Saturday, August 01, 2009

Our students are so out of control this is all we can think of to do... Parents (who gave their kids cell phones for Emergencies) might find this sub-optimal?

School System Considers Jamming Students' Phones

Posted by ScuttleMonkey on Friday July 31, @03:30PM from the only-one-man-would-dare-give-me-the-raspberry dept. communications education

An anonymous reader writes

"The St. Ansgar, Iowa school system is considering buying cell-phone jamming equipment for up to $5000 if it is deemed legal. The use of the equipment would be suspended in the case of an emergency, but one has to wonder if they would be quick enough to shut it down should an emergency arise. 'A Federal Communications Commission notice issued in 2005 says the sale and use of transmitters that jam cellular or personal communications services is unlawful.'"

Privacy is where you find it.

A hard case makes bad law

August 1, 2009 by Dissent Filed under Court, Non-U.S.

What case did Debbie Purdy win on Thursday? I am sure that most people believe that, as Channel 4 News put it, she won “a landmark ruling allowing her husband to travel with her to Switzerland where the MS sufferer plans to end her life”. That is how most of the media, who seem to favour the “right-to-death” campaigners, have presented it.

But it is not so. The Law Lords’ ruling did not allow Miss Purdy’s husband to do anything. It merely called on the Director of Public Prosecutions to produce a “custom-built” policy (whatever that is) about when he would prosecute people for assisting suicide.


It is interesting that the Purdy case has employed the law of “privacy”. We have been here before. In the Roe vs Wade case in the United States in 1973, the Supreme Court decided that abortion, previously a matter for states, was permitted by the 14th Amendment to the Constitution. That amendment does not talk about privacy, let alone abortion, but it upholds “due process” when the authorities try to take any liberty away from a person. The Supreme Court found the right to “privacy” hidden in that amendment, and the right to abortion hidden within privacy. It was a stretch of the meaning of words.

Now “privacy” is the favourite again. Because the European Convention on Human Rights is now entrenched in our law, we are subject to Article 8, which says that “everyone has the right to respect for his private… life”. It is, indeed, vitally important that private life is respected, but when they found on the other side of the argument in the Diane Pretty case in 2002, the Law Lords said that Article 8 “related to the manner in which a person conducted her life, not the manner in which she departed from it”. Now they have decided the opposite – that assisted suicide is “part of the act of living” and therefore related to privacy. Again, judges have stretched the meaning of words. When you strip away their legal language, you see that they are merely expressing their own opinions.

In 1973, in America, the judges were pro-abortion, and decided to make the law fit their view. In 2009, in Britain, they are pro-euthanasia, and euthanasia has been blocked by previous court judgments and by Parliament. So the judges decide that rights which concern life are actually rights to promote death. It is a morally arguable point of view, but it does not have much to do with upholding justice. As was always predicted by opponents of European “human rights” legislation, the courts have become a tool for reflecting the elite views of the age, rather than carefully interpreting the laws made by elected legislators.

Read more of columnist Charles Moore’s commentary in The Telegraph.

I reiterate my concern with “automated updates”

Defcon: New Hack Hijacks Application Updates Via WiFi

Researchers will release a tool that lets attackers replace application updates with malware

Jul 31, 2009 | 03:21 PM By Kelly Jackson Higgins DarkReading

DEFCON 17 -- LAS VEGAS, NV -- Researchers here tomorrow will demonstrate a way to hijack the application update process via WiFi and replace the updates with malware.

It doesn't take long to start thinking like a monopoly

FCC Probing Apple, AT&T Rejection of Google Voice

Posted by Soulskill on Saturday August 01, @08:16AM from the now-you've-done-it dept.

suraj.sun writes with an update to the news from a few days ago about Apple pulling Google Voice apps for the iPhone. Their actions have raised the interest of the FCC, which is now beginning an investigation into the matter.

"In a letter sent to Apple, the FCC asked the company why it turned down Google Voice for the iPhone and pulled several other Google Voice-related programs from the iPhone's only sanctioned online mart. The FCC also sent similar letters to both AT&T — Apple's exclusive carrier partner in the US — and Google, asking both firms to provide more information on the issue. The FCC's letter asked Apple whether it rejected Google Voice and dumped other applications on its own, or 'in consultation with AT&T,' and if the latter, to describe the conversations the partners had. In other questions, the FCC asked Apple whether AT&T has any role in the approval of iPhone applications, wants the company to explain how Google Voice differs from any other VoIP software that has been approved, and requested a list of all applications that have been rejected and why."

(Related) Thoughts from the other side...

VoiceCentral Developer Talks About Being Pulled from App Store and Apple's Lack of Communication

Posted 07/31/2009 at 9:09:39pm | by Michelle Delio

It’s been a long and confusing week for Kevin Duerr, thanks to Apple’s stubborn belief that it’s perfectly fine to conduct business as if you are high-level government officials from a particularly snarky banana republic.

Duerr and his team at Riverturn, a technology consulting firm that also builds iPhone apps, have spent the past five days trying to figure out the real reason why Apple pulled their VoiceCentral Google Voice app from the App Store and whether there is any hope that Apple will reconsider its decision.

Tools & Techniques Save these to your Hacker Folder. You never know when you might need them.

Researchers offer tools for eavesdropping and video hijacking

by Elinor Mills July 31, 2009 5:51 PM PDT

LAS VEGAS--Showing off technology that James Bond would love, two researchers at Defcon on Friday demonstrated tools that allow people to eavesdrop on video conference calls and intercept surveillance camera video.

If you don't use an RSS Reader, give one a try. There is too much useful information out there to continue ignoring. (I still use SharpReader. Simple but effective.)

How To Discover The RSS Feed Of A Webpage If A Link Isn’t There

Jul. 31st, 2009 By Saikat Basu

Works in Denver too. Describes in intricate detail how I could use Public Transportation to travel the 3 ½ miles to Colorado Tech in a mere hour. Might be very useful back ease where they know how to run a transit system.

July 31, 2009

Massachusetts Bay Transit Authority Partners with Google Transit

News release: "MBTA General Manager Daniel A. Grabauskas announced the T's partnership with Google Transit and the convenience and ease travelers will have when planning a trip on the authority's bus, subway, commuter rail, and boat service. Similar to the MBTA's Trip Planner, Google Transit, a feature of Google Maps, is a web-based application that plans a trip using public transportation options. The service calculates the route, transit time, and any necessary walking directions. This on - line feature which provides directions in various languages using the [public] transit option on Google Maps; and reaches people that the MBTA trip planner does not by surfacing public transit itineraries as an alternative when a user does a directions search within Google Maps. Including the Boston Metro area, Google provides transit information for many major cities across the United States and elsewhere around the world. Transit trip planning is also available on mobile phones including iPhone, Blackberry, Windows Mobile, S60, and other Java enabled phones."

  • Get started in three easy steps:
    1) Go to
    2) Click on Get Directions, then enter your start and end points.
    3) Select By Public Transit from the drop down menu

For my students who can't read?

ThoughtAudio: Collection of Free Full Audio Books

If you are looking for downloadable audio books, is good place to start. It is a web resource that lists cool collection of free full audio books. The collection consist of books from classic literature, history and philosophy, and includes well known titles such as The Call of the Wild, Sidhartha, Metamorphosis… etc. You can browse books, listen them online and download as mp3 file.

Similar sites: NewFiction, WellToldTales, PodioBooks and LibriVox.


How To Download Free Hulu Movies To Your Computer

Jul. 31st, 2009 By Tim Watson

… One problem, though. Hulu videos stream in Flash video, and there wasn’t any way to download and save programs for mobile viewing. That was true until I read up on the appropriately-named Hulu Video Downloader, a simple yet powerful little program, for which I have yet to find a free equal.

Think of a future where every student can learn any subject from the best teachers in the field.

New Cook or Be Cooked! Teaches Kitchen Skills With Wiimote

By Tracey John Email Author July 31, 2009 2:55 pm

NEW YORK — Step away from the stove, Cooking Mama. Iron Chef Michael Symon wants to teach gamers how to cook with a new videogame.

The Food Network’s upcoming Wii title Cook or Be Cooked!, developed by Red Fly Studio (Mushroom Men) and published by Namco Bandai, features more than 30 recipes taken from the Food Network Kitchens. Would-be cooks can play through the game and learn the basics, like bacon and eggs, or move to more advanced recipes such as lasagna and steak.

Global Warming! Global Warming! I have to admit, I missed “The Gore Effect” but that would be yet another indication that Mother Nature is out to get him...

May 04, 2009

Has the global sea ice decline stopped?

These are good times to be a climate change skeptic.

The planet has not shown substantial warming for a decade now. The Gore Effect seems to be holding. Some glaciers are advancing. And the Arctic Sea ice appears to have halted its decline, if only temporarily.

[From the link:

The so-called Gore Effect happens when a global warming-related event, or appearance by the former vice president and climate change crusader, Al Gore, is marked by exceedingly cold weather or unseasonably winter weather.

Friday, July 31, 2009

Today's theme seems to be “Let's drive the IP Lawyers nuts!”

It's not a sale, it's not a lease, you don't own it so you can't resell it. Fortunately, they haven't realized that their DRM is copyrighted, so they could charge repeatedly for the keys that allow access to the data you bought (leased?) (Perhaps you purchased a right to pay the copyright holder in perpetuity?)

Big Content: ludicrous to expect DRMed music to work forever

Rightsholders can't understand why people who bought DRMed music only to have the authentication servers go dark might demand the right to crack the DRM. Big Content believes the idea that rightsholders "are required to provide consumers with perpetual access to copyrighted works" is laughable. Ha ha.

By Nate Anderson Last updated July 29, 2009 11:54 AM CT

"We reject the view," he writes in a letter to the top legal advisor at the Copyright Office, "that copyright owners and their licensees are required to provide consumers with perpetual access to creative works. No other product or service providers are held to such lofty standards. No one expects computers or other electronics devices to work properly in perpetuity, and there is no reason that any particular mode of distributing copyrighted works should be required to do so."

(Related) I told you these guys were smart. But are they right?

How Wolfram Alpha's Copyright Claims Could Change Software

Posted by timothy on Thursday July 30, @05:09PM from the my-patent-app-will-involve-prayer-wheels-and-combinatorics dept. software

snydeq writes

"Fatal Exception's Neil McAllister suggests that Wolfram Research's claim to copyright of results returned by the Wolfram Alpha engine could have significant ramifications for the software industry. 'While software companies routinely retain sole ownership of their software and license it to users, Wolfram Research has taken the additional step of claiming ownership of the output of the software itself,' McAllister writes, pointing out that it is 'at least theoretically possible to copyright works generated by machines.' And, under current copyright law, if any Wolfram claim to authorship of the output of its engine is upheld, by extension the same rules will apply to other information services in similar cases as well. In other words, 'If unique presentations based on software-based manipulation of mundane data are copyrightable, who retains what rights to the resulting works?'"

(Related) Wasn't this to be expected? Was the student wrong to base his work on something he never owned (or leased or whatever)

Student sues over deleted homework

July 30, 2009 by Dissent Filed under Businesses, Court, Youth

A class action lawsuit filed today takes to task after the company deleted George Orwell books from customers Kindles.

According to the lawsuit, deleted these books after claiming that it had mistakenly sold them without permission from the copyright owner.

After a barrage of criticism from customers, the media, and public interest organizations, Amazon CEO Jeff Bezos apologized for the companys behavior, conceding that it was stupid, thoughtless, and painfully out of line with our principles.

The suit is being brought by Justin D. Gawronski, a 17-year-old high school student who had purchased Orwells 1984 to complete a summer homework assignment.

When Amazon deleted the book from his Kindle, it rendered the electronic notes he had taken worthless.

(Related?) If the dancers tried to make money, they would have been sued for “stealing” the copyrighted music?

Hard ‘Boyled’: Sony, Chris Brown Cash in on Viral Wedding Video

By Eliot Van Buskirk Email Author * July 30, 2009 1:21 pm

couldn’t help making fun of Simon Cowell and company for failing to earn a single cent from Susan Boyle’s runaway YouTube success earlier this year. It appears the rightsholders behind another surprise YouTube smash hit — the “wedding dance” video that’s been making the rounds — learned from that mistake.

On YouTube’s business blog, technical account manager Chris LaRosa and music partner manager Ali Sandler describe how Chris Brown and Sony Music managed to capitalize on the 12 million-plus times people have watched the “JK Wedding Entrance Dance” video, which shows Jill Peterson and Kevin Heinz’s wedding party boogieing down to the Chris Brown song “Forever.”

“The rights holders for ‘Forever’ used [YouTube's content management tools] to claim and monetize the song, as well as to start running Click-to-Buy links over the video, giving viewers the opportunity to purchase the music track on Amazon and iTunes,” they wrote.


11-Word Extracts May Infringe Copyright In Europe

Posted by kdawson on Friday July 31, @08:42AM from the dibs-on-copyright-on-"the" dept. court

splodus writes

"The European Court of Justice, Europe's highest court, has ruled that a service providing 11-word snippets of newspaper articles could be unlawful. Media monitoring company Infopaq International searches newspaper articles and provides clients with a keyword and the five words either side. This practice was challenged by the DDF, a group representing newspaper interests, as infringing their members' copyright. The court has referred the issue back to national courts to determine whether copyright laws in each country will be subject to the ruling. The full ruling is available at the European Court of Justice Web site."

[From the article:

Infopaq argued that its process of scanning news articles, converting the data to text and emailing its customers summaries containing the five words before and after a keyword comprise fleeting use that's exempt from the permission requirements. Infopaq also prints out cover sheets with the text snippets.

Europe's highest court held that the 11-word extracts were indeed "reproduction in part" under intellectual property laws. The court described transient acts as being "created and deleted automatically and without human intervention," such as those allowing for database browsing and caching. Such acts must also be incidental, the court said.

Not to be an alarmist, but consider the economic implications if a rogue nation (North Korea for example) was behind this type of attack and millions of bank accounts were suddenly drained or rendered inaccessible.

Clampi Trojan stealing online bank data

July 30, 2009 by admin Filed under Malware

Hundreds of thousands of Windows computers are believed to be infected with a Trojan called “Clampi” that has been stealing banking and other login credentials from compromised PCs since 2007, a security researcher said on the eve of the Black Hat security conference.

Clampi, also known as Ligats, Ilomo, or Rscan, infects computers in drive-by downloads when people visit Web sites hosting malicious code that exploits vulnerabilities in browser plug-ins Flash and ActiveX, said Joe Stewart, director of malware research for the Counter Threat Unit of SecureWorks.

Read more on ZDNet Asia. Thanks to Brian Honan for this link.

Relatively small-time, but an example of “electronic ambulance chasing.” Dean Dan Vigil will be appalled!

Jackson Memorial worker stole patient records, sold them to lawyer

July 31, 2009 by admin Filed under Breach Incidents, Healthcare Sector, Insider, Other, U.S.

Ambulance chasing just took a reckless turn — at the intersection of healthcare and the law.

A Miami man was charged Thursday with buying confidential patient records from a Jackson Memorial Hospital employee over the past two years, and selling them to a lawyer suspected of soliciting the patients to file personal-injury claims.

Ruben E. Rodriguez allegedly paid JMH ultrasound technician Rebecca Garcia $1,000 a month for the hospital records of hundreds of patients treated for slip-and-fall accidents, car-crash injuries, gunshot wounds and stabbings, federal authorities said.

Read more in the Sun-Sentinel.,0,3142534.story

How secure is that socket layer?

Null Character Hack Allows SSL Spoofing

Posted by timothy on Thursday July 30, @02:43PM from the cannot-anticipate-all-evil dept. security internet

eldavojohn writes

"Two researchers, Dan Kaminsky and Moxie Marlinspike, came up with exact same way to fake being a popular website with authentication from a certificate authority. Wired has the details: 'When an attacker who owns his own domain — — requests a certificate from the CA, the CA, using contact information from Whois records, sends him an email asking to confirm his ownership of the site. But an attacker can also request a certificate for a subdomain of his site, such as\, using the null character \0 in the URL. The CA will issue the certificate for a domain like\ because the hacker legitimately owns the root domain Then, due to a flaw found in the way SSL is implemented in many browsers, Firefox and others theoretically can be fooled into reading his certificate as if it were one that came from the authentic PayPal site. Basically when these vulnerable browsers check the domain name contained in the attacker's certificate, they stop reading any characters that follow the "\0 in the name.'"

It all started when I realized I didn't have change for the meter...

Hackers Get Free Parking In San Francisco

Posted by timothy on Friday July 31, @07:58AM from the usually-spots-at-the-end-of-the-judah-line dept. security transportation

Hugh Pickens writes

"PC World reports that at the Black Hat security conference this week, security researchers say that it is pretty easy for a technically savvy hacker to make a fake payment card that gives them unlimited free parking on San Francisco's smart parking meter system. 'It wasn't technically complicated and the fact that I can do it in three days means that other people are probably already doing it and probably taking advantage of it,' says Joe Grand. 'It seems like the system wasn't analyzed at all.' [but it was marketed like crazy... Bob] To figure out how the payment system worked, Grand hooked up an oscilloscope to a parking meter and monitored what happened when he used a genuine payment card. Grand discovered the cards aren't digitally signed, and the only authentication between the meter and card is a password sent from the former to the latter. Examining the meters themselves could yield additional vulnerabilities that might allow someone to conduct other kinds of attacks, such as propagating a virus from meter to meter via the smart cards or a meter minder's PDA."

“We don't need no stinking lawyers!” It's simple. You give us access or we'll let everyone see those pictures on your Facebook account.

EU bank data move ignored legal advice

ANDREW RETTMAN 29.07.2009 @ 16:09 CET

EUOBSERVER / BRUSSELS - EU member states laid aside the advice of their own legal experts in cutting MEPs out of talks on a new bank data deal with the US.

… The new data pact will give US treasury officials the right to peek into EU citizens' banking transactions to investigate potential terrorist activity. [Nothing controversial here... Bob]

Is this the Best Practice a security vender could demonstrate?

McAfee keeps leaked details to itself

July 31, 2009 by admin Filed under Breach Incidents, Breach Types, Business Sector, Exposure, Non-U.S.

McAfee is yet to confirm with delegates to its recent Strategic Security Conference that their details were leaked in a bulk email, as reported on iTnews yesterday. [Could it be they are hoping they weren't responsible? Bob]


In an interview on security podcast Risky Business, McAfee’s Asia Pacific President, Steve Redman, didn’t say if the security vendor will disclose the data breach to those whose details were leaked.

Redman at first said that McAfee has “a small legal responsibility and a high social responsibility” to let affected customers know about the breach, but later said “I don’t think we would send that email”.

Read more on iTnews.

Perhaps this works because the Amish don't “get” the technology they shun. Or perhaps the Amish are to be feared? “Clippity-clop, clippity-clop, BANG, clippity-clop” Amish drive-by shooting

Lancaster, Pa., keeps a close eye on itself

A vast and growing web of security cameras monitors the city of 55,000, operated by a private group of self-appointed gatekeepers. There's been surprisingly little outcry.

By Bob Drogin June 21, 2009

… It may become the nation's most closely watched small city.

… "Years ago, there's no way we could do this," said Keith Sadler, Lancaster's police chief. "It brings to mind Big Brother, George Orwell and '1984.' It's just funny how Americans have softened on these issues."

"No one talks about it," agreed Scott Martin, a Lancaster County commissioner who wants to expand the program. "Because people feel safer. Those who are law-abiding citizens, they don't have anything to worry about."

… Laid out in 1730, the whole town is 4 square miles around a central square. Amish families still sell quilts in the nation's oldest public market, and the Wal-Mart provides a hitching post to park a horse and buggy. Tourists flock to art galleries and Colonial-era churches near a glitzy new convention center.

An update on the status of “Skynet?” Can Terminators be far behind?

A.I. Developer Challenges Pro-Human Bias

Posted by timothy on Thursday July 30, @06:58PM from the what-it-is-you-intend-to-practice dept. technology

destinyland writes

"After 13 years, the creator of the Noble Ape cognitive simulation says he's learned two things about artificial intelligence. 'Survival is a far better metric of intelligence than replicating human intelligence,' and "There are a number of examples of vastly more intelligent systems (in terms of survival) than human intelligence." Both Apple and Intel have used his simulation as a processor metric, but now Tom Barbalet argues its insights could be broadly applied to real life. His examples of durable non-human systems? The legal system, the health care system, and even the internet, where individual humans are simply the 'passive maintaining agents,' and the systems can't be conquered without a human onslaught that's several magnitudes larger."

For my students. LOTS of free books.

ScienceBooksOnline: Free Science eBooks

ScienceBooksOnline is a directory of free science ebooks in different subject categories like Astronomy, Biology, Math and others. You can browse ebooks by category and read them for free online or download in PDF format. All the listed texts are offered legally on the site and have been authorized by their respective authors and publishers.

Similar sites: Project Gutenberg, Wowio and eBooksDB. Also check out earlier MakeUseOf article on The Best 6 Sites to Get Free Ebooks.

Global Warming! Global Warming! (It's coming for Al Gore! Run Al, run!)

Mysteriously High Tides on East Coast Perplex Scientists

By Alexis Madrigal Email Author July 30, 2009 12:56 pm

From Maine to Florida, the Atlantic seaboard has experienced higher tides than expected this summer. At their peak in mid-June, the tides at some locations outstripped predictions by two feet.

The change has come too fast to be attributed to melting ice sheets or anything quite that dramatic, and it’s a puzzle for scientists who’ve never seen anything quite like it.

… The unexpected tidal surge is subsiding, has reduced its reach from the entire coast, and is now concentrated just in the mid-Atlantic states.

Thursday, July 30, 2009

Leaks Happen – bumper sticker

Major national security leak via P2P

July 29, 2009 by Dissent Filed under Breaches, Featured Headlines, Govt, Internet, Legislation, U.S.

Details about a U.S. Secret Service safe house for the First Family — to be used in a national emergency — were found to have leaked on a LimeWire file-sharing network recently, members of the House Oversight and Government Reform Committee were told this morning.

Also unearthed on LimeWire networks in recent days were presidential motorcade routes and a sensitive but unclassified document listing details on every nuclear facility in the country, Robert Boback, CEO of Tiversa Inc. told committee members.

The disclosures prompted the chairman of the committee Rep. Edolphus Towns, (D-N.Y.), to call for a ban on the use of peer-to-peer (P2P) software on all government and contractor computers and networks. “For our sensitive government information, the risk is simply too great to ignore,” said Towns who plans to introduce a bill to enforce just such a P2P ban.

Read more on Computerworld.

The map is not the territory and the website is not the organization.

MI5 Website Breached By Hacker

Posted by CmdrTaco on Thursday July 30, @08:49AM from the because-they-can dept. security

Jack Spine writes

"UK intelligence agency MI5 has admitted that its website security was breached by hacker group Team Elite. A member of the hacker forum posted details of the hack last week, which took advantage of a cross-site scripting vulnerability in the site's Google embedded search. MI5 admitted the breach on Wednesday, but said that the flaw had not been exploited maliciously."

Hactivism, SPAM, how should we classify this waste of HP employee's time? If you ran HP, what response could you make?

Greenpeace Sets Captain Kirk On HP

July 30, 2009 by Christopher Nickson

As part of its campaign to remind HP of its environmental promises, Greenpeace had William Shatner leave them all a voicemail.

Earlier this week, Hewlett-Packard employees received a surprise – every one of them received a voicemail from actor William Shatner, best known for his role as Captain Kirk on Star Trek.

"This is William Shatner speaking," it said in part. "You, HP, promised me a toxic-free computer by 2009. Now my friends at Greenpeace tell me that I'll have to wait till 2011. What's up with that?"

It’s all part of a Greenpeace campaign to remind HP of its promise to make computers that are free of brominated flame retardants and PVC plastic by this year. HP has put back that target to 2011.

Brominated flame retardants are chemicals added to products that stop them bursting into flame. However, they do enter the waste stream, where they could potentially prove toxic to humans and animals; some European countries have banned them, according to the Guardian. Other computer manufacturers, such as Apple, do use alternatives.

This wasn’t the only action against HP taken by Greenpeace. Volunteers climbed to the top of the HP building and painted the words “Hazardous Products” in large letters.

(Related?) Is this indistinguishable from investigative journalism or a simple cop groupie? Does she have a lesser First Amendment right because she is a bigot?

Hobby or harassment? Blogger Strom jailed for cop site

by Lisa Provence

Elisha Strom has been sitting in Albemarle-Charlottesville Regional Jail for two weeks. Her alleged crime? Publishing the address of an officer on the Jefferson Area Drug Enforcement– JADE– task force.

“It’s a stupid reason to be in jail,” says the 34-year-old blogger, who maintains she was merely chronicling the activities of JADE as a hobby on her blog, I HeArTE JADE.

Since October 2008, Strom— already unpopular for her connections to the white separatist movement— has earned the opprobrium of law enforcement by following around JADE members, photographing them, and giving them nicknames like “Dasani,” “Longhead,” “Pringle,” and “Porn Star.”

… “It’s not illegal to publish the address,” argues Strom in an exclusive jailhouse interview nearly two weeks after her July 16 arrest. “It’s not illegal to publish the photograph. It’s illegal to do so with the intention of harassment.” [Is “making fun of” harassment? Bob]

“The best-laid schemes o' mice an 'men gang aft agley”

Google safe browsing feature could compromise privacy

July 30, 2009 by Dissent Filed under Internet

Turns out a browser security extension from Google for Chrome and Firefox browsers can actually put user privacy at risk, according to a researcher here at the Black Hat USA conference.

Robert “RSnake” Hansen, CEO of SecTheory LLC, says he discovered that Google’s Safe Browsing anti-phishing and anti-malware feature for Chrome and Firefox actually gathers and stores data about the user’s machine and browsing habits that could potentially be abused by an attacker or even incriminate the user in a legal case.

“It’s a time capsule on anyone who ever did anything in Chrome or Firefox … they can be de-anonymized way after the fact, months or years after using those browsers and the settings are turned off,” Hansen says.

Read more on Dark Reading.

Is it wise to refuse to sell to your most knowledgeable customers? Is this the best response to newer technologies they can come up with?

EMI Only Selling CDs To Mega-Chains From Now On

Posted by samzenpus on Thursday July 30, @02:01AM from the another-brick-in-the-wall dept. music business

farrellj writes

"According to Zero Paid, record company EMI has been notifying small music stores that they will no longer be able to buy EMI CDs from EMI, and will have to buy product from Mega-Chains like Walmart. Independent Record store customers are some of the most loyal music buyers around. You are not going to find the back catalog, what used to be the staple of the music business, at your local Walmart. One wonders when the Music Business is going to run out of feet to shoot?"

For my hackers...

Weaponizing Web 2.0

Imagine simply visiting a Web forum and finding that doing so forced your browser to post an embarrassing Twitter message to all of your contacts, or caused you to admit a stranger to your online social network. Now consider the same dynamic being used to move money out of your online auction account or delete the contents of your e-mail inbox.

… A copy of Moyer and Hamiel's white paper on this talk is

Another free app for your iPhone!

Text-Message Exploit Can Hijack Every iPhone, Researchers Say

By Brian X. Chen Email Author * July 29, 2009 * 12:59 pm

Security researchers plan to reveal a security hole that would enable hackers to take complete control of an iPhone with a text-messaging attack.

Security researchers Charlie Miller and Collin Mulliner will publicize the exploit Thursday at the Black Hat cybersecurity conference, according to Forbes. The researchers said the hack involves sending a series of mostly invisible SMS bursts that effectively hijack an iPhone. From thereon, a hacker could control all the functions on the iPhone, such as e-mailing, dialing contacts — and, most alarmingly, sending more text messages to hijack even more iPhones.

Well, it beats typing on your laptop while driving, but how urgent can these text messages be?

Irving Company Creates Technology That Allows Car to Do Your Texting For You

By Robert Wilonsky in News You Can Actually Use, Actually Wednesday, Jul. 29 2009 @ 8:17AM

So, driving while texting is 23 times more dangerous than just, ya know, driving; 88 percent of Texas teens do it anyhow; with the growed-ups, the number's probably closer to 104 percent; and some states are proposing legislation outlawing the practice altogether. To which an Irving-based company says: Have we got a deal for you. Last week, ATX Group -- which, from the look of its product line, is slowly turning cars into Autobots -- debuted technology that allows for "in-vehicle, hands-free text messaging via voice," meaning you talk instead of type.

Tomorrow I'll look for articles on hacking Blackberries...

July 29, 2009

New on - Blackberry Apps for Lawyers

Blackberry Apps for Lawyers: Nicole Black highlights an assortment of Blackberry applications for research, document management, mobile communications, music, dictation and more - all of which would benefit just about any law practice.

Research tools

July 29, 2009

New on Congressional Documents on FDsys: the Basics

The Government Domain - Congressional Documents on FDsys: the Basics - E-Gov guru and research expert Peggy Garvin provides an overview of the organization, content and search features of GPO's new Federal Digital System (FDsys).

Give the Times an “E” for effort, but I still prefer their RSS feed

NY Times Article Skimmer

The New York Times Article Skimmer is a pretty cool tool which could save loads of time for those who use the website everyday to browse through various news articles under different categories. Its aim is to give you quick access to the headlines thereby saving you the hassle of clicking one link after another. Just pick a category from the sidebar and see the news aggregated on one single page.

Wednesday, July 29, 2009

Indications of a well designed security system! The breach was detected and the target was immediately (almost immediately) shut down. Bravo!

Toronto Hydro admits customer data breach

July 28, 2009 by admin Filed under Breach Incidents, Business Sector, Hack, Non-U.S., Of Note

Toronto police have launched an investigation after as many as 179,000 Toronto Hydro customer account numbers were illegally accessed in the company’s e-billing system.

Toronto Hydro says it contacted police early last week after detecting unusual activity in its electronic billing system.

“We saw some unusual activity on our systems, and whenever there is more than the normal use of our system, the system shuts down and notifies IT staff,” said David O’Brien, president and CEO of Toronto Hydro.

“What was being accessed was the file that contained the customer account number, their name and address. We’re very confident it doesn’t go deeper than that, no financial information was obtained,” said O’Brien.


[From the article:

O'Brien added that the company was concerned the e-billing information would be used to contact customers to improperly obtain personal financial information or payment by credit card.

… "We think it's an important enough issue for all our customers to be aware of, not just those who were affected," said O'Brien.

But even organizations that are serious about security make “boo-boos”

Data Detailing New York Stock Exchange Network Exposed on Unsecured Server

By Kim Zetter Email Author * July 28, 2009 | * 1:51 pm

Sensitive information about the technical infrastructure of the New York Stock Exchange’s computer network was left unsecured on a public server for possibly more than a year, Threat Level has learned.

The data, which was removed after Threat Level disclosed the situation to the NYSE, included several directories of files containing logs; server names; IP addresses; lists of hardware; lists of software versions running on the network; and configuration and patch histories, including what patches have not yet been installed.

… The information could allow an intruder to map the NYSE’s network architecture and determine what vulnerabilities exist in the system.

From the “1984 Collection”

CDT report on privacy concerns surrounding “Einstein”

July 28, 2009 by Dissent Filed under Govt, Surveillance, U.S.

The Center for Democracy & Technology today released a report outlining a series of privacy and legal questions that surround the government computer monitoring system known as “Einstein.” The report calls on the Administration to release information about the legal authority for Einstein, the role of the nation’s top spy agency, the National Security Agency, in its development and operation, and the impact of Einstein on the privacy.

CDT’s Report on Einstein Cybersecurity System [PDF], July 28, 2009:

[From the report:

However, Einstein 3, unlike its predecessor, will have the added capability of reading the content of email and other Internet traffic, according to the Wall Street Journal story.


Air Force on the Hunt for ‘Subversive’ Behavior Online

By Shelley Dubois Email Author * July 28, 2009 | * 11:51 am

The Air Force’s geek squad wants the technology to monitor government employees’ deviant online behavior. And they want you to build it.

Today, the Air Force issued a call for proposals from small businesses, with this objective: “Define, develop, and demonstrate innovative approaches for determining ‘good’ (approved) versus ‘bad’ (disallowed/subversive) activities, including insiders and/or malware.”

Automated crime does seem to pay. Compare a 3% success rate with an almost zero percent arrest rate.

Report finds fake antivirus on the rise

by Elinor Mills July 29, 2009 12:57 AM PDT

Malware posing as antivirus software is spreading fast with tens of millions of computers infected each month, according to a report to be released on Wednesday from PandaLabs.

PandaLabs found 1,000 samples of fake antivirus software in the first quarter of 2008. In a year, that number had grown to 111,000. And in the second quarter of 2009, it reached 374,000, Luis Corrons, technical director of PandaLabs said in a recent interview.

About 3 percent of the people who see the fake warnings fall for it, forking over $50 for an annual license or $80 for a lifetime license, according to Corrons.

What are their lawyers advising?

Real-World Consequences of Social Networking Posts

Posted by kdawson on Tuesday July 28, @01:47PM from the world-is-watching dept.

gbulmash sends in a classic Streisand Effect story of a Chicago landlord suing a tenant over a tweet complaining of mold in her apartment. The landlord claims that the tweet caused $50,000 damage to their reputation. If it didn't, then the fallout from their own ill-advised lawsuit surely will. The woman's Twitter account is now gone (possibly on advice of counsel), but the tweet that started it all lives on. [Click here to contribute to the Streisand Effect Bob] And in a similar vein, reader levicivita notes a firing over a political comment on a Facebook page.

"Lee Landor, who had been the deputy press secretary to Manhattan Borough President Scott M. Stringer since May, posted comments on her Facebook page criticizing Mr. Gates [Harvard scholar Henry Louis Gates Jr.] and the president, whom she referred to at one point as 'O-dumb-a.' ... The borough president has accepted Ms. Landor's resignation, effective immediately."

(Related) Would this be the equivalent of a male teacher asking the girls to share their diary? No indication of the reason behind this was given

Pearl district sued over alleged Facebook incident

July 29, 2009 by Dissent Filed under Court, Internet, U.S., Youth

The family of Mandi Jackson, a Pearl High School student in Mississippi, is reportedly suing the school district for $50 million, alleging that their daughter is being shunned after a cheerleading coach read e-mails on her Facebook account two years ago and shared the emails with others.

On Sept. 10, 2007, Hill allegedly asked members of the squad to give her their user names and passwords to Facebook, a social networking Web site.

Mandi was sidelined from cheerleading after a coach read an exchange between her and another student that contained profanity — and has allegedly been sidelined ever since.

The family alleges the district violated Mandi Jackson’s constitutional rights to free speech, due process and privacy by reading her e-mails. The family also is accusing the district of defamation of character and cruel and unusual punishment by not allowing her to participate in cheerleading.

Read more in The Clarion Ledger.

What is Apple saying here? “Our iPhones are a threat to National Security unless everyone plays by our rules?” Does the FCC know about this? Did Homeland Security approve putting a WMD in the hands of the public? Should we make Apple recall the iPhone?

iPhone Jailbreaking Could Crash Cellphone Towers, Apple Claims

By David Kravets Email Author July 28, 2009 4:18 pm |

The nation’s cellphone networks could suffer “potentially catastrophic” cyberattacks by iPhone-wielding hackers at home and abroad if iPhone owners are permitted to legally jailbreak their shiny wireless devices — that’s what Apple claims. [If terrorists jailbreak illegally there is no threat? Bob]

The Copyright Office is considering a request by the Electronic Frontier Foundation to legalize the widespread practice of jailbreaking, in which iPhone owners hack their devices to accept software that hasn’t been approved for distribution through the iPhone App Store. Apple made the claim in comments filed last week (.pdf) with the agency.

The company’s filing explained that jailbreaking could allow hackers to altering the iPhone’s BBP — the “baseband processor” software, which enables a connection to cell phone towers.

By tinkering with this code, “a local or international hacker could potentially initiate commands (such as a denial of service attack) that could crash the tower software, rendering the tower entirely inoperable to process calls or transmit data,” Apple wrote the government. [Most likely the tower would reboot. Bob]

… Threat Level had no idea the iPhone was so dangerous. We’re gratified that Apple locked down this potential weapon of mass disruption before hackers could unleash cybarmageddon.

… Apple also claimed that jailbreaking would pave the way for hackers to alter the Exclusive Chip Identification number that identified the phone to the cell tower, which could enable calls to be made anonymously. Apple said “this would be desirable to drug dealers.”

(Related) “Yes, it is probably illegal or immoral, but it allows us to hold onto market share until the government makes us stop.”

Apple Rejects Google Voice App, Invites Regulation

By Ryan Singel Email Author * July 28, 2009 | * 1:29 pm

… The official explanation is that these apps duplicate features on the iPhone, but the real reason is that these particular “duplications” strike at the core of the services offered by exclusive U.S. partner AT&T.

Undo reliance or merely user error? Nothing new though, Columbus was looking for India but typed in Indiana.

Tourists miss isle after GPS blunder

Tue Jul 28, 8:36 am ET

ROME (Reuters) – Two Swedes expecting the golden beaches of the Italian island of Capri got a shock when tourist officials told them they were 650 km (400 miles) off course in the northern town of Carpi, after mistyping the name in their GPS.

Forrester needs to revise its methodology. It recognizes that radio and nwespapers have on online and offline component, but isn't treating TV the same way.

Overall time spent online remains static

by Dara Kerr July 28, 2009 5:16 PM PDT

The amount of time people spend online has not increased since last year, according to a report released by Forrester on Monday. Perhaps more interesting, however, is the reason for the trend: people's online behavior has changed.

"Engagement with the online channel has deepened," writes Forrester analyst Jackie Anderson. "Web users are becoming savvier and are better multi-taskers. Many know exactly where they want to go when they log in."

The report, titled "Consumer Behavior Online: A 2009 Deep Dive," shows that overall time spent on the Internet has remained at 12 hours per week. This bucks the trend from 2004 to 2007, when Internet use grew significantly.

Tools & Techniques Avoid those pesky RIAA Torrent detectors Hide Torrents Inside PNG Images

Tools & Techniques Something for the avid reader. Add these RSS feeds to your Reader and you get notified when new books hit the market!

How To Track Your Favourite Author’s New Book Releases Online

Jul. 28th, 2009 By Mark O'Neill

… I am a big fan of Fantastic Fiction – my reading list is so huge that FF helps me to keep on top of new releases by the best in the business. But up until now, the only way to check up on each author was to individually go to their FF page.

This as you can imagine was very time-consuming and I silently hoped that one day they would introduce RSS feeds. That hoping seems to have worked as each FF page now has its own unique RSS feed which will alert you to that author’s new book releases.

Using the site is simple.

First, just use the search engine to find the author’s page.

You’ll then be taken to his page and part of the way down, on the right hand side, is a small RSS icon.

Click on the icon and you will be taken to your default RSS reader (mine is Google Reader) and you will then see his new book scheduled for release in a couple of months.

Tuesday, July 28, 2009

Isn't it interesting how the size of the breach always grows beyond the initial announcement?

Update on Alico breach

July 27, 2009 by admin Filed under Breach Incidents, Business Sector, ID Theft, Non-U.S.

Insurance firm Alico Japan said Monday the suspected leakage of its customers’ credit card information may have led to about 2,200 cases of credit card fraud, more than twice as many as in its previous announcement.

Kazuyuki Takahashi, representative of the Japanese insurer affiliated with American International Group Inc, told a press conference that credit card information related to up to 130,000 insurance contracts may have been leaked, up from the previously estimated 110,000.


The company initially said information on customers who subscribed to Alico insurance policies between July 2002 and May 2008 had been leaked.

But the company said Monday that information on customers who took out policies before July 2002 and changed their payment method to credit card afterward has also been leaked, bringing the total cases of leakage to 130,000.

Source: Japan Today.

You don't need a cell phone to be tracked down.

Taspo data not kept private

July 27, 2009 by Dissent Filed under Businesses, Non-U.S.

The Tobacco Institute of Japan, the industry body of tobacco manufacturers, has turned over vending machine logs on individuals’ cigarette purchases and their personal information to prosecutors for investigative purposes, informed sources said.

The logs showing the use of taspo smart cards included records of when and at which vending machines the smokers bought cigarettes, as well as their dates of birth, addresses and phone numbers, the sources said.

There has been at least one case in which the logs helped investigators find a person they were looking for, the sources said.

Taspo cards, issued by the institute, are required to buy cigarettes from vending machines. The cards are issued only to adults aged 20 and older to block smoking by minors.

This appears to be the first time the use of taspo logs by criminal investigative authorities has become public knowledge.

We have your dossier and we're not afraid to use it!

Bennett has no regrets over welfare details

July 27, 2009 by Dissent Filed under Breaches, Govt, Non-U.S.

The [New Zealand] Government’s making no apologies for revealing the welfare payments of two solo mums.

Natasha Fuller, who is taking home $715 a week and Jennifer Johnston, who gets $554, have both have been complaining about their tertiary training allowances being axed.

Social Development Minister Paula Bennett says they’ve chosen to go public with their plight but haven’t been telling the full story.

Read more on TVNZ.

[From the article:

However, Bennet is being accused of being over the top in responding to criticism of cuts to training allowances.

Labour leader Phil Goff says those who criticise should expect scrutiny, but he believes the Government's actions are excessive.

"You don't expect to see the full weight of the state, and use of Government departments, to breach people's privacy in such a way," says Goff.

… Now, Labour is laying down the gauntlet to Bennett by challenging her to reveal what benefits she received before she became an MP.

Labour Social Development spokeswoman Annette King says Bennett was on the DPB herself off and on for five years and also received training allowances.

It's not nice to insult Mother nature!”

Google flames Tory MP Davis on privacy claims

July 27, 2009 by Dissent Filed under Businesses, Non-U.S.

Google had better hope former Tory shadow minister David Davis doesn’t return to a senior role in a future Conservative government. Its chief privacy counsel Peter Fleischer has given Davis a tongue-lashing for opposing Google Health and criticising Google’s privacy record.

Davis was writing in The Sunday Times in opposition to Tories’ wish to give citizens ownership and transportability of their health records. But a furious-sounding Fleischer, on Google’s European policy blog, lambast the “polemicists who abuse the truth” including Davis for his “extraordinary attack, riddled with misleading statements”.

Google Health isn’t yet available in the UK, Fleischer wrote, countering Davis’ views that Google is “hostile to privacy”, European privacy law “does not apply to it”, its launch in China was an “amoral deal” and that Google is “exploiting its customers’ private data”.

Read more on PaidContent.

Obviously some bands actually look at the sales figures. No doubt the RIAA would claim sales went up for a completely unrelated (but copyrighted, so we can't talk about it) reason.

Pirated’ Youtube Clip Boosts Band’s Album Sales

Written by Ernesto on July 27, 2009

If the major record labels are to believed, they lose millions of dollars due to YouTube pirates. But is this really the case? While anti-piracy outfits try to have all infringing music taken offline or have the audio on pirated YouTube clips disabled, the band Barcelona responded with a video thanking a video uploader for using their song.

Every day hundreds of thousands of clips are uploaded to YouTube, some of which use copyrighted music. Of course the major record labels argue that these illegal uploads are killing their profits as people buy less music when YouTube users add a track to a home made video.

Not everyone in the music business agrees with this assessment though. When the indie rock band Barcelona saw one of its latest tracks featured in a viral video with nearly a million views, they responded quite differently. They claim that the clip below actually boosted their album sales and concert visits.


Music Industry Thriving In an Era of File Sharing

Posted by kdawson on Tuesday July 28, @02:21AM from the told-you-so dept.

levicivita notes ZeroPaid coverage of a recent study by the UK music industry's own economist showing that overall UK music industry revenues were up in 2008 (study, PDF). The study is titled "Adding up the Music Industry for 2008" and it was authored by Will Page, who is the Chief Economist at PRS for Music, a UK-based royalty collecting group for music writers, composers, and publishers. From ZeroPaid:

"[T]he music industry is growing increasingly diverse as music fans enjoy a wide range of platforms to hear and consume music. Sales of recorded music fell 6% for example, digital was up 50% while physical dropped 10%, but concert ticket sales grew by 13%. In terms of what consumers spent on music as a whole last year, this surprisingly grew by 3%."

(Related) Apple faces a dilemma.

Spotify Looks To The iPhone

July 28, 2009 | by Christopher Nickson

Spotify, the music streaming service that's already big in Europe, has submitted an iPhone application.

… With its large library, ease of use, and free service (with ads), it’s be hailed as an iTunes killer, putting it in direct competition with one of Apple’s most cherished services.

If accepted, the application will be free to download, but will require a premium subscription, costing around $15 a month and ad free) to use.

(Speaking of Pirates) This has the potential to lower the sale price.

OK, Sell The Pirate Bay - Everyone Will Have a Copy Soon

Written by enigmax on July 27, 2009

The Pirate Bay tracks half the world’s torrents and it’s getting sold, which might be viewed as a bit of a disaster for the BitTorrent world. But The Pirate Bay isn’t really needed anymore, GGF can have it in August as planned and not much will change. All of the torrents will survive and carry on working. It’s time to pirate The Pirate Bay.

Interesting. It might be the basis of corporate policies as well.

U.K. Government Issues Official Twitter Guide For Employees

July 28, 2009 | by Christopher Nickson

[The guide is available at:

Expect new laws? Perhaps a DWT (Driving while Texting?)

Study: Texting while driving increases crash risk 23-fold

by Jennifer Guevin July 27, 2009 10:49 PM PDT

Interesting. I suspect SAS turned them down. Perhaps my Statistics students will be more inclied to pay attention? Naaaaa...

IBM to acquire analytics provider for $1.2 billion

by Lance Whitney July 28, 2009 6:47 AM PDT

IBM will buy analytics and information forecaster SPSS for $1.2 billion in cash, the companies said Tuesday.

IBM is paying $50 per share for the publicly traded company, which closed Monday on Nasdaq at $35.09.

For a select few of my students...

Talent search is on for cybersecurity students

by Elinor Mills July 27, 2009 4:52 PM PDT

The U.S. government on Monday launched a national talent search for high school and college students interested in working in cybersecurity.

With the U.S. Cyber Challenge the goal is to find 10,000 young Americans to be "cyber guardians and cyber warriors," according to a statement from the Center for Strategic & International Studies, which is sponsoring the event.

… There are three competitions that make up the U.S. Cyber Challenge: CyberPatriot network defense high school competition conducted by the Air Force Association; DC3 Digital Forensics Challenge conducted by the U.S. Department of Defense Cyber Crime Center; and NetWars, a vulnerability discovery and exploitation competition conducted by the SANS Institute.

Candidates with promising skills will be invited to attend regional camps at local colleges beginning next year. The top candidates will be hired by the National Security Agency, the FBI, Defense Department, US-CERT, and the U.S. Department of Energy Laboratories.

Tools & Techniques Now you can steal LOTS of data with the handy dandy pocket sized hard drive!

Western Digital Puts a Terabyte in Your Pocket

July 27, 2009 | by Geoff Duncan

… The drives measure just 3.1 inches long, 5 inches wide, and 0.6 inches deep; they weigh just over 6.3 ounces.