Saturday, June 05, 2010

An interesting argument...

(follow-up) Insurer says it’s not liable for University of Utah’s $3.3M data breach

June 5, 2010 by admin

Jaikumar Vijayan has a bit more on the suit filed by Colorado Casualty Insurance Co., who does not want to pay out for Perpetual Storage’s data breach involving the University of Utah. I thought the suit had been filed last month but it seems that it was just filed last week. Read more on Computerworld.

[From the article:

The breach occurred when burglars stole back-up tapes containing sensitive data on 1.7 million patients at the University's hospitals and clinics. The tapes were on their way to a storage facility when they were stolen from a car belonging to an employee at Perpetual Storage Inc., a Utah-based data storage company used by the University.

… The company claimed that the coverage it provided for Perpetual Storage did not mean it was obligated to pay any claims or judgments that the University might obtain against Perpetual as a result of the breach.

When sorrows come, they come not single spies, but in battalions

Lawsuits over Google Wi-Fi sniffing pile on

June 5, 2010 by Dissent

Robert McMillan reports:

Nearly three weeks after admitting that it had sniffed sensitive data from open wireless networks around the world, Google is now facing at least seven U.S. class-action lawsuits over its practice.


John Simpson, an advocate with California’s Consumer Watchdog, says that he’s not surprised to see so many class action lawsuits. “I think the reason that there are so many is because this is such an egregious intrusion into people’s personal privacy,” he said.

People don’t expect to have their Internet communications recorded, he said. [“People” might not, but my Computer Security students certainly do. Can you make your ignorance the basis for a lawsuit? Bob] “They may be na├»ve, but the average person is not a technologist, and when he or she sends an e-mail or communicates data to another Web site, they don’t expect that somebody’s going to come along and snoop and suck up that data and log it in their server for future analysis.”

Read more in the San Francisco Chronicle.

In related coverage, McMillan also reports that the Missouri Attorney General has sent Google a letter:

Missouri Attorney General Chris Koster is asking Google to answer questions about how the company’s widespread wireless-network sniffing activities may have affected local residents.

In a letter to Google Friday, Koster says it’s not clear whether Google broke state law, but adds that “there can be no doubt that the company’s conduct implicates the privacy concerns of Missouri residents.” [Must be lawyer speak (or faulty journalism) because I see no implicature. Quite the reverse. But that may just be the semanticist talking. Bob]

(Related) Google street view.

Germany Finds Kismet, Custom Code In Google Car

Posted by Soulskill on Friday June 04, @03:27PM

"While waiting for a hard disk of Wi-Fi data that Google says its Street View cars gathered by mistake, the Hamburg Information Commissioner's office performed tests on a Google Street View car in a controlled environment with simulated wireless networks and issued the following statement: 'For the Wi-Fi coverage in the Street View cars, both the free software Kismet, and a Google-specific program were used. The Google-specific program components are available only in machine-readable binary code, which makes it impossible to analyze the internal processing.' [More difficult, but certainly not impossible – we do know what those instructions mean. Bob] Interestingly, a 2008 academic paper — Drive-by Localization of Roadside WiFi Networks (PDF) — describes a similar setup, and its authors discuss how they 'modified Kismet, a popular wireless packet sniffer, to optionally capture all packets received on the raw virtual interface.' Computerworld reports that lawyers in a class-action suit have amended their complaint to link a Google patent app to Street View data sniffing."

What happens when Privacy is not a design consideration.

NHTSA Complaint Database Oozes Personal Data

Posted by timothy on Friday June 04, @10:55PM

"Are your name, address, date of birth, driver's license number and Social Security number publicly available online? If you've been involved in an accident, they might be and you would never know. The Department of Transportation's National Highway Traffic Safety Administration solicits defect complaints from the public, which are hosted on NHTSA's public database. There are about 792,000 of these complaints currently online, and as the video at the link proves, many of them are improperly redacted. As a result, the most personal information imaginable is available to anyone who takes the time to troll the database. This is a clear violation of the Privacy Act of 1974, and NHTSA needs to shut down the database until it can control the personal data stored there."

The New Yorker covers Wikileaks

No Secrets

Julian Assange’s mission for total transparency.

I'm not sure if this is a tool to help you ensure your privacy or a simple “stalkers assistant”


Your personal information explorer

Poyozo is a Firefox extension that gathers and visualizes of your life's activities and information.

Currently, Poyozo imports your data from Google Calendar, Facebook, Listit, Skydeck, Twitter, Foursquare,, Dopplr, Flickr, Wesabe and is able to track your location, the local weather and your web browsing history from the Firefox browser. Also, Poyozo can import data from any RSS feed.

Is this the Internet equivalent of a newspaper article that identifies locations where you can buy drugs?

Publishing Locations Of Pirate Movies Is The Same As Hosting Them

Earlier, Dutch movie studio Eyeworks applied for a court injunction to stop Usenet community FTD from “making available to the public” their movie Komt een vrouw bij de dokter (A Woman At The Doctor).

In this case the “making available” wasn’t hosting or storing the movie, nor was it offering torrent or NZB links to it either. FTD allows users to report (or ’spot’) the locations of files which exist on Usenet. It is the publication of this information which Eyeworks was seeking to stop, an activity it believes is tantamount to publishing the movie itself.

… “I am flabbergasted by the court’s reasoning,” Engelfriet told TorrentFreak. “It is established caselaw that publishing hyperlinks or torrents (Mininova, Pirate Bay) is *not* the same as a publication. FTD does *less* than what Mininova or Pirate Bay does, but according to the court we are more liable than they are?”

Another “virtual” crime. What percentage of police resources should be spent investigating e-crimes?

Virtual Furniture Amounting To Thousands Stolen From Habbo Hotel

After 2007's mega-thousand thievery, more thieves have broken into the virtual Habbo Hotel and done away with thousands of dollars worth of furniture belonging to players. Up to 400 cases are being investigated now by Finnish police, would you believe.

Another reason to not use Facebook? Does this present a new/more valuable target for hackers? It certainly creates a trail for those overly 'clever,' audience-specific speeches that contradict each other. Perhaps it will force a return to simple, straight forward statements? Nah...

Facebook Launches U.S. Politics Page

Facebook has launched a page devoted to U.S. politics, located at

Rolled out at the Personal Democracy Forum in New York City, the page monitors how U.S. politicians, elected officials and political campaigns use Facebook to connect with citizens.


Google's Campaign Toolkit Will Make It Even Easier for Politicians to Annoy You Online

For your Security Manager and anyone using Windows Mobile

Malware found lurking in apps for Windows Mobile

by Elinor Mills June 4, 2010 3:52 PM PDT

Scammers are distributing apps for Windows Mobile-based smartphones that have malware hidden inside that makes calls to premium-rate numbers across the globe, racking up expensive bills unbeknownst to the phone's owner, a mobile security firm said on Friday.

Now this is interesting! HP deserves an 'atta-boy!'

Bletchley Park WWII archive to go online

Page last updated at 2:57 GMT, Saturday, 5 June 2010 3:57 UK

By Dhruti Shah BBC News

Electronics company Hewlett-Packard has donated a number of scanners to the centre in Milton Keynes so volunteers can begin the ground-breaking task.

Many of the records at the once-secret centre have not been touched for years.

… Simon Greenish, chief executive officer of the Bletchley Park Trust, said the plan was for the centre's entire archive to be digitised.

For my Small Business and Networking classes

How to Set Up a Small Business Computer Network

Think of it as “talking pictures” or is that name taken? Could be useful for my website students as “self-describing icons”

Friday, June 4, 2010

Fotobabble - Turn Pictures Into Audio Stories

Fotobabble is a free service that allows you to quickly turn a picture into an audio picture story. Using Fotoabble is easy, just upload an image to Fotobabble, allow Fotobabble to access your computer's microphone, and start recording your voice. You can comment on your photo, explain what's happening your photo, or tell a story related to your photo. When you've completed your recording you can save it in your Fotobabble account, contribute to a public gallery and or embed it into your blog.

Friday, June 04, 2010

How can you be “in control” of data you don't even know about? The first report in early February said 208,000. By the end of the month that had grown to 359,000.

(update) 860,000 more Avmed members may have had IDs stolen

June 3, 2010 by admin

Bob LaMendola reports:

An additional 860,000 Avmed members than originally thought may have had their identity data compromised when thieves stole two company laptops in December, officials said Thursday.

The laptops contained social security numbers and other personal information for as many as 1.2 million Floridians with Avmed health insurance, the company and state Attorney General said. The company said there’s no evidence any personal data was misused as a result of the theft.

Read more in the Chicago Tribune.

(Related) Again, this is no solution if you don't know who has your data or if the data is unencrypted during transfer.

UK: Call for ban on physical transfer of digital files

June 4, 2010 by admin

Andrew Charlesworth reports:

A complete ban on using physical media to transfer digital files has been called for in a recent report, which found that nearly one in five companies is still using couriers such as the postal system to send media containing large or sensitive files.

This is despite the well-publicised data breach caused when the HMRC misplaced a number of discs in 2007 and the publication of the Poynter Report two years ago.


Breaches do get a bit complicated...

Digital River sues over data breach

June 4, 2010 by admin

Dan Browning reports:

A massive data theft from the e-commerce company Digital River Inc. has led investigators to hackers in India and a 20-year-old in New York who allegedly tried to sell the information to a Colorado marketing firm for half a million dollars.

The Eden Prairie company obtained a secret court order last month to block Eric Porat of Brooklyn from selling, destroying, altering or distributing purloined data on nearly 200,000 individuals. Digital River suspects that the information was stolen by hackers in New Delhi, India, possibly with help from a contractor working for Digital River.

Read more in the Star Tribune.

[From the article:

"I fully suspect that Mr. Porat hacked the hacker," said Christopher Madel, an attorney with Robins, Kaplan, Miller and Ciresi who's overseeing Digital River's investigation.

Are these the best areas for research or the best research proposals?

Canada’s Privacy Commissioner awards $500,000 to 13 projects to advance frontiers of privacy research

June 3, 2010 by Dissent

Today, Privacy Commissioner Jennifer Stoddart announced the recipients of her Office’s 2010-11 Contributions Program, which funds privacy research and public education initiatives.

Recipients of this year’s Contributions Program are advancing research in a number of areas of interest to Canadians and others around the world:

* Targeted online advertising
* Data-sharing between governments and commercial organizations through national security programs at the border and at airports
* Video surveillance in public spaces by commercial organizations
* The privacy implications of patient websites, online health record databases and other “Health 2.0” tools

“The pace of technology has meant we must face new privacy challenges everyday – online, at the airport, on our streets and in our homes,” says Ms. Stoddart. “Research projects like these help all of us become better informed to meet those challenges.”

For a full list of the successful recipients and their projects from 2010-11, visit:

What happens online, stays online... Forever.

AU: Court uses Facebook to serve paternity test order

June 4, 2010 by Dissent

Kim Arlington reports:

In a case which highlights the difficulties of keeping a low profile when you have a Facebook account, a court has ordered that the social networking site be used to serve legal documents on an elusive father in a child support dispute.

The federal magistrate who made the order, Stewart Brown, said the Adelaide case was unusual but ”demonstrative of social movements and the currency of the times”.


It is believed to be only the second time in Australia that legal documents have been served via Facebook; a Canberra law firm used it in 2008 to serve notice of a judgment on two borrowers who defaulted on a loan.

Read more in The Age.

This just rubs me the wrong way, but it does serve to illustrate how lame the argument that all media is used to steal music and movies.

FTC Staff Discuss a Tax on Electronics To Support the News Business

Posted by timothy on Thursday June 03, @02:03PM

dptalia links to this piece describing a staff discussion draft from the Federal Trade Commission, writing

"The FTC is concerned about the death of the 'news.' Specifically newspapers. Rather than look to how old media models can be adapted to the Internet, they instead suggest taxing consumer electronics to support a huge newspaper bailout. Additionally, they suggest making facts 'proprietary' and allowing news organizations to copyright them."

Note, though, "The good news in all this is that the FTC's bureaucrats try hard to recommend little. They just discuss. And much of what the agency staff ponders are political impossibilities."

A (non-pornographic) graphic. Probably not for my Statistics students...

Sunday is most popular day for online porn

by Chris Matyszczyk June 3, 2010 3:36 PM PDT

Sometimes, statistics can go some way to defining the state of a civilization.

For my Website class

8 Places to Get Free Stock Photos

Thursday, June 03, 2010

"You was serious about dat?" -Vinny Gambino from: My Cousin Vinny

UK: West Berkshire Council takes action after losing children’s personal data

By Dissent, June 2, 2010 8:38 pm

West Berkshire Council is taking remedial action after the Information Commissioner’s Office (ICO) found it in breach [Losing the data meant nothing. Being found in breach is wat spurred the action. Bob] of the Data Protection Act (DPA) following the loss of a USB stick containing the sensitive personal information of children and young people.

The memory stick, which was unencrypted and not password protected, contained, among other things, information relating to the ethnicity and physical or mental health of the children. The ICO found that unencrypted devices, in operation before the council introduced encrypted memory sticks in 2006, were still being used by members of staff. [“Hey! If it ain't broken, why fix it!” Bob] Further enquiries revealed staff had not received appropriate training in data protection issues and monitoring of compliance with the council’s policies was found to be inadequate. This is the second data security incident reported by West Berkshire Council within six months. [Apparently they didn't bother to “take action” after the earlier one... Bob]

Nick Carter, Chief Executive of West Berkshire Council, has now signed a formal Undertaking to ensure that portable and mobile devices used to store and transmit personal data are encrypted. Staff will also be made fully aware of the council’s policy for the storage of personal data and receive appropriate training on data protection and IT security issues.

Sally-anne Poole, Enforcement Group Manager at the ICO, said: “It is essential that organisations ensure the correct safeguards are in place when storing and transferring personal information, especially when it concerns sensitive information relating to children. A lack of awareness and training in data protection requirements can lead to personal information falling into the wrong hands. I am aware that staff have been provided with encrypted USB sticks since 2006 but older devices were not recalled. I am pleased that the council has now taken action to prevent against further data breaches.”

A full copy of the Undertaking can be viewed here:

Source: Information Commissioner’s Office

“It's for the children! You're not supporting child abuse are you?”

EU To Monitor All Internet Searches

Posted by samzenpus on Thursday June 03, @12:14AM

"The European Parliament is issuing a written declaration about the need to set up an early warning system to combat sexual child abuse. However, the substance of the declaration is to extend the EU data retention directive to search engines, so that all searches done on for example Google will be monitored. If you are a citizen concerned about the right to privacy and freedom on the Internet, you can help by sending e-mail to the MEPs from your country and explaining the issue to them."

It can't hurt...

How To Secure Your Facebook Settings The Easy Way

Well, there's certainly no way anyone will use the guides scattered all over the web to do this now. I glad the FTC has that under control.

Spyware Seller Settles FTC Charges; Order Bars Marketing of Keylogger Software for Illegal Uses

June 3, 2010 by Dissent

Filed under Businesses, Court, Featured Headlines, Internet, Surveillance

The Federal Trade Commission has put the brakes on the business practices of an operation that was selling spyware and showing customers how to remotely install it on other people’s computers without their knowledge or consent.

The FTC is announcing a settlement that bars the sellers of the “RemoteSpy” keylogger from advertising that the spyware can be disguised and installed on someone else’s computer without the owner’s knowledge. It requires that the software provide notice that the program has been downloaded and obtain consent from computer owners before the software can be installed. [Let's see how long it takes to hack your way around that... Want to see it again? Bob]

Oh great. Now we can have reams of text that nobody reads to go with the hours of video that nobody watches. Just because we CAN do a thing is not justification FOR doing it.

Software Describes Surveillance Footage In AI-Generated Text

Posted by timothy on Wednesday June 02, @02:14PM

"A computer vision research group at UCLA has put together a system that watches surveillance footage and generates a text description of the events in real time. It only works on traffic cameras for now but demonstrates how sophisticated computer vision is becoming. Interestingly, the system was built thanks to a database of millions of human-labeled images put together by Chinese workers."

Nifty little resource.

June 02, 2010

Google Announces Free Download of 10 terabytes of patents and trademarks

Google Public Policy Blog: "When we launched Google Patent Search in 2006, we wanted to make it easier for people to understand the world of inventions, whether they were browsing for curious patents or researching serious engineering. Recently, we’ve also worked on a number of public data search features, as well as experimental features like the Public Data Explorer... That’s why we’re proud to announce that the USPTO and Google are making this data available for free at This includes all granted patents and trademarks, and published applications -- with both full text and images. And in the future we will be making more data available including file histories and related data."

One of the downsides of the “Double Secret” process that created this treaty in the first place.

India Attempts To Derail ACTA

Posted by timothy on Wednesday June 02, @06:06PM

"Ars Technica is reporting that India is attempting to gather support from other large countries that have been intentionally left out of the ACTA process to actively protest it. India fears that ACTA will eventually be used against it and other countries that were given no chance to be a part of the process drafting it. Among the primary concerns are the possibility of medical shipments being seized if they use a port in transit that is controlled by a country with a patent on the pharmaceuticals."

Interesting speculation. Is Rupert Murdock quaking in his boots?

Tuesday, June 01, 2010

Yahoo signals major challenge to newspapers

Yahoo appears to be getting ready to produce local websites filled with original content that could compete with newspapers, posing a particular challenge to the hundreds of publishers who now sell advertising for the powerful portal.

The apparent intention to target the sweet spot for publishers was signaled last month when Yahoo announced plans to buy Associated Content for $100-ish million to gain access to some 380,000 individuals who are willing to write articles, take pictures and produce videos for rates starting at $2 per effort. The deal is scheduled to close later this year.

These folks rarely rave. This MUST be worth a look.

FastStone Image Viewer – Undoubtedly The Best Image Viewer, Converter & Editor Bundle

For my Website class

Formstack: Generate Several Types Of Free Website Forms

Similar tools: EmailMeForm, Faary, VisitorContact, FormSite, Quick Form Builder and JotForm.

Wednesday, June 02, 2010

As the Ski Season closes here in Colorado, the Class Action Season opens...

Aspen law firm, two attorneys take on Google

June 1, 2010 by Dissent

Rick Carroll reports:

An Aspen law firm has filed a class-action complaint on behalf of millions of Google e-mail users, alleging the Internet host violated their privacy.

Filed Thursday in the U.S. District Court of Denver, the lawsuit seeks to attain class-action status on behalf of users of Google’s free e-mail service, Gmail.

Aspen attorneys John Case and Lauren Maytin are the two plaintiffs who represent the users in the class-action suit, which was filed by the Aspen firm Thomas Genshaft PC. Neither Maytin nor Case are members of Thomas Genshaft PC.

The suit accuses California-based Google of violating three federal communications laws — the Electronic Communications Privacy Act, the Stored Communications Act and the Computer Fraud and Abuse Act — after it rolled out its Google Buzz social networking service Feb. 9. The suit also alleges violation of privacy under Colorado common law.

Read more on Vail Daily.

(Related) Apparently, Yahoo wants to emulate Google's success in the “Most sued” category.

Yahoo to turn subscribers' e-mail contact lists into social networking base

By Cecilia Kang Washington Post Staff Writer Tuesday, June 1, 2010

Yahoo plans to announce Tuesday that it is jumping into social networking by using its massive population of e-mail subscribers as a base for sharing information on the Web.

Over the next few weeks, its 280 million e-mail users will be able to exchange comments, pictures and news articles with others in their address books. The program won't expose a user's contact list to the public, as was done by Google through its social networking application, Buzz. But unless a user proactively opts out of the program, those Yahoo e-mail subscribers will automatically be part of a sweeping rollout of features that will incorporate the kinds of sharing done on sites such as Facebook and MySpace.

...and of course, Facebook goes them all one better.

Facebook 'Like' button draws privacy scrutiny

by Declan McCullagh June 2, 2010 4:00 AM PDT

When Facebook Chief Executive Mark Zuckerberg recently announced a "Like" button that publishers could place on their Web pages, he predicted it would make the Web smarter and "more social."

What Zuckerberg didn't point out is that widespread use of the Like button allows Facebook to track people as they switch from to to, all of which are sites that have said they will implement the feature.

Even if someone is not a Facebook user or is not logged in, Facebook's social plugins collect the address of the Web page being visited and the Internet address of the visitor as soon as the page is loaded--clicking on the Like button is not required. If enough sites participate, that permits Facebook to assemble a vast amount of data about Internet users' browsing habits.

Is it also possible to use Facebook or Twitter to establish an alibi? “Chillin' at home. Not visiting the mistress tonight.”

Divorce attorneys catching cheaters on Facebook

June 2, 2010 by Dissent

It’s a bit risky to post personal info and photos on social media, as you never know how it might come back to bite you in terms of employment — or divorce. It seems that matrimonial lawyers are really using Facebook as a primary investigative resource to find evidence on cheating spouses and the like. And when Facebook changed its privacy controls and made more info public than users knew or wanted, some divorce lawyers had a field day.

Stephanie Chen reports:


Facebook — where attorneys find most of the evidence and leads — has gradually relaxed privacy settings over the last year. Attorneys say that enabled some members’ personal details to be leaked without the user realizing it, attorneys say. On May 26th, Facebook founder Mark Zuckerberg acknowledged the problem and, in a blog, announced new tools making it easier for users to tighten privacy settings and block outside parties from seeing personal information.

“It’s becoming all but impossible to protect your information unless you spend hours and hours figuring it out,” said Lee Rosen, a divorce attorney in North Carolina, who added he reaped the benefits of the tricky privacy controls in a recent case.

Read more on CNN.

A brief (126 page) summary

Educational Security Incidents Year in Review – 2009

June 1, 2010 by admin

After a hiatus, Adam Dodge’s ESI blog is back, and Adam has published his analysis of education sector breaches in 2009. From his summary:

The ESI Year in Review – 2009 examines all of the information security incidents occurring at colleges and universities around the world as reported in the news during 2009.

The information security incidents reported by institutions of higher education throughout 2009 were down significantly in both the number of incidents and the amount of information exposed. This downward trend in higher education incidents follows a broader downward trend in breaches across all industry sectors in 2009 . As such, 2009 saw fewer institutions reporting a smaller number of breaches. During 2009, institutions of higher education showed no Loss-type incidents, a significant change over the past three years. In addition, only one incident reported in the news affected multiple institutions, a substantially smaller number than 2008. In fact, many of the numbers in the Year in Review 2009 are close to those reported in 2006. However, the large number of institutions involved in this one multi-institution incident once against caused the number of institutions suffering from a breach to be greater than then number of breaches reported.

You can read the entire report here (pdf, 1.09 MB).

Are they suggesting that this is a manual procedure?

Time Warner Cable "a good ISP for copyright infringers"

By Nate Anderson | Last updated a day ago

If you're wearing an eyepatch as you read this, pay attention: Time Warner Cable is the ISP for you. According to lawyers currently suing thousands of P2P users in federal court, TWC "is a good ISP for copyright infringers."

The outrageous behavior that provoked this claim? TWC's unwillingness to process in a timely manner hundreds or thousands of subscriber subpoenas sent from the law firm of Dunlap, Grubb, & Weaver.

… "Copyright cases involving third-party discovery of Internet service providers have typically related to a plaintiff's efforts to identify anonymous defendants whose numbers rank in the single or low double digits," the cable company told a federal judge earlier this month. "By contrast, plaintiff in this case alone seeks identifying information about 2,049 anonymous defendants, and seeks identifying information about 809 Internet Protocol addresses from TWC."

It continued: "If the Court compels TWC to answer all of these lookup requests given its current staffing, it would take TWC nearly three months of full-time work by TWC's Subpoena Compliance group, and TWC would not be able to respond to any other request, emergency or otherwise, from law enforcement during this period. TWC has a six-month retention period for its IP lookup logs, and by the time TWC could turn to law enforcement requests, many of these requests could not be answered."

Another Korea rant (sorry)

If your campaign platform is the same as North Korea’s, are you a fool or a tool?

South Korea probes war rumours ahead of elections

South Korean police are probing leaflets and Internet messages spreading rumours of imminent war and questioning an investigation into the sinking of a naval vessel which they say could affect Wednesday's local elections.

The ship sinking has become the top campaign issue, with the liberal opposition accusing President Lee Myung-bak of provoking tension after a decade of warming ties with reclusive and impoverished North Korea.

But polls showed Lee's uncompromising stand against the North has helped keep support ratings for him near the 50 percent mark in recent weeks.

The crackdown on Internet rumor mongering is likely to resurrect a frequent opposition complaint that the government is trampling on democracy and free speech.

… An officer at Seoul police HQ said investigators were looking for the source of leaflets that said the results of the probe on the navy ship sinking had been fabricated.

Some leaflets say the government has been taking pictures of its troops as preparations for their funerals in anticipation of war with North Korea, he said.

(Related) Cyber-harassment? Cyber-propaganda? “…the continuation of politics by other means?”

SKorea accuses NKorea of identity thefts

By SANGWON YOON Associated Press 2010-06-01 09:08 PM

North Korea is stealing ordinary South Korean citizens' identities to open Internet accounts and post messages denying Pyongyang's involvement in the recent sinking of a South Korean warship, Seoul's top spy agency said Tuesday.

.. North Koreans have been registering with South Korean identification numbers to post material claiming the ship sinking as an event staged by Seoul, a National Intelligence Service official said Tuesday. In South Korea, people need to provide their ID numbers when they open a Web account.

The posts called the sinking of the 1,200-ton patrol ship "a staged fabrication" and questioned the veracity of the multinational investigation findings, South Korea's Yonhap news agency reported, citing an unnamed government source.

These cyberattacks are an advanced form of North Korea's psychological warfare against the South, designed to cause social panic, distrust, and instability, according to Yonhap.

Seoul resumed psychological warfare operations last month, which include radio broadcasts into the North and placing loudspeakers at the border to blast out propaganda, as a part of its punitive measures for Pyongyang.

North Korea _ which flatly denies involvement in the sinking of the Cheonan _ responded by threatening to cut ties with South Korea, wage "all-out counterattacks" against psychological warfare operations and bar South Korean ships and airliners from its waters and airspace.

Last year, North Korea was suspected in cyberattacks that paralyzed the sites of South Korean government agencies, banks and Internet sites.

Why would this surprise anyone? Think of it as another share of the market AT&T chooses not to contest.

AT&T Announces New Data Plans, Unlimited Data Nowhere To Be Seen

For my Computer Forensics students. First, you need the database...

Met lab claims 'biggest breakthrough since Watergate'

Power lines act as police informers

By Chris Williams Posted in Policing, 1st June 2010 11:16 GMT

Police scientists have hailed a new technique that recently played a pivotal role in securing a murder conviction as the most significant development in audio forensics since Watergate.

The capability, called "electrical network frequency analysis" (ENF), is now attracting interest from the FBI and is considered the exciting new frontier in digital forensics, with power lines acting as silent witnesses to crime.

… ENF relies on frequency variations in the electricity supplied by the National Grid. Digital devices such as CCTV recorders, telephone recorders and camcorders that are plugged in to or located near the mains pick up these deviations in the power supply, which are caused by peaks and troughs in demand.

… At the Metropolitan Police's digital forensics lab in Penge, south London, scientists have created a database that has recorded these deviations once every one and a half seconds for the last five years. Over a short period they form a unique signature of the electrical frequency at that time, which research has shown is the same in London as it is in Glasgow.

On receipt of recordings made by the police or public, the scientists are able to detect the variations in mains electricity occuring at the time the recording was made. This signature is extracted and automatically matched against their ENF database, which indicates when it was made.

An example of a ethical hacking tool. (They have a simple way to ensure that you own the website) - Scan How Secure Your Site Is

ZeroDayScan is an online security scanner that can be used by webmasters that want to learn how secure their sites are both directly and cost-effectively. That is, having a site analyzed entails little more than providing the URL in question, and the whole process is free from start to finish.

For my Hackers...

How to Install Mac OS X on a PC (Without Using a Mac)

In fact, I use some of these. They are quite useful.

32 Incredible Bookmarklets for Chrome, Firefox, Safari and Internet Explorer

Just because I'm a Muppet fan.

The IBM Muppet Show

Before Sesame Street and The Muppet Show, Jim Henson made short films for Big Blue. The tech may be archaic, but the entertainment is timeless.

A tool for research papers?

ScribTex: Free LaTex Editor Online

LaTex is a markup language and a document preparation system, widely used by academics and other fields. ScribTex is an online editor that lets you create, edit and share LaTex documents on the web. You can not only share documents with your friends but also give them persmission to edit the documents while keeping track of each revision.

If you don’t like a change you or somebody else has made, just undo it. ScribTex also lets you add images and other media to your LaTex documents. Once you are done, simply compile your document as a PDF file and share it anyway you want.

Similar sites: MonkeyTex and Verbosus.

Tuesday, June 01, 2010

Another source of Privacy ideas...

Privacy Law Scholar’s Conference to be held this week

May 31, 2010 by Dissent

“Get back.
Get back.
Get back to where you once belonged.”

That Beatles’ tune kept running through my head yesterday as I read through some of the draft papers for the upcoming Privacy Law Scholar’s Conference to be held this week in Washington, D.C. While many of the papers are forward-looking, some take us back or urge a return to earlier approaches to privacy:

Peter Winn, an Assistant U.S. Attorney for the DOJ and law lecturer at the University of Washington Law School, will be presenting an absolutely fascinating paper on the “History of the Law of Privacy in the 16th & 17th Century.” His article really left me with a better understanding of the English roots of our legal system’s approach to privacy and with new appreciation that the “right to be let alone” was not judicial activism but was more firmly rooted in English law than some current jurists and members of Congress seem to realize.

Also read to the tune of “Get Back:” Paul Ohm, an Associate Professor at the University of Colorado Law School, has a paper, “The Benefits of the Old Privacy: Restoring the Focus to Traditional Harm,” while Lior Strahilevitz, Deputy Dean, Professor of Law & Walter Mander Teaching Scholar, University of Chicago, is presenting his paper, “Reunifying Privacy Law,” and Carol M. Bast and Cynthia A. Brown of the University of Central Florida are presenting their paper, “A Contagion of Fear: Post-9/11 Alarm Expands Executive Branch Authority and Sanctions Prosecutorial Exploitation of America’s Privacy.”

There are many more papers being presented this week (you can see the program here) and the only dilemma is how to decide which sessions to attend when everything sounds fascinating. As but one example of the many thoughtful and critical analyses being presented, Susan Freiwald, Professor of Law at the University of San Francisco School of Law, has a wonderful paper on “Fourth Amendment Protection for Stored Cell Site Location Information” that should also stimulate a lot of discussion.

Indeed, my fervent wish to get some of these people to guest blog on to present their work for a public audience in a way that more people can understand the threats we face today to our privacy. I really doubt that most of the public truly understands how much information their cell phone carriers retain and can generate about them, the privacy risks we face when such data are handed over to law enforcement or combined with other databases, and why the public should care about the government’s argument that it doesn’t need a warrant to obtain location data.

Great thanks to law professors Dan Solove of George Washington University Law School and Chris Hoofnagle of the Berkeley Center for Law & Technology for organizing the conference and for inviting me, and to the sponsors who are making the conference possible as a free event for attendees: The Future of Privacy Forum, Doug Curling, AT&T, Google, The Privacy Projects, Intel, and Technology | Academics | Policy (TAP).

The conference will be on Thursday and Friday, and I’ll try to blog more about it each day.

A guide for Class Action lawyers?

Deciphering Google's Wi-Fi headache (FAQ)

by Tom Krazit June 1, 2010 4:00 AM PDT

How did Google's Wi-Fi spying debacle get to this point?

As Google prepares to defend itself against allegations of Wi-Fi spying, it has said very little about exactly what kind of personal data it gathered as part of its Street View project. Last week, Google also declined to provide executives willing to speak on the record about how one of the most monumental oversights in its history occurred: the inadvertent gathering of "payload" data by Wi-Fi sniffers mapping hotspots while recording street scenes for Google Street View.

But Google finally did confirm a few additional details about the type of scanning procedure it used as well as the nature of the code first written by Google engineers back in 2006. It first took responsibility for the gaffe--which only came to light after detailed inquiries from German authorities--in a blog post on May 14, and ever since then, Google critics have delighted at the opportunity the incident has provided, with lawsuits and Congressional inquiries pending.

Let's take a look at what Google has said and some of the technology issues in question to get some more perspective on Google's Wi-Fi scanning problem.

What data does Google have?

Google admitted on May 14 that it had been "mistakenly collecting samples of payload data from open (i.e. non-password-protected) Wi-Fi networks" for three years. Payload data is distinct from a "header," which contains mostly benign information about the network itself: The payload is the actual data that is being transmitted over the network.

… However, Google's store of personal data might not be quite the treasure trove it may seem. Data sent back and forth between encrypted Web sites (password logins, online banking, credit-card transactions, or anything with https:// in the URL) would not be collected. Mobile workers signed into VPNs would also not be affected.

In addition, it's not totally clear how much data Google would be able to capture with a Street View car moving at about 25 miles per hour along the streets of cities and towns around the world. Google said the data was "fragmented," implying that piecing together any coherent image from that data would be difficult.

Does government have it backwards? Do they cut taxes in good times? I don't think so...

Pew Report: Recession Brings Another Round of Higher Taxes and New Fees to Big Cities


New Law Increases Paperwork for Self-Employed Over A Thousand Percent

Twitter as a guide to “What's Hot!”

Zoofs: Watch Most Shared Videos on Twitter

Similar tools: TwitVid and

(Related) Some statistics

The Amazing Stats Of Twitter

“There's an app for that!”

Study Claims Cellphones Implicated In Bee Loss

Posted by kdawson on Monday May 31, @07:56PM

krou passes along word from that researchers from Chandigarh's Punjab University claim that they have proven mobile phones could explain Colony Collapse Disorder.

"They set up a controlled experiment in Punjab earlier this year comparing the behavior and productivity of bees in two hives — one fitted with two mobile telephones which were powered on for two 15-minute sessions per day for three months. The other had dummy models installed. After three months the researchers recorded a dramatic decline in the size of the hive fitted with the mobile phone, a significant reduction in the number of eggs laid by the queen bee. The bees also stopped producing honey. The queen bee in the 'mobile' hive produced fewer than half of those created by her counterpart in the normal hive. They also found a dramatic decline in the number of worker bees returning to the hive after collecting pollen."

We've talked about the honeybee problem before. Today's article quotes a British bee specialist who dismisses talk of cellphone radiation having anything to do with the problem.

Tools for Geeks

A Sleek & Easy Way To Administer Ubuntu – Ubuntu Control Center

These are definitely not the tools I would have expected.

Top 10 Most Downloaded Student Tools

It’s time once again for our featured Movers and Shakers post. Each week, we take one software category and list the top ten most downloaded free apps.

'cause I only steal from the best!

Monday, May 31, 2010

Einztein - Locate Online Courses and Course Materials

Einztein is a new service for locating online collegiate level courses and corresponding materials. Einztein isn't your standard search engine as all courses listed by Einztein are reviewed by a PhD level editorial team. Each course listed by Einztein comes with a listing of the types of materials available for each course. Some courses have audio, video, and documents while other course may only have one or two of those elements. Visitors to Einztein can search for course by keyword or simply browse courses by subject area.

Monday, May 31, 2010

Interesting (if simple) tool for filling in the blanks in a boilerplate policy. I could easily see this extended into an advertising tool for lawyers specializing in a variety of areas, since it could raise the kind of questions you would need a lawyer's help to answer.

PolicyTool: Create A Social Media Policy For Your Company

With social networks becoming an integral part of everybody’s life, it is important for companies to have a clear and concise policy about the use of social media by its employees. However, not every company can afford a team of legal experts to do that. For those who want a quick solution, PolicyTool is a great help.

PolicyTool generates a social media policy for your company by making you answer a few quick questions. Once you have answered these questions about general rules for using social media and information about your company, a comprehensive social media policy is generated that can be used for commercial purposes free of charge.

I suspect this is less about censorship and more about access to the Apple platform.

German Publishers Want Censorship Talks With Apple

Posted by kdawson on Sunday May 30, @04:24PM

"The association of German magazine publishers has sent a letter to Steve Jobs (Google translation; German original here) demanding talks about censorship by Apple. The move draws attention to growing concerns about freedom of the press when a single unelected commercial entity has worldwide control over what gets published for iPhone and, especially, iPad."

While the magazine publishers may rightly be concerned about private control of a platform that many of them are counting on for their long-term salvation, the German state is at the very least ambivalent about the subject of censorship. This is the country that has banned Wikileaks, sought a ban on violent games, and voted to censor child porn (only to have the president kill the ban as unconstituitonal).

No doubt she got the idea while reading the National Enquirer...

Woman Sues Google for Bad Directions

Let's just skip to 99G and same time...

4G wireless: It's fast, but outstripped by hype

By PETER SVENSSON (AP) – 20 hours ago

NEW YORK — Cell phone companies are about to barrage consumers with advertising for the next advance in wireless network technology: "4G" access. The companies are promising faster speeds and the thrill of being the first on the block to use a new acronym.

But there's less to 4G than meets the eye, and there's little reason for people to scramble for it, at least for the next few years.

… Broadly speaking, it's a new way to use the airwaves, designed from the start for the transmission of data rather than phone calls.

Continuing my “Wow, that's a lot of data!” theme

The Coming Data Explosion

Written by Richard MacManus / May 31, 2010 3:34 AM

One of the key aspects of the emerging Internet of Things - where real-world objects are connected to the Internet - is the massive amount of new data on the Web that will result. As more and more 'things' in the world are connected to the Internet, it follows that more data will be uploaded to and downloaded from the cloud.

… Mayer went on to say that there were 5 exabytes of data online in 2002, which had risen to 281 exabytes in 2009. That's a growth rate of 56x over 7 years. Partly, she said, this has been the result of people uploading more data. Mayer said that the average person uploads 15 times more data today (in 2009) than they did just 3 years ago.

… HP's Parthasarathy Ranganathan used the term "ubiquitous nanosensors," which can have multiple dimensions per sensor:

  • Vibration

  • Tilt

  • Rotation

  • Navigation

  • Sound

  • Air flow

  • Light

  • Temperature

  • Biological

  • Chemical

  • Humidity

  • Pressure

  • Location

Ranganathan noted that there will soon be millions of sensors working in real-time, with data sampled every second.

Sunday, May 30, 2010

Strange they can get a patent for something my students have been doing for years – mapping (secure and open) Wifi sites.

Google Describes Wi-Fi Sniffing In Pending Patent

Posted by timothy on Saturday May 29, @08:12AM

"After mistakenly saying that it did not collect Wi-Fi payload data, Google had to reverse itself, saying, 'it's now clear that we have been mistakenly collecting samples of payload data from open (i.e. non-password-protected) Wi-Fi networks.' OK, mistakes happen. But, as Seinfeld might ask, then what's the deal with the pending Google patent that describes capturing wireless data packets by operating a device — which 'may be placed in a vehicle' — in a 'sniffer' or 'monitor' mode and analyzing them on a server? Guess belated kudos are owed to the savvy Slashdot commenter who speculated back in January that the patent-pending technology might be useful inside a Google Street View vehicle. Google faces inquiries into its Wi-Fi packet sniffing practices by German and US authorities."

This is probably better at noticing anomalies, but there is no indication (yet) that it could prevent an attack (or any other crime)

The Future of Surveillance? When Automated Brains Keep Watch 24/7

Unblinking camera eyes need brains to look for real-time threats — but what if those brains are automated?

By David Hambling May 26, 2010 10:30 AM

Surveillance technology provides a vital shield against terrorism, and cheap modern electronics make it easy to fill the city streets with closed-circuit television (CCTV) cameras. New York City mayor Michael Bloomberg recently toured London's ring of cameras, seeking information on how to bring it to the Big Apple to thwart terrorist attacks. But unless the feeds from those cameras are constantly monitored, they only provide an illusion of security. Finding enough eyeballs to watch thousands of screens simply isn't practical, yet modern automated systems can fill the gap with a surprising degree of intelligence.

Let's look at how this type of system would deal with an event like the failed car-bomb attack in Times Square: The vehicle involved was parked in a No Parking area, the emergency warning flashers were going, and smoke was pouring out of it. All of these were potential warning signs. If the system issued an alert every time a car was parked illegally, there would be a lot of false alarms. But AWARE can cross-check all illegally parked cars without human intervention.

"Should a vehicle be detected parked illegally, AWARE would aim a local camera at the license plate, and License Plate Recognition software would interpret the number," says Robert Allen of AbeoTS. "AWARE would submit the data to the appropriate DMV and the result would be analyzed for threat potential. In the Times Square incident, this would have triggered a threat as the license plate did not match the vehicle."

The end of free? Still cheaper, and possibly a continuous connection.

Skype Over 3G Comes to the iPhone. It’s Not All Good News

By John C Abell May 29, 2010 8:56 pm

Skype on Saturday released an upgrade to its iPhone app that allows calls to be made and received under AT&T’s 3G network, but there’s a catch — they won’t be free for very long, even for Skype-to-Skype calls or for people who have all-you-can-eat calling plans with the internet telephony company.

No specific pricing or even timeline was announced, but the release notes of version 2.0.0 (to the right) say this feature will be free only “until at least the end of August 2010, after which there will be a small monthly fee.”

All of this became possible only after Apple changed its iPhone SDK in anticipation of the iPad.

Skype pronouced on Feb 3 that 3G calling would happen “soon.” But the additional cost was not trumpeted and does comes as a surprise, though perhaps not a terribly big one given the revenue possibilities and the additional strain on AT&T’s already-vilified 3G network.

Skype calls are generally free or at least much less expensive than those made on minute-counting calling plans. But wireless minutes have become largely commoditized and, from most wireless carriers, available in unlimited plans that eliminate the traditional profit center that used to be overages.

Skype’s migration from the desktop on to mobile devices has created the potential for a dramatic shift in calling behavior. We aren’t quite there yet. But when you can receive calls from an VoIP provider like Skype on a portable device in either an WiFi or 3G network it almost completely blurs the line between an interesting alternative to a telephone and the very definition of a telephone.

Taking that one small step further: In a world with ubiquitous broadband, internet telephony with push notifications and location awareness could make traditional telco and wireless services irrelevant, even for the equivalent of enhanced 911, where the automatically operator knows where you are.

There are still some pieces missing to this puzzle, but the availability of VoIP under 3G — also true of Fring and for international calls on some Android-powered handsets provided by Verizon — is a big step forward.

And, one last thing: iPhone OS 4, expected in weeks, will enable non-core apps like Skype to operate in the background. Which means that you could be online with the internet telephony service all the time on any 3G enabled device like the iPhone and some models of the iPad.

Amateur experts” Watching TV without a TV. Newspapers without paper.

The Rise of Networked Individuals: The Millennial Tide

by Lee Rainie May 11, 2010 at Google

… The conversation covers questions such as: How have the internet and smart phones enabled modern citizens to create information and media that help them influence others, navigate their options and create new kinds of communities? Are new tools of social media - like blogs, social network sites and texting - reshaping the very environment of media and information itself?

Something to impress the students. Petabyte sized databases are common...

How Big is a Yottabyte? [Infograph]