Attacks/Breaches
2/22/2013
12:07 PM
50%
50%

Hacktivists Prep For International Open Data Day

On Saturday, International Open Data Day, cities around the world will host hackathons in an attempt to reveal useful applications of government data.

Want to try your hand at hacking for the possible good of the public? Here's your chance: Saturday, February 23, is International Open Data Day.

The event is intended to be a "gathering of citizens in cities around the world" to write applications, liberate data, create visualizations and publish analyses using open public data to "show support for and encourage the adoption of open data policies by the world's local, regional and national governments." The aim is not simply to build applications based on open data, but to build the international open data community and extend existing applications to other locations.

One example being cited by the event's backers comes from the U.K., where 16-year-old Isabell Long, an attendee of the 2010 open data hackathon, created an app called govspark to help British civil servants better monitor their energy usage. In the U.K., hackathons are scheduled in Dundee, Edinburgh (where it's being hosted at the University), London, Newcastle upon Tyne and Sheffield. Events are being held all over the world; check here to see if your city is hosting.

[ What security issues are most troubling to U.K. companies? Read U.K. Public Sector's Top Security Worries. ]

This will be the third Open Data Day. According to its website, the day resulted from "an international brainstorm" among developers convinced of the social utility of government data as the basis for mash-ups and applications. Canadian data activist and open government figure David Eaves set up the first one in late 2010, when 60 hackathons took place.

Simon Dennis, director of central government activities at the U.K. subsidiary of analytics vendor SAS, said, "This Saturday, citizens, entrepreneurs and businesses alike will learn how they can personally capitalize on the information being made available through global Open Data initiatives."

Dennis continued, "The purpose of opening up data is all about creating economic opportunities, cultivating innovation and making our lives more efficient. Governments around the world have started to realise this, which is why they are making anonymized information available to the general public. Open Data Day is a very promising step towards educating the public about the value of data and how it can be used to innovate and create. Hopefully, it will also act as reminder to the U.K. government that it too can capitalise on the sharing of citizen insights horizontally across the entire public sector."

However, the U.K. government says it is already an open data convert, at least as a basis for such public sector-friendly applications. In December, it invested $12 million/£8 million in initiatives like a new $11.4 million/£7.5 million Data Strategy Board Breakthrough Fund and a new $1.3 million/£850,000 Open Data Immersion Program.

Minister for the Cabinet Office Francis Maude said at the time, "This new funding will help us to exploit the power of open data to fuel social and economic growth [and] will free up more data for commercial exploitation and help drive innovation in public services."

If you decide to share your expertise on Saturday, good luck!

Rick Falkvinge, the founder of the Swedish Pirate Party and a campaigner for sensible information policy, will present the keynote address at Black Hat Europe 2013. Black Hat Europe will take place March 12-15 at The Grand Hotel Krasnapolsky in Amsterdam.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2208
Published: 2014-12-28
CRLF injection vulnerability in the LightProcess protocol implementation in hphp/util/light-process.cpp in Facebook HipHop Virtual Machine (HHVM) before 2.4.2 allows remote attackers to execute arbitrary commands by entering a \n (newline) character before the end of a string.

CVE-2014-2209
Published: 2014-12-28
Facebook HipHop Virtual Machine (HHVM) before 3.1.0 does not drop supplemental group memberships within hphp/util/capability.cpp and hphp/util/light-process.cpp, which allows remote attackers to bypass intended access restrictions by leveraging group permissions for a file or directory.

CVE-2014-5386
Published: 2014-12-28
The mcrypt_create_iv function in hphp/runtime/ext/mcrypt/ext_mcrypt.cpp in Facebook HipHop Virtual Machine (HHVM) before 3.3.0 does not seed the random number generator, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging the use of a single initial...

CVE-2014-6123
Published: 2014-12-28
IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through 8.5.0.1 and Security AppScan Source 8.6 through 8.6.0.2, 8.7 through 8.7.0.1, 8.8, 9.0 through 9.0.0.1, and 9.0.1 allow local users to obtain sensitive credential information by reading installation logs.

CVE-2014-6160
Published: 2014-12-28
IBM WebSphere Service Registry and Repository (WSRR) 8.5 before 8.5.0.1, when Chrome and WebSEAL are used, does not properly process ServiceRegistryDashboard logout actions, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.