Friday, July 06, 2007

Ah! Accurate and detailed data at last!

http://www.pogowasright.org/article.php?story=20070705133626686

GAO Report: Personal Information: Data Breaches Are Frequent, but Evidence of Resulting Identity Theft Is Limited

Thursday, July 05 2007 @ 01:45 PM CDT Contributed by: PrivacyNews News Section: Breaches

... GAO was asked to examine (1) the incidence and circumstances of breaches of sensitive personal information; (2) the extent to which such breaches have resulted in identity theft; and (3) the potential benefits, costs, and challenges associated with breach notification requirements.

... While comprehensive data do not exist, [Okay, maybe not so accurate... Bob] available evidence suggests...

Source - GAO-07-737 [Full Report, pdf]


...subject to spin, as always.

http://www.pogowasright.org/article.php?story=20070705173950552

Did the data breach chronologies backfire? (opinion)

Thursday, July 05 2007 @ 05:39 PM CDT Contributed by: PrivacyNews News Section: Breaches

The June GAO report, Data Breaches Are Frequent, but Evidence of Resulting Identity Theft Is Limited; However, the Full Extent Is Unknown [GAO-07-737 (pdf)] was released today.

Looking through it, it is clear that they relied heavily on data and statistics provided by Attrition.org, the Privacy Rights Clearinghouse, the Identity Theft Resource Center, and reports obtained from NY and NC under FOIA by Chris Walsh.

Although it is encouraging that that the government is actually using the data that these organizations and individuals have worked so hard to compile, some of the implications suggested by the GAO report are troubling from the perspective of a privacy advocate.

Source - Chronicles of Dissent



You might not want to call your favorite bureaucrats idiots, even when they clearly are... At least not while they are writing law or reviewing your acquisition of Doubleclick...

http://www.pogowasright.org/article.php?story=20070706050541501

Google: Our data retention is not data protection watchdogs' business

Friday, July 06 2007 @ 05:05 AM CDT Contributed by: PrivacyNews News Section: Businesses & Privacy

The retention of search engine query data is a security matter and not one for Europe's data protection officials, according to Google's global privacy chief.

Peter Fleischer said that its retention of user search data was "just not their field".

Source - The Register


This is how you do it – announce compliance as loudly as you can, then you can forget to tell IT to make any changes.

http://www.ft.com/cms/s/9a54bf38-2b5b-11dc-85f9-000b5df10621,_i_rssPage=9a36c1aa-3016-11da-ba9f-00000e2511c8.html

Microsoft and Yahoo to alter privacy policy

By Maija Palmer in London Published: July 6 2007 03:00 | Last updated: July 6 2007 03:00

Yahoo and Microsoft are preparing to announce concessions in their privacy policies in the next few weeks, as pressure mounts in Europe over the length of time internet search companies should be allowed to hold personal data.

... So far neither Yahoo nor Microsoft has specified any time limits on the data that they hold on users.



The records are public, but the public (second class citizens) can't see them.

http://www.pogowasright.org/article.php?story=20070705071926775

Ohio Newspaper Under Fire for Outing Gun Owners

Thursday, July 05 2007 @ 01:42 PM CDT Contributed by: PrivacyNews News Section: Other Privacy News

An Ohio newspaper's decision to publish the non-public records of concealed carry permit holders drew a strong response, and one gun rights advocacy group published personal but public information about the newspaper's editor.

The Sandusky Register on June 24 published the names, ages and home counties of the almost 2,700 concealed carry permit holders in its circulation area. Ohio gun laws restrict public access to concealed carry records but allow the media to access them.

Source - CNSNews.com



No doubt the response will start: “If you've got nothing to hide...”

http://www.pogowasright.org/article.php?story=20070705121853317

'An offensive invasion of privacy'

Thursday, July 05 2007 @ 01:42 PM CDT Contributed by: PrivacyNews News Section: Other Privacy News

James Herrick of Madison doesn't think it's anybody else's business how much gas and electricity he uses at home and was surprised to find this information online, where "anybody on the planet" can obtain it, anonymously.

And so, on seeing Madison Gas and Electric's searchable database of its residential customers he fired off an e-mail:

"Is there small print in my MGE service agreement that says I authorize you to release my natural gas and electricity purchase information to anyone with Internet access, or is there a law requiring utility companies to make this information publicly available?

Source - TheDailyPage.com

[From the article: MGE, in response, explained that the state Public Service Commission does indeed mandate (PSC 134.05 [5]) that utilities provide on request "either the average consumption for the prior 12-month period or figures reflecting the highest and lowest consumption amounts for the previous 12 months."



Let me see if I understand this. If I can see the code, that is automatically less secure than code I can't see? If I can look for errors/flaws/holes, that is better than not knowing they are there?

http://news.com.com/2100-1041_3-6195102.html?part=rss&tag=2547-1_3-0-5&subj=news

Feds snub open source for 'smart' radios

New FCC rules say open-source code for next-gen mobile tech has "high burden" to show it's secure. Some industry and security experts beg to differ.

By Anne Broache Staff Writer, CNET News.com Published: July 6, 2007, 4:00 AM PDT

Mobile-gadget makers are starting to take advantage of software-defined radio, a new technology allowing a single device to receive signals from multiple sources, including television stations and cell phone networks.

But a new federal rule set to take effect Friday could mean that radios built on "open-source elements" may encounter a more sluggish path to market--or, in the worst case scenario, be shut out altogether. U.S. regulators, it seems, believe the inherently public nature of open-source code makes it more vulnerable to hackers, leaving "a high burden to demonstrate that it is sufficiently secure."

... By effectively siding with what is known in cryptography circles as "security through obscurity," the controversial idea that keeping security methods secret makes them more impenetrable, the FCC has drawn an outcry from the software radio set and raised eyebrows among some security experts.


Perhaps they should read this!

http://www.bespacific.com/mt/archives/015363.html

July 05, 2007

Report - Toward a Safer and More Secure Cyberspace

Toward a Safer and More Secure Cyberspace, Seymour E. Goodman and Herbert S. Lin, Editors, Committee on Improving Cybersecurity Research in the United States, National Research Council, 272 pages, pre-publication copy, 2007.

  • "Toward a Safer and More Secure Cyberspace examines the vulnerabilities of the Internet and offers a strategy for future research aimed at countering cyber attacks. The report also explores the nature of online threats and some of the reasons why past research for improving cybersecurity has had less impact than anticipated."



It may be cheaper to pay the fine...

http://www.pogowasright.org/article.php?story=20070705091950314

Court holds Belgian ISP responsible for file-sharing

Thursday, July 05 2007 @ 10:52 AM CDT Contributed by: PrivacyNews News Section: Non-U.S. News

A court has ruled that the Belgian ISP Scarlet Extended is responsible for blocking illegal file-sharing on its network, setting a precedent that could affect other ISPs in Europe, according to a recording industry group.

Belgium's Court of First Instance has given the Internet service provider six months to install technology to prevent its customers from sharing pirated music and video files, the International Federation of the Phonographic Industry said. If it fails to do so it will be fined €2,500 ($3,400) per day, according to the ruling, published June 29.

Source - InfoWorld



Amusing...

http://www.bespacific.com/mt/archives/015374.html

July 05, 2007

Map and List Provide Links to All Current Google Products

From Zorgloob Logiciels, a very large, visual representation of the extensive range and variety of Google products [via Google Blogoscoped]. If you prefer all this information in a list format, along with associated icons, descriptions of the services (in French) and links directly to them, one can find that information here.



For my fellow Intel buffs

http://www.bespacific.com/mt/archives/015370.html

July 05, 2007

On the Trail of Military Intelligence History: A Guide to the Washington, DC, Area

"A new pamphlet from the U.S. Army Intelligence and Security Command (INSCOM) History Office describes locations in and around Washington, D.C. that have significant associations with the history of U.S. military intelligence." [via Secrecy News]



Is this a good news/bad news kind of thing?

http://www.eweek.com/article2/0,1759,2155210,00.asp?kc=EWRSS03119TX1K0000594

Data Deposit Box Stores Data Safely Off-Site

July 5, 2007 By Daniel P. Dern

When it comes to backing up your data—be it of a business or personal nature—you can't be too thorough. Backup options such as CDs or DVDs, external hard drives, NAS appliances, or USB sticks offer a partial solution, but these local storage solutions leave your backup data vulnerable to any number of local disasters.

Online storage services, such as Data Deposit Box (www.DataDepositBox.com), from Acpana Business Systems, can help patch the gaps in your backup plans by storing your data safely off-site.

... Data Deposit Box accounts may be shared by multiple users running multiple computers, and the account holder may choose whether to extend full or restricted access to those using the account.



Does this sample reflect the population? Or is there a higher proportion of sex offenders online?

http://www.techzonez.com/comments.php?shownews=21607

New Jersey says 141 sex offenders used MySpace

Posted by Reverend on 05 Jul 2007 - 20:08 GMT | 0 comments Previous Post | Main | Next Post

Techzonez More than 140 sex offenders convicted in New Jersey had profiles on the networking Web site MySpace, the state's attorney general said on Tuesday.

New Jersey is among several states leading the way in working with MySpace to curb online sexual predators.

Of the 141 sex offenders identified as having been active on MySpace, 80 were found to be on parole or probation, and officials are working to determine if those individuals violated the terms of their sentences, said David Wald, a spokesman for New Jersey Attorney General Anne Milgram.

The identified individuals may now be subject to tougher prohibitions against using the Internet, Wald said.

Those identified are among a national total of about 7,000 registered sex offenders whose names were deleted and handed over by Fox Interactive Media, the owner of MySpace, to law enforcement authorities in all 50 states in late May.

Full story: Reuters



Speaking of sex offenders...

http://rawstory.com/news/2007/Judge_lifts_injuction_on_DC_madam_0705.html

Judge lifts injunction on 'DC madam' phone records

Josh Catone Published: Thursday July 5, 2007

A judge in the US district court in Washington, D.C. has lifted the temporary restraining order (TRO) preventing the so-called 'DC madam,' Deborah Jeane Palfrey, from selling or distributing the list of phone records from her escort business.

"The List in question is the Defendant's personal property," wrote judge Gladys Kessler, "and contains only a log of telephone numbers. It was neither seized by the Government when it searched the Defendant's residence in California, nor listed in the Indictment putting the Defendant on notice as to which items of her property were subject to forfeiture."

... Earlier this week, in an interview with the Vallejo Times, Palfrey said she would make the 46 pounds of Sprint phone records available to any member of the media, including bloggers.

... You can read the full court decision here (PDF).



Because free is good!

http://www.computerworld.com/action/article.do?command=printArticleBasic&articleId=9026125

15 free security programs that work

Preston Gralla



Free tools is good!

http://www.killerstartups.com/WebApp-Tools/udutu--DIY-Course-Authoring-for-Educators-Near-You/

Udutu.com - DIY Course Authoring for Educators Near You

posted 6 Hours 50 Minutes ago by Siri

Do-it-yourself app platforms have lately become popular, will the same go for self-made online education tools? Udutu now provides a means for educators or small businesses to get in on the elearning trend that has been limited to larger organizations till now. Subject matter experts can create their own courses accessible anywhere, without needing an IT department. Creating and customizing your courses is painless with Udutu’s WYSIWYG software. They provide the tools to make your courses more interactive quickly and easily. Udutu can be used by teachers, corporate trainers, human resource managers and even professors and government administrators. Users are charged not for authoring or using the software but for using Udutu’s servers; they charge $1 per screen per month. Demonstrations are available as well as professional tips and guidance

Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)