Tuesday, September 06, 2011


Can there be viable crime statistics without facts?
(Update and Commentary): Why are states withholding the names of breached entities?
[Release omitted]
Note that neither the Complaint nor Plea Agreement, both of which I obtained from PACER, reveal the name of the restaurant in Stamford or the restaurant in New York where both defendants also worked. Why not?
Well, it turns out that in this case, we do know the name of the restaurants – because they were revealed in the prosecution of the co-defendant. In March 2010, another U.S. Attorney for Connecticut revealed the restaurants as P.F. Chang’s and Grand Lux Cafe in Connecticut and New York, respectively.
So why does the 2011 press release and court filings carefully omit the restaurants’ names? I’ve commented on this trend a number of times, as I do think we’re seeing a disturbing and growing trend whereby information is intentionally withheld from the public – information that is of public concern and that the public should have a right to know.
Are businesses putting pressure on states not to reveal this information? I have no evidence of that, but it wouldn’t surprise me at all. I do know that states that used to post breach notices online are no longer doing so. Maryland has not updated its site since last year and New York withdrew its site altogether. Budget cuts? Maybe. Coincidence? Maybe. But I’d really encourage all states that retain central depositories of breach notifications to post them online so that we have more usable information about statistics and trends.


Good luck with a new “Geneva convention” since it is highly unlikely that 'script kiddies,” hackers or terrorists will ever read it, let alone agree to it. (GCHQ is the British spelling for NSA...)
Stolen information worth £300m recovered by GCHQ
September 5, 2011 by admin
Duncan Gardham reports:
Details stolen from more than a million credit cards across Europe, worth an estimated £300 million, have been recovered by the GCHQ spy agency, The Daily Telegraph can disclose.
William Hague, the Foreign Secretary, said the agency had joined forces with the Serious and Organised Crime Agency to obtain the information as part of the ongoing cyber war against foreign states and criminals.
Read more on The Telegraph. No indication as to who the data thieves were or where/how the data were recovered.
[From the srticle:
A team of experts at GCHQ is understood to be working with the military to develop internet tools to strike back if states attack infrastructure such as water supplies, electricity and banking.
Mr Hague is seeking to agree new rules for cyberspace with China and Russia in order to put an end to such attacks.
… He is hoping to set up a new Geneva-style convention to govern cyberspace in the same way that a conventional battlefield has rules.


It's not just Homeland Security.
Online anonymity or pseudoanonymity is a threat – but only to businesses’ marketing plans
September 5, 2011 by Dissent
Two articles about online anonymity that you may wish to read: Efic Pfanner’s piece, “Naming Names on the Internet,” in the New York Times and Ben Grubb’s piece, “Death of anonymity online has net users fuming,” in The Age.
As both articles suggest, there is a strong sense in some circles that arguments about accountability are just a smokescreen for an ultimately financial purpose.
South Koreans recently learned the dangers of requiring real names when over half of the population had their personal information acquired by hackers.
As for myself, I never signed up for accounts for MySpace, Facebook, Google+, etc. I use Twitter because it allows me to use my pseudonym. And that’s just fine with me.

(Related) Why Irish Law is important?
Facebook faces major Irish privacy investigation
September 5, 2011 by Dissent
Roisin Burke reports:
Facebook faces a major probe by the Data Protection Commissioner (DPC) following ‘big brother’ type privacy complaints.
Facebook’s Dublin HQ will be subject to a massive audit by the Irish watchdog after a group in Austria lodged 17 complaints, claiming that even after Facebookers delete information the social media giant’s Dublin HQ keeps everything: data on who you’ve poked, tagged, ‘liked’, emailed, phone numbers — even information on sexual orientation and political views. It can amount to thousands of pages of information about you, the group, called Europe Versus Facebook, asserts.
Every Facebook user outside the US and Canada is protected by Irish privacy law as the company’s international headquarters is here.
Read more on Independent.ie


Why bother breaking encrypted email when you can use your own encryption...
Dutch firm linked to many more fraudulent Net certificates
The number of fraudulent security certificates issued by a hacked Dutch firm has ballooned from the 247 reported last week to 531, and the main purpose of the attack appears to have been to spy on Iranian dissidents.
The list of domains for which fraudulent Secure Sockets Layer (SSL) certificates were issued by DigiNotar, a root certificate authority, now includes sites such as the CIA, MI6, Facebook, Microsoft, Skype, Twitter, and WordPress, among others, according to a list released this weekend by the Dutch Ministry of Justice. In the wake of the new revelations, the Dutch government has reportedly expressed a lack of confidence in the Netherlands-based company and taken control of it.
… The Gmail incident affected mostly Iranian users, and it now appears the certificates might have been issued for the purpose of spying on Iranian dissidents, perhaps by the Iranian government.


Ah, to be a fly on the wall of the Boardroom... T-Mobile “lacks” spectrum, but AT&T wants it because of its spectrum... What's really going on?
T-Mobile may miss out on AT&T break-up fee, report says
AT&T may not be on the hook for the fee under certain conditions, a source told Reuters in a story that ran today.
… AT&T and T-Mobile were thrown for a loop last week when the Department of Justice sued to block AT&T's planned acquisition of T-Mobile, citing concerns over the loss of competition in the industry. AT&T has been scrambling to keep the deal alive and is expected to offer up more compromises to get the deal done.
Many in the industry expected AT&T to complete the acquisition, swayed by the unusually large break-up fees. Those fees are typical of M&A deals, ensuring some protection to the seller if the transaction falls through. But the large size, which includes $3 billion in cash and the balance in services, assets, and a roaming agreement, suggested AT&T was confident in its ability to close the deal.
The break-up fee would only be paid if certain conditions were met, Reuters said. The deal has to receive regulatory within a certain time, or the contract is deemed void. The value of T-Mobile also can't fall under a certain level, which could happen if the government requires that parts of the business have to be sold to get the deal approved.
Without the break-up fee, Deutsche Telekom is left with a weakened T-Mobile that has been hurt by the publicity over the pending deal. Despite offering price cuts and promotions, T-Mobile continues to lose its most valuable contract customers at an alarming rate. In addition, it lacks the spectrum to build its own true 4G wireless network.
The deal has proven to be a contentious issue. AT&T has argued that the deal is necessary to increase its spectrum position and allow for a wider deployment of 4G services, and has boasted supported from several states, its unions and technology companies. But opponents such as Sprint Nextel, consumer advocate groups and other wireless companies have argued that the deal would hurt competition and innovation in the industry.


Resource?
University of Michigan Guidelines for the Use of Social Media
The "Guidelines for the Use of Social Media" document provides:
General guidelines for sharing information that is not a matter of public record
Specific guidelines for posting to social media sites as an individual
Specific guidelines for posting on behalf of the University
Safety and privacy tips for social media


I have students and colleagues who use LinkedIn. These might be useful to find those little inconsistencies that contradict your resume...
2 Tools To Turn Your LinkedIn Profile Into A Neat-Looking Resume

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)