Saturday, September 27, 2008

“Encrypt data.” Which word don't you understand?

Safety fears for 50,000 RAF staff after personal files are stolen

Friday, September 26 2008 @ 05:03 PM EDT Contributed by: PrivacyNews

THE safety of 50,000 RAF staff was in jeopardy last night after raiders stole their personal files from a high-security base.

Defence chiefs fear the dossiers may fall into the hands of terrorists who could attack veterans of the Iraq and Afghanistan conflicts.

... The records, on three USB hard drives, were stolen from RAF Innsworth, Glos. Police believe it may be an inside job. [Only because they had to get by perimeter security Bob]

... The files, on all personnel who served between 2002 and 2008, also contained details of several hundred reservists. Worryingly, they include home addresses, bank account numbers, and confidential medical records of the volunteers.

Source - The Mirror

[From the article:

The worrying break-in happened on Wednesday September 17. It was discovered by security guards. [So it was not a case of “they might be misplaced...” Bob]

How much is that in dollars stolen?

Jp: Thieves accessed auction Web site 1.5 million times

Saturday, September 27 2008 @ 06:31 AM EDT Contributed by: PrivacyNews

Yahoo Japan Corp.'s auction Web site has been illegally accessed about 1.5 million times since May with codes and passwords stolen from members from an Internet protocol address in China.

Access information was used without owner knowledge to sell items such as fake luxury-brand goods, and account holders were charged auction fees by the company for transactions they did not initiate.

Source - daily Yomiuri

[From the article:

Yahoo Japan initially claimed it did not find any internal leaks of users' personal information and demanded that users pay auction fees.

No one noticed?

Police inform Fort Wayne Community Schools of breach

Posted by Evan Francen at 9/26/2008 11:03 AM and is filed under Fort Wayne Community Schools,Nobody Knows

... The personal information of thousands of current and former Fort Wayne Community Schools employees was found on a man arrested on forgery and counterfeiting charges, school officials and police said Wednesday.

Steven Brown, arrested Sept. 17 by Fort Wayne police, was found with a life insurance document that included the names, Social Security numbers, dates of birth and other information of every FWCS employee who received those benefits in 2004

... Police do not believe the information was used to steal anyone's identity, but school officials are encouraging employees who have had their identity stolen in the last four years to notify police to see whether there is a connection

... "There may be reason to believe that there was some identity theft in relation to this," Stockman said.

New Identity Theft law!

President Bush Signs H.R. 5938 Into Law

Friday, September 26 2008 @ 12:58 PM EDT Contributed by: PrivacyNews

On Friday, September 26, 2008, the President signed into law:

H.R. 5938, which authorizes the U.S. Secret Service to provide protection to former Vice Presidents, their spouses, and their children under 16 years of age for up to six months after the date the former Vice President leaves office; and makes several changes to Federal criminal law related to computer fraud and identity theft, including authorizing restitution to victims of identity theft for the value of the time reasonably spent attempting to remediate the harm incurred as result of the offense. [Does this make ID Theft more attractive to Class Action lawyers? Bob

Source - The White House

[From GovTrack: Bill Text:Summary | Full Text

Another ruling impacting Privacy. Could this be a trend?

OH: Court overturns ID theft lawsuit against court clerk

Friday, September 26 2008 @ 03:00 PM EDT Contributed by: PrivacyNews

Elected officials can be sued if they place your private information online and someone uses it to steal your identity, an Ohio appeals court ruled today in overturning a lower court ruling.

... The Cincinnati-based Ohio 1st District Court of Appeals issued an opinion today that reversed an earlier ruling on a lawsuit Cynthia Lambert filed against Hamilton County Clerk of Courts Greg Hartmann.

Source -


CO: Sensitive info still on state Web site

Saturday, September 27 2008 @ 06:40 AM EDT Contributed by: PrivacyNews

The secretary of state's Web site continues to expose individual Social Security numbers on business filings despite a recent round of document removals.

On Sept. 15, the agency removed about 90,000 scanned documents from the site after learning that scores of Coloradan's Social Security numbers had been accessible for nearly 10 months. Officials said that action should fix the problem.

... This week, Virginia privacy activist Betty "BJ" Ostergren told the secretary of state's office that still other business documents - in another section of the site - contained Social Security numbers.

Source - Rocky Mountain News

Is this a bug or a feature?

Adobe Flaw Allows Full Movie Downloads For Free

Posted by Soulskill on Friday September 26, @11:52PM from the it's-not-a-bug-it's-a-feature dept. Movies It's funny. Laugh. The Internet

webax writes with this excerpt from Reuters:

"[An Adobe security hole] exposes online video content to the rampant piracy that plagued the music industry during the Napster era and is undermining efforts by retailers, movie studios and television networks to cash in on a huge Web audience. 'It's a fundamental flaw in the Adobe design. This was designed stupidly,' said Bruce Schneier ... The flaw rests in Adobe's Flash video servers that are connected to the company's players installed in nearly all of the world's Web-connected computers. The software doesn't encrypt online content, but only orders sent to a video player such as start and stop play. To boost download speeds, Adobe dropped a stringent security feature that protects the connection between the Adobe software and its players."

webax also notes that the article suggests DRM as a potential solution to the problem.

For the “Security Hall of Shame” Computer forensics isn't foolproof.,2817,2331225,00.asp

The 10 Most Mysterious Cyber Crimes

09.26.08 by Corinne Iozzio

The best criminal hacker is the one that isn't caught—or even identified. These are 10 of the most infamous unsolved computer crimes (that we know about).

[Number 9:

Supermarket Security Breach (February 2008)Supermarket Security Breach (February 2008)

Overshadowed only by a T.J Maxx breach in 2005, the theft of at least 1,800 credit and debit card numbers (and the exposure of about 4.2 million others) at supermarket chains Hannaford and Sweetbay (both owned by the Belgium-based Delhaize Group) in the Northeast United States and Florida remains unsolved more than six months later. Chain reps and security experts are still unclear as to how the criminals gained access to the system; the 2005 T.J.Maxx breach took advantage of a vulnerability in the chain's wireless credit transfer system, but Hannaford and Sweetbay do not use wireless transfers of any sort. Without more information, the difficulty in tracking down those responsible grows exponentially.

Is this an indicator of future law or simply the Governator balancing the budget?

CA Legislature Torpedoes IT Overtime

Posted by ScuttleMonkey on Friday September 26, @02:29PM from the but-it's-for-their-own-good dept.

An anonymous reader writes to mention that a recent piece of California legislation is enabling tech firms to avoid paying their workers overtime. Originally designed to deal with bonds for children's hospitals, bill AB10 was completely rewritten to prevent lawsuit damages over overtime nonpayment.

"'This is the first time that the Legislature has done a takeaway of the rights of private-sector workers as part of the budget deal,' said Caitlin Vega of the California Labor Federation. 'We just think it is wrong. We think it will really hurt the groups of workers who will be expected to work through the weekend and not get paid.'"

Related? Documentation is often the last thing programmers think of... Now they won't even bother staying late to jot a few notes...

Microsoft Documentation Declared Unfit For US Consumption

Posted by ScuttleMonkey on Friday September 26, @04:38PM from the time-to-see-the-self-documenting-code dept. Microsoft It's funny. Laugh.

anomalous cohort writes

"Washington DC judge Colleen Kollar-Kotelly announced during the ongoing Microsoft antitrust hearings that their documentation is unfit for US Consumption. This is relevant in an antitrust hearing as poor documentation on how to inter-operate with Microsoft's products is seen as an unfair barrier to entry for companies who compete with Microsoft. Others see this as yet another example of their crumbling hegemony or indolence as their empire burns."

Yet another free office suite joins OpenOffice and KOffice to compete with Microsoft Office

Evolution Brings Linux Office Suite, Exchange Support to Windows

Windows only: Evolution, the default office suite installed on most GNOME-based Linux systems, has a working port available for Windows systems. As its Linux fans know, Evolution has a serious focus on supporting and adapting to open standards: Full iCal support, IMAP access (I got a Gmail account working in minutes), integration with Pidgin's IM client, and support for GPG encryption. The big news for non-Outlook acolytes, however, is that Evolution can hook up to Exchange servers, though I haven't been able to test that personally. You also get contacts, memos, and tasks in the Evolution suite, and they're pretty robust in their own right. Evolution's Windows port is a free download for Windows systems; note that, while it installs, some have reported buggy operation in Vista.

Evolution for Windows [DIP Consultants]

Are yu ready to save the world?

Google To Fund Ideas That Will Change the World

Posted by ScuttleMonkey on Friday September 26, @05:20PM from the we-should-all-become-deities-the-end dept. Google The Almighty Buck

Peace Corps Online writes

"This week, as part of their tenth birthday celebration, Google announced the launch of project ten to the 100th, a project designed to inspire and fund the development of ideas that will help to change the world. T hey have called on members of the public to share their ideas for solutions that will help as many people as possible in the global community, offering a $10 million prize pool to back the development of those chosen as winners. 'We know there are countless brilliant ideas that need funding and support to come to fruition,' says Bethany Poole, Project Marketing Manager for Google. 'These ideas can be big or small, technology-driven or brilliantly simple — but they need to have impact.' The project's website asks entrants to classify their ideas into one of eight categories listed as Community, Opportunity, Energy, Environment, Health, Education, Shelter and Everything Else. Members of the public have until October 20th to submit their ideas by completing a simple form and answering a few short questions about their idea."

Friday, September 26, 2008

I think I should start a new section of this blog: “Stupid things you shouldn't say in a disclosure breach notice.”

UK teachers' body loses data on 11,000 teachers

AP foreign Thursday September 25 2008

... The General Teaching Council for England says evidence suggests the disk was misplaced. [What could that evidence possibly be? Bob]

Soon, everyone can be Big Brother

September 26, 2008

Your Own Personal Robot Voyeur

Spykee is your own personal robot spy. It takes pictures and movies that you can watch on the Internet in real time or save for later. You can even talk with whoever you're spying on via Skype. More here, and you can buy one here: only $300.

Local boy does bad? Another pretexting case?

Companies Shut Down For Selling Phone Records

Reported by: Copyright 2008 by Newsroom Solutions

Thursday, Sep 25, 2008 @04:19pm CST

(Austin) -- A Texas lawsuit is banning a Colorado-based data broker and his web-based companies from fraudulently marketing consumers' private telephone records.

Defendants John and Amanda Strange and their companies, USA Skiptrace, AMS Research Services, Inc. and Worldwide Investigations, Inc., were shut down Thursday.

Texas Attorney General Greg Abbott says the legal action permanently bans the defendants from selling customer phone records without prior consent.

... Court documents indicate the company would obtain a person's phone record history and then sell the information for 125-dollars.

The defendants were ordered to pay 150-thousand-dollars in civil penalties.

Abbott urges consumers to contact their cell phone companies to find out if any party has requested their cell phone records, or they may have no way of knowing if their privacy has been breached.

Boy, dem lawyers is too smart. I can't figure out what they is thinking...

Jones Day Afraid Of Letting Judge See Public Citizen, EFF Briefs In Its Bogus Trademark Lawsuit

from the fascinating-legal-reasoning dept

Remember last week when the huge law firm Jones Day was called out for abusing trademark law by suing a small site for reporting public information about some associates at the law firm? Jones Day was basically claiming that using their name and linking to their site, even in reporting factual information, was trademark infringement. That is, of course, ridiculous. A few public interest groups, such as Public Citizen (who first alerted us to this case) and the EFF filed an amicus brief with the court in support of the bullied website, Blockshopper.

Stunningly, Jones Day's response is to file a brief telling the judge he shouldn't even accept the amicus brief. Yes, they're filing a legal brief to tell the judge that these groups should not be allowed to provide their thoughts on the case. The reasoning is the sort that only a true lawyer would appreciate. [Ah! That's why I find it incomprehensible... Bob] First, these groups shouldn't be allowed to file a brief because they're "partisan." Of course, a large number of amici briefs are "partisan" in that they support one side or the other (there are some that are neutral). Then, it claims they should not be able to file the amicus brief because it doesn't add anything beyond what the defendant has already filed. And then, in the same sentence where Jones Day complains that the amicus brief doesn't add anything new, it also says the brief shouldn't be allowed because it adds a new argument that the defendant, Blockshopper, didn't think was worth raising.

Yes, you read that correctly. Jones Day is claiming that no amici briefs should be allowed if it favors one party of the other (partisan!). Also, that no amici briefs should be allowed if they don't raise any new issues... and at the same time that raising new issues is a reason not to allow the amici briefs. Is it any wonder that this law firm believes that mentioning its name is a trademark violation? All of this leads you to wonder, what is Jones Day so afraid of in the amicus brief that it wants to prevent the judge from viewing it?

If you carry a card, you're third class foreign scum. Ditch the card and you a mearly a second class Brit.

UK Gov't To Require ID Cards For Some Foreign Residents

Posted by timothy on Friday September 26, @05:02AM from the show-me-a-card-with-your-picture-on-it dept.

craigavonite, writing "It's looking like the UK is in for biometric ID cards within the next few years, despite widespread protest from groups such as 'NO2ID,'" excerpts from an article at the BBC describing a UK identify card to be issued starting later this year:

"The biometric card will be issued from November, initially to non-EU students and marriage visa holders. Home Secretary Jacqui Smith said the cards would allow people to 'easily and securely prove their identity.' Critics say the roll-out to some immigrants is a 'softening up' exercise for the introduction of identity cards for everyone."

The world of TV is changing. What happens if everyone simply ignores cable, satellite and broadcast?

Heroes’ Causes BitTorrent Boom

Written by Ernesto on September 24, 2008

Two fresh episodes of the US hit series ‘Heroes’ were released Monday night. In the day that followed each episode was downloaded well over a million times by BitTorrent users all over the world, making it the busiest day ever on many torrent sites.

... Although most TV-broadcasters won’t be happy to read these figures, one could argue that BitTorrent has actually helped TV-shows to build a stronger, broader, and more involved fanbase.

Jesse Alexander, the executive producer of ‘Heroes’ told TorrentFreak that he thinks this is indeed the case. “People watching shows such as Lost and Heroes on BitTorrent is the present world reality. TV networks have to recognize this, give their viewers more ways to interact with the shows, and find ways to generate revenue from every member of the global audience,” he said.

Is the EU leading or following?

Pirate Bay Wins Court Case, Italian Block Lifted — The Pirate Bay has successfully appealed the decision of an Italian judge who had ordered ISPs to block access to the popular BitTorrent tracker last month. The Court of Bergamo decided that this block was unlawful, and that Italian users should regain access to the site.

[From the article:

The court’s decision might set an important precedent for BitTorrent sites in Italy, especially for Colombo-BT, the largest Italian torrent site, which was shut down by the same prosecutor responsible for the Pirate Bay block. The action against Colombo-BT was orchestrated by the anti-piracy outlet IFPI, which also hijacked all Italian Pirate Bay visitors following the block.


European Parliament Says No to Three-Strikes Law

Written by Ernesto on September 25, 2008

The European Parliament has voted in favor of an amendment that will prevent member states from implementing three-stikes laws. Disconnecting alleged file-sharers based on evidence from anti-piracy lobby groups restricts the rights and freedoms of Internet users, according to the amendment.

I like lists, particularly useful lists...

50 tools to speed up your PC

By Preston Gralla , PC World , 09/22/2008

... We've found 50 downloads that will make your PC run more quickly and smoothly, help you use the Internet more effectively, and push Windows to work at optimum speed with the interface you want, not what Microsoft gave you.

Most of these downloads are free to use forever; some are free to try, but require that you pay for them after a trial period (we've labeled each download accordingly).

Think the White Hat Hacker Club might find this amusing? (Me too),0,4599280.story

Pick a lock. For fun. (It's legal too)

By Trine Tsouderos | Tribune reporter September 25, 2008

Give Eric Michaud a can of beer (Guinness works best) and a pair of scissors and he can open just about any garden-variety padlock in seconds.

... Lock pickers, whose hobby is legal in all 50 states in case you were wondering, have a creed of sorts. It goes something like this: You can pick your own locks, you can pick your friends' locks (with their permission), but you can't pick anyone else's locks.

I not sure my website students need this, but I bet my forensics class does... - Free Webpage Editor

Ever found a webpage you really liked and tried to print it only to find out that the printout was brimming with empty spaces and advertisements of every ilk? If that was indeed the case, you will be glad to know that a free webpage editor can be procured online. This particular tool can be found at, and it claims to give you control of how webpages will look like when you print them out.

As well as saving time by dispensing with Word pasting and related considerations, you will save money as ink and paper usage will be cut down. Of course, a pre-formatted webpage is also easier on the eye since unwanted items such as ads and the like are not printed. And environmentalists will also approve of a tool like this since paper usage is noticeably reduced.

Upon visiting the PrintWhatYouLike website, you will be presented with a mini tutorial that explains the rudiments of the program. Basically, you key in the URL of the page in question and edit it until it contains only what you want to print. Once the formatting process is over, you can print the page out and see the results for yourself.

Worried that you kids are spending too much time playing? PUT THEM TO WORK! Internet gamboling is coming, might as well be ready... - Play Games And Win Prizes

If you are one for online gaming and are looking for ways to win some free stuff, you might as well consider visiting the GameWager website. As the site itself puts it, GameWager is “Dave & Buster’s online for PC games”. Those who play any of the featured titles earn tokens that can later be redeemed for free prizes. This is described in finer detail in the part of the site that is entitled “Reward Zone”. Practical issues such as how many prizes can be won are duly dealt with as well. In addition to that, the process for playing any of the featured games is concisely described online, and full guidance is provided when it comes to signing up.

As it is the norm nowadays, there is a lot of emphasis on social interaction, as the site provides an outlet to settle trash talking as well as a wide-ranging collection of tools for players to share their prowess with friends and fellow GameWager users. Further interaction is made possible via the featured forums, while the top earners can be checked out along with those who have become new GameWager members in the corresponding part of the site.

Thursday, September 25, 2008

Eventually, even management can do the right thing.

UK: M&S appeal dropped as it encrypts laptops (follow-up)

Wednesday, September 24 2008 @ 11:14 AM EDT Contributed by: PrivacyNews

An appeal by Marks and Spencer (M&S) against a decision by the Information Commissioner's Office (ICO) ordering the retail giant to encrypt all its laptops has been dropped for a strange reason - M&S has completed a laptop encryption programme.

The apparent confliction between the laptop encryption scheme and the decision to appeal the enforcement notice has been given different explanations by different sources.

Source -

[From the article:

Computing was told by a source close to the case that M&S changed tack and decided to comply with the enforcement notice rather than appeal it because the retailer had originally over-estimated its legal position and did not think the ICO would pursue the case to court.

Do as I say, not as I do.”

Possible security breach in New Haven

Wednesday, September 24 2008 @ 04:16 PM EDT Contributed by: PrivacyNews

New Haven (WTNH) -- The personal information of people working at ports in Connecticut and across the country could be in jeopardy. Thieves have made off with vital equipment, leaving the Department of Homeland Security scrambling.

Two laptop computers were missing after the break-in. One was used to enter the personal information of applicants undergoing a background check.

DHS insists information in the lap tops is encrypted and the data is suppose to be deleted after it's transmitted to Washington.

Still, in a statement to News Channel 8, the FBI says the "Joint Terrorism Taskforce is assessing if there's been a breach in national security."

Source -

[From the article:

Today, truckers like John Rocchi showed up at the office to apply for an ID only to be turned away until new laptops arrive to replace the ones that were stolen. [Apparently there are no paper forms? Why laptops? Desktops are cheaper and less a target for thieves... Bob] Rocchi, like many others, wonders why such a sensitive office was placed in an inner city neighborhood.

... Who ever was responsible obviously broke in the front door but the office door for TWIC has no sign of forced entry. The office manager here believes that might mean someone had a key to get in. [...or the door was unlocked? Bob]

Related? Is this technology too expensive (free) or too complex for Homeland Security?

Track your missing laptop with Adeona

By Nathan Willis on September 23, 2008 (9:00:00 PM)

... Adeona runs in the background, and works its magic by waking up at random intervals to record data about the equipment's location and status, which it encrypts and then silently uploads to off-site storage. If your laptop (or, for that matter, your co-located server) goes missing, you can retrieve its latest records from elsewhere, learning such information as its internal and external IP address, local network configuration, and more. Armed with that info, you can call John Law and take a big step toward recovering your goods.

Related? Security rules are occationaly followed...

September 24, 2008

DOE IG: The Federal Energy Regulatory Commission's Unclassified Cyber Security Program - 2008

The Federal Energy Regulatory Commission's Unclassified Cyber Security Program - 2008, DOE/IG-0802 September 2008

  • "The Commission had taken action to improve cyber security practices and implemented protective measures designed to defend its networks against malicious attackers and other external threats. Our evaluation, however, disclosed that additional actions are needed to reduce the risk of compromise to the Commission's business information systems and data to an acceptable level."

Since our citizens object, we have no choice but to stop all public discussion of this database. Henceforth, this will fall under our “Double Secret Probation” classification. 'to drop' ├╝berdatabase from Communications Data Bill

Thursday, September 25 2008 @ 06:11 AM EDT Contributed by: PrivacyNews

The government will drop plans for a massive central database to track UK citizens private communications from the forthcoming Communications Data Bill, but civil servants will proceed with the multi-billion project in the background instead.

Senior civil servants will discretely proceed with the project to swerve potential political opposition to a scheme which would retain details of every phone call, email, and web browsing session carried out by every UK citizen, sources have told The Register.

Source - The Register

“Security is as good as we can program it to be...” Scary thought.

September 25, 2008

$20M Cameras at New York's Freedom Tower are Pretty Sophisticated

They're trying to detect anomalies:

If you have ever wondered how security guards can possibly keep an unfailingly vigilant watch on every single one of dozens of television monitors, each depicting a different scene, the answer seems to be (as you suspected): they can't.

Instead, they can now rely on computers to constantly analyze the patterns, sizes, speeds, angles and motion picked up by the camera and determine -- based on how they have been programmed -- whether this constitutes a possible threat. In which case, the computer alerts the security guard whose own eyes may have been momentarily diverted. Or shut.

An alarm can be raised, for instance, if the computer discerns a vehicle that has been standing still for too long (say, a van in the drop-off lane of an airport terminal) or a person who is loitering while everyone else is in motion. By the same token, it will spot the individual who is moving rapidly while everyone else is shuffling along. It can spot a package that has been left behind and identify which figure in the crowd abandoned it. Or pinpoint the individual who is moving the wrong way down a one-way corridor.

Because one person's "abnormal situation" is another person's "hot dog vendor attracting a small crowd," the computers can be programmed to discern between times of the day and days of the week.

Certainly interesting.

The “Big-Brotherhood” is growing... Any chance we will see a similar headline in this country?

Norway signs over the personal data of its citizens to the US

Thursday, September 25 2008 @ 06:17 AM EDT Contributed by: PrivacyNews

In a historic deal, the United States and Norway are set to sign an agreement to share the personal data of each other’s citizens. A similar deal has just been struck between the US and the EU, allowing for everything from personal web surfing information to mobile phone numbers and email addresses to be exchanged between the government bodies.

Source - IceNews

Big Brother has great big eyes...

AU: Councils spy with Google eye

Thursday, September 25 2008 @ 06:31 AM EDT Contributed by: PrivacyNews

Thinking of extending the kitchen but want to avoid council red tape and building permits? Maybe you have forgotten to register the family pet or failed to fence off the pool?

Be careful, Big Brother could be watching, with several Victorian councils using Google Earth and Google Street View to identify illegal building activity and breaches of local government laws.

Source - The Sydney Morning Herald Thanks to Brian Honan for the link.

The price of SPAM?

Timberland pays $7m to settle SMS spam lawsuit

Thursday, September 25 2008 @ 06:30 AM EDT Contributed by: PrivacyNews

Outdoor gear firm Timberland has agreed to pay $7m to settle a text message spam class-action lawsuit in the US.

Recipients of unsolicited SMS messages punting the rappers' favourite stand to collect up to $150 in compensation from the fund, under the terms of a preliminary agreement.

Source - The Register Thanks to Brian Honan for the link.

A new legal term?

DOJ Opposes Extending DOJ Copyright Authority

Posted by samzenpus on Thursday September 25, @07:57AM from the not-our-problem dept.

I Don't Believe in Imaginary Property writes

"The White House has opposed the bipartisan bill that would create copyright cops on the grounds that it would cause the Department of Justice to end up 'serving as pro bono lawyers for private copyright holders.' And while they do occasionally prosecute criminal copyright infringement, they have no intention of dabbling with civil cases because, 'taxpayer-supported department lawyers would pursue lawsuits for copyright holders, with monetary recovery going to industry.' At this rate, the discovery of winged suiformes [Flying pigs? Bob] would appear to be immanent."

We like our public records to be public—just not too public.” I like it!

Chicago Law Firm Sues Over Hyperlink To Trademarked Name

Posted by timothy on Wednesday September 24, @02:32PM from the quick-don't-ever-mention-any-company-names dept. The Internet The Courts

TheSpoom writes

"Large Chicago law firm Jones Day are suing internet startup BlockShopper over the issue of whether linking to a business with their trademarked name should be legal. It would seem they are using trademark dilution as a tool to get BlockShopper to cease linking to their website. The EFF has filed an amicus curiae, as might be expected. If Jones Day wins this suit, anyone linking using a trademarked name may be in legal hot water."

Music lovers don't tend to fight the RIAA, but never mess with the gamer crowd...

EA Hit By Class-Action Suit Over Spore DRM

Posted by Soulskill on Wednesday September 24, @04:02PM from the was-it-worth-the-hassle? dept.

The ever-growing unrest caused by the DRM involved with EA's launch of Spore came to a head on Monday. A woman named Melissa Thomas filed a class-action lawsuit against EA for their inclusion of the SecuROM copy-protection software with Spore. This comes after protests of the game's DRM ranged from a bombardment of poor Amazon reviews to in-game designs decrying EA and its policies. Some of those policies were eased, but EA has also threatened to ban players for even discussing SecuROM on their forums. The court documents (PDF) allege:

"What purchasers are not told is that, included in the purchase, installation, and operation of Spore is a second, undisclosed program. The name of the second program is SecuROM ... Consumers are given no control, rights, or options over SecuROM. ... Electronic Arts intentionally did not disclose to any such purchasers that the Spore game disk also possessed a second, hidden program which secretly installed to the command and control center of the computer."

Hacker response: Change your userid every 30 seconds...

Comcast Outlines New Broadband Policy

Posted by timothy on Wednesday September 24, @04:49PM from the knowledge-is-power dept. The Internet

Slatterz writes

"US cable provider Comcast has presented its long-term solution for managing broadband traffic. The new system is set at putting to bed a minor scandal that erupted around the company when it was found that Comcast deliberately limited traffic for certain applications. The company said that under its new system, traffic will be analyzed every fifteen minutes. Users who are found to be occupying large amounts of bandwidth will be placed at a lower priority for network access behind users with less bandwidth-intensive traffic. The new system will not replace or be related to the company's earlier installment of bandwidth caps, which limited a user's data intake to 250GB per month."

Related? What happens when everyone is using the Internet rather than cable. Satellite or broadcast to get their TV?

IPTV subscriptions to grow 64 percent in 2008: Gartner

Thu Sep 25, 2008 9:00am EDT

A “Cloud Computing” question for my Computer Lawyer friends: If my applications are stored “in the cloud” and vendors like IBM dynamically move them from center to center to balance the load, how will you word a subpoena? Will “located in the cloud” be sufficient?

IBM launches four new cloud computing centers

IBM now has 13 cloud computing centers worldwide to let enterprises, universities, and governments test Web-based services and applications

By John Ribeiro, IDG News Service September 24, 2008

IBM opened up cloud computing centers in four countries on Wednesday to let enterprises, universities, and governments test Web-based services and applications.

The new cloud computing centers are in Bangalore, India; Hanoi, Vietnam; Sao Paulo, Brazil; and Seoul, South Korea. The company now has 13 cloud computing centers worldwide.

Interesting when you think about it. This must include a majority of blue collar workers too.

September 24, 2008

Pew Report: Most working Americans now use the internet or email at their jobs

News release: "A new national survey shows that 62% of adults who are currently employed use the internet or email at work and they have mixed views about the impact of technology on their work lives. [Imagine that! Bob] On the one hand, they cite the benefits of increased connectivity and flexibility that the internet and all of their various gadgets afford them at work. On the other hand, many workers say these tools have added stress and new demands to their lives."

Related Does this explain the previous article?

Quarter of Workers' Time Online Is Personal

Posted by CmdrTaco on Thursday September 25, @10:03AM from the this-is-why-we-created-the-idle-section dept. The Internet

sloit writes

"Most people spend more than 25 per cent of their time online at work on personal activities. And 80 per cent of emails sent by volume in the workplace are personal. Bosses often have no way of tracking Internet activity or policies to define what staff can and cannot do. Paul Hortop, who reviews company network security for consultancy Voco, said the most common websites visited by personal web surfers were online trading sites, instant messaging/chat services and peer-to-peer sharing sites (allowing movie, music and software sharing)."

"Alice laughed: "There's no use trying," she said; "one can't believe impossible things."
"I daresay you haven't had much practice," said the Queen. "When I was younger, I always did it for half an hour a day. Why, sometimes I've believed as many as six impossible things before breakfast."
Alice in Wonderland.

Studies Say Ideology Trumps Facts

Posted by samzenpus on Thursday September 25, @02:54AM from the water-still-wet dept. Science

Anti-Globalism writes

"We like to think that people will be well informed before making important decisions, such as who to vote for, but the truth is that's not always the case. Being uninformed is one thing, but having a population that's actively misinformed presents problems when it comes to participating in the national debate, or the democratic process. If the findings of some political scientists are right, attempting to correct misinformation might do nothing more than reinforce the false belief."

Related: Oxymoron alert! “Political Facts” (At 6:10AM MDT the link doesn't work. Has Homeland Security been busy?)

September 24, 2008

New on - The Government Domain: Political Fact-Checking Websites

The Government Domain: Political Fact-Checking Websites - Peggy Garvin's well-timed article identifies and evaluates key websites that monitor the accuracy of statements and representations made by political candidates and their respective campaigns.

For those of us who care...

September 24, 2008

State of the Blogosphere - 2008

"Technorati’s State of the Blogosphere 2008 report...will be released in five consecutive daily segments. Since 2004, our annual study has unearthed and analyzed the trends and themes of blogging, but for the 2008 study, we resolved to go beyond the numbers of the Technorati Index to deliver even deeper insights into the blogging mind. For the first time, we surveyed bloggers directly about the role of blogging in their lives, the tools, time, and resources used to produce their blogs, and how blogging has impacted them personally, professionally, and financially."

[From the article:

Blogs are Profitable

The majority of bloggers we surveyed currently have advertising on their blogs. Among those with advertising, the mean annual investment in their blog is $1,800, but it’s paying off. The mean annual revenue is $6,000 with $75K+ in revenue for those with 100,000 or more unique visitors per month.

Definitely something for my students! - Download E-books For Free

Are you looking for computer-related books online and can’t seem to find what you need? If that happens to be the case, then a visit to the Ebook-X website is more than likely to set you going. The site collects together computer books ranging far and wide, and the database is constantly updated. A menu located on the left-hand side of the main page will let you find what you need in an uncomplicated manner. This menu is broken in categories such as “Free programming e-books”, “Free database e-books” and “Operating Systems” to name but three. Other category that merits a mention is the one entitled “Free video training”, where you can find out how to hone your skills online. Featured books are highlighted on the main page, and a brief description of each title is provided. This description showcases how each book is structured, and the different chapters are enumerated. In addition to that, miscellaneous books that are going to be of interest to computer enthusiasts the world over dealing with aspects such as Internet security and so forth can be procured online in a similar fashion.

Wednesday, September 24, 2008

Another “password only” laptop.

National Bank Laptop With Mortgage Data Stolen From Head Office

Tuesday, September 23 2008 @ 04:41 PM EDT Contributed by: PrivacyNews

National Bank of Canada, the country's sixth-biggest lender by assets, said a laptop computer with client information on mortgage loans was stolen from its Montreal headquarters.

The laptop, stolen Sept. 19, had information on ``a high percentage of our customers who have mortgages,'' spokesman Denis Dube said today in an interview. The information included details on mortgages and account numbers, but didn't have personal information such as birth dates, credit-card numbers or signatures, he said.

``The impact will be minimal since the information is basic information,'' Dube said.

Source - Bloomberg

So we begin to learn what the criminals know -- “default passwords”

First Bust Ever for ATM Reprogramming Scam — The pair allegedly reprogrammed the machines to believe they were loaded with one-dollar bills instead of tens and twenties. A withdrawal of $20 would thus net $380. [Reporters can't do math? Bob] The Nebraska case marks the first reported arrests for the keypad capers

[From the article:

It took a high-speed chase and some gunplay, but two men in Lincoln, Nebraska, are the first to face felony charges for using default passcodes to reprogram retail cash machines to dispense free money.

... Threat Level later confirmed that default administrative passcodes for ATMs manufactured by industry leaders Tranax and Triton were printed in owner's manuals easily found online.

... In 2006, both Tranax and Triton issued software patches for new ATMs that force operators to change the default passcodes on first use.

All you paper belong to us!

Internal DHS Documents Detail Expansion of Power to Read and Copy Travelers' Papers

Tuesday, September 23 2008 @ 04:44 PM EDT Contributed by: PrivacyNews

Recently obtained documents show that last year the Department of Homeland Security quietly reversed a two-decades-old policy that restricted customs agents from reading and copying the personal papers carried by travelers, including U.S. citizens. The documents were made public today by the Asian Law Caucus (ALC) and Electronic Frontier Foundation (EFF), which sued the government under the Freedom of Information Act (FOIA) to obtain policies governing the searches and questioning of travelers at the nation’s borders.

Source - EFF

[From the website:

For the complete set of FOIA documents and more detailed analysis:

RIM must be thrilled! All you lawyers using Blackberries take note! (Most likely this is not a true encryption failure...)

India Claims To Have Cracked Blackberry Encryption; Proudly Spying On Emails

Wednesday, September 24 2008 @ 05:36 AM EDT Contributed by: PrivacyNews

Earlier this year, India demanded that RIM allow it to easily snoop on any email messages sent via Blackberry devices. The company explained that since the end user sets the encryption key, there's simply no way to provide a backdoor to snoop on the messages. However, now the government is proudly claiming that it's cracked the code and can now monitor Blackberry messages on various mobile operator networks.

Source - Techdirt

(My bible is “How to Lie with Statistics,” a must read for all MBAs.) It's not that we have more computers or even more crooks. What we have is bad security that allows the crooks to take control of our computers.

US Responsible For the Majority of Cyber Attacks

Posted by CmdrTaco on Tuesday September 23, @01:32PM from the we're-number-one-we're-number-one dept. Security United States

Amber G5 writes

"SecureWorks published the locations of the computers from which the greatest number of cyber attacks were attempted against its clients in 2008. The United States topped the list with 20.6 million attempted attacks originating from computers within the country, and China ran second with 7.7 million attempted attacks emanating from computers within its borders. This was followed by Brazil with over 166,987 attempted attacks, South Korea with 162,289, Poland with 153,205, Japan with 142,346, Russia with 130,572, Taiwan with 124,997, Germany with 110,493, and Canada with 107,483."

What a fun hack this would be: “Ja, you can make it. Trust me!”

Audi Puts More 'Go' Into Stop-and-Go

By Keith Barry September 23, 2008 4:11:02 PM

If police officers in Ingolstadt notice a decrease in luxury car drivers running red lights these days, we suspect it's because of a new project piloted by Audi that lets drivers know exactly how long before a traffic light turns. According to Audi's press release, the system is meant to prevent "frustrating, fuel-sapping stops at red traffic lights."

Ask any Statistician: Half the world is below average. Ask any teacher: “90% of my students are below average.”

Popup Study Confirms Most Users Are Idiots

Posted by CmdrTaco on Tuesday September 23, @05:40PM from the at-my-office-they-all-are dept. It's funny. Laugh.

danieltdp writes

"Testing students at a University, psychologists made many of them click on a dialog box that in effect said: 'You are about to install some malware. Malware is bad. By clicking yes you are failing the Windows Darwin Test.' Nearly half of them said all they cared about was getting rid of these dialogs." [Irritating pop-ups are automated social engineering. Bob]


UK: ICO urges consumers to take control of their data

Wednesday, September 24 2008 @ 05:47 AM EDT Contributed by: PrivacyNews

The Information Commissioner’s Office (ICO) has called on consumers to use their legal rights to manage their personal information - because organisations aren't doing such a great job.

... With that in mind, the ICO has launched a new online tool to help consumers do their bit to protect and manage their personal information.

Smith said: “Our Personal Information Healthcheck is suitable for everyone, whether they’ve never before thought about protecting their personal information or could just benefit from a few extra tips and ideas.”

Source - IT PRO

[From the article:

An ICO-sponsored survey of over 2,000 UK adults found the level of awareness around the importance of personal data had grown – 95 per cent considered it ‘quite’ or ‘very’ valuable – and more than 70 per cent claimed to routinely shred personal documents.

But it revealed 44 per cent of those questioned by the ICM Research poll had never considered contacting an organisation to find out what information it holds about them. More alarmingly, 40 per cent admitted they would hand over their details to a company without knowing whether it was trustworthy.

[We need to involve a Psychiatrist or ten to figure out how to get this through thick skulls. Bob]

Related? I won't call these policies vastly idiotic any longer, I'll call them half-vast.

Students Are Always Half Right In Pittsburgh

Posted by samzenpus on Tuesday September 23, @11:26PM from the think-of-the-children dept.

Pittsburgh Public Schools officials have enacted a policy that sets 50 percent as the minimum score a student can receive for assignments, tests and other work. District spokeswoman Ebony Pugh said, the 50 percent minimum gives children a chance to catch up and a reason to keep trying. If a student gets a 20 percent in a class for the first marking period, he or she would need a 100 percent during the second marking period just to squeak through the semester. The district and teachers union issued a joint memo to ensure staff members' compliance with the policy, which was already on the books but enforced only at some schools. At this rate, it won't be long before schools institute double extra credit Mondays and Fridays to ensure students don't take three day weekends.

It ain't bragging if it's true.

How IT could have prevented the financial meltdown

The tools are largely there, but not the visibility needed for regulators and banks to catch problems early

By Ephraim Schwartz September 24, 2008

For my Website students and anyone who want's to “quote” a small section of video –without the bother of installing video editing software. (Fair Use?) - Chop Up Your YouTube

Let’s be honest, most of the videos on YouTube are boring. If you find a particular part of a video you want to share with your friends, without them being bored by what’s before it, then you have to check out With this site, you’ll be able to chop up YouTube videos, and send your friends a direct link to the part you want them to see. Just paste the URL of the video into the site and tell it from where to where you want the video to be viewed. You’ll then get another link to the part of the video that’s worth seeing, that you can then share with your friends.

It’s a very simple service that should make it possible for you to share parts of videos that are worth seeing. The site works pretty well, but since it’s a work in progress, you’ll be able to get in touch with them in case you find anything wrong. In short, this site could make it possible for you to finally share what you want your friends to see, without the extra garbage.

For the students in Surgical Technology (and hypochondriacs)

September 23, 2008

New on Researching Medical Literature on the Internet - 2008

Researching Medical Literature on the Internet - 2008: Medical journals, dictionaries, textbooks, indexes, rankings, images – all can be found on the Net, and much of it is available free. Sources include publishers, government agencies, professional organizations, health libraries and commercial entities. Gloria Miccioli's completely updated and revised topical guide expertly focuses on what she identifies as the best, content-rich databases and services for researchers.

A hacker how to...

The 2008 PC Builder's Bible — This guide not only gives you all you need to know about every component that goes in your gaming PC, but also thoroughly walks you through the entire building process with detailed instructions and helpful photographs.

Tuesday, September 23, 2008

Casinos take their security seriously? If so, who wrote this law? Who cares why, will any multi-state businesses comply? (Enforcement will likely be based on breach disclosures... ) Some of the pitfalls are explored in the comments.

Nevada Businesses Must Start Encrypting E-Mail By Oct. 1st

Posted by Soulskill on Monday September 22, @03:53PM from the wouldn't-bet-on-it dept. Encryption Businesses Privacy Security United States

dtothes writes

"Baseline is reporting the state of Nevada has a statute about to go in effect on October 1, 2008 that will force businesses to encrypt all personally identifiable information transmitted over the Internet. They speak with a Nevada legal expert who says the problem is that the statute is written so broadly that the law could potentially open up a ton of unintentional liability and allow for the interpretation of things like password-protected documents to be considered sufficiently encrypted. Quoting: 'Beyond the infrastructure impact, the statute itself looks like Swiss cheese. Bryce K. Earl, a Las Vegas-based attorney, ... has been following the issue closely and believes there are some problems with the statute as it is on the books right now, namely the broad definition of encryption, the lack of coordination with industry standards and the unclear nature of penalties both criminal and civil.'"

[From the article:

The statute was signed into law in 2005 and is about to kick in as an enforceable law next month. Three years flies when you're raking in chips at casinos and enjoying the rising popularity of poker.

Laws & regulations are increasingly forcing “Best Practice” security on organizations.

MA: Tougher consumer data rule adopted

Tuesday, September 23 2008 @ 05:37 AM EDT Contributed by: PrivacyNews

In the wake of a series of alarming data breaches, placing hundreds of thousands of Massachusetts consumers at risk of identity theft, state regulators released new rules yesterday ordering businesses to better safeguard consumers' personal information.

The regulations, issued by the Massachusetts Office of Consumer Affairs and Business Regulation, require companies that handle personal information such as credit card accounts and Social Security numbers to encrypt data stored on laptops, monitor employee access to data, and take other steps to protect customer information, beginning Jan. 1. Governor Deval Patrick also signed an executive order requiring state agencies to take similar measures.

Source - Boston Globe

[From the article:

The full regulations are online at

[I think it's this one:

A much more ambitious approach... How will KISA know the sites you have 'subscribed' to? Will all website operators be required to provide that information? How will they enforce the requirement? Could you identify all the sites you have ever subscribed to?

Kr: Users May Delete Their Info at Suspicious Web Sites

Tuesday, September 23 2008 @ 05:41 AM EDT Contributed by: PrivacyNews

Internet users will be allowed to erase data about themselves at Web sites that they believe are abusing their personal information, the Korea Communications Commission (KCC) said Tuesday.

The state-run Korea Information Security Agency (KISA) will provide a section in its Web page ( that will provide users with a list of Internet sites they have subscribed to and allow them to pick sites they want their personal information deleted from. KISA will later provide an update on the termination process and confirmation after about four weeks.

Source - The Korea Times

Obvious but difficult?

Stanford Teaching MBAs How To Fight Open Source

Posted by timothy on Monday September 22, @07:43PM from the then-they-fight-you dept. Businesses GNU is Not Unix Software The Almighty Buck

mjasay writes

"As if the proprietary software world needed any help, two business professors from Harvard and Stanford have combined to publish 'Divide and Conquer: Competing with Free Technology Under Network Effects,' a research paper dedicated to helping business executives fight the onslaught of open source software. The professors advise 'the commercial vendor ... to bring its product to market first, to judiciously improve its product features, to keep its product "closed" so the open source product cannot tap into the network already built by the commercial product, and to segment the market so it can take advantage of a divide-and-conquer strategy.' The professors also suggest that 'embrace and extend' is a great model for when the open source product gets to market first. Glad to see that $48,921 that Stanford MBAs pay being put to good use. Having said that, such research is perhaps a great, market-driven indication that open source is having a serious effect on proprietary technology vendors."

Wish I was in this group...

Confirmed: The blogosphere is mainstream

Posted by Dan Farber September 22, 2008 9:23 PM PDT

With nearly 1,000,000 posts a day, the blogosphere is overflowing with content and now fully established as a mainstream rather than fringe phenomenon. Traditional media have adopted blogs as a complementary form of content to the traditional news and feature stories. According to Techhnorati's latest report on the state of the blogosphere, many bloggers are making money. Technorati surveyed a sample of about 1,000 bloggers and found that the mean annual revenue for advertising is $6,000, but sites with 100,000 or more unique visitors are generating more than $75,000 in revenue.