Ooh! A student project for my Security Class!

http://www.pogowasright.org/article.php?story=20070719112809793

Leaks Found In Louisiana University Systems

Thursday, July 19 2007 @ 11:28 AM CDT Contributed by: PrivacyNews News Section: Breaches

Aaron Titus, a law school student in Louisiana, wanted to prove a point about user privacy. So he started Googling -- and ended up with names, addresses, Social Security numbers, and other personal data on some 80,000 students and employees in the state's university system.

Titus revealed his findings to a local television news station, WDSU, which issued a report yesterday. The FBI and the Louisiana Board of Regents are investigating the leak.

According to the WDSU report, Titus found much of the information on an internal Internet site operated by the Board of Regents, which oversees all of the state's higher education. Most of the network was password-protected, but the area containing the most potentially dangerous data -- including thousands of student Social Security numbers -- was not, he said.

Source - Forbes

Related - For Aaron's own report on this incident and additional information, see Privacy Podcast: Louisiana Board of Regents Breach

Curious. Could this be an old breach (e.g. TJX) or has a new “Retailer” had a data spill they aren't talking about yet? At least they won't be able to claim “We have no evidence of illegal use...”

http://www.pogowasright.org/article.php?story=20070720015832860

Breach forces M&T to reissue cards

Friday, July 20 2007 @ 01:58 AM CDT Contributed by: PrivacyNews News Section: Breaches

Thousands of M&T Bank Visa cardholders have been issued new cards because of a security breach at a major retailer.

Visa notified Buffalo-based M&T Bank that some of its customers' debit and credit cards may have been involved in the breach, M&T spokesman Chet Bridger said. The breach was not on M&T's side, but rather at the retailer, who Bridger declined to name. ... In its letter to customers, M&T said "some fraudulent activity" had already been reported both in and outside the U.S.

Source - Press & Sun-Bulletin

Very weird. (Sounds like he pawned it...)

http://www.projo.com/news/content/SC_RITACCO_LAPTOP_07-20-07_HE6EDB3.35543a7.html

State officials weigh in on recovered laptop

01:00 AM EDT on Friday, July 20, 2007 By Donita Naylor Journal Staff Writer

The case of a state Division of Taxation laptop computer reported stolen in March and reported found three weeks later is generating some carefully worded statements from the state police and the attorney general’s office.

Robert Ritacco, chairman of the Westerly Democratic Town Committee and until recently a senior tax auditor, reported that his state-owned laptop was stolen March 20 from his office at the Department of Administration Building on Capitol Hill in Providence.

State police Detective Christopher J. Dicomitis, in an affidavit filed April 13, said that Ritacco told Capitol police on April 9 that he had found the laptop April 7 in a computer bag in the trunk of his vehicle.

The affidavit said that Ritacco’s immediate supervisor, Robert Narcavage, went to Ritacco’s home April 10 to retrieve it, finding that Ritacco had been “de-fragging” it “to make it run faster and to get everything in order.”

A state police forensic examination found that the laptop had been used March 27 and April 2, 3 and 6, the affidavit says, by Internet user “bobr,” who had deleted or exported four files.

On the basis of the affidavit, Ritacco was arraigned April 20 on a charge of filing a false report of a crime. He pleaded not guilty, and on June 1 the misdemeanor charges were dismissed.

Mike Healey, a spokesman for the attorney general’s office, said the charges were dismissed “for a couple of reasons.” The one listed on the dismissal form was insufficient evidence, he said.

“Had Mr. Ritacco been allowed to plead to the misdemeanor,” Healey said, “that would have foreclosed any further charges, possibly felony charges, coming out of the same incident. After consulting with the state police, we dismissed the misdemeanor so the state police could fully investigate the matter.”

In the wrong hands. this would be a great technique for stealing SSANs.

http://www.pogowasright.org/article.php?story=2007071911353186

Resource: SSNBreach.org

Thursday, July 19 2007 @ 11:35 AM CDT Contributed by: PrivacyNews News Section: Breaches

The Liberty Coalition is sponsoring a new site where individuals can check to see if their personal information has been exposed. From their site's description of the search tool:

This site is a list of the names of individuals, some of whose personal information may have been exposed to others. The level of potential exposure for any name on this list will vary.

This website does NOT contain sensitive data, such as Social Security Numbers (SSN), Birth Dates, Addresses, and the like. Consequently, there is no way to search for your SSN or any other type of sensitive data on this site, so don’t bother looking.

Where possible, the database includes an indication of the way that your information was exposed, what information was exposed, and tools for your additional action or investigation to help correct any harm resulting from this exposure.

Source - SSNBreach.org

A foretaste of things to come? Goodbye athletic scholarships?

http://www.pogowasright.org/article.php?story=20070719180944464

Houston district keeping baseball stats private from parent

Thursday, July 19 2007 @ 06:09 PM CDT Contributed by: PrivacyNews News Section: Older News Stories

PogoWasRight.org Editor's note: if the district declares athletics statistics "Directory Information" and allows students and their parents to opt out of being listed, I suspect that would address any FERPA issues. As noted in the story, most districts definitely do not consider team/player statistics protected educational records.

The Houston Independent School District has denied a parent's request for the statistics of high school baseball players, citing a federal privacy law.

In April, Scott Rothenberg made a formal request for the statistics, such as hits and home runs, of players on the Bellaire High School baseball team.

He received a letter Tuesday from the district's lawyer telling him the information is private under the Family Educational Rights and Privacy Act.

Source - Associated Press

Even more ridiculous?

http://www.pogowasright.org/article.php?story=20070719185929669

EU: Mentioning someone by name on a web site

Thursday, July 19 2007 @ 06:59 PM CDT Contributed by: PrivacyNews News Section: Non-U.S. News

Colleague Karen McCullagh has pointed out a decision from the European Court of Justice that appears to suggest that the inclusion of identifiable personal data on a personal web page could run afoul of the European data directive.

Source - Concurring Opinions (blog)

[From the article: The full opinion can be found here.

Attention Class Action Lawyers? My experience: My database students sent me their Access final and Hotmail deleted it as “unidentified”

http://slashdot.org/article.pl?sid=07/07/19/2356217&from=rss

Hotmail Delivers Far Fewer Emails with Attachments

Posted by CowboyNeal on Friday July 20, @12:51AM from the dead-letter-office dept. Microsoft The Internet

biednyFacet writes "It has long been suspected that there is a silent policy that makes Hotmail automatically delete the majority of attachments to save on bandwidth and internal disk space. Therefore it really doesn't matter if every client has access to 2GB of storage since they don't deliver the attachments to fill that space up anyway. If that truly is the case, then Microsoft may be liable for several hundred million cases of conspiracy and mail fraud."

Well, we gotta pay for the war somehow!

http://yro.slashdot.org/article.pl?sid=07/07/19/1551242&from=rss

Executive Order Overturns US Fifth Amendment

Posted by kdawson on Thursday July 19, @01:03PM from the deprived-of-life-liberty-or-property-without-due-process-of-law dept. United States Politics

RalphTWaP writes "Tuesday, there wasn't even a fuss. Wednesday, the world was a little different. By executive order, the Secretary of the Treasury may now seize the property of any person who undermines efforts to promote economic reconstruction and political reform in Iraq. The Secretary may make his determination in secret and after the fact."

There hasn't been much media notice of this; the UK's Guardian has an article explaining how the new authority will only be used to go after terrorists.

Frequently worth listening to.

http://slashdot.org/article.pl?sid=07/07/20/055206&from=rss

Richard Stallman Talks on Copyright V. The People

Posted by CowboyNeal on Friday July 20, @03:32AM from the it-takes-a-village dept. Communications Networking

holden writes "Richard M. Stallman recently gave a talk entitled Copyright vs Community in the Age of Computer Networks to the University of Waterloo Computer Science Club. The talk looks at the origin of copyright, and how it has evolved overtime from something that originally served the benefit of the people to a tool used against them. In keeping with his wishes to use open formats, the talk and QA are available in ogg theora only."

Media strategy. Interesting

http://hbswk.hbs.edu/item/5711.html

Podcast: Rupert Murdoch and the Wall Street Journal

Published: July 19, 2007 Interviewer: James Aisner Running Time: 17 min., 15 sec.

... Meanwhile, the Journal reported on July 18 that ad revenue for newspapers fell 4.8 percent in the first quarter year-over-year as a major industry slump continues to worsen. The industry is now going through full-scale consolidation and reorganization in the face of competition from Internet properties.

The trend begs the question: Is Murdoch overpaying for Dow Jones?

... o listen to this interview with professor Bharat N. Anand, click on the triangular play button below.

New Jersey cures Global Warming?

http://www.sciencedaily.com/releases/2007/07/070719011151.htm

New Flexible Plastic Solar Panels Are Inexpensive And Easy To Make

Science Daily — Researchers at New Jersey Institute of Technology (NJIT) have developed an inexpensive solar cell that can be painted or printed on flexible plastic sheets. "The process is simple," said lead researcher and author Somenath Mitra, PhD, professor and acting chair of NJIT's Department of Chemistry and Environmental Sciences. "Someday homeowners will even be able to print sheets of these solar cells with inexpensive home-based inkjet printers. Consumers can then slap the finished product on a wall, roof or billboard to create their own power stations."

Stupid is as stupid does...

http://gizmodo.com/gadgets/darwin-at-work/why-you-shouldnt-smash-a-can-of-wd+40-280250.php

Why You Shouldn't Smash a Can of WD-40

You've gotta love natural selection caught on video.