Sunday, January 09, 2011

About time someone made this InfoGraphic. Note that the biggest variable seems to be timeliness...

http://blog.zonealarm.com/2011/01/what-is-the-cost-of-a-missing-laptop-2.html?display=infographic

What is the Cost of a Missing Laptop?



For my Ethical Hackers: With Convergence (one device acting as many) comes a “Convergence of Risk” (one device with the flaws of many)

http://it.slashdot.org/story/11/01/08/141207/Major-Security-Flaws-Discovered-In-Internet-HDTVs?from=rss

Major Security Flaws Discovered In Internet HDTVs

"Security researchers have discovered several security flaws in one of the best-selling brands of Internet-connected HDTVs, and believe it's likely that similar security flaws exist in other Internet TVs. The security researchers were able to demonstrate how an attacker could intercept transmissions from the television to the network using common 'rogue DNS,' 'rogue DHCP server,' or TCP session hijacking techniques. Mocana was able to demonstrate that JavaScript could then be injected into the normal datastream, allowing attackers to obtain total control over the device's Internet functionality."


(Related) Traffic Lights that can “Phone Home”

http://mobile.slashdot.org/story/11/01/08/2244234/Thieves-in-South-Africa-Hit-Traffic-Lights-For-SIM-Cards?from=rss

Thieves in South Africa Hit Traffic Lights For SIM Cards

"Some 400 high-tech South African traffic lights are out of action after thieves in Johannesburg stole the mobile phone SIM cards they contain. JRA (Johannesburg Road Agency) said it is investigating the possibility of an 'inside job' after only the SIM card-fitted traffic lights were targeted. The cards were fitted to notify JRA when the traffic lights were faulty. 'We have 2,000 major intersections in Johannesburg and only 600 of those were fitted with the cards,' the agency's spokesperson Thulani Makhubela told the BBC. 'No-one apart from JRA and our supplier knows which intersections have that system.' The thieves ran up bills amounting to thousands of dollars by using the stolen cards to make calls."


(Related) “Instant Read” technology could be added to bar stools (Sorry, we can't serve you any longer) or Congress (Too drunk to vote?) or church pews (God and my iPad know who you sinners are!) .

http://www.pogowasright.org/?p=19075

Too drunk? Your car won’t go along for the ride.

January 8, 2011 by Dissent

Ashley Halsey III reports:

The technology developed in the past decade to sniff out terrorist bombs eventually could be used to combat another scourge: drunk drivers.

Researchers funded by auto manufacturers and federal safety regulators are working on sensory devices – to be installed as standard equipment on all new vehicles – that would keep a vehicle from starting if the driver has had too much to drink.

[...]

The new technology would not require that the driver blow into a tube, like the interlock devices some states require after drunken-driving convictions. Instead, either a passive set of sensors permanently installed in the vehicles or touch-sensitive contact points on a key fob or starter button would immediately register the level of alcohol in the bloodstream.

Read more on Washington Post.


(Related?) Banning a technology is easy, rules that make it safe/useful are difficult.

http://www.pogowasright.org/?p=19069

Calif. County Criminalizes Smart-Meter Installations

January 8, 2011 by Dissent

As a follow-up to a news story posted last week, a reader kindly sends in this link to a New York Times story by Debra Kahn:

The Marin County Board of Supervisors unanimously passed an ordinance (pdf) yesterday that deems the installation of smart meters a public nuisance in some areas.

The law applies to unincorporated Marin, home to about 70,000 of the county’s 260,000 residents. In addition to electromagnetic health risks, the board cited concerns about meters being used to collect information about residents’ activities, impacts on aesthetics and potential damage to amateur radio networks.

[...]



For my “Lawyers in the Cloud” friends: Perhaps only a global (or Cloud based?) law firm will have the resources to deal with Cloud Providers...

http://www.readwriteweb.com/cloud/2010/12/3-legal-issues-to-consider-whe.php

3 Legal Issues to Consider When Going to the Cloud

Do You Know Where Your Data is Located?

"States have laws governing privacy and confidentiality that can provide severe sanctions for violating those laws. With cloud computing, are the documents governed by the law of the state in which they are physically located, by the location of the company possessing them, or by the laws of the state where a person resides?"

Who Takes Responsibility?

… Google's 10-Q statement

"Our systems are vulnerable to damage or interruption from earthquakes, terrorist attacks, floods, fires, power loss, telecommunications failures, computer viruses, computer denial of service attacks, or other attempts to harm our systems."

And let's say there has been a data breach. Who is responsible in that situation? Is it the vendor?

"Salesforce.com and other large vendors carry cyber insurance in case of a breach. Usually though it is considered a shared responsibility. The provider may only carry insurance for $15 million. It's up to the customer to then determine what extra insurance to carry in case of a problem."

Intellectual Property Rights

You may not own the application or the operating system. You definitely don't need the hardware anymore. But you better have the right to remove the data when you want. That means you need to be clear about the day you stop using an application. Can you take that data with you?

Then comes the issue with such matters as trade secrets. What happens when the provider gets a subpoena? Can the provider access your data and hand it over to the authorities?

Finally, there is the issue with third parties.

"The vendor may grant some privileged third parties access to your stored data. The identity of such parties, if any, must be disclosed to the customer. Here, the third party could be a legal authority or even an internal employee. The customer should always be informed before the vendor allows third parties to access the stored data.


1 comment:

meto mayo said...



الفك والتركيب والتغليف والتحرك من خلال شركة نقل اثاث بجدة متميزة تحتاج الي ركن البيت للاستفادة من خدماتها التي لا تقدم غير خدمات نقل اثاث بجدة رائعة لتلبية طلبات العميل. فرؤية الشركة لدينا وضعت طريقة جيدة وضعت كخبراء في نقل الخدمات التي يحتاجها العملاء عند التعاون مع شركة نقل عفش بجدة فاختيار المواد الخاصة بك التي تستخدم في تغليف الاثاث فهذه المواد أو الأشياء ستكون موجودة على عتبة المنزل للتحرك بكل آمن و بقوة إلى المكان الذي ترغب فيه
شركة نقل الاثاث بالدمام
استخدام الأصول الأولى داخل الاستراتيجية التي تستخدمها شركة نقل عفش بالدمام لدينا تدفعنا إلى التفكير في إعطاء نوع من الخدمات المتميزة الي العملاء التي تترك نجاحا مباشرا يمكن أن تنقش على نفسية الزبائن التي تقدم لهم خدمة نقل العفش.فلدينا ميل إلى أن يشار جيدا إلى العاملون والفنين والمغلفون ان يقوموا بعملهم في شركة نقل اثاث بالدمام نتيجة للمعيار والتنمية والعقل
شركة نقل الاثاث بمكة
مجموعة معينة لدينا في شركة نقل عفش بمكة تساعدنا في خدمتك في أي وقت من اليوم، وأنهم على استعداد للبقاء على طول هذه الخطوط لاعطاءك خدمة متميزة عن باقي شركات نقل اثاث بمكة التي توجد بهذه المنطقة فلا أحد لدينا في خدمات النقل يترك شيئا حتي لا نقع في قليلا من السخط.
شركة تخزين الاثاث بالرياض
التعبئة والتغليف يبدأ بالعمل المتميز من اجل الحصول علي شركة تخزين عفش بالرياض متميزة تمتلك مستودعات تخزين اثاث بالرياض تحافظ علي الممتلكات الخاصة بكم من الخراب. كما ان التعبئة والتغليف على استعداد فريد للتعامل مع كل نوع من الأدوات والأشياء الزجاجية والمواد التي تميل إلى الإضرار أو تحمل بانتظام أسوأ جزء في عملية الحركة. فخدمات شركة تخزين اثاث بالرياض تقوم بإرسال أفضل مجموعة يتقن الوصول إليها في الوقت المناسب لتلبية طلب العميل وفقا لمتطلبات محددة خاصة بك في هذا المجال بسبب الطريقة التي كانت لدينا مجموعة من الخبراء في كيفية ادارة مستودعات تخزين اثاث منذ فترة طويلة في هذه الصناعة لفترة طويلة جدا.
شركة تخزين اثاث
شركة تخزين عفش