Saturday, August 05, 2006

I am rather surprised. This seems to be the only hacker/computer crook/identity theft story this week! Come on guys, don't let us down!

http://www.eweek.com/article2/0,1759,1999367,00.asp?kc=EWRSS03119TX1K0000594

Cyber-Thieves Steal $700K Via ATM Hacking

August 4, 2006 By Chris Preimesberger

Cyber-thieves who hacked into the ATM information of at least 800 retail customers in California and Oregon have stolen as much as $700,000 from personal accounts during the last two months, according to police reports.

People who used ATM cards to purchase items at Dollar Tree, a national retail toy store chain, in Modesto and Carmichael, Calif., and Ashland, Ore., have turned in reports of unauthorized withdrawals in the computer-based scam.

Federal and local investigators would not discuss with eWEEK how the thieves stole the information. [Trust us, it can't happen to you? Bob] How many shoppers have been victimized is also an open question.



http://hbswk.hbs.edu/item/5469.html

What Happens When the Economics of Scarcity Meets the Economics of Abundance?

Published: August 4, 2006 Author: James Heskett

Forum open for comment until Thursday, August 31. — 0 Comments — Post a comment

Executive Summary:

The "Long Tail," a term coined by Chris Anderson—and the title of his new book—describes the item popularity curve. Does the Long Tail represent a paradigm shift for business and consumer behavior? What are its implications for management going forward? Key concepts include:

* Chris Anderson first coined the term "the Long Tail" in Wired magazine.

* In a long-tail world, everything digital is available at all times.

* Anderson describes three conditions critical to potential long-tail profits, all of which are provided by the Internet combined with creative new software and hardware.

An entire generation brought up to regard many things in life—including communication and most intellectual property—as limitless and free is coming of age. They will join generations of their elders who studied college courses on the economics of scarcity and believe that "there is no such thing as a free lunch."

... Life in the Long Tail is a busy routine involving the downloading of anything digital from the Internet; paying for some things, such as iTunes, but sharing and trading many others; creating and maintaining blogs, some of which are more frequently visited today than network television shows; contributing and editing items on the ever-changing open-network encyclopedia, Wikipedia; and when watching television (rarely), doing it when and where it is convenient to do so, through such devices as TiVo and cell phones. It is a world where everything digital is available at all times. And because of the very low cost of maintaining and distributing inventory, everything is likely to remain available forever, enabling the occasional gem of intellectual property to survive "in print" or in circulation. It is a world of non-zero-sum thinking.

... In the Long Tail, money is made by such things as avoiding inventory, producing to order, letting customers do the work, pricing creatively and flexibly to various customers, utilizing a variety of distribution methods, sharing information, trusting the market to do your job, and understanding the "power of free" combined with money-making services or products.

... To read more: Chris Anderson, The Long Tail: Why the Future of Business Is Selling Less of More (New York: Hyperion, 2006).



http://michaelzimmer.org/2006/08/04/others-online-opt-in-web-surveillance/

Others Online: Opt-In Web Surveillance

Posted on Friday, August 4th, 2006 at 8:35 am

A new service called Others Online makes obvious what Google Toolbar and other browser tools do in the background: track users web browsing activities. From their site:

Others Online is a free toolbar that shows you people relevant to your Web browsing and other interests, on every page you visit. We show you the interests you have in common, their Web pages (blog, MySpace profile, Web site, etc.) and online status, all on their terms. We’ll even connect you by IM or email.

…Every time you search the Web, you’ll see people that have associated themselves to those keywords, plus you’ll see any other interests you share. It’s like “Google for people”!

In a nutshell, users sign up, create a profile like most other social networking site, download the toolbar, and then start browsing the web like usual. Others Online then collects information about the websites visited (including the URL and relevant content keywords embedded in the URL), and then shows other users who share a similar profile and browsing habits.

Sorta cool to be able to find other people searching for the same stuff I am, such as “web surfing surveillance”. But my concern is that products like this, even though opt-in, work to normalize web surveillance, playing into the “I’ve got nothing to hide” meme that justifies wholesale surveillance of our daily activities. The more users become comfortable with the surveillance of their online activities, the less likely they will be able to identify abuses of that surveillance.

A couple of other points on this particular service:

  • Their privacy policy states that “When you sign up for an Others Online Account, we ask you for personal information (such as your birth date, gender, email address, country, post code and an account password)….” But that the “service is anonymous – we do not request your name or your physical address.” This isn’t entirely true, since research (such as Latanya Sweeney’s amazing work) has shown that 87 percent of Americans can be personally identified by records listing only their birth date, gender and ZIP code. Anonymity is not guaranteed simply by not collecting one’s name and address.

  • Another note in the privacy policy states that “We may combine the information you submit under your account with information from third parties in order to provide you with a better experience and to improve the quality of our services.” Who knows what kind of “information from third parties” they’re talking about, but this is just the kind of data mining and data aggregation practices that Sweeney (and folks like Dan Solove) warn us about.

  • While you can clear your entire search history, it doesn’t seem to be possible to selectively delete certain searches or browsing activities from their database. Users must remember to logoff the service is they don’t want others to know they’ve been watching Pat Benetar videos on YouTube.



I wonder if you could do this for a living...

http://michaelzimmer.org/2006/08/03/audit-remove-yourself-from-data-collection-databases/

Audit & Remove Yourself from Data-Collection Databases

Posted on Thursday, August 3rd, 2006 at 8:20 am

Wired’s 27B Stoke 6 blog has posted some helpful info on how to audit and remove yourself from of some common data-collection databases (and annoying mailing lists):

  • If you have ever applied for health, life or disability insurance on your own, it’s likely the information about your health and lifestyle that you had to provide ended up in a database run by the MIB Group. The easiest way to check your record is by phone at 866.692.6901. The group will then mail you your report if they have one.

  • ChoicePoint, the folks who sold 145,000 data reports to Nigerian identity theft scammers in 2004, sells auto and home-insurance risk scores (among other things) and you can check your file for free once a year via their web page

  • ChexSystems keeps tabs individual’s banking habits and sells that data to banks vetting new customers. Give them a call at 800.428.9623. They also run a system that keeps track of people who have reportedly passed a bad check. Track down that report here or make their phone jingle with this number: 800.262.7771.

  • Acxiom, another big data broker, will let you opt-out of their marketing database for free if you call 501-342-2722 and press 5. You can also ask them to send you a form that lets you check the non-marketing information they have on you. They won’t let you opt-out of this, and they will charge you $5 for the privilege. Be aware it could take them months to send out the report.

  • Stop some direct mail via the Direct Marketing Association’s web page. It’s free if you print it out and mail it in to them for hand processing, but costs $5 if you just want to do it online. That’s how much they like this opt-out list. DO NOT join the DMA’s phone or email opt-out list. That’s just begging for spam and telemarketing calls.

  • Stop almost all credit card and life insurance direct mail solicitations (this won’t stop ones from your own bank) by calling 1-888-5-OPTOUT.

  • And of course, the ever handy Do Not Call list is here.



Is this worse than the Patriot Act? If I remember correctly, this version was “designed” by the US immediately after 9/11 as a “we'll never get this past the US Senate” wish-list and governments with more control over their people were asked to make it law in their countries and insist (via this treaty) the US match their laws. Good strategy, bad ethics.

http://news.com.com/2100-7348_3-6102354.html

Senate ratifies controversial cybercrime treaty

By Declan McCullagh Story last modified Fri Aug 04 12:23:12 PDT 2006

The first and only international treaty designed exclusively to combat computer crime won approval late Thursday from the U.S. Senate.

The Council of Europe Convention on Cybercrime "will enhance our ability to cooperate with foreign governments in fighting terrorism, computer hacking, money laundering and child pornography, among other crimes," Sen. Richard Lugar, the Indiana Republican who is chairman of the Senate Foreign Relations Committee, said in a statement.

The treaty is intended to harmonize computer crime laws, especially those in smaller or less developed nations that may not have updated their legal framework to reflect the complexities of the Internet. It requires participating countries to target a broad swath of activities, including unauthorized intrusions into networks, fraud, the release of worms and viruses, child pornography and copyright infringement. [because that's high on the terrorist list. Bob]

... But one portion, which provoked the most controversy, deals with international cooperation. It says Internet providers must cooperate with electronic searches and seizures without reimbursement; the FBI must conduct electronic surveillance "in real time" on behalf of another government; that U.S. businesses can be slapped with "expedited preservation" orders preventing them from routinely deleting logs or other data.

What's controversial about those requirements is that they don't require "dual criminality"--in other words, Russian security services investigating democracy activists could ask for the FBI's help in uncovering the contents of their Yahoo Mail or Hotmail accounts, or even conducting live wiretaps.

... The Senate did not consider an optional separate section dealing with Internet-based hate speech that would have required participating nations to imprison anyone guilty of "insulting publicly, through a computer system" certain groups of people based on characteristics such as race or ethnic origin.

... In a letter to senators last summer (click here for PDF), the Electronic Privacy Information Center attacked the treaty for offering only "vague and weak" privacy protections. One section, for example, would force participating nations to have laws forcing individuals to disclose their decryption keys so that law enforcement could seize data for investigations, EPIC wrote.


http://www.govtech.net/magazine/story.php?id=100439

CSIA Applauds Ratification of Cybercrime Treaty

August 4, 2006 News Release

The Cyber Security Industry Alliance (CSIA) today commended the U.S. Senate for its ratification of the Convention on Cybercrime adopted through the Council of Europe.

Signed by the United States in November 2001, the Convention on Cybercrime is the first and only international, multilateral treaty specifically addressing the need for cooperation in the investigation and prosecution of computer network crimes. It requires global law enforcement cooperation with respect to searches and seizures and provides timely extradition for computer network based crimes covered under the treaty.


http://techdirt.com/articles/20060804/1629200.shtml

Add Bad Internet Legislation To List Of US Imports

from the made-in-somewhere-else dept

Having apparently decided that homegrown internet legislation isn't sufficiently bad, the Senate has approved the Council of Europe Convention on Cybercrime, which essentially establishes rules and a framework for international cooperation on cybercrime investigation and harmonizes computer crime laws. US laws already contain many of the convention's stipulations, but one significant change is that it forces law enforcement groups and businesses of one country to cooperate with foreign governments without the requirement of "dual criminality" -- meaning that they're obliged to help foreign law enforcement investigate crimes even if the targets of the investigation have broken no laws in their country. For instance, the FBI must now help, say, French security services investigate internet crimes that happen there, while those French services must comply with US requests to do things such as wiretap a network there in regards to a crime committed in the US. Given the ongoing controversy regarding the US governments' wiretapping here in its own country, it seems more than a little problematic to give it carte blanche to force foreign governments to help it carry out similar activities overseas, while offering those countries the same privileges here. While it's certain that cybercrime is an international problem, and criminals like child pornographers and hackers act with little regard for geographic borders, simply throwing things open so widely seems more likely to drastically raise the possibility of abuse of civil liberties and skirting of laws than do anything tangible to stop crime.



Is 5GB a big increase? Many already offer 2GB...

http://www.techzonez.com/comments.php?shownews=18880

AOL to offer 5GB free storage to everyone

Posted by Reverend on 04 Aug 2006 - 23:48 GMT

AOL will offer all web users 5GB of free online storage starting in September.

... The service also offers shared files for online collaboration and scheduled automatic backup.



Outrageous! Who holds the copyright?

http://slashdot.org/article.pl?sid=06/08/04/1238239&from=rss

Domesday Book Goes Online

Posted by Zonk on Friday August 04, @11:25PM from the not-doomsday-that's-in-a-ghostbusters-episode dept. The Internet Books

Accommodate Students writes "The Domesday Book has gone online. As one of the earliest public records goes online, anyone with an internet connection will be able to access this important document. Amongst other interesting facts, the BBC is reporting that the Book can still be used today in court for property disputes. In an interesting development, the National Archives are making online searches free, but downloads of data will cost £3.50 (approx $6.50 US). Similar launches of historical websites in the past have struggled to keep up with server loads in their first days and weeks, so it remains to be seen whether the Domesday Book online will be more or less fragile than the parchment originals."



See what a different culture Japan is?

http://techdirt.com/articles/20060804/1146237.shtml

Dear Possible Identity Thief, Please Delete The Data We Accidentally Leaked

from the like-that'll-work dept

About a year ago, we noted that some of Japan's nuclear secrets had been made available on the popular Japanese file sharing system, Winny. The government decided the best way to deal with this wasn't to better secure their systems... but to simply beg people not to use Winny. Apparently, that hasn't worked, because now a bunch of medical records have leaked through the system as well. The hospital in question has responded, again by begging, but this time asking various ISPs to send their customers a letter asking them to delete the info. Perhaps we underestimate people in Japan, but doesn't this only seem likely to call more attention to the data from those who will use it for malicious purposes?



http://www.bespacific.com/mt/archives/012041.html

August 04, 2006

Special Report on Department of Defense's Cyber Crime Center

Special Report | Computer forensics: The new DNA



How dare you suggest that the marketplace could replace our bureaucracy!

http://www.usatoday.com/news/opinion/editorials/2006-08-03-our-view_x.htm

Mad cow watch goes blind

Updated 8/3/2006 8:44 PM ET

Creekstone Farms, a Kansas beef producer, wants to reassure customers that its cattle are safe to eat by testing them all for mad cow disease. Sounds like a smart business move, but there's one problem: The federal government won't let the company do it.

The U.S. Department of Agriculture — invoking an obscure 1913 law intended to thwart con artists from peddling bogus hog cholera serum to pig farmers — is blocking companies from selling the testing kits to Creekstone.

USDA is doing the bidding of large cattle barons afraid that Creekstone's marketing will force them to do the same tests to stay competitive.

... Not only is USDA blocking Creekstone, the department said last month that it's reducing its mad cow testing program by 90%.

... The department tests only 1% of the roughly 100,000 cattle slaughtered daily. The new plan will test only 110 cows a day.

... OPPOSING VIEW: Our safeguards are working



NSA Wiretapping explained in song

http://www.newsday.com/news/opinion/ny-wh-nsawiretapping,0,1906650.flash

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)