Saturday, April 04, 2009

What is proper to disclose? There is no adequate guidance, so the University's disclosure was based more on CYA than technology.

http://www.databreaches.net/?p=2793

Ohio University Closes Door on Breach Saga With $90,000 Settlement

April 3, 2009 by admin Filed under: Education Sector, U.S.

Steve Kolowich reports:

Ohio University has settled a lawsuit with two former information-technology administrators, paying them a total of $90,000 because the university improperly failed to disclose some records related to an investigation of a data breach three years ago. Thus concludes a saga fraught with litigation, finger-pointing, and the perils of technology.

Read more in The Chronicle of Higher Education, where you’ll learn that the attorneys got the bulk of the settlement.

[From the article:

It fired the plaintiffs, Todd Acheson and Thomas Reid, after an audit from an independent company placed the blame on their shoulders.

However, a university Administrative Senate panel concluded after an investigation that the university had unfairly scapegoated the two administrators, and that William F. Sams, the vice provost for information technology, and other university officials were at fault in the breach.

… According to John J. Biancamano, general counsel to the university, administrators only redacted information they thought might expose the university to further data breaches. But Mr. Biancamano now admits that the university failed to disclose everything it should have.



Another area with little or no guidance? Policy shouldn't chase technology.

http://www.pogowasright.org/article.php?story=20090404044914258

Facebook discipline may be illegal: expert

Saturday, April 04 2009 @ 04:49 AM EDT Contributed by: PrivacyNews

Firms who discipline or sack staff for comments made on Facebook and Twitter could be acting illegally, says a veteran lawyer.

Stories about NSW Department of Corrective Services threatening to sack prison officers over Facebook posts and Telstra disciplining employee Leslie Nassar for Twitter comments have provoked a series of other examples.

Source - The Age

[From the article:

He said employment contracts are unlikely to cover staff use of social networking sites.

"What employers are doing is they're scrambling and trying to make out that present policies can be stretched to cover these new areas, and in many respects they can't," Penning said.

… The growth of social networking sites like Twitter, Facebook and MySpace has meant people are having private conversations they would have at the pub in an online setting.

However, Penning said this was no longer considered private comment because the discussions are published and distributed publicly.



I thought this sounded like a privacy bomb. Now terrorists don't need to shut down US infrastructure, they just need to convince the President to do it for them.

http://yro.slashdot.org/article.pl?sid=09/04/03/1637203&from=rss

New CyberSecurity Bill Raises Privacy Questions

Posted by kdawson on Friday April 03, @01:47PM from the picture-future-presidents dept.

Nicolas Dawson points out coverage in Mother Jones of the early stages of a new cybersecurity bill that conveys sweeping powers on the President. Quoting:

"The Cybersecurity Act of 2009 (PDF) gives the president the ability to 'declare a cybersecurity emergency' and shut down or limit Internet traffic in any 'critical' information network 'in the interest of national security.' The bill does not define a critical information network or a cybersecurity emergency. That definition would be left to the president. The bill ... also grants the Secretary of Commerce 'access to all relevant data concerning [critical] networks without regard to any provision of law, regulation, rule, or policy restricting such access.' This means he or she can monitor or access any data on private or public networks without regard to privacy laws."


Related. Look at what they can do today without the “Cybersecurity” bill. Think of it as surrounding Colorado and making everyone show proof of citizenship.

http://tech.slashdot.org/article.pl?sid=09/04/03/231220&from=rss

FBI Seizes All Servers In Dallas Data Center

Posted by Soulskill on Friday April 03, @07:58PM from the surgical-precision dept. The Internet Government Privacy

1sockchuck writes

"FBI agents have raided a Dallas data center, seizing servers at a company called Core IP Networks. The company's CEO has posted a message saying the FBI confiscated all its customer servers, including gear belonging to companies that are almost certainly not under suspicion. The FBI isn't saying what it's after, but there are reports that it's related to video piracy, sparking unconfirmed speculation that the probe is tied to the leaking of Wolverine."



“Hey! We're entitled!” What if I choose to use a non-AT&T service?

http://tech.slashdot.org/article.pl?sid=09/04/03/2058237&from=rss

Group Pushes FCC To Investigate Skype for iPhone

Posted by ScuttleMonkey on Friday April 03, @06:12PM from the making-the-network-crumble-crumble dept.

Macworld is reporting that an internet advocacy group has asked the FCC to investigate whether the WiFi-only restriction on the Skype for iPhone app is in violation of federal law.

"Since its release on Tuesday, Skype for iPhone has been downloaded more than a million times — that's a rate of six downloads a second, according to the company. All this despite the fact the software only works via the iPhone's Wi-Fi connection, and not AT&T's 3G network. [...] The letter cites the FCC's Internet Policy Statement (PDF link) which states that 'consumers are entitled to run applications and use services of their choice' in order to 'preserve and promote the open and interconnected nature of the public Internet.'"


Related. Advertise and sell ever more capable devices then implement ever more restrictive terms to hide the fact that your network dates back to the 1870s

http://hardware.slashdot.org/article.pl?sid=09/04/04/005240&from=rss

AT&T Changes TOS, Limits Streaming, Tethering

Posted by Soulskill on Friday April 03, @10:01PM from the wait-this-could-cost-us-money dept. Wireless Networking Communications

MojoKid writes

"Just one day after announcing plans to subsidize netbooks, AT&T wised up to the fact that those netbooks and connections could be used to download movies and enjoy other bandwidth-intensive applications. Apparently trying to avoid bogging down their network, the company revised its data plan service terms to single out and prohibit 'downloading movies using P2P file-sharing services, customer initiated redirection of television or other video or audio signals via any technology from a fixed location to a mobile device, and web broadcasting...' The license agreement further prohibits tethering the device to PCs or other equipment. That's a pretty strict set of rules. After all, the new terms of service seems to limit applications such as SlingPlayer, Qik, Skype, and Jaikuspot, which many AT&T customers are currently using without issue."

Update — April 4, 02:50 GMT by SS: Reader evn points out an Engadget report that AT&T quickly retracted the changes.



Keep an eye on this. It is certain to be more politics than technology.

http://news.cnet.com/8301-13578_3-10212101-38.html?part=rss&subj=news&tag=2547-1_3-0-5

Cybersecurity review closely scrutinizing telecom policy

by Stephanie Condon April 3, 2009 4:20 PM PDT

The government may have to take a new approach to securing the nation's telecommunications infrastructure, two senior administration officials said Friday.

The intersection of military operations and telecommunications policy is just one of the many facets of cybersecurity currently under review by the administration as it wraps up its 60-day, government-wide review of cybersecurity programs.



Related? “Now that I work for Apple, I realize that the iPhone will stop Global Warming!”

http://reviews.cnet.com/8301-12261_7-10211700-51.html?part=rss&subj=news&tag=2547-1_3-0-5

Gore: Wireless access to info means power

by Tom Krazit April 3, 2009 11:16 AM PDT

LAS VEGAS--Former Vice President Al Gore sought to link the democratic effects of information sharing with the growth of the wireless industry as the solution to all of life's problems.



Also a way to fry every computer in the neighborhood? Another stop on my paranoid worry beads.

http://news.cnet.com/8301-13639_3-10211830-42.html?part=rss&subj=news&tag=2547-1_3-0-5

DIY 'e-bombs' a threat to airliners

by Mark Rutherford April 3, 2009 5:36 PM PDT

… The world's major military powers have tinkered with EMP warheads that broadcast radio-frequency shockwaves of hundreds of thousands of volts per meter. But now, any crackpot can build one of these "e-bombs" with low-cost equipment purchased online.

In analyzing electromagnetic weapons currently in development, the International Institute for Counter-Terrorism in Herzliya, Israel, discovered that there is plenty of information and affordable equipment available on the Net that could be used by terrorists to build a weapon strong enough to fry nearby electrical systems, including the ones keeping civil airliners aloft. Popular Mechanics estimated the cost of building just such a weapon at $400.



Something for the Anthropologists?

http://news.cnet.com/8301-13577_3-10211898-36.html?part=rss&subj=news&tag=2547-1_3-0-5

The dark secrets of Whopper Sacrifice

by Caroline McCarthy April 3, 2009 1:19 PM PDT

SAN FRANCISCO--"I don't know how many of you actually got sacrificed out there, but condolences to you," said Matt Walsh, head of the Interaction Design department at ad agency Crispin Porter & Bogusky, as he surveyed the audience at his Friday morning talk at the Web 2.0 Expo.

CP&B, after all, was the creator of the "Whopper Sacrifice" phenomenon, a Burger King ad campaign on Facebook that promised a coupon for a free hamburger if participants deleted 10 people from their friends lists on the social network. It was a wild success: the Facebook application was installed nearly 60,000 times in a matter of days, nearly 20,000 Whopper coupons were sent out, and well over 200,000 Facebook friends were deleted. Facebook members even created unofficial groups, offering to let other members add them as friends and then delete them for Whopper Sacrifice purposes.

But Facebook disabled the campaign after ten days, claiming that it was a violation of user privacy because Whopper Sacrifice notified friends if they had been deleted. "(It) challenged the very concept of Facebook," Walsh said. "Whopper Sacrifice had been sacrificed." In an ironic twist, that just led to even more buzz for the campaign.

… "Some people thought it was a little brutal because we did send notifications," Walsh admitted. "If I defriended you, you would get a message saying that you were worth less than one-tenth of a Whopper."



I'm thinking I should do this for Computer Security and Hacking 101. But since Apple is giving the tools away for free, perhaps I should stick to the iPhone?

http://blog.wired.com/gadgets/2009/04/apple-stanford.html

Apple, Stanford Teaching iPhone Development for Free

By Brian X. Chen April 02, 2009 4:45:22 PM

… Video recordings of Stanford's 10-week computer science class, taught by two Apple employees, will be freely downloadable through Apple's iTunes U educational channel. The course's syllabus and slides will be freely available on iTunes as well.

… The removal of the NDA led to the launch of Apple's iPhone University program, giving instructors and students all the software needed to code for the iPhone for free.



For Cindy's “Sex & Power” class. Funny how many articles fall into this category now that I'm looking for them. Not so funny, how people treat anything to do with sex like it was a live bomb.

http://www.pogowasright.org/article.php?story=20090404052117834

Judge won't dismiss lawsuit over nude pictures on phone

Saturday, April 04 2009 @ 05:21 AM EDT Contributed by: PrivacyNews

A judge on Friday denied a motion to dismiss a lawsuit filed against McDonald's after a woman's nude pictures - left on her husband's cell phone - were posted on the Internet.

Source - Northwest Arkansas Times

Previous coverage

[From the article:

Phillip Sherman on July 5 left his cell phone in the McDonald's restaurant on Martin Luther King Jr. Boulevard in Fayetteville. His wife had previously sent nude pictures of herself to his cell phone for his own use, according to the complaint.

The Shermans seek more than $3 million in damages after nude photos of Tina Sherman were posted on a Web site and she received threatening and harassing text and phone messages, according to the lawsuit.

Tina Damron, attorney for the Shermans, argued Friday against allowing attorneys in the case from releasing information about her witnesses in the case and other details to prevent further embarrassment or harassment of her clients.

She said more than 1 million people have searched Google looking for information about the case after the story about her clients' lawsuit made international news.

"You're asking these lawyers to prepare this case and never tell their clients what it's about?" 4th Judicial Circuit Judge Mary Ann Gunn asked



Another article for Cindy's “Sex & Power” class.

http://blog.wired.com/27bstroke6/2009/04/sexting-hysteri.html

'Sexting' Hysteria Falsely Brands Educator as Child Pornographer

By Kim Zetter April 03, 2009 9:41:16 AM

… Rumors had been flying at Freedom High School in South Riding, Virginia that students were distributing nude pictures of each other on their cell phones. It's a phenomenon, known as "sexting," that's become increasingly worrisome to educators across the country, and Ting-Yi Oei, a 60-year-old assistant principal at the school, was tasked with checking it out.

… Even in this environment of prosecutorial excess, Oei's case stands out as likely the first to entangle an adult who came in possession of an image that even police admit wasn't pornographic, and who did so simply in the course of doing his job.

… "If someone were to Google me, why would you want to touch someone who had [this trouble], even if I had the charge dismissed?" he says. "I don't think you'd necessarily want that baggage."



This might be a tool for the White Hat Hacker Club.or the Privacy Foundation

http://www.killerstartups.com/Web-App-Tools/printcasting-com-print-your-magazines

PrintCasting.com - Print Your Magazines

http://www.printcasting.com/

Printcasting is the app you need to convert your blog or publication into a printed one. What printcasting aims to do is empower everyone who has some sort of publication to turn it into a printed publication, and enable them to begin making some money from it. The whole thing works in a very easy way which in many ways resembles podcasts. What you do is subscribe your blog or internet publication on the site and automatically the site’s engine will make a document that will look very appealing to your prospective readers.

The coolest thing about the whole interface is how they have developed the location-based ads system. This will allow small publishers to make a profit out of their hard work and also allow publishers a valuable new mean to communicate their messages at a very competitive cost. The service for advertisers will be free to begin with, so that they can get a feel of how the system works and from there onwards the service will be a paid one. It is worth noting that at the time of this review the site is still in a beta stage and that new features are being tested to incorporate them to the site.

No comments: