Government probably never promised to keep everything confidential. It gets back to the “public information” vs. “analyzed, categorized and published information” debate.

http://www.databreaches.net/?p=22424

Office of the New York City Public Advocate Hacked

December 24, 2011 by admin

Okay, this is bad. So bad that if it had been published before I wrote my “worst breaches of 2011” post, it would have probably made the list.

The Office of the New York City Public advocate was hacked and the entire database appears to have been dumped, including thousands of pages of highly personal details of those who sought the public advocate’s assistance via a form on their web site: names, addresses, telephone numbers, e-mail addresses, medical conditions, financial woes, and reports of abuse and domestic violence as well as the expected complaints about landlords, construction, noise, and rats and mice — lots and lots of rats and mice. The requests for assistance appear to go back to April 2010, raising the question as to why such old material was still on the server instead of being archived or moved offline.

Politically, exposure of reports of alleged police misconduct and city government incompetence should be embarrassing to the agency. That is, if the mainstream media ever find out about the breach and journalists decide to work their way through the entries.

IT has faced this problem AT LEAST since the early days of Apple computers (with VisiCalc) IT tried to ban or at least avoid responsibility for PC's (Little machines for little problems), local area networks, even phone systems (the early link to the Internet)

Sorry, IT: These 5 Technologies Belong To Users

"The BYOD (bring your own device) phenomenon hasn't been easy on IT, which has seen its control slip. But for these five technologies — mobile devices, cloud computing services, social technology, exploratory analytics, and specialty apps — it has already slipped, and Forrester and others argue IT needs to let go of them. That also means not investing time and money in all the management apps that vendors are happy to sell to IT shops afraid of BYOD — as this post shows, many just won't deliver what IT hopes."

If your insurance company required you to follow “Best Practices” to collect on your policy, would you comply? (I've got five years of examples saying “No!”)

Cyber Insurance Industry Expected To Boom

"The high profile hacks to Sony's systems this year were quite costly — Sony estimated losses at around $200 million. Their insurance company was quick to point out that they don't own a cyber insurance policy, so the losses won't be mitigated at all. Because of that and all the other notable hacking incidents recently, analysts expect the cyber insurance industry to take off in the coming year. 'Last October, the S.E.C. issued a new guidance requiring that companies disclose "material" cyber attacks and their costs to shareholders. The guidance specifically requires companies to disclose a "description of relevant insurance coverage." That one S.E.C. bullet point could be a boon to the cyber insurance industry. Cyber insurance has been around since the Clinton administration, but most companies tended to "self insure" against cyber attacks.'"

A project for Computer Law students?

Ask Slashdot: How Best To Deal With a GPLv2 License Infringement?

"I am a developer and released some code at one point under GPLv2. It's nothing huge — a small Drupal module that integrates a Drupal e-commerce system (i.e. Ubercart) with multiple Authorize.net accounts — but very useful for non-profits. Earlier today I discovered that a Drupal user was selling the module from their website for $49 and claiming it was their custom-made module. I'm no lawyer, but my perspective is this violates both the spirit and law of GPLv2, most specifically clause 2-b: 'You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License.' Am I correct in my understanding of GPLv2? Do I have any recourse, and should I do anything about this? I don't care about money, [Consider everything an attorney fee? Bob] I just don't want someone selling stuff that I released for free. How do most developers/organizations deal with licensing infringements of this type?"

Is this a real concern, or does Putin have adequate control? If “Arab Spring” was hot, imagine a “Russian Winter”

http://www.smh.com.au/world/protesters-target-putin-for-their-russian-winter-20111225-1p9j8.html

Protesters target Putin for their 'Russian Winter'

TENS of thousands of people fed up with Vladimir Putin's domination of Russian politics and his perceived arrogance towards them jammed one of Moscow's broadest avenues to protest, vowing to keep building the pressure until the long-time leader is driven from power.

''Russia without Putin!'' the crowd chanted as it protested against alleged fraud during recent parliamentary elections in which Prime Minister Putin's United Russia Party garnered nearly 50 per cent of the vote.