Tuesday, July 13, 2010

Should an Insurance company understand the risks of transporting personal information? Would they insure a company that had this little control over its data?

http://www.databreaches.net/?p=12407

Marsh and Mercer report lost backup tape

July 12, 2010 by admin

On June 23, insurance broker Marsh and Mercer notified the New Hampshire Attorney General’s Office that in April, a back up tape being transported by a third party courier between Marsh offices was lost. The tape contained employee benefits information such as names, addresses, Social Security Numbers, dates of birth, and drivers’ license numbers, and account information. The data were managed by Marsh’s Association business, which operates through Seabury & Smith.

The company states that because of the “complex nature of the security of an information on the tape, and the technical measures which are necessary to determine and analyze the data elements on the tape,” they were still investigating the matter as of the date of their notification. [Translation: We have no idea what we are doing. Bob]

The total number of individuals with data on the backup tape was not indicated, but they report that 121 New Hampshire residents had data on the tape.


(Related) Is this an attempt to use “less stick and more carrot?” We already have the “encryption is a get out of jail free card” for security breaches, will this add more “checklist security: items?

http://news.slashdot.org/story/10/07/12/1950221/White-House-Tackling-the-Economics-of-Cybersecurity?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

White House Tackling the Economics of Cybersecurity

Posted by Soulskill on Monday July 12, @04:39PM

"White House Cybersecurity czar Howard Schmidt will be hosting a meeting Wednesday with the Secretaries of DHS and Commerce in which he is expected to discuss the administration's new attempt to change the economic incentives surrounding cybersecurity. Right now, launching attacks on private companies is so cheap and relatively risk-free that there's almost no way that industry can win. The White House could be considering things like tax incentives, liability and insurance breaks, and other steps to try and get companies to invest in protecting their networks. It's also likely to dovetail with a step up in enforcement, so hackers be wary."



I wonder how my Computer Security students would go about creating a 'honey pot' on their laptops. Having the built-in video camera snap a picture of the thief has been popular. The other half of the question is, how do you recover the laptop given all the evidence you can gather?

http://ask.slashdot.org/story/10/07/12/2253218/Retrieving-a-Stolen-Laptop-By-IP-Address-Alone?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Retrieving a Stolen Laptop By IP Address Alone?

Posted by kdawson on Monday July 12, @09:37PM

"My vehicle was recently burglarized while parked in a university parking lot in a midwestern state. My new Dell laptop was stolen from the car, along with several other items. I have no idea who might have done this, and the police say that without any idea of a suspect, the best they can do is enter the serial number from my laptop in a national stolen goods database in case it is ever pawned or recovered in another investigation. I had Thunderbird set up on the laptop, configured to check my Gmail through IMAP. Luckily, Gmail logs and displays the last 6 or 7 IP addresses that have logged into your account. I immediately stopped using that email account, cleared it out, and left the password unchanged — creating my own honeypot in case the criminal loaded Thunderbird on my laptop. Sure enough, last week Gmail reported 4 accesses via IMAP from the same IP address in a state just to the east of mine. I know that this must be the criminal who took my property, since I've disabled IMAP access to the account on all of my own computers. The municipal police say they can't intervene in the case since university police have jurisdiction over crimes that take place on their land. The university police department — about 10 officers and 2 detectives — don't even know what an IP address is. I even contacted the local FBI office and they said they're 'not interested' in the case despite it now crossing state lines. Am I chasing my own tail here? How can I get someone to pay attention to the fact that all the police need to do is file some RIAA-style paperwork to find the name associated with this IP address and knock on the right door to nab a criminal and recover my property? How can I get my laptop back — and more importantly — stop this criminal in his tracks?"



Is this a general trend by the FTC to hold companies to their Privacy Policy or is it on their radar only because of the 'special circumstances' of the subscribers?

http://yro.slashdot.org/story/10/07/13/0053250/FTC-Warns-Site-Not-To-Sell-Personal-Data?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

FTC Warns Site Not To Sell Personal Data

Posted by kdawson on Tuesday July 13, @05:14AM

"The US Federal Trade Commission has warned two people associated with a now-defunct magazine and Web site for gay teens and young men that they would violate the privacy promises the publication made to subscribers by selling their personal information during a bankruptcy proceeding. The FTC, in a letter sent earlier this month, also suggested that the owners of XY Magazine and XY.com would be violating the privacy standards the company had in place before shutting down if they used the subscribers' personal information in a relaunch of the magazine or website. The personal information is listed as part of the debtor's estate in a New Jersey bankruptcy proceeding for Peter Ian Cummings, editor and founder of the magazine. Before the magazine's demise, many of the subscribers lived at home with parents."



I'd like to see a simple way to filter the RSS feeds.

http://www.bespacific.com/mt/archives/024700.html

July 12, 2010

National Archives Unveils New Federal Register 2.0 Web Site to Mark 75th Anniversary

News release: "To mark the 75th anniversary of the Federal Register Act on July 26, 2010, the National Archives Office of the Federal Register (OFR) and the Government Printing Office (GPO) will launch FR 2.0 on FederalRegister.gov. The FR 2.0 web site will be similar to a daily web newspaper, with a clear layout and new tools to guide readers to the most popular topics and relevant documents. The site will display individual news sections for Money, Environment, World, Science & Technology, Business & Industry, and Health & Public Welfare. FR 2.0 will have greatly improved navigation and search tools and will highlight each agency’s significant rules. The new web site takes advantage of social media and integrates seamlessly with Regulations.gov and the Unified Agenda to make it easy for users to submit comments directly into the official e-Rulemaking docket, and view the history of rulemaking activity through a regulatory timeline."



There are a few Youtube gems out there...

http://www.makeuseof.com/dir/keeptube-download-hd-videos-from-youtube

KeepTube: Download HD videos from Youtube, Dailymotion, Vimeo…

There are lots of tools out there to let you download videos from sites like YouTube and DailyMotion, but KeepTube is different. KeepTube is focused on letting you download High Definition and High Quality videos from 15 major video sharing sites.

www.keep-tube.com


(Related)

http://www.freetech4teachers.com/2010/07/view-pure-view-youtube-without-clutter.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+freetech4teachers%2FcGEY+%28Free+Technology+for+Teachers%29

View Pure - View YouTube Without the Clutter

View Pure is a simple little tool that strips YouTube viewing of all of the distractions of related videos, comments, and promoted videos. To use View Pure just copy the link of a video into the "purifier," click purify, and your video will be displayed on a blank white background. You can also install the View Pure bookmarklet to accomplish the same goal.



Students read textbooks? If so, this could be useful.

http://www.crunchgear.com/2010/07/12/nookstudy-barnes-nobles-free-digital-foray-into-the-education-market-lets-students-read-e-textbooks-take-fully-searchable-notes-highlights/

NOOKstudy: Barnes & Nobles’ free digital foray into the education market lets students read e-textbooks, take fully searchable notes & highlights

Barnes & Noble has developed NOOKstudy, a free (as in beer) software suite that could make the average college student’s life a little easier. The software, which will be available for the PC and Mac, gives students the ability to download and organize electronic textbooks, as well as keep all of their notes, syllabuses, and so on in one safe place. Handy. And no, you don’t need a nook to use NOOKstudy.

Some of the details seem promising. Students can read multiple textbooks (or other sources) simultaneously, and they’re able to highlight and take notes from right within the software. Even more importantly, any notes or highlights you make are completely searchable. So, if you’ve highlighted an important paragraph on page 12 of chapter 4 in SomeBook, well, you can easily pull it up long after you’ve turned off your computer.

No comments: