Tuesday, February 05, 2008

Lots of interesting statistics. Still hard to build a model of the cost to victims...

http://www.crmbuyer.com/story/The-Cost-of-ID-Theft-Part-1-Beyond-Dollars-and-Cents-61515.html

The Cost of ID Theft, Part 1: Beyond Dollars and Cents

By Andrew K. Burger E-Commerce Times Part of the ECT News Network 02/05/08 4:00 AM PT

The ultimate cost to ID theft victims varies across industries, Uriel Maimon, senior researcher for the software firm RSA, told the E-Commerce Times. "In the banking and electronic commerce industries, the end user is usually indemnified, and most of the damage is done to the business. The end users are usually affected by the trauma and paperwork of the experience but can usually recuperate most of their losses."

Private, personally identifying information is everywhere, from portable computers and digital devices, to the Internet and private networks. This data can be obtained so easily -- either through technology or more mundane means -- and its theft is so often glamorized on film, that it is starting to attract a younger generation to criminal ranks.

The scope of ID theft has grown so quickly that it now takes up a substantial -- and growing -- portion of law enforcement resources. [Is this true? Bob] Personal ID theft more than tripled in the U.S. in 2007, according to USA Today.

Records containing personal data on more than 215 million U.S. residents have been exposed due to security breaches since January 2005, according to the Privacy Rights Clearinghouse. Those for whom a breach turns into something far worse -- actual ID theft -- the financial and emotional burdens can be tremendous.

ID Theft in Dollars and Cents

The average cost of an identity fraud case closed by the U.S. Secret Service was US$31,000 between 2000 and 2006, according to a study by the Center for Identity Management and Information Protection. Among more than 700 cases, dollar losses ranged from zero to $13 million.

... Fraud alerts, security freezes and credit reports for such cases are free or cheap and are relatively straightforward to set up, since organizations are required to provide them. For example, free annual credit reports are now obligatory under federal law. Losses can mount and become serious quickly, however, if a security breach turns into financial fraud or criminal ID theft.

... "In 2004, consumers could expect to recover 80 percent of the money they lost due to identity theft. By 2006, that had dropped to 54 percent. Businesses can expect to pay an average of $197 per customer record should they lose a laptop containing the sensitive information of their customers," Livingston told the E-Commerce Times.

A Waste of Time and Energy

Victims in 2004 spent an average of 330 hours, often stretching out over a period of years, recovering from ID theft and crime, compared to 600 hours in 2003, according to ITRC studies. ITRC attributes the range in 2004's reported hours -- from three hours to 5,840 -- to the severity of the identity theft. A lost credit card typically takes fewer hours to solve than the use of your Social Security number by a would-be evil twin.

In both years, about a third of respondents said that they spent a period of four to six months recovering from ID theft. In 2004, only 11 percent of people said they had been dealing with their ID fraud case for seven months two a year. In 2003, 23 percent had wrestled with a case for nearly a year. However, in 70 percent of cases studied in 2004, people noted that they continued to find negative ID information on their records after more than a year, up from 66 percent in 2003.

Problems associated with ID theft don't stop when the crooks are caught or remediation efforts end. After-effects include increased insurance and credit card fees, difficulties finding a job, higher interest rates and fighting collection agencies and credit card issuers who refuse to clear their records despite substantiating evidence. "This 'tail' may continue for more than 10 years after the crime was first discovered," according to the ITRC.

The Aftershocks

Disturbingly, ID theft is often committed by family members and friends. Forty-three percent of victims in the ITRC's 2004 study believed they knew their impostor; 14 percent said that it was an employee of a business that had their information. "There continues to be a lack of understanding by friends, family and the general public regarding the emotional impact of this crime on the victims, both short term and long term," writes the ITRC's Linda Foley in its ID Theft 2007-2008 review and predictions report.

The emotional impact of ID theft on victims is akin to that felt by victims of more violent crime, according to the ITRC. "Some victims feel dirty, defiled, ashamed and embarrassed, and undeserving of assistance. Others report a split with a significant other or spouse and of being unsupported by family members," according to the study.

... The longer the security breach and potential ID theft goes unrecognized, or remediation is postponed, the greater risk you run of serious criminal ID theft. In 2004, 37.5 percent of those surveyed in the ITRC's study reported that they found out about their ID theft within three months, down from 48 percent in 2003.



Passwords alone are not adequate security. How many times must we say this? (Again, not much real information, but a picture is beginning to emerge.)

http://www.infoworld.com/article/08/02/04/Poor-password-management-may-have-led-to-bank-meltdown_1.html?source=rss&url=http://www.infoworld.com/article/08/02/04/Poor-password-management-may-have-led-to-bank-meltdown_1.html

Poor password management may have led to bank meltdown

Huge losses reported by Société Générale were apparently enabled by forgotten low-level IT chores such as password management

By Jeremy Kirk, IDG News Service February 04, 2008

The huge losses reported by French bank Société Générale, apparently caused by a rogue trader with inside knowledge of the bank's procedures, don't necessarily point to an IT systems failure, but rather to poor management of those systems, analysts say.

The bank has accused 31-year-old employee Jerome Kerviel of creating a fraudulent trading position in the bank's computers that ultimately caused it to lose around €4.9 billion ($7.3 billion).

Kerviel achieved this by, among other things, misappropriating computer passwords, the bank said. It has revealed few other technical details of what caused the losses.

... In some cases, it may not have been the security of the passwords themselves that posed a problem, but rather the access those passwords allowed, said Ian Walden, professor of information and communications law at Queen Mary, University of London.

Organizations tend to think of access as being binary in nature: you get access to it all, or you don't, Walden said. In reality, there are many more levels of access. "In modern, complicated systems, the granularity has to be much more sophisticated."

... "The underlying issue is that many systems are designed to stop honest people from making mistakes, but do not take into account those with malicious intent," Rothke said.



e-Discovery

http://ralphlosey.wordpress.com/2008/02/03/two-e-discovery-guides-for-judges-provide-good-advice-for-all/

Two e-Discovery Guides for Judges Provide Good Advice for All

There are now two e-discovery guides for judges, one for state court judges and one for federal.

Managing Discovery of Electronic Information: A Pocket Guide for Judges

http://ralphlosey.files.wordpress.com/2008/02/pocketguideforjudges.pdf

Conference of Chief Justices Guidelines For State Trial Courts Regarding Discovery Of Electronically-Stored Information.

http://ralphlosey.files.wordpress.com/2008/02/chiefjusticesguide.pdf



Now that they're down, let's stomp on them!

http://linux.slashdot.org/article.pl?sid=08/02/05/133244&from=rss

10K Filing Suggests Grim Outlook for SCO

Posted by Zonk on Tuesday February 05, @08:41AM from the truly-a-stunning-development dept. Caldera The Almighty Buck Linux

dacarr writes "SCO has filed their 10K with the SEC — and according to this, their own assessment of the company's outlook is pretty grim. As usual, PJ of Groklaw has a good synopsis of the filing highlights. In short, it boils down to one thing: unless there's a miracle, even SCO doesn't think they're going to come out of this. 'As a result of the Chapter 11 filings, realization of assets and liquidation of liabilities are subject to uncertainty. While operating as debtors-in-possession under the protection of Chapter 11 of the Bankruptcy Code, the Debtors may sell or otherwise dispose of assets and liquidate or settle liabilities for amounts other than those reflected in the consolidated financial statements, in the ordinary course of business, or, if outside the ordinary course of business, subject to Bankruptcy Court approval. In addition, under the priority scheme established by the Bankruptcy Code, unless creditors agree otherwise, post-petition liabilities and prepetition liabilities must be satisfied in full before stockholders are entitled to receive any distribution or retain any property under a plan of reorganization.'"



Would there be a market for a free version?

http://hosted.ap.org/dynamic/stories/C/CRIME_REPORTS_ONLINE?SITE=VALYD&SECTION=HOME&TEMPLATE=DEFAULT

Site Offers Crime Alerts and Maps

By BRIAN BERGSTEIN AP Technology Writer Feb 4, 5:45 PM EST

... A new service on CrimeReports.com, launched last year and expanding nationwide, overlays police reports on maps, so people can view where arrests and other police calls have been made. Users can configure e-mail alerts to notify them of crimes in locations of interest within a day.

The free site relies mainly on police departments paying $100 or $200 a month, depending on their size, to have CrimeReports.com extract the information from their internal systems and publish it online.

... This coincides with a prominent trend in policing. Since New York City police launched their "CompStat" system in 1994, law enforcement agencies around the country have been capturing and analyzing crime information in more careful detail, in hopes of better planning responses.

... This flood of information could have its downsides.

CrimeReports.com lists only the block on which a crime occurred or was reported, not the actual address, so as to protect victims' privacy. Even so, the Salt Lake sheriff noted that neighbors on a tiny street might be able to figure out, say, which house on their block had a domestic incident that the participants would rather keep quiet.

While that kind of information was always available in department records, "`public' and `readily accessible' are two different things," Winder said.

On the Net:

Police agencies with data on CrimeReports: http://www.crimereports.com/company/participatingDept



Vote early and often! (see next article)

http://www.bespacific.com/mt/archives/017388.html

February 04, 2008

Tech Tools for the American Voter and the 2008 Congressional Elections

  • Tech Tools for the American Voter and the 2008 Congressional Elections - The Tutorial: "This tutorial is a visual walk-through of how to find what you need to know for the upcoming Congressional elections. Use the tutorial to help you find out if you are registered to vote, biographical information on your Congressman or Senator, his or her voting records, and money donations and campaign fundraising for the upcoming election."



How to vote early and often?

http://www.news.com/The-Democratic-Partys-dangerous-experiment/2010-1028_3-6229091.html?part=rss&tag=2547-1_3-0-5&subj=news

Perspective: The Democratic Party's dangerous experiment

By David Dill and Barbara Simons Published: February 4, 2008, 6:03 PM PST

As most of us now understand, paperless electronic voting is a really bad idea. But there is a still worse idea: voting over the Internet.



You should review every penny!

http://www.bespacific.com/mt/archives/017397.html

February 04, 2008

Budget of the United States Government Fiscal Year 2009

Budget of the United States Government Fiscal Year 2009 - The Budget Documents

  • "Budget of the United States Government, Fiscal Year 2009 contains the Budget Message of the President, information on the President’s budget and management priorities, and budget overviews organized by agency.

  • Analytical Perspectives, Budget of the United States Government, Fiscal Year 2009 contains analyses that are designed to highlight specified subject areas or provide other significant presentations of budget data that place the budget in perspective. This volume includes economic and accounting analyses; information on Federal receipts and collections; analyses of Federal spending; information on Federal borrowing and debt; baseline or current services estimates; and other technical presentations. Analytical Perspectives volume also contains supplemental materials with several detailed tables, including tables showing the budget by agency and account and by function, subfunction, and program, that is available on the Internet and as a CD-ROM in the printed document.

  • Historical Tables, Budget of the United States Government, Fiscal Year 2009 (342 pages) provides data on budget receipts, outlays, surpluses or deficits, Federal debt, and Federal employment over an extended time period, generally from 1940 or earlier to 2009. To the extent feasible, the data have been adjusted to provide consistency with the 2009 Budget and to provide comparability over time.

  • Budget of the United States Government, Fiscal Year 2009—Appendix contains detailed information on the various appropriations and funds that constitute the budget and is designed primarily for the use of the Appropriations Committee. The Appendix contains more detailed financial information on individual programs and appropriation accounts than any of the other budget documents. It includes for each agency: the proposed text of appropriations language, budget schedules for each account, new legislative proposals, explanations of the work to be performed and the funds needed, and proposed general provisions applicable to the appropriations of entire agencies or group of agencies. Information is also provided on certain activities whose outlays are not part of the budget totals.

  • Current Program Assessment Rating Tool summaries and details are available on ExpectMore.gov including a CSV File for Researchers and Academics and the data model diagram. Government-wide PART summary data is also available in PDF and XLS format on the OMB website.

  • A comprehensive list of Agency Congressional Justifications, Performance and Accountability Report and Agency Strategic Plans is now also available on the OMB website.



I wonder if the US would do any better? Perhaps I'll ask my Statistics class...

http://www.mg.co.za/articlepage.aspx?area=/breaking_news/other_news/&articleid=331509

Quarter of Brits think Churchill was myth

London, United Kingdom 05 February 2008 12:13

Britons are losing their grip on reality, according to a poll that came out on Monday, which showed that nearly a quarter think Winston Churchill was a myth while the majority reckon Sherlock Holmes was real.

The survey found that 47% thought the 12th century English king, Richard the Lionheart, was a myth.

And 23% thought World War II prime minister Churchill was made up. The same percentage thought Crimean War nurse Florence Nightingale did not actually exist.



You gotta admire the Dutch. What a business model!

http://news.yahoo.com/s/afp/20080201/od_afp/netherlandshealthsexinternetoffbeat_080201185544

Overwhelming popularity for Dutch online safer sex training

Fri Feb 1, 1:55 PM ET

A Dutch online training in safer sex is so popular that the website featuring short instruction videos was overloaded Friday, the Amsterdam health authorities told the ANP news agency.

The website called www.vrijlekker.nl (have nice sex) went online on Wednesday and just hours after opening already had nearly half a million hits.



Perhaps the greatest lyricist of our age?

http://bentleywg.livejournal.com/1163995.html

Tom Lehrer

I grew up listening to my mom's Tom Lehrer records, but I had never actually *seen* Tom Lehrer singing. Someone has posted on YouTube eleven clips of Tom Lehrer performing his songs on stage in the 1960's. Yep, I still know all the words.

- The Vatican Rag.
- Poisoning Pigeons in the Park.
- Werner von Braun.
- So Long, Mom (A Song for Word War III).
- Send the Marines.
- National Brotherhood Week.
- Pollution
- When You Are Old and Gray.
- Masochism Tango.
- The MLF Lullaby.
- Who's Next.
EDIT: One more, from 1980: - I Got It From Agnes
And another longer, informal one: - here and continued here.
EDIT-EDIT: It's from a 1997 math lecture (part of Irving "Kaps" Kaplansky's 80th Birthday Celebration?).

And, for completion's sake, a more recent (1998?) concert version of Poisoning Pigeons.



For my Stats class

http://www.worldometers.info/

Worldometers

World statistics updated in real time.



For my web site class... (and anyone who would look better with Don King's hair)

http://www.killerstartups.com/Web-App-Tools/HairMixercom---Try-Out-A-Celeb-Hairstyle/

HairMixer.com - Try Out A Celeb Hairstyle

Hair is a delicate matter. The wrong cut or color could leave a girl in tears. Help, however isn’t far away with HairMixer. Fancy Angelina’s up-do, Kate’s bangs, or Posh’s bob? Preview the look with HairMixer before your stylist takes out the scissors. It’s easy enough to do—just upload a photo of yourself and pick a celeb whose hair you want—make sure the photo is an appropriate size, otherwise it just won’t work. You can even swap hair dos amongst celebrities. It’s not only useful, but also loads of fun. Try Tom Cruise’s cut on, oh say Paris Hilton and vice versa; email the results to your best friends. Make a t-shirt out of it. If your favorite celeb hair style isn’t pictured, use HairMixer’s image search function. Check it out on Facebook too.

http://www.hairmixer.com/

No comments: