Sunday, December 31, 2006

Something to ponder...

http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2005/11/26/war26.xml&sSheet=/portal/2005/11/26/ixportal.html

World War Three seen through Soviet eyes

By David Rennie in Warsaw Last Updated: 12:58am GMT 26/11/2005

The nightmare of nuclear war in Europe - a spectre that haunted the world for half a century - stood revealed yesterday in terrible detail.

In a historic break with the past, Poland's newly elected government threw open its top secret Warsaw Pact military archives - including a 1979 map revealing the Soviet bloc's vision of a seven-day atomic holocaust between Nato and Warsaw Pact forces.

... The decision to unveil the Warsaw Pact documents is one of the first moves of Poland's new conservative government. Mr Sikorsky described it as an attempt to draw a line under the country's Communist past, and "educate" the Polish public about the old regime.

He did not deny that the opening of the archives will be seen as a provocation in Moscow. Russian-Polish relations have sharply deteriorated recently, amid rows over a planned oil pipeline, and Polish support for democratic revolutions in Russia's backyard, first in Ukraine, and now Belarus.

... The files being released would include documents about "Operation Danube", the 1968 invasion of Czechoslovakia. They also included files on an army massacre of Polish workers in Szczecin in the 1970s, and from the martial law era of the 1980s.



If you don't pay an annual license fee your windows won't roll down? (Don't be silly! That's a feature, not a problem!) The comments are priceless!

http://slashdot.org/article.pl?sid=06/12/30/155254&from=rss

Near-Future Fords to Feature Windows Automotive

Posted by CowboyNeal on Saturday December 30, @11:15AM from the clippy-is-my-copilot dept. Windows Technology

dpbsmith writes "The Detroit Free Press reports that a Windows Automotive software suite named Sync will be featured in some cars available Spring 2007, all 2008 Ford models, and Lincoln and Mercury models later. The software does not, apparently, run the engine or do anything directly connected with transportation. It will, rather, allow the user to 'use their vehicle as a computer in key ways, such as hands-free cell phone calls or downloading music or receiving e-mail.' Bill Ford and Bill Gates were reported as saying that having high-definition screens in vehicles, speech recognition, cameras, digital calendars and navigation equipment with directions and road conditions will set car companies apart from their competitors in the future. 'There are going to be those who have it and those who don't. And even those who get it later are going to be a generation behind,' Ford said."



Evidence that they are doing everything backwards?

http://www.bespacific.com/mt/archives/013404.html

December 29, 2006

FCC Media Bureau Posts Staff Reports and Studies

Press release: "he Media Bureau of the Federal Communications Commission (FCC) today made public Media Bureau staff reports and studies on media ownership and related issues in response to a request from Chairman Martin. Media Bureau staff provided copies of all studies and reports, draft or final, regarding media ownership, minority ownership, and localism and related issues that were worked on over the past several years. These studies and reports are now being made available to the public on the FCC's main website [here]."



Could be interesting. Why aren't these created as class projects – on almost any topic?

http://www.bespacific.com/mt/archives/013412.html

December 30, 2006

Pennsylvania Constitution Website at Duquesne University School of Law Announces Major Updates

Via Joel Fishman, Ph.D., Asst. Director for Lawyer Services: "The Pennsylvania Constitution Web Site at Duquesne University School of Law has been updated with more than 20,000 pages and a newly-designed web site,

  • The colonial constitutional documents are now available (Charter to William Penn, Great Law of 1682, three frames of government and the
    charter of privileges of 1701) from the Pennsylvania Legislative Reference Bureau, along with each of the state's constitutions in full text along with all amendments (1776, 1790, 1838, 1874, and 1968).

  • The constitutional debates of each convention are now available except for two volumes from the 1837 convention still needed to be scanned) as well as the 1920 and 1959 constitutional reports. These materials as well as those listed below are all in PDF format.

  • There are three treatises on the constitutions: Charles Buckalew and Thomas White on the Constitution of 1874, and Robert Woodside on the Constitution of 1968.

  • Under Digests and Citators, we have added the Pepper & Lewis's Digest of Decisions and Ecylcopedia of Laws published early in the twentieth century (one of the predecessors to the West digest system) and George Henry's Digest of Decisions that cumulates the decisions from the single volumes of James Monaghan, a court reporter of the Pennsylvania Supreme Court in late nineteenth century. A citator to early constitutions is in preparation.

  • A collection of Pennsylvania attorneys-general opinions from 1954 to 2006 have been added (Westlaw and Lexis only go back to 1977).



I think I'll submit a few of my own, like: “Free is good!” “Half the world is below average!” “My driveway is full of global warming!” etc.

http://digg.com/tech_news/Meanings_and_origins_of_popular_phrases_sayings

Meanings and origins of popular phrases/sayings

An awesome web site dedicated to the meanings and origins of popular phrases and sayings. Whether you want to resolve a friendly argument over how a saying or phrase originated or whether you just enjoy words, you'll probably find something here to interest you. Very cool!

http://www.phrases.org.uk/meanings/index.html



...so, this five-year- old has a good credit rating?

http://www.wroctv.com/news/story.asp?id=25889&r=l

5-year-old vicitim of identity theft

12/29/2006 6:00 PM (Dave McKinley, WROC-TV)

Imagine having to deal with the frustration of having your identity stolen, and fighting bills piling up in your name...now imagine that instead of your identity that was stolen, it's your five-year-old son's.

... It seems her ex---the boys father--used his name and social security number, to get utilities through RG&E and to avoid a costly fee due of his own bad credit.

She called sheriff's deputies, who told her they needed the account information to file a report--

RG&E initially told her they couldn't release that unless she had a police report...and even then only to the actual victim.

... RG&E eventually gave her the information, which she took to police but she says rather than charge her ex ---they decided to give him a good talking to instead.

"I think he should be arrested for this," says Phillips.

And not because of a soured relationship, but because of a law which requires credit reporting agencies to provide victims of identity theft seven years of fraud alert at no charge.

"So I have to pay for credit reports because, technically, there's no crime committed because they elected to let him skate on it."



Holy iPod, Batman! (Can the godless politicians be far behind?)

http://www.technewsworld.com/rsstory/54933.html

The Miraculous Ascent of Godcasting

By Frances Grandy Taylor The Hartford Courant 12/31/06 4:00 AM PT

On the Internet, the smallest city storefront and the biggest suburban mega-church can compete equally for viewers and listeners. Churches that aren't technologically savvy can take advantage of fee-based services that convert sermon tapes and CDs to a format that can be downloaded.

