Thursday, October 13, 2011


If your Security Manager is waiting for a report like this to determine what changes/upgrades he should make, it's already too late.
Hacker attacks against retailers up 43 percent
October 12, 2011 by admin
Angela Moscaritolo reports:
Hacks targeting the retail sector have increased 43 percent since last year, largely due to an increase in SQL injection and the use of exploit toolkits, according to researchers at Dell SecureWorks.
During the first nine months of 2011, Dell SecureWorks blocked an average of 91,500 attacks per retailer, compared to 63,651 during the final nine months of 2010.
Read more on SC Magazine.
[From the article:
Other verticals have also experienced an increase in attacks, though not to the same degree as the retail sector, he said. Merchants are being more heavily targeted than those within other sectors, likely because they maintain vast amounts of information that attackers want, [And often maintain it online, simply because it is easier... Bob] and often have less stringent security controls.


This does not “prove” that the FBI sets their crime fighting priorities based on how much publicity they can get from the case. It could be that this is just a very poorly trained hacker who was easy to catch. Or they could be trying to assure everyone who has nude self-portraits on their phones (everyone in Hollywood?) that this hacker has been caught.
FBI Arrests Man Who Allegedly Hacked Celebrities to Steal Nude Photos

(Related) ...in a “phones in California sorta way”
Secure Your Mobile Phone
… Want to stop big brother from sinking his teeth into your data? Well, it's not easy to do. In fact, you probably can't stop determined experts from getting into your phone. You can, however, put up some roadblocks that will slow them down and most likely stump the average person — law enforcement or otherwise — from accessing your data. Here's our guide to securing your mobile phone.


Facebook v. the Irish Data Protection laws. “You have no idea how much we know about you, and we'd like to keep it that way.” NOTE: Includes an interesting list of the data generating techniques they built into the system.
Facebook: Releasing your personal data reveals our trade secrets
October 12, 2011 by Dissent
Emil Protalinski writes:
An Austrian group called Europe versus Facebook has so far made 22 complaints regarding the social network’s practices. In the process, the organization has stumbled upon an important tidbit: Facebook says it is not required to give you a copy of some of your personal data if it deems doing so would adversely affect its trade secrets or intellectual property.
Read more on ZDNet.

(Related) What Facebook HQ says...
Facebook: The law reasonably states you can’t have all your data

(Related) “Oh look! Another way to gather user data! Quick, let's change our Privacy Policy.” (At least they sent a notice of the change...)
Verizon tweaks privacy policy for ad targeting based on physical address
October 13, 2011 by Dissent
Larry Dignan writes:
Verizon is changing its privacy policy so local advertisers can better target customers based on physical address.
In an email to customers, Verizon noted that it started a program where advertisers can target Verizon Online customers by physical address. The address will be masked to advertisers, but the idea is that pitches will be more relevant.
The program is opt-out so if the targeting is troubling you’ll have to change your privacy settings.
Read more on ZDNet.


Unfortunately, a brief history of failure...
Many Failures: A Brief History of Privacy Self-Regulation in the United States
October 12, 2011 by Dissent
Bob Gellman and Pam Dixon have written a report for the World Privacy Forum: “Many Failures: A Brief History of Privacy Self-Regulation in the United States.” Here’s the summary of their report:
Major efforts to create self-regulatory, or voluntary, guidelines in the area of privacy began in 1997. Industry promoted privacy self-regulation at the time as a solution to consumer privacy challenges. This report reviews the leading efforts of the first self-regulatory wave from 1997 to 2007, and includes a review of the life span, policies, and activities of the Individual Reference Services Group, Privacy Leadership Initiative, Online Privacy Alliance, Network Advertising Initiative, BBBOnline Privacy Program, US-EU Safe Harbor Framework, Children’s Online Privacy Protection Act, and the Platform for Privacy Preferences. A key finding of this report is that the majority of the industry self-regulatory programs that were initiated failed in one or more substantive ways, and, many disappeared entirely. The report concludes with a discussion of possible reforms for the process, including a defined and permanent role for consumers, independence, setting benchmarks, and other safeguards.
You can read the full report here.
Pam will be testifying about the report and related issues tomorrow (Thursday) at the House Energy and Commerce Committee hearing, “Understanding Consumer Attitudes About Privacy,” at 9:00. You can find the witness list and prepared testimony at http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8979.


Perhaps it is easier to write a good (as in logical) law in countries where it is unlikely to be enforced?
Colombian Data Protection Law Approved by Constitutional Court
October 12, 2011 by Dissent
On October 7, 2011, the Constitutional Court of Colombia approved a landmark omnibus data protection law. … Some highlights include:
  • With certain exceptions, the law prohibits the processing of personal data without the data subject’s prior consent. When the personal data are sensitive data (e.g., health data), the consent must take the form of an explicit authorization.
  • The law permits cross-border transfers of personal data to countries that lack adequate data protection laws only in specified circumstances, such as (1) when the data subject has given express and unequivocal consent for the transfer (2) the transfer is necessary for the performance of a contract between the data subject and the data controller, or (3) with the approval of the Superintendence of Industry and Commerce.
  • The processing of children’s personal data is generally prohibited.
  • Data subjects have access rights.
Read more on Hunton & Williams Privacy and Information Security Law Blog.


A simple extension of “Face recognition” technology. Instead of “who is this?” the technology answers “What is this and where can I buy it?” (Which suggests why advertisers are interested in where you are...)
Point, Click, Search: eBay To Add Image Recognition To Mobile Apps
… The image recognition integration will allow users of eBay’s mobile apps to snap photos of items they see in the real world on their mobile phones, at which point the apps will then match the photo with similar products currently on sale on eBay.com.


A very useful video for researchers. (Also a simple, inexpensive way to “market” CU)
October 12, 2011
YouTube Training Videos: What is FDsys and How to Use FDsys
Government Information Education and Outreach Librarian.


It's for my starving students!
Get Paid For Your Opinions By Completing Online Surveys For Paid Viewpoint
Paid Viewpoint. PV, a market research survey site, has created a unique process for getting views from their members, making sure they get paid for their time and effort.
… Paid Viewpoint has streamlined the survey taking process, so that you don’t spend more than six minutes on average completing a survey. You earn points for each survey you complete.
The payout comes when you have earned $15 in points.
… You can earn additional points through Paid Viewpoint’s referral system–when your friends sign up and complete a minimum of six surveys. [Of course, I would never make it mandatory for my students to sign-up and complete surveys. Extra Credit maybe. Bob]
… Paid Viewpoint is an international site, but it only makes cashout payments through PayPal, which is done within 72 hours of you reaching your $15 USD earnings.


Handy backup storage! Collaborate and share files! ...and yes, find and download pirated movies...
The Top 10 Largest File Sharing Websites On The Net Right Now
A free account provides 10GB of free storage space which can be used to upload files below 2GB.
Registering a free account is worth it in order to net 200GB of free storage and a maximum upload file size of 2GB.
MediaFire’s free accounts are supported with adverts and pleasantly provide no limits to your total storage or number of files. The drawback? A maximum file size of 200MB.
Not a cyberlocker, but a search engine which scours other cyberlockers and returns the results in one easy to find place.
A free membership allows you to upload all you want, with no restrictions. That’s right – unlimited file size and unlimited storage for free! However, if a file is not downloaded within 30 days it is earmarked for deletion – so be warned.
A public torrent tracker currently indexing over 3.5 million torrents in a variety of categories.
FileServe provides free accounts that are good for files under 1GB.
A relatively average site, only allowing for files up to 400MB to be uploaded for free.
Torrentz is a no-fuss search engine designed to check elsewhere so you don’t have to.
Deposit Files is the least popular of all the file sharing websites on this list, yet has an incredible free option. With maximum file sizes of 2GB, unlimited storage and no deletion policy, this host is a beast.


Tools for students...
Programr.com - Learn To Code Online
Learning languages like Java, C++, C# and PHP is no longer something that is done within a classroom. Sites like Programr enable people who have no prior knowledge of such languages learn all there is to know using their computers, in the comfort of their own rooms.


Ditto
Apple publishes guide on how to set up iCloud
The guide explains how to get the online service working on Apple's iOS devices (iPhone, iPad, iPod Touch) as well as on a PC and Mac, a process that can be confusing.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)