http://www.databreaches.net/?p=4583
OK: City alerted to security breach
June 5, 2009 by admin Filed under: Government Sector, U.S.
Derrick Miller of The Duncan Banner reports:
When Donna Howell, City of Duncan personnel supervisor, went to make an ACH transaction (electronic payment) for the city Tuesday evening, she found something strange. The payment had already been made.
Knowing she didn’t make the payment, Howell got the city to look into the matter, and it was discovered that an electronic security breach occurred, putting not only city funds, but also customer banking information at risk.
Gerald Morris, financial director for the city, said, “There could be a breach of our customers’ bank information, those using bank draft.
[From the article:
After the breach was discovered, the city began contacting customers who had the highest risk of their accounts being breached.
The highest risk customers are those who use bank draft and have accounts beginning with a 1 or a 4. [Indicating they actually know what data was accessed! Bravo!! Bob]
Coming soon to a country near me? “Our security is perfect.”
http://www.theregister.co.uk/2009/06/05/atm_phantom_withdrawal/
Judge backs Halifax in Chip and PIN clone case
Phantom withdrawal verdict may go to appeal
By John Leyden Posted in Crime, 5th June 2009 06:27 GMT
Halifax, the UK retail bank, has scored a victory in a closely-watched 'phantom withdrawal' case that put the security of Chip and PIN on trial.
Halifax customer Alain Job sued the bank after he was held liable for making eight disputed cash machine withdrawals from his account. Job was left £2,100 out of pocket from the series of withdrawals in February 2006 and launched a lawsuit after failing to obtain a refund from the bank, or through arbitration.
Cases over "phantom withdrawals", where money is withdrawn from bank ATMs without the card holder's permission and where card details have not being divulged to third parties, are commonplace, even in the UK.
… Job's barrister, Stephen Mason, told IDG that Halifax had junked evidence that might have ascertained if a cloned card was used. The original ATM card and the Authorisation Request Cryptogram were destroyed by Halifax.
Guidance at last or a snowball's chance in hell?
http://www.pogowasright.org/article.php?story=20090605050707634
Appellate judge asks Supreme Court to clarify privacy rights
Friday, June 05 2009 @ 05:07 AM EDT Contributed by: PrivacyNews
Is there a constitutional right to informational privacy?
That is a question that Chief Judge Alex Kozinski of the U.S. 9th Circuit Court of Appeals is asking the U.S. Supreme Court, saying that the justices hinted at such a right 32 years ago and "never said another word about it."
Kozinski urged the high court Thursday to clarify what, if any, right a citizen has to shield medical and mental health records from an employer's inspection. The issue arises from the successful challenge by workers at Jet Propulsion Laboratory, Caltech and other federal aerospace contractors to the Bush administration's demand for probing security reviews after the Sept. 11, 2001, terror attacks.
Source - Los Angeles Times
[From the article:
Senior research scientist Robert M. Nelson and 27 other JPL specialists sued NASA in 2007 to thwart the government's demands for access to their financial, medical and psychiatric records in exchange for letting them keep their jobs.
Truth, justice and the Swiss way?
http://torrentfreak.com/war-on-piracy-more-important-than-right-to-privacy-090604/
War on Piracy More Important Than Right To Privacy
Written by enigmax on June 04, 2009
A Swiss court has ruled that an anti-piracy tracking company can continue monitoring the public on the Internet. The court said that the need to fight illicit file-sharers outweighs the need to protect an individual’s privacy on the Internet, and that the ends justified the means.
Gary Alexander passes this along...
http://www.informationweek.com/news/showArticle.jhtml?articleID=217701343&cid=nl_IW_daily_html
Time Warner Under Fire For New Terms Of Service
Critics charge that policy changes are a threat to network neutrality.
By K.C. Jones InformationWeek June 2, 2009 03:52 PM
Time Warner (NYSE: TWX) has changed its terms of service, and network neutrality advocates say that the changes raise doubts about the provider's commitment to providing equal service.
"It is unfortunate that just as President Obama was reinforcing his commitment to Net Neutrality, Time Warner was publishing new terms of service that raises serious questions about the company's commitment to an Internet free of discrimination," Gigi Sohn, president and co-founder of Public Knowledge, said in a statement released Monday. [Does this make them Republican? Bob]
Public Knowledge argues that Time Warner's new terms of service allow the provider to use any bandwidth it wants for its own services "but puts its customers at risk if they use the Internet for services that may compete with Time Warner, such as video or telephone-like services." [Don't cable companies have a monopoly in the cities they serve? Doesn't that give then the right to exercise monopoly power? Bob]
Related Notice how frequently they change. It's as if a bunch of school children were brainstorming the ideal birthday party... “Oh! Then we could have pony rides!” “We need an ice cream machine, an ice cream machine!”
http://www.pogowasright.org/article.php?story=20090605040433699
EFF Launches TOSBack - A 'Terms of Service' Tracker for Facebook, Google, eBay, and More
Friday, June 05 2009 @ 04:04 AM EDT Contributed by: PrivacyNews
"Terms of Service" policies on websites define how Internet businesses interact with you and use your personal information. But most web users don't read these policies -- or understand that the terms are constantly changing. To track these ever-evolving documents, the Electronic Frontier Foundation (EFF) is launching "TOSBack": a "terms of service" tracker for Facebook, Google, eBay, and other major websites.
... At www.TOSBack.org, you can see a real-time feed of changes and updates to more than three dozen polices from the Internet's most popular online services. Clicking on an update brings you to a side-by-side before-and-after comparison, highlighting what has been removed from the policy and what has been added.
Source - EFF
Guidelines. If we see many (even poor) guidelines, we should be able to add the good bits into something useful.
http://www.pogowasright.org/article.php?story=20090605035449297
EPIC Urges Privacy Protections for Government's Use of Social Media
Friday, June 05 2009 @ 03:54 AM EDT Contributed by: PrivacyNews
The DHS Privacy Office is seeking public comments on developing best practices on the government's use of social media. EPIC submitted comments on the benefits, issues and privacy best practices. EPIC recommended Privacy Act protections to the data collected, prohibit commercialization and sharing, and the use of a model certification system. See also EPIC's page on Social Networking Privacy, Network Advertising Initiative, and Deep Packet Inspection and Privacy..
Source - EPIC.org
Another set of guidelines – something that should already be part of the C-level review of new projects.
http://www.pogowasright.org/article.php?story=20090605040921178
UK: ICO launches an updated guide for privacy impact assessments
Friday, June 05 2009 @ 04:09 AM EDT Contributed by: PrivacyNews
The Information Commissioner’s Office (ICO) is urging organisations to always consider the impact on individuals’ privacy before developing new IT systems or changing the way they handle personal information. The call comes as the ICO today launches the latest version of the Privacy Impact Assessment (PIA) handbook. The user friendly handbook is designed to help organisations address the risks to personal privacy before implementing new initiatives and technologies.
Source - ICO Press Release (pdf)
Notice that the “Standards” are voluntary, there is no requirement to make a print record (in case the machines die), nor is there a recommendation to provide the voter with a receipt that can ensure his vote is counted.
http://www.bespacific.com/mt/archives/021515.html
June 04, 2009
NIST Delivers Updated Draft Standards for Electronic Voting Machines
"The Commerce Department’s National Institute of Standards and Technology (NIST) delivered to the Election Assistance Commission (EAC) a draft revision to the 2005 federal Voluntary Voting System Guidelines (VVSG) Version 1.0, specifying how electronic voting machines are built and tested. The EAC has made the draft revision available for public comment today, with a final version expected by the end of 2009... The draft revision, titled Voluntary Voting System Guidelines, Version 1.1, provides improved requirements for electronic voting machine accuracy, reliability, usability, accessibility and security."
YES!
http://arstechnica.com/tech-policy/news/2009/06/monticello-appeals-court-win.ars
Monticello, MN beats the phone company; Internet a "utility"
Monticello, Minnesota hoped to set state precedent by building its own fiber-to-the-home link for every resident in town. The phone company sued, but after a year in litigation, the state Court of Appeals has ruled that Internet is indeed a "utility" that can be provided by local communities and funded by city bonds.
By Nate Anderson | Last updated June 3, 2009 8:16 AM CT
The local telephone company in an 11,000-person Minnesota town objected when the town decided to lay its own fiber optic network. The telco filed a lawsuit, and then suddenly rolled out its own fiber network while the case was tied up in courts. Today, a state appeals court ruled in the city's favor (PDF); Internet access was certainly a "utility," the court said, and the city was well within its rights to finance the project as it did.
… The court shot down Bridgewater's argument that Internet service could not yet be considered a utility because it doesn't have the "near universal usage common to a utility."
The court said that "this argument is flawed. As noted by Monticello, 'it would be absurd to conclude that the Minnesota Legislature [allows revenue bonds] to be used only to fund the creation of systems that provide services that are already in universal or near-universal use'... It is illogical to conclude that something is or is not a utility based on the number of people who have access to it."
Forcing your strategy to ignore logic? Perhaps newspapers have vilified business for so long they refuse to learn anything about how to run one?
The API’s Plan To Save Newspapers: Let’s Put Humpty Dumpty Back Together Again
by Leena Rao on June 3, 2009
At last week’s hush, hush meeting of newspaper execs on how to monetize content and save a dying industry, the American Press Institute presented a white paper that offers a step by step plan of how newspapers should move forward with paid content.
… The report suggests several models to implement paid content, including micropayments, subscriptions and hybrid models. Google is compared to an atom bomb that “blew up the content business into millions of atomized pieces,” leaving news organizations with the mess of putting things back together. Comparing newspapers to “Humpty Dumpty”, the paper paints a “poor-me” tale of how news orgs are scrambling to put all the pieces back together to “restore their integrity.” And of course, news enterprises are also forced to suffer a second related atom bomb: hyper-linking. The report says: “The culture of hyper-linking and hyper-syndication that fuels the interactive Web has become an atom bomb for the old news business model.” So the remedy for putting the pieces back together according to the API: charge for content, stick it to Google, and renegotiate subscription models with Amazon for the Kindle (which it implies is unfairly making more money from content than newspapers). Apparently, nobody at the API has actually read Humpty Dumpty, otherwise they would know that you can never put the pieces back together again.
The API recommends a five pronged business plan, divided by “doctrines,” to charge users for content:
True Value Doctrine: Newspapers should create value by beginning to charge for it.
[“If you charge them, they will come.” Sound backwards to you? Bob]
Another inevitable evolution. Broadcast and cable and satellite TV is doomed.
http://www.makeuseof.com/tag/youtube-xl-supersizes-youtube-for-your-tv/
Watch YouTube Videos on Your Large Screen TV
Jun. 5th, 2009 By Karl L. Gechlik
… Google has heard all your bellyaching and ultimately super-sized YouTube for your TV!
Something for my Hacker Club?
http://www.maximumpc.com/article/news/hackers_targeting_windows_xpbased_atm_machines
Hackers Targeting Windows XP-Based ATM Machines
Posted 06/04/09 at 03:30:20 PM by Paul Lilly
For the Swiss Army folder (Because you can't own all the software used anywhere) Also useful for forensic analysis...
http://www.makeuseof.com/dir/viewdocsonline-open-documents-online/
ViewDocsOnline: Open Documents Online.
Similar tools: OpenItOnline and Samurajdata.se.
No comments:
Post a Comment