Saturday, August 18, 2007

This should stir up the wasp's nest...

FISA Court Requires Bush Administration to Respond to ACLU's Request That Secret Court Orders Be Released

Friday, August 17 2007 @ 02:24 PM CDT Contributed by: PrivacyNews News Section: Surveillance

In an unprecedented order, the Foreign Intelligence Surveillance Court (FISC) has required the U.S. government to respond to a request it received last week by the American Civil Liberties Union for orders and legal papers discussing the scope of the government's authority to engage in the secret wiretapping of Americans. According to the FISC’s order, the ACLU’s request “warrants further briefing,” and the government must respond to it by August 31. The court has said that any reply by the ACLU must be filed by September 14.

Source - ACLU

A copy of the FISA court order, the ACLU's motion to the FISC, as well as information about the ACLU's lawsuit against the NSA and other related materials are available online at:

Tools & Techniques: The opposite of identity theft? Build yourself a credit history from scratch?

Employment Verification Services

Total Access Inc.

Everyone today needs employment to purchase a house, car, etc. You also need employment to rent an apartment or house. The problem is that everyone is not employed. We have a solution for you. We have provided assistance for those whom are not employed but need verification of employment for any purchasing purpose.

... In our database, your information will be stored as an independent contractor under our company name. Your name will be printed on our paycheck stubs as an advance.

Our Services:

-Corporate Name

-Corporate Address

-Corporate Telephone Number

-Paycheck Stub

Contact us at the number provided to get you started.

Cost Per Stub $55.00

Telephone Verification $25.00

If you thought that was amusing, try this one...

Attention Class Action Lawyers! If an ISP can select the traffic it will or won't carry, and change that selection without notice, shouldn't that void the contract? What if they choose to stop all access to sites ending with “edu” or “gov”????

Comcast Throttles BitTorrent Traffic, Seeding Impossible

Written by Ernesto on August 17, 2007

Over the past weeks more and more Comcast users started to notice that their BitTorrent transfers were cut off. Most users report a significant decrease in download speeds, and even worse, they are unable to seed their downloads. A nightmare for people who want to keep up a positive ratio at private trackers and for the speed of BitTorrent transfers in general.

ISPs have been throttling BitTorrent traffic for almost two years now. Most ISPs simply limit the available bandwidth for BitTorrent traffic, but Comcast takes it one step further, and prevents their customers from seeding. And Comcast is not alone in this, Canadian ISPs Cogeco and Rogers use similar methods on a smaller scale.

Unfortunately, these more aggressive throttling methods can’t be circumvented by simply enabling encryption in your BitTorrent client. It is reported that Comcast is using an application from Sandvine to throttle BitTorrent traffic. Sandvine breaks every (seed) connection with new peers after a few seconds if it’s not a Comcast user. This makes it virtually impossible to seed a file, especially in small swarms without any Comcast users. Some users report that they can still connect to a few peers, but most of the Comcast customers see a significant drop in their upload speed.

... Customers on the other hand like to fully use their connection, and don’t agree that traffic shaping is the correct solution. One reader commented: “If you pay for an internet connection, that’s what you should get from your ISP — an internet connection. Not a connection that will let you browse the web and check email, but little else. If an ISP has issues with the amount of data a customer is transferring, then the ISP needs to address that issue with that customer, and not restrict every user in one class of traffic.”

Several articles today on how to use and abuse emerging business models...

Hip Hop Stars Understand The Real Business Models For The Music Industry

from the making-all-the-scarce-goods-valuable dept

It's funny every time we hear someone say that the music industry is in trouble. There's very little evidence that's true. More music is being produced today than ever before -- and plenty of people are still making a ton of music in the music business. What's actually in trouble is the traditional recording industry, which is quite different than the music industry. When we point out business models for musicians, we seem to get a lot of pushback, but there's more and more evidence that artists are successfully embracing the model we've put forth -- and they're raking in the cash doing so. Forbes just came out with a report about how much money the top hip hop artists are making, and they're doing quite well. However, it's not because of just the music, but how they've used the music to sell all sorts of other things.

It's exactly the model we described (though, many could probably do even better if they further embraced freeing their music). The music itself is an infinite good and can be used to the musician's advantage to make scarce goods much more valuable. As Lea Goldman, the associate editor at Forbes who put together the story notes: "they are smart enough to know that it's not just about selling albums. That'll keep you going for maybe two, three years tops. It's about building an empire and plowing those earnings into lasting businesses that will generate income long after the music stops selling." For some artists, that means branching out into totally different businesses. When people attack the business model we've described, they snicker at "selling t-shirts." However, the article notes that hip hop artists are creating full lines of clothing that sell well and sell for a premium because of their association with the artist. Also, the successful hiphop stars all seem to recognize one of the key "scarce" resources they can sell: an association with themselves. Many of these musicians took in millions by doing sponsorships, by producing other musicians albums or simply by appearing on other musicians' recordings. So, can we now set aside the myth that the music industry is in trouble? It's only in trouble if you're solely in the business of selling plastic discs -- and that's because those discs are increasingly obsolete.

Confusing tactics with strategy...

On The Stupidity Of Blocking Firefox Users

from the think-this-through-for-a-second... dept

Ferin alerts us to a story at Slashdot about some new campaign among some websites to block Firefox users. To be honest, it's tough to know how real this is. The actual site is down from the Slashdot Effect, and it certainly hadn't received much attention before. Even if it is real, it seems unlikely that many sites would sign up and take part. Most people just aren't that stupid. However, assuming (big risk here) that the campaign is real and some sites actually are doing this, it's worth explaining why it makes no sense. The complaints are basically that Firefox users "spend less" and sometimes use extensions like ad block to block out ads. Even if true (and it's only a small percentage of people who use ad block), that makes no sense if you understand the bigger picture. First of all, they tell people to go use other browsers -- but if those people aren't going to click on ads anyway, then they're still not going to click on ads from other browsers.

Just like with the full vs. partial RSS debate, people need to get past the idea that every single visitor needs to be monetized. Instead, recognize the indirect benefits of having more users. Even if a Firefox user doesn't buy something or click on an ad, he or she may tell someone else about the site and they may click on an ad or buy something. Word of mouth is an ongoing process -- and even if someone doesn't directly contribute to the revenue of a site, the fact that they potentially could cause others to drive revenue is the key. For example, here at Techdirt, we make our money by connecting companies that need insightful analysis with the experts in the Techdirt Insight Community for collaborative analysis and by providing news and trend analysis to all sorts of companies, large and small. Techdirt, the blog, helps promote those services -- even if the vast majority of our readers never pay for either service. However, they've helped make Techdirt incredibly popular, driving additional brand recognition and helping us sell a lot more from the corporate side of the business. So even though only a tiny percentage of our readers provide revenue, there's tremendous benefit in getting as many others aware of us and reading the blog as possible.

Similar problem...

The Underground iPhone Users Of Vermont Trying To Hide From AT&T

from the how-dare-these-people-want-to-give-us-money dept

It's no secret that Apple's new iPhone is quite popular across the nation, with competitors everywhere trying to figure out how to respond. There certainly have been some complaints about some of the limitations imposed by the iPhone, but people everywhere are trying to find workarounds. Tech.Blorge alerts us to the fact that a bunch of iPhone users in Vermont have had to go virtually underground to get and use iPhones. The problem, apparently, is that since AT&T has an exclusive deal to offer the iPhone, they don't want people using it primarily on roaming networks. Right now, you cannot get AT&T wireless service in Vermont -- and AT&T's contract threatens to cut off anyone who buys or uses an iPhone there. Of course, that's not going to stop some people, who are ordering iPhones from elsewhere and even setting up P.O. Boxes out of state where the 300 page iPhone bills can be sent. They know that they're risking being cut off but they just can't help it. For their part, AT&T insists that they will cut off anyone they find who lives in an area not served by AT&T wireless (which is actually a fairly large area), or anyone who uses more than 40% of their iPhone time on roaming networks. This, of course, is a bit ridiculous. These people want to pay money. They're happy customers or both Apple and AT&T -- and the company wants to cut them off. If expense is the problem, they should just charge them more for roaming, but cutting them off completely in the name of an exclusivity contract doesn't make any sense. It makes the iPhone and wireless service from AT&T less valuable, which is exactly the opposite of what the exclusivity clause was supposed to do.

Something for my Web Site class? - Fun with Animated Shorts

posted 4 Hours 17 Minutes ago by Siri | Visit

Fuzzwi ch lets anyone create animated shorts using a pre-made cast of characters and backdrops. Just drag and drop elements into the screen, change backgrounds, try out different soundtracks ... and presto, you’ve got your very own cute and clever video short.

... It’s really insanely simple—your two year old toddler could whip up something brilliant.

Something to bookmark? The citation builder is interesting... - Your School Search Engine

posted 7 Hours 48 Minutes ago by alanjay | Visit

On you can do a Google search, a dictionary search, an acronym search, encyclopedia, wikipedia, thesaurus, an urban dictionary search, a search to help find citings for book reports, a book summary search, text translator and a unit converter; all on the same page.

...for Study Groups? - Highlight Online!

posted 4 Hours 44 Minutes ago by madbsas | Visit

Now that all schoolwork and documents are posted online people are faced with the challenge of annotating and marking important passages without pen and paper.

... Now, has made it possible to highlight and make notes on online documents. On this site users can also form groups who can work on the same document, but in different colors, to collaborate on projects.

Friday, August 17, 2007

The plot sickens...

TJX Security Breach Described

Posted by kdawson on Thursday August 16, @06:22PM from the details-emerging dept.

Bunderfeld notes more details coming out about how bad guys got into the TJX network. Last time we discussed this, the best information indicated that a WEP crack had started the ball rolling. Now we learn that instead, or in addition: "Poorly secured in-store computer kiosks are at least partly to blame for acting as gateways to the company's IT systems, InformationWeek has learned. According to a source familiar with the investigation who requested anonymity, the kiosks, located in many of TJX's retail stores, let people apply for jobs electronically but also allowed direct access to the company's network, as they weren't protected by firewalls. 'The people who started the breach opened up the back of those terminals and used USB drives to load software onto those terminals,' [...and no one noticed? Bob] says the source. In a March filing with the Securities and Exchange Commission, TJX acknowledged finding 'suspicious software' on its computer systems."

Looks like this technique is spreading...

Shocked shoppers and retailers tighten up on debit card use

Catherine Rolfsen Vancouver Sun Friday, August 17, 2007

Shoppers are thinking twice about using debit cards and retailers are taking extra precautions after a spate of PIN pad frauds victimized at least 200 consumers and four stores at Park Royal Shopping Centre.

West Vancouver police revealed Thursday that Whole Foods, Athletes World, SportChek, and Purdy's Chocolates all had compromised PIN pads planted in their stores between April and July.

The day before, police had refused to identify the affected businesses. Cpl. Fred Harding said he's satisfied none of the stores were complicit in the scheme, in which the rigged devices recorded customer information. Thieves later retrieved them and used the information to create counterfeit cards. [If the thieves retrieved them, would there be any evidence that this happened in many more stores? Bob]

... Although he said he's confident all of Park Royal's compromised PIN pads had been identified, [...then something is missing from this story... Bob] the scam could be reproduced any time.

"Just because you may not have shopped in one of these shops doesn't mean you haven't been targeted," Harding said. [Huh? Bob]

... Whole Foods announced Thursday it would replace all debit units with ones that are affixed to the register, while Purdy's decided to suspend its debit card system until the integrity of each terminal is determined.

United Colors of Benetton assistant manager Debra Lee McCormick said her shop has upped security around PIN pads.

"We used to leave it up here," McCormick said, pointing to her counter. "Since we got the notice, after the transaction's over we just put it away."

Iron Mountain spills data again... A good example of how to kill your reputation.

Personal Checks Discovered Blowing Down Street

Thursday, August 16 2007 @ 04:46 PM CDT Contributed by: PrivacyNews News Section: Breaches

When Matt Zimmerman and Al Tincher decided to take a lunchtime walk, escaping their New Hope, Minn. offices, they were looking for some exercise. Instead, they found a personal check.

.... In all, three personal checks were found, all with names, addresses and bank account numbers. One check even had a driver's license number. They were all discovered on the same block as a document shredding facility.

... The document shredding company in New Hope is owned by Iron Mountain, a Boston, Mass. information protection and storage corporation.

... Mahoney indicated that Iron Mountain was moving out of the New Hope building, and it's possible that during that process, some non-shredded checks ended up outside the building, on the street.

Source - WCCO

Coverage should be interesting.

NSA Judge: 'I feel like I'm in Alice and Wonderland'

By Kevin Poulsen EmailAugust 15, 2007 | 6:33:00 PMCategories: NSA

Ryan Singel and David Kravets are blogging the U.S. 9th Circuit hearing on the NSA's spying, and AT&T's alleged complicity, reporting live from the San Francisco courthouse. Hit 'refresh' in your browser and scroll to the bottom for updates.

David Kravets' Analysis of the political meaning of today's NSA Hearing

Ryan Singel's Analysis: Some Secret Documents Are Too Secret Even for Critical Judges

Audio of the NSA Appeals Court Hearing

This is an oldie, but a goodie...

Thursday, August 16, 2007

Listen to yourselves people. We would NEVER try going through your security (trivial though it may be) we would simply pull the drive and use easily available forensic tools.

Computer containing personal data on over 50,000 people stolen from hospital

Thursday, August 16 2007 @ 05:52 AM CDT Contributed by: PrivacyNews News Section: Breaches

A laptop computer containing personal information and medical records of 51,156 people was stolen from Toshiba General Hospital, hospital officials announced Thursday. Officials said the computer contained the names, dates of birth and test data of 51,156 people. They said that since a password was required to log on to the computer, it would be difficult for anyone else to view the personal information.

Source - Mainichi Daily News

Simple IT error (probably by an entry level employee). Makes you wonder who took over their business?

Medical IT Contractor Folds After Breaches

Wednesday, August 15 2007 @ 07:27 PM CDT Contributed by: PrivacyNews News Section: Breaches

Blamed for privacy breaches at five different hospitals, Verus Inc. silently closes its doors

Source - Dark Reading

Related - Verus Inc. and patient privacy breaches (Chronicles of Dissent, June 10, 2007)

Follow-up. HP problems not done yet!

CNET reporters sue HP for invasion of privacy

Wednesday, August 15 2007 @ 05:14 PM CDT Contributed by: PrivacyNews News Section: Businesses & Privacy

The fallout from Hewlett-Packard's boardroom leak scandal continued Wednesday as three CNET reporters sued the computer maker, alleging that its investigation tactics amounted to an invasion of privacy and a violation of state rules on business practices.

Complaints were filed on behalf of reporters Dawn Kawamoto, Stephen Shankland and Tom Krazit in California Superior Court for the County of San Francisco. Kawamoto's husband, plus Shankland's wife and parents, also filed their own suits Wednesday, according to court documents. All seek unspecified damages.

Source - C|net

Follow-up. You don't need hackers, just IT systems with no means of identifying (and correcting) simple problems.,1,6802259.story?ctrack=2&cset=true

LAX outage is blamed on a single computer

City officials demand a full report on the U.S. Customs system failure and contingency plans.

By Tami Abdollah, Los Angeles Times Staff Writer August 15, 2007

U.S. Customs officials said Tuesday that they had traced the source of last weekend's system outage that left 17,000 international passengers stranded in airplanes to a malfunctioning network interface card on a single desktop computer in the Tom Bradley International Terminal at LAX.

The card, which allows computers to connect to a local area network, experienced a partial failure that started about 12:50 p.m. Saturday, slowing down the system, said Jennifer Connors, a chief in the office of field operations for the Customs and Border Protection agency.

As data overloaded the system, a domino effect occurred with other computer network cards, eventually causing a total system failure a little after 2 p.m., Connors said.

... The system was restored about nine hours later, only to give out again late Sunday for about 80 minutes, until about 1:15 a.m. Monday. The second outage was caused by a power supply failure, Connors said. But customs officials are investigating whether the Saturday incident may have played a role in Sunday's outage.

Attention conspiracy theorists!

Source Disclosure Ordered in Anthrax Suit

By Carol D. Leonnig Washington Post Staff Writer Tuesday, August 14, 2007; A02

Five reporters must reveal their government sources for stories they wrote about Steven J. Hatfill and investigators' suspicions that the former Army scientist was behind the deadly anthrax attacks of 2001, a federal judge ruled yesterday.

The decision from U.S. District Judge Reggie B. Walton is yet another blow to the news industry [That remains to be seen. If they were dupes, then I agree. Bob] as it seeks to shield anonymous sources who provide critical information -- especially on the secret inner workings of government.

"The names of the sources are central to Dr. Hatfill's case," Walton wrote in a 31-page opinion.

... The judge turned down a companion bid by Hatfill to subpoena testimony from corporate representatives and records from ABC, The Washington Post, Newsweek, CBS, the Associated Press, the Baltimore Sun and the New York Times. He said he would reconsider the ruling on the media companies if the reporters continue to refuse to reveal their sources.

It does no good to spend money on technology you don't know how to use... (If the cameras were any good, they would have been stolen by now!)

S.F. public housing cameras no help in homicide arrests

Heather Knight, Chronicle Staff Writer Tuesday, August 14, 2007

The 178 video cameras that keep watch on San Francisco public housing developments have never helped police officers arrest a homicide suspect even though about a quarter of the city's homicides occur on or near public housing property, city officials say.

Nobody monitors the cameras, and the videos are seen only if police specifically request it from San Francisco Housing Authority officials. The cameras have occasionally managed to miss crimes happening in front of them because they were trained in another direction, and footage is particularly grainy at night when most crime occurs, according to police and city officials.

... The city has its own security camera program with 70 cameras in 25 high-crime locations. None of them is on federal housing authority property, but many of them are positioned at street corners right outside them. The city cameras operate in much the same way; they are not routinely monitored in part due to privacy concerns, but footage is available to police upon request.

... He added that he thinks the cameras may have "a scarecrow effect" in that they give residents the feeling they are safer when they actually have little impact on crime.

Just another illustration of how to exploit existing technology...

To Catch an iPod Thief

By Eddie Kovsky The Idaho Business Review 08/16/07 4:00 AM PT

It took them about a month to put together, but once Blackfin Technology proved it could track down a stolen iPod, NBC went to work getting the iPods stolen for a hidden-camera segment on "Dateline NBC." The iPods were packaged new in the box and left in bags in public places, where Dateline's hidden cameras recorded their disappearance.

... According to a statement from NBC, the iPod's iconic status has also made it an easy target for thieves. "Dateline" wanted to confront the people who steal the portable music player and find out if Apple can track the stolen devices on its own. [You could ask... Bob]

In order for NBC to pull off the story, it needed to be able to track the iPod after it got stolen.

Four programmers and a project manager at Blackfin Technology were able to do it.

... "We had to be careful we didn't violate license agreements, didn't impersonate Apple or violate trademarks," Jewell said.

Blackfin was also constrained by what NBC would allow. Jewell said the company had to run all its ideas by a privacy officer at General Electric (NBC's corporate parent).

... The Blackfin team had to assume that anyone who picked up the iPod would be an unwilling participant, but Blackfin still had to get them to intentionally share their data.

"We locked the device unless the user took steps to help us," Jewell said.

... "We made users think it was okay," Jewell said.

The new user had to consent to what Blackfin was doing.

"The license agreement on the iPod said clearly we are gathering information on who you are, where you live, and it could be made public as a result," Jewell said.

Jewell said it was amazing how much information he and his team were able to gather -- they had much more data than they needed to find out who each person was and where they lived.

Another tool for hackers

New Online Tool Unmasks Wikipedia Edits

By BRIAN BERGSTEIN AP Technology Writer Aug 15, 3:54 PM EDT

What edits on Wikipedia have been made by people in congressional offices, the CIA and the Church of Scientology? A new online tool called WikiScanner reveals answers to such questions. - Find Out Who's Behind the Edits

posted 4 Hours 23 Minutes ago by Siri | Visit

,,,and yet another.

New URI Browser Flaws Worse Than First Thought

Posted by samzenpus on Thursday August 16, @05:00AM from the bad-to-worse dept. Security The Internet

narramissic writes "URI (Uniform Resource Identifier) bugs have become a hot topic over the past month, since researcher Thor Larholm showed how a browser could be tricked into sending malformed data to Firefox. Now, security researchers Billy Rios and Nathan McFeters say they've discovered a number of ways attackers could misuse the URI protocol handler technology to steal data from a victim's computer. 'It is possible through the URI to actually steal content form the user's machine and upload that content to a remote server of the attacker's choice,' said McFetters, a senior security advisor for Ernst & Young Global Ltd. ' This is all through functionality that the application provides.'"

It's interesting that RIAA's lawyers can't even out-think non-lawyers in these cases.

Boston Judge Denies RIAA Motion for Judgment

Posted by samzenpus on Wednesday August 15, @11:45PM from the make-it-slow-and-painful dept.

The Courts

NewYorkCountryLawyer writes "In a Boston case, Capitol v. Alaujan, the defendant is representing herself, without a lawyer. Nevertheless, the Judge denied the RIAA's motion for summary judgment, which the RIAA had based upon the defendant's alleged failure to respond to the RIAA's Request for Admissions. The Court's decision (pdf) held that the RIAA had served its requests for admission prematurely, prior to the conduct of any discovery conference. The Court also noted that the RIAA had upped the ante quite a bit, trying to get a judgment based on 41 song files, even though it had originally been asking for judgment based on 9 song files. This would have increased the size of the judgment from about $7,000 to about $31,000. The Judge scheduled a discovery conference for October 23rd, at 2:30 P.M. and ordered everybody to attend. Such conferences are open to the public."

If demand hasn't changed, the “problems” traditional news sources face must be on the supply side...

August 15, 2007

Analysis - Two Decades of American News Preferences

Two Decades of American News Preferences, Analysis by Michael J. Robinson - Released: August 15, 2007 (36 pages, PDF): "Although the size and scope of the American news media have changed dramatically since the 1980s, audience news interests and preferences have remained surprisingly static. Of the two major indices of interest that are the focus of this report -- overall level of interest in news and preferences for various types of news -- neither has changed very much. This has been especially true for news preferences; Americans continue to follow -- or to ignore -- the same types of stories now as they did two decades ago. News "tastes," measured among 19 separate categories of news, have barely shifted at all: Disaster News and Money News continue to be of greatest interest to the U.S. public; Tabloid News and Foreign News remain the least interesting."

Yet another reason to beat your children. Force them to read this and get started supporting in the style you deserve!

The secrets of a teen's Internet success

By Stefanie Olsen Story last modified Thu Aug 16 06:05:38 PDT 2007

Internet start-ups have a legacy of twenty-something founders. Just look at Microsoft, Yahoo and Google.

But that esteemed age limit is lowering.

Catherine Cook, the 17-year-old co-founder of, hatched the idea for her now-thriving online yearbook site when she was a sophomore in high school. Now, in little less than two years, the site is making millions in annual revenue from advertising, Cook said, and attracts more than 3 million monthly visitors, according to research firm ComScore. (In 2006, it raised $4.1 million in venture funding from U.S. Venture Partners and First Round Capital.)

Hey! I had the same idea years ago – only different.

3D Animations In Mid-Air Using Plasma Balls

Posted by kdawson on Wednesday August 15, @02:36PM from the what's-that-crackling-sound dept.

An anonymous reader clues us to research at Japan's National Institute of Advanced Industrial Science and Technology that has produced the ability to make animations by creating small plasma balls in mid-air. The technology doesn't use vapor or strange gases, just lasers to heat up oxygen and nitrogen molecules above the device: up to 1,000 brilliant dots per second, which makes smooth motion possible. When the tech improves it could be used for street signs or advertising.

Hide this story from your children! (It's the Hershey lobby in action!)

Chocolate Toothpaste is Better than Fluoride, Researchers Say

For a healthy smile brush between meals, floss regularly and eat plenty of chocolate? According to Tulane University doctoral candidate Arman Sadeghpour an extract of cocoa powder that occurs naturally in chocolates, teas, and other products might be an effective natural alternative to fluoride in toothpaste.

Wednesday, August 15, 2007

TJX has been very quiet on their data spill. Will the cost force them to start talking – at least to the stock analysts?

(update) TJX profit plunges on costs from massive data breach

Tuesday, August 14 2007 @ 09:48 AM CDT Contributed by: PrivacyNews News Section: Breaches

TJX's second-quarter profit was cut by more than a half as the discount store owner recorded a $118 million charge due to costs from a massive breach of customer data.... About one-tenth of the charge from the data breach was to cover costs this past quarter. The rest is a reserve to cover future expenses from lawsuits, investigations, and other items.

Source - Associated Press

More detail from:

... The second-quarter charge, which dwarfed the charge the company took in its past two quarters, includes $11 million for costs incurred during the latest quarter, and $107 million for a reserve to cover potential losses.

TJX's 8K is here:

It's not always computers...

Coast Guard loses 3,500 sensitive records

Tuesday, August 14 2007 @ 07:48 PM CDT Contributed by: PrivacyNews News Section: Breaches

Thousands of documents containing sensitive personal information about Coast Guardsmen and their families have gone missing in Washington, D.C.

The service is investigating the disappearance of roughly 3,500 documents that contain case synopses of service members’ involvement with the Coast Guard Special Needs Program and the Family Advocacy Program.

Family advocacy pertains to domestic violence issues, child abuse or neglect and sexual abuse.

Source - Navy Times

[From the article: The Coast Guard believes that the paper files disappeared when its Health and Safety and Work-Life Directorate moved from the main Headquarters building to a neighboring facility.

...But that does make it easier.

Personal information stolen from Idaho Army National Guard

Wednesday, August 15 2007 @ 12:47 AM CDT Contributed by: PrivacyNews News Section: Breaches

A small computer drive containing Social Security numbers and other personal information about every Army National Guard soldier in Idaho has been stolen, a National Guard spokeswoman said Tuesday.

The device containing information on roughly 3,400 soldiers was stolen Monday night out of a soldier's car while she was traveling in the Treasure Valley on official duty, Lt. Col. Stephanie Dowling said. Officials hope the person who stole the drive _ along with other computer equipment and personal items _ doesn't know what he has.

Guard members were being notified by phone and mail.

Source - Times-News

If a bank fails, the Feds secure all the records until the assets are taken over by another bank. Apparently there is no parallel in the health care industry?

Boxes of patient records exposed

Wednesday, August 15 2007 @ 06:30 AM CDT Contributed by: PrivacyNews News Section: Breaches

Thousands of abandoned medical files -- including psychological records as recent as 2001 -- have been discovered by residents in a vacant building [Is it me, or aer editors no longer editing? Bob] near a bankrupt hospital on the Detroit-Hamtramck border.

It's a repeat of a problem that emerged late last year at the Greater Detroit Hospital on Carpenter near Jos. Campau. In a matter of months, the hospital was stripped by thieves of everything from copper piping to windows, exposing rows of abandoned patient files.

On Tuesday, a lawyer for the hospital's defunct owners, Quality Health Plan, had staffers remove the files from a nearby building after receiving calls from The Detroit News. .

Source - Detroit News

One justification is certain to be: This has been successfully tested in Great Britain – we're just keeping up...

Manhattan 1984

Posted by samzenpus on Wednesday August 15, @04:10AM from the watching-you dept. Privacy Technology

Etherwalk writes "The New York Times is reporting on developments in the quest to charge driving fees for all vehicles headed below 86th Street in Manhattan. Notably absent from any part of the discussion is that a record is made of every car or truck that enters, together with the vehicle ownership information and the date and time of travel — either as part of EZ-Pass or in license-plate photos taken for subsequent billing."

There's a market for your personal data. Shouldn't you at least get a percentage?

Personal Cell Phone Numbers Are Only a Click Away

Tuesday, August 14 2007 @ 08:10 PM CDT Contributed by: PrivacyNews News Section: Businesses & Privacy

Home phone numbers have been available to the public for a long time, so many Americans treasure the fact that their cell numbers can be kept private -- or so they think. Now, all it takes is a few bucks and Internet access to find tens of millions of personal cell phone numbers.

A Web site named Intelius has created a clearinghouse of cell phone numbers that can be purchased online for $15 each. Its source -- every business and company you've ever provided with your personal information.

... Intelius already has 90 million cell phone numbers, and it's adding 70 million more in the coming days, along with the addresses that go with them.

Source - ABC

“We don't need no stinking contract!” Steal the market, I love it!

Community Wi-Fi comes to San Francisco

Company called Meraki will give away wireless routers in attempt to blanket the city with free Wi-Fi access.

By Marguerite Reardon Staff Writer, CNET Published: August 14, 2007, 9:00 PM PDT

While EarthLink and Google are still hammering out details of their citywide Wi-Fi contract with San Francisco officials, a company called Meraki plans on blanketing the city with free Wi-Fi using volunteers who will deploy and manage the equipment themselves.

Not everyone follows this news, but many gooks and bloggers see this as another part of an ongoing pattern of arrogance.

RIAA Short on Funds? Fails to Pay Attorney Fees

Posted by Zonk on Tuesday August 14, @05:40PM from the must-be-because-of-all-those-lost-record-sales dept. The Courts Music The Almighty Buck

NewYorkCountryLawyer writes "Can it be that the RIAA, or the "Big 4" record companies it represents, are short on funds? It turns out that despite the Judge's order, entered a month ago, telling them to pay Debbie Foster $68,685.23 in attorneys fees, in Capitol v. Foster, they have failed to make payment. Ms. Foster has now had to ask the Court to enter Judgment, so that she can commence 'post judgment collection proceedings'. According to Ms. Foster's motion papers (pdf), her attorneys received no response to their email inquiry about payment. Perhaps the RIAA should ask their lawyers for a loan?"

Online niche: Slicing legal advice into easily digested bits... - Fight Smarter

posted 8 Hours 20 Minutes ago by micaela | Visit is a revolutionary website which advises its users on how to evade paying fines for traffic violations. The brainchild of a group of ex-police officers and radar manufacturers, allows its users to select the applicable citation from a menu, and then download a list of questions which they should ask in court for $19.99 per citation. The site is extremely user-friendly and easy to navigate. Testimonials are provided for proof of the site´s legitimacy, and users may contact the site´s administrator with any further questions. Even better, the site provides a ¨free sample¨ for the skeptical client.

Here's a legal niche that needs filling. (I'd be happy to consult...)

So You Want To License Some Music For That YouTube Video...

from the you-want-to-do-what-now-with-the-whotube? dept

Ray Beckermann points us to an opinion piece by Shelly Palmer, who is President of the National Academy of Television Arts & Sciences. Palmer's article is officially about why it's dumb for music publishers to join in the mad rush to sue Google/YouTube over not getting royalties for songs used in YouTube videos. However, he actually makes a point that goes well beyond the futility of suing, by showing how ridiculous the licensing process is today. Basically, there are numerous different rights that you need to secure, and each may require a different negotiation with a different party -- and almost no one makes it easy to figure out who you need to talk to about what. In other words, even if people did want to properly license the music playing in their background while making a home video of their toddler dancing, it's probably not even possible.


A Look At How Much VMware Left On The Table

from the ipo-madness dept

Back during the dot com bubble when startups with no track record were going public on a regular basis with huge first day pops in stock prices, it got many people thinking that such first day jumps were a good sign. In fact, some companies bragged about having the largest first day jump. We haven't seen much of that lately, but it may be coming back after VMware's public offering. VMware shares priced at the top of their range at $29/share, but opened this morning at a whopping $52/share. VMware, of course, was supposed to have been one of the potential hot IPOs in the class of 2004, but decided to accept a buyout offer from EMC instead. This turned out to be a great decision, as the company has grown a tremendous amount under EMC, and today's IPO is for a much more substantial VMware than we would have seen three years ago.

However, since there are plenty of folks who probably weren't around during the last bubble to learn this lesson, it's important to remind everyone why first day stock pops like VMware's are not a good thing, and certainly not something worth bragging about. The difference in price is actually an indication of how much money VMware left on the table. Yes, the company raised nearly a billion dollars by selling shares at $29, but it missed out on the money it could have taken if the shares had been priced closer to the $52 the market has clearly valued its shares at. In other words, it sold all those shares at about 55% of what the market valued the company at. Not such a great thing to brag about now. Of course, there are some advantages to having the first day pop. It does act as a PR mechanism, and it certainly does bode well for VMware if they want to sell more shares to raise more money. However, right now, it certainly looks like the company left approximately $750 million on the table that was snapped up by those trading the stock, rather than the company itself.

We love our customers – Sony style

EIF: Home abusers can be turned off and banned, warns Sony

Matt Martin 13:39 (BST) 14/08/2007

Home boss discusses bannings and branding for mature users

Peter Edward, director of the Home platform for Sony, has told an audience at the Edinburgh Interactive Festival that users who consistently abuse the upcoming Home service face having their machines banned and disabled from being used online.

In an admittedly radical but possible step, Edward noted that a serious abuser would "have to move house and buy a new PS3 before they could get online again."

A couple of years ago, Google was buying up “dark fiber” cheap, because supply far exceeded demand.

Report: Cable companies facing big bandwidth crunch

By Eric Bangeman | Published: August 14, 2007 - 11:22PM CT

If you're starting to become frustrated with the download speed of your cable ISP or the relatively low number of HD channels available, you ain't seen nothin' yet. Your local cable provider will soon be faced with a serious bandwidth crunch, according to a new report released by ABI Research. The problem comes from more demanding applications, including high-definition video, video on demand, online gaming, and higher-bandwidth Internet applications. The result? Big problems—like fewer HD channels and sputtering download speeds—if the industry doesn't respond to the challenges in front of it.

The nice thing about this type of request is that it gets answered! Several good ideas (and some pointed comments) here...

Backing Up Laptops In a Small Business?

Posted by kdawson on Monday August 13, @06:24PM from the against-disaster-the-gods-themselves dept. Data Storage IT

Bithmus writes "I have been tasked with finding a way for our company to handle our laptop backups. We currently have nightly backups of our servers, but no backups of laptops. In our business we develop, implement, and sell another company's software; I guess that makes us a Valued Added Reseller. During development our consultants will create copies of a customer's database on MSDE on their laptops. If a hard drive crashes, all of the work done on that laptop is lost. There are other files that need to be saved, but the databases are really the important items. Ideally these databases would be stored on the SQL servers and the other files stored on the file server, but this is not happening. What do Slashdot readers do to protect data on laptops or computers outside of a local network?"

[Ths looks particularly interesting...

Have no fear. SuperDuper v2.1.4 is here!

SuperDuper is the wildly acclaimed program that makes recovery painless, because it makes creating a fully bootable backup painless. Its incredibly clear, friendly interface is understandable, easy to use, and SuperDuper's built-in scheduler makes it trivial to back up automatically. And it runs beautifully on both Intel and Power PC Macs!

For my web site class... - Flash Games For All

posted 3 Hours ago by Siri | Visit

Blazzam is a game/entertainment site which also partakes in this tremendously popular social concept going around the internet. Thus, not only can you download games, wallpapers and catchy ringtones, you can also get down and friendly with your fellow Blazzam members. Games are grouped by type; you’ll find action games, puzzles, sports games, adventure games, and games for everyone. All games are flash based so they’re pretty quick to load and if you’ve got a Java enabled cell you can play them on the go. Members cans communicate via the forums; they can rank downloads and upload their own content. As with many other sites there are no usage fees; also the site is available in Spanish and English.

Tuesday, August 14, 2007

What does this suggest? A few out-of-control employees? Management that doesn't notice? This would seem to be an extremely risky thing to do... or am I wrong?

AT&T admits it censored other bands

Posted by Marguerite Reardon August 13, 2007 3:44 PM PDT

It looks like Pearl Jam isn't the only band that has had its politically charged comments bleeped from concerts streamed from AT&T's Blue Room Web site.

AT&T issued a statement on Friday admitting that this kind of thing has happened before. And the company once again apologized.

... Exactly how many performances have been edited is unknown. AT&T hasn't specified. Nor has it said what exactly it's doing to ensure that this won't happen again.

... AT&T originally said that it only edits Blue Room Webcasts for profanity since the site is available to all age groups. But a group calling itself the Future of Music Coalition, counted 20 instances of curse words being used during the Pearl Jam Webcast that were not censored by the content monitor.

"It's clear AT&T has not made a mistake. They or the companies they've hired to monitor Webcasts have engaged in a clear and consistent pattern of silencing free speech," Jenny Toomey, executive director of the Future of Music Coalition, said in a statement.

... And to be honest, I can't see any business-related reason for doing such a thing. [Me too, neither. Bob]

Resources for e-law experts?

August 13, 2007

ABA Launches New Consumer E-Commerce Site

" offers a resource for business people launching ecommerce enterprises and for businesses venturing into online sales. First-time entrepreneurs and established small to medium-sized business expanding their horizons should find helpful information on this site about selling goods and services is a companion to, an earlier project of the Cyberspace Law Committee of the American Bar Association’s Section of Business Law, which answers questions for consumers about shopping on the web."

Another suggestion that a true military attack would be lots (orders of magnitude?) worse...

Estonia's lesson for "cyberwar" fighters: Learn digital crowd control

By John Borland EmailAugust 10, 2007 | 8:44:05 AM Categories: CCC, Cybarmageddon!

Three months after May's "information warfare" attacks on Estonia, computer security experts continue to scrutinize the event for clues to the future of digital conflicts.

Israeli security expert Gadi Evron, who helped the Estonians with their response, argued here at Chaos Communication Camp, following similar speeches at other recent gatherings, that the attacks were far more akin to a "cyber-riot" than to actual warfare.

The May events followed the Estonian decision to dismantle and move a symbolically significant Russian war memorial in their capital city of Tallinn (Estonia was an unwilling part of the USSR from the end of World War II to the Soviet dissolution). Riots of the local Russian-speaking population resulted, and calls for retaliation quickly spread to Russian blogs.

Many of the early attacks that subsequently overwhelmed Estonia's Web servers, banks, and government email systems were rudimentary, with instructions widely posted on these blogs telling people how to send manual pings to the country's servers. But more sophisticated tools soon were used, with botnets flooding Estonian addresses with traffic anywhere from 100 to 1000 times ordinary levels.

The Estonians, and much of the world press, initially characterized this as the first true information war. Fingers were pointed towards the Russian government, largely on the basis of IP addresses (probably spoofed) traced to government facilities. For their part, Russian officials hotly denied any involvement.

Evron doesn't downplay the seriousness of the situation – it effectively hamstrung facilities for days in a country far more deeply reliant on Internet infrastructure than is the United States. But he points to the way activity and action spread through the blog community as evidence that this was something very different than a conventional military operation.

"Fighting is not necessarily warfare," he says. "The whole idea of the blogosphere, of online mob psychology, is taking psychological warfare and putting it on the offensive."

Defenders against this kind of attack, which spreads meme-like through an easily inflamed, but not necessarily coordinated online community, need to think more in terms of policing metaphors than military, he says. Crowds without centers need to be controlled and subdued, rather than attacked. Damage must be mitigated, with a focus on defense rather than offense.

So who was ultimately behind the attacks? Evron says portions of the attacks looked suspiciously like there was some central coordination happening; but it's as yet impossible to trace anything back to the government.

More important is the lesson that in future events, cyber-conflicts may best resemble guerrilla battles, or even spontaneous riots, in which the general opponents are known, but the immediate attackers are not.

As for Americans still trying to adapt to asymmetric warfare tactics in Iraq, these lessons may take time to sink in. But it seems certain that Estonia will remain a case study for years to come.

Perhaps we need more annotation (that was irony, except in New Jersey)

Inadvertent Online Resumes Continue To Cause Some Problems

from the broken-off dept

It's pretty common for people to do Google background checks on prospective employees (or potential dates) these days, so it's a little surprising to see people still put all sorts of information that could harm their job prospects online. A substitute judge in Las Vegas lost his position last week, after some people noticed that his MySpace profile listed his personal interests as, among other things, "Breaking my foot off in a prosecutor's ass ... and improving my ability to break my foot off in a prosecutor's ass." A local district attorney alleged that this displayed a bias against prosecutors, and asked that the judge be recused from his criminal cases, but court administrators went a step further and decided not to use his services any more. The judge, or now ex-judge, says that, basically, he was trying to be funny, and that the overstatement on his page was obvious. That may be the case, but given his position -- and his political ambitions -- it's hard to imagine that he couldn't foresee any problems from putting the comments up online.

Interesting report title. These suggestions will likely be resisted.,1397,2170461,00.asp

Zen IT for Demanding Employees

August 13, 2007 By Deborah Perelman, eWEEK

What do mainframes and networks have in common? Centralized control, and these command and control structures have long assured IT professionals that the technology game is played on their terms.

Yet, in the age of the consumerization of technology, the effectiveness of centralized IT control has slipped. In fact, a report released by the Yankee Group Research Aug. 6, a Boston connectivity research firm, found that 50 percent of employees felt that their personal technology is more advanced than workplace technology.

Furthermore, "Zen and the Art of Rogue Employee Management" argues, banning employees from using consumer technology at work creates an endless game of whack-a-mole; and the only way to win is to manage both the technology and the insistent employee.

Consumerization of technology is one of the five things—including content, client, connectivity and collaboration—that the Yankee Group argues will be a nightmare for IT departments, as they create maintenance and support problems that easily overwhelm resources. IT can fight this tooth and nail, or it can concede and adopt a Zen-like approach which will give control to users through a cooperative care model, reduce IT's burden, and improve internal customer satisfaction.

... "As ubiquitous connectivity takes hold, consumers are driving more innovation and technology trends in the enterprise," said Holbrook.

Perhaps I could combine this with a research project in my Statistics class?

Google's $10 Local Search Play

Posted by kdawson on Monday August 13, @09:23PM from the cheap-feet-on-the-street dept. Google

thefickler writes "Google has come come up with a novel way to boost the information it has about local businesses. As part of its Business Referral Representative program, Google is offering individuals up to $10 to visit local businesses and tell them about Google Maps and Google AdWords, collect information (such as hours of operation and types of payment accepted), and take digital photos of the business. Reaction to the program has been mixed."