Wednesday, November 04, 2009

We'll start hearing (a bit) more from Europe.

http://www.pogowasright.org/?p=4994

EU: Telcos’ data breach notification amendment is passed

November 3, 2009 by Dissent Filed under Breaches, Featured Headlines, Non-U.S.

From Out-Law.com:

The European Council has approved a data breach notification rule for Europe’s telecoms firms. The amendment to an EU Directive will force telcos to tell customers if they lose their data.

The European Parliament and Commission have already approved the amendments, which will become law after it has been published in the EU’s Official Journal and signed by the President of the Council and President of the European Parliament.

The amendments, though, do not extend data breach notification duties to non-telecoms firms, despite the Parliament’s earlier demands that it include providers of ‘information society services’ such as online banks or health services providers.

“The Council adopted a directive amending legislation in force on universal service, ePrivacy and consumer protection,” said a Council statement on its meeting last week. “The directive adapts the regulatory framework by strengthening and improving consumer protection and user rights in the electronic communications sector, facilitating access to and use of ecommunications for disabled users and enhancing the protection of individuals’ privacy and personal data.”

Read more on Out-Law.com



Next time, I'm going...

http://www.pogowasright.org/?p=5009

Experts meet to hash out web privacy rules: The Madrid Declaration

November 4, 2009 by Dissent Filed under Featured Headlines, Other

Hundreds of privacy experts from around the world met in Madrid on Wednesday for a three-day conference which aims to arrive at a global standard for the protection of personal data.

US Homeland Security Secretary Janet Napolitano as well representatives from data protection agencies from 50 nations and top managers from key Internet firms like Google and Facebook are taking part in the event, billed as the world’s largest forum dedicated to privacy.

Artemi Rallo Lombarte, the director of the Spanish Data Protection Agency, an independent control authority which is organising the 31st International Conference of Data Protection and Privacy, said laws regulating privacy vary greatly around the world.

Read more in the Sydney Morning Herald.

EPIC.org writes:

In a crisply worded declaration, over 100 civil society organizations and privacy experts from more than 40 countries have set out an expansive statement on the future of privacy. The Madrid Declaration affirms that privacy is a fundamental human right and reminds “all countries of their obligations to safeguard the civil rights of their citizens and residents.” The Madrid Declaration warns that “privacy law and privacy institutions have failed to take full account of new surveillance practices.” The Declaration urges countries “that have not yet established a comprehensive framework for privacy protection and an independent data protection authority to do so as expeditiously as possible.” The civil society groups and experts recommend a “moratorium on the development or implementation of new systems of mass surveillance.” Finally, the Declaration calls for the “establishment of a new international framework for privacy protection, with the full participation of civil society, that is based on the rule of law, respect for fundamental human rights, and support for democratic institutions.” The Madrid Declaration was released at the Public Voice conference in Madrid on Global Privacy Standards. Multiple translations of the Declaration are available.

The full text of the declaration in English can be found here, courtesy of The Public Voice.


(Related) Perhaps we'll see more articles like this one. NOTE: Read this carefully!

http://www.hlswatch.com/2009/10/15/%E2%80%9Cdo-i-have-the-right-to-refuse-this-search%E2%80%9D/

Do I have the right to refuse this search?”

Filed under: General Homeland Security — by Christopher Bellavita on October 15, 2009



So easy, a caveman could do it!

http://www.pogowasright.org/?p=5004

Protecting your virtual privacy

November 3, 2009 by Dissent Filed under Other

The details of your personal life, such as grocery purchases and pizza topping preferences, are collected every day ― online and by club and discount cards from the gym, department store and supermarket. Though this data seems innocent enough, when it’s put together it can tell a whole lot about your health, finances and behavior. That information, a Tel Aviv University researcher reminds us, could eventually be used against you.

Dr. Michael Birnhack of TAU’s Faculty of Law and Prof. Niva Elkin-Koren from the University of Haifa recently completed a comprehensive study on information privacy laws in Israel and found compelling reasons for lawmakers everywhere to take notice. “Our research from Israel can serve as a case study of the shortcomings of a comprehensive data protection program,” says Dr. Birnhack.

“It’s not just sites like Facebook and Twitter that should cause concern,” he continues. “It’s all the trivial things that are collected about us that we’re not protected against.”

Read more on PhysOrg.

[From the article:

Federal legislation in the U.S. regulates for some 15 different kinds of specific data sets, such as health data and credit histories, but not for information collected by club and discount cards or by commercial Web sites. And it's more difficult to write a law to secure confidentiality in those areas, says Dr. Birnhack.

… paper available at http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1456968.


(Related) Just the reverse? Think there's a market for auto-surveillance?

http://www.techcrunch.com/2009/11/03/nebul-us-a-new-way-to-visualize-and-share-how-youre-spending-your-time-online/

Share How You’re Spending Your Time Online

by Jason Kincaid on November 3, 2009

Many of us spend hours a day on our browsers surfing the web both at home and from the office, but we don’t really do much with our web history, which could really serve as a goldmine of information. Nebul.us, a startup launching today in private beta, is looking to tap into this data, leveraging it to offer a cloud-based web history, a productivity tool for monitoring how you’re spending your time online, and a social link sharing service.



See? It really is simple to do – so why don't politicians like it?

http://www.technologyreview.com/web/23836/

First Test for Election Cryptography

Novel voting technology will be used in a local government election.

By Erica Naone Monday, November 02, 2009

… After votes are cast, Scantegrity lets voters check online to make sure that their ballots were counted correctly. Officials and independent auditors can also check to make sure ballots were tallied properly--without seeing how any individual voted.



Cyber War (The opposite of Homeland Security?)

http://www.bespacific.com/mt/archives/022722.html

November 03, 2009

Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities

"The United States is increasingly dependent on information and information technology for both civilian and military purposes, as are many other nations. Although there is a substantial literature on the potential impact of a cyberattack on the societal infrastructure of the United States, little has been written about the use of cyberattack as an instrument of U.S. Policy. Cyberattacks--actions intended to damage adversary computer systems or networks--can be used for a variety of military purposes. But they also have application to certain missions of the intelligence community, such as covert action. They may be useful for certain domestic law enforcement purposes, and some analysts believe that they might be useful for certain private sector entities who are themselves under cyberattack. This report considers all of these applications from an integrated perspective that ties together technology, policy, legal, and ethical issues. Focusing on the use of cyberattack as an instrument of U.S. national policy, Technology, Policy, Law and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities explores important characteristics of cyberattack. It describes the current international and domestic legal structure as it might apply to cyberattack, and considers analogies to other domains of conflict to develop relevant insights. Of special interest to the military, intelligence, law enforcement, and homeland security communities, this report is also an essential point of departure for nongovernmental researchers interested in this rarely discussed topic."



Strategy includes more that one of the marketing department's talking points. In fact, there is no reason to “sell” this point at all. Customers looking for staff (cost) reductions will find Cloud Computing on their own.

http://www.networkworld.com/community/node/47039

Tone-deaf Unisys official on why cloud computing rocks

Or what shouldn't get lost in all the puffery over cloud technology

By Paul McNamara on Tue, 11/03/09 - 5:53am.

Here's Richard Marcello of Unisys extolling one of what he sees as the virtues of cloud computing yesterday at the Cloud Computing Conference and Expo in Santa Clara:

"We were able to eliminate a whole bunch of actually U.S.-based jobs and kind of replace them with two folks out of India."

Those actually U.S.-based jobs presumably were held by actual Americans trying to feed actual U.S.-based families.



Not only could this become a billion dollar industry, but my lawyers will want access to prove it was your dog that pooped on my lawn! (Ain't technology wonderful?)

http://tech.slashdot.org/story/09/11/03http://tech.slashdot.org/story/09/11/03/1659215/Could-GPS-Keep-Tabs-On-Your-Pets?from=rss/1659215/Could-GPS-Keep-Tabs-On-Your-Pets?from=rss

Could GPS Keep Tabs On Your Pets?

Posted by samzenpus on Wednesday November 04, @01:41AM from the lassie-tracking dept.

An anonymous reader writes

"Google Latitude has already made headlines for allowing phone users to locate their friends, and there are countless other iPhone and Android phone apps already designed to transmit your location — but could pets be the next big thing in GPS tracking? A number of device manufacturers are marketing GPS technology as a futuristic tool for tracking your cat or dog, and even discovering exactly where they've been. These devices are sold under a number of names and brands, including Sportdog, LoCATor, RoamEO, Petcell, Zoombak and Pettrack."



Is this a cleverly hidden hack? Perhaps the North Korea's cyber war division plans to snarl traffic in a clever bid to bring down the economy? (Comments suggest similar problems) Interesting 'find the bug' case for my forensic class.

http://tech.slashdot.org/story/09/11/04/0053215/Toyotas-Suddenly-Accelerate-Owners-Up-In-Arms?from=rss

Toyotas Suddenly Accelerate; Owners Up In Arms

Posted by kdawson on Tuesday November 03, @11:31PM from the off-to-a-bad-start dept.

cyclocommuter writes

"Some Toyota owners are up in arms as they suspect that accidents have been caused by some kind of glitch in the electronic computer system used in Toyotas that controls the throttle. Refusing to accept the explanation of Toyota and the federal government (it involves the driver's-side floor mat), hundreds of Toyota owners are in rebellion after a series of accidents caused by what they call 'runaway cars.' Four people have died."

The article notes: "The National Highway Traffic Safety Administration has done six separate investigations of such acceleration surges in Toyotas since 2003 and found no defect in Toyota's electronics."



Copyright, not counterfeiting.

http://yro.slashdot.org/article.pl?sid=09/11/03/1943237

Anti-Counterfeiting Deal Aims For Global DMCA

Posted by kdawson on Tuesday November 03, @02:45PM from the by-whose-authority dept.

An anonymous reader writes

"Negotiations on the Anti-Counterfeiting Trade Agreement continue on Wednesday as the US, Europe, Japan, Korea, Canada, Australia, and a handful of other countries secretly negotiate a copyright treaty that includes statutory damages, new search and seizure power, and anti-camcording rules. Now the substance of the Internet chapter has leaked, with information that the proposed chapter would create a 'Global DMCA' with anti-circumvention rules, liability for ISPs, and the possibility of three-strikes and you're out requirements."

[From the article:

Update: Further coverage from IDG and Numerama.

Update II: InternetNZ issues a press release expressing alarm, while EFF says the leaks "confirm everything that we feared about the secret ACTA negotiations." Electronic Frontiers Australia provides an Australian perspective on the ACTA dangers.



Something for my Disaster Recovery students. Could a hacker bring down the entire system?

http://www.bespacific.com/mt/archives/022726.html

November 03, 2009

DOT OIG: Review of FAA’s Progress in Enhancing Air Traffic Control Systems Security

DOT OIG Audit - Review of FAA’s Progress in Enhancing Air Traffic Control Systems Security, November 02, 2009, Project ID: FI-2010-006

  • "On November 2, we issued our final report on FAA’s Progress in Enhancing Air Traffic Control Systems Security. The audit objectives were to determine FAA’s progress in correcting security weaknesses previously identified in the air traffic control (ATC) system by assessing (1) the status of Business Continuity Plan implementation and (2) the enhanced methodology used in the certification and accreditation of air traffic control systems security at operational sites. The FAA made good progress in preparing the Technical Center to serve as the recovery site; yet several unresolved technical challenges, staffing issues, and funding requirements could delay recovery site readiness. Further, while FAA has enhanced the process of reviewing ATC systems security, the reviews were not properly carried out to ensure security protection of operational ATC systems."



I'm sure my students can come up with even more diabolical uses for this...

http://mobile.slashdot.org/story/09/11/03/1649246/Unfinished-Windows-7-Hotspot-Feature-Exploited?from=rss

Unfinished Windows 7 Hotspot Feature Exploited

Posted by timothy on Tuesday November 03, @11:54AM from the vestigial-tail dept.

An anonymous reader writes with this excerpt from Engadget:

"It wasn't all that long ago that Microsoft was talking up the Virtual WiFi feature developed by Microsoft Research and set for inclusion in Windows 7, but something got lost along the road to release day, and the functionality never officially made it into the OS. As you might expect with anything as big and complicated as an operating system though, some of that code did make it into the final release, and there was apparently enough of it for the folks at Nomadio to exploit into a full fledged feature. That's now become Connectify, a free application from the company that effectively turns any Windows 7 computer into a virtual WiFi hotspot — letting you, for instance, wirelessly tether a number of devices to your laptop at location where only an Ethernet jack is available, or even tether a number of laptops together at a coffee shop that charges for WiFi."



For my math students...

http://teachingcollegemath.com/?p=1753

How to Study for a Math Test

… All of the projects can be found on their website: How to Study for a Math Test.


(Related) Whatever works.

http://www.makeuseof.com/tag/3-great-online-tools-to-improve-study-skills-and-get-better-grades/

3 Great Online Tools to Improve Study Skills and Get Better Grades

Nov. 3rd, 2009 By Simon Slangen



For the Swiss Army folder (until everyone goes paperless)

http://www.walletpop.com/blog/2009/11/02/if-george-costanza-had-an-iphone-hed-use-this-app/

If George Costanza had an iPhone, he'd use this app

Aaron Crowe Nov 2nd 2009 at 11:00AM

… The Shoeboxed app allows users to take photos of receipts with their iPhone. The image is then automatically sent to Shoeboxed to be digitally archived and and categorized for expense tracking, reimbursements and deduction claims. A computer, backed by human verification, takes down the date, vendor name, amount, payment type and IRS tax category before filing away the electronic copies of the receipts.



I'm thinking of creating a decal for my laptop with Linus Torvald's face and the words: “Build your own Operating System”

http://www.infectious.com/

No comments: