http://www.pogowasright.org/article.php?story=20090305153252110
Consumer Reporting Agency Settles FTC Charges: Sold Tenant Screening Reports to Identity Thieves
Thursday, March 05 2009 @ 03:32 PM EST Contributed by: PrivacyNews
A consumer reporting agency that failed to properly screen prospective customers and, as a result, sold at least 318 credit reports to identity thieves, has agreed to settle Federal Trade Commission charges that it violated federal law. Under the settlement, the company and its principal must ensure that they provide credit reports only to legitimate businesses for lawful purposes, use a comprehensive information security program, and obtain independent audits every other year for 20 years. The settlement also imposes a $500,000 penalty but suspends payment due to the defendants’ inability to pay.
.... The defendants are Rental Research Services, Inc. and Lee Mikkelson, both located in Eden Prairie, Minnesota. The Commission vote to authorize staff to refer the complaint and stipulated final order to the Department of Justice for filing was 4-0. The documents were filed in the U.S. District Court for the District of Minnesota.
Source - FTC Related FTC Files
Great little chart to illustrate the problem
http://www.atthebreach.com/blog/patch-availability-at-time-of-breach/
Patch Availability At Time of Breach
Recently Cybertrust released a data breach study . There is a lot of great information in it, but one thing I found particularly interesting was regarding breaches that were caused by vulnerability exploit. In those instances, how long had patches been available that if used would have prevented the breach from occuring. What they found from their in depth analysis of 500 data breach cases was the attached graphic. In 90% of cases, breaches had been available for more than 6 months. In no cases were there exploits of vulnerabilities that had patches available for 1 month or less. This emphasizes a blog post that talks about why hackers use old vulnerabilities to compromise networks. The answer is simply because they work!
Perhaps more emphasis should be placed on ensuring all systems are patched including all operating systems, and most importantly the 3rd party apps that we use rather than just how quickly we can patch.
Why do they really want to do this?
http://www.pogowasright.org/article.php?story=20090305181511636
Amex Demands Right to Call and SMS Any Phone You Call Them From
Thursday, March 05 2009 @ 06:15 PM EST Contributed by: PrivacyNews
American Express wants to keep in touch.
So much so that Amex is changing its fine print so that it or its robots can call or SMS card holders on any phone line a member ever uses to contact the company, and the card holder will get the bill.
That change in its U.S. card holders' terms of service agreement means travelers should be very wary about using hotel phones, pay phones, borrowed mobiles, or satelite phones to call Amex--- even in an emergency, according to travel guru Edward Hasbrouck who first brought attention to the change.
Source - Threat Level
[From the article:
But Amex's VP for Public Affairs Desiree Fish says users shouldn't worry about the change and that it doesn't mean what it plainly means. Amex will never divulge secret info over the phone or via SMS, Fish assures, and if people want to opt out of marketing phone calls, they can do so online.
Did someone actually hint they would consider writing a law?
http://www.pogowasright.org/article.php?story=20090305122329420
Major tech companies to drop support for comprehensive U.S. privacy law
Thursday, March 05 2009 @ 12:23 PM EST Contributed by: PrivacyNews
In the summer of 2006, a who's who of technology and Internet companies garnered headlines when they formed the Consumer Privacy Legislative Initiative. The group, which included Intel, Microsoft, eBay, Google, HP, Oracle, and Sun, was charged with promoting the adoption of a national privacy law in the U.S. (initial statement here). According to BNA's Electronic Commerce & Law Report (sub required), next week those same companies will announce a shift in name and emphasis.
Source - Straight.com
[From the article:
Microsoft Chief Privacy Strategist Peter Cullen tells BNA that "legislation is actually the wrong place to start. To provide effective privacy protection, it's going to potentially require good legislation. But more importantly, it will require good business processes and good accountability." The group is therefore morphing into the Business Forum for Consumer Privacy, which advisors say is working toward building a self-regulatory framework.
Wow You can get anything on Craig's List!
http://yro.slashdot.org/article.pl?sid=09/03/05/2225208&from=rss
Sheriff Sues Craiglist For Prostitution Ads
Posted by timothy on Thursday March 05, @05:50PM from the shameful-waste-of-tax-money dept. The Courts Privacy Politics
Amerika writes
"Craigslist is 'the single largest source of prostitution in the nation,' according to Cook County, Illinois Sheriff Thomas Dart. He has announced that he's filing a lawsuit against the popular classifieds site. Craigslist says it's determined to prevent criminal activity."
NewYorkCountryLawyer adds a link to the 28-page complaint (PDF), which "alleges that Craigslist maintains 21 classifications of sex-for-hire, coded as 'w4m,' 'm4m,' 'm4w,' etc." and that it has facilitated child prostitution and kidnapping and human trafficking.
Boy did they get roasted for this one. (Looks like the site crashed too.)
http://news.slashdot.org/article.pl?sid=09/03/05/215209&from=rss
State of Colorado Calls Firefox Insecure, IE6 Safe
Posted by timothy on Thursday March 05, @04:43PM from the sheeps'-bladders-may-be-used-to-prevent-earthquakes dept. Security Government Internet Explorer Mozilla IT
linuxkrn writes
"The State of Colorado's Office of Technology (OIT) has set up a work skills website. The problem is that the site says 'DO NOT use FIREFOX or other Browsers besides IE. It has been decided that Mozilla based, non-IE browsers pose a security risk.' (Original emphasis from site.) If the leading IT agency for the State is making these uneducated claims, should the people worry about their other decisions?"
Related Geeky stuff
http://tech.slashdot.org/article.pl?sid=09/03/06/029215&from=rss
9 Browsers Compared For Speed and Features
Posted by timothy on Thursday March 05, @10:57PM from the you-forgot-konqui-and-galeon dept. Software The Internet
notthatwillsmith writes
"Counting public betas and release candidates, there are a whopping nine different web browsers out today with enough market share to be considered mainstream. Maximum PC explains the differences between the browsers, future and present, so that you can make a more informed decision about the primary tool you use to browse the web. From the rendering engines used to the features that set the different browsers apart, this is a comprehensive, blow-by-blow battle between Safari 3, Internet Explorer 7, Firefox 3, Opera 9.6, Google Chrome, Firefox 3.1, IE 8, Safari 4, and Opera 10."
Useful resource
http://www.bespacific.com/mt/archives/020754.html
March 05, 2009
New on LLRX.com: Knowledge Discovery Resources 2009: An Internet MiniGuide Annotated Link Compilation
LLRX.com - Knowledge Discovery Resources 2009: An Internet MiniGuide Annotated Link Compilation - Marcus P. Zillman's compilation is dedicated to the latest and most reliable resources for knowledge discovery available through the Internet. This wide ranging selection of resources provides specialized tools, applications and sources relevant to researchers from many disciplines.
I looked. They don't have Java or C++
http://www.killerstartups.com/Web20/sanbit-com-learning-up-a-new-language
Sanbit.com - Learning Up A New Language
Sanbit is a new site that plays out a welcome role: letting you pick up a new language in a lively setting. The site makes for practicing every aspect of any foreign language that you might be interested in, and this includes not only reading texts and listening to audio files but also writing essays that are read by those who make up the community of native speakers.
One of the best features on offer is the ability to find language partners that will let you practice what you have learned so far with all the inherent advantages that the contact with others bring.
TRY THIS! Very interesting. Pick a location and then monitor the twitter traffic...
monitter? what is it?
Simple. It's a twitter monitor, it lets you "monitter" the twitter world for a set of keywords and watch what people are saying. Cool huh?
Geek history with images!
http://hardware.slashdot.org/article.pl?sid=09/03/05/190242&from=rss
A History of Storage, From Punch Cards To Blu-ray
Posted by timothy on Thursday March 05, @02:38PM from the isn't-that-right-joey dept. Data Storage Media
notthatwillsmith writes
"Maximum PC just posted a comprehensive visual retrospective about data storage, starting with the once state of the art punch card and moving through the popular formats of yesteryear, including everything from magtape to Blu-ray discs. It's amazing how much data you could pack on a few hundred feet of half-inch magnetic tape!"
[From the article:
A single reel of the oxide coated half-inch tape could store as much information as 10,000 punch cards
Geeky stuff
http://www.killerstartups.com/Web-App-Tools/screenfix-net-making-the-web-crisp-once-again
ScreenFix.net - Making The Web Crisp Once Again
ScreenFix compiles together a set of five different tools that can be used by anybody in order to have a crisp image on his monitor. These applications are three different checkers (“Gamma Checker”, “Phasing Checker” and “Brightness Checker”) and two fixers (“Dead Pixel Fixer” and “Flickr Fixer”). Moreover, the site includes a tool for checking TN monitors, and that tool goes by the corresponding denomination.
These tools go by self-explanatory names, and they are all provided at no cost. They are all hosted on the server, too, so that you won’t have to incur into software downloads of any kind, nor worry about updating anything.
No comments:
Post a Comment