Friday, January 11, 2008

Will this cause a security upgrade?

http://www.pogowasright.org/article.php?story=20080110090039349

UK: Bank boss becomes ID theft victim

Thursday, January 10 2008 @ 09:00 AM EST Contributed by: PrivacyNews News Section: Breaches

The chairman of Barclays bank has become a victim of ID theft after a fraudster stole £10,000 from his account. it has emerged today.

The conman duped call centre staff into issuing a credit card in the name of banking boss Marcus Agius and then used it to withdraw funds at a high street branch.

Source - Metro.co.uk



This should get lawyers in Canada talking about security. If it works, I may try it here...

http://www.pogowasright.org/article.php?story=20080110205232963

Canadian Bar Association Personal Information Advisory

Thursday, January 10 2008 @ 08:52 PM EST Contributed by: PrivacyNews News Section: Breaches

Via The Canadian Privacy Law Blog:

An audit of the CBA online web systems has revealed unauthorized third party access to the system during the recent holiday period.

Immediate steps were taken to further enhance the security of the site, [which implies they knew how to make it more secure but hadn't bothered to actually do anything. Bob] and those whose records were potentially affected are being notified of this unauthorized activity.

The CBA takes the privacy of members very seriously and has taken appropriate steps to ensure that this type of incident does not happen again.

Source - CBA

Related - Michael Geist posted the notification members received:

Your records may have been affected by this unauthorized activity. The files contained personal information relating to online orders (name, address, phone, fax, member number) and encrypted credit card information. We have no reason to believe that the encrypted credit card information was compromised. CBA uses one of the most secure encryption solutions available to protect credit card information. As a precautionary measure, we recommend that members monitor their credit card accounts for suspicious activity.



We can, therefore we must. (After all, bartenders have photographic memories and remember your name forever...)

http://yro.slashdot.org/article.pl?sid=08/01/10/2113240&from=rss

ID Tech May Mean an End to Anonymous Drinking

Posted by timothy on Thursday January 10, @04:33PM from the say-were-you-going-to-finish-that-martini dept. Privacy

Anonymous Howard writes "If you visit a lot of bars and restaurants, you've likely crossed paths with drivers license scanners — machines that supposedly verify that your license is valid. In actuality, many of these scanners are designed to record your license information in addition to verifying them, and those that authenticate against a remote database are creating a record of when and where you buy alcohol. Not only that, but they're not even particularly effective — the bar code on your license uses an open, documented standard and can be rewritten to change your age or picture. Collecting our driver's license information is one thing, but collecting data about our personal drinking habits is not only a violation of, according to the ACLU representative quoted in the article, privacy and civil liberties, but this 'drinking record' could also create problems for people in civil and criminal lawsuits as proof of alcohol purchases in DUI cases or evidence of alcoholism in divorce lawsuits."



If the states are becoming “Privacy Aware”...

http://www.pogowasright.org/article.php?story=20080110144927673

WI: State agency will stop using Social Security info

Thursday, January 10 2008 @ 02:49 PM EST Contributed by: PrivacyNews News Section: Breaches

In a move that would prevent future accidental disclosures of residents' Social Security numbers like the one this week, the state Department of Health and Family Services will begin using randomly generated ID numbers later this year to identify nearly 800,000 Wisconsinites now receiving public assistance, a top department official says.

Source - The Capital Times


...why not the State Department? Think of it as a way to make concerns about taking information from the RFID chip moot.

http://www.pogowasright.org/article.php?story=20080110164455593

State Department to ease access to passport data

Thursday, January 10 2008 @ 04:44 PM EST Contributed by: PrivacyNews News Section: Fed. Govt.

According to a release on Wednesday from the State Department, law enforcement officials and private parties may soon be able to request personal passport details. Currently, only State Department staffers who have undergone "background security investigation" handle such requests. The change to the State Department's system of records notice, or SORN, affects records dating as far back to 1925 and addresses amendments introduced in 2007 to the Privacy and Security Act of 1974.

Source - C|net

Related - Notice in Federal Register via Cryptome



Consider in light of the next article...

http://techdirt.com/articles/20080109/181315.shtml

Who's More Tech Savvy? Employees Or Employers?

from the depends-on-which-technology dept

I came across two separate stories today at about the same time, which seemed to be saying very different things, but seem worth discussing together. The first is about how big companies are increasingly technology savvy in spying on workers in everything that they do (sent in by reader gonzogirl). It notes that while CIOs used to worry about how employees would react to being spied on, these days it's barely a second thought, as it's become almost standard. The other study involves some research suggesting that employees are becoming a lot more tech savvy than their employers and trying to drag them into the 21st century. The researchers behind that report say that employees understand technology much better than their own CIOs.

At first glance, the two reports may seem to contradict each other, but that may not really be the case. It may actually show a lot more about where the priorities are for CIOs of large companies these days: fearful of what employees are doing, rather than looking for ways to help them get things done. Thus, when employees show up with new tools to make them more productive, the response isn't too embrace them, but to fear them (or figure out how they can be monitored). This wouldn't be particularly surprising, but it should be troublesome for those large companies, who are breeding atmospheres of distrust and trying to hold back the innovation needed to boost productivity and compete with more nimble companies.



This requires no further comment from me... But I can't resist. When bureaucracy interferes with functions you have: “government” (No wonder they have problems with computer systems, they still haven't mastered 1870's technology!)

http://news.yahoo.com/s/afp/20080111/od_afp/usspyfbi_080111081012;_ylt=AtKXxTw_1w1u0aPekkAZkpas0NUE

FBI phone taps cut off over unpaid bills

Fri Jan 11, 3:10 AM ET

The FBI has failed to pay phone bills on time, causing telecommunication firms to temporarily cut off wiretaps used for terrorism investigations, an audit found.

In a review of the FBI's handling of special funds used for secret operations, the Justice Department's inspector general found an archaic payment system that goes through disorganized third-party offices.

A summary of the audit released Thursday noted that a telecommunication specialist pled guilty in June 2006 to stealing more than 25,000 dollars in confidential funds.

The audit found that the employee had taken advantage of the FBI's mismanagement of bills to steal money from refund checks, as the agency even has trouble cashing refunds from overpaid bills.



Good news, bad news? Something worth stealing vs. not a soft target?

http://www.pogowasright.org/article.php?story=20080110120411899

Ca: Gun registry posting doesn't violate privacy

Thursday, January 10 2008 @ 12:04 PM EST Contributed by: PrivacyNews News Section: Non-U.S. News

The privacy commissioner has rejected complaints from firearms owners who claimed their privacy was violated by a searchable copy of the federal gun registry posted on the Citizen website.

... Last year, some gun owners filed complaints with Privacy Commissioner Jennifer Stoddart, saying the data could be used by thieves to target homes or businesses known to contain certain types of guns.

However, in a report to Parliament, Ms. Stoddart writes that the complaints were not well-founded and concluded that the RCMP had taken precautions to ensure gun owners would remain anonymous before the data were released to The Citizen.

Source - Ottawa Citizen



Playing the odds, Bruce? I don't agree, but I can see his point.

http://www.wired.com/politics/security/commentary/securitymatters/2008/01/securitymatters_0110

Steal This Wi-Fi

Bruce Schneier Email 01.10.08 | 12:00 AM

Whenever I talk or write about my own security setup, the one thing that surprises people -- and attracts the most criticism -- is the fact that I run an open wireless network at home. There's no password. There's no encryption. Anyone with wireless capability who can see my network can use it to access the internet.

To me, it's basic politeness. Providing internet access to guests is kind of like providing heat and electricity, or a hot cup of tea. But to some observers, it's both wrong and dangerous.



For my Stat class...

http://www.bespacific.com/mt/archives/017107.html

January 10, 2008

Sourcebook of Criminal Justice Statistics, 31st Edition

Sourcebook of Criminal Justice Statistics, 31st Edition: "The Sourcebook of Criminal Justice Statistics brings together data from more than 200 sources about many aspects of criminal justice in the United States. It has been compiled by the Utilization of Criminal Justice Statistics Project since 1973 and is funded by the U.S. Department of Justice, Bureau of Justice Statistics. Ann L. Pastore and Kathleen Maguire are co-directors of the Utilization Project and co-editors of the Sourcebook. The project is located at the University at Albany, School of Criminal Justice, Hindelang Criminal Justice Research Center in Albany, New York." [IWS Documented News Service]



Might be useful...

http://www.killerstartups.com/Web20/Bodocuscom---View-Documentaries-Online/

Bodocus.com - View Documentaries Online

Bodocus.com is a site that features what they consider some of the best documentaries around. When you visit the site you can browse through the documentaries by category. There are many categories from environment to religion to business. All of the documentary titles are listed in the categories. You can click on the one that you are interested in watching and watch it right on your computer. There are a total of 659 documentaries so have fun educating watching and learning at the same time at Bodocus.com. http://www.bodocus.com/



Searching for “The Next Big Thing!”

http://www.killerstartups.com/Web20/TheNextWeborg---New-Blog-About-Startups-Tech-News/

TheNextWeb.org - New Blog About Startups, Tech News

Can’t get enough of tech and internet news? TheNextWeb will surely fix that. This site reviews, profiles and interviews startups, interesting tech personalities, new products and old ones that are making waves. Several contributors make up the NextWeb team—all experienced developers, slash writers and prodigious consumers of all things tech, also mostly Dutch; however, guest writers are encouraged and often featured on the site as well. You’ll find an interesting mix of tech related news, business news and analysis. Popular items are grouped in the tag cloud on the homepage. Interesting news bits and tips are received from the site’s crew of Webtiprs from all around the world. There’s a search bar and RSS feeds; you can also keep up with Next Web via Twitter and Facebook.

http://thenextweb.org/

No comments: