http://www.databreaches.net/?p=7130
UK: Hackers steal £1m in online tax scam
September 14, 2009 by admin Filed under Breach Incidents, Government Sector, ID Theft, Non-U.S., Of Note
Stephen Condron and Christopher Leake report:
Police are investigating how criminals managed to steal £1million from the taxman by accessing a Government computer system and granting themselves rebates.
The thieves filed returns online using the passwords of genuine self-assessment taxpayers – then diverted the money to bogus accounts.
The sting prompted concern yesterday that the fraudsters may have obtained the passwords from one of the many Whitehall laptops stolen over the past few years. [Why would the laptops have user passwords? Bob]
[...]
The system penetrated by the thieves, the Government Gateway, was set up at a cost of £18million as part of Tony Blair’s vision for services to be administered electronically. It allows users to fill in forms online for anything from paying parking tickets to claiming child tax credit.
The thieves are understood to have diverted the money to bank accounts set up fraudulently using the names of the password holders.
Scotland Yard’s specialist e-crime unit, which arrested a man last week in connection with the case, is investigating whether the fraudsters used sophisticated software to find a weakness in Gateway or whether they targeted the computers of the people whose identities they stole.
Read more in The Mail.
[From the article:
One accountant, who had 52 of his 110 clients targeted by the tax fraudsters, said he was told by HM Revenue & Customs of rebates totalling more than £150,000.
...HMRC has taken the attack on its system so seriously that it has provided a template for a letter accountants can send to clients to apologise and reassure them that their tax affairs will not be affected. [Sounds like this is much larger than the article suggests. Bob]
A response the US should adopt?
http://tech.yahoo.com/news/afp/20090913/tc_afp/skoreaitinternetsecurity_20090913073323
SKorea to train 3,000 'cyber sheriffs': report
Posted on - Sun Sep 13, 2009 3:33AM EDT
Is this the basis for DNA testing as well?
Police say syringes will help stop drunk driving
By REBECCA BOONE, Associated Press Writer– Sun Sep 13, 2:56 pm ET
… For years, defense attorneys in Idaho advised clients to always refuse breath tests, Ada County Deputy Prosecutor Christine Starr said. When the state toughened the penalties for refusing the tests a few years ago, the problem lessened, but it's still the main reason that drunk driving cases go to trial in the Boise region, Starr said.
Idaho had a 20 percent breath test refusal rate in 2005, compared with 22 percent nationally, according to an NHTSA study.
Starr hopes the new system will cut down on the number of drunken driving trials. Officers can't hold down a suspect and force them to breath into a tube, she noted, but they can forcefully take blood — a practice that's been upheld by Idaho's Supreme Court and the U.S. Supreme Court.
Here's a non-lawyer question: Knowing that the City was likely to be sued on occasion, shouldn't the city attorney review the records retention policies? More pointed question: Why haven't they noticed this several lawsuits ago?
Boston City Government Discovers Email Retention
Posted by Soulskill on Sunday September 13, @09:27AM from the hey-those-stacks-of-emails-take-up-a-lot-of-space dept.
An anonymous reader writes
"The Boston Globe, covering a battle to unseat the 16-year incumbent mayor, has found out that the city has no email retention policy. A city official who receives hundreds of emails a day was found to have only 18 emails in his mailbox. The city has enabled journaling on its Exchange server in response. The Globe also notes that they had to curtail requests for emails under the Open Records law because for each mailbox, 'City officials estimated they would charge $5,000 for six months worth of email.'"
[From the article:
“Clearly, employees cannot delete e-mails that have substantial content,’’ said Secretary of State William F. Galvin, who is responsible for enforcing the law. “The improper deletion of e-mail is a violation of the public records law. Period.’’
Without copies of substantive e-mails that Kineavy or others deleted, however, there is no proof of violations and therefore no sanctions can be imposed, Galvin’s office said
… The city’s most powerful official, Menino, leaves almost no electronic trail that is subject to the public records law, in part because he conducts some city business on his personal cellphone and does not use e-mail. [...and this make him untouchable? Bob]
(Related) I'll be watching this one.
http://www.pogowasright.org/?p=3790
Is personal eMail subject to open-records law?
September 14, 2009 by Dissent Filed under Court, U.S., Workplace
Maya T. Prabhu reports:
A case that will be argued before the Wisconsin Supreme Court in November could set a precedent that affects the way educators and other public employees use their eMail.
The court has agreed to hear a case that will determine whether the public’s right to know what its government is doing extends to reading personal eMails of teachers sent while at work–and legal experts say the employees in question, and all public school employees in general, might not have a reasonable expectation of privacy.
[...]
The case began when a private citizen filed a public-records request asking the Wisconsin Rapids School District to provide eMail messages sent “from the computer [the teachers] use[d] during their school work day” between March 1 and April 13, 2007. He stated that he was on a “fishing expedition” to see if the teachers violated school policy by using their work eMail to discuss school board elections.
Read more in eSchool News.
Not sure there is much new, but good to see it being covered
http://www.pogowasright.org/?p=3788
Designing the personal data stream: Enabling participatory privacy in mobile personal sensing
September 14, 2009 by Dissent Filed under Other
The Abstract from Designing the Personal Data Stream: Enabling Participatory Privacy in Mobile Personal Sensing by Katie Shilton, Jeffrey A. Burke, Deborah Estrin, Ramesh Govindan, Mark Hansen, Jerry Kang, and Min Mun:
For decades, the Codes of Fair Information Practice have served as a model for data privacy, protecting personal information collected by governments and corporations. But professional data management standards such as the Codes of Fair Information Practice do not take into account a world of distributed data collection, nor the realities of data mining and easy, almost uncontrolled, dissemination. Emerging models of information gathering create an environment where recording devices, deployed by individuals rather than organizations, disrupt expected flows of information in both public and private spaces. We suggest expanding the Codes of Fair Information Practice to protect privacy in this new data reality. An adapted understanding of the Codes of Fair Information Practice can promote individuals’ engagement with their own data, and apply not only to governments and corporations, but software developers creating the data collection programs of the 21st century. To support user participation in regulating sharing and disclosure, we discuss three foundational design principles: primacy of participants, data legibility, and engagement of participants throughout the data life cycle. We also discuss social changes that will need to accompany these design principles, including engagement of groups and appeal to the public sphere, increasing transparency of services through voluntary or regulated labeling, and securing a legal privilege for raw location data.
Full-text article available here (pdf).
[From the conclusion:
Mobile sensing provides the ability to bring individuals and groups into research on a massive scale, opening up data collection and participation in data analysis by taking advantage of mobile phones, tools widely adopted across the world.
Interesting read. I (naively) assumed most of this was already in place. How else does a service firm prove their value?
http://www.bespacific.com/mt/archives/022310.html
September 13, 2009
New on LLRX.com - Are Law Firms Ready for Transparency?
Are Law Firms Ready for Transparency? Attorney and KM expert V. Mary Abraham provides details on how one law firm has found a way to create real transparency in its dealings with clients via an extranet, and whether this process may start a trend.
The ICO “undertakings” seem to spell out “what went wrong” quite clearly. Perhaps I'll have my Security students collect and categorize them...
http://www.ico.gov.uk/what_we_cover/data_protection/enforcement.aspx
Information Commissioner's Office
The ICO has legal powers to ensure that organisations comply with the requirements of the Data Protection Act. It is important to note that these powers are focused on ensuring that organisations meet the obligations of the Act.
Technology marches on.
http://www.bespacific.com/mt/archives/022311.html
September 13, 2009
New on LLRX.com: Legal Implications of Cloud Computing - Part One (the Basics and Framing the Issues)
Legal Implications of Cloud Computing - Part One (the Basics and Framing the Issues) - Attorney David Navetta contends that there there will be significant financial pressure on organizations to take advantage of the pricing and efficiency of cloud computing, and if attorneys fail to understand the issues ahead of time there is a serious risk of getting "bulldozed" into cloud computing arrangements without time or resources to address some serious legal issues that are implicated.
[From the article:
Bottom line: this is not your father's outsourcing relationship, and trying to protect clients with contracts may be very difficult or impossible unless the cloud computing community begins to build standards and processes to create trust.
… One of the key differences between a traditional outsourcing relationship and cloud computing is where the data resides or is processed. [This was the most difficult aspect of Cloud Computing for my Security students to get their minds around. Bob]
… In a cloud environment, geography can lose all meaning. Cloud platforms may not be able to tell "where" data is at any given point in time. Data may be dispersed across and stored in multiple data centers all over the world. In fact, use of a cloud platform can result in multiple copies of data being stored in different locations. This is true even for a "private cloud" that is essentially run by a single entity. What this also means is that data in the cloud is often transferred across multiple borders, which (as discussed below) can have significant legal implications.
Basil: Next time someone recommends software to me, I'm going to look at investing in them...
Intuit To Acquire (Former TechCrunch50 Winner) Mint For $170 Million
by Michael Arrington on September 13, 2009
Now this is fun science! Perhaps the Galapagos iguanas have evolved to eat Global Warming scientists?
http://science.slashdot.org/story/09/09/14/0747259/Darwins-Voyage-Done-Over-Live?from=rss
Darwin's Voyage Done Over, Live
Posted by timothy on Monday September 14, @05:12AM from the it-was-live-the-first-time-too dept.
thrill12 writes
"Almost 178 years ago, Charles Darwin set sail in the HMS Beagle, to do the now famous explorations that formed the basis for Darwin's On The Origin Of Species. Now, a group of British and Dutch scientists, journalists and artists set sail again to redo the voyage of the Beagle. This time, they are taking modern equipment with them and they have live connections through Twitter, Youtube, Facebook and Flickr. As they re-explore, and (re)discover, we can join that 8-month-long trip, live over the internet."
I always read the book (honest!) but I also read the Cliff Notes because I didn't always “get” what the author was trying to say. I still don't see what the big deal was about the ducks in Catcher n the Rye.
http://www.makeuseof.com/tag/7-alternatives-to-sparknotes-cliffsnotes-for-book-summaries/
7 Alternatives to SparkNotes & CliffsNotes For Book Summaries
Sep. 14th, 2009 By John McClain
… Sites like SparkNotes and CliffsNotes are often hailed as lifesavers for those reading-intensive classes, providing quick, easy-to-read study guides and summaries of books that students may not have even bothered to read at all. Still, these websites aren’t just for lazy bums, as they do make for great tools with understanding and analyzing the text.
With over 460 free study guides, book notes, and chapter summaries, PinkMonkey is a great resource for students.
Shmoop is one of the best sites on the Web for learning about not only literature, but also other school topics like U.S. history, poetry, civics, biography, and even current bestsellers.
If you find the book you’re reading on JiffyNotes, it’s worth looking into. While the website’s design isn’t that great, it’s the content that counts.
GradeSaver is another great place for students in need of help. A well-written summary and analysis is provided for the book’s chapters, with other helpful additions like a glossary of terms, character list, and major themes.
BookRags has a sizable collection of free literature summaries and study guides. Along with chapter summaries, the site covers author/context, plot summary, major characters, objects/places, and quotes.
Like JiffyNotes, Bookwolf’s design isn’t very appealing, but again, content prevails.
At just over 300 summaries, WikiSummaries boasts a collection of mostly classic books and novels.
… Students should also be sure to check out these handy online learning tools and the 10+ Web tools to save your butt in school.
Tools & Techniques
Masher – A Free Online Video Share Tool To Make Little Photo Stories
Sep. 13th, 2009 By Saikat Basu
[An example: http://www.masher.com/player.jsp?key=78a5f7db-2c08-0559-36f4-0000758146e0&adScheme=0
Put this in your Search or Swiss Army folder.
Phrases
Phrases.net is a large collection of common phrases, casual expressions and idioms that can be browsed, searched, rated, heard and translated to several languages.
Tools & Techniques I think I'll mention this to my students. Easiest way to kill it? Make it mandatory!
http://teachingcollegemath.com/?p=1449
Notesharing in the Digital Age
[…]
Here are just a few sites available for free:
NoteMesh — this site seems like the most honest of the bunch in that students collaborate to build a set of good notes and there is no profit to be made. Students have to indicate their college/university and add their classes to their profile upon registering. Students in the same class can then post and edit their own notes. Since each class uses a wiki, students are able to view and edit their peers notes as well. Like most wikis, there is a “history feature” which allows you to remove any changes if necessary.
Notecentric — this site is similar to NoteMesh but also gives the user the ability to “spy” on other classes.
Knetwit - students can (try to) make money off their class notes (one muses to oneself why the student without notes does not just pick up and read their textbook instead)
Sharenotes – students (or presumably the professor) can post notes and charge by the download if you’d like. You can also browse institutions for specific notes on specific classes. Some notes are shared free of charge.
University Notes — in addition to sharing notes and/or tests nationwide, students can also rate their professors here and use the on-site blog.
Here are some links to other blog posts / articles on this topic in case you are, like us, morbidly fascinated with this industry that is emerging around the economy of notes:
No comments:
Post a Comment