Wednesday, March 17, 2010

Interesting that the UK tax people would rely on data taken illegally. I wonder if they have any way to confirm the data?

http://www.databreaches.net/?p=10654

UK To Acquire Stolen Private Banking Data Of HSBC In Switzerland

March 16, 2010 by admin

Tom Burroughes reports:

The UK government is to acquire the Swiss bank account details of up to 6,600 wealthy UK citizens suspected of evading tax after information was stolen from HSBC’s private bank in Switzerland by a software engineer, the Sunday Times (of London) reported.

The report comes shortly after it was reported that the Swiss authorities are to investigate the matter. HSBC’s private bank has apologised to clients about the theft, which affected a total of 24,000 accounts, of which 15,000 were in use at the time of the theft about three years ago.

HSBC told WealthBriefing that it has fewer than 6,000 UK clients of its Swiss private bank – a figure which is at odds with the newspaper’s report. The bank said it was unable to make further comment at this stage.

The UK tax authority declined to comment on the matter.

Read more on WealthBriefing.



Notice that the changes in volume or price were sufficient to bring these trades to the SEC's attention. Also notice that they never mention that they did notice it...

http://www.wired.com/threatlevel/2010/03/manipulated-stock-prices/

SEC: Hacker Manipulated Stock Prices

By David Kravets March 16, 2010 2:14 pm

U.S. regulators are moving to freeze the assets and trading accounts of a Russian accused of hacking into personal online portfolios and manipulating the price of dozens of stocks listed on the Nasdaq Stock Market and New York Stock Exchange.

A New York federal judge on Tuesday sided with the Securities and Exchange Commission and froze the assets of Broco Investments, believed to be a one-trader operation based in St. Petersburg, Russia. The SEC said Broco capitalized by artificially moving prices of more 38 thinly traded securities — enabling Broco to profit from up-or-down price swings.

“These transactions have created the appearance of legitimate trading activity and have artificially affected the prices of at least 38 issuers,”(.pdf) the Securities and Exchange Commission said in court filing.

… Broco would purchase these and other stocks in its own portfolio and immediately place unauthorized buy orders at inflated prices of the same securities in hacked Scottrade accounts, the SEC said.

“Immediately or shortly thereafter, the defendants capitalized on the artificially inflated share prices of the targeted securities by selling the shares previously acquired in their account,” the SEC alleged. “In other instances, the defendants profited by covering short positions previously established in their account while placing unauthorized sell orders through the compromised accounts at substantially lower prices.”

Along the way, victims lost $600,000 in market value the last few months alone, the SEC said. And Broco, believed to be a one-person company run by Valery Maltsev, reaped $255,000 in ill-gotten gains during the same time.

Daily trading volume in Pennsylvania-based financial services company AmeriServe Financial averaged about 11,300 shares in from Dec. 1 to Dec. 20, the SEC said. The next day, volume increased 20 times. At least 200,000 shares were bought and sold through Broco or hacked Scottrade accounts, allowing Broco to leverage the prices for its own profits.

“Broco grossed $141,500 in approximately 15 minutes,” the SEC said.



Not a problem if you are working on your desktop, but serious implications for “Cloud Computing.”

http://tech.slashdot.org/story/10/03/16/1939227/MS-Virtual-PC-Flaw-Defeats-Windows-Defenses?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

MS Virtual PC Flaw Defeats Windows Defenses

Posted by kdawson on Tuesday March 16, @06:01PM

Coop's Troops writes

"An exploit writer at Core Security Technologies has discovered a serious vulnerability that exposes users of Microsoft's Virtual PC virtualization software to malicious hacker attacks. The vulnerability, which is unpatched, essentially allows an attacker to bypass several major security mitigations — DEP, SafeSEH and ASLR — to exploit the Windows operating system. As a result, some applications with bugs that are not exploitable when running in a not-virtualized operating system are rendered exploitable if running within a guest OS in Virtual PC."



This is absolutely true, if you assign a very low value to “Trust” and “Reputation.” I hope senior management has more sense, but hope rarely wins in the face of bigger bonuses.

http://news.slashdot.org/story/10/03/16/1931214/Users-Rejecting-Security-Advice-Considered-Rational?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Users Rejecting Security Advice Considered Rational

Posted by kdawson on Tuesday March 16, @04:32PM

WeeBit writes

"Researchers have different ideas as to why people fail to use security measures. Some feel that regardless of what happens, users will only do the minimum required. Others believe security tasks are rejected because users consider them to be a pain. A third group maintains user education is not working. [Microsoft Research's Cormac] Herley offers a different viewpoint. He contends that user rejection of security advice is based entirely on the economics of the process."

Here is Dr. Herley's paper, So Long, And No Thanks for the Externalities: The Rational Rejection of Security Advice by Users (PDF).



File this in the “Lessons to be learned before we share electronic Health Records”

http://www.phiprivacy.net/?p=2238

Caterers ‘had access to patient files’

By Dissent, March 17, 2010 8:07 am

Paul Melia reports in Ireland:

Catering staff were able to access confidential patient information held on a €60m HSE record system which is being rolled out across the country.

Workers in Kerry General Hospital were able to access information including the patient’s name, address, admission, discharge date and doctor information, an internal audit of the system last year found.

And the audit warned of five “high-level” security risks in the Integrated Patient Management System (IPMS) which is used by 10 acute hospitals and 20 HSE centres.

While no clinical data had been uploaded on to the system at the time of the breach, it also found there was no national security policy on how to protect patient records and that some hospitals were just using the new system to replace older technology. Fine Gael health spokesman Dr James Reilly last night said that unless doctors and patients were confident that information would remain confidential, they would not co-operate.

Read more in The Independent.



Is this really a “privacy” issue? Looks more like a fraud case to me.

http://www.phiprivacy.net/?p=2236

Patient Loses Privacy Claim Against Doctor

By Dissent, March 16, 2010 7:52 pm

Jeff Gorman reports:

A doctor did not violate a patient’s privacy by telling her case workers that she needed to stop taking prescription drugs, the Tennessee Court of Appeals ruled.

Teresa Gard suffered a back injury on the job and sought treatment from Dr. Dennis Harris.

However, Harris stopped seeing Gard after watching a surveillance video of her activities, which was supplied to him by an insurance company. The video showed Gard riding in a boat, bending over in her front yard and entering a car without pain.

Read more on Courthouse News.

Related: Opinion in Gard v. Harris (pdf)



Aren't most new cars equipt with these devices? Individually, they might be somewhat useful, but if we had a “national database” what could we learn?

http://www.pogowasright.org/?p=8370

Texas Congressman Proposes a Mandate for Automobile Recording Devices

March 16, 2010 by Dissent

Shelley Childers reports:

A Texas congressman is planning to introduce legislation that would mandate electronic data recorders, also known as black boxes, in all new cars and trucks.

[...]

And Congressman Gene Green from Texas says this legislation is especially relevant considering the massive Toyota recall saying, “As we witnessed in the Toyota hearing, there is a demonstrated need of detailed crash information.”

But many are concerned that mandating a recording device breaches privacy.

Read more on CBS.



It's sort of a “don't ask, don't tell” kind of logic. If we pretend nothing 'illegal, immoral, or fattening” is happening, then we don't need to spend time thinking about it.

http://yro.slashdot.org/story/10/03/16/1857259/Federal-Agents-Quietly-Using-Social-Media?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Federal Agents Quietly Using Social Media

Posted by kdawson on Tuesday March 16, @03:45PM

SpuriousLogic passes along this excerpt from the ChiTrib:

"The Feds are on Facebook. And MySpace, LinkedIn, and Twitter, too. US law enforcement agents are following the rest of the Internet world into popular social-networking services, going undercover with false online profiles to communicate with suspects and gather private information, according to an internal Justice Department document that offers a tantalizing glimpse of issues related to privacy and crime-fighting. ... The document... makes clear that US agents are already logging on surreptitiously to exchange messages with suspects, identify a target's friends or relatives and browse private information such as postings, personal photographs, and video clips. Among other purposes: Investigators can check suspects' alibis by comparing stories told to police with tweets sent at the same time about their whereabouts. Online photos from a suspicious spending spree... can link suspects or their friends to robberies or burglaries."

The FoIA lawsuit was filed by the EFF, which has posted two documents obtained from the action, from the DoJ and Internal Revenue (more will be coming later). The rights group praises the IRS for spelling out limitations and prohibitions on deceptive use of social media by its agents — unlike the DoJ. The US Marshalls and the BATFE could not find any documents related to the FoIA request, so presumably they have no guidelines or prohibitions in this area.



Maybe they are serious? Can they make China back down? (I kinda doubt it...)

http://www.msnbc.msn.com/id/35886780/ns/business-world_business

Google appears to drop censorship in China

Internet giant denies change, but famous ‘Tank Man’ picture now accessible



Having lots of data can be extremely useful but also extremely difficult to store and analyze. This is forcing small businesses into the Cloud.

http://techcrunch.com/2010/03/16/big-data-freedom/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29

Big Data Is Less About Size, And More About Freedom

by Guest Author on Mar 16, 2010

Editor’s note: Big Data has been around for a long time between credit card transactions, phone call records and financial markets. Companies like AT&T, Visa, Bank of America, Ebay, Google, Amazon and more have massive databases they mine for competitive advantage. But lately, Big Data is finding its way to the smallest startups. The Web and cloud computing brings Big Data everywhere. But what exactly is pushing Big Data forward?

To answer that we brought in an expert, Bradford Cross. Bradford is the Co-Founder and Head of Research at FlightCaster. [ … ] The company analyzes large data sets to predict flight delays. Bradford is chair of the Dealing with Big Data track at Cloud Connect this week.


(Related)

http://techcrunch.com/2010/03/16/spotify-bigger-than-sweden/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29

Spotify Consumes More Internet Capacity Than All Of Sweden


(Related) It's not that Google lost visitors, it's that there are more visits per user...

http://consumerist.com/2010/03/report-facebook-beats-google-for-webs-most-visited-site.html

Report: Facebook Beats Google For Web's Most-Visited Site



If students don't know how to use tools on the Internet when they start researching, they will by the time they earn a passing grade!

http://news.slashdot.org/story/10/03/16/2049229/How-Students-Use-Wikipedia?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

How Students Use Wikipedia

Posted by kdawson on Wednesday March 17, @07:09AM

crazybilly writes

"First Monday recently released a study about how college students actually use Wikipedia. Not surprisingly, they found, 'Overall, college students use Wikipedia. But, they do so knowing its limitation. They use Wikipedia just as most of us do — because it is a quick way to get started and it has some, but not deep, credibility.' The study offers some initial data to help settle the often heated controversy over Wikipedia's usefulness as a research tool and how it affects students' research."



In theory, you can clip a scene from any movie and download it. I'll get a copy of “We don't need no stinking badges!” (Not many movies online yet.)

http://anyclip.com/?utm_source=Wait-List&utm_campaign=4c40f9b739-SXSW_Launch3_15_2010&utm_medium=email

AnyClip

No comments: