Sunday, May 25, 2008

This is looking more and more like there is something fishy here.

http://www.pogowasright.org/article.php?story=20080524111253406

Blumenthal Seeks Tri-State Probe Of Bank Breach (BNY Mellon update)

Saturday, May 24 2008 @ 11:12 AM EDT Contributed by: PrivacyNews News Section: Breaches

The state has broadened its investigation into the loss of a computer backup tape that reportedly contained personal and financial information about an undetermined number of Connecticut bank depositors, including 556,000 customers of People's United Bank.

Attorney General Richard Blumenthal said Friday that he has contacted attorneys general in New York and New Jersey, asking them to initiate a tri-state investigation into the security breach.

Source - courant.com

[From the article:

The tape reportedly contains information, including names, addresses, dates of birth and Social Security numbers, for 4.5 million people nationwide, Blumenthal said.

The Bank of New York Mellon has not confirmed that any financial institution other than People's was involved, state officials said.

... Blumenthal said his office relied on "sources that were regarded as credible" who said Webster was involved. He said Mellon has yet to say in writing which banks' information was lost.

The Bank of New York Mellon reiterated Friday that because of the banking industry's confidentiality practices, [which trump the Disclosure Laws? Bob] it could not publicly divulge information about its client relationships.



You have to work hard to integrate exam answers into a copyright notice and then ensure that no one proofreads it before printing 12,000 copies. No doubt these are the same folks who promise to protect your personal information.

http://news.yahoo.com/s/nm/20080522/od_uk_nm/oukoe_uk_britain_exam;_ylt=ApehbHnWvE3YxUuYMLDPwMWs0NUE

Every pupil's dream: the exam with answers on back

Thu May 22, 6:13 AM ET

... The OCR (Oxford, Cambridge and RSA) examination board admitted on Thursday that, because of a "printing error", papers sent to schools had answers to questions on the back page.

... "It is unlikely that any of the 12,000 students sitting the examination would have recognised the value of the information ... and subsequently used it," said the spokeswoman, adding there had been just 20 queries from teachers.



Might make an interesting hacking target...

http://cbs4denver.com/local/Whole.Body.Imaging.2.732277.html

May 24, 2008 4:17 pm US/Mountain

DIA Tests "Whole-Body Imaging"

DENVER (AP) ― Denver International Airport and five other airports are testing new technology to help security screeners detect guns and other prohibited items concealed under clothing.

The Transportation Security Administration was starting testing of its "whole body imaging" machines at DIA on Friday.

The technology makes use of beams of radio frequency energy that are projected over the body's surface. Energy reflected back from the body is used to construct a three-dimensional image.

The images are anatomically explicit, but passengers' faces are blurred, [Does this suggest we have better information on terrorist genitalia than terrorist faces? Bob] and security officials viewing the images are located in remote areas.

Florida-based airline consultant Stuart Klaskin shrugged off privacy concerns.

"There's a much-improved and expedited security-screening process using these machines," Klaskin said. "There probably is some momentary loss of privacy, but I don't think anyone has the time to look at these images in a prurient fashion. [There must be a way to record these images, how else would you demonstrate 'probable cause?' (Would you need to “ub-blur” the image for the same reason?) Bob] Realistically, it's much ado over nothing."

Travelers will be randomly selected for the new screening technique. [Prove it! Bob]

The El Paso County Judicial Complex has been using similar whole-body screening. [Perhaps they can convince Google to add it to their Google Maps project. They can take photos of streets and images of people! Bob]



Well-intended consequences?

http://news.slashdot.org/article.pl?sid=08/05/24/1650248&from=rss

Patriot Act Dampening Cloud Computing?

Posted by kdawson on Saturday May 24, @01:38PM from the hey-you-get-offa-my-cloud dept. Government The Internet

Julie188 writes

"Governments are turning the Internet into a cyberspace reflection of real-world geographic conflicts. One report says that the Canadian government is forbidding its IT organizations to use services that store or host the government's data outside their sovereign territory. They especially cannot use services where the data is stored in the United States because of fears over the Patriot Act. What kinds of jurisdiction issues might people face — think Google cooperating with the Chinese government — as cloud computing becomes the norm and your data is stored in 'offshore parts' of the cloud?"



It looks like the White Hat Club is a go. Part of the strategy will be to gather and organize a hacking toolkit, so articles like this will be collected; software mentioned will be downloaded and analyzed, and the techniques shared...

http://houseofhackers.ning.com/profiles/blog/show?id=2092781%3ABlogPost%3A42906

Assessment Methodology (Part 1)

Posted by hitechpo on May 24, 2008 at 5:30pm

I've been down for a couple of days, but now I'm back. I wanted to include a series of instructions on assessing. (I will use the term assessing as opposed to 'hacking' due to the derogatory connation that this term invokes.)

As a note, you should only be assessing those systems or networks that you have permission to assess. I will not be held responsible for any damages caused by someone using this information.

This information and more will be in my new book: "Information Security for Executives: The Practical Executive Guide to Information Security" (pending publication by the end of 2008). I thought I would give you a little glimpse of this guide now.

So here we go. These are the five (5) phases of the methodology behind conducting a vulnerability assessment:

1. Reconnaissance

2. Scanning

3. Gaining Access

4. Maintaining Access

5. Clearing Tracks



For my math class (all others keep out!)

http://idle.slashdot.org/article.pl?sid=08/05/24/1335258&from=rss

I Will Derive

Posted by CmdrTaco on Saturday May 24, @12:33PM from the well-now-isn't-that-nice dept.

Jamie stumbled upon a very choice video this morning called I Will Derive. To the tune of some song you've never heard before, singing about subjects you know nothing about... oh and a a TI-84 cameo. It features the dopiest dancing you'll see on YouTube today. I promise.

No comments: