Thursday, September 15, 2011


Virtual geopolitical boundaries for Cloud Computing. Inevitable, I suppose.
Deutsche Telekom Wants ‘German Cloud’ to Shield Data From U.S.
September 14, 2011 by Dissent
Deutsche Telekom AG’s T-Systems information technology unit is pushing regulators to introduce a certificate for German or European cloud operators to help companies guard data from the U.S. government.
T-Systems plans to lure customers by emphasizing the security of its servers, over which it delivers its Internet- accessed computing services, Reinhard Clemens, the division’s chief executive officer, told reporters in Bonn on Sept. 12. This includes shielding clients from government access such as that allowed by the U.S. Patriot Act, he said.
Read more from Bloomberg.


Is this a case of “techno-paparazzi,” teenage testosterone, or orchestrated publicity? (I'm sure the obvious solution has never occurred to these ladies...)
Celebs Hacked: Which Hollywood Hottie Will Have Nude Pics Leaked Next?
It's probably not the biggest surprise that some of Hollywood's biggest stars also happen to be exhibitionists (see Vanessa Hudgens—and quite a lot of her, as it turns out).
But on the heels of news that no less an authority than the FBI met with the clothes-eschewing starlet to investigate her latest scandalous nude photo leak, several more names have emerged as possible targets of the hacking ring.
Fifty names, to be precise. All female. And all of whom are no doubt shaking in their Louboutins at the prospect of becoming the next viral (and let's face it, in all likelihood naked) victim.

(Related) Maybe the hacking is just part of wholesale emails for sale?
New emails found in News of the World hacking scandal
''MANY tens of thousands'' of documents and emails that might be evidence of phone hacking have been found by the publisher of the now-defunct News of the World, Britain's High Court has been told.
The lawyer for News Group Newspapers, which had been ordered to search its internal mail system for any evidence of hacking of a list of public figures, said: ''Two very large new caches of documents have been [found] which the current management were unaware of.'' [That would be the Management in place after the business was shut down and everyone was fired? Bob]


The cost of Data Breaches. OR “How not to win friends...”
Uni hackers spoil exam
HACKERS from within the University of Tasmania have breached online exam security, leaving 600 nursing students without vital test results.
Angry students will be forced to sit a longer end-of-year exam that will now be worth a greater share of their final mark.
The closed-book test will now be worth 60 per cent instead of 40 per cent of their final mark for the compulsory unit.


I had never heard of Missoni, but apparently it is possible to generate as much excitement with fashion as with the latest teenage movie heroes or world series tickets going on sale.
Target’s Missoni launch: empty racks, crashed website, furious eBay bidding


“Security is as security does” F. Gump ...and it is much harder to retro-fit security than to design it in at the beginning.
Slow learning curve for DHS on infosec
September 14, 2011 by admin
Aliya Sternstein reports:
Security weaknesses in the computers that track money for the Homeland Security Department could lead to a substantial mistake in the agency’s financial statements, according to a federal audit.
KPMG analysts hired by the DHS inspector general to assess the department’s various financial systems for the fiscal year ending Sept. 30, 2010, found about 160 deficiencies, or inadequate controls, most of which — 65 percent — were repeats of the previous year’s problems. The IG office released a redacted version of the April 26 report on Monday.
Among the information technology inadequacies highlighted: ex-employees were still able to logon to their accounts and unauthorized outsiders successfully acquired user passwords from DHS personnel.
Read more on NextGov.


Privacy costs sales?
National Retail Federation opposes Sen. Leahy’s data breach notification bill
September 14, 2011 by admin
The National Retail Federation today voiced concern over data breach legislation set for consideration by a Senate committee, saying the bill is too broadly written and would lead to “notice fatigue” among consumers. [Assuming all retailers have lousy security? Bob]
[...]
French’s comments came in a letter sent today to members of the Senate Judiciary Committee. The panel is scheduled to consider S. 1151, the Personal Data Privacy and Security Act of 2011, sponsored by Chairman Patrick Leahy, D-Vt., Thursday morning.
The bill would require businesses to notify customers when “sensitive personally identifiable information” has been breached, such as in a number of recent data breach cases targeting retailers along with universities, government agencies, financial institutions and other businesses. But French said the bill’s definition of such information “is far reaching and covers common data items, the disclosure of which in most cases is inconsequential or does not lead directly to identity theft.” In one example, the breach of a customer’s name, address and date of birth would be deemed sensitive even though that combination of items alone “provides very little risk of leading to identity theft.”
What is there about “It’s not just about ID theft” that the NRF refuses to acknowledge?


Didn't take long for this brilliant idea to go south...
AU: Westfield Bondi caught in ‘find my car’ privacy flap
September 15, 2011 by Dissent
Less than one week after Ben Grubb reported privacy concerns or the potential for abuse of a new mobile app, he reports that there’s been a breach:
Westfield’s new mobile app has been caught leaking customers’ car number plate data on to the public internet, allowing for “anyone with the knowhow” to monitor when cars entered and exited its Bondi Junction shopping centre car park.
Sydney software architect Troy Hunt discovered the leak and posted about it on his blog yesterday, saying the hole could have potentially been used by stalkers, a suspicious husband tracking his wife, an aggrieved driver holding a grudge from a nearby road rage incident and a car thief with their eye on a particular vehicle.
Shortly after his blog was posted Westfield and the developer of the app’s technology, Park Assist, closed the hole.
Read more on The Age.


I don't think this is how it's supposed to work. But then, Texas is “a whole other country”
(Update) EPISD Lawyer: District Is Not Legally Liable For The Hacking
September 14, 2011 by admin
Gaby Loria reports:
El Paso Independent School District trustees heard from concerned employees and parents at a Tuesday evening board meeting regarding the hacking situation that put more than 70,000 students and employees at risk for identity theft.
[...]
The district alerted the community about the breach the day it found out about it and negotiated a deal with a credit monitoring company to offer a 50 percent discount on anti-identity-theft services.
[...]
The school board’s attorney, Anthony Safi, explained the district is not legally liable for the hacking and is therefore limited in the options it can offer the community. “The district does not have any liability for what occurred due to the doctrine of governmental immunity,” Safi said. “Because there is no liability, to pay (for services) could very well be considered a gift of public funds, which is prohibited.”
Read more on KVIA.
No liability? Did the Veterans Administration have no liability for the incident involving 26.5 millions’ veterans data or did they wind up having to compensate people for it in a huge settlement?
And if there is no liability under a theory of governmental immunity, then what recourse is there for individuals who now have incurred out-of-pocket expenses for something that they had no responsibility for?

(Related) I don't think government immunity even came up in this one...
Court: FERPA Doesn’t Shield Settlement Over Student Strip-Search Lawsuit
September 15, 2011 by Dissent
Matthew Heller writes:
After winning a public records lawsuit, On Point has learned that an Arizona school district paid a $250,000 settlement to a former student who was illegally strip-searched by school officials looking for prescription drugs.
An Arizona judge recently ordered the Safford Unified School District to produce the settlement agreement, finding that the privacy interest of the former student, Savana Redding, “is minimal when weighed against the greater public interest for transparency in the expenditure of public funds by the district.”
Read more on On Point.


I can remember a day when lawyers knew very little about technology... Oh wait, that day was today.
September 14, 2011
University of Victoria Law Student Technology Survey 2011
Via Rich McCue: UVic Law Student Technology Survey 2011 - "In addition to the technology questions we’ve been asking UVic Law students over the past nine years, we decided for the second year in a row to ask some extra questions about the mobile technology that students are arriving at Law School equipped with. This survey was completed by 139 incoming and transferring law students, which is a strong 90% plus response rate. Executive Summary:
  • 84% of incoming law students own “Smart Phones that can browse the internet (up dramatically from 50% last year), with 42% of the total being iPhones, 13% Android and 27% Blackberry’s.
  • 19% of students own tablet devices or ebook readers.
  • 98% of students own laptops, and 16% own both a laptop and a desktop computer.
  • 50% of student laptops are Mac’s, up from 44% last year.
  • The average laptop price stayed basically the same as last year at $1,186, which is down from $1400 in 2007, and from $2,100 in 2004.
  • The students’ average typing speed was was 60 wpm. [Impressive, since I don't think they teach typing any more... Do they? Bob]
  • 72% of all students bring their laptops to school almost every day.
  • 55% of students use Gmail as their primary email account (up from 49% last year), 9% use UVic email and 22% Hotmail.
  • 60% of students identified MS Word as their favorite tool for collaborative document editing (down from 67%). 30% favor Google Docs (up from 27%) and 2% OpenOffice.
  • 58% of students report backing up their primary computer on a regular basis. 60% of those backing up do so to an external hard drive and 25% to a cloud storage solution.
  • 97% of students use Facebook (up from 91%) and 92% (up from 80%) would like to see law school events and activities published on Facebook as well as through the online faculty calendar

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)