News by Professionals 4 Professionals

Minnesota

Reference Library – USA – Minnesota

Michigan attorney general joins 9 AGs to oppose ballast water bill

Michigan Attorney General Bill Schuette is joining nine other attorneys general to oppose a bill in the U.S. Senate. It would change how ballast water in ships is regulated. Invasive species can hitch a ride in ballast water. The bill would create a single, national standard and pre-empt states from creating their own standards.

The shipping industry likes that. But the attorneys general are concerned about losing the ability to have stricter state standards. Attorney General Schuette did not grant an interview for this story. But in a letter to Senators Mitch McConnell and Charles Schumer, the AGs say the bill would dramatically weaken defenses against invasive species. From the letter:

The Clean Water Act requires the U.S. Environmental Protection Agency (EPA) to scientifically develop and regularly improve uniform minimum pollution treatment standards, and then incorporate them as discharge requirements in permits that are renewed every five years. The Commercial Vessel Act takes the radical step of eliminating these vital Clean Water Act protections and relegates EPA the federal agency with the greatest knowledge and experience in addressing water pollution to an advisory role. The Commercial Vessel Act vests primary responsibility for controlling vessel pollution with the U.S. Coast Guard, an agency mainly focused on homeland security that has little water pollution expertise. Right now, the EPA and the Coast Guard share authority for regulating ballast water. The bill would make the Coast Guard the lead agency.

Rebecca Riley is a senior attorney with the Natural Resources Defense Council in Chicago. She says the bill would weaken the EPA s authority.

It would exempt ballast water from the Clean Water Act, and the Clean Water Act is a law with a long track record for protecting our waters and making them as clean as they possibly can be. The whole point of this legislation is to exempt ballast water from the Clean Water Act s protections, she says. Senator Roger Wicker from Mississippi sponsored the bill. His office said he was not available for an interview, but his press secretary sent this statement:

The bill (S.168) would create nationally uniform, science-based standards for ballast water discharges that would be consistent with the highest standards technologically possible. By creating a single national standard, ballast water management system manufacturers should be able to more quickly improve their technology. Although the Coast Guard would only review the standards once every ten years, Governors would be authorized to petition the Secretary to review more stringent standards. If those standards could be achieved and detected, and the technology and systems exist and are commercially available, they would become the new national standard.

The USCG is charged with 11 statutory missions. Of those, one relates specifically to environmental protection Marine Environmental Protection. The Coast Guard s Marine Environmental Protection program develops and enforces regulations to avert the introduction of invasive species into the maritime environment, prevent unauthorized ocean dumping, and prevent oil and chemical spills. As a result, the Coast Guard dedicates considerable resources to this mission. Charging the Coast Guard with the development of a national standard for ballast water regulations makes sense as the agency is already partly responsible for the development of ballast water standards and regulation, certification of ballast water technology, and enforcement of ballast water regulation.

Those opposed to the bill say it puts commercial shipping interests on equal footing with environmental protection.

Now you can go through MSP airport security with a fingerprint or iris scan

  • Now You Can Go Through MSP Airport Security With A Fingerprint Or Iris Scan

    Clear biometric-scanning terminals set up at major U.S. airports let registered users go through security with a fingerprint or iris scan. the Minneapolis-St. Paul International Airport will get five such terminals by April. (Clear)

  • Now You Can Go Through MSP Airport Security With A Fingerprint Or Iris Scan

    Fliers can sign up for Clear biometric scanning in a jiffy using registration terminals (separate from security check-in terminals) at major U.S. airports. (Clear)

  • Now You Can Go Through MSP Airport Security With A Fingerprint Or Iris Scan

    Clear says it’s a snap to sign up for biometric scanning, but company staffers will typically be on hand to assist at major U.S. airports. (Clear)

  • Now You Can Go Through MSP Airport Security With A Fingerprint Or Iris Scan

    Clear users not only get identify themselves in a jiffy with a biometric scan but also get dedicated lanes that speed them through airport security. (Clear)

Going through airport security can be wildly inconsistent. You never know if you ll be line for just a few minutes, or for an hour or more. Technology now available at the Minneapolis-St. Paul International Airport could make this annoying process a lot more predictable and expeditious while adding a touch of sci-fi pizzazz. New York City-based Clear has installed terminals that use biometrics as in fingerprint and eyeball-iris scanning to identify travelers in a jiffy. Five of these terminals are set up in the airport s Lindbergh terminal, three at the southern checkpoint and two at the northern one.Now You Can Go Through MSP Airport Security With A Fingerprint Or Iris Scan[1]

Such a fingerprint- or eyeball-scanning procedure looks to speed up check-ins for registered Clear users because they get dedicated lanes that no one else can use. The Twin Cities airport now has two such express lanes.

In practice, Clear users could find themselves whipping through security time after time while others cool their heels in long, pokier-moving queues. Clear users would still have to go through metal detectors and bag scanners but would hypothetically get to those much more quickly.

Our customers love the predictability, said David Cohen, Clear s chief administrative officer. The Twin Cities airport is the 21st such facility to get Clear terminals; Los Angeles International Airport is due to get the technology soon. Clear recently deployed at airports in Atlanta, New York City, Washington, D.C. and Washington State. It equipped its first such facility, Orlando International Airport, in 2010.

The company, while authorized to operate by the TSA and the Department of Homeland Security, does not work directly with the federal government. Instead, it makes deals with airport authorities that include the Metropolitan Airports Commission, which owns and operates the Twin Cities airport.

We are pleased to partner with Clear to provide one more option travelers can use to reduce their security checkpoint wait time, said Brian Ryks, executive director and CEO of the Metropolitan Airports Commission, in a statement. Clear s presence at a growing number of airports means many travelers will be able to use the service at both ends of their trip.

[embedded content]

The Twin Cities airport also has a handful of registration terminals for travelers who want to get set up with the system. This is a three-step process. First, they answer detailed questions based on their personal histories, like where they lived and what kinds of cars they owned. Second, they have their IDs such as their drivers licenses, passports or military cards scanned and verified. Third, they have their 10 fingerprints and two irises scanned and registered. Clear claims the automated registration takes all of five minutes, and registrants can begin using the service right away. Getting through security at that point requires only a boarding pass along with a fingerprint or iris scan. A fingerprint scanner is at waist level on the front of the scanning unit, with the iris scanner at eye level.

Soon, even the boarding pass may become superfluous. Clear said it recently conducted a trial at the Mineta San Jos International Airport that required only a biometric scan, which automatically dredges up the travelers boarding information for processing.

Clear is entirely separate from TSA PreCheck[2], a sped-up check-in service that lets travelers keep their shoes and belts on and their laptops in their bags. But, if the programs are used together, travelers can potentially get through security in only about five minutes, the company claims.

When used in combination with the TSA s PreCheck, it s like the Golden Certificate in Willy Wonka s Chocolate Factory, said Andy Abramson, CEO of the California-based Comunicano public-relations agency.

It is incredibly easy to sign up and go through the necessary steps to participate including having my fingerprints and irises scanned, thus allowing me to have my identification authenticated via biometrics, said Steve Loucks, chief communications officer at Plymouth-based Travel Leaders Group.

It was especially easy for me since I already have TSA PreCheck, Loucks said. The entire process took me less than five minutes at the San Francisco Airport, and once I went through the process, I was immediately escorted to the front of the TSA PreCheck line. All told, it was a very pleasant and surprisingly fast experience. Professional comedian and frequent traveler Dan Nainan said, Have you ever tried to fly out of Las Vegas? Even the TSA PreCheck line can be astronomical. I love how Clear clears you (there is never a line) and then they escort you to the front of the line and you actually get to cut in front of everyone and they put your bags on the belt and people are like, Who is this guy? It s fantastic. Clear is a paid commercial service, but registrants get the first month for free. After that, it officially costs $179 a year, though it is often running specials.

Delta Airlines fliers qualify for discounts that include $99 annual memberships for SkyMiles users, $79 annual memberships for Platinum, Gold and Silver Medallion members, and free annual memberships for Diamond Medallion users. The airline has a 5 percent stake in Clear. Adult users can register a spouse for $50, and children under 17 get to use the service for free. Clear recently logged 700,000 registered users and said it s now well on its way to the million mark. With the Twin Cities and Los Angeles airports on board, it claims it will have a presence at facilities used by a majority of U.S. air travelers.

Clear is also offering its technology to sports stadiums[3]. It is using biometric check-ins at Yankee Stadium, the New York Mets Citi Field, the Miami Marlins Marlins Park, the San Francisco Giants AT&T Park, and the Colorado Rockies Coors Field.

[embedded content]

References

  1. ^ Clear (www.clearme.com)
  2. ^ PreCheck (www.tsa.gov)
  3. ^ sports stadiums (sports.clearme.com)

Hacker ‘Rasputin’ Breaches Cornell, Attempts to Sell Access

A notorious Russian-speaking hacker has breached more than 60 universities and agencies including Cornell University and is attempting to sell unauthorized access to the agencies for profit, according to a report[1] from a private internet intelligence company. The list of victims, published by Recorded Future, ranges from the City of Pittsburgh to the National Oceanic and Atmospheric Administration to 25 universities including New York University, Rochester Institute of Technology, the University of Oxford and Cornell. A Russian-speaking hacker, dubbed Rasputin, is behind the breaches, according to Recorded Future, and is attempting to sell access to the victims networks for economic gain.

Leaderboard 1

Wyman Miles, chief information security officer at Cornell, referred inquiries to Director of Media Relations John Carberry, who declined to comment on the breach. Cornell also declined to comment in December on a foreign-government sponsored hack of the ILR School in 2014[2], which IT administrators said was the biggest state-sponsored cyber breach of Cornell ever, The Sun previously reported[3]. The same method used in the ILR School breach SQL injection, in which instructions are entered into a website s data field was used in the most recent breaches, according to Recorded Future. There is no indication that Rasputin was behind the 2014 hack of Cornell.

Leaderboard 2

The FBI, which also declined to comment for this article, helped notify at least one university that it had fallen prey to Rasputin, who reportedly[4] also attempted to sell access to the U.S. Election Assistance Commission in 2016. Michael Story, interim chief information security officer at the University of California, Los Angeles, which is on list of breached universities, told The Sun that the long list of hacked agencies is sure to raise eyebrows, but provides little information about the severity and context of the hacks. UCLA had already fixed its breached website by the time Recorded Future published its report, Story said.

We had already remediated the site. The site was a trivial site that didn t have any valuable data.

Cornell has not disclosed any details of the hack, including its severity and which departments or websites were affected, making it impossible to know the seriousness of the hacker s breach of Cornell or if the vulnerability has been fixed.

Hacker 'Rasputin' Breaches Cornell, Attempts To Sell Access

Recorded Future

More than 60 government agencies and universities ranging from the City of Pittsburgh to the University of Oxford were breached by Rasputin. Marc Hoit, vice chancellor and chief information officer at North Carolina State University, told The Sun in an email that one site at NC State was breached and taken down. The site was rebuilt, patched and is now up and running, he said.

No real damage and it was a minor site, Hoit said in an email. Robert Pruett, the director of technology support at The University of Mount Olive a small, private college in North Carolina that was also breached by Rasputin said the hacker had only managed to infiltrate an old survey website that had little, if any, information.

We re in the same boat as RIT, so we shouldn t feel bad, Pruett said, referring to the prestigious technology university in Rochester. We had a SQL injection [breach] on a survey data program. That s the extent of the breach on us.

Pruett said the FBI, and not Recorded Future, notified The University of Mount Olive directly, and when they informed the university that there had been a breach, the technology team was able to find and patch the vulnerability. When Recorded Future determined that universities were one of the major groups targeted by Rasputin, it contacted the Research Education Networking Information Sharing and Analysis Center (REN-ISAC), which has 543 member institutions, on Feb. 7 to ensure schools were aware of the hack. Scott Finlon, principal security engineer for REN-ISAC, said Recorded Future sent the center a list of website addresses of universities that were breached as part of the Rasputin hack and REN-ISAC passed them along to the affected schools.

Humboldt State University in northern California was also a victim of Rasputin, but the university said IT staff quickly patched the vulnerability after they were notified on Feb. 8 and no confidential data was accessed. A training website that was in partial use by the human resources department contained a bug that allowed external visitors to view registration information, the university s IT department said in a statement. St. Cloud State University, a public university in Minnesota that enrolls about 15,000, was also breached by Rasputin.

Darrin Printy, senior IT security program lead at the university, told The Sun the hack does not appear to be serious, although the University is still investigating.

So far, it seems to be minor, Printy said. We re still trying to understand what s really going on and why we made the list. Printy said he learned of the breach from Recorded Future, but the company s notification letter included few more details than that the company was going to publish a list and St. Cloud State University was going to be on it. Printy has since reached out for more information, he said, but received little back. The hacker s method, SQL injection, is a popular way to infiltrate websites and there are many free applications available to detect vulnerabilities.

Rasputin, however, is using a proprietary application he developed to find and exploit these coding flaws, according to Recorded Future.

Cornell was first contacted for comment on Friday and did not respond to additional requests for comment Tuesday.

References

  1. ^ report (www.recordedfuture.com)
  2. ^ a foreign-government sponsored hack of the ILR School in 2014 (cornellsun.com)
  3. ^ The Sun previously reported (cornellsun.com)
  4. ^ reportedly (www.recordedfuture.com)
1 2 3 940