There was a time when you had to attend a church to listen to the weekly sermon, or become a regular member to hear a choir whose music you really love.

These days, thanks to MP3 players, you don't actually have to be there.

A Web site called Godcast1000.com has been launched to help users "put God on your iPod." It bills itself as the largest free directory of Christian music, sermons, video and Bible study on the Internet. It lists more than 500 digital audio files that can be downloaded from the Web site to a computer or iPod.

Even Praying Field [God puns? Bob]

On the Internet, the smallest city storefront and the biggest suburban mega-church can compete equally for viewers and listeners. In fact, the church doesn't even have to be in the United States.

"One of the most popular sites on the directory is Preachtheword.com, which [features] sermons by Pastor David Legge at his church in Northern Ireland," says Lee Raney, president of Christian.com, a Web portal that links to Godcast1000.com.

"Thirty years ago, a pastor like [Legge] would have to be as big as Pat Robertson to reach people through television and radio," Raney says. "Now any church can start a podcast and reach people anywhere in the world."

Spiritual Samples

A sampling of the wide-ranging content on Godcast1000.com:

  • "Hardcore Christianity," which features a preacher who wears dark glasses and a backward baseball cap.

  • "Jesus Geek," the spiritual musings of a Christian home-schooling father.

  • "Pod Bible," a daily reading of the Bible by people of all ages.

  • Offerings from dozens of Catholic, Episcopal, Lutheran and non-denominational Christian churches across the country.

Business Angle

The Rev. Shaun Olsen of the Family Worship Center in suburban Dallas, says he turned to "godcasting" for the first time last year to reach members of his congregation who travel.

The church's podcast includes the entire Sunday service.

"We also have hundreds of missionaries attached to this church who are serving around the world in India, Pakistan and South Africa, and that enables them to listen to the service back home. We've gotten a great response, especially from the business community."

Churches are also using podcasts to reach regular worshippers in new ways, says Raney, who adds that churches that aren't technologically savvy can get help through the Web site's Sermoncast program, where sermon tapes and CDs can be converted for a fee to a format that can be downloaded.



Good on them!

http://hosted.ap.org/dynamic/stories/S/SELLING_SNOW?SITE=VALYD&SECTION=HOME&TEMPLATE=DEFAULT

Dec 31, 7:15 AM EST

Colorado Woman Selling Snow on eBay

LOVELAND, Colo. (AP) -- As if Colorado residents don't have enough snow to dig out from, one resident is offering more for a price on eBay. Starting bids were holding steady Friday at 99 cents for snow from "Blizzard I and Blizzard II" being offered by Mary Walker. She and husband, Jim, got the idea for selling snow after shoveling mounds from two storms a week apart that together dumped more than 4 feet along the Front Range.

"I figured eBay has ghosts and all sorts of weird stuff, so why not snow?" said Walker, who teaches business workshops on employee communications.

How much snow 99 cents or whatever the winning bid gets depends. Walker's auction notice suggests avoiding shipping and handling charges by stopping by their home and picking it up - in a dump truck.

Only 10 offerings of snow are available and the proceeds are earmarked for a used snowblower for Jim or a pair of shovels.

She says she doesn't really expect to find a buyer for their blizzard overstock.

"We just wanted to just give some folks a laugh," she said.

--- On the Net: http://www.ebay.com (search for "genuine Colorado snow")

Saturday, December 30, 2006

Of course it's an isolated incident, you never got caught before!

http://www.pogowasright.org/article.php?story=20061229090506503

Prescription documents found in Winnipeg alley

Friday, December 29 2006 @ 09:05 AM CST - Contributed by: PrivacyNews - Non-U.S. News

Shoppers Drug Mart says a man's discovery of hundreds of its prescription information documents strewn across a Winnipeg back alley was an isolated incident. A man discovered the documents, which include names, addresses, prescription information and health numbers, while walking past an alley behind St. Boniface General Hospital on Dec. 26.

Source - cbc.ca (via Canadian Privacy Law Blog)

[From the article: The man brought the papers — enough to stuff three shopping bags — to the CBC in Winnipeg on Wednesday.



er... The computer did it?

http://www.pogowasright.org/article.php?story=20061230002106827

Tax mailing has Social Security numbers visible

Saturday, December 30 2006 @ 12:21 AM CST - Contributed by: PrivacyNews - State/Local Govt.

When Wisconsin taxpayers pull their packets of 2006 state income tax forms out of their mailboxes, tens of thousands of them will see something even less welcome than the annual reminder of how much money they owe to Madison.

They'll see their Social Security numbers, printed right on the outside of the booklets - where identity thieves might be able to see them.

About 170,000 tax booklets were mailed with Social Security numbers on the address labels because of a computer programming error [Bullish! That is a management error! You never make untested changes to programs, and client managers (not the kid who makes the change) must sign off! Bob] at a printing company hired by the state, Meredith Helgerson, spokeswoman for the state Department of Revenue, said Friday.

Source - JS Online



Big plus fast equals organized?

http://www.grandhaventribune.com/paid/299204692597690.bsp

Credit card fraud case still under investigation

BY MARIE HAVENGA mhavenga@grandhaventribune.com

Federal officials are still trying to crack the credit card fraud case that apparently stemmed from late-summer purchases at Wesco fuel stations.

... In an age of fast-transit information, bad things can happen in the wrong hands, according to Murray. The problem appears geographically limited to West Michigan and Lakeshore consumers.

... Wesco worked with U.S. Secret Service agents and the U.S. Attorney's office to identify possible fraud and identity theft that allegedly occurred between July 25 and Sept. 7 at some of the company's 51 Michigan facilities. Wesco spokeswoman Ginny Seyferth said Thursday that there has been no incidents of questionable credit card activity since Sept. 7.

Some Tri-Cities residents experienced credit card statement charges during that timeframe from as far away as Tokyo, Spain and New York for purchases they denied making.

Although Murray said he wasn't allowed to disclose details of the investigation, he said the fraudulent charges totaled more than $3 million, which would be one of the largest heists to occur during such a short-time period.

"There have been some abusers identified," said Murray, who last month said several suspects were in custody. "We are taking steps to see if they can be interviewed, but they aren't necessarily the type of people who want to help law enforcement. We have no indication it was an inside job."

... "There's a substantial likelihood that the (credit card) numbers that were stolen were passed off to another group of people who abused them," Murray said. "It's possible to pass that information to anyone via the Internet. I think the (Wesco) problem was taken care of in the banks' process of generating new cards. About 20,000 cards were reissued, and I think the period of abuse is over. As a precaution, the banks reissued a larger number of cards than were actually abused."

... Murray added: "We don't think this will be the last such incident. That's why we're trying to learn more. We want to design a better system to understand and respond to these issues ... so that we can be better prepared in the future."




Perhaps they should have asked to compare (not reveal) the software in those machines with the software in other machines, then (if there are differences) they have an argument.

http://money.aol.com/news/articles/_a/judge-rules-against-ballot-computer/n20061229193309990007?ecid=RSS0001

Judge Rules Against Ballot Computer Check

By DAVID ROYSE AP Updated:2006-12-29 19:46:51

TALLAHASSEE, Fla. (Dec. 29) - A judge ruled Friday that the Democrat who narrowly lost the race to succeed Rep. Katherine Harris cannot examine the programming code of the electronic voting machines used in the disputed election.

Circuit Judge William Gary ruled that Christine Jennings' arguments about the possibility of lost votes were "conjecture" and did not warrant disclosing the trade secrets of the voting machine company, Election Systems & Software.

The Jennings campaign said it will appeal.

"It's shocking that there is more concern for protecting a company's profits rather than protecting our right to vote," Jennings said in a news release.

... Jennings has filed a complaint with Congress, the ultimate arbiter of who will fill the seat. Congressional Democrats said they will allow Buchanan to take his seat for now when the House convenes Thursday but will investigate.



...even though he owns the photographs?

http://www.pogowasright.org/article.php?story=20061230003010181

Wausau man accused of posting nude photos of ex-girlfriend on Web

Saturday, December 30 2006 @ 12:30 AM CST - Contributed by: PrivacyNews - Internet & Computers

A Wausau man was charged with felony identity theft for allegedly posting nude photographs [I never considered that... Must lead a sheltered life. Bob] of his ex-girlfriend on the Internet and encouraging random men to call her. Shawn Bauer, 29, also faces two misdemeanor charges related to the creation of a MySpace.com Web page featuring his ex-girlfriend, a 26-year-old Altoona woman.

Source - Journal Times



Do you suppose there is money to be made here?

http://digg.com/tech_news/100_RIAA_free_radio

100% RIAA free radio

This radio station has a 100% RIAA-free format. They discover different, better ways of listening to music "The independents just seem to be a bit more creative — likely because they’re not single-mindedly focused on selling their music to a lowest-common-denominator audience."

http://www.epiphanyradio.org/

[From the site: Some years from now, after the recording industry finishes its slow-mo implosion routine, this is how all music distribution will work.



If I do this, am I automatically a terrorist?

http://digg.com/programming/How_To_Hide_Files_In_A_JPG_Image

How-To Hide Files In A .JPG Image

Here is a tutorial on how to hide files in Jpg's. Please note it isn't the most secure method, because the information is stored in plain text but it's still cool to play with. A simple solution to make this more secure, is to use encryption on the RAR file when your create it, but thats not the point of this tutorial ...

http://zomgstuff.com/forum/showthread.php?t=3110



Let's see... We have their pictures, fingerprints, DNA... What else can we do to ensure the little darlings are kept safe from Osama?

http://www.khou.com/news/local/stories/khou061229_ac_eyescan.582d789e.html

Galveston County joins program to scan kids' eyes

08:03 AM CST on Friday, December 29, 2006 Associated Press

GALVESTON-- Galveston County became the first in Texas to purchase eye-scanning equipment as part of a national program to keep track of children by recording unique characteristics of their irises, [Must have missed that... Bob] officials said.

... The company, which sold the county two biometric scanners for $35,000, is working to build a national database dubbed the Children’s Identification and Location Database, or CHILD Project.

... Robert Melley, Biometric’s vice president and CEO, said the project wants to record the irises of 5 million children over the next few years.

We have 1,800 sheriff’s departments representing 46 states who have committed to participating,” he said.

... Leonard said he will work to win over any parents that might have privacy concerns about the iris scans.

Friday, December 29, 2006

Hope you weren't in a hurry for that passport...”

http://www.wsoctv.com/news/10622504/detail.html

Bag With Passport Applications Headed To Charlotte Is Found

POSTED: 11:58 am EST December 28, 2006

SALT LAKE CITY -- A bag with hundreds of passport applications was found at Los Angeles International Airport, nearly after a month after it was supposed to be shipped to a processing center in Charlotte, N.C.

"The applications appear to be intact and undamaged," said Kate Goggin, spokeswoman for consular affairs at the U.S. State Department.

The bag with more than 700 applications was reported missing Dec. 1. Most applications were from Texas and California but a handful were from Utah.

Before the bag was found, the State Department had notified people that it would pay for another round of applications.

The documents had personal information, including Social Security numbers. Goggin said she was unaware of any reports of identity theft.

"We're feeling very much that it was an isolated incident," she said, declining to disclose how the bag was found or what changes the department plans to make to ensure it doesn't happen again.



An article worth reading...

http://www.pogowasright.org/article.php?story=2006122820140131

First Line of Defense Against Data Security Breaches: Employees

Thursday, December 28 2006 @ 08:14 PM CST - Contributed by: PrivacyNews - Businesses & Privacy

As headlines continue to report data security breaches at an alarming rate, discussion often focuses on the need for enhanced technical controls, such as two-factor authentication and encryption, to protect sensitive, personally identifiable information. The role of the company employee, both as the cause of, and the first line of defense against, security breaches is often lost in the analysis. Yet developing law is increasingly requiring administrative or procedural controls, particularly those directed at employees, as a component of a legally compliant security program.

Source - Law.com



Another document for your security manager

http://www.infosecwriters.com/texts.php?op=display&id=526

Making Effective Use of Your Intrusion Detection System

by Jamie Riden on 23/12/06

The attacker has a lot of advantages on the Internet; he or she may be hard to trace and may have a great deal of time and equipment to spend mapping out a network's weak points before they launch an attack. Worms and viruses may be able to exploit weaknesses very rapidly before a human can carry out a proper incident response. However, the defender has two big advantages. Firstly, the administrator can achieve excellent visibility of what is happening on their network, via logs, audit trails and other monitoring systems. The second advantage is domain knowledge - the defender should have a good idea of what traffic can be expected from the various computers on the network, which makes it easier to detect attacks.

This document is in PDF format. To view it click here.



Who manages your web site?

http://www.seacoastonline.com/news/10282006/nhnews-ph-dov-church.website.html

Church's old Web domain converted into porn site

By Emily Aronson earonson@seacoastonline.com 12-29-2006

DOVER -- Hope Community Church is trying to spread the word about its new Web site and disavow its former domain name.

Because of an error, [This was a management failure, not a simple mistake. Bob] a pornography company bought the church's old domain name unbeknownst to the church.

... Pastor Steve Spearing said Friday the mix-up happened a few weeks ago when the church changed Internet service providers. Spearing said he believed [Blind faith is not a management tool Bob] the church could keep its Web site name, which contained the words "life" and "Christ."

But the old service provider put the address up for sale and it was bought by a pornographic Web site.

Spearing said he didn't realize the site had been sold [Failure to monitor? Bob] until he got a call from a Massachusetts woman who was interested in moving to the area and was doing research on the Internet about local churches.

"She asked what kind of a church we were and then she said, 'Do you know that your Web site is connected to a porn site,' and I said 'No, ma'am,'" Spearing said.

He said he was aghast, especially because the church had just handed out fliers with the old Web site name at Dover's Apple Harvest Day.

... "It will be interesting to see who shows up to church now," he said.



This approach makes it easier for Subway, and they likely gave no thought to privacy...

http://www.geekzone.co.nz/sbiddle/1923

**WARNING** Subway Subcards Privacy Issues.

General, posted: 28-DEC-2006 10:03

... Sunway launched these cards a few weeks ago but I only got around to picking mine up yesterday and the concept is cool - you buy your goods and card is scanned which credits your card/account with money for every sub you purchase and these can be used towards the purchase of a product once you have a minimum of $3.

... The scary part? Access to the website is by entering the 16 digit card number and 4 digit security code that is printed ON THE BACK of your Subcard for anybody to see! http://thor.evolution.co.nz/Subway-Customer/Login.html

If you lose your card anybody who finds it now has access to your personal details and can change them instantly online to be their own and also has access to any credit you have loaded onto the card.



Corporations ain't people?

http://www.pogowasright.org/article.php?story=20061228182157914

No Privacy for Sex Club Owner

Thursday, December 28 2006 @ 06:21 PM CST - Contributed by: PrivacyNews - Court Opinions

The federal appeals court in San Francisco has rejected an attempt by a Phoenix gay sex club's corporate owner to assert the privacy rights of its patrons in order to invalidate a city law that may be used to shut down the establishment. Ruling on December 22, the U.S. Court of Appeals for the 9th Circuit held that corporations do not themselves have privacy rights, and that the club cannot bring suit to vindicate the privacy rights of its "members."

Source - Gay City News



Tools & Techniques: Is your organization safe? (Note: The author is CEO of an encryption company)

http://scmagazine.com/us/news/article/623768/encryption-perfect-response-year-breach

Encryption a perfect response to the Year of the Breach

Phillip M. Dunkelberger, president and CEO, PGP Corporation Dec 27 2006 21:54

2006 will be recorded as the year that security breaches reached the consciousness and awareness of the mainstream consumer.

... A recent report by The Ponemon Institute showed that 81 percent of U.S. companies surveyed reported the loss of one or more laptop computers containing sensitive information during the previous 12 months.

... Take a look at just five of the reported stolen laptop incidents from this year:

· Metropolitan State College of Denver, Colorado - stolen laptops with names and Social Security numbers of students from 1996-2005: 93,000 records

· Fidelity Investments - stolen laptop with information of Hewlett-Packard, Compaq, and DEC employee retirement accounts: 196,000 records

· YMCA - stolen laptop with credit card and checking account information and names, addresses, and medical information of children in the program: 65,000 records

· U.S. Dept. of Transportation - a special agent's laptop was stolen with personally identifiable information for 80,000 Miami-Dade County residents, 42,000 Florida residents who hold FAA pilot certificates, and 9,000 other Florida residents: 132,470 records

· Mercantile Potomac Bank - laptop with confidential customer information was stolen when a bank employee removed it from the bank's premises, in violation of policy: 48,000 records

What jumps out from this list is that no industry is more prepared than any other when it comes to security breaches. In fact, consider this breakdown of breaches from 2006:

· 31 percent occurred at government or military agencies

· 30 percent involved educational institutions

· 19 percent took place at "general business" organizations

· 11 percent affected health care facilities or companies

· 9 percent involved banking, credit, or financial services institutions

... Additional Ponemon Institute research showed that even a small breach of 2,500 records can result in $1 million of immediate direct costs for the affected organization, and a significant breach compromising 150,000 customer records can result in more than $10 million in immediate direct costs. ... Hopefully by now, you've determined your organization is ready to deploy a full disk encryption solution across your enterprise. If so, here are some best practices to consider:

· Deploy non-intrusive software: Avoid software that replaces critical Windows system files, such as the Microsoft GINA (Graphical Identification and Authentication). Proprietary code increases the risk of system failure and incompatibility with important operating system security updates and patches.

· Enforce strong passwords: Select a solution that can leverage existing domain password requirements. This approach reduces administrative efforts and provides consistent enforcement of policies across the organization.

· Create policy based on an assessment of risks and threats: Single sign-on is convenient for users, but may not be appropriate for all use cases. Consider which users or systems require additional levels of security, such as two-factor pre-boot authentication, and apply security policy, as necessary.

· Consider future projects: Will the solution scale and expand to meet not only current security requirements, but also the requirements for future encryption projects?

· Educate users: Take the time to educate end users and management on the threats to the business and the ways solutions such as full disk encryption are protecting the company and its customers.


Your tax dollars at work...

http://it.slashdot.org/article.pl?sid=06/12/28/154247&from=rss

U.S. Gov't to use Full Disk Encryption on All Computers

Posted by timothy on Thursday December 28, @10:48AM from the double-secret-probation-rot-13 dept.

To address the issue of data leaks of the kind we've seen so often in the last year because of stolen or missing laptops, writes Saqib Ali, the Feds are planning to use Full Disk Encryption (FDE) on all Government-owned computers. "On June 23, 2006 a Presidential Mandate was put in place requiring all agency laptops to fully encrypt data on the HDD. The U.S. Government is currently conducting the largest single side-by-side comparison and competition for the selection of a Full Disk Encryption product. The selected product will be deployed on Millions of computers in the U.S. federal government space. This implementation will end up being the largest single implementation ever, and all of the information regarding the competition is in the public domain. The evaluation will come to an end in 90 days. You can view all the vendors competing and list of requirements."



I've been suggesting this for 10 years or more...

http://techdirt.com/articles/20061228/100058.shtml

Muni Fiber Keeps Helping Economies Grow

from the well-look-at-that dept

While we've discussed repeatedly why WiFi might be the wrong technology for municipal networks, that doesn't mean the idea of municipal networks is a bad thing. While there have been some reports claiming that municipal networks never work, they've generally been written by astroturfing groups, who cherry pick their information, and often are flat out wrong. A number of the cases they cite as failures, turned out to actually be success stories. In general, though, as with any bit of government intervention, there are plenty of ways for governments to screw things up, and they often do. However, if you set it up right, a muni-broadband offering can actually be a very, very good thing. The key is recognizing two things.

First, there isn't a competitive market in most of these places.

Second, that's often because of the natural monopoly issue.

It's simply inefficient to have every new competitor rip up a city to place their own network infrastructure in the ground. As with the highway system, sometimes it just makes sense to work out a deal to get a single top-notch fiber network in the ground and let everyone compete on it. You get true competition, which leads to better services, and you get much faster broadband.

While not many places have yet adopted this type of system, there is increasing evidence that (unlike many of the muni-WiFi efforts), muni-fiber efforts are turning out to be a big boost for local economies. We've already discussed how muni-fiber in Oregon helped bring Google to town (and plenty of new jobs), and now Broadband Reports runs through a number of other examples of muni-fiber installations boosting the local economy by attracting new companies and increasing jobs. While many of us are naturally averse to government involvement in things, it does seem like, when the market has failed to create competitive situations (sometimes because of dumb government involvement that tilted the initial playing fields, it can help if a well thought-out plan creates the infrastructure that others can compete on.

Thursday, December 28, 2006


http://www.courierpress.com/news/2006/dec/27/patients-warned-of-possible-identity-theft/

Patients warned of possible identity theft

By JIMMY NESBITT Courier & Press staff writer 464-7501 or nesbittj@courierpress.com Wednesday, December 27, 2006

A Deaconess Hospital laptop that contained private information on up to 128 patients [At least its not 128 thousand... Bob] has been missing for at least a month, a hospital spokesman said Tuesday.

The laptop, which was used in the respiratory therapy department to record medical and personal information, was reported missing near the end of November, said spokesman Sam Rogers. Hospital officials have not filed a police report, but the laptop is presumed stolen.

The hospital mailed letters Saturday to all affected patients, warning them of the possibility of identity theft. Rogers said the hospital waited to send the letters because their internal investigation took several weeks.

"We don't know if it's stolen or if it's still lost," he said. "We took the safest route to just notify the people and assume that it is stolen."



We never look at the information we send out until someone complains...”

http://www.helenair.com/articles/2006/12/27/montana/000university.txt

University apologizes for mistakenly sharing student information

BOZEMAN, Mont. (AP) - Montana State University has sent letters of apology to more than 250 students whose names and Social Security numbers were mistakenly shared with other students.

Eight students each mistakenly received a list of 30 or so students' names and Social Security numbers, school officials said.

School administrators said they do not believe the information was misused, but alerted the 259 students after being unable to immediately reach all of the eight who received the information.

... Humberger said the mistake occurred when a student working in the MSU loan office mailed out packets to eight students who had paid off their student loans. Each packet contained the contents of each student's file, with the original promissory note marked as paid. But each packet also contained an alphabetical list of 30 or so other students with loans. The name of the packet recipient was highlighted.



Stealing a laptop too much effort?

http://www.law.com/jsp/legaltechnology/pubArticleLT.jsp?id=1167214008856

Internet Research Digs Up Private Matters

Carole Levitt & Mark Rosch Law Technology News December 28, 2006

I know your mother's maiden name, your date of birth, your address and the price you paid for your house. I also know the name of the person who officiated at your wedding, the names of your children (and their dates of birth), the number of times you've been divorced and how much you inherited from your great aunt. I know the amount of your liens, the type of tattoo you sport (and its location on your body), your political persuasion and your religion. I even know if you are mentally ill -- and I've never met you.

I know all this because you live in a jurisdiction where public records (state and local) are abundantly free and accessible by anyone with a computer and an Internet connection. [Is there a database that describes what is available in each jurisdiction? Bob]

While public records are made available to give notice to and protect the public, and to advance commerce, savvy lawyers access public records because they contain treasure troves of government-held data about people and companies. This data can be useful for: 1) locating anyone who has "gone missing," 2) tracing heirs or 3) investigating the background of a potential client, new partner, a witness or the opposition.

But, what if public records are not available in the jurisdiction you're interested in? What if government agencies and commercial database companies require a requestor to provide his or her name and the reason for accessing someone else's public records? What if your target is always informed of your access to their records?

Or, what if more privacy laws are passed and a record that is public today becomes private tomorrow? For example, drivers' licenses, were considered public until federal legislation deemed them private in 1994 (Driver's License Privacy Protection Act of 1994 (DPPA), 18 U.S.C. 2721 et seq.). But it took six years and a U.S. Supreme Court case to stop states from treating them as public and selling the data (Reno v. Condon, 528 U.S. 141 (2000)). And there are still exceptions to the DPPA so the records may be accessible in some instances.

How likely are these scenarios about losing access to public records?

... Here are examples of how you can use Web sites to find people or to learn about their background:

  • Social networking: Trying to track down someone's address and you've had no luck using their name? Consider tracking them through teenage children's names by visiting social network sites like myspace.com or www.facebook.com.

    These types of sites are now even sprouting up for boomers and elders, as evidenced by www.eons.com. Visit it to learn if the person you are trying to track has a profile.

    Social networking sites are not the only place people are posting personal information about themselves. A family law attorney recently shared an anecdote about the embarrassing information that her client posted to an online dating site discovered by the other side. To dig up dirt, see sites such as match.com or jdate.com.

    Classmates.com is not just for reconnecting with your long lost classmate. It's the secret weapon of many private investigators. Search by a woman's maiden name and you might discover her married name. Search by a company's name and date range to identify people who worked at the company where your client was sexually harassed. You just might find a willing witness.

  • Blogs: If you need to learn about someone's background, cell phone or fax number, read their blog. People typically add personal information to their blogs, not to mention provide a taste of their personality. For example, judging from the entries on a well-known lawyer's blog, he clearly has a dry sense of humor. This is something you would not learn from his profile at his traditional law firm Web site. Look for blogs at search.blogger.com.

  • Podcasts: What better way to learn about someone than listening to their podcast? You might learn about the opposition expert's real opinion as you listen. Search for general topic podcasts at Ipodder, www.ipodder.org and legal topic podcasts at The Blogs of Law, www.theblogsoflaw.com.

  • PowerPoint presentations: Some expert witnesses' Microsoft PowerPoint presentations from conferences get posted to their Web site or the conference Web site. You may not only be able to learn what that person really thinks by viewing PowerPoints online, but by looking in the editing mode, you can read their notes.

    Find PowerPoints by using the Advanced Menu on Google (or Yahoo), entering a person's name into the search box and then limiting your results to the file format PPT.

    Better yet, is there some inside information you could retrieve from a corporate presentation posted online? Inside information from Google Inc. was uncovered this way. Locate someone's PowerPoint presentation by searching at www.google.com/advanced_search.

  • Google Groups: Is your client -- the one who was involved in an automobile accident -- on methadone? Do you believe another client had no notice until November 2002 that his company's product was defective? Take a walk through the community of Google Groups to see if your client publicly discussed his woes in a discussion group, or if others are discussing your client's products. The results might change your case strategy.

When the public record floodgates narrow or are closed completely, the amount of information you can find about people will only be limited by the time and energy you have to surf the Internet -- and your ability to think outside the box.


Related...


http://techdirt.com/articles/20061226/192351.shtml

Law Enforcement Just Can't Let Go Of Their Big Database Obsession

from the more-data,-more-data,-more-data dept

The various law enforcement agencies and groups around the US just can't give up on their desire to have big centralized databases, no matter how many problems it might cause. And, every time one effort is stopped, another one springs up in its place. There was, of course, the famed Total Information Awareness project that was shelved after it got a ton of negative publicity, and was later renamed the Terrorism Information Awareness project, because no one wants to be against "terrorism," right? Then, of course, there was the famed MATRIX system (not the movie) that would allow various state law enforcement groups to easily access similar databases from other state law enforcement groups, and would then spit out a "terrorist quotient" for any particular person to see how likely you were to be a terrorist (like a credit score, but more ridiculous). That got shut down after a wave of negative publicity as well. Yet here we are again, as the Washington Post reports that the Justice Department, the DEA and a bunch of other federal law enforcement officials are working on a big centralized database system called OneDOJ, which will let state and local police officers tap into federal law enforcement case files.

There are some obvious benefits for law enforcement agents to have such information at their fingertips. After all, some people believe it was a lack of critical data sharing that made law enforcement miss some important connections that might have tipped them off to what the 9/11 hijackers were up to. However, centralized database systems like this also open up a ton of potential problems as well. There are always questions about how accurate the data is, for example. Remember the guy who was arrested due to a database error? Then, of course, there are all the issues that come about from opening up this data to more people. Even if the people who are supposed to access it are in law enforcement, that's no guarantee it won't be misused. Remember the cop who used a law enforcement database to spy on his ex-wives? And the MATRIX system we discussed above was brought down in part due to a bunch of crooks hacking into the system, which doesn't inspire much confidence. In the meantime, of course, law enforcement officials are spending more time (and taxpayer money) using private databases rather than the ones they built themselves, not that they have any better quality control or security.



Roswell? The grassy knoll? Fluoride in the water supply?

http://people.howstuffworks.com/ref/declassified.htm?cid=rss1

Which secret government documents will be declassified on December 31?

by Julia Layton December 23, 2006

This New Year's Eve, at midnight on the dot, hundreds of millions of pages [Two day's worth? Bob] of U.S. government secrets will be revealed. Or at least they'll no longer be official secrets -- it may actually take months or more for the National Archives and Records Administration to make those pages available for public consumption. The NARA is already dealing with a multi-million page backlog.

But in theory if not in immediate practice, what was set in motion by the Clinton administration in 1995 is coming to fruition. Executive Order 12958 declared that in 2000, every classified document 25 years of age or older would be automatically declassified unless the classifying agency had already sought and received that document's exemption (anything that could cause an "identifiable" risk to national security, would violate a person's privacy or involves more than one agency is exempt). After two three-year extensions granted by the Bush administration in response to cries from the CIA, FBI, NSA and other agencies that they didn't have the manpower to review all of their papers in time, the final deadline has arrived. And President Bush is enforcing it.

Scholars of history, conspiracy theorists and freedom-of-information activists everywhere are doing a happy dance like none you've ever seen. We're talking about a treasure trove of historical documents, secrets that have been kept for decades, suddenly stripped of its Top Secret, Secret or Confidential status.

... So what can we expect to learn when these pages become accessible to the public? We're not talking about small secrets here. Experts says the documents will tell us about the inner workings of such events and periods as World War II; the Cold War; the McCarthy-era search for Communist sympathizers in the United States and the very real presence of Soviet spies in the U.S. government's upper ranks; the Cuban missile crisis; the Vietnam War and the government's anti-war-protestor activities including surveillance and penetration of activist groups; the CIA's secret experiments with LSD; the Camp David Accords that resulted in a peace treaty between Israel and Egypt; the Iran hostage crisis in 1979; and the Soviet Union's attack on Afghanistan that same year.

... For more information on declassified government documents and related topics, check out the following links:

Sources



Tools & Techniques Trivial, but interesting

http://www.wired.com/wired/archive/15.01/start.html?pg=6

How to Foil a Phone Thief

... Of course, the US is a cell tech backwater, but firms in other countries are working on innovative antitheft products for mobiles. Some act as deterrents, others help recover the phone, and a few just satisfy your primal urge for revenge. Now, if we could just get these things stateside.



You don't suppose the company that manufactures the slot machines also makes e-voting equipment? “Sorry, you candidate won due to a software error...”

http://newsrush.blogspot.com/2006/12/all-bets-off-as-casino-refuses-to-pay.html

Wednesday, December 27, 2006

All bets off as casino refuses to pay jackpot

Two men from Manitoba have hired a lawyer and are threatening legal action after a Winnipeg casino refused to pay out more than $209,000 in slot-machine winnings.

The men were playing a computerized version of Keno last week when they matched all five numbers on the screen.

The machine said the win was worth a jackpot of $209,716.40. The casino said it was a software error.

... It says nickel machines normally don't pay out more than $3,000.

... "My clients saw what the payout was. As they were playing, they saw what five numbers would have gotten someone. It's not disputed that it was on the screen."

But Olynik said the slot machines have a sticker on them advising players that a "malfunction" voids all winnings. [Attention e-voting manufacturers! Bob]

... External Source: http://www.cbc.ca



Tools & Techniques

http://www.gizmodo.com/gadgets/software/send-anonymous-text-messages-224575.php

Wed December272006

Send Anonymous Text Messages

Ever want to text someone anonymously? Hit up AnonTxt and just enter in an alias, a subject, and the message itself, and it'll be quickly sped to the cellphone number of your choosing.

Of course, the message appends "anontxt" to the sender's name, so the recipient knows where it's from. So if you really want to spoof someone's phone—say to make your co-worker think your boss is flirting with her—you'll have to look elsewhere. And you can contact anontxt to block your number if someone is pranking you repeatedly.

Wednesday, December 27, 2006

Do you suppose this will become commonplace? (Lots of interesting ideas in the comments, too.)

http://yro.slashdot.org/article.pl?sid=06/12/26/1425201&from=rss

Disabling the RFID in the New U.S. Passports?

Posted by Zonk on Tuesday December 26, @10:19AM from the very-high-tech dept.

slashchuck writes "Along with the usual Jargonwatch and Wired/Tired articles, the January issue of Wired offers a drastic method for taking care of that RFID chip in your passport. They say it's legal ... if a bit blunt. From the article: 'The best approach? Hammer time. Hitting the chip with a blunt, hard object should disable it. A nonworking RFID doesn't invalidate the passport, [Want to bet? Bob] so you can still use it.' While this seems a bit extreme, all indications seem to be these chips aren't very secure. How far will you go to protect or disable the RFID chip in your passport? Do you think such a step is necessary? Does anyone have an argument in favor of the technology's implementation here? "



Inevitable, but it looks like the “time to adoption” David Paul measured for the dynamo (20 years) is much shorter for technology that does not require a capital investment.

http://slashdot.org/article.pl?sid=06/12/26/1510207&from=rss

DVD Player Ownership Surpasses VCR Ownership

Posted by Zonk on Tuesday December 26, @12:04PM from the just-in-time-for-a-new-format dept.

An anonymous reader wrote to mention an Ars Technica post stating that, for the first time, more U.S. consumers own a DVD player than own a VCR. The DVD player dropped below $100 quite some time ago, but the third quarter of this year saw the percentage of DVD player ownership reach 81.2. Only 79.2% of consumers now own VCR players, reports Nielsen.

From the article: "For all of the talk about the battle between HD DVD and Blu-ray, both technologies are far, far away from most family rooms. Yes, the two are just now beginning what could be a long battle for entertainment-center supremacy, but keep in mind that the technology that they are vying to replace has only recently gained the upper hand against the previous-generation technology--a decade after first being introduced. Even if Blu-ray or HD DVD unexpectedly routs its opponent from the market in the next two or three years, it will still be several more years before the victorious format supplants the DVD."



No politician will want their words used against them.

http://politics.slashdot.org/article.pl?sid=06/12/27/0333256&from=rss

Liberating & Restricting C-SPAN's Floor Footage

Posted by timothy on Wednesday December 27, @06:43AM from the bye-bye-insomnia dept. The Media United States Politics

bigmammoth writes "C-SPAN bid to "liberate" the House and Senate floor footage has re-emerged and been shot down. In an aim to build support a recent New York Times editorial called for reality TV for congress. But what is missing from this editorial is the issue of privatization and the subsequent restriction of meaningful access to these media assets. Currently the U.S. government produces this floor footage and it is public domain. This enables projects such as metavid to publicly archive these media assets in high-quality Ogg Theora using all open source software, guaranteeing freely reusable access to both the archive and all the media assets. In contrast C-SPAN's view-only online offerings disappear into their pay for access archive after two weeks and are then subject to many restrictions." (Continues)

"If C-SPAN succeeds, reusable access to floor footage will be lost and sites such as metavid will be forced to stop archiving. Because of C-SPAN's zealous IP enforcement metavid has already been forced to take down all already 'liberated' committee hearings which are C-SPAN produced. Fortunately, the house leadership sees private cameras as a loss of 'dignity and decorum' and will be denying C-SPANS request."



Can you do this anonymously?

http://www.bespacific.com/mt/archives/013373.html

December 26, 2006

Identity Theft Task Force Seeks Public Comment

Press release: "The Federal Identity Theft Task Force, chaired by Attorney General Alberto R. Gonzales and co-chaired by Federal Trade Commission Chairman Deborah Platt Majoras, is seeking public comment on ways to improve the effectiveness and efficiency of federal government efforts to reduce identity theft. The public comments on these issues will supplement the research and analysis being conducted, provide further information about the proposals being considered, and identify areas where additional recommendations may be warranted. The Task Force was established by an Executive Order 13402 on May 10, 2006."



Attention Virtual Lawyers!

http://techdirt.com/articles/20061226/103514.shtml

Korea Doesn't Want That Virtual Currency To Be Traded For Real Money

from the and-you-will-do-this-how-exactly? dept

It's not like people haven't been warning others around the world about the potential tricky issues that come up with online worlds and offline laws -- but it seems that no one paid much attention and everyone simply plowed onwards. As these worlds gain more attention and users (though, perhaps not as many as the press would have you believe), governments are increasingly taking an interest in them. There's the obvious issue of taxation of virtual winnings, which some governments are starting to explore, but a bigger issue may be the secondary economies found within these worlds, and what that means for government-level monetary policy. The idea that of these kinds of secondary currency systems forming beneath the surface of official currencies is nothing new at all, but are usually narrowly focused on local communities. However, when that "local community" suddenly gets much bigger thanks to the internet, it can represent a big issue.

It appears that South Korean politicians are trying to tackle this issue, but are doing so badly. They've put forth legislation that would ban the trading of virtual currencies, as an attempt to cut off the use of in-game money as an alternative to real money. Of course, trading virtual currencies and objects from within these games is a big part of the appeal of the games -- and has proven pretty much unstoppable for games that have tried to prevent it from happening. Black markets open up very quickly. To make matters even worse, the South Korean proposal only looks to ban the trading of in-game currencies, not in-game items. In other words, all you need to do if you want to trade in-game currency is buy some sort of object in the game, and then trade or sell that, and you've now stayed within the law, but accomplished the same exact thing. It's no surprise that governments are worried about these non-regulated currencies, but simply announcing a ban on trading them clearly isn't going to be very effective.



We don't want to spend money to deliver what we promised our customers, so we will spend money to ensure the service becomes worse!” (Promise everything, deliver within budget.)

http://techdirt.com/articles/20061226/100457.shtml

Trying To Slow Down BitTorrent Traffic Will Backfire, Badly

from the bad-bad-plan dept

Over the past couple of years, a bunch of ISPs have started (usually quietly) applying traffic shaping efforts to slow down your high bandwidth applications like BitTorrent. This is part of what the whole network neutrality debate is about, but this has more to do with the ISPs trying to keep out services that use up more bandwidth then they budgeted for. What it really represents is the inability of ISPs to recognize a simple fact: if you offer people bandwidth, they'll figure out ways to use it. [Amen! Bob] The ISPs got into this big race with each other, and all promised unlimited bandwidth at cheap prices, making the calculation that the demand for bandwidth wouldn't increase very much, and most people wouldn't use very much at all. They were wrong. But, rather than admit that they made a mistake, they suddenly pretend that the "all you can eat" broadband they sold you is something different -- one where they can arbitrarily limit what you can do with that bandwidth. They sold you one thing, with the belief that you wouldn't actually use it, and now that you are, they're shoving in place temporary fixes to stop you from using what they sold you. Of course, there are many who believe the whole thing is simply a ruse to try to charge everyone more money, a concept that gained steam when a loose-lipped CTO from Qwest admitted that file sharing traffic isn't actually much of a burden for them, and he didn't understand other ISPs claiming it was such a problem.

The funny thing, though, is that whether or not it really is a burden, the idea of using traffic shaping is absolutely going to backfire. As we've already discussed, the more ISPs try to snoop on or "shape" your internet usage, the more that's going to be a great selling point for encryption. People are going to increasingly encrypt all of their internet usage, from regular surfing, to file sharing to VoIP -- as it makes it that much more difficult to figure out what kind of traffic is what and to do anything with it. Broadband Reports today is moderating something of a debate on whether or not encrypting BitTorrent is a good thing, with Wired taking the bad side and TorrentFreak (not surprisingly) taking the good side. Of course, it's really all a matter of perspective. It may be good for some people or bad for the others -- but what's most amusing, is that encrypting all of this traffic will simply add a lot of overhead for the ISPs to deal with. That means, for all their talk about how file sharing traffic was a burden on their network, by trying to slow it down with traffic shaping, they're only likely to increase the burden as everyone shifts to encrypted systems making it more difficult and more costly for them to do anything about it. Add to this that the traffic shaping hardware costs money that could have gone into simply upgrading their overall network, and it seems doubly problematic. They're left with an expensive solution that doesn't solve the issue and actually makes it worse, when they could have just spent more on upgrading their network to handle more capacity.



Remember the “Streisand effect!”

http://www.pogowasright.org/article.php?story=20061227063053769

Cyberspace Sex Scandal Heads to Trial

Wednesday, December 27 2006 @ 07:00 AM CST - Contributed by: PrivacyNews - Internet & Computers

WASHINGTON - When Robert Steinbuch discovered his girlfriend had discussed intimate details about their sex life in her online diary, the Capitol Hill staffer didn't just get mad. He got a lawyer. Soon, though, the racy tidbits about the sex lives of the two Senate aides faded from the front pages and the gossip pages. Steinbuch accepted a teaching job in Arkansas, leaving Washington and Jessica Cutler's "Washingtonienne" Web log behind.

While sex scandals turn over quickly in this city, lawsuits do not. Steinbuch's case over the embarrassing, sexually charged blog appears headed for an embarrassing, sexually charged trial.

Lurid testimony about spanking, handcuffs and prostitution aside, the Washingtonienne case could help establish whether people who keep online diaries are obligated to protect the privacy of the people they interact with offline.

Source - AP



Would denying these records to an insurer aide in a fraud?

http://www.pogowasright.org/article.php?story=20061226093135615

Spread of Records Stirs Patient Fears Of Privacy Erosion

Tuesday, December 26 2006 @ 09:53 AM CST - Contributed by: PrivacyNews - Medical Privacy

After her fiancé died suddenly, Patricia Galvin left New York for San Francisco in 1996 and took a job as a tax lawyer for a large law firm. A few years later, she began confiding to a psychologist at Stanford Hospital & Clinics about her relationships with family, friends and co-workers.

Then, in 2001, she was rear-ended at a red light. When she later sought disability benefits for chronic back pain, her insurer turned her down, citing information contained in her psychologist's notes. The notes, her insurer maintained, showed she wasn't too injured to work.

Ms. Galvin, 51 years old, was appalled. It wasn't just that she believed her insurer misinterpreted the notes. Her therapist, she says, had assured her the records from her sessions would remain confidential.

As the health-care industry embraces electronic record-keeping, millions of pages of old documents are being scanned into computers across the country. The goal is to make patient records more complete and readily available for diagnosis, treatment and claims-payment purposes. But the move has kindled patient concern about who might gain access to sensitive medical files -- data that now can be transmitted with the click of a computer mouse.

Source - Wall Street Journal (sub. req.)

Related - Kaiser Permanente's Privacy Policy



A collaboration tool or a way to snoop?

http://digg.com/software/Google_Notebook_Search_Go_through_people_s_notebooks

Google Notebook Search: Go through people's notebooks

Google Notebook Search is still a Google Labs service, but it's open to the public. It lets you search through everyone's public notebooks. Fun.

http://www.google.com/notebook/search



Attention Class Action Lawyers?

http://www.metrowii.com/2006/12/and_now_the_wii.html

And now the Wiixercises !!!

Wii_yoga The British Chiropractic Association has advised people to warm up before playing the Wii games. They are advising people to consider the Wii session as a form of excersise and hence do a warm up and a cool down. Players can then avoid “stiffness and possible injuries.”