Ethereum Scammers Posing as Tech Celebrities Are Running Rampant On Twitter

posted Feb 24, 2018, 12:09 PM by Resty Manapat

Not even Ethereum's founder, Vitalik Buterin, is immune. 

Scammers are tricking gullible Twitter users into sending their hard-earned ether (Ethereum’s in-house cryptocurrency) to random addresses with the empty promise of a hefty giveaway. It’s the latest chapter in the neverending saga of scammers exploiting the cryptocurrency gold rush, and the so-called Bitcoin or Ethereum FOMO, or fear of missing out on an investment.

In this case, the scammers are out in the open impersonating well-known figures in the cryptocurrency community or the tech world, such as Ethereum founder Vitalik ButerinElon Musk, and John McAfee. The scammers often reply to tweets from the real accounts they are impersonating, in an apparent attempt to catch distracted users who might not notice that the Twitter handle is different, or that the account lacks a verified checkmark.

A fake account looking for a handout. Screengrab: Twitter

I visited these links and checked the Ethereum addresses they advertise. If someone clicks on the short URLs, they are taken to a page that looks like this:

Screengrab: Author

To further deceive people, those pages includes what looks like a log of Ether payments, both incoming and outgoing. But the logs don’t appear to be real. The scammers also appear to be using other fake Twitter accounts to make it look like they’re giving out ether.

The below screenshot of an Ethereum address used by the scammers—and linked to in the tweets soliciting money—shows outgoing payments, but it is likely forged. If you check the address’s balance on a legitimate blockchain explorer, there are no outgoing payments, only incoming. This particular scammer has gathered more than 40 Ether (roughly $35,000) as of this writing. If you’re keeping track at home, these Twitter accounts posted the link that lead to that address.

A forged transaction log. Screengrab: Author

Buterin himself has called out these type of scams, begging his followers not to trust“ anyone who asks you for ETH on Twitter.”

“Twitter is terrible, part 629: go to this link, but with the space removed. Notice how it is not in fact my tweet,” Buterin tweeted on Friday, showing how easy it is to trick people.

Twitter did not immediately respond to a series of questions asking what the company is doing to stop these scams.

On Friday, scammers were apparently using a new trick to—presumably—circumvent Twitter filters: using a Cyrillic letter that looks like an “r” when posting the word “address,” as malware researcher Mikko Hypponen noted in a tweet on Friday.

Please, do not believe people who are literally promising free money in exchange for your money. They’re probably not going to give it to you. In the last few months, we’ve seen countless examples of these scams. Some scammers impersonate well-known professors on Slack, others even tried—and failed—to scam our own cryptocurrency expert in residence and editor Jordan Pearson. More sophisticated crooks have been targeting people’s online accounts directly, hijacking their SIM cards and stealing their passwords. So be careful with that too and enable two-factor with an app (and not with your cellphone number) if you use exchanges like Coinbase or Gemini.

 

Source: MOTHERBOARD

Study claims most businesses lack cyber expertise to prevent attacks

posted Feb 12, 2018, 9:52 PM by Resty Manapat

The majority of businesses lack cybersecurity expertise to prevent cyberattacks and protect customers, according to a recent study. 

Cyber insurance company Hiscox surveyed 4,000 organizations and rated them on a  cyber readiness model that divided respondents into ‘cyber novices', ‘cyber intermediates' and ‘cyber experts' and found that only 11 percent scored highly enough in both cyber security strategy and the quality of its execution to qualify as cyber security ‘experts'

Nearly three quarters, 73 percent, fell into the novice category but not for underinvestment in technology but because firms are failing to support their investment in security technology with a formal strategy, sufficient resourcing and training, and sound processes.

On average, the study fund experts were more proactive with 89 percent having a clearly defined cyber strategy, 72 percent being prepared to make changes after a breach and 97 percent incorporating security training and awareness throughout the workforce.

Researchers noted that divide in cyber readiness between the cyber novices and the cyber experts is mirrored by the firms' expenditures on IT and the proportion of it they devote to cyber security. The study found the average cyber expert spends $2.5 million a year on cyber defense compared while the average cyber novice  only spends $980,000 although it's worth noting that a higher percentage of firms rated ‘experts' were larger firms which would likely have more resources to dedicate.

Dr. Anton Grashion a manager at Cylance noted the complexity of being expert enough to chase threats into the organization if they have not been prevented is also exacerbated by the growing cyber skills shortage.

"Although it was a relatively small data set from which to assess the security expertise of a territory, some of the problem boils down to increasing complexity both in threat landscape and the complexity of building the countermeasures,” Grashion said. “Using the example of the NHS and WannaCry; if the malware had been stopped before it detonated, much of the knock on effect would have been avoided.”

Grashion also noted the basic importance of organizations ensuring all of their systems are patched adn up to date. Experts agree, Ryan Wilk, Vice President of Customer Success at NuData Security said Despite a flurry of high-profile breaches, ransoms and other security incidents, many businesses still think about cybersecurity only as an abstract threat.

"The common wisdom amongst security professionals in 2018 is that if you haven't already been breached, you will be," Wilk said. "Companies need to match this sustained threat level with cyber policies and products that protect them, their customers and employees as well as attempting to raise general awareness of cybersecurity."

Wilk added that firms can no longer rely on passwords and usernames to keep themselves safe from cybercrime, and that more stringent security measures such as passive biometrics or two-factor authentication will need to be adapted.

 

Source: SC MEDIA  /  THE CYBERSECURITY SOURCE

To Curb Bad Verdicts, Court Adds Lesson on Racial Bias for Juries

posted Jan 28, 2018, 9:09 AM by Resty Manapat

The classic courtroom scene of a witness confidently identifying an attacker by pointing toward the defendant is a moment that can make a powerful impression on a jury.

But it is an impression that most psychologists agree is unreliable, especially when the victim or other eyewitness and the defendant are of different races. And it has resulted in people going to prison for crimes they did not commit.

Six years ago, state court administrators gave trial judges in New York the option of telling jurors that in their deliberations, they may consider the unreliability of cross-racial identification.

The state’s highest court, the Court of Appeals, went further in a decision issued on Thursday. It told judges that in criminal cases where the identifying witness and defendant appear to be of different races, the defense is entitled to have the jurors told about the unreliability of cross-witness identification if requested.

In the majority opinion, Judge Eugene M. Fahey cited mounting scientific evidence and criminal exonerations in concluding that the “the risk of wrongful convictions involving cross-racial identification demands a new approach.”

People generally have greater difficulty identifying someone of a different race than their own, a phenomenon that scientists have observed for more than a century. One analysis of 39 studies found that participants were one-and-a-half times more likely to falsely identify the face of a stranger of a different race.

Often, jurors do not perceive problems with how witnesses identify people of a different race. In a 2006 survey conducted by the American Psychological Association, only 36 percent of over 1,000 jurors understood that cross-racial identification was less reliable than same-race identification, while nearly half believed they were equally reliable.

“The need for a charge on the cross-race effect is evident,” the court said, referring to the instruction. “The question becomes how this instruction is best given.”

The rule issued by the Court of Appeals on Thursday applies to all cases where a witness’s identification of the perpetrator is an issue and the instruction is requested by the defendant, who the judges said must appear to be of a different race than the eyewitness who identified him.

State courts in Hawaii, Massachusetts and New Jersey have instituted rules similar to the new one in New York, while courts in Washington State and Georgia, as well as federal courts in Detroit, Indianapolis and the District of Columbia allow an instruction, at the discretion of the trial judge.

Supporters of such an instruction said it was necessary to reduce the risk of wrongful convictions, which disproportionately affect black men.

The Innocence Project, a nonprofit legal group, said in a brief filed with the court that over 70 percent of the 353 convictions it has had overturned on DNA evidence involved misidentification. And of those, nearly half involve a defendant and a witness of different races. Black men were the defendants in more than 200 of the exonerations handled by the group.

Marne Lenox, who co-authored a brief on behalf of the NAACP Legal Defense and Educational Fund Inc., said the ruling sends “an important signal” across the country.

“This decision helps level the playing field and prevent future wrongful convictions, especially of defendants of color, based on scientifically dubious cross-racial identifications,” Ms. Lenox said.

As courts, legislatures and law enforcement agencies revisit the use of eyewitnesses in criminal cases, she said she hoped they would look to New York and “enact common-sense reform.”

The case that led to the decision involved a black man, Otis Boone, who was convicted of robbery solely on the testimony of two white men who said he robbed them of their cellphones in Brooklyn in 2011.

The victims, a teenager and a man in his 20s, said the robber approached them and asked for the time before snatching their phones out of their hands and fleeing. The older victim gave chase until the robber pulled out a knife and warned him to stay back. The younger man put up a fight, but the robber stabbed him in the back.

Both victims picked Mr. Boone out of a six-man police lineup. The teenager hesitated until he heard Mr. Boone say, “What time is it?”

In ruling that the defense was entitled to the identification instruction, the court ordered a new trial for Mr. Boone, whose original sentence of 25 years in prison was reduced to 15 by a lower appellate court.

The Brooklyn district attorney’s office said it was reviewing the court’s decision and weighing how to proceed.

The trial judge in Brooklyn had rejected Mr. Boone’s request for the cross-racial instruction, partly on the belief that the instruction should not be given to jurors if no expert had testified on the subject at trial. An appellate court agreed with the trial court, but chose to reduce Mr. Boone’s sentence.

Judge Fahey, of the Appeals Court, whose opinion was joined by four of the panel’s seven judges, wrote that the lower courts were mistaken.

Judge Michael J. Garcia agreed that the trial judge had erred in not allowing the identification instruction, but in a concurring opinion, said that his colleagues went too far in effectively making the instruction mandatory. He said requiring the instruction “creates a substantial risk of juror confusion and serves only to hinder, rather than aid, the jury’s critical fact-finding function.”

Judge Leslie E. Stein joined in the concurring opinion. Judge Rowan D. Wilson did not participate in the decision.


Source: New York Times

California crime debate continues, setting stage for bail reform

posted Dec 31, 2017, 6:38 PM by Resty Manapat

California, which had led the nation in cracking down on crime in the 1980s and 1990s by locking up tens of thousands of felons, has dramatically reversed course in the last half-decade, to wit: 

•Responding to pressure from federal courts to reduce prison overcrowding, Gov. Jerry Brown and the Legislature enacted “realignment,” which diverted low-level felons into local jails and probation, thus dropping prison populations by about one-third via attrition; 

•Proposition 47, passed by voters in 2014, reclassified many lower-level felonies as misdemeanors, thus keeping offenders out of state prison, and allowed inmates who committed the downgraded crimes to apply for release; 

•Proposition 57, sponsored by Brown and passed by voters last year, makes it easier for felons deemed to have committed nonviolent crimes — although there’s a continuing dispute over the definitions of those crimes — to obtain parole. 

These major changes have not been without controversy. Many law enforcement officials contend that they mean more criminals walking the streets and committing more crimes. Those on both sides of the debate cite crime statistics, but even when they agree on what data to use, the numbers vary widely from community to community and it’s virtually impossible to show cause-and-effect relationships.

Two new reports demonstrate the lack of clarity. 

The Center on Juvenile and Criminal Justice looked at crime in Los Angeles County — which has a quarter of the state’s population and generates a third of those prosecuted for crimes — during what it calls “the justice reform era.” 

In the state as a whole, crimes per 100,000 population dropped 5 percent between 2010 and 2016, the study found, but Los Angeles Country saw a 5 percent increase and the city of Los Angeles a 9 percent increase, led by a 60 percent jump in assaults and 27 percent increase in all forms of violent crime. 

This week, the Public Policy Institute of California published a study of realignment, finding that low-level felons who were released from prison into local supervision were somewhat more likely to commit new crimes than similar parolees prior to realignment. 

The more startling bit of data, however, is that their “recidivism” rate was 71.9 percent, which indicates that the “correction” part of the penal system isn’t working very well. 

These reports and others are grist for the Capitol’s political mill as it grinds on the next big criminal justice issue: bail reform. 

A coalition of penal reform organizations is backing legislation by state Sen. Bob Hertzberg, a Van Nuys Democrat, aimed at reducing the number of those facing criminal charges who are locked up because they can’t post bail. 

“California’s current money bail system comes at great cost not only to the detained individual and his or her family but also to California communities,” Hertzberg argues. “When wealth and charges alone determine whether or not someone will be released pending trial, community safety suffers.”

Hertzberg’s Senate Bill 10 would curb judges’ power, eliminate local bail schedules and create “pretrial services agencies” to evaluate arrestees on an individual basis. It passed the Senate on a mostly party-line vote but stalled in the Assembly due to opposition from bail bond agents, many law enforcement groups and judges. 

As with the crime issue itself, the contending factions throw out conflicting data on how many accused are being held in local jails. Reform advocates say they may be as high as two-thirds of jail populations, while opponents say it’s more like a quarter. 

It will be a front-burner issue when the Legislature returns to the Capitol in January. 

Source:  San Francisco Chronicle 

Why Sexual Harassment Continues to Be A Problem in Silicon Valley and the Startup World

posted Jul 10, 2017, 10:34 AM by Resty Manapat

Silicon Valley has had a problem with sexual harassment in the workplace for a long time, but only now does it seem that the tech industry is coming to terms with the issue.  

One indicator: When venture capital firm Binary Capital decided to oust its cofounder Justin Caldbeck after a pair of investigations from The Information and The New York Times revealed that six women had accused him of sexual harassment. The Times report also included numerous stories from female startup founders and entrepreneurs who recounted cases where they had either been harassed or made to feel uncomfortable by men in the industry, many of whom were investors. Among them, the women named high-profile venture capitalists including Chris Sacca, entrepreneur-turned investor Marc Canter and 500 Startups CEO Dave McClure, who resigned from his role earlier this week.  

That's on top of the string of controversies at Uber Technologies Inc., which involved two investigations into the ride-hailing startup's company culture, including sexual harassment claims from a former engineer, Susan Fowler. The controversies ensnared Uber for several months, ultimately leading to the resignation of CEO Travis Kalanick and the departures of numerous high-profile executives, including business chief Emil Michael and senior vice president of engineering Amit Singhal.  

The allegations have kicked off something of a reckoning among Silicon Valley investors, executives, entrepreneurs and other observers. The New England Venture Capital Association, a trade group, encouraged its members to sign a pledge against discrimination and gender bias. Prominent VCs such as Bain Capital Ventures have since signed on.  

LinkedIn co-founder and Greylock Partners venture capitalist Reid Hoffman wrote a post laying out some of the steps Silicon Valley should take to resolve what he considers "entirely immoral and outrageous behavior." Part of that, Hoffman wrote, is getting people to adopt a "#DecencyPledge" to signify their support of harassment victims. Another, perhaps more influential, suggestion is to build an industry-wide HR function to oversee what happens between venture capitalists and entrepreneurs.  

But in order for real change to take place, Gina Bianchini, CEO of Mighty Networks, a software company that creates niche social networks, said high-profile VCs need to come out in support of the issue.  

"I don't think there should be an expectation that women are going to solve this issue," Bianchini explained. "We didn't create this."  

The revelations about Caldbeck and other venture capitalists have shed light on an area that has largely been overlooked so far -- the relationship between investors and female startup founders. Female entrepreneurs are placed into an especially vulnerable position when they seek funding from venture capitalists. The VC world is a male-dominated environment, where fewer than 6% of all decision-makers at U.S. VC firms are women, according to Fortune. Lisa Wang, co-founder of SheWorx, a community of female entrepreneurs, said she's experienced first-hand how challenging this relationship can be.  

"I had poured my blood, sweat and tears into this company and all I needed was capital to build and sustain my team," Wang explained. "You go into this meeting and the person sitting across from you holds the future of your company."  

"So when a woman gets a meeting with an investor and they say 'Hey, just meet me here for a drink,' you leap," Wang added. "Next thing you know, he's not interested in your company and you're like 'I thought this was business.'"  

This kind of dynamic isn't just restricted to pitch meetings. At this year's Consumer Electronics Show in Las Vegas, Wang said a high-profile investor tried to grab her face and kiss her. In another instance, an investor bypassed her, thinking that her male colleague was the founder of her food startup, Fooze. And during a serious fundraising conversation, an investor called her cute, she said.  

"It's those things that made me realize how difficult it is for female founders," Wang explained.  

Wang is trying to make it easier for female founders to report harassment, which SheWorx describes as anything from "egregious stories to the small paper cuts experienced every day," through an anonymous form on the company's website. Wang and SheWorx hope to form a committee of influential lead partners and general partners from investment firms that, using the data, can take action on individuals who were flagged for repeated harassment. In effect, the committee could serve as a pseudo HR body or watchdog that monitors interactions between startups and investors.  

Investors, too, need to stop perpetuating the culture that involves inappropriate behavior, like asking female founders "signaling questions" about their marriage status and other details, said Drew Koven, managing director of investment firm LDR Ventures. "You wouldn't ask a man those questions," Koven noted.  

 

Source: TheStreet

Tips for Using Public Wi-Fi Networks

posted Jul 8, 2017, 5:19 PM by Resty Manapat

Wi-Fi hotspots in coffee shops, libraries, airports, hotels, universities, and other public places are convenient, but often they’re not secure. If you connect to a Wi-Fi network, and send information through websites or mobile apps, it might be accessed by someone else.  

To protect your information when using wireless hotspots, send information only to sites that are fully encrypted, and avoid using mobile apps that require personal or financial information.  

How Encryption Works

Encryption is the key to keeping your personal information secure online. Encryption scrambles the information you send over the internet into a code so it’s not accessible to others. When you’re using wireless networks, it’s best to send personal information only if it’s encrypted — either by an encrypted website or a secure Wi-Fi network. An encrypted website protects only the information you send to and from that site. A secure wireless network encrypts all the information you send using that network.  

How to Tell If a Website is Encrypted

If you send email, share digital photos and videos, use social networks, or bank online, you’re sending personal information over the internet. The information you share is stored on a server — a powerful computer that collects and delivers content. Many websites, like banking sites, use encryption to protect your information as it travels from your computer to their server.  

To determine if a website is encrypted, look for https at the start of the web address (the “s” is for secure). Some websites use encryption only on the sign-in page, but if any part of your session isn’t encrypted, your entire account could be vulnerable. Look for https on every page you visit, not just when you sign in.  

What About Mobile Apps?

Unlike websites, mobile apps don’t have a visible indicator like https. Researchers have found that many mobile apps don’t encrypt information properly, so it’s a bad idea to use certain types of mobile apps on unsecured Wi-Fi. If you plan to use a mobile app to conduct sensitive transactions — like filing your taxes, shopping with a credit card, or accessing your bank account ­— use a secure wireless network or your phone’s data network (often referred to as 3G or 4G).  

If you must use an unsecured wireless network for transactions, use the company’s mobile website — where you can check for the https at the start of the web address — rather than the company’s mobile app.  

Don’t Assume a Wi-Fi Hotspot is Secure 

Most Wi-Fi hotspots don’t encrypt the information you send over the internet and aren’t secure. In fact, if a network doesn’t require a WPA or WPA2 password, it’s probably not secure.  

If you use an unsecured network to log in to an unencrypted site — or a site that uses encryption only on the sign-in page — other users on the network can see what you see and what you send. They could hijack your session and log in as you. New hacking tools — available for free online — make this easy, even for users with limited technical know-how. Your personal information, private documents, contacts, family photos, and even your login credentials could be up for grabs.  

An imposter could use your account to impersonate you and scam people in your contact lists. In addition, a hacker could test your username and password to try to gain access to other websites – including sites that store your financial information.  

Protect Your Information When Using Public Wi-Fi

Here’s how you can protect your information when using Wi-Fi:  

  • When using a hotspot, log in or send personal information only to websites you know are fully encrypted. To be secure, your entire visit to each site should be encrypted – from the time you log in to the site until you log out. If you think you’re logged in to an encrypted site but find yourself on an unencrypted page, log out right away.
  • Don’t stay permanently signed in to accounts. When you’ve finished using an account, log out.
  • Do not use the same password on different websites. It could give someone who gains access to one of your accounts access to many of your accounts.
  • Many web browsers alert users who try to visit fraudulent websites or download malicious programs. Pay attention to these warnings, and keep your browser and security software up-to-date.
  • Consider changing the settings on your mobile device so it doesn’t automatically connect to nearby Wi-Fi. That way, you have more control over when and how your device uses public Wi-Fi.
  • If you regularly access online accounts through Wi-Fi hotspots, use a virtual private network (VPN). VPNs encrypt traffic between your computer and the internet, even on unsecured networks. You can get a personal VPN account from a VPN service provider. In addition, some organizations create VPNs to provide secure, remote access for their employees. What’s more, VPN options are available for mobile devices; they can encrypt information you send through mobile apps.
  • Some Wi-Fi networks use encryption: WEP and WPA are common, but they might not protect you against all hacking programs. WPA2 is the strongest.
  • Installing browser add-ons or plug-ins can help. For example, Force-TLS and HTTPS-Everywhere are free Firefox add-ons that force the browser to use encryption on popular websites that usually aren't encrypted. They don’t protect you on all websites — look for https in the URL to know a site is secure.
  • Take steps to secure your home wireless network.  

 

Source: Federal Trade Commission

When Should Encouraging Suicide Be a Crime?

posted Jul 8, 2017, 4:37 PM by Resty Manapat

Michelle Carter was recently convicted by a Massachusetts judge of involuntary manslaughter in connection with the death of her boyfriend, Conrad Roy III, by suicide. Carter played a role in the suicide by repeatedly texting her boyfriend urging him to kill himself, expressing frustration with his delaying it, and assuring him that she would take care of his family’s well-being in the aftermath of his death, a worry that he voiced in hesitating to take his own life. In this column, I will discuss some of the issues that a conviction like this raises for free speech doctrine, the right to die, and traditional conceptions of causation and responsibility in the criminal law.  

Free Speech  

The Massachusetts branch of the American Civil Liberties Union (ACLU) has taken the position that Carter’s conviction violates her freedom of speech. At first glance, this might seem like a powerful argument. After all, Carter was expressing her point of view, that her boyfriend should commit suicide and that he should do it sooner rather than later. If she had written an essay or a book arguing either that suicide in general or her boyfriend’s suicide in particular was warranted, that writing would be protected by the First Amendment, and she could not be criminally punished for producing it. Indeed, under the 1992 Supreme Court ruling in Simon & Schuster, Inc. v. Members of N.Y. State Crime Victims Bd., the law could not even direct that the money she made from the writing be placed in a fund for victims, because even that would excessively burden her freedom of speech. So how is what she did different? Does a text message receive less free speech protection than a book or an essay?  

In principle no, but in context, the immediacy of the text makes a difference. As a speaker or writer, Carter was protected by the First Amendment in expressing her abstract viewpoints on a particular matter (including whether her boyfriend should commit suicide). Such expression, if objectionable, calls for more free expression arguing the other side of the debate, rather than censorship. That is the hallmark of free speech doctrine. But incitement to imminent lawlessness or violence is not protected by the First Amendment, under the Supreme Court’s landmark decision in Brandenburg v. Ohio. This is in part because there is no opportunity to counter the violent message with a contrary idea, precisely because of the immediacy of what the speech urges. Carter’s texts to her boyfriend seem logically to fall within the category of incitement. She was repeatedly pressing him, through her words, to take his life immediately. This sort of speech is not protected by the First Amendment.  

To appreciate why the distinction between advocacy of a position and incitement is a real one that makes sense, consider a different scenario from the actual one involving Carter and Roy. Imagine that in addition to Carter and Roy, there is a third person, John Doe, in the picture. Now imagine that instead of urging Roy to kill himself, Carter urges Doe to kill Roy. Assume that Doe voices various reasons for hesitation about killing Roy, suggesting at various points that he wants to put off the act until later and that he is worried about the consequences for Roy’s family of losing their son to murder. In response to Doe’s reluctance, assume that Carter tells him that she will make sure Roy’s family will get through the loss of Roy and that Carter very strongly urges him to go ahead and kill Roy right now. After repeated urgings in which she responds to any hesitation on Doe’s part by insisting that he kill Roy immediately, Doe finally kills Roy.  

In the hypothetical scenario, it seems much more straightforward to say that Carter’s urgings to homicide cannot possibly be protected speech under the First Amendment. By pushing Doe to kill Roy, Carter implicates herself in the homicide. Under a standard definition of complicity in the criminal law, an accomplice aids or encourages the direct perpetrator with the intention (or knowledge) of helping bring about the criminal outcome. Words can be used to encourage a third party to carry out a crime, and accomplices are often considered as culpable and are subject to the same penalties as the principal perpetrator. Indeed, in our hypothetical example, one might even call Carter the primary actor, given Doe’s hesitation and reluctance to commit the crime without the pressure he felt from Carter. Saying “shoot him now; it’s the best thing” is not protected by the First Amendment, even though an essay on the benefits of murder would be protected.  

Right to Die  

Another argument against holding Carter accountable for homicide for urging her boyfriend to kill himself is that suicide ought to be a protected right on the part of every competent individual. The law, on this approach, should not be dictating to people that they live if they deem their suffering to outweigh whatever benefits or pleasure that they derive from their lives. If our law recognized a right to suicide, it might seem potentially misguided to hold a third party criminally responsible for a suicide when the suicidal person was simply exercising a right to take their life.  

We can say two things in response to this argument. First, our law does not anywhere recognize suicide per se as a protected liberty right. The U.S. Supreme Court, in Washington v. Glucksberg, specifically rejected a right to physician assistance in dying. In a narrow range of cases involving the terminally ill who have six months or less to live, a handful of states and the District of Columbia do allow for assistance in suicide. This allowance does not, however, extend to helping people like Roy, who are physically healthy and wish to die because they are suffering from unbearable mental illness.  

Thus, even if Carter had simply provided the means for Roy to kill himself, she could have been held criminally responsible for his death, because neither his suicide itself nor her role in it is considered protected by law. But she did much more than simply help Roy do what he wanted and intended to do on his own. She pressured him to do something about which he had reservations. One might believe that she should therefore have been held criminally responsible for his death even if the law recognized a right to assistance in dying in cases like his. She did not merely help, in other words; she bent his will to her agenda.  

In any event, because suicide of a person like Roy is frowned upon by the law (though he is not considered a criminal himself), helping or encouraging him to commit suicide does not fall within any legally protected right-to-die category.  

Causation  

The causation argument connects with how suicide is often seen by the law and by commentators. Suicide is something that one person does to himself or herself, independently choosing to carry out an act of self-destruction. If another person encourages the suicide or otherwise tries to persuade an individual that he should kill himself, those speech acts are arguably superseded by the decision of the individual to carry out his own suicide. Once we know that Roy killed himself, we do not need to look to Carter for a causal account of what he did. We can locate full responsibility in Roy.  

The definition of involuntary manslaughter in Massachusetts also may seem ill-suited to what Carter did in writing texts to her boyfriend encouraging him to kill himself. Under the Massachusetts common law, the crime of involuntary manslaughter (of which Carter was convicted) is “an unintentional, unlawful killing caused by wanton or reckless conduct.”  

In this context, “wanton or reckless conduct” is “intentional conduct that creates a high degree of likelihood that substantial harm will result to another person.”  

What comes to mind in reading these words is a person who drives while intoxicated or who shoots a gun out a window with his eyes closed and kills someone. The person is doing something reckless that is very likely to have direct and harmful consequences, and the risks that he takes come to pass. Someone dies because the person in question drives into them drunk or because he shoots at them with his eyes closed. There is no superseding causal act, as there is in the case of a suicide.  

The notion of a superseding causal event (i.e., the suicide) is the strongest argument against holding Carter responsible for her boyfriend’s death. She was not exercising her freedom of speech, and she was not helping him enjoy his protected liberty right to die. But he could have simply rejected her imploring rather than choosing to do what she urged. Isn’t he the causal agent in his suicide, and doesn’t convicting Carter of manslaughter improperly attach responsibility for his actions to her?  

Perhaps, but there is a better argument going the other way. A person who is feeling like committing suicide is suffering terrible emotional anguish and, if he is texting with a girlfriend, is likely looking for comfort or someone to help him feel less distress. Instead of trying to soothe her boyfriend, however, Carter took it upon herself to pressure him repeatedly to take his own life. She rejected any hesitation on his part and tried to allay his legitimate concerns about his family’s reaction to his death by pushing harder and by promising (without foundation) that she would somehow take care of his family.  

Putting aside the “unintentional” part (because Carter plainly intended for her boyfriend to die, which only makes her actions worse), Carter spoke in a manner that showed a reckless disregard for the grave risk of harmful consequences that her words posed, namely, the death of her boyfriend. Worse than that, she positively pursued the harmful consequences of her words by repeatedly telling Roy to commit suicide and by trying to make him feel bad that he was not already dead.  

However one feels about a right to die (and for the record, I believe it ought to be protected), the behavior of Roy’s girlfriend was reprehensible. She did not offer him solace or comfort at a time when he needed it most. She instead hectored him for hesitating to kill himself and pushed as hard as she could for him to finally do what he did, take his own life.  

At one point, Roy exited the truck (which was filled with carbon monoxide), and Carter told him to get back inside. This was the judge’s reaction to that conduct: “This court finds that instructing Mr. Roy to get back in the truck constituted wanton and reckless conduct by Ms. Carter, creating a situation where there is a high degree of likelihood that substantial harm would result to Mr. Roy.” Had Carter done otherwise, had she—as the judge so poignantly put it—simply told him to leave the truck where he was suffocating from carbon monoxide poisoning, he probably would not have died that day.  

Because she put Roy in harm’s way, Carter had a duty to try to help him escape that harm, and she failed in that duty. He is gone because of what she said to him and because of what she did not say to him, and she understood perfectly what the impact of her statements might be, because it was exactly what she had urged. She did more than take a grave risk with her boyfriend’s life; she strongly urged him to end it when he was obviously vulnerable to her urgings. 

If, as the prosecutor suggested, Carter did what she did so that she could have the attention that people give to grieving girlfriends, then that motive is outrageous and ought to be taken into account at her sentencing hearing. But whatever her motives, Carter’s conviction for having killed her boyfriend after what she did (and failed to do) is just.  

 

Source: Justia Verdict

Lottery rigging accomplice used Wisconsin payout for offshore tax scam

posted Jul 7, 2017, 9:48 AM by Resty Manapat

After Robert Rhodes collected a Wisconsin Lottery jackpot that had been rigged by his friend, he used the windfall for an investment scheme that produced another wave of undeserved government money, court records show.  

Rhodes, an accomplice in a scandal that has shaken state lotteries, recently explained under oath how he used the $783,000 payout to receive an additional $180,000 in bogus tax refunds. The Texas businessman sent his lottery winnings offshore to buy a phony insurance policy for a personal corporation that never did any business — except receive the lottery prize. He then claimed the policy as a tax-deductible “business expense.”  

The upshot: Rhodes received roughly $150,000 from the U.S. government and $36,200 from Wisconsin in tax refunds on the lottery payout. But in an ironic twist, the St. Lucia-based insurer where Rhodes sent his cash would later be accused of duping investors and, in Rhodes’ words, “abscond” with a chunk of the loot.  

Rhodes and Eddie Tipton, former security director for the Multi-State Lottery Association, recently pleaded guilty to rigging the Dec. 29, 2007, Megabucks drawing advertised at $2 million. They agreed to refund Wisconsin the $783,000 payout and an additional $18,100 apiece to cover the state tax refund.  

Investigators say Tipton installed computer code that allowed him to predict winning numbers on three days of the year, and that he worked with Rhodes, his brother Tommy and other associates to buy winning tickets and claim prizes worth millions in multiple states. Tipton and his brother pleaded guilty last week in Iowa, where the lottery association is based.  

Rhodes, a 49-year-old father, pleaded guilty and cooperated with investigators in exchange for probation. He disclosed the offshore scheme in a deposition under questioning from Tipton’s lawyer, Dean Stowers, who called it money laundering and tax fraud.  

Rhodes, who did not return a message seeking comment on his testimony, employed Tipton at a Houston tech company in the 1990s and they became friends. Tipton supplied him with notecards listing dozens of potential winning combinations before the Wisconsin drawing, and Rhodes bought them, including the winning ticket.  

With Tipton’s encouragement, Rhodes formed a limited liability corporation, called Delta S Holdings, to claim the prize. Rhodes had previously visited the lottery association’s office and both worried their ties would be discovered if Rhodes was listed as the winner. The LLC filed a lawsuit to obtain the prize after Wisconsin lottery officials said they couldn’t pay the corporation without a court order.  

Rhodes said he then turned to experts for tax planning advice on his windfall, buying a plan that “allowed me to get a tax refund.”  

Under the arrangement, Rhodes sent $450,000 to Bancroft Life & Casualty ICC Limited in St. Lucia to buy an “insurance policy” for Delta S Holdings. His tax returns claimed the purchase as a business expense, producing refunds when the governments determined they withheld too much of the prize.  

Bancroft recruited tax-weary, wealthy individuals to invest in its insurance. Customers would buy expensive policies that their businesses didn’t need but could write off. Bancroft would loan back up to 70 percent of their premium payments.  

Rhodes received a $250,000 loan from Bancroft after buying his policy. He also received an insurance claim for $75,000 for “regulatory changes” that he said harmed Delta S Holdings, even though it never did any other business. Asked what regulations had changed, Rhodes testified, “I don’t remember.” He said its prospects in “real estate” and “consulting” never materialized.  

Rhodes said Tipton wasn’t told about the offshore deal until later and received none of the refunds. He said the deal went sour in 2012, when Bancroft became insolvent and the company “absconded” with $150,000 his LLC had left.  

“I started getting insurance account records that say all of the money that Delta S Holdings had put there through paying the premium was gone,” he said. “Some expletives followed on my part, you know, what … happened to whatever money was there to pay insurance claims? Well, there is none.”  

 

Source: Wisconsin State Journal

How a Security-Only Network Can Limit Risks from Data Breaches

posted Jul 6, 2017, 11:09 AM by Resty Manapat

A security-only network delivers a higher level of protection while not impacting business critical systems 

Cyber attacks are one of the greatest threats facing global businesses today. Hardly a day goes by that there is not a report of another company suffering at the hands of hackers breaching their networks and stealing sensitive customer or proprietary business data. According to the Identify Theft Resource Center (ITRC), there were 781 known data breaches in 2015. This is the second-highest number on record since tracking began in 2005. 

Although data breaches and cyber attacks are real risks for all type of public and private organizations, retailers are particularly vulnerable to these crimes. In this competitive industry, these crimes can have devastating effects on consumers and potentially damage the retailer’s brand and corporate reputation beyond repair. 

Furthermore, cyber-crimes do not target one class of retailers. Over the past several years, retailers from superstores to supermarkets have reported data breaches, where potentially millions upon millions of consumer debit and credit card information were exposed or comprised. 

Emerging Trends

In response to the threats presented by cyber-criminals, many retailers are physically separating the IT infrastructure for their networks based on their primary usage to limit exposure. A prime example is creating a separate network to run physical security applications from the network used for POS data. A security-only network is typically used to host the company’s security devices such as intrusion detection, video, access control devices and related devices along with building automation systems such as HVAC. 

Benefits

The benefits of these networks are multi-faceted. Not only does the security-only network deliver a higher level of protection, but it also offers faster speeds, more bandwidth and easier access to the network for loss prevention teams while not impacting business-critical systems. 

Further benefits to a separate network include nearly unlimited access to applications such as remote monitoring of video or remote investigations, allowing investigators immediate access to video and supporting data. Many times, loss prevention teams are relegated to downloading video for investigative purposes in the overnight hours, when the primary network is not being used for POS data. Easy access to video can reduce travel time to specific locations and associated expenses, as well as the time it takes to conduct the investigations. 

When the security network is monitored by a certified third-party provider, added benefits include advanced alerts of potential system failure or attempted breach of the network. The monitoring company can also ensure that the network is adhering to the latest network security protocols and has updated anti-virus software at all times. 

Who Should Consider It?

Any type of retailer that is looking to provide a safer and more secure environment for its customers’ data while maintaining a higher level of security for its business critical operations is a candidate for a dedicated security-only network. 

Selecting a Third-Party Provider

When considering a third-party provider for security-only networks, traditional IT companies that design and implement standard networks may not be your best option. Selecting a company that has the proper certifications for designing networks as well as deep industry knowledge of security devices and how they need to work together will greatly enhance the overall end result. 

Certifications such as Cisco Cloud and Managed Services Partner Certification, Meraki Certified, Sonicwall Certified, and security product-specific certifications will ensure successful system integration. Cisco Cloud and Managed Services Partner certification recognizes companies who have attained the expertise in the planning, designing, implementing and supporting of cloud or managed services based on Cisco platforms. 

Steps to Consider

One of the first steps is to identify the circuit requirements for the security-only network. Understanding what types of applications are going to be running on the network and how much bandwidth and speed is necessary to support the applications is key. Security-only networks are often based on commodity broadband, so it is important to ensure that the carrier can deliver reliable service and speed at any given location. 

Once the network parameters of adequate circuit bandwidth are determined, additional considerations that must be designed into the system include remote (VPN) access and appropriate security measure and rules. At a minimum, there should be a strict password update rule both for duration of password life as well as re-use of passwords used in the past. Ideally, a consolidated security identification system should be established to ensure continuous monitoring of access with biometric or other proven security solutions as part of any access to the network. 

If any part of the network is wireless enabled, appropriate security for network access and ongoing traffic monitoring are essential. If they are not part of the system, monitoring to make sure that no additional devices with wireless capability are installed on the system. 

Firewall protection design is essential. With the advent of IPv6 and its inclusion in networks, there is a potential for security breach when tools designed for IPv4 are faced with IPv6 calls. 

Continuous monitoring for abnormal network traffic, behavior or attempted unauthorized access are discovered, rules for appropriate notification and/or lockout must be determined and enforced. 

Data Breaches: One Less Thing to Worry About

The growing threat of data breaches, cyber crime, and the high cost associated with remediating the aftermath of an attack, both in terms of hard dollars and the damage to brand reputation and customer trust, can be devastating to a retailer. 

Cyber-crime rates are escalating at exponential levels and cyber criminals will continue to grow more sophisticated in their approach. Now is the time to ensure your business is protected. 

The vice president of loss prevention for a leading international retailer summed it up by saying, “Deploying a separate network for security and having an independent team monitor it is one less thing that I need to worry about.” 

 

Source: LPM Insider

Your Credit Score May Soon Look Better

posted Jun 29, 2017, 1:58 PM by Resty Manapat

About 12 million people will get a lift in their credit scores next month as the national credit reporting agencies wipe from their records two major sources of negative information about borrowers: tax liens and civil judgments.  

The change stems from a lengthy crusade by consumer advocates and government officials to force the credit bureaus to improve the accuracy of their reports, which are often speckled with errors and outdated information. Those mistakes can limit borrowers’ access to credit cards, auto loans and mortgages, or saddle them with higher borrowing costs.  

Starting July 1, the three major credit reporting companies — Equifax, Experian and TransUnion — will enforce stricter rules on the public records they collect, requiring each citation to include the subject’s name, address and either their Social Security number or date of birth. Nearly all civil judgments and at least half of the nation’s tax lien records do not meet the new standards, and will be eliminated from consumer credit reports.  

The change will benefit borrowers with negative public records, but it will also help thousands of people who have battled, often in vain, to have incorrect information removed from their files.  

“We’ve filed hundreds of lawsuits over this,” said Leonard Bennett, a consumer lawyer in Alexandria, Va. “Comprehensively fixing it hasn’t been something the industry has prioritized.”  

That began to change two years ago, when a coalition of 31 state attorneys general cracked down on the credit bureaus and negotiated a deal that required sweeping changes to their practices. (New York’s attorney general had previously reached a separate settlement with similar terms.) The credit bureaus have already made some adjustments, like removing traffic tickets and court fines from their files, but next month’s changes will have the broadest effects yet.  

Around 7 percent of the 220 million people in the United States with credit reports will have a judgment or lien stripped from their file, according to an analysis by Fair Isaac, the company that supplies the formula that generates the credit scores known as FICO.  

Those people will see their scores rise, modestly. The typical increase will be 20 points or less, according to Fair Isaac’s analysis. (FICO scores range from 300 to 850. Higher is better; lenders generally prefer people with scores of 640 and above.)  

The biggest beneficiaries, consumer advocates say, will be those who are spared the frustration of trying to fix errors. False matches have been a common problem. Without the kind of additional identifying information that will now be required, a court record showing a judgment against Joe Smith can easily wind up on the wrong Joe Smith’s credit report. (Last week, a California jury awarded $60 million to a group of consumers who said TransUnion falsely flagged some of them as terrorists and drug traffickers because it had mistaken them for others with similar names.)  

Starting next month, the credit bureaus will also be required to update their public records information at least once every 90 days.  

That change pleases Brenda Walker, a Virginia resident with a pending lawsuit against TransUnion over the company’s monthslong delay in amending her report to show that a tax lien had been satisfied.  

Ms. Walker said she had been turned down for credit cards, a car loan and a student loan she tried to take out for her daughter’s education. “It wreaked havoc,” she said. “My credit score was so damaged from something that had already been paid and released.”  

The flip side of the change, lenders warn, is that some borrowers may now appear more creditworthy than they actually are.  

“This removes information from the picture that our customers get about what a borrower has done in the past,” said Francis Creighton, the chief executive of the Consumer Data Industry Association, which represents credit reporting companies. “If someone has a big bill that they owe, that’s something that should be part of the conversation.”  

But when the two largest credit scoring companies, Fair Isaac and VantageScore, tested what happens when tax liens and civil judgments are removed, both found that it did not meaningfully change the snapshot provided to lenders on most borrowers.  

More than 90 percent of people with a negative public record have other negative information on their credit file, like late payments, according to FICO’s analysis. VantageScore experimentally tweaked its model to focus on other data points, like the number of credit cards a borrower has with high balances, and found that the predictive value was almost identical.  

“Not surprisingly, those with civil judgments and tax liens are likely to have lots of other credit blemishes,” said Ethan Dornhelm, Fair Isaac’s principal scientist. “These changes aren’t going to bring those people into the tiers where they’re going to qualify for prime credit.”  

As public records disappear from the big bureaus’ reports, other data providers are eager to step in and fill the gap. LexisNexis Risk Solutions has for years gathered public records information from about 3,000 jurisdictions around the country and sold it to the credit bureaus. Now, with that business drying up, the company is marketing its own Liens and Judgments Report to lenders.  

Because LexisNexis is not a party to the credit bureaus’ settlement, it is still free to sell that information, said Ankush Tewari, a senior director with LexisNexis Risk Solutions. The company can accurately link people to their public records, even without identifying information like a Social Security number, with an error rate of less than 1 percent, he said.  

As the credit bureaus continue to work through the settlement terms, further changes are coming. Starting in September, their reports will eliminate medical debt collection accounts that are less than six months old, a change intended to reflect the sometimes-lengthy process of sorting out health insurance reimbursements.  

Also that month, all data furnishers — the companies that provide information about consumers to the credit bureaus — will be required to include each individual’s full name, address, birth date and Social Security number in their reports.  

 

Source: The New York Times

1-10 of 153