Saturday, September 06, 2008

You'd think crooks would have better ways to dispose of the evidence.

http://www.pogowasright.org/article.php?story=20080905222721810

Kr: `GS Caltex Leaked Personal Data of 11 Mln Customers`

Saturday, September 06 2008 @ 05:27 AM EDT Contributed by: PrivacyNews

And poof, within a week, yet a third breach that would make the Top 10 list.

Two multimedia discs containing the personal information of 11.1 million customers of GS Caltex, one of the nation`s largest oil refineries, was found on the street, police said yesterday.

Police have not yet confirmed any damage caused by the leak, but this is considered the country’s largest leak of its kind given the number of people involved.

.... The discs -- one DVD and a CD-Rom which are believed to have been thrown away -- were found early this month by an office worker in a backstreet’s trash pile near Gangnam subway station in Seoul.

The DVD contained 76 files in a folder named “GS Caltex,” including the names, social security numbers, addresses, cell phone numbers, email addresses and workplaces of customers sorted by age. The CD-Rom is believed to be a sample of the DVD as it contains only a few people’s personal data.

Source - The Dong-A Ilbo

[From the article:

“We have tentatively concluded that it is membership information collected for the bonus card issued by our company. The bonus card offers discounts for fill-ups, and is mainly issued by gas stations to compile customers’ personal information.” [Wow, what a relief! Bob]

... Experts say a GS Caltex employee likely stole the information for personal purposes given no signs of hacking and the anti-hacking system being intact.



Not sure what is going on here... Do we have another San Francisco type incident where an employee is taking control of sensitive data that the organization is not adequately protecting?

http://www.pogowasright.org/article.php?story=20080906055423925

NH: LGC employee arrested over missing data

Saturday, September 06 2008 @ 05:54 AM EDT Contributed by: PrivacyNews

The Concord police arrested a former Local Government Center employee yesterday, accusing her of removing computer backup tapes and manipulating computer information at the organization. Ruthanne Bradley, 46, was released yesterday on $25,000 personal recognizance bail and faces four Class A felony charges.

The Local Government Center - which administers benefit plans for public employees - maintains databases that include personal information for public employees throughout the state, including Social Security numbers and medical information, according to the police. The data in question had the potential to affect an estimated 190,000 current and former public employees, the police said.

There is a window of time - between 41½ hours and 60 hours - when law enforcement officials can't account for the whereabouts of the two backup tapes, said Concord Police Detective Mark Dumas of the computer crimes unit.

Source - Concord Monitor

Related - Boston Globe: NH Local Government Center worker arrested

[From the first article:

No victims have come forward thus far to say that their personal information has been used illegally, said Concord Police Lt. Keith Mitchell. [How would any victim know who to contact before the breach was disclosed? Bob]

[From the second article:

Last month, the center said the backup tapes were missing from the secured room where they are stored, then turned up in the building later. The center said an internal audit was conducted and it was found that there was no breach of personal data.

... Police, who have been investigating the matter since Aug. 6, said they couldn't definitively ascertain if the backup tapes had ever been compromised or left the building.



If I read this correctly, they kept the data online even when there was no longer a business need for it.

http://www.pogowasright.org/article.php?story=20080905124032744

Jp: Cyber-attacks leak info on Hotta customers

Friday, September 05 2008 @ 12:40 PM EDT
Contributed by: PrivacyNews

The personal data of as many as 18,000 customers have been compromised after the server of Tokyo-based pet supply firm Hotta was accessed by a hacker in China, The Yomiuri Shimbun has learned.

The company confirmed there have been at least 30 incidents of phishing for personal data and its fraudulent use. The company also said they filed a police report last month.

According to a Hotta spokesman, between January 2004 and May 2007, about 18,000 customers entered their personal details, such as name, address and e-mail address, on the company's Web site to join a membership plan for buying products off the company's Dog One Life Web site. About 4,800 customers also included credit card information.

Source - Daily Yomiuri Online

[From the article:

The company continued operating the server even after online sales activities were ended in late May last year. This June, however, the company began receiving notices from credit card companies regarding possible information theft.



Can you remember the world without Google?

http://tech.slashdot.org/article.pl?sid=08/09/05/1944214&from=rss

Google Turns 10

Posted by CmdrTaco on Friday September 05, @04:53PM from the we'll-always-be-older-and-poorer dept. Google

Ian Lamont writes

"It was on September 7, 1998 that Larry Page and Sergey Brin founded Google Inc., aiming to provide a better search engine. You can see what it looked like here. Google had a relatively good search engine technology that succeeded in burying many late 1990s competitors, and it eventually developed a successful advertising model and pledged to "do no evil." The company now has nearly 20,000 employees and a $150 billion market value, and has been acquiring or developing a host of groundbreaking technologies. When did you start using its search engine? Is the world a better place because of Google?"



When I assigned them a project to secure a Cloud based application, my students thought I was nuts. (Now of course they know I'm nuts.)

http://www.infoworld.com/article/08/09/05/Appirio-abandons-servers-and-heads-for-the-cloud_1.html?source=rss&url=http://www.infoworld.com/article/08/09/05/Appirio-abandons-servers-and-heads-for-the-cloud_1.html

Appirio opts for the cloud over servers

The company's 100-person operation relies on cloud-based, on-demand software from Google and Salesforce.com

By Paul Krill September 05, 2008

Can a business be run solely in the cloud without a server anywhere in sight? Appirio says it can and is already doing it.

Starting out with four people two years ago and growing to nearly 100 employees, the company relies on cloud-based, on-demand software from Google and Salesforce.com, said Narinder Singh, founder and chief marketing officer at Appirio.

... Annual IT costs per employee for hardware and software at Appirio are less than $1,000, as opposed to the $6,000 to $12,000 per employee that was spent at SAP when Singh worked there, he stressed.



Good article with some interesting citations

http://www.slate.com/id/2199368

Why Is the Internet So Infuriatingly Slow?

Plus, two horrible things your Internet service provider wants to do to make it speedier.

By Chris Wilson Posted Friday, Sept. 5, 2008, at 7:45 AM ET


Related

http://arstechnica.com/news.ars/post/20080904-martin-responds-to-comcast-lawsuit-we-still-want-answers.html

Martin responds to Comcast lawsuit: we still want answers

By Matthew Lasar Published: September 04, 2008 - 09:20PM CT

Federal Communications Commission Chair Kevin Martin said today that he was "disappointed" by Comcast's decision to sue the FCC over its move to sanction the company for P2P throttling. But Martin said he's glad that the cable giant says it will still comply with the Commission's Order requiring the company to reveal its Internet management policies, because the agency has lots of questions.

"Given Comcast's past failure to disclose its network management practices to its customers, it is important Comcast respond to the many still-unanswered questions about its new management techniques," Martin warned in a statement released this afternoon. Most notably, what exactly does Comcast mean when it says it will have a "protocol agnostic" management system in place by the end of the year?

And as for the bandwidth limits that Comcast has now announced: "How will consumers know if they are close to a limit?" Martin asked. "If a consumer exceeds a limit, is his traffic slowed? Is it terminated? Is his service turned off?"

Anticipating Comcast's arguments that the FCC has no jurisdiction to sanction its behavior, Martin reminded the company that when the FCC approved it and Time-Warners' acquisition of Adelphia Communications in July of 2006, the FCC "put Comcast on notice" that it would act on complaints of degraded Internet content. "Comcast nonetheless chose to close on that deal," Martin noted.

... While Free Press's Ben Scott also calls Comcast's actions "predictable," his comments concur that Capitol Hill has to address the problem. "The future of the Internet is too important to let Comcast tie it up in legal limbo," Scott said. "Congress should act now to pass net neutrality laws that clear up any uncertainty once and for all."



Is this viable? (I did find a lawyer I know in the Litigation Practice Group at Holme Roberts & Owen easily enough...)

http://www.killerstartups.com/Search/feefiefoefirm-com-find-law-firms

FeeFieFoeFirm.com - Find Law Firms

http://www.feefiefoefirm.com

Are you looking for legal help? If you are, then you should start looking through Feefiefoefirm.com. With this legal search engine, you’ll be able to find a law firm in your area willing to help you out in your court case. You’ll be able to read many court profiles, see what services they excel in, and many other things that are sure to help you in deciding whether or not you want to hire a law firm’s services. If you own a law firm, you’ll be able to submit your site to them. This will make it easier for you to get costumers, as you’ll have place where you can get free exposure. While sites like this abound, this one has a great search engine and since you can search for law firms outside of the US, it covers a lot more territory.

Friday, September 05, 2008

.

Proof that ID theft can work in both directions, not just US data being used overseas. Strange that only US citizens are being hit – does this suggest a reverse discrimination or are UAE cards flagged in some way that protects them?

http://www.pogowasright.org/article.php?story=20080904144224447

Hackers break into UAE credit network to fund US purchases

Thursday, September 04 2008 @ 02:42 PM EDT Contributed by: PrivacyNews

An international investigation is under way to find hackers believed to have stolen information from financial servers in the UAE to make fraudulent credit and debit card purchases in the US.

The scheme came to light after a number of employees at the US Embassy – and a handful of other US citizens – had unauthorised purchases show up on their credit and debit cards in recent months, prompting the embassy to issue a warning on its website.

Source - The National



What does this suggest? Google just didn't make an effort to review the EULA earlier? See if they squawk and if so we'll change it?

http://www.pogowasright.org/article.php?story=20080904144439922

Google changes Chrome EULA over privacy concerns

Thursday, September 04 2008 @ 02:44 PM EDT Contributed by: PrivacyNews

Within seconds of me posting about privacy concerns and other fixes in Chrome, I discovered that Google has now removed the clause where that said they could look under your bed, run DNA tests on your spouse, and inspect behind the ears of your kids after a bath. Or maybe it was just something about: they could collect and store you private data and re-distribute it.

I obviously know my posts had nothing to do with it, or that these other stories elicited much of a response. I do suspect that a debate on Slashdot fueled some speculation at Google about how much information the company can collect about you and your online travails.

Source - Computerworld



Apparently Pogo has been doing some reading. Here are the articles I'll probably read (more on their website.)

http://www.pogowasright.org/article.php?story=20080905052010424

Article: The Rise and Fall of Invasive ISP Surveillance.

Friday, September 05 2008 @ 05:20 AM EDT Contributed by: PrivacyNews Internet & Computers

Ohm, Paul,The Rise and Fall of Invasive ISP Surveillance(August 30, 2008).

Free full-text article available for download here


Related. Wired picked up on this one too..

http://blog.wired.com/27bstroke6/2008/09/isps-will-all-s.html

ISPs Will All Spy on Their Customers, Professor Warns

By Ryan Singel September 04, 2008 8:27:20 PM

If there's a candidate for the worst future violator of your privacy, look no further than the company you pay for broadband.

So says University of Colorado law professor and former federal prosecutor Paul Ohm, who argues in a new article that ISPs have the means, motive and opportunity to kill your online privacy.


http://www.pogowasright.org/article.php?story=20080905054156585

Article: Facebook and the Social Dynamics of Privacy

Friday, September 05 2008 @ 05:41 AM EDT Contributed by: PrivacyNews

Full-text article available for free download from SSRN


http://www.pogowasright.org/article.php?story=20080905054327556

Article: Engineering Privacy

Friday, September 05 2008 @ 05:43 AM EDT Contributed by: PrivacyNews

Full-text article available for free download from SSRN


http://www.pogowasright.org/article.php?story=20080905054722166

Article: Regulation of Converged Communications Surveillance

Friday, September 05 2008 @ 05:47 AM EDT Contributed by: PrivacyNews

Full-text article available for free download from SSRN


http://www.pogowasright.org/article.php?story=20080905055054455

Book Review: Do We Need a New Fourth Amendment?

Friday, September 05 2008 @ 05:50 AM EDT Contributed by: PrivacyNews

Full-text article available for free download from SSRN


http://www.pogowasright.org/article.php?story=20080905055355984

Article: Outrageous Invasions: The Defamation and Harassment Surrounding Media Invasion of Celebrities' Private Lives

Friday, September 05 2008 @ 05:53 AM EDT Contributed by: PrivacyNews

Source - SSRN



Complexity wrapped in obscurity based on technology.

http://www.bespacific.com/mt/archives/019235.html

September 04, 2008

New on LLRX.com - E-Discovery Update: Producing Spreadsheets in Discovery

E-Discovery Update: Producing Spreadsheets in Discovery – 2008

  • In spite of great financial investment to produce these documents in a way that satisfies competing litigation needs of authenticity and full native functionality, litigants continue to disagree on a production format for these documents, according to Conrad J. Jacoby.



There seems to be a trend to adopt “industry standard” security guidelines as state law. This is simply another example. Are legislatures going to far in order to be seen “doing something?”

http://www.pogowasright.org/article.php?story=20080904144034474

'I'll be back': Vetoed data breach bill goes to Schwarzenegger again

Thursday, September 04 2008 @ 02:40 PM EDT Contributed by: PrivacyNews

An amended version of a closely watched data breach bill that was vetoed by California Gov. Arnold Schwarzenegger last October is once again headed to his desk for approval.

The bill — known as the Consumer Data Protection Act, or AB 1656 (download PDF) — basically would require retailers that accept payment card transactions to take specific precautions for protecting cardholder data and disclose more details about data breaches to consumers affected by them. But an earlier provision that would have required retailers to reimburse financial institutions for the costs involved in replacing credit and debit cards compromised in breaches has been dropped.

Source - Computerworld



Redefining “unlimited”

http://tech.slashdot.org/article.pl?sid=08/09/04/221228&from=rss

Comcast Appeals FCC's Net Neutrality Ruling

Posted by timothy on Thursday September 04, @06:12PM from the makes-one-long-for-tin-cans-and-string dept. The Internet The Courts

Ian Lamont writes

"Comcast has filed a court appeal of an FCC ruling that says the company can't delay peer-to-peer traffic on its network because it violates FCC net neutrality principles. A Comcast VP said the FCC ruling is 'legally inappropriate,' but said it will abide by the order during the appeal while moving forward with its plan to cap data transfers at 250 GB per month."



This is the first ruling of its kind? Sounds obvious to me!

http://www.pogowasright.org/article.php?story=20080904105813456

No 'Legitimate' Privacy Expectation in Data on Office Computer, Court Says

Thursday, September 04 2008 @ 10:58 AM EDT Contributed by: PrivacyNews

An employee has no reasonable expectation of privacy in personal files stored on a company-owned computer and an employer's consent makes a police search lawful, an appeals court says in a ruling of first impression in New Jersey.

The Aug. 29 ruling affirms a former bookkeeper's conviction of stealing over $650,000 in electronic fund transfers, records of which were found through warrantless searches of the laptop and desktop computers he used at work.

"We conclude ... that neither the law nor society recognize as legitimate defendant's subjective expectation of privacy in a workplace computer he used to commit a crime," Judge Marie Simonelli wrote for the three-judge panel in State v. M.A., A-4922-06.

Source - Law.com

[From the article:

Attorney General Anne Milgram's spokesman, Peter Aseltine, says she is pleased the court recognized that there is no expectation of privacy in criminal matters, just as there is none in civil matters. "That ruling was compelled under the particular facts of this case," he says. "[T]he defendant had been advised the computers were company property, the computers were connected to the company's network system and the defendant's office was never closed or locked."


Related?

Also “obvious” but not clearly defined?

http://www.pogowasright.org/article.php?story=20080905060958753

Judge Shielding IDs of Online News Commenters

Friday, September 05 2008 @ 06:09 AM EDT Contributed by: PrivacyNews

A Montana state judge is ruling that the identities of anonymous commenters posted on news sites are protected by a state's media shield law.

While Wednesday's decision does not carry legal weight with other judges across the United States, media lawyers said Thursday they believed it was the first ruling of its kind.

Source - Threat Level blog



I watch what satellite capabilities are mentioned online, no matter how bizzare.

http://yro.slashdot.org/article.pl?sid=08/09/05/1157243&from=rss

Shadow Analysis Could Spot Terrorists

Posted by kdawson on Friday September 05, @08:24AM from the made-in-the-shade dept. Privacy

Hugh Pickens writes

"An engineer at Jet Propulsion Labs says it should be possible to identify people from the way they walk — a technique called gait analysis, whose power lies in the fact that a person's walking style is very hard to disguise. Adrian Stoica has written software that recognizes human movement in aerial and satellite video footage by isolating moving shadows and using data on the time of day and the camera angle to correct shadows that are elongated or foreshortened. In tests on footage shot from the sixth floor of a building, [Is this truly comparable to satellite resolution? Wow! Bob] Stoica says his software was indeed able to extract useful gait data. Extending the idea to satellites could prove trickier, though. Space imaging expert Bhupendra Jasani at King's College London says geostationary satellites simply don't have the resolution to provide useful detail. [Spy satellites are not geostationary. Bob] 'I find it hard to believe they could apply this technique from space,' says Jasani."

Comments on the article speculate on the maximum resolution possible from KH-11 and KH-12 spy satellites.


...and for simple satellite watching...

http://science.slashdot.org/article.pl?sid=08/09/05/1231228&from=rss

Every Satellite Tracked In Realtime Via Google Earth

Posted by kdawson on Friday September 05, @09:12AM from the bejeweled-coterie dept. Space Earth

Matt Amato writes

"With the recent discussion of the ISS having to dodge some space junk, many people's attention has once again focused on the amount of stuff in orbit around our planet. What many people don't know is that USSTRATCOM tracks and publishes a list of over 13,000 objects that they currently monitor, including active/retired satellites and debris. This data is meaningless to most people, but thanks to Analytical Graphics, it has now been made accessible free of charge to anyone with a copy of Google Earth. By grabbing the KMZ, you can not only view all objects tracked in real-time, but you can also click on them to get more information on the specific satellite, including viewing it's orbit trajectory. It's an excellent educational tool for the space-curious. Disclaimer: I not only work for Analytical Graphics, but I'm the one that wrote this tool as a demo."

Thursday, September 04, 2008

Mellon continues in the headlines as more details trickle out.
http://www.pogowasright.org/article.php?story=2008090405500865
SAIC stock owners' private data stolen (BNY Mellon follow-up)
Thursday, September 04 2008 @ 05:50 AM EDT Contributed by: PrivacyNews
About 38,000 people who owned or held options for SAIC stock had their personal financial information stolen due to a data breach through BNY Mellon, a financial services company.
The data loss affects people who owned restricted stock or options in the huge government contractor beginning in 1993, or who owned stock in the company after Feb. 1, 2006.
Source - The Huntsville Times


The economics of Identity Theft Perhaps a spreadsheet to help estimate your potential liability would be useful?
http://www.pogowasright.org/article.php?story=20080903204533780
Certegy Settles Consumer Data Theft Lawsuits
Wednesday, September 03 2008 @ 08:45 PM EDT Contributed by: PrivacyNews
A federal judge has approved a settlement in two class-action lawsuits filed against a St. Petersburg check authorizing company that had more than 8.4 million consumer records stolen and sold to direct marketers.
The settlement provides for a range of credit monitoring services and reimbursement of expenses for those whose identity was stolen. The company, Certegy Check Services, is also reimbursing more than $2 million in legal expenses to the law firms involved in the cases.
... Under the settlement, Certegy is required to pay $2.35 million in attorneys' fees, costs and expenses. Two representative plaintiffs, Linda Beringer and Dana M. Lockwood, were awarded $500 each. Other named plaintiffs were awarded $250 each.
Source - Tampa Tribune
[From the article:
A federal prosecutor said at the sentencing hearing that Certegy had to spend $3.2 million to notify the 5.9 million customers whose private financial information was stolen.
... According to a Web site set up to notify consumers about the settlement, www.datasettlement,com, it provides that all class members who had their personal or financial information stolen can get compensated up to $20,000 for certain unreimbursed identity theft losses caused by the data theft. The losses covered could occur from Aug. 24, 1998, to Dec. 31, 2010.
... The thefts resulted in seven class-action lawsuits, two of which were settled by Wednesday's order.


My students always give me a blank look when I insist they should “Assiduously Eschew Obfuscation” Perhaps a paper on “Translating Privacy Policies” would be useful?
http://yro.slashdot.org/article.pl?sid=08/09/04/1110235&from=rss
Privacy Policies Are Great -- For PhDs
Posted by CmdrTaco on Thursday September 04, @08:50AM from the they-have-many-advanced-degrees dept. Privacy
An anonymous reader writes
"Major Internet companies say that they inform their customers about privacy issues through specially written policies. What they don't say is that more often than not consumers would need college undergraduate educations or higher to easily wade through the verbiage. BNET looked at 20-some-odd privacy policies from Internet companies that received letters from the House about privacy practices. The easiest to read policy came from Yahoo, at a roughly 12th grade level. Most difficult? Insight Communications, which at a level of over 20 years of eduction officially puts it onto IRS Code territory."


Think of it as anti-e-Discovery... (Will this result is a law forbidding users to delete any data?)
http://mobile.slashdot.org/article.pl?sid=08/09/03/2249238&from=rss
Criminals Remote-Wiping Cell Phones
Posted by samzenpus on Wednesday September 03, @07:58PM from the this-phone-will-self-destruct dept. Cellphones IT
An anonymous reader writes
"Crafty criminals are increasingly using the remote wipe feature on the Apple iPhone and other business handsets, such as RIM's BlackBerry, to destroy incriminating evidence, the head of the UK's Serious Fraud Office Keith Foggon has warned. Foggon told silicon.com that the move away from PCs towards using mobile phones [Aside: I'll wager most IT departments have little or no control over employee phones. Bob] was causing a headache for crime fighters who were struggling to keep up with the fast pace of new handsets and platforms churned out by the mobile industry."
[Interesting Comments:
Actually, if you slot a microSD card in a BlackBerry, you can set it up to encrypt the card along with the rest of the device, and it's scrubbed along with everything else if too many wrong passwords are entered in*
*The password and encryption is done device-side, so it even works in Linux.


Speaking of e-Discovery, it's always fun to note that even Billionaire CEOs don't understand it.
http://www.infoworld.com/article/08/09/03/Judge_raps_Ellison_over_missing_emails_1.html?source=rss&url=http://www.infoworld.com/article/08/09/03/Judge_raps_Ellison_over_missing_emails_1.html
Judge raps Ellison over missing e-mails
Oracle CEO failed to preserve e-mails and interview materials that should have been supplied in connection with lawsuit filed in March 2001 against the company
By Chris Kanaracus, IDG News Service September 03, 2008
... Oracle produced only 15 e-mails sent or received by Ellison from Ellison's own files, but pulled more than 1,600 Ellison e-mails from the systems of other company workers, according to Judge Susan Illston.


It will be important to use the correct technical term to explain why Ralph nader won the election, otherwise you could look as dumb as an election commisioner....
http://techdirt.com/articles/20080819/1745382036.shtml
E-Voting Isn't Perfect, But It Takes Less Work to Corrupt Big Elections
from the O(1) dept
Thad Hall, a political scientist at Caltech, complains that e-voting critics rarely make apples-to-apples comparisons between electronic and paper voting systems. They contend that if traditional paper voting systems were subjected to the same kind of close scrutiny that e-voting endures, security experts would find flaws—ballot tampering, ballot box stuffing, and so forth—at least as serious as the problems commonly identified in touch-screen voting machines. Rice computer scientist Dan Wallach responds by pointing to a new paper he's written proposing an elegant way to think about the security of voting systems. Computer scientists use "big-O" notation to describe the complexity of algorithms. He suggests a similar terminology to describe the effort required to compromise voting systems as a function of the size of the election. A security flaw that can be compromised with an effort proportional to the number of voters N is said to be a O(N) flaw. A flaw that can be exploited with an effort proportional to the number of polling places is an O(P) flaw. A flaw that can be exploited with a constant amount of effort, regardless of the number of voters, is an O(1) flaw.
The last kind of attack is the most dangerous because it's feasible for a small number of people—perhaps even a single individual—to do a lot of damage. The reason paper-based elections tend to be better than touch-screen elections isn't that the former don't have flaws. The difference is that attacks against paper-based voting systems are far more likely to be O(N) or O(P)—that is, you have to tamper with a lot of ballots or corrupt a lot of poll workers. In contrast, because they contain re-programmable computers at their hearts, touch-screen voting systems are far more susceptible to O(1) attacks such as a custom-developed virus or a corrupt employee at the e-voting vendor. Because they allow a single individual to do extensive damage, they're much more dangerous than other kinds of attacks, even if carrying them out takes relatively more skill or effort than other attacks with O(P) or O(N) cost. The reason to prefer paper-based voting to touch-screen voting isn't that paper voting is flawless, but that the attacks against them are labor-intensive enough that it's difficult to carry out large-scale attacks without getting caught.


Browsers as the Web 2.0 Operating System
http://tech.slashdot.org/article.pl?sid=08/09/03/2244226&from=rss
Chrome Vs. IE 8
Posted by samzenpus on Wednesday September 03, @09:52PM from the put-em-up dept. The Internet Google Internet Explorer IT
snydeq writes
"Google Chrome and Internet Explorer 8 herald a new, resource-intensive era in Web browsing, one sure to shift our conception of acceptable minimum system requirements, InfoWorld's Randall Kennedy concludes in his head-to-head comparison of the recently announced multi-process, tabbed browsers. Whereas single-process browsers such as Firefox aim for lean, efficient browsing experiences, Chrome and IE 8 are all about delivering a robust platform for reliably running multiple Web apps in a tabbed format in answer to the Web's evolving needs. To do this, Chrome takes a 'purist' approach, launching multiple, discrete processes to isolate and protect each tab's contents. IE 8, on the other hand, goes hybrid, creating multiple instances of the iexplore.exe process without specifically assigning each tab to its own instance. 'Google's purist approach will ultimately prove more robust,' Kennedy argues, 'but at a cost in terms of resource consumption.' At what cost? Kennedy's comparison found Chrome 'out-bloated' IE 8, consuming an average of 267MB vs. IE 8's 211MB. This, and recent indications that IE 8 itself consumes more resources than Vista, surely announce a new, very demanding era in Web-centric computing."


From the people that brought you “Double Secret Probation?”
http://news.slashdot.org/article.pl?sid=08/09/03/181251&from=rss
Don't Share That Law! It's Copyrighted
Posted by timothy on Wednesday September 03, @02:32PM from the there-would-be-these-rules-that-everyone-knows dept. Government The Courts United States
Nathan Halverson writes
"California claims copyright to its laws, and warns people not to share them. And that's not sitting right with Internet gadfly, and open-access hero, Carl Malamud. He has spent the last couple months scanning tens of thousands of pages containing city, county and state laws — think building codes, banking laws, etc. Malamud wants California to sue him, which is almost a given if the state wants to continue claiming copyright. He thinks a federal court will rule in his favor: It is illegal to copyright the law since people are required to know it. Malamud helped force the SEC to put corporate filings online in 1994, and did the same with the patent office. He got the Smithsonian to loosen its claim of copyright, CSPAN to stop forbidding people from sharing its videos, and most recently Oregon to quit claiming copyright on state laws."
Malamud's talk at Google ("All the Government's Information") is also well worth watching.


Perhaps “Class Action as a Class Project” at your neighborhood law school? Just a way to help with tuition...
http://techdirt.com/articles/20080901/1828492144.shtml
Suing Telemarketers And Winning
from the it-is-possible dept
While we've noted the fact that many telemarketers are clearly ignoring things like the Do Not Call list, it appears that more and more people are figuring out that they can fight back on their own. Consumerist has the story of one woman who followed the suggestions at the Kill the Calls website and was able to successfully sue a telemarketer in small claims court... and win. It does sound like a fair amount of work, but for those who have the time and the anger at receiving too many intrusive telemarketing calls, apparently it can work -- even if the company in question sends its chief legal counsel across the country to defend its practices.


Nice overview!
http://www.bespacific.com/mt/archives/019223.html
September 03, 2008
CERT: Understanding Voice over Internet Protocol (VoIP)
Cyber Security Tip ST05-018 - Understanding Voice over Internet Protocol (VoIP): "Because VoIP relies on your internet connection, it may be vulnerable to any threats and problems that face your computer. The technology is still new, so there is some controversy about the potential for attack, but VoIP could make your telephone vulnerable to viruses and other malicious code. Attackers may be able to perform activities such as intercepting your communications, eavesdropping, conducting effective phishing attacks by manipulating your caller ID, and causing your service to crash. Activities that consume a large amount of network resources, like large file downloads, online gaming, and streaming multimedia, will also affect your VoIP service."


Worth getting from the library?
http://books.slashdot.org/article.pl?sid=08/09/03/137236&from=rss
Blown to Bits
Posted by samzenpus on Wednesday September 03, @11:19AM from the read-all-about-it dept. thumbnail
Ray Lodato writes
"Few people would deny that the world has changed significantly since the explosion of the Internet. Our access to immense volumes of data has made our lives both easier and less secure. Hal Abelson, Ken Ledeen, and Harry Lewis have written an intriguing analysis of many of the issues that have erupted due to the ubiquity of digital data, not only on the Internet but elsewhere. Blown to Bits: Your Life, Liberty, and Happiness After the Digital Explosion, published by Addison-Wesley, digs into many of the ramifications of making so much information available to the world at large. As I read through the book, I was alternately fascinated and horrified at what information is available, and how it is being used and abused."


...so the move by Comcast and other ISPs to limit bandwidth is a result of their internal structure, not an upstream bottleneck.
http://arstechnica.com/news.ars/post/20080903-what-exaflood-net-backbone-shows-no-signs-of-osteoporosis.html
What exaflood? 'Net backbone shows no signs of osteoporosis
By Nate Anderson Published: September 03, 2008 - 11:12AM CT
Given recent media coverage, it's easy to believe that P2P and streaming video traffic is a rising hurricane battering upon ISP levees, that ISPs are frantically sandbagging their systems against disaster, that throttling, bandwidth caps, and traffic management are urgent and absolute necessities to keep the storm surge at bay. But new research from Telegeography only confirms what we've been saying for some time: the Internet backbone isn't drowning beneath any kind of exaflood. In fact, backbone capacity has grown faster than Internet traffic in the last year—for the second year in a row.


I'll probably fond a few to amuse my students (and perhaps make a point...)
http://blog.wired.com/underwire/2008/09/review-one-minu.html
Wired.com's Picks From Filminute's Microvideo Short-List
By Hugh Hart September 03, 2008 4:20:00 PM


Economics in the People Republic. No doubt they will make it mandatory for (second class) citizens to take cabs and pay three time todays rates so cabbies can earn a “fair” income.
http://blog.wired.com/cars/2008/09/boston-cabbies.html
Boston Cabbies Wicked Mad About Green Taxi Rule
By Dave Demerjian September 03, 2008 5:18:08 PM
... The police department's hackney division, which deals with all things taxi, has decreed that all cab drivers and operators must convert their fleets to hybrids by 2015.


Hackers love a challenge. I give it three days, max.
http://hardware.slashdot.org/article.pl?sid=08/09/03/1726205&from=rss
Ghostbusters Is First Film Released On USB Key
Posted by timothy on Wednesday September 03, @01:46PM from the free-gozer dept. Movies Data Storage Entertainment
arcticstoat writes
"Are you the USB keymaster? You could be soon if you pick up PNY's new 2GB USB flashdrive, which comes pre-loaded with Ghostbusters. A spokesperson for PNY explained that it comes with a form of DRM that prevents you from copying the movie. 'They have DRM protection,' explained the spokesperson, 'so customers can download the movie onto their laptop or PC if they wish, but they have to have the USB drive plugged in to watch the movie, as the DRM is locked in the USB drive.' The music industry has been playing around with USB flash drives for a few years now, but it hasn't been a massive success yet; will USB movies fare any better?"
Mellon continues in the headlines as more details trickle out.
http://www.pogowasright.org/article.php?story=2008090405500865
SAIC stock owners' private data stolen (BNY Mellon follow-up)
Thursday, September 04 2008 @ 05:50 AM EDT Contributed by: PrivacyNews
About 38,000 people who owned or held options for SAIC stock had their personal financial information stolen due to a data breach through BNY Mellon, a financial services company.
The data loss affects people who owned restricted stock or options in the huge government contractor beginning in 1993, or who owned stock in the company after Feb. 1, 2006.
Source - The Huntsville Times


The economics of Identity Theft Perhaps a spreadsheet to help estimate your potential liability would be useful?
http://www.pogowasright.org/article.php?story=20080903204533780
Certegy Settles Consumer Data Theft Lawsuits
Wednesday, September 03 2008 @ 08:45 PM EDT Contributed by: PrivacyNews
A federal judge has approved a settlement in two class-action lawsuits filed against a St. Petersburg check authorizing company that had more than 8.4 million consumer records stolen and sold to direct marketers.
The settlement provides for a range of credit monitoring services and reimbursement of expenses for those whose identity was stolen. The company, Certegy Check Services, is also reimbursing more than $2 million in legal expenses to the law firms involved in the cases.
... Under the settlement, Certegy is required to pay $2.35 million in attorneys' fees, costs and expenses. Two representative plaintiffs, Linda Beringer and Dana M. Lockwood, were awarded $500 each. Other named plaintiffs were awarded $250 each.
Source - Tampa Tribune
[From the article:
A federal prosecutor said at the sentencing hearing that Certegy had to spend $3.2 million to notify the 5.9 million customers whose private financial information was stolen.
... According to a Web site set up to notify consumers about the settlement, www.datasettlement,com, it provides that all class members who had their personal or financial information stolen can get compensated up to $20,000 for certain unreimbursed identity theft losses caused by the data theft. The losses covered could occur from Aug. 24, 1998, to Dec. 31, 2010.
... The thefts resulted in seven class-action lawsuits, two of which were settled by Wednesday's order.


My students always give me a blank look when I insist they should “Assiduously Eschew Obfuscation” Perhaps a paper on “Translating Privacy Policies” would be useful?
http://yro.slashdot.org/article.pl?sid=08/09/04/1110235&from=rss
Privacy Policies Are Great -- For PhDs
Posted by CmdrTaco on Thursday September 04, @08:50AM from the they-have-many-advanced-degrees dept. Privacy
An anonymous reader writes
"Major Internet companies say that they inform their customers about privacy issues through specially written policies. What they don't say is that more often than not consumers would need college undergraduate educations or higher to easily wade through the verbiage. BNET looked at 20-some-odd privacy policies from Internet companies that received letters from the House about privacy practices. The easiest to read policy came from Yahoo, at a roughly 12th grade level. Most difficult? Insight Communications, which at a level of over 20 years of eduction officially puts it onto IRS Code territory."


Think of it as anti-e-Discovery... (Will this result is a law forbidding users to delete any data?)
http://mobile.slashdot.org/article.pl?sid=08/09/03/2249238&from=rss
Criminals Remote-Wiping Cell Phones
Posted by samzenpus on Wednesday September 03, @07:58PM from the this-phone-will-self-destruct dept. Cellphones IT
An anonymous reader writes
"Crafty criminals are increasingly using the remote wipe feature on the Apple iPhone and other business handsets, such as RIM's BlackBerry, to destroy incriminating evidence, the head of the UK's Serious Fraud Office Keith Foggon has warned. Foggon told silicon.com that the move away from PCs towards using mobile phones [Aside: I'll wager most IT departments have little or no control over employee phones. Bob] was causing a headache for crime fighters who were struggling to keep up with the fast pace of new handsets and platforms churned out by the mobile industry."
[Interesting Comments:
Actually, if you slot a microSD card in a BlackBerry, you can set it up to encrypt the card along with the rest of the device, and it's scrubbed along with everything else if too many wrong passwords are entered in*
*The password and encryption is done device-side, so it even works in Linux.


Speaking of e-Discovery, it's always fun to note that even Billionaire CEOs don't understand it.
http://www.infoworld.com/article/08/09/03/Judge_raps_Ellison_over_missing_emails_1.html?source=rss&url=http://www.infoworld.com/article/08/09/03/Judge_raps_Ellison_over_missing_emails_1.html
Judge raps Ellison over missing e-mails
Oracle CEO failed to preserve e-mails and interview materials that should have been supplied in connection with lawsuit filed in March 2001 against the company
By Chris Kanaracus, IDG News Service September 03, 2008
... Oracle produced only 15 e-mails sent or received by Ellison from Ellison's own files, but pulled more than 1,600 Ellison e-mails from the systems of other company workers, according to Judge Susan Illston.


It will be important to use the correct technical term to explain why Ralph nader won the election, otherwise you could look as dumb as an election commisioner....
http://techdirt.com/articles/20080819/1745382036.shtml
E-Voting Isn't Perfect, But It Takes Less Work to Corrupt Big Elections
from the O(1) dept
Thad Hall, a political scientist at Caltech, complains that e-voting critics rarely make apples-to-apples comparisons between electronic and paper voting systems. They contend that if traditional paper voting systems were subjected to the same kind of close scrutiny that e-voting endures, security experts would find flaws—ballot tampering, ballot box stuffing, and so forth—at least as serious as the problems commonly identified in touch-screen voting machines. Rice computer scientist Dan Wallach responds by pointing to a new paper he's written proposing an elegant way to think about the security of voting systems. Computer scientists use "big-O" notation to describe the complexity of algorithms. He suggests a similar terminology to describe the effort required to compromise voting systems as a function of the size of the election. A security flaw that can be compromised with an effort proportional to the number of voters N is said to be a O(N) flaw. A flaw that can be exploited with an effort proportional to the number of polling places is an O(P) flaw. A flaw that can be exploited with a constant amount of effort, regardless of the number of voters, is an O(1) flaw.
The last kind of attack is the most dangerous because it's feasible for a small number of people—perhaps even a single individual—to do a lot of damage. The reason paper-based elections tend to be better than touch-screen elections isn't that the former don't have flaws. The difference is that attacks against paper-based voting systems are far more likely to be O(N) or O(P)—that is, you have to tamper with a lot of ballots or corrupt a lot of poll workers. In contrast, because they contain re-programmable computers at their hearts, touch-screen voting systems are far more susceptible to O(1) attacks such as a custom-developed virus or a corrupt employee at the e-voting vendor. Because they allow a single individual to do extensive damage, they're much more dangerous than other kinds of attacks, even if carrying them out takes relatively more skill or effort than other attacks with O(P) or O(N) cost. The reason to prefer paper-based voting to touch-screen voting isn't that paper voting is flawless, but that the attacks against them are labor-intensive enough that it's difficult to carry out large-scale attacks without getting caught.


Browsers as the Web 2.0 Operating System
http://tech.slashdot.org/article.pl?sid=08/09/03/2244226&from=rss
Chrome Vs. IE 8
Posted by samzenpus on Wednesday September 03, @09:52PM from the put-em-up dept. The Internet Google Internet Explorer IT
snydeq writes
"Google Chrome and Internet Explorer 8 herald a new, resource-intensive era in Web browsing, one sure to shift our conception of acceptable minimum system requirements, InfoWorld's Randall Kennedy concludes in his head-to-head comparison of the recently announced multi-process, tabbed browsers. Whereas single-process browsers such as Firefox aim for lean, efficient browsing experiences, Chrome and IE 8 are all about delivering a robust platform for reliably running multiple Web apps in a tabbed format in answer to the Web's evolving needs. To do this, Chrome takes a 'purist' approach, launching multiple, discrete processes to isolate and protect each tab's contents. IE 8, on the other hand, goes hybrid, creating multiple instances of the iexplore.exe process without specifically assigning each tab to its own instance. 'Google's purist approach will ultimately prove more robust,' Kennedy argues, 'but at a cost in terms of resource consumption.' At what cost? Kennedy's comparison found Chrome 'out-bloated' IE 8, consuming an average of 267MB vs. IE 8's 211MB. This, and recent indications that IE 8 itself consumes more resources than Vista, surely announce a new, very demanding era in Web-centric computing."


From the people that brought you “Double Secret Probation?”
http://news.slashdot.org/article.pl?sid=08/09/03/181251&from=rss
Don't Share That Law! It's Copyrighted
Posted by timothy on Wednesday September 03, @02:32PM from the there-would-be-these-rules-that-everyone-knows dept. Government The Courts United States
Nathan Halverson writes
"California claims copyright to its laws, and warns people not to share them. And that's not sitting right with Internet gadfly, and open-access hero, Carl Malamud. He has spent the last couple months scanning tens of thousands of pages containing city, county and state laws — think building codes, banking laws, etc. Malamud wants California to sue him, which is almost a given if the state wants to continue claiming copyright. He thinks a federal court will rule in his favor: It is illegal to copyright the law since people are required to know it. Malamud helped force the SEC to put corporate filings online in 1994, and did the same with the patent office. He got the Smithsonian to loosen its claim of copyright, CSPAN to stop forbidding people from sharing its videos, and most recently Oregon to quit claiming copyright on state laws."
Malamud's talk at Google ("All the Government's Information") is also well worth watching.


Perhaps “Class Action as a Class Project” at your neighborhood law school? Just a way to help with tuition...
http://techdirt.com/articles/20080901/1828492144.shtml
Suing Telemarketers And Winning
from the it-is-possible dept
While we've noted the fact that many telemarketers are clearly ignoring things like the Do Not Call list, it appears that more and more people are figuring out that they can fight back on their own. Consumerist has the story of one woman who followed the suggestions at the Kill the Calls website and was able to successfully sue a telemarketer in small claims court... and win. It does sound like a fair amount of work, but for those who have the time and the anger at receiving too many intrusive telemarketing calls, apparently it can work -- even if the company in question sends its chief legal counsel across the country to defend its practices.


Nice overview!
http://www.bespacific.com/mt/archives/019223.html
September 03, 2008
CERT: Understanding Voice over Internet Protocol (VoIP)
Cyber Security Tip ST05-018 - Understanding Voice over Internet Protocol (VoIP): "Because VoIP relies on your internet connection, it may be vulnerable to any threats and problems that face your computer. The technology is still new, so there is some controversy about the potential for attack, but VoIP could make your telephone vulnerable to viruses and other malicious code. Attackers may be able to perform activities such as intercepting your communications, eavesdropping, conducting effective phishing attacks by manipulating your caller ID, and causing your service to crash. Activities that consume a large amount of network resources, like large file downloads, online gaming, and streaming multimedia, will also affect your VoIP service."


Worth getting from the library?
http://books.slashdot.org/article.pl?sid=08/09/03/137236&from=rss
Blown to Bits
Posted by samzenpus on Wednesday September 03, @11:19AM from the read-all-about-it dept. thumbnail
Ray Lodato writes
"Few people would deny that the world has changed significantly since the explosion of the Internet. Our access to immense volumes of data has made our lives both easier and less secure. Hal Abelson, Ken Ledeen, and Harry Lewis have written an intriguing analysis of many of the issues that have erupted due to the ubiquity of digital data, not only on the Internet but elsewhere. Blown to Bits: Your Life, Liberty, and Happiness After the Digital Explosion, published by Addison-Wesley, digs into many of the ramifications of making so much information available to the world at large. As I read through the book, I was alternately fascinated and horrified at what information is available, and how it is being used and abused."


...so the move by Comcast and other ISPs to limit bandwidth is a result of their internal structure, not an upstream bottleneck.
http://arstechnica.com/news.ars/post/20080903-what-exaflood-net-backbone-shows-no-signs-of-osteoporosis.html
What exaflood? 'Net backbone shows no signs of osteoporosis
By Nate Anderson Published: September 03, 2008 - 11:12AM CT
Given recent media coverage, it's easy to believe that P2P and streaming video traffic is a rising hurricane battering upon ISP levees, that ISPs are frantically sandbagging their systems against disaster, that throttling, bandwidth caps, and traffic management are urgent and absolute necessities to keep the storm surge at bay. But new research from Telegeography only confirms what we've been saying for some time: the Internet backbone isn't drowning beneath any kind of exaflood. In fact, backbone capacity has grown faster than Internet traffic in the last year—for the second year in a row.


I'll probably fond a few to amuse my students (and perhaps make a point...)
http://blog.wired.com/underwire/2008/09/review-one-minu.html
Wired.com's Picks From Filminute's Microvideo Short-List
By Hugh Hart September 03, 2008 4:20:00 PM


Economics in the People Republic. No doubt they will make it mandatory for (second class) citizens to take cabs and pay three time todays rates so cabbies can earn a “fair” income.
http://blog.wired.com/cars/2008/09/boston-cabbies.html
Boston Cabbies Wicked Mad About Green Taxi Rule
By Dave Demerjian September 03, 2008 5:18:08 PM
... The police department's hackney division, which deals with all things taxi, has decreed that all cab drivers and operators must convert their fleets to hybrids by 2015.


Hackers love a challenge. I give it three days, max.
http://hardware.slashdot.org/article.pl?sid=08/09/03/1726205&from=rss
Ghostbusters Is First Film Released On USB Key
Posted by timothy on Wednesday September 03, @01:46PM from the free-gozer dept. Movies Data Storage Entertainment
arcticstoat writes
"Are you the USB keymaster? You could be soon if you pick up PNY's new 2GB USB flashdrive, which comes pre-loaded with Ghostbusters. A spokesperson for PNY explained that it comes with a form of DRM that prevents you from copying the movie. 'They have DRM protection,' explained the spokesperson, 'so customers can download the movie onto their laptop or PC if they wish, but they have to have the USB drive plugged in to watch the movie, as the DRM is locked in the USB drive.' The music industry has been playing around with USB flash drives for a few years now, but it hasn't been a massive success yet; will USB movies fare any better?"

Wednesday, September 03, 2008

Interesting on many levels. Note that the Govenor's office wrote this article. Mellon is making headlines again (repeat of last week's article) and it looks like the Govenor is going to use them as a whipping boy. Issuing subpoenas suggests (to my little non-lawyer brain) that stronger disclosure laws are coming...
http://www.stamfordplus.com/stm/information/nws1/publish/News_1 /135_000_more_Connecticut_customers_affected_by_loss_of_bank_data3243.shtml
135,000 more Connecticut customers affected by loss of bank data
By Governor Rell's office
... The subpoena requests the bank immediately provide specifics on the type of information lost on the computer tape and steps taken to protect these customers.
... The subpoena requires BNY Mellon to deliver all requested documents to the Department of Consumer Protection by September 5. The most recent figures came in response to earlier DCP subpoenas that Governor Rell had ordered be issued in May.


Would the reverse be true? Could a wiki article praising 'terrorist X' help them get past Homeland Security?
http://blog.wired.com/27bstroke6/2008/09/asylum-seeker-r.html
Asylum-Seeker Rejected Based On Wikipedia, Appeals Court Reverts
By Ryan Singel September 02, 2008 | 2:48:18 PM
The Department of Homeland Security should not use the user-generated Wikipedia to decide whether an asylum seeker can enter the United States, a federal appeals court ruled Friday.
That judicial statement of the obvious (.pdf) from the 8th U.S. Circuit Court of Appeals overturned a ruling by the Board of Immigration Appeals, which said DHS committed no big foul in using a site editable by anyone with a computer to decide the fate of a woman named Lamilem Badasa.


