Tuesday, July 14, 2009

Florida strikes again!

http://www.databreaches.net/?p=6140

FL DOE loses loan promissory notes

July 13, 2009 by admin Filed under Breach Incidents, Education Sector, Financial Sector, Lost or Missing, U.S.

Bill Cotterell of the Tallahassee Democrat reports a breach involving the Florida Department of Education’s Office of Student Financial Assistance:

The agency is notifying 475 student-loan borrowers that their financial records have been exposed to identity theft because the OSFA managed to lose 1,186 “promissory notes” that they signed when they were going to school, and have now fallen behind on.

It’s not that the money is lost. There are copies of the promissory notes, so the loans can be collected.

But Jose Blas Lorenzo Jr., director of policy, regulatory compliance and institutional review for the OSFA, said the missing files bear Social Security numbers, names and addresses, birth dates, personal references and lots of other little tidbits that could come in handy for an identity thief.

“While your file was being processed for reassignment during the week of May 25, 2009, your promissory note(s) was lost,” he wrote in the official notice approved by the Federal Trade Commission and sent to borrowers. He added that the OSFA “cannot verify if the record of your promissory note(s) has been tampered with or if the confidentiality of your promissory note(s) was compromised.”

Cotterell reportedly filed a public records request on the incident and discovered that although OSFA’s director of policy, regulatory compliance and institutional review was informed of the breach on June 2, he did not notify the bureau chief until June 23.

The story doesn’t seem to report how the promissory notes were lost.



Lexis as “good citizen?” OR, did this occur before 2004 and Lexis is only learning about it because of the arrest?

http://www.databreaches.net/?p=6146

LexisNexis warns of breach after alleged mafia bust

July 13, 2009 by admin Filed under Business Sector, Insider, Of Note, U.S., Unauthorized Access

Information broker LexisNexis has warned more than 13,000 consumers, saying that a Florida man who is facing charges in an alleged mafia racketeering conspiracy may have accessed some of the same sensitive consumer databases that were once used to track terrorists.

Lee Klein, 39, of Boynton Beach, Florida, was charged by the U.S. Department of Justice in May following an undercover sting operation that netted 11 suspects from an alleged South Florida crew of the Bonanno crime family.

On Friday, the office of the New Hampshire Attorney General posted a letter that LexisNexis sent out to consumers last month, warning that Klein may have used his access to LexisNexis’ Seisint databases “in order to perpetrate certain crimes.”

Read more of Bob McMillan’s report on Network World.

[From the article:

On Friday, the office of the New Hampshire Attorney General posted a letter that LexisNexis sent out to consumers last month, warning that Klein may have used his access to LexisNexis' Seisint databases "in order to perpetrate certain crimes."

… In a statement, LexisNexis said Monday that "the former Seisint customer involved in this matter should have provided notice to potentially affected individuals. However, because the customer is no longer in business we provided the notice."

… Seisint is best known as the creator of the ill-fated MATRIX (Multi-State Anti-Terrorism Information Exchange) terrorist data-mining project, which was shut down in 2005 following privacy concerns. LexisNexis, a division of Reed Elsevier, acquired Seisint in 2004 for US$775 million. It sells two Seisint products: Accurint, which provides information on individuals and their assets, and Securint, a background screening tool.



It takes little effort to steal an ID

http://www.databreaches.net/?p=6150

OK: ID theft attributed to online public records

July 13, 2009 by admin Filed under Breach Incidents, Exposure, Government Sector, ID Theft

Some Pottawatomie County residents claim they are the victims of identity theft, and they believe it is the result of their Social Security numbers being visible online.

[...]

At issue are mortgage and lease documents posted to a publicly accessible Web site. The documents were posted with social security numbers in view.

Pottawatomie County clerk Nancy Bryce said there is no plan currently to remove them from the Web.

Read more on KOCO.com.



Bigger is not always better. (Nor as easily fenced.) Somehow I doubt this is actually a mainframe. Sounds more like a rack-mounted server.

http://www.databreaches.net/?p=6162

Mainframe computer stolen from local TVCC campus

July 14, 2009 by admin Filed under Breach Incidents, Education Sector, Theft, U.S.

A “mainframe computer” containing confidential student information was stolen over the weekend from the Palestine campus of Trinity Valley Community College, according to local authorities.

Source: The Palestine Herald

The number of students with information on the computer was not reported, and no notice appears on the college’s web site at the time of this posting.

In an unusual twist, although thieves stole a computer and some money, they reportedly left a glass container filled with urine in the office from which the money was stolen. [Thank you for the DNA sample! Bob]

[From the article:

“Of course, they cut a lot of wires (to take the mainframe computer),” the sheriff said. [Most computer 'wiring' (cable) unplugs at both ends. Bob]



I'm sure there's a perfectly logical explanation.

http://yro.slashdot.org/story/09/07/13/1727218/Wells-Fargo-Bank-Sues-Itself?from=rss

Wells Fargo Bank Sues Itself

Posted by samzenpus on Monday July 13, @01:37PM from the so-crazy-it-just-might-work dept.

Extreme economic problems require extreme solutions, and Wells Fargo Bank has come up with a good one. They have decided to sue themselves. Wells Fargo holds the first and second mortgages on a condominium that is going into foreclosure. As holder of the first, they are suing all other lien holders, including the holder of the second, which is Wells Fargo. It gets better. The company has hired a lawyer to defend itself against its own lawsuit. The defense lawyer even filed this answer to the complaint, "Defendant admits that it is the owner and holder of a mortgage encumbering the subject real property. All other allegations of the complaint are denied." On the website The Consumer Warning Network, Angie Moreschi wrote: "We've apparently reached the perfect storm for complete and utter idiocy by some banks trying to foreclose on homes."



Citizens in a Surveillance Society. Is this a business opportunity for GPS technology (minus the phone contract)

http://hardware.slashdot.org/story/09/07/13/2148232/Tracking-a-Move-Via-Find-My-iPhone?from=rss

Tracking a Move Via "Find My iPhone"

Posted by kdawson on Tuesday July 14, @02:45AM from the unintended-consequences dept. cellphones macbook

dmolnar writes

"I recently helped my girlfriend move her stuff from Chicago, IL to Oakland, CA. The movers were scheduled to arrive at 8AM on the 5th of July, and we were stressing the day before about all the things that could go wrong with a move. We realized that if we knew where her stuff was, it'd make us feel better. This is a story about using the $99 iPhone to track the move ... and about a somewhat surprising potential use of Find My iPhone to track your friends' iPhones without them noticing."



Privacy is never a 'one size fits all” absolute.

http://www.bespacific.com/mt/archives/021813.html

July 13, 2009

Report examines Privacy Implications of Data.Gov

"Center for Democracy and Technology (CDT) today released a Policy Post discussing privacy implications for the federal data clearinghouse known as data.gov and de-identification considerations for the Open Government Directive. While this initiative signifies a step in the right direction towards a more open and transparent federal government, it must be done in concert with protecting the privacy of individuals. The Policy Post recommends specialized review procedures for each data set on data.gov. In addition, it says that different levels of data protections should be implemented in different contexts and that de-identification guidelines should be adaptable over time. This is essential in addressing consumer privacy risks associated with handling large data sets, as is the case with data.gov."



A candidate article for “A brief history of Privacy”

http://blog.law.cornell.edu/voxpop/2009/07/08/peter_winn/

Bentham and the Privacy of the Grave

Published July 8, 2009

… Bentham famously believed that publicity was the key to truth. His ideal was a Panoptic universe, where all in the world would believe themselves to be constantly observed, listened to, and monitored.



Isn't it the third generation (the grandchildren) who have the most difficulty with inherited wealth?

http://news.yahoo.com/s/nm/us_korea_north

North Korea leader Kim has pancreatic cancer: report

By Jack Kim Jack Kim – Mon Jul 13, 10:54 am ET

SEOUL (Reuters) – North Korean leader Kim Jong-il has life-threatening pancreatic cancer, South Korean broadcaster YTN said on Monday, citing information gathered from Chinese and South Korean intelligence sources.

… Kim's health is one of the most closely guarded secrets in the reclusive state. There has never been official confirmation of him falling ill.

… South Korean officials said the military grandstanding was aimed at helping Kim build internal support as he prepares for succession, with his youngest son seen as the likely heir.



Very interesting, if a bit awkward.

http://radar.oreilly.com/2009/07/recovery-mapping-arra-spending.html

Recovery Mapping: ARRA Spending Across the US

by Brady Forrest

To really understand economic and government data you need a map. This is especially important to remember right now with the American Recovery and Reinvestment Act (ARRA) spending. There's a lot of data out there and it's when you see can see the relative concentration of funds within a state that the spending priorities begin to become clear.

A number of states have put their spending plans online in map form. ESRI, the GIS toolmaker, has compiled a list of states and federal agencies that use their technology to put recovery data online. (ESRI is the dominant GIS provider to governments around the world so this a pretty good list). I applaud states and agencies that have taken the time to put their data online, I just wish that they had invested more in the UI (see Colorado's use of nurse heads to represent relative Health spending across the state for an example).



What planet are these guys living on? Some journalists. They give us a list of singers, but not the text of the document they signed. It turns out to be vague and whiny.

http://www.bespacific.com/mt/archives/021807.html

July 13, 2009

International publishers demand new intellectual property rights protection to safeguard the future of journalism

News release, July 9, 2009: "On the day that Commissioner Viviane Reding unveils her strategy for a Digital Europe during the Lisbon Council, and as the European Commission's consultation on the Content Online Report draws to a close this week, senior members of the publishing world are presenting to Information Society Commissioner Viviane Reding and Internal Market Commissioner Charlie McCreevy, a landmark declaration adopted on intellectual property rights in the digital world in a bid to ensure that opportunities for a diverse, free press and quality journalism thrive online into the future."

[From the article:

Universal access to our services should be available, but going forward we no longer wish to be forced to give away property without having granted permission. [The current law addresses that. Perhaps they don't need new laws after all? Bob]

[The Hamberg Declaration:

http://www.axelspringer.de/downloads/153453/Hamburg_Declaration.pdf



How to be a non-typical newspaper? Could be a useful app at any seminar or large classroom.

http://www.guardian.co.uk/open-platform/blog/curating-conversations

Open Platform Blog

Curating conversations

Twitter is becoming an ever present backchannel at conferences and events. However sometimes it needs curating and moderating, especially if it's to be displayed large as a part of the event. Here we talk about an app built in a few hours and open sourced today which we used for this purpose for The Guardian's Activate Summit.

Twitter is becoming a very fertile backchannel at conferences and news stories. It provides a simple mechanism for those at conferences to discuss themes, to amplify topics of interest and to engage those unable to attend. We wanted to keep the immediacy of Twitter as a backchannel but also maintain some sense of respect for the speakers, who would often have the messages writ large above their head.

… An un-moderated or un-curated stream obviously gives you the purest view in terms of openness, but when displayed large, can actually give a poorer experience for the conference goers.

The two main problems as ever are unwelcome content (swearing, racist or homophobic content, links to pornography and other linkbombs) and automated spam aimed at trending topics.



Interesting. Monitoring all that data might provide some interesting intelligence too.

http://news.cnet.com/8301-1001_3-10285718-92.html?part=rss&subj=news&tag=2547-1_3-0-5

Ghost's operating system comes alive

by Dara Kerr July 13, 2009 5:35 PM PDT

In the middle of the desert between Israel and Palestine, Ghost's high-tech Virtual Computer is set to launch Tuesday. After three years of work, Ghost finished the development of its Web-based operating system that uses "cloud computing" to let users access their desktop and data from any computer worldwide.

Ghost, short for Global Hosted Operating System, was founded in 2006 by Zvi Schreiber, whose goal was to create the Virtual Computer that works with third-party Web applications like Google Docs, Zoho, and Flickr and joins them together into one online service and can be accessed from any computer with the Internet. Users can also access their personal desktop, files and applications.


(Related) Cloud computing is the next big thing?

http://news.cnet.com/8301-19413_3-10286028-240.html?part=rss&subj=news&tag=2547-1_3-0-5

Lawyers shine light on real cloud concerns

by James Urquhart July 14, 2009 5:00 AM PDT

Like moths to a porch light (or trial lawyers to ambulances), many lawyers are finding the uncertain legal and regulatory terrain of cloud computing fertile ground for new legal analysis--and new legal business.

… The gap between the cloud and the current state of legislation is serious. Check out these examples from past posts:

… For example, take CNET's recent coverage of a panel on the effects of cloud computing on cyber crime at Symantec's Norton Cyber Crime Day. Matthew Parrella, chief of the computer hacking and intellectual property unit at the U.S. Attorney's Office, noted that "hacking" PCs by inserting software into the system by various means is being replaced by a new threat:

"That model of importation of software is becoming obsolete because we're seeing on the horizon cloud computing where so many of these operations are pushed from a user's PC or a user's computer onto Google Docs or Salesforce.com," he said.

… Barry Reingold and Ryan Mrazik, members of the Privacy and Security practice group at law firm Perkins Coie, coauthored a very well written paper in Cyberspace Lawyer (a legal journal I hope I can afford). The paper, titled "Cloud Computing: The Intersection of Massive Scalability, Data Security and Privacy" (PDF), covers a wide swath of issues largely targeted at data and processing taking place in external clouds.

… Also of interest to me was a post by Daniel Schwartz of the Connecticut Employment Law Blog, titled "Cloud Computing and Employment Law: The Uncharted Sky". In this post, Schwartz asks some interesting questions regarding data stored in external clouds:

From an employment law perspective, I have not seen much, if anything on the subject. For example, Connecticut's wage and hour laws require employers to keep track of various records of the employee including hours worked, etc. The catch? Such records need to be kept at the employer's place of business for three years. Does storing the information in "the cloud" satisfy that?

… Of course, it could also lead to a whole new collection of cloud lawyer jokes...



Another resource for my Math students

http://www.makeuseof.com/tag/the-best-free-algebra-homework-help-websites/

The Best Free Algebra Homework Help Websites

Jul. 13th, 2009 By Ryan Dube

… As usual, help is available on the Internet, and the following list are some of the best free algebra homework help websites that can make the process of learning algebra a whole lot easier.

MyAlgebra – A Free Algebra Problem Solver

A very simple and useful resource is the MyAlgebra online problem solver application. While this isn’t the first place a student should go for help, because it simply provides the answer to the equation, it is an excellent website for students to check their work.

Illuminations – Cool Algebra Activities and Lessons

Nothing is quite as frustrating for many students as trying to understand abstract concepts, and learning to do so by reading drab and boring textbooks that make you want to go to sleep. Luckily, the National Council of Teachers of Mathematics in the U.S. understands this problem and created a website called Illuminations that brings the subject (including algebra) to life for students.

Algebra.com – Math Tutors Who Just Can’t Get Enough

Of course, the best place to get some free algebra tutoring is Algebra.com, an online community of mathematicians who are obsessed with the topic. You can turn their obsession into your child’s advantage by posting problems for the tutor community to answer. The website itself offers more lessons and information than probably any other algebra help website out there.

Math.com – Interactive Algebra Help

Another valuable site filled with step-by-step instructions and lessons for students to learn the most important algebra concepts is Math.com. This site covers both the basics as well as advanced concepts under categories like “The Language of Algebra”, “Equations and Inequalities” and “Graphing Equations and Inequalities.”

Drexel University – The Math Forum

The Math Forum is a valuable public service offered by Drexel University that offers both students and teachers dozens of resources. Many of the resources are buried within internal links, but the Algebra Section alone offers classroom materials for teachers, Internet projects, public forums and even links to algebra software throughout the net.



Can I make my students subscribe?

http://radar.oreilly.com/2009/07/citizen-engineer-open-source-h.html

Citizen Engineer: Open Source Hardware Hacking Zine

by Brady Forrest

Over at Adafruit, Limor Fried and Phil Torrone have put out the first issue of Citizen Engineer. It's a zine devoted to open-source hardware, electronics arts and hacking.

… The issue also contains info on how to modify old payphones. It reminds me of 2600, but pt and Limor provide the hardware for the hacks.


(Related) Perhaps more of the Surgical Technology students will take my hacking course?

http://radar.oreilly.com/2009/07/recovery-mapping-arra-spending.html

Hackers' Next Target — Your Brain?

Posted by ScuttleMonkey on Monday July 13, @04:27PM from the true-tongue-in-cheek dept.

security biotech

Hugh Pickens writes

"Wired reports that as neural devices become more complicated — and go wireless — some scientists say the risks of 'brain hacking' should be taken seriously. ' "Neural devices are innovating at an extremely rapid rate and hold tremendous promise for the future," said computer security expert Tadayoshi Kohno of the University of Washington. "But if we don't start paying attention to security, we're worried that we might find ourselves in five or 10 years saying we've made a big mistake."' For example, the next generation of implantable devices to control prosthetic limbs will likely include wireless controls that allow physicians to remotely adjust settings on the machine. If neural engineers don't build in security features such as encryption and access control, an attacker could hijack the device and take over the robotic limb."

Relatedly, several users have written to tell us that science may be closer to the science fiction "mind wipe" than previously thought. Put this all together and I welcome the next step in social networking; letting the cloud drive my limbs around town via a live webcam and then wiping the memory from my brain. Who has MyLimb.com parked and is willing to deal?



Humor? Maybe they are looking for someone to pretend to be a satisfied customer?

http://www.networkworld.com/community/node/43490

Best Buy calls Twitter a job qualification

Employment ad asks for "250 plus followers" on social networking site

By Paul McNamara on Mon, 07/13/09 - 10:46am.

Twitter skeptics -- and they remain legion -- will find the idea silly … but it's not, particularly not in this case.

From a Computerworld Canada story:

A recent job posting on Best Buy Co Inc.’s Web site for a Senior Manager – Emerging Media Marketing position based out of the company’s corporate headquarters in Richfield, Minn. listed two preferred job qualifications: a graduate degree and 250+ followers on Twitter.

(Update: Just stumbled across this item noting that Best Buy in general is big on Twitter and that company CEO Brian Dunn has an account, albeit one that just barely would qualify him for employment in his marketing department.)


(Related)

http://www.wired.com/gadgetlab/2009/07/girl-falls-into-manhole-while-texting-parents-sue/

Girl Falls Into Manhole While Texting, Parents Sue

By Charlie Sorrel Email Author * July 13, 2009 | * 9:06 am

It’s hard to decide who are the biggest morons in this story: parents or daughter. 15 year-old Alexa Longueira was walking along Victory Boulevard in Staten Island when she fell into an open manhole.

Why didn’t she see it? You’re ahead of me here. She was too intent on tapping out a text message to notice the gaping gap in the sidewalk and just dropped straight on in.



He who steals my flash drive, steals o more – ever! KaBoom!

http://hardware.slashdot.org/article.pl?sid=09/07/13/1836204

IronKey Unveils Self-Destructing USB Flash Drive

Posted by ScuttleMonkey on Monday July 13, @05:11PM from the better-than-having-to-eat-it dept.

fysdt writes to share that IronKey has released a USB flash drive with self-destruct capability. Specializing in "secure flash drives," IronKey has launched the S200 aimed at government and enterprise customers, "featuring hardened physical security, the latest Cryptochip technology, active anti-malware and enhanced management capabilities. It's the 'first and only USB storage device to achieve FIPS 140-2, Level 3 validation' and delivers advanced Cryptochip featuring AES-256, tamper-resistance and self-destruction circuitry."

Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)