go back and correct the oversimplifications we learned as schoolchildren. But for a sense of how large the scale of those quasi-truths, you must imagine the whole world: that is, you must imagine how you imagine the whole world, a mental picture probably taken straight from the map hung on the classroom wall. And the lines of that map came straight, in a sense, from the work of 16th-century cartographer Gerardus Mercator.

Though Mercator's world-mapping method came as a revolution, it has also given generation after generation after generation very much the wrong idea about how big the world's countries actually are. Mercator Projection, as Citymetric describes it, "re-imagines the earth as the surface of a cylinder.

When laid out flat, it’s pleasingly rectangular, and its eastern and western edges line up neatly." But while "in reality, lines of longitude converge at the poles; on the map, they're parallel. As a result, the closer you get to the poles, the more distorted the map becomes, and the bigger things look relative to their actual size."

Hence the need for such re-imaginings of the world map as The True Size, "a website that lets you compare the size of any nation or US state to other land masses, by allowing you to move them around to anywhere else on the map." Just search for any country in the box in the map's upper-left corner, and that country's borders will appear highlighted in color. When you click and drag those borders to another part of the world, specifically a part of the world at a different latitude, you'll notice that the shape of the dragged country seems to deform.

But that appearance of distortion is only relative to the shapes and sizes we've long internalized from the Mercator map: when you move Australia up and it covers a third of Russia, or when you move the vast-looking Greenland down and it doesn't even cover Argentina, you're looking — perhaps for the first time — at a geographically accurate size comparison. Does that (to quote the humorless representative of the Organization of Cartographers for Social Equality in the West Wing episode cited as one inspiration for the True Size Map) blow your mind?

Explore the True Size Map here.

Related Content:

Japanese Designers May Have Created the Most Accurate Map of Our World: See the AuthaGraph

The History of Cartography, the “Most Ambitious Overview of Map Making Ever,” Now Free Online

New York Public Library Puts 20,000 Hi-Res Maps Online & Makes Them Free to Download and Use

Why Making Accurate World Maps Is Mathematically Impossible

Download 67,000 Historic Maps (in High Resolution) from the Wonderful David Rumsey Map Collection

Based in Seoul, Colin Marshall writes and broadcasts on cities and culture. His projects include the book The Stateless City: a Walk through 21st-Century Los Angeles and the video series The City in Cinema. Follow him on Twitter at @colinmarshall or on Facebook.

The “True Size” Maps Shows You the Real Size of Every Country (and Will Change Your Mental Picture of the World) is a post from: Open Culture. Follow us on Facebook, Twitter, and Google Plus, or get our Daily Email. And don't miss our big collections of Free Online Courses, Free Online Movies, Free eBooks, Free Audio Books, Free Foreign Language Lessons, and MOOCs.

Click here to go see the bonus panel!

Hovertext:
Sorry for the serious comic. It'll be back to butt jokes tomorrow. This has been a thing that's been stressing us pretty bad for a few weeks, so I thought I'd share. Apologies to all people who are not from the US, and who are shocked and/or baffled.

New comic!
Today's News:

“we can’t wait for you to enjoy getting more when we give you less”

Czech Press Photo, Filip Jandourek
// thanks Aimee Lacariere

Image by Bibliothèque nationale de France, via Wikimedia Commons

Marie Curie has a place in history because of her research on radioactivity, of course, but a look into her biography reveals another area she had a part in pioneering: crowdfunding. It happened in 1921, 23 years after she discovered radium and a decade after she won the Nobel Prize in Chemistry (her second Nobel, the first being the Physics prize, shared with her husband Pierre and physicist Henri Becquerel in 1903). The previous year, writes Ann M. Lewicki in the journal Radiology, an American reporter by the name of Marie Meloney had landed a rare interview with Curie, during which the famed physicist-chemist admitted her greatest desire: "some additional radium so that she could continue her laboratory research."

It seems that "she who had discovered radium, who had freely shared all information about the extraction process, and who had given radium away so that cancer patients could be treated, found herself without the financial means to acquire the expensive substance." Radium no longer exists in its pure form now, and even in 1921 it was, to quote Back to the Future's Doc Brown on plutonium, a little hard to come by: it cost $100,000 per gram back then, which Smithsonian.com's Kat Eschner estimates at "about $1.3 million today."

The solution arrived in the form of the Marie Curie Radium Fund, launched by Meloney and contributed to by numerous female academics, who raised more than half the full sum in less than a year. And so in 1921, as the National Institute of Standards and Technology tells it, "Marie Curie made her first visit to the United States accompanied by her two daughters Irène and Eve." They visited, among other places, the Radium Refining Plant in Pittsburgh and the White House, where she received her gram of radium from President Warren Harding. "The hazardous source itself was not brought to the ceremony," the NIST hastens to add. "Instead, she was presented with a golden key to the coffer and a certificate."

The real stuff went back on the ship to Paris with her. As for that extra $56,413.54 proto-crowdfunded by the Marie Curie Radium Fund, it eventually went on to support the Marie Curie Fellowship, first awarded in 1963 to support a French or American woman studying chemistry, physics, or radiology. Given the costs of innovative research in those fields today, Curie's intellectual descendants might have a hard time funding their work on, say, Kickstarter, but they have only to remember what happened when she ran out of radium to remind themselves of the untapped support potentially all around them.

via The Smithsonian

Related Content:

An Animated Introduction to the Life & Work of Marie Curie, the First Female Nobel Laureate

Marie Curie Attended a Secret, Underground “Flying University” When Women Were Banned from Polish Universities

Marie Curie Invented Mobile X-Ray Units to Help Save Wounded Soldiers in World War I

Marie Curie’s Research Papers Are Still Radioactive 100+ Years Later

New Archive Puts 1000s of Einstein’s Papers Online, Including This Great Letter to Marie Curie

Based in Seoul, Colin Marshall writes and broadcasts on cities and culture. His projects include the book The Stateless City: a Walk through 21st-Century Los Angeles and the video series The City in Cinema. Follow him on Twitter at @colinmarshall or on Facebook.

How American Women “Kickstarted” a Campaign to Give Marie Curie a Gram of Radium, Raising $120,000 in 1921 is a post from: Open Culture. Follow us on Facebook, Twitter, and Google Plus, or get our Daily Email. And don't miss our big collections of Free Online Courses, Free Online Movies, Free eBooks, Free Audio Books, Free Foreign Language Lessons, and MOOCs.

The average annual income you need to buy a home in the United States is $55,390. That is already an insane amount for most of the globe. In New York City that figure doubles to $99,151. San Francisco more than triples the national average with a staggering $173,330. Unfortunately, San Jose takes the national crown in one of the few stats we don't want to dominate. Brace yourself... to buy a medium priced home in San Jose today--you should be making $216,181 each year. Oh, and that is assuming you have the capital saved up for a 20% down payment. Um, ouch!

Source: SiliconBeat

Full episodes of Squidbillies: http://asw.im/5wTi4o
The Atlanta Braves' organist shares his spirited version of the theme song. New episodes of Squidbillies premiere Sundays at Midnight.

SUBSCRIBE: http://bit.ly/AdultSwimSubscribe

About Squidbillies:
Squidbillies is Adult Swim's only backwoods comedy starring Appalachian mud squids. Brought to you by Dave Willis (Aqua Teen Hunger Force) and Jim Fortier, Squidbillies is the story of a dysfunctional redneck family and the equally defective Georgia town from which they hail. Early, Granny, and Rusty are proud, beer guzzling, Southern taxpayers who don't take kindly to government intervention or not getting their welfare checks. Come see their ongoing efforts to protect your second amendment rights at http://AdultSwim.com.

Watch Squidbillies: http://bit.ly/SquidbilliesSite

About Adult Swim:
Adult Swim is your late-night home for animation and live-action comedy. Enjoy some of your favorite shows, including Robot Chicken, Venture Bros., Tim and Eric, Aqua Teen, Childrens Hospital, Delocated, Metalocalypse, Squidbillies, and more. Watch some playlists. Fast forward, rewind, pause. It's all here. And remember to visit http://AdultSwim.com for all your full episode needs. We know you wouldn't forget, but it never hurts to make sure.

Connect with Adult Swim Online:
Visit Adult Swim WEBSITE: http://bit.ly/ASWebsite
Like Adult Swim on FACEBOOK: http://bit.ly/ASFacebook
Follow Adult Swim on TWITTER: http://bit.ly/ASTweet

Matthew Kaminski Behind The Scenes | Squidbillies | Adult Swim
http://www.youtube.com/user/adultswim

171119

Single image super-resolution (SISR) is an emerging technology that uses automated texture synthesis to enhance dithered and blurry photos to nearly pristine resolution. This example from EnhanceNet-PAT shows one type. There's even a free website called Let's Enhance where you can up-res your own images. (more…)

Great Moments in Standards Committees:

1F979 FROWNING PILE OF POO: Question on the justification for encoding this character, and whether it will encourage the encoding of other emotions on PILE OF POO; request to remove character.

MICHAEL EVERSON:

This character is damaging to both ISO/IEC 10646 and the Unicode Standard. It is bad enough that the ESC came up with it, but it beggars believe that the UTC actually approved it. Organic waste isn't cute. The existing PILE OF POO character was added for compatibility with Japanese telco sets. It is a pity that Apple followed Softbank rather than KDDI in its reference glyph, since a coil of dog dirt with stink lines and flies is surely the only proper semantic.

The idea that our committees would sanction further cute graphic characters based on this should embarrass absolutely everyone who votes yes on such an excrescence. Will we have a CRYING PILE OF POO next? PILE OF POO WITH TONGUE STICKING OUT? PILE OF POO WITH QUESTION MARKS FOR EYES? PILE OF POO WITH KARAOKE MIC? Will we have to encode a neutral FACELESS PILE OF POO?

As an ordinary user, I don't want this kind of crap on my phone. As a representative of the National Standards Authority of Ireland, I have to wonder what possible good could come of encoding such a character. Bullying, perhaps? Requested change: Remove this character from the PDAM and reject its encoding.

ANDREW WEST:

I'm concerned that this character will open the floodgates for an open-ended set of PILE OF POO emoji with emotions, such as CRYING PILE OF POO, PILE OF POO WITH LOOK OF TRIUMPH, PILE OF POO SCREAMING IN FEAR, etc. Is there really any need to add a range of emotions to PILE OF POO?

I personally think that changing PILE OF POO to a de facto SMILING PILE OF POO was wrong, but adding F|FROWNING PILE OF POO as a counterpart is even worse. If this is accepted then there will be no neutral, expressionless PILE OF POO, so at least a PILE OF POO WITH NO FACE would be required to be encoded to restore some balance. I recommend removing FROWNING PILE OF POO pending further study and public consultation on the need for additional PILE OF POO emoji.

Previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously.

As a huge fan of Halloween, I'm thrilled to see San Jose maintain its Zillow rank as the 2nd best city to Trick-or-Treat in. Each year, Zillow creates the list using population density, walk score, home values, local crime data, and age distributions. This should theoretically provide the cities where trick-or-treaters can get the most candy, in the least amount of time, with the fewest safety risks.

This year San Francisco has overtaken Philadelphia for the top spot, which now ranks #3 right behind San Jose.

Within San Jose, the top specific neighborhoods for trick-or-treating were West San Jose, Willow Glen, Cambrian Park, Rose Garden, Almaden Valley.

Source: Zillow

The Merc has a great interview with Scott Knies, the Executive Director of the San Jose Downtown Association. He discusses big changes, including the potential Google mega-campus which he is already dubbing the GoJo district (Google Jose). Residential, restaurants, and height restrictions also come up in the conversation. Check it out at the link below.

Source: The Merc

M8trix finally has some decent competition with the first phase of Bay 101's complex officially open. Of course, the casinos really don't see one another as competition--but as a part of complementary offerings that draw gamblers and entertainment-seekers to the area. Bay 101 even strategically located themselves on North First Street just blocks away from M8trix.

The new Bay 101 looks really sleek and is filled with modern touches like dynamic lighting, open spaces, and abstract art. The building spans 68,000 SQFT and has 49 gaming tables. Bay 101 also features a flagship Asian fusion restaurant called The Province, which is owned by the same people as Sino, Straits, and Roots & Rye at Santana Row. The restaurant will be higher-end than anything at M8trix (or the immediate area for that matter) and bring with it some nightlife and one of the most impressive outdoor patios in San Jose.

Future phases of the Bay 101 project include two hotels and a 237,000 SQFT tech campus. The first hotel is an Embassy Suites with 174 rooms in a seven-story building. For the development enthusiasts out there, yes that is a huge missed opportunity for one of the few parcels in San Jose where a 35-story building is not only economically viable but allowed by airport regulations. Perhaps they will think bigger for the second hotel. One thing is for sure, Bay 101 is going to help make North San Jose a lot more interesting.

Source: The Merc, hat tip to Arnold Kwok for sending this in!

171005

A 19-year-old Canadian man was found guilty of making almost three dozen fraudulent calls to emergency services across North America in 2013 and 2014. The false alarms, two of which targeted this author — involved phoning in phony bomb threats and multiple attempts at “swatting” — a dangerous hoax in which the perpetrator spoofs a call about a hostage situation or other violent crime in progress in the hopes of tricking police into responding at a particular address with deadly force.

Curtis Gervais of Ottawa was 16 when he began his swatting spree, which prompted police departments across the United States and Canada to respond to fake bomb threats and active shooter reports at a number of schools and residences.

Gervais, who taunted swatting targets using the Twitter accounts “ProbablyOnion” and “ProbablyOnion2,” got such a high off of his escapades that he hung out a for-hire shingle on Twitter, offering to swat anyone with the following tweet:

Several Twitter users apparently took him up on that offer. On March 9, 2014, @ProbablyOnion started sending me rude and annoying messages on Twitter. A month later (and several weeks after blocking him on Twitter), I received a phone call from the local police department. It was early in the morning on Apr. 10, and the cops wanted to know if everything was okay at our address.

Since this was not the first time someone had called in a fake hostage situation at my home, the call I received came from the police department’s non-emergency number, and they were unsurprised when I told them that the Krebs manor and all of its inhabitants were just fine.

Minutes after my local police department received that fake notification, @ProbablyOnion was bragging on Twitter about swatting me, including me on his public messages: “You have 5 hostages? And you will kill 1 hostage every 6 times and the police have 25 minutes to get you $100k in clear plastic.” Another message read: “Good morning! Just dispatched a swat team to your house, they didn’t even call you this time, hahaha.”

I told this user privately that targeting an investigative reporter maybe wasn’t the brightest idea, and that he was likely to wind up in jail soon.  On May 7, @ProbablyOnion tried to get the swat team to visit my home again, and once again without success. “How’s your door?” he tweeted. I replied: “Door’s fine, Curtis. But I’m guessing yours won’t be soon. Nice opsec!”

I was referring to a document that had just been leaked on Pastebin, which identified @ProbablyOnion as a 19-year-old Curtis Gervais from Ontario. @ProbablyOnion laughed it off but didn’t deny the accuracy of the information, except to tweet that the document got his age wrong.

A day later, @ProbablyOnion would post his final tweet before being arrested: “Still awaiting for the horsies to bash down my door,” a taunting reference to the Royal Canadian Mounted Police (RCMP).

A Sept. 14, 2017 article in the Ottawa Citizen doesn’t name Gervais because it is against the law in Canada to name individuals charged with or convicted of crimes committed while they are a minor. But the story quite clearly refers to Gervais, who reportedly is now married and expecting a child.

The Citizen says the teenager was arrested by Ottawa police after the U.S. FBI traced his Internet address to his parents’ home. The story notes that “the hacker” and his family have maintained his innocence throughout the trial, and that they plan to appeal the verdict. Gervais’ attorneys reportedly claimed the youth was framed by the hacker collective Anonymous, but the judge in the case was unconvinced.

Apparently, Ontario Court Justice Mitch Hoffman handed down a lenient sentence in part because of more than 900 hours of volunteer service the accused had performed in recent years. From the story:

Hoffman said that troublesome 16-year-old was hard to reconcile with the 19-year-old, recently married and soon-to-be father who stood in court before him, accompanied in court Thursday by his wife, father and mother.

“He has a bright future ahead of him if he uses his high level of computer skills and high intellect in a pro-social way,” Hoffman said. “If he does not, he has a penitentiary cell waiting for him if he uses his skills to criminal ends.”

According to the article, the teen will serve six months of his nine-month sentence at a youth group home and three months at home “under strict restrictions, including the forfeiture of a home computer used to carry out the cyber pranks.” He also is barred from using Twitter or Skype during his 18-month probation period.

Most people involved in swatting and making bomb threats are young males under the age of 18 — the age when kids seem to have little appreciation for or care about the seriousness of their actions. According to the FBI, each swatting incident costs emergency responders approximately $10,000. Each hoax also unnecessarily endangers the lives of the responders and the public.

In February 2017, another 19-year-old — a man from Long Beach, Calif. named Eric “Cosmo the God” Taylor — was sentenced to three year’s probation for his role in swatting my home in Northern Virginia in 2013. Taylor was among several men involved in making a false report to my local police department at the time about a supposed hostage situation at our house. In response, a heavily-armed police force surrounded my home and put me in handcuffs at gunpoint before the police realized it was all a dangerous hoax.

Sonic Drive-In, a fast-food chain with nearly 3,600 locations across 45 U.S. states, has acknowledged a breach affecting an unknown number of store payment systems. The ongoing breach may have led to a fire sale on millions of stolen credit and debit card accounts that are now being peddled in shadowy underground cybercrime stores, KrebsOnSecurity has learned.

The first hints of a breach at Oklahoma City-based Sonic came last week when I began hearing from sources at multiple financial institutions who noticed a recent pattern of fraudulent transactions on cards that had all previously been used at Sonic.

I directed several of these banking industry sources to have a look at a brand new batch of some five million credit and debit card accounts that were first put up for sale on Sept. 18 in a credit card theft bazaar previously featured here called Joker’s Stash:

Sure enough, two sources who agreed to purchase a handful of cards from that batch of accounts on sale at Joker’s discovered they all had been recently used at Sonic locations.

Armed with this information, I phoned Sonic, which responded within an hour that it was indeed investigating “a potential incident” at some Sonic locations.

“Our credit card processor informed us last week of unusual activity regarding credit cards used at SONIC,” reads a statement the company issued to KrebsOnSecurity. “The security of our guests’ information is very important to SONIC. We are working to understand the nature and scope of this issue, as we know how important this is to our guests. We immediately engaged third-party forensic experts and law enforcement when we heard from our processor. While law enforcement limits the information we can share, we will communicate additional information as we are able.”

Christi Woodworth, vice president of public relations at Sonic, said the investigation is still in its early stages, and the company does not yet know how many or which of its stores may be impacted.

The accounts apparently stolen from Sonic are part of a batch of cards that Joker’s Stash is calling “Firetigerrr,” and they are indexed by city, state and ZIP code. This geographic specificity allows potential buyers to purchase only cards that were stolen from Sonic customers who live near them, thus avoiding a common anti-fraud defense in which a financial institution might block out-of-state transactions from a known compromised card.

Malicious hackers typically steal credit card data from organizations that accept cards by hacking into point-of-sale systems remotely and seeding those systems with malicious software that can copy account data stored on a card’s magnetic stripe. Thieves can use that data to clone the cards and then use the counterfeits to buy high-priced merchandise from electronics stores and big box retailers.

Prices for the cards advertised in the Firetigerr batch are somewhat higher than for cards stolen in other breaches, likely because this batch is extremely fresh and unlikely to have been canceled by card-issuing banks yet.

Most of the cards range in price from $25 to $50, and the price is influenced by a number of factors, including: the type of card issued (Amex, Visa, MasterCard, etc); the card’s level (classic, standard, signature, platinum, etc.); whether the card is debit or credit; and the issuing bank.

I should note that it remains unclear whether Sonic is the only company whose customers’ cards are being sold in this particular batch of five million cards at Joker’s Stash. There are some (as yet unconfirmed) indications that perhaps Sonic customer cards are being mixed in with those stolen from other eatery brands that may be compromised by the same attackers.

The last known major card breach involving a large nationwide fast-food chain impacted more than a thousand Wendy’s locations and persisted for almost nine months after it was first disclosed here. The Wendy’s breach was extremely costly for card-issuing banks and credit unions, which were forced to continuously re-issue customer cards that kept getting re-compromised every time their customers went back to eat at another Wendy’s.

Part of the reason Wendy’s corporate offices had trouble getting a handle on the situation was that most of the breached locations were not corporate-owned but instead independently-owned franchises whose payment card systems were managed by third-party point-of-sale vendors.

According to Sonic’s Wikipedia page, roughly 90 percent of Sonic locations across America are franchised.

Dan Berger, president and CEO of the National Association of Federally Insured Credit Unions, said he’s not looking forward to the prospect of another Wendy’s-like fiasco.

“It’s going to be the financial institution that makes them whole, that pays off the charges or replaces money in the customer’s checking account, or reissues the cards, and all those costs fall back on the financial institutions,” Berger said. “These big card breaches are going to continue until there’s a national standard that holds retailers and merchants accountable.”

Financial institutions also bear some of the blame for the current state of affairs. The United States is embarrassingly the last of the G20 nations to make the shift to more secure chip-based cards, which are far more expensive and difficult for criminals to counterfeit. But many financial institutions still haven’t gotten around to replacing traditional magnetic stripe cards with chip-based cards. According to Visa, 58 percent of the more than 421 million Visa cards issued by U.S. financial institutions were chip-based as of March 2017.

Likewise, retailers that accept chip cards may present a less attractive target to hackers than those that don’t. In March 2017, Visa said the number of chip-enabled merchant locations in the country reached two million, representing 44 percent of stores that accept Visa.

Deloitte, one of the world’s “big four” accounting firms, has acknowledged a breach of its internal email systems, British news outlet The Guardian revealed today. Deloitte has sought to downplay the incident, saying it impacted “very few” clients. But according to a source close to the investigation, the breach dates back to at least the fall of 2016, and involves the compromise of all administrator accounts at the company as well as Deloitte’s entire internal email system.

In a story published Monday morning, The Guardian said a breach at Deloitte involved usernames, passwords and personal data on the accountancy’s top blue-chip clients.

“The Guardian understands Deloitte clients across all of these sectors had material in the company email system that was breached,” The Guardian’s Nick Hopkins wrote. “The companies include household names as well as US government departments. So far, six of Deloitte’s clients have been told their information was ‘impacted’ by the hack.”

In a statement sent to KrebsOnSecurity, Deloitte acknowledged a “cyber incident” involving unauthorized access to its email platform.

“The review of that platform is complete,” the statement reads. “Importantly, the review enabled us to understand precisely what information was at risk and what the hacker actually did and to determine that only very few clients were impacted [and] no disruption has occurred to client businesses, to Deloitte’s ability to continue to serve clients, or to consumers.”

However, information shared by a person with direct knowledge of the incident said the company in fact does not yet know precisely when the intrusion occurred, or for how long the hackers were inside of its systems.

This source, speaking on condition of anonymity, said the team investigating the breach focused their attention on a company office in Nashville known as the “Hermitage,” where the breach is thought to have begun.

The source confirmed The Guardian reporting that current estimates put the intrusion sometime in the fall of 2016, and added that investigators still are not certain that they have completely evicted the intruders from the network.

Indeed, it appears that Deloitte has known something was not right for some time. According to this source, the company sent out a “mandatory password reset” email on Oct. 13, 2016 to all Deloitte employees in the United States. The notice stated that employee passwords and personal identification numbers (PINs) needed to be changed by Oct. 17, 2016, and that employees who failed to do so would be unable to access email or other Deloitte applications. The message also included advice on how to pick complex passwords:

The source told KrebsOnSecurity they were coming forward with information about the breach because, “I think it’s unfortunate how we have handled this and swept it under the rug. It wasn’t a small amount of emails like reported. They accessed the entire email database and all admin accounts. But we never notified our advisory clients or our cyber intel clients.”

“Cyber intel” refers to Deloitte’s Cyber Intelligence Centre, which provides 24/7 “business-focused operational security” to a number of big companies, including CSAA Insurance, FedEx, Invesco, and St. Joseph’s Healthcare System, among others.

This same source said forensic investigators identified several gigabytes of data being exfiltrated to a server in the United Kingdom. The source further said the hackers had free reign in the network for “a long time” and that the company still does not know exactly how much total data was taken.

In its statement about the incident, Deloitte said it responded by “implementing its comprehensive security protocol and initiating an intensive and thorough review which included mobilizing a team of cyber-security and confidentiality experts inside and outside of Deloitte.” Additionally, the company said it contacted governmental authorities immediately after it became aware of the incident, and that it contacted each of the “very few clients impacted.”

“Deloitte remains deeply committed to ensuring that its cyber-security defenses are best in class, to investing heavily in protecting confidential information and to continually reviewing and enhancing cyber security,” the statement concludes.

Deloitte has not yet responded to follow-up requests for comment.  The Guardian reported that Deloitte notified six affected clients, but Deloitte has not said publicly yet when it notified those customers.

Deloitte has a significant cybersecurity consulting practice globally, wherein it advises many of its clients on how best to secure their systems and sensitive data from hackers. In 2012, Deloitte was ranked #1 globally in security consulting based on revenue.

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a private company based in the United Kingdom. According to the company’s Web site, Deloitte has more than 263,000 employees at member firms delivering services in audit and insurance, tax, consulting, financial advisory, risk advisory, and related services in more than 150 countries and territories. Revenues for the fiscal year 2017 were $38.8 billion.

The breach at the big-four accountancy comes on the heels of a massive breach at big-three consumer credit bureau Equifax. That incident involved several months of unauthorized access in which intruders stole Social Security numbers, birth dates, and addresses on 143 million Americans.

This is a developing story. Any updates will be posted as available, and noted with update timestamps.

Geoff Boeing: "Funny how renderings of the Apple Park campus always showed it in a gorgeous forest, when it's actually just plunked down in suburban sprawl."

If you need to make movies, if you feel like you can't rest until you've told this particular story that you're burning to tell, then Martin Scorsese has a course for you. Through MasterClass, the director of Goodfellas, Raging Bull, Taxi Driver, and Mean Streets is now set to teach his first online course. According to the video trailer above, Scorsese will explore in 20+ lessons everything from cinematography and editing, to working with actors, on-set directing, and developing a personal filmmaking style. The $90 course won't be released until early 2018, but anyone who pre-enrolls now will get early access to the class.

While you wait, you can also take Werner Herzog's own course on filmmaking (also offered through MasterClass). Or explore Scorsese's lists of recommended films that we've previously featured here on Open Culture. Find them in the Relateds right below.

Follow Open Culture on Facebook and Twitter and share intelligent media with your friends. Or better yet, sign up for our daily email and get a daily dose of Open Culture in your inbox. 

If you'd like to support Open Culture and our mission, please consider making a donation to our site. It's hard to rely 100% on ads, and your contributions will help us provide the best free cultural and educational materials.

Note: MasterClass is one of our partners. So if you sign up for a course, it benefits not just you and MasterClass. It benefits Open Culture too. So consider it win-win-win.

Other MasterClass courses worth exploring include:

• Herbie Hancock on Jazz
• Garry Kasparov on Chess
• Dr. Jane Goodall on the Environment
• David Mamet on Dramatic Writing
• Steve Martin on Comedy
• Aaron Sorkin on Screenwriting
• Gordon Ramsay on Cooking

Related Content:

Martin Scorsese Creates a List of 39 Essential Foreign Films for a Young Filmmaker

Martin Scorsese Makes a List of 85 Films Every Aspiring Filmmaker Needs to See

Martin Scorsese Names His Top 10 Films in the Criterion Collection

Great Filmmakers Offer Advice to Young Directors: Tarantino, Herzog, Coppola, Scorsese, Anderson, Fellini & More

Werner Herzog Teaches His First Online Course on Filmmaking

 

Martin Scorsese to Teach His First Online Course on Filmmaking is a post from: Open Culture. Follow us on Facebook, Twitter, and Google Plus, or get our Daily Email. And don't miss our big collections of Free Online Courses, Free Online Movies, Free eBooks, Free Audio Books, Free Foreign Language Lessons, and MOOCs.