Did the loss of these cards go unreported? No word from 1st Source Bank yet.
http://www.pogowasright.org/article.php?story=20080618060835939
UPDATE: List of affected customers growing after reports of fraudulent withdrawals
Wednesday, June 18 2008 @ 06:08 AM EDT Contributed by: PrivacyNews News Section: Breaches
Local police and FBI agents are investigating after hundreds across the area reported money missing from their bank accounts over the weekend.
Police agencies across the area are reporting account breaches from at least 10 different banks, credit unions and other financial institutions. Thousands of dollars have been reported stolen.
Source - WSBT
Comment: what's interesting about this breach, if one theory is correct, is that a May breach involving 1st Source Bank may have affected non-1st Source Bank customers who used 1st Source's ATM machines.
Isn't this the opposite of Identity Theft? Identity Erasure?
http://www.phiprivacy.net/?p=478
Jun-17-2008
Local Man Sentenced For Deleting Medical Records
A disgruntled worker is paying the price for deleting medical records, 10News reported.
Jon Paul Oson, of Chula Vista, was sentenced to more than 5 years in prison for hacking into the database of a local health clinic.
It was the very person trusted to protect the Council of Community Health Clinics who went on a hacking rampage.
[...] Dembin said Oson’s actions affected thousands of patients’ records. That is because the organization provides various services to 17 regional health clinics in Southern California, including the North County Health Services Clinic in San Marcos.
Full story - 10News.com
React first, think later?
http://news.cnet.com/8301-10784_3-9970660-7.html?part=rss&subj=news&tag=2547-1_3-0-5
June 17, 2008 10:55 AM PDT
State worker cleared on child porn charges that were due to malware
Posted by Elinor Mills 2 comments
A fired Massachusetts state worker has been exonerated of a charge of possessing child pornography after computer forensics showed that his work laptop was infected with malicious software that was surreptitiously visiting illegal Web sites. [I'm starting a business to sell this software to federal judges... Bob]
Michael Fiola, 53, was fired as a worker's comp fraud investigator with the Massachusetts Department of Industrial Accidents in March 2007 [Took 'em long enough. Bob] after IT administrators found cached images of child porn in the temporary Internet files in his browser, according to the Dark Reading security news site.
Fiola, described as being "computer illiterate," hired a forensics expert who found the evidence that was used to convince the court to drop the case last week. He remains unemployed and plans to sue the agency over his firing. [Shocking... Bob]
"Our lives have been hell," Fiola, a former state park ranger now living in Rhode Island told the Boston Herald. "I hope to recover my reputation, but our friends all ran."
His laptop initially attracted attention because its wireless usage was four times higher than that of his co-workers. [Someone noticed? How unusual! Bob] But because the IT department hadn't properly configured the agency laptop and antivirus software wasn't working on the machine, it was riddled with Trojans and viruses, in addition to the malicious software that was bringing up the porn sites. [Remember, IT Security can save you money! Bob]
Oh the horror!
http://it.slashdot.org/article.pl?sid=08/06/17/1941200&from=rss
All Your Coffee Are Belong To Us
Posted by kdawson on Wednesday June 18, @02:19AM from the pouring-over-it dept. Security It's funny. Laugh. Hardware
Wolf nipple chips writes
"Craig Wright discovered that the Jura F90 Coffee maker, with its honest-to-God Jura Internet Connection Kit, can be taken over by a remote attacker, who can cause the coffee to be weaker or stronger; change the amount of water per cup; or cause the machine to require service (call this one a DDoC). 'Best yet, the software allows a remote attacker to gain access to the Windows XP system it is running on at the level of the user.' An Internet-enabled, remote-controlled coffee-machine and XP backdoor — what more could a hacker ask for?"
Cheaper to buy the ads? Not likely...
http://news.cnet.com/8301-10784_3-9969899-7.html
June 16, 2008 2:52 PM PDT
Accused spammer must pay MySpace $6 million
Posted by Greg Sandoval 3 comments
MySpace continues to wage a legal war on alleged spammers.
An arbitrator has ordered Media Breakaway and Chief Executive Scott Richter to pay the social-networking giant $4.8 million in damages and $1.2 million in legal fees, according to legal filings. The company's employees were also ordered to stay off MySpace.
This kind of surprises me. Insiders have the best picture of the operation and its weaknesses. Perhaps the average security set-up is weaker than I thought?
http://techdirt.com/articles/20080616/0717011416.shtml
Insiders No Longer The Biggest Threat To Computer Networks
from the but-why? dept
For years, we've been told that the biggest threat to various companies' computer networks doesn't come from outside hackers, but from internal (often disgruntled) employees. However, a new study disputes that, saying that less than one in five security breaches were due to insiders. Business partners are nearly twice as likely to be the cause of an attack, [What does the contract allow? Bob] and then outside hack attacks are the largest threat. Of course, what isn't explained is whether or not the earlier data was just wrong -- or if something has changed over the last few years (more outside hacking, better controls on employees, etc.). That would probably be a lot more interesting and useful than just knowing the percentages.
For your Security geeks
Kaspersky workaround for encryption virus comes with a catch
Kaspersky Lab has published advice on recovering files encrypted by the Gpcode.ak virus
By John E. Dunn, Techworld June 17, 2008
Kaspersky Lab has published advice on recovering files encrypted by the frightening Gpcode.ak virus, but there is a big catch -- users must not have turned off their PC first.
We need to do this in the US.
http://www.pogowasright.org/article.php?story=20080617105751876
UK: FSA fines stockbroker over weak data security
Tuesday, June 17 2008 @ 10:57 AM EDT Contributed by: PrivacyNews News Section: Breaches
A stockbroker has been fined £77,000 by the Financial Services Authority (FSA) for failing to protect its customers from identity fraud – despite the firm not having had a data breach.
Source - IT Pro
We need to NOT do this in the US. (As Shakespeare said, “To be, or not...”)
http://techdirt.com/articles/20080617/0740561432.shtml
Associated Press: Fair Use Limits You To Four Words; Five Words Costs $12.50
from the make-it-stop dept
As we wait with bated breath for the Associated Press to come down from the mountain with its own rules for "fair use for bloggers," Patrick Nielsen Hayden gives us a sense of what the AP considers fair use (found via Boing Boing). Apparently, for quite some time, the AP has had up a page that lists out prices for quoting AP text. I will quote the list prices, and hope I don't get a DMCA takedown:
5-25 words: $ 12.50
26-50 words: $ 17.50
51-100 words: $ 25.00
101-250 words: $ 50.00
251 words and up: $ 100.00
Oh, and it gets better. The AP claims that it can revoke the license at any time if it feels you're saying something negative about the Associated Press: "Publisher reserves the right to terminate this Agreement at any time if Publisher or its agents finds Your use of the licensed Content to be offensive and/or damaging to Publisher’s reputation."
Now, these are the terms that the AP has had on its site for some time -- but they explain why the AP went after the Drudge Retort for quoting less than 100 words. To the AP, that was a violation requiring a $25 license. So, while some believe that those criticizing the AP are overreacting, I'd argue that's not the case at all. This is not, as suggested, a one-time thing. This is an ongoing pattern of misuse of copyright law by the AP. And it's been pointed out to the AP in the past that these actions are wrong -- and it did nothing to change the AP's behavior. Instead, it seems to have only emboldened the AP.
Besides, it now appears that the AP's way of having this "conversation" with bloggers on what is AP-acceptable "fair use" is to meet with some guy who represents some blogging "group" I've never heard of. That group does not represent bloggers and it certainly doesn't speak for all of us in reaching some sort of "agreement." If the AP really wants to engage with the critics, why doesn't it come out and talk to those of us criticizing its actions? So far, the only engagement has been to cut and past the same comment on a bunch of blog sites... Other than that, it has only spoken to reporters about this issue.
Are there 300 types of files that need to be PDFs?
http://www.killerstartups.com/Web-App-Tools/online-primopdf-com-pdf-converter/
Online.PrimoPDF.com - PDF Converter
If you want to convert your documents to PDF files without investing in expensive software you should visit PrimoOnline. In 3 easy steps you can convert over 300 types of files to PDF documents. To begin you must enter your email address, then you can select your file which can be any type of document from a PowerPoint presentation to an Excel sheet or even graphics. Once you have selected your file you can create a PDF and send it to your email address so you can easily access the file from any computer. You can create a PDF file online from any platform, Windows, Mac or Linux. There is a PrimoPDF user’s manual for anyone who may experience difficulties using the converter. PrimoOnline is simple to use and you can create PDF files without the hassle of purchasing and installing software. PrimoOnline offers a no fuss and no hassle way to create and convert your documents to PDF files.
Convergence? Another time-waster? (Another reason handhelds will replace laptops?)
http://www.eweek.com/c/a/VOIP-and-Telephony/ShoreTel-Ships-New-Unified-VOIP-System/
ShoreTel Ships New Unified VOIP System
By Chris Preimesberger 2008-06-16
... ShoreTel claims to be the first vendor to deliver a system that takes advantage of a recent enhancement to the H.264 standard for video compression: SVC (Scalable Video Coding). This new feature permits high-quality video on every desktop, including those of remote workers, a company spokesperson told eWEEK.
Schneier is always worth reading...
http://www.pogowasright.org/article.php?story=20080617080655742
LifeLock and Identity Theft
Tuesday, June 17 2008 @ 08:06 AM EDT Contributed by: PrivacyNews News Section: Other Privacy News
LifeLock, one of the companies that offers identity-theft protection in the United States, has been taking quite a beating recently. They're being sued by credit bureaus, competitors and lawyers in several states that are launching class action lawsuits. And the stories in the media ... it's like a piranha feeding frenzy.
There are also a lot of errors and misconceptions. With its aggressive advertising campaign and a CEO who publishes his Social Security number and dares people to steal his identity -- Todd Davis, 457-55-5462 -- LifeLock is a company that's easy to hate. But the company's story has some interesting security lessons, and it's worth understanding in some detail.
Source - Schneier on Security
Data Centers are not “a space for some computers” any longer.
http://hardware.slashdot.org/article.pl?sid=08/06/17/1329219&from=rss
Data Center Designers In High Demand
Posted by timothy on Tuesday June 17, @09:53AM from the blinky-blue-is-the-new-dull-amber dept. Data Storage IT
Hugh Pickens writes
"For years, data center designers have toiled in obscurity in the engine rooms of the digital economy, amid the racks of servers and storage devices that power everything from online videos to corporate e-mail systems but now people with the skills to design, build and run a data center that does not endanger the power grid are suddenly in demand. 'The data center energy problem is growing fast, and it has an economic importance that far outweighs the electricity use,' said Jonathan G. Koomey of Stanford University. 'So that explains why these data center people, who haven't gotten a lot of glory in their careers, are in the spotlight now.' The pace of the data center build-up is the result of the surging use of servers, which in the United States rose to 11.8 million in 2007, from 2.6 million a decade earlier. 'For years and years, the attitude was just buy it, install it and don't worry about it,' says Vernon Turner, an analyst for IDC. 'That led to all sorts of inefficiencies. Now, we're paying for that behavior.'"
On a related note, an anonymous reader contributes this link to an interesting look at how a data center gets built.
Related
http://digg.com/hardware/Fascinating_Video_Tour_of_an_Equinix_Data_Center
Fascinating Video Tour of an Equinix Data Center
news.cnet.com — Equinix is responsible for holding massive amounts of data, including storage for popular sites like MySpace.com. Take a tour of the facilities, and see how much energy it takes to keep the Web alive. CNET News.com's Neha Tiwari reports.
http://news.cnet.com/1606-2_3-6109900.html
For my Software Process Engineering class
http://developers.slashdot.org/article.pl?sid=08/06/17/1725205&from=rss
Anatomy of a Runaway Project
Posted by kdawson on Tuesday June 17, @01:47PM from the off-the-tracks-and-ploughing-up-dirt dept.
JCWDenton recommends a piece by Bruce Webster revealing some insights into a failed multi-million-dollar IT project.
"The following document is the actual text — carefully redacted — of a memo I wrote some time back after performing an IT project review; names and identifying concepts have been changed to preserve confidentiality (and protect the guilty). The project in question was a major IT re-engineering effort for a mission-critical system; at the time I did this review, the project had been going on for several years and had cost millions of dollars; it would eventually be canceled and the work products abandoned. The memo itself provides an interesting glimpse into just how a major IT project can go so far off the tracks that nothing useful is ever delivered."
Even I need a break now and then.
http://www.killerstartups.com/Web-App-Tools/bigfuncity-com-free-flash-games/
Bigfuncity.com - Free Flash Games
With over 11,000 flash games available to play for free, Bigfuncity is one of the larger sites for flash gamers. Games are well-categorized into: Action, Puzzle, Sport, Brain Training, Adventure, Racing, Kids and Casino or simply search by keyword for the game of your choice. If you register, you can also join the gaming community and communicate with other gamers on the site. Without registering, you can still access and play their entire database of games which are relatively quick to load, of a generally good quality, and easy to find. While there are many free gaming portals available these days, Bigfuncity is definitely worth a look the next time you need your fix.
http://bigfuncity.com/BFC/games/
Cosmo-Hacker?
http://digg.com/tech_news/_Cosmopolitan_Teaches_Girls_How_to_Break_DRM_Pirate_Music
Cosmopolitan Teaches Girls How to Break DRM & Pirate Music
i27.tinypic.com — I have new respect for this magazine.
[Picture of the page: http://i27.tinypic.com/2h66g3k.jpg
This proves my thesis that some people will spend any amount to save a few cents on gas...
http://www.engadget.com/2008/06/16/segway-sales-hit-all-time-high-thanks-opec/
Segway sales hit all time high, thanks OPEC!
by Darren Murph, posted Jun 16th 2008 at 8:54AM
No comments:
Post a Comment