So another quarter comes to a close. I am ending PowerPoint, Math, Math, Web sites, Math, and Statistics and starting Small Business Management, Marketing, Computer Security and Math. So it is time once again to remind my e-mail “subscribers” that they can stop cluttering their Inboxes and read the http://centennial-man.blogspot.com/ blog instead. (Of course this isn't required if you stop the emails at the firewall.)
CyberWar: When you have a tool, there is a tendency to use it.
Cyber Attacks against Tibetan Communities
Posted by ScuttleMonkey on Saturday March 22, @05:22AM from the that's-right-all-the-tea dept. Security The Internet
"The SANS Internet Storm Center reports about an increasing number of sophisticated and targeted cyber attacks against Tibetan NGOs. These attacks appear to be related to attacks against other anti-chinese groups like Falun Gong. 'There is lots of media coverage on the protests in Tibet. Something that lies under the surface, and rarely gets a blip in the press, [Highly desirous attributes. Bob] are the various targeted cyber attacks that have been taking place against these various communities recently. These attacks are not limited to various Tibetan NGOs and support groups. They have been reported dating back to 2002, and even somewhat before that, and have affected several other communities, including Falun Gong and the Uyghurs.'"
US Olympic tourists warned about monitoring in hotels
Americans traveling to China for the Olympic Games in August can expect their hotel rooms there to be monitored, the State Department warned on its website.
"All visitors should be aware that they have no reasonable expectation of privacy in public or private locations," according to the State Department site.
"All hotel rooms and offices are considered to be subject to on-site or remote technical monitoring at all times. Hotel rooms, residences and offices may be accessed at any time without the occupant's consent or knowledge," it said.
Source - Breitbart.com
Feds Tout New Domestic Intelligence Centers
By Ryan Singel March 20, 2008 | 8:02:57 PM
... But critics say that "all hazards, all threats" approach sounds suspiciously like the government is building a distributed domestic intelligence service that could easily begin keeping tabs on Americans exercising their First Amendment rights. The scope also seems at odds with the federal government's Information Sharing Environment guidelines, which say these centers are supposed to focus on terrorism.
... Earlier this year, the ACLU issued a warning report about Fusion Centers, complete with an interactive fusion center map, earlier this year. [There are no Fusion Centers in Idaho yet, proving once a for all that potatoes need little surveillance. Bob]
We love and respect our customers..
Comcast Cameras to Start Watching You?
If you have some tinfoil handy, now might be a good time to fashion a hat. At the Digital Living Room conference today, Gerard Kunkel, Comcast’s senior VP of user experience, told me the cable company is experimenting with different camera technologies built into devices so it can know who’s in your living room.
The idea being that if you turn on your cable box, it recognizes you and pulls up shows already in your profile or makes recommendations. If parents are watching TV with their children, for example, parental controls could appear to block certain content from appearing on the screen. Kunkel also said this type of monitoring is the “holy grail” because it could help serve up specifically tailored ads. Yikes.
Kunkel said the system wouldn’t be based on facial recognition, so there wouldn’t be a picture of you on file (we hope). Instead, it would distinguish between different members of your household by recognizing body forms.
Source - NewTeeVee
Ditto? Do “shrink wrap” rules apply? How about “bait and switch?”
If You Don't See The Terms Of Service Until After You Buy, Are They Valid?
from the seems-a-bit-unfair dept
There have been lawsuits over software packages that only allow you to see the end user license agreement (EULA) after you've already paid for the software, but does that apply in other situations as well? Broadband Reports points us to the news that for people who sign up for Verizon's FiOS fiber optic broadband, you don't get to see the full terms of service until after it's installed. Verizon claims it's just easier this way -- and that all the important points are explained ahead of time. It also says that users can cancel within 30 days with no penalty if they're uncomfortable with the terms. However, that leaves out the fact that a lot of time and effort went into installing the actual FiOS system, which could also disrupt other systems (in fact, in a few cases -- though certainly not all -- a FiOS installation cuts the old copper line). So, in that case, it would be difficult to just go back to what you had before.
Are they really errors if it is part of the design?
New Study Shows Massive Error Rates In E-Voting Machines
from the that-can-swing-an-election dept
Just as e-voting firm Sequoia is resisting having its machines reviewed independently, the Brookings Institute has put a bunch of e-voting machines to the test, and found error rates around 3% on some of the machines. These weren't errors due to software problems, but usability problems, where the design of the system resulted in people voting for a candidate they did not want. 3% is a huge number, and could easily change the results of an election. While the study found that people generally like e-voting technology, that still doesn't mean it's particularly effective. One other interesting part of the finding: when there was a voter-verified paper trail, it didn't cut down on errors. [Now that's depressing... Bob] This suggests that many voters were either confused or didn't even bother to verify their vote. This should all be very worrisome. Even ignoring the technology problems that these machines have been shown to have, the fact that the design tends to create so many mistake votes should lead people to seriously question the use of e-voting machines.
If we know how to do it, is it negligence to NOT do it?
Training Your Sights on Online Fraud
By Carol Baroudi E-Commerce Times Part of the ECT News Network 03/20/08 4:00 AM PT
... Recent Aberdeen research has shown that those organizations that are getting the best results in both growing user confidence and reducing fraud have over the last 12 months been able to reduce the number of incidents of fraud and reduce financial loss attributable to fraud. Simultaneously, they were able to increase the number of user accounts, the number of online transactions and the number of online transactions per user.
Survey results show that the top performing firms enjoying Best-in-Class performance share several common characteristics:
Ninety-two percent authenticate users at the creation of the account;
Eighty-four percent use encryption; and
Sixty-eight percent monitor transactions.
... The complete report that identifies what Best-in-Class companies are doing to achieve their superior results as well as concrete steps to reduce fraud is available here.
Tools & Techniques: Hacking video.
How to hack RFID-enabled credit cards for $8
Posted on March 19, 2008 12:20 AM
Hacking without hacking? (How Zen)
What Happens To Bounced @Donotreply.com E-Mails
Posted by ScuttleMonkey on Friday March 21, @04:30PM from the lazy-people-who-can't-configure-mail-servers-to-do-their-bidding dept. Security The Internet
An anonymous reader writes
"The Washington Post's Security Fix blog today features a funny but scary interview with a guy in Seattle who owns the domain name donotreply.com. Apparently, everyone from major US banks to the Transportation Security Administration to contractors in Iraq use some variation on the address in the "From:" field of all e-mails sent out, with the result that bounced e-mails go to the owner of donotreply.com. 'With the exception of extreme cases like those mentioned above, Faliszek says he long ago stopped trying to alert companies about the e-mails he was receiving. It's just not worth it: Faliszek said he is constantly threatened with lawsuits from companies who for one reason or another have a difficult time grasping why he is in possession of their internal documents and e-mails.'"
I doubt it's a cultural thing, after all they have American based PR people. It must be that they don't talk to each other... (Of course, this is similar to the bank that charged you a dollar a month to NOT issue you a debit card.)
Breaking: Sony Won't Charge $50 To Remove Bloatware
By Rob Beschizza March 21, 2008 | 11:13:07 AM
Responding to a tidal wave of outrage, Sony has reversed a plan to charge $50 to remove all the pre-installed applications — often derided as "bloatware" or "craplets" — from its high-end TZ-series notebooks.
Earlier today, PC World reported that Sony would charge $50 for a configuration option called "Fresh Start," which would not include the bloatware. When contacted by Gadget Lab, a spokesperson for Sony said that the company will now remove that charge.
Toward a fully “on demand,” pay by the drink, entertainment industry?
CBC Plans To BitTorrent Its Own TV Program
from the about-time... dept
Four years ago, we were among a group of folks talking about how the combination of BitTorrent and RSS could create a really fantastic online TiVo type solution. Rather than having to wait for your TV to broadcast a show, broadcasters could put the shows online, via BitTorrent, and you could subscribe with RSS, getting every TV show you wanted. Of course, since that time, online hosted video has become more popular, with the likes of YouTube getting much of the attention. However, it looks like the idea of using BitTorrent to distribute TV programs in an authorized manner hasn't disappeared. Joe writes in to alert us that CBC Television up in Canada is planning to distribute copies of their program Canada’s Next Great Prime Minister via BitTorrent right after it airs. And, yes, they'll be doing it DRM-free. As the folks behind the show have said: "The show will [be] completely free (and legal) for you to download, share & burn to your heart's desire." Nice to see some are starting to get it. Rather than locking stuff down, you want to share it as widely as possible.
Wall Street Journal “Hack?”
2008.03.21 • 07:28 EDT
The Wall Street Journal's Web site is already (secretly) free
... The system works like this: If you click on a subscriber-only WSJ link from an ordinary Web site -- say, a link that I post here, or a link from within the Journal's own site -- you'll be sent to a limited version of the article, and you'll be asked to log in to read the whole thing.
But if you click on a link to that same article in Google News, you'll be sent to the full story for free. This is true, also, of WSJ links on Digg, and probably a few other big referral sites, too.