When it is your business, you'd think you'd have a workable procedure... No indication the tape was encrypted. (People still use tapes?)
http://www.pogowasright.org/article.php?story=20080107105125443
Iron Mountain loses backup tape with GE Money-Americas clients' info
Monday, January 07 2008 @ 10:51 AM EST Contributed by: PrivacyNews News Section: Breaches
GE Money-Americas has notified the state of New Hampshire that its vendor, Iron Mountain, lost a backup tape containing active account numbers and some Social Security numbers. O ver 1800 NH residents had account numbers on the missing tape, and less than 20 appear to have SSN on the tape. There was no indication of total numbers nationwide.
Summary prepared by PogoWasRight.org based on Notification to NJ DOJ [pdf]
Not much of a manifesto... Not even a complete outline for a student paper – but it's a start!
http://www.pogowasright.org/article.php?story=20080108073905268
A Privacy Manifesto for the Web 2.0 Era
Tuesday, January 08 2008 @ 07:39 AM EST Contributed by: PrivacyNews News Section: Internet & Computers
Written by Alec Saunders, co-founder and CEO of iotum, creators of the first conference calling service for Facebook. Alec’s personal blog is about VoIP and web products, technologies and businesses.
[...]... Let’s start by defining what we mean by personal information. Personal information includes any factual or subjective information, recorded or not, in any form, about an individual. For example: name, address, telephone number, gender, identification numbers, income, blood type, credit records, loan records, existence of a dispute between a consumer and a merchant — even intentions to acquire particular goods or services. And let’s not forget health, medical history, political opinions, religious beliefs, trade union membership, financial information and sexual preferences!
Now, what rights should you have? Here are four principles that form a Privacy Manifesto for the Web 2.0 Era.
Source - gigacom
Warm & Fuzzy #1
http://it.slashdot.org/article.pl?sid=08/01/08/0154227&from=rss
Boot Record Rootkit Threatens Vista, XP, NT
Posted by kdawson on Monday January 07, @09:41PM from the writing-to-zero dept.
Paul sends us word on a new exploit seen in the wild that attacks Windows systems completely outside of the control of the OS. "Unfortunately, all the Windows NT family (including Vista) still have the same security flaw — MBR [Master Boot Record] can be modified from usermode. Nevertheless, MS blocked write-access to disk sectors from userland code on VISTA after the pagefile attack, however, the first sectors of disk are still unprotected... At the end of 2007 stealth MBR rootkit was discovered by MR Team members (thanks to Tammy & MJ) and it looks like this way of affecting NT systems could be more common in near future if MBR stays unprotected."
Warm & Fuzzy #2
http://www.pogowasright.org/article.php?story=20080107203646560
Hackers turn Cleveland into malware server
Monday, January 07 2008 @ 08:36 PM EST Contributed by: PrivacyNews News Section: Breaches
Tens of thousands of websites belonging to Fortune 500 corporations, state government agencies and schools have been infected with malicious code that attempts to engage in click fraud and steal online game credentials from people who visit the destinations, security researches say.
At time of writing, more than 94,000 URLs had been infected by the fast-moving exploit, which redirects users to the uc8010-dot-com domain, according to this search. Security company Computer Associates was infected at one point, as were sites belonging to the state of Virginia, the city of Cleveland and Boston University.
Source - The Register
[From the article:
He said the uc8010-dot-com domain (we don't recommend readers visit the site) was registered in late December using a Chinese-based registrar, indicating the attackers were fluent in Chinese.
An interesting interpretation. In the US, gathering (and organizing) the data should be enough for at least a Copyright... Right?
http://www.pogowasright.org/article.php?story=20080108071833645
UK: Database right infringed when staff took customer lists, rules court
Tuesday, January 08 2008 @ 07:18 AM EST Contributed by: PrivacyNews News Section: Breaches
Employees who left a company to start up a rival breached that firm's database rights when they took information with them, the High Court has ruled. The firm failed to prove, though, that the actions breached the company's confidentiality.
[...]Rider and Simpson did not dispute that they had taken a list of Crowson's customers and information about sales to them as well as email addresses from the company.
Crowson claimed that the pair broke an implied duty [Not worth the paper it's written on... Bob] not to remove confidential business information from it, but the High Court ruled that the information they had taken did not qualify as confidential.
For information to be confidential there needs to be an obligation of confidence, [We need that phrase! Bob] and the information must be confidential in nature. Judge Peter Smith said that material did not become confidential just because an employer deemed it so.
Smith said that the information was not confidential, that it was either in the public domain, as in the case of addresses and phone numbers, or it counted as the skills and expertise that an employee would naturally build up, and was therefore not able to be restricted by the employer.
Source - Out-Law.com
This must be at epidemic proportions to get the bank's attention.
http://www.pogowasright.org/article.php?story=20080107182643581
Citibank limits ATM withdrawals in New York City
Monday, January 07 2008 @ 06:26 PM EST Contributed by: PrivacyNews News Section: Breaches
In response to a series of ATM robberies over the holidays, Citibank has drastically reduced the daily amounts its customers may withdrawal from ATMs. In some cases, customers of Citibank could once withdrawal as much as $2000 per day, depending upon the account. The new limits are around $500 per day for most customers.
Citibank attributes the action to reports of "skimming," the process of copying someone's ATM card and passcode or PIN, over the holidays.
Source - C|net
Another hack....
http://www.pogowasright.org/article.php?story=20080108072330179
Dutch public transport card hacked
Tuesday, January 08 2008 @ 07:23 AM EST Contributed by: PrivacyNews News Section: Non-U.S. News
The security of the Dutch OV (public transport) card is at issue following the cracking of its secret code by German computer hackers.
The card, which is intended to replace the 'strippenkart', was due to be introduced throughout the country this year. It is likely that the launch will now be postponed. Because the card's code has been hacked, it would be possible for travellers to journey for free and for their private data to be made public.
Source - Radio Netherlands Worldwide
Another hack... (What happens when you attract bright people...)
http://www.pogowasright.org/article.php?story=2008010807254840
Harvard uncovers ID scam that may involve debit cards
Tuesday, January 08 2008 @ 07:25 AM EST Contributed by: PrivacyNews News Section: Breaches
Harvard University police and the Middlesex district attorney's office are investigating a security breach at the school after an undergraduate allegedly manufactured phony driver's licenses and university identification cards that can be used as debit cards and to enter residence halls, the university announced yesterday.
Source - Boston Globe
Perhaps a bunch of hacks?
http://www.news.com/8301-10789_3-9843574-57.html?part=rss&subj=news&tag=2547-1_3-0-5
Digital gifts that keep on giving
Posted by Robert Vamosi January 7, 2008 1:43 PM PST
Care should be taken when plugging holiday gift gadgets into your personal computer and laptop, said security researchers at Sans.org, Microsoft, and Kaspersky in recent blog posts. Reports of strange files being found on USB storage devices increased over the holiday season. Reporting Monday on the SANS' Internet Storm Center blog, director Marcus Sachs said, "In years past this would have been limited to iPods and USB memory sticks, but now it includes digital photo frames, GPS devices, external hard drives, and of course digital cameras."
Going forward... (Anyone who quotes Machiavelli is worth reading...)
http://www.bespacific.com/mt/archives/017072.html
January 07, 2008
UK Report: National Security for the Twenty-First Century
Current notions of defence, foreign affairs, intelligence and development are redundant in the new security environment... National Security for the Twenty-first Century, Charlie Edwards, DEMOS: "The government remains structured around functions and services with separate budgets for defence, foreign affairs, intelligence and development. Whitehall departments, intelligence agencies and the police forces that make up the security architecture have changed very little in the past two decades, despite the end of the Cold War and the attack on the World Trade Centre in 2001. Based on a 12 month research project, this pamphlet sets out an approach to national security drawing on reforms and innovations from governments elsewhere in Europe and the United States and suggests some new ideas designed to shape the future of the national security architecture."
“Hey, we gotta blame somebody!”
http://www.pogowasright.org/article.php?story=2008010718113116
(follow-up) Guard: Metro laptops were stolen before Christmas Eve
Monday, January 07 2008 @ 06:11 PM EST Contributed by: PrivacyNews News Section: Breaches
... Murphy insists that the break-in that may have compromised hundreds of thousands of Metro voters’ Social Security numbers didn’t occur on his watch. In fact, it didn’t occur on anyone’s watch, because no one was assigned to watch, he said.
“I would swear on a stack of Bibles, that window was broken out Saturday,” Murphy said, referring to Dec. 22.
Source - Tennessean.com
For my web site class...
http://www.killerstartups.com/Video-Music-Photo/VideoSpincom---Quick-and-Fast-Movie-Editing/
VideoSpin.com - Quick and Fast Movie Editing
In order to produce stunning videos, no matter how amateur, you’ll need a good video editor. Of the many that are out there, VideoSpin stands out for its streamlined yet powerful interface. It’s light weighing in at only 2.25MB. There are two main functions—editing and publishing. The former section is used for adding music and transitions, putting in texts and making snips here and there. The publishing section connects to the web and allows users to add their videos to video sites like Yahoo or Youtube. If you’re lacking inspiration, VideoSpin gives you expert tips along the way. The download is free.
Wait till the Porn Industry see this!
http://slashdot.org/article.pl?sid=08/01/07/2112205&from=rss
Making 3D Models from Video Clips
Posted by ScuttleMonkey on Monday January 07, @05:24PM from the fun-toys dept.
BoingBoing is covering an interesting piece of software called VideoTrace that allows you to easily create 3D models from the images in video clips. "The user interacts with VideoTrace by tracing the shape of the object to be modeled over one or more frames of the video. By interpreting the sketch drawn by the user in light of 3D information obtained from computer vision techniques, a small number of simple 2D interactions can be used to generate a realistic 3D model."
Chaos indeed. Perhaps the Colorado election commission can learn a lesson? Nah...
http://yro.slashdot.org/article.pl?sid=08/01/08/0218259&from=rss
Group Sues To Stop German E-Voting
Posted by kdawson on Monday January 07, @11:18PM from the we-don't-trust-them-either dept. The Courts Politics
kRemit writes "The German hacker group Chaos Computer Club today sued the German State of Hessen to prevent the use of electronic voting machines (Google translation) in the upcoming elections on January 27. This comes as a follow-up to the Dutch initiative 'We don't trust voting machines,' which succeeded in banning the same type of voting machines in the Netherlands."
I'll have to read this closely to see what I did...
http://www.bespacific.com/mt/archives/017065.html
January 07, 2008
Spartans in Darkness: American SIGINT and the Indochina War
Via Secrecy News, "this 2002 study was released in response to a Mandatory Declassification Review request filed by Michael Ravnitzky": Spartans in Darkness: American SIGINT and the Indochina War, 1945-1975 by Robert J. Hanyok, Center for Cryptologic History, National Security Agency, 2002.
Ancient history, modern technology?
http://www.reuters.com/article/technologyNews/idUSPAR75722620080107
Thousands follow soldier's fate in WW1 "blog"
Mon Jan 7, 2008 11:31am EST By Mike Collett-White
LONDON (Reuters) - Thousands of people have been following the fate of a British soldier fighting in the trenches of World War One on a Web site publishing his letters home exactly 90 years after they were written.
How to look smart...
http://digg.com/educational/How_To_Solve_a_Rubik_s_Cube_13
How To Solve a Rubik's Cube
howtodothings.com — Great beginners guide to solving the Rubik's Cube. Has step by step instruction with animation and images. Now you can solve any old cube laying around and impress your friends.
http://www.howtodothings.com/hobbies/how-to-solve-a-rubiks-cube
No comments:
Post a Comment