There is free and then there is free... But is this true evil?
http://yro.slashdot.org/article.pl?sid=08/09/03/0247205&from=rss
Reading Google Chrome's Fine Print
Posted by kdawson on Wednesday September 03, @05:03AM from the here-be-tygers dept.
Much ink and many electrons are being spilled over Google's Chrome browser (discussed here twice in recent days): from deep backgrounders to performance benchmarks to its vulnerability to a carpet-bombing flaw. The latest angle to be explored is Chrome's end-user license agreement. It does not look consumer-friendly.
"By submitting, posting or displaying the content you give Google a perpetual, irrevocable, worldwide, royalty-free, and non-exclusive license to reproduce, adapt, modify, translate, publish, publicly perform, publicly display and distribute any content which you submit, post or display on or through, the services. This license is for the sole purpose of enabling Google to display, distribute and promote the services and may be revoked for certain services as defined in the additional terms of those services."

Related: Attention early adopters! Still want to try?
http://www.google.com/chrome?open
Google Chrome (BETA) for Windows


Marketing the law The article includes a number of good and bad examples. I suspect there would be a market for a consolidation site – gather the good blogs/articles by topic and comment.
http://www.bespacific.com/mt/archives/019212.html
September 02, 2008
AmLaw: Law Firms Lag Behind the Rest of Corporate America on the Web
AmLaw Daily: "In the last two years or so, though, Web development and marketing professionals say law firms have gotten increasingly serious about the Web. Slowly, the gap in quality between Am Law 200 Web sites and those of Fortune 500 companies has narrowed, as more and more firms put in the investment and manpower to make their Web sites more than just regurgitations of what can be found in print."


A trend to watch (and a business opportunity?) Remember, the first US libraries were subscription based...
http://www.bespacific.com/mt/archives/019203.html
September 02, 2008
Public libraries report double-digit growth
News release: "A new study clearly finds that America’s public libraries are breaking through traditional brick-and-mortar walls to serve more people online and in person. America’s 16,543 public library buildings are leveraging technology to help children succeed in school and support lifelong learning. More than 83 percent now offer online homework resources, including live tutors and collections of reliable Web sources – up 15 percent in one year, according to Libraries Connect Communities: Public Library Funding & Technology Access Study 2007-2008... The study, conducted by the American Library Association (ALA) and the Information Use Management and Policy Institute at Florida State University (FSU), shows today’s libraries are partners in learning – providing free access to expensive online resources that would otherwise be out of reach for most families..."


Interesting. Looks like lots of good references too (from my non-attorney perspective)
http://ralphlosey.wordpress.com/2008/09/01/are-we-the-barbarians-at-the-gate/
Are We the Barbarians at the Gate?
The key issue in international e-discovery today is privacy and the conflict between the discovery laws of the United States, which give little or no regard to individual privacy, and that of the rest of the world, which do.
... See Adam C. Losey, Clicking Away Confidentiality: Workplace Waiver of Attorney-Client Privilege, 60 Fla. L. Rev. (2008) (pending publication).
... They have just completed an excellent publication on international e-discovery entitled: “The Sedona Conference® Framework for Analysis of Cross-Border Discovery Conflicts: A Practical Guide to Navigating the Competing Currents of International Data Privacy and e-Discovery” (August 2008 Public Comment Version). This publication can be downloaded for free at the Sedona Conference website.
... The Economist article Ken refers to here is called The Big Data Dump. It reviews the problems the U.S. is experiencing with e-discovery and suggests that the solution lies in a move towards the Civil Law inquisitorial approach where the amount of e-discovery allowed would be tightly controlled.


Tools & Techniques. We have always assumed that the military is at least one order of magnitude ahead of commercial satellites. (and they do not need a safe 400 mile plus orbit...)
http://tech.slashdot.org/article.pl?sid=08/09/02/210233&from=rss
"Google Satellite" To Be Launched This Week
Posted by kdawson on Tuesday September 02, @05:53PM from the how-many-fingers dept. Google Space
Lord Satri writes
"Well, almost. Google signed an exclusivity deal with GeoEye regarding GeoEye-1, the most advanced high-resolution, civil, remote-sensing satellite to date. This must be annoying for other high-resolution, remote-sensing data users since Google already has an exclusivity deal in place with DigitalGlobe, the other major civil satellite imagery provider. From the CNet article: 'Under the deal, Google is the exclusive online mapping site that may use the imagery... in its Google Maps and Google Earth product. And as a little icing on the cake, Google's logo is on the side of the rocket set to launch the 4,300-pound satellite in six days from Vandenberg Air Force Base in California. Terms of the deal weren't disclosed. GeoEye-1 will orbit 423 miles above Earth, but it will be able to gather imagery with details the size of 41 centimeters... Google, though, is permitted to use data only with a resolution of 50 cm because of the terms of GeoEye's license with the US government.'"


Attention early adopters!
http://www.google.com/chrome?open
Google Chrome (BETA) for Windows


For my website class...
http://developers.slashdot.org/article.pl?sid=08/09/02/1841236&from=rss
AppJet Offers Browser-Based Coding How-To, Hosting
Posted by kdawson on Tuesday September 02, @03:40PM from the talk-about-rapid dept. Programming The Internet
theodp writes
"Know someone who wants to learn to program? Paul Graham advises programmer wannabes to check out The Absolute Beginner's Guide to Programming on the Web from AppJet, which aims to be 'the funnest and easiest way for a beginner to get started programming.' Setting the guide apart from other tutorials is the ability to edit and run any of the all-Javascript examples directly in your browser. Newcomers to programming and experienced developers alike can also publish their AppJet creations on the web. Sure beats GE BASIC on the General Electric Time-Sharing Service!"


Dlibert explains management's view of “Best Practices”
http://dilbert.com/strips/comic/2008-09-03/

Tuesday, September 02, 2008

There will certainly be more. And it will be on video and (if amusing) bloggers will spread the word Every incident has at least the potential to trigger a Streisand effect.
http://www.pogowasright.org/article.php?story=20080902062547886
RNC convention: trampling of civil liberties
Tuesday, September 02 2008 @ 06:25 AM EDT Contributed by: PrivacyNews
Over the weekend, a site reader emailed me to ask about coverage of the RNC convention and the no-knock raids, "pre-emptive" actions, arrests, and violence going on. Since it is all I can do to keep up with other privacy news, I have, indeed, been remiss in not providing coverage of acts that often trample on our Fourth Amendment and First Amendment rights, etc.
For PogoWasRight.org readers who want to know more about what is going on in this regard, here are two links that will help bring you up to speed:
The Uptake Democracy Now!
And if you missed the privacy-related news from the DNC convention:
AT&T thanks the Blue Dog Democrats with a lavish party


The “benefits” of ubiquitous surveillance?
http://news.cnet.com/8301-17852_3-10029985-71.html?part=rss&subj=news&tag=2547-1_3-0-5
Is technology making it harder to be unfaithful?
Posted by Chris Matyszczyk September 1, 2008 10:05 PM PDT
According to Nick Harding of London's Independent newspaper, the United Kingdom's divorce rate is going down, and one of the reasons, he posits, is that it is far too easy for your spouse to catch you cheating, if not in flagrante delicto, then certainly communicanto.


Tools & Techniques
http://news.cnet.com/8301-13580_3-10026577-39.html?part=rss&subj=news&tag=2547-1_3-0-5
Revamped Google Picasa site identifies photo faces
Posted by Stephen Shankland September 2, 2008 4:00 AM PDT
... "Once you've started naming people, we'll start suggesting names for you based on similarity," said Mike Horowitz, Google's Picasa product manager. "The process of naming people is really addictive and tremendously fun."


Tools & Techniques: Another tool that allows you to be rude and not get caught?
http://www.killerstartups.com/Comm/destructingmessage-com-send-anonymous-messages
DestructingMessage.com - Send Anonymous Messages
Have you ever wanted to send messages anonymously?
... Using this site, you’ll be able to send anonymous messages through your browser. The messages will delete themselves after a certain amount of time, allowing you to make sure that no one else reads them but the person who it was meant for.
http://www.destructingmessage.com/


Imagine a security environment where this is no problem. (It can be done, but only if you start with the assumption that passwords alone are not adequate security.)
http://www.pogowasright.org/article.php?story=20080901160506999
"Hacker" gains access to Kansas Health Policy Authority data
Monday, September 01 2008 @ 04:05 PM EDT Contributed by: PrivacyNews
A consultant hired by the state to try and break into the computers at the Kansas Health Policy Authority had no luck using a password cracker.
However, he did much better by setting up an e-mail account, impersonating a state computer technician and sending messages to 30 employees asking for their passwords.
Fourteen gave them to him, no questions asked.
Source - KTKA.com
Comment: kudos to the state for checking its security. Hopefully it will do a good job retraining employees. -- Dissent


Major ethical issues? Certainly some privacy issues.
http://www.bespacific.com/mt/archives/019201.html
September 01, 2008
New on LLRX.com: Why and What Lawyers Should Consider Outsourcing
Why and What Lawyers Should Consider Outsourcing: This article by Ron Friedmann reviews the history of and logic behind legal outsourcing. It then outlines some of the current legal outsourcing options. A detailed discussion of each option is not possible in one article. Instead, the final section takes a close look at one, outsourcing secretarial and word processing tasks.


Perhaps an article on legal argument via instant messaging? “OMG! My clnt b inocnt! :)”
http://www.bespacific.com/mt/archives/019202.html
September 01, 2008
New on LLRX.com - The Art of Written Persuasion: The Problem with the Case Method and the Case for the Problem Method
The Art of Written Persuasion: The Problem with the Case Method and the Case for the Problem Method: In this second article in the series, Troy Simpson suggests that the ‘case method’ of teaching law may help to explain why lawyers write badly. He then outlines some of the advantages of the ‘problem method’ of teaching law.


No such thing as “open” secrets? “It's a secret, therefore we need to keep it secret.”
http://www.securityfocus.com/brief/809?ref=rss
FISA court denies access to wiretap documents
Published: 2008-09-01
... "Although it is possible to identify some benefits which might flow from public access to Government briefs and FISC orders ... the 'logic' test is not satisfied because any such benefits would be outweighed by the risks to national security created by the potential exposure of the Government's targeting and minimization procedures," the court stated in its ruling (pdf).


Useful PDF?
http://enisa.europa.eu/doc/pdf/publications/Secure%20USB%20drives_180608.pdf
Secure USB Flash Drives


Tools & Techniques
http://www.labnol.org/internet/tutorial-create-bot-for-gtalk-yahoo-messenger/4354/
How to Write Your Own IM Bot in Less Than 5 Minutes
Written by Amit Agarwal on September 1, 2008

Monday, September 01, 2008

Just because you won't make the top 10 is no reason to go easy on security (see next article)

http://www.pogowasright.org/article.php?story=20080831082003929

The week that was: changes in the Top 10 list of breaches

Sunday, August 31 2008 @ 08:20 AM EDT Contributed by: PrivacyNews

When Scotland’s Sunday Herald proclaimed “Revealed: 8 million victims in the world’s biggest cyber heist,” they appeared to be wrong on a few counts. Even if they had been correct that every Best Western hotel guest’s data had been stolen, that would not have made the breach the world’s biggest cyber heist. Had they consulted any one of a number of online sources, they would have discovered that 8,000,000 records or people might have barely qualified for the Top 10 list in terms of breaches where we have numbers reported. As it turns out, Best Western disputes the numbers and claims that the numbers are in the dozens, not millions.

But what does it take to make the top 10 list in terms of breaches? After two breach reports from this week changed the rankings, it looks like it takes over 8,500,000 records or people just to stand a chance of becoming a cautionary tale . A breach reported from Taiwan moves right to the head of the list — depending on how you ‘count’ the TJX breach. If you count it as 94,000,000 as banks claimed in their court filings, TJX currently retains the dubious distinction of worst breach ever in terms of number of records compromised. If you use the 46,500,000 figure that had been previously cited and that seems to synch with recent federal indictments, the TJX breach falls to second place behind the 50,000,000-record hack in Taiwan orchestrated by at least 6 people who hacked into government databases, state-run firms, telecom companies and a television shopping network.

BNY Mellon and Archive Systems Inc. also joined the Top 10 list this week when BNY revealed that missing unencrypted backup tapes contained data on 12.5 million people — not the 4.5 million originally reported. To their shame, BNY Mellon did not discover the additional 8 million people on their own initiative — the extent of the breach was only discovered when they responded to a probe by Connecticut.

So what does the Top 10 list currently look like? Based on available information, it might look like this...

Read more on Chronicles of Dissent blog


Not the first law making the Credit Card industry's security “suggestions” mandatory. However, there still needs to be some legal restrictions on what they can do with that data.

http://www.pogowasright.org/article.php?story=20080831193325870

Calif. bill forces retailers to protect data

Sunday, August 31 2008 @ 07:33 PM EDT Contributed by: PrivacyNews

Retailers in California would not be allowed to store customers' personal information unless they took stringent steps to prevent identity theft under a bill state lawmakers approved Sunday.

Assemblyman Dave Jones, D-Sacramento, said many businesses fail to take even the most basic measures to protect that information, creating an opening for identity thieves.

His bill would prohibit, under most circumstances, any company that takes credit card or debit card information from retaining account numbers, verification codes or personal identification numbers.

Source - The Mercury News

[From the article:

For example, they would have to limit access only to those employees whose job requires them to see payment-related data. Companies also would have to strengthen electronic firewalls and encrypt personal information before sending it over public networks. [Nice start! Bob]



...because...

http://www.pogowasright.org/article.php?story=20080901065932261

Data “Dysprotection:” breaches reported last week

Monday, September 01 2008 @ 06:59 AM EDT Contributed by: PrivacyNews

A recap of incidents or privacy breaches reported last week for those who enjoy shaking their head and muttering to themselves with their morning coffee.

Source - Chronicles of Dissent



Bad lawyering or simple logic? (Is this as big as it looks to this non-lawyer?)

http://news.slashdot.org/article.pl?sid=08/08/31/1225252&from=rss

Court Rules Against AT&T's Service Agreement

Posted by Soulskill on Sunday August 31, @09:24AM from the now-get-to-work-on-those-eulas dept.

The Seattle Post-Intelligencer is running a story about a recent ruling from the Washington State Supreme Court, which decided that AT&T's service agreement was not capable of waiving a customer's right to file a lawsuit against the company. The full opinion (PDF) is also available. From the conclusion:

"AT&T's Consumer Services Agreement is substantively unconscionable and therefore unenforceable to the extent that it purports to waive the right to class actions, require confidentiality, shorten the Washington Consumer Protection Act statute of limitations, and limit availability of attorney fees. ... Courts will not be easily deceived by attempts to unilaterally strip away consumer protections and remedies by efforts to cloak the waiver of important rights under an arbitration clause."



It is better to look secure than to be secure. Cameras can not prevent crime.

http://yro.slashdot.org/article.pl?sid=08/09/01/0057225&from=rss

Newark and the Future of Crime Fighting

Posted by kdawson on Monday September 01, @05:37AM from the bangalore-across-the-hudson dept. Privacy Government

theodp writes

"Newark Mayor Cory Booker is betting that cutting-edge technology will reduce crime and spark an economic renaissance. From a newly opened Surveillance Operations Center, cops armed with joystick controllers monitor live video feeds from more than 100 donated cameras scattered across the crime-ridden city. The moves are drawing kudos from businesses like Amazon subsidiary Audible.com, which has moved its HQ to downtown Newark, where space is 50% cheaper than in Manhattan. But are citizens giving up too much privacy?"



This website analyzes data publicly – that is, anyone can see and comment on the data. I have no doubt that similar tools exist for offline use, but the idea that someone else might spot relationships you don't is worth trying. You can always anonymize (or hash) the data to maintain privacy and/or disguise the true nature of your data while leaving the relationships intact.

http://www.nytimes.com/2008/08/31/technology/31novel.html?_r=3&ref=technology&oref=slogin&oref=slogin&oref=slogin

Lines and Bubbles and Bars, Oh My! New Ways to Sift Data

By ANNE EISENBERG Published: August 30, 2008

... At an experimental Web site, Many Eyes, (www.many-eyes.com), users can upload the data they want to visualize, then try sophisticated tools to generate interactive displays.

... “The great fun of information visualization,” he said, “is that it gives you answers to questions you didn’t know you had.” [Always a surprise bases on my (humble) miliraty intelligence experience. Bob]



This is a nice little summary, however my problem seems to be student under-load. They find it almost impossible to read the assigned chapters or complete their homework.

http://www.bespacific.com/mt/archives/019193.html

August 31, 2008

Librarian's Advice on 10 Ways to Cope with Information Overload

Being Wired or Being Tired: 10 Ways to Cope with Information Overload: "Sarah Houghton-Jan explores different strategies for managing and coping with various types of informational overload." Ariadne, Issue 56 July 2008.

Sunday, August 31, 2008

Shoulda, woulda, coulda

http://www.pogowasright.org/article.php?story=20080831053305830

Could this chip have prevented the TJX breach?

Sunday, August 31 2008 @ 05:33 AM EDT Contributed by: PrivacyNews

TJX Cos. is urging banks and other retailers to embrace a multibillion-dollar technology that uses a tiny computer chip to stop criminals from using stolen debit and credit cards.

In one of the first interviews by a top TJX executive following a record security breach, vice chairman Donald G. Campbell told the Globe that the US payment system should follow countries in Europe and Asia that have rolled out credit and debit cards embedded with computer chips. If the cards were in use worldwide, he said, the technology would have ruined a scheme in which thieves stole as many as 100 million account numbers from TJX since 2005, by making the numbers harder to reuse.

Source - http://www.boston.com/business/technology/articles/2008/08/31/could_this_chip_have_prevented_the_tjx_breach/ Boston Globe

[From the article:

... TJX estimates it spent $202 million related to the breach including security reviews and settling consumer lawsuits - a number reduced from an earlier estimate of $256 million by insurance payouts and other factors. [I've see numbers both lower and higher... Bob]

... As part of a settlement with Visa Inc. last year, TJX agreed to speak out more about security improvements. [No stipulation that their “speaking out” needed to make sense. Bob]

... A central question is how much spending is worth it to offset losses to fraud. David Robertson, publisher of The Nilson Report, a trade newsletter that tracks the payment industry, estimates that $1.24 billion was lost to fraud in 2007 in the United States, up from $1.14 billion in 2006. But in both years, that works out to just 5.7 cents for every $100 that customers charged on their credit cards. Worldwide fraud was $5.68 billion, or 4.8 cents per $100 spent.

... Brian Triplett, a security executive for the biggest payment network, Visa Inc. of San Francisco, said the company's statistics also show low levels of fraud, roughly one in every 10,000 transactions.


Related?

http://news.slashdot.org/article.pl?sid=08/08/31/0057217&from=rss

Pitfalls of Automated Bill Payment

Posted by kdawson on Sunday August 31, @03:11AM from the marching-through-the-hiccups dept. The Almighty Buck

theodp writes

"A few months ago, the NY Times' Ron Lieber extolled the virtues of allowing utilities, phone, and credit card companies to pull whatever you owe from your bank account. Big mistake. Lieber's readers fired back, telling him he was out of his mind for suggesting that they give billers unfettered access to their credit cards and bank accounts. Now Lieber goes through five of the glitches that can occur with any of the various methods of setting up automatic payments: 'You can give each biller permission to pull the full amount from your bank account. You can use the online bill system at your bank to push payments out automatically each month. Or you can charge every bill to your credit card and give only that card company permission to pull money from your bank account when the credit card bill is due. Each of these methods has its potential shortcomings...'"

What kind of payment automation do you use, and why?



Either I'm not using as much as I thought, or I've (accidentally) hacked my way around the limits...

http://torrentfreak.com/qwests-unofficial-250-gb-data-cap-080829/

Qwest’s Unofficial 250 GB Data Cap

Written by Ernesto on August 29, 2008

Today, Comcast officially announced a 250 GB cap, while threatening to disconnect users who exceed this limit more than once. Comcast is taking the heat once again, but they are not the only ISP that limits its users. Other ISPs, Qwest being one of them, have exactly the same policy - and the same threats.

... Qwest’s approach is quite aggressive to say the least. When customers reach the magic limit, their web traffic is is redirected to an “excessive use” page. The page informs the customer that they “noticed extremely high usage” on their Qwest Broadband account. The notification blocks all HTTP access from your computer, making it impossible to access any website. In order to proceed and release the block on your system, customers must acknowledge notification on this web page, and agree to a new service agreement. [How dare you take advantage of our promise of “unlimited Internet!” Bob]

There are no other options, no personal phone calls, no further explanation what acceptable use is, or how customers can track their usage. The new service agreement, dated August 12, 2008 (pdf), allows Qwest to limit your use in any way they see fit, and even terminate your service when the customer exceeds the (invisible) limit again. Note that Qwest does not specify how much bandwith customers are allowed to use.



Surveillance as a hobby?

http://www.pogowasright.org/article.php?story=20080830132935104

UK: Watching the Watchers

Saturday, August 30 2008 @ 01:29 PM EDT Contributed by: PrivacyNews

... Right under Big Brother's nose, a new class of guerrilla artists and hackers are commandeering the boring, grainy images of vacant parking lots and empty corridors for their own purposes. For about $80 at any electronics supply store and some technical know-how, it is possible to tap into London's CCTV hotspots with a simple wireless receiver (sold with any home-security camera) and a battery to power it. Dubbed "video sniffing," the pastime evolved out of the days before broadband became widely available, when "war-chalkers" scouted the city for unsecured Wi-Fi networks and marked them with chalk using special symbols. Sniffing is catching on in other parts of Europe, as well as in New York and Brazil, spread by a small but globally connected community of practitioners. "It's actually a really relaxing thing to do on a Sunday," says Joao Wilbert, a master's student in interactive media, who slowly paces the streets in London like a treasure hunter, carefully watching a tiny handheld monitor for something to flicker onto the screen.

Source - Newsweek

[From the article:

Eerily, baby cribs are the most common images. Wireless child monitors work on the same frequency as other surveillance systems, and are almost never encrypted or secured.

Given that sniffing is illegal, [In the US too? Bob] some artists have found another way to obtain security footage: they ask for it, in a letter along with a check for £10. In making her film "Faceless," Austrian-born artist Manu Luksch made use of a little-known law, included within Britain's Data Protection Act, requiring CCTV operators to release a copy of their footage upon the request of anyone captured on their cameras. [in the US too? Bob]

... In some cases video sniffing has morphed into a form of hacking, in which the sniffer does more than just watch. Using a transmitter strong enough to override the frequency that most cameras use, sniffers can hijack wireless networks and broadcast different images back to the security desk. MediaShed used the device to broadcast an Atari-style videogame animation of a spaceship flying over its town to unsuspecting security guards. A group of sniffers in Oldenburg, Germany have been devising a way to sniff and hijack all at once, using the cameras mounted behind the counters at fast-food joints to watch employees. They've broadcasted McDonald's to Burger King, Burger King to KFC, and so on.



Research in real time...

http://tech.slashdot.org/article.pl?sid=08/08/30/1858240&from=rss

Wikipedia Edits Forecast Vice Presidential Picks

Posted by kdawson on Saturday August 30, @04:34PM from the keep-watching-the-skies dept. The Internet United States Politics

JimLane writes

"The Washington Post reports on the findings of Cyveillance, a company that 'normally trawls the Internet for data on behalf of clients seeking open source information in advance of a corporate acquisition, an important executive hire, or brand awareness.' Cyveillance decided 'on a lark' to test its methods by monitoring the Wikipedia biographies of Vice-Presidential prospects. The conclusion? If you'd been watching Wikipedia you might have gotten an advance tipoff of Friday's announcement that McCain was selecting Sarah Palin. 'At approximately 5 p.m. ET (Thursday), the company's analysts noticed a spike in the editing traffic to Palin's Wiki page, and that some of the same Wiki users appeared to be making changes to McCain's page.'" [“Let's delete that bit where they say they hate each other...” Bob]

The article goes on to say that watching Wikipedia pages for the Democratic VP hopefuls would have tipped Obama's choice of Biden, as well. NPR also has coverage (audio).


Related? (The use of the Internet, not McCain & Palin v. terrorists) This is similar to how Jane's (http://www.janes.com/) got its start.

http://it.slashdot.org/article.pl?sid=08/08/30/208209&from=rss

Tracking the Terrorists Online

Posted by kdawson on Saturday August 30, @05:36PM from the lurking-with-intent dept.

Anti-Globalism points out a story at the German magazine Spiegel profiling two small US companies that monitor terrorist networks online — IntelCenter and SITE Intelgroup.

"[Founders of the two companies] Venzke and Devon are two of the most prominent 'terror trackers' worldwide. In the United States, and increasingly in other countries, the term refers to a community of people who spend their days analyzing traces that al-Qaida and affiliated organizations leave behind, especially on the Internet. The two Americans are essentially digital trackers in the age of globalized terrorism. IntelCenter and SITE Intelgroup are the companies that Venzke and Devon, respectively, have founded. They enjoy a strong reputation within the relatively small community of terrorism experts. Beyond that, though, they are virtually unknown..."

[From the article:

The two companies exert tremendous influence, worldwide and around the clock. News agencies, intelligence services and law enforcement organizations from the entire Western world are among Devon's and Venzke's clients. SITE and IntelCenter deliver their product -- information -- via e-mail, telephone or fax, or directly to clients' PDAs or mobile phones.

Almost every statement by Osama bin Laden published on the Internet, to name only one example, is first made public by SITE and IntelCenter.

... Of course, every intelligence service worth its salt also pursues cyber jihadists on its own. But SITE and IntelCenter are often faster, and their products are also sent to departments that lack these capabilities.

... [and just in case you think there's no money in this... Bob] Venzke's catalog illustrates this approach. It contains services that he offers to government agencies only, such as the 24/7 "Hostage/Kidnapping Profiling and Incident Monitor" -- at a cost running up to more than $500,000 (€323,000) a year.



Security throught obscurity! Is this related to the terrorist tracking story? How did the Credit Card companies learn of the show? Of course it is realted to the TJX story – seems those chips might not be as secure as they suggest.

http://hardware.slashdot.org/article.pl?sid=08/08/30/2036259&from=rss

CC Companies Scotch Mythbusters Show On RFID Security

Posted by kdawson on Saturday August 30, @06:40PM from the next-comes-guns-and-money dept.

mathfeel passes along a video in which Mythbusters co-host Adam Savage recounts how credit card companies lawyered up to make sure the Discovery channel never, ever airs a segment on the flaws in RFID security.

"Texas Instruments comes on [a scheduled conference call] along with chief legal counsel for American Express, Visa, Discover, and everybody else... They [Mythbusters producers] were way, way outgunned and they [lawyers] absolutely made it really clear to Discovery that they were not going to air this episode talking about how hackable this stuff was, and Discovery backed way down being a large corporation that depends upon the revenue of the advertisers. Now it's on Discovery's radar and they won't let us go near it."



“We don't need no stinking logic!” This type of organizational stupidity should be stomped on fast and hard!

http://news.slashdot.org/article.pl?sid=08/08/30/238223&from=rss

Appeals Court Rules US Can Block Mad Cow Testing

Posted by kdawson on Saturday August 30, @07:45PM from the please-pass-the-lentils dept.

fahrbot-bot tips a story of mad cow disease, a private meat packer that wants to test all of its beef for the disease, and the USDA, which controls access to the test kits and just won an appeals court ruling that the government has the authority to block testing above and beyond the 1% the agency performs. Creekstone Farms Premium Beef sought to test 100% of its beef, in order to reassure its export markets, especially Japan and South Korea, that its beef is safe. Large meat packers opposed any such private testing, because they feared they would be forced into 100% testing and would have to raise prices. The appeals court ruled, 2 to 1, that under a 1913 law, test kits that are used only after an animal is killed still constitute "diagnosis" and "treatment" — this for a disease that has no treatment and is 100% fatal — and therefore fall under the USDA's authority to regulate.



Hacking leads to entrepreneurship?

http://www.techcrunch.com/2008/08/30/myspace-cofounder-tom-anderson-was-a-real-life-wargames-hacker-in-1980s/

MySpace Cofounder Tom Anderson Was A Real Life “WarGames” Hacker in 1980s

by Michael Arrington on August 30, 2008

Late last year we discovered that MySpace cofounder Tom Anderson, arguably the most popular individual on the Internet with 240+ million MySpace friends (he is added by default to every MySpace account) was actually 37 years old, not the 32 that he continues to claim on his MySpace page.

Now we’ve learned a much more colorful part of Anderson’s history: In 1985, when he was fourteen and in high school in Escondido, California, Anderson was subject to one of the largest FBI raids in California history after hacking into a Chase Manhattan Bank computer system and subsequently showing his friends how to do it.