Is this how everyone will handle data spills (since TJX was so successful)
http://www.allheadlinenews.com/articles/7008975169
Art.com's Website Hacked; Customers Alerted Of Possible Identity Theft
October 28, 2007 11:08 a.m. EST Harriette Cecilio - AHN News Writer
Emeryville, CA (AHN) - An online retailer of posters, prints and framed art on Saturday alerted customers that hackers had gotten into website to access credit card accounts. But the company offered assurances that it has beefed up security to avoid future attacks. [Translation: Current customers are screwed... Bob]
Art.com, which operates websites including Art.com and Allposters.com, said it is investigating the intrusion and asked its clientele to be more vigilant. [Translation: You are probably going to be screwed again Bob]
The Art.com chief said the cyberspace criminals gained systems entry despite "multiple security layers" [Translation: Our Captain Midnight Decoder Ring never let us down before Bob] and accessed some credit card transaction from July to September.
"To date, the company is unaware of any unauthorized use of those credit card numbers [Translation: Since we haven't told you before today, only psychics would know who to complain to. Bob] or any attempted identity theft related to the intrusion," a company statement said.
Wow almost a penny per stolen account! That's socking it to 'em
http://www.boston.com/business/globe/articles/2007/10/29/visa_fines_bank_after_losses_in_tjx_breach/
Visa fines bank after losses in TJX breach
By Ross Kerber, Globe Staff October 29, 2007
Visa USA issued $880,000 in penalties against a bank that processed transactions for TJX Cos., after an investigation of a computer hacking incident at the retailer.
Very interesting article with a Colorado connection. Also a “How to” for prospective laptop thieves.
http://www.sptimes.com/2007/10/28/Business/Here_s_how_a_slick_la.shtml
Here's how a slick laptop thief was foiled in Tampa
Smart, shrewd,determined. A serial thief was portrayed as all these. Here's how his alleged crime spree unraveled after a stop in Tampa.
By Scott Barancik, Times Staff Writer Published October 28, 2007
... Almly, of course, was not interested in the laptops' contents, and Outback had an ace up its sleeve. Nine of its 11 stolen laptops had been equipped with security software that transmits a stolen computer's physical location the moment a thief accesses the Internet with it.
See why I recommend full disk encryption? This makes it simpler for the iPhone, but riskier for the consumer.
http://www.psionplace.com/articles/2007/10/2007-10-26-Tip-iPhone-Buried.html
Tip: iPhone - Buried File Contains Personal Data
By James Alan Miller October 26, 2007
Those who've hacked their iPhone for disk access—a default feature for the iPod, by the way—have the chance to look at a dynamic-text.dat file located in /var/root/Library/Keyboard. The file contains personal words not in the default dictionary, even passwords, in apparently easy-to-read text. Doesn’t seem very secure or private, does it? As Tuaw.com points out, you may want to keep a close eye on this file, since it contains information you’ll likely want to keep away from prying eyes.
Would that extend to computers (anything) purchased with stolen credit cards? Seems logical to me.
http://www.journaltimes.com/articles/2007/10/26/local_news/doc4722c0d91dc18457628776.txt
No privacy right on a stolen computer, judge rules in child pornography case
By Janine Anderson Journal Times Friday, October 26, 2007 11:39 PM CDT
RACINE — A Racine County Circuit Court judge ruled Friday that an accused thief did not have an expectation of privacy to the contents of the allegedly stolen laptop, allowing prosecutors to continue with 27 charges of possession of child pornography in addition to the retail theft charge.
At night, they send in these little mechanical spiders to photograph your home. When they get the cameras small enough, they'll add them to the water supply and photograph your small intestines, then your DNA...
http://www.news.com/8301-10784_3-9805459-7.html?part=rss&subj=news&tag=2547-1_3-0-5
EveryScape brings 3D map views inside buildings
Posted by Elinor Mills October 28, 2007 9:01 PM PDT
The online mapping stuff just keeps getting better.
A company called EveryScape is launching on Monday a three-dimensional local search site that lets people "drive" down streets and even "walk" into buildings.
If you thought Google's Street View was cool, wait until you see how you can ski down the slopes in Aspen, Colorado, or whiz over taxicabs and pedestrians through the streets of New York, Boston, and Miami. The inside views of buildings are only available in Miami and Aspen right now.
... You can see a demo video of EveryScape here.
No privacy anywhere? Too obvious? Is there anyone who doesn't realize this?
http://www.dalgazette.ca/html/module/displaystory/story_id/1859/format/html/displaystory.html
Who's using your personal information?
James Munson Opinions Editor October 25, 2007
For many US schools, this warning comes too late.
http://slashdot.org/article.pl?sid=07/10/28/2119251&from=rss
UK Schools Warned Off Microsoft Deal
Posted by kdawson on Sunday October 28, @07:12PM from the do-not-sign-on-that-dotted-line dept.
rs232 sends in a BBC piece on the UK computer agency Becta advising schools against signing up for a Microsoft educational license because of alleged anti-competitive practices. "The problem was that Microsoft required schools to have licenses for every PC in a school that might use its software, whether they were actually doing so or running something else." We have discussed Becta's role in British education here several times as they have acted as a watchdog warning of perceived Microsoft excesses.
Are you insecure?
http://www.news.com/8301-10784_3-9806037-7.html?part=rss&subj=news&tag=2547-1_3-0-5
Test your email program
Posted by Michael Horowitz October 28, 2007 4:36 PM PDT
My last posting, Defending against a phishing email message, described a JavaScript trick bad guys use to make a link appear to go one place when it really goes somewhere else.
So that you can test if your email program (or webmail system) falls for this type of forgery, I created a test email message.
It is the nature of commodity services to be vulnerable to niche players.
http://slashdot.org/article.pl?sid=07/10/29/027211&from=rss
In Some Places, Local Search Beating Google
Posted by kdawson on Monday October 29, @03:03AM from the think-globally-search-locally dept.
babooo404 points out Newsweek coverage of Google focusing on areas in which the search giant may be vulnerable. In some countries outside the US, local competition is handing Google its head. In South Korea a company called Naver dominates. And in Russia, portal site Yandex leads in both search and advertising. In the Cyrillic language market Google is a distant third in search, and Yandex is trouncing Google in the advertising arena by 70% to 2%.
We now have the technology to create specialized legal (or any other discipline) archives whenever we feel the need. Ideas anyone?
http://www.theherald.co.uk/business/news/display.var.1791940.0.0.php
Legal archive free and online
DAVID BLACK October 29 2007
If you have anything to do with the law in Scotland and have not heard of CaseCheck yet, you soon will.
The brainchild of lawyer and legal technology consultant Stephen Moore, it is an online archive covering rulings by the Scottish courts and industrial appeals tribunals that went live on October 1, and it is free.
"It's like a mini-Wikipedia for Scotland's legal community," said Moore. "And I expect the main user-base to be lawyers in private practice, claims departments, in-house lawyers and law students."
Tools & Techniques: Feedback from my security students. Remember, they do this for a living...
http://sectools.org/crackers.html
Top 10 Password Crackers
... open source or commercial tools on any platform. Commercial tools are noted as such in the list below. No votes for the Nmap Security Scanner were counted because the survey was taken on a Nmap mailing list. This audience also biases the list slightly toward “attack” hacking tools rather than defensive ones.
http://www.mela.de/Unix/log.html
Log Analyzer
Free is good. (see next article)
http://mashable.com/2007/10/27/creative-commons/
25+ Sources For Creative Commons Content
October 27, 2007 — 11:17 PM PDT — by Sean P. Aune
Yesterday I complained that no one was looking for Math prodigies... I reiterate my complaint. No doubt, now every school will need to cover every sporting event with multiple video cameras and take over the computer lab for hours each day to edit the videos.
http://slashdot.org/article.pl?sid=07/10/28/0310230&from=rss
YouTube For High-School Jocks
Posted by kdawson on Sunday October 28, @08:07AM from the sports-videographers dept. The Internet Education
theodp writes "Used to be college scouts had to put in lots of miles to find a hick from French Lick. But thanks to the Internet, athletic recruiters no longer have to traipse out to actual games to find talent. The players are coming to them via links to video streamed from sports-info websites like Student-Athlete Showcase, iPlayers, and GetMyNameOut. The home-video-meets-NFL-Films highlight reels — which parents commission for a fee ranging from $300 to $5,000 — have become a standard component of college applications for jocks (as well as for aspiring actors, dancers, and musicians). One sales pitch: 'Are you willing to risk your child's potential scholarship with a homemade videotape? Remember, first impressions last forever!'"
No comments:
Post a Comment