So you took “naked or partially
dressed” pictures of an under-aged female, and you're upset with
her?
Lower
Merion Laptop Lawsuit Redux: Robbins Family Sues School District
Again
December 8, 2011 by Dissent
Thomas J. Walsh reports:
Charging that she
was remotely monitored while naked or partially dressed, another
webcam lawsuit
has been filed against the Lower Merion School District—this
time by Paige Robbins, 18, the sister of Harriton High School student
Blake Robbins, who sued the district two years ago for invasion of
privacy and other charges, eventually accepting a $175,000
settlement.
The Lower Merion
School District (LMSD) fired back immediately Thursday, saying it
appeared Paige Robbins purposefully waited until she turned 18 to
file the suit as an adult, to win a separate payday of her own.
Read more on Patch.com
Not intended to be public, still what
kind of “internal website” would this have been ? Customer
service? Why would it even be possible to make this database
accessible outside the company?
Telstra
internal website made public, releasing account details of up to one
million customers
December 9, 2011 by admin
Michelle Ainsworth reports:
Account details of
up to one million Telstra customers have
possibly been breached after an internal website was made public.
The website listed Telstra customers on bundle plans and included
their names, plan types, contact they had had with Telstra customer
service and in some instances their account passwords, the Herald Sun
reported.
It was found by a
Telstra customer who had googled looking for a customer service phone
number.
Read more on The
Herald Sun.
Asher Moses and Ben Grubb of The
Age provide additional details, including customer reactions:
Another customer
and freelance writer, Emily Eklund of Rozelle in NSW, said she was
“frustrated” that her username, password, credit check history
and extensive correspondence with a Telstra staff member was
available when she checked if her information was accessible on the
Telstra site at 4.30pm AEDST today.
“My concern was
that [anyone who knew about the site] had access to my email with a
password,” she said. “They could have accessed any of my
personal emails which could include details to other important
information of mine.
Hacking US POS terminals from the
comfort of your vacation home in beautiful Romania.
http://www.databreaches.net/?p=22065
Four
Romanian nationals indicted for hacking Subway and 50 other
merchants’ POS systems
December 8, 2011 by admin
The U.S. Dept. of Justice has
issued a press release about an indictment that may relate to some
breaches involving Subway Restaurant previously reported on this
blog. The case was filed May 4, but the indictment has just been
unsealed.
Four Romanian nationals have been
charged in federal court for their alleged participation in an
international multimillion dollar scheme to remotely
hack into and steal payment card data from hundreds of U.S.
merchants’ point of sale (POS) computer systems.
Adrian-Tiberiu Oprea, 27, of Constanta,
Romania; Iulian Dolan, 27, of Craiova, Romania; Cezar Iulian Butu,
26, of Ploiesti, Romania; and Florin Radu, 23, of Rimnicu Vilcea,
Romania, were charged in a four-count indictment filed in the
District of New Hampshire with conspiracy to commit computer fraud,
wire fraud and access device fraud. Oprea was arrested last week in
Romania and is currently in custody there. Dolan and Butu were
arrested upon their entry into the United States on Aug. 13 and Aug.
14, 2011, respectively, and remain in United States custody. Radu
remains at large.
According to the indictment, from
approximately 2008 until May 2011, Oprea, Dolan,
Butu and Radu conspired to remotely hack into more than 200
U.S.-based merchants’ POS systems in order to steal customers’
credit, debit and gift card numbers and associated data. The
indictment alleges that as part of the conspiracy, the members
remotely scanned the internet to identify vulnerable POS systems with
certain remote desktop software applications (RDAs) installed on
them, and using these RDAs, the conspirators logged onto the targeted
POS systems over the internet, either by guessing the passwords or
using password-cracking software programs. The failure of a number
of installers and users to change the default login credentials on
such RDAs has been a factor in other cases reported on this blog in
the past and Visa has repeatedly advised merchants to disable RDAs
unless absolutely necessary. In this case, the members also
allegedly installed keyloggers and a backdoor to allow them further
access to the systems over time. Prosecutors allege that the
conspirators repeatedly “downloaded a hacker tool that is designed
to evade detection, “xp.exe,” from the “kitsite.info” “dump
site” onto victims’ POS terminals.” Data were stored on
domestic and non-U.S. servers including ftp.shopings.info,
ftp.justfuckit.info, ftp.cindarella.info, ftp.kitsite.info,
ftp.tushtime.info, ftp.canadasite.info, and sendspace.com. The dump
sites also included compromised internet-connected computers
belonging to unsuspecting small business owners or individuals,
including a computer server owned by a small business in
Pennsylvania. Many of the dump sites were registered with
GoDaddy.com.
Merchant victims include more than 150
Subway restaurant franchises (which is less than 1
percent of all Subway restaurants), located throughout the United
States, including in the District of New Hampshire, as well as more
than 50 other identified retailers. According to the
indictment, members of the conspiracy have compromised the credit
card data of more than 80,000 customers, and millions of dollars of
unauthorized purchases have been made using the compromised data.
The other merchants were not named in the indictment.
If convicted, the defendants face a
maximum of five years in prison for each count of conspiracy to
commit computer related fraud, 30 years in prison for each count of
conspiracy to commit wire fraud and five years in prison for each
count of conspiracy to commit access device fraud. They also face
fines up to twice the amount of the fraud loss and restitution.
Although it didn’t garner much media
coverage, this blog had reported incidents involving card fraud at
Subway locations in California and New York in 2009
and May 2010.
Without knowing the identities of the other merchants, it’s unclear
whether we knew about any of their breaches at the time or whether
they ever notified affected customers.
Sure, why not? Some of my “financially
challenged' students “Shop” for USBs in the school's lost &
found. Also, If I “conduct security research” by examining a few
dozen USB drives, I'll have plenty of 'stocking stuffers.'
AU:
Railcorp blunder as personal details offered in rail sale
December 9, 2011 by admin
Finders, keepers? Can you just auction
off lost USB drives left on trains without regard to whether they
contain sensitive information? Maureen Shelley reports:
A bunch of USB
memory sticks, which hold private photos and data, left by passengers
on Sydney trains were sold by Railcorp at a lost property auction.
Computer security
company Sophos, which bought the sticks, said they contained
thousands of photographs, work projects, minutes of meetings and
university assignments as well as a job application and resum aac
(sic).
NSW Information
and Privacy deputy commissioner John McAteer said that his office was
investigating a possible breach of the Privacy Act by RailCorp and
whether it had kept passengers’ private data safeguarded.
Read more on The
Daily Telegraph.
At least when the Godfather said, “It's
business, Sonny, it's not personal,” you knew the target wasn't
civilians...
All
she wants for Christmas is for us – and Congress – to ignore
human rights
December 8, 2011 by Dissent
Tatiana Lewis, World Program Director
of Intelligence Support Systems in Virginia, wrote a letter to the
editors of the Wall Street Journal that is so simultaneously
ludicrous and pathetic that I don’t know whether to spit, laugh, or
suggest she take a course on human rights. Here’s her letter,
and I’ll meet you on the other side:
The article
“Document
Trove Exposes Surveillance Methods” (page one, Nov. 19) will
have a negative effect on job creation in the U.S. as attention of
this kind makes U.S. manufacturers gun shy about developing, and
eventually exporting, anything that can remotely be used to support
government surveillance.
Based on our work
with customers from around the globe, we expect that most countries
outside the U.S. and Western Europe will begin to
place intercept mandates on social networks, [“begin to?” Bob]
especially following the Arab Spring. This would give U.S. companies
an opportunity to develop such tools and thus create jobs.
We are concerned
that the article and others like it contribute to an atmosphere where
Congress isn’t likely to pass an updated lawful-interception law.
The law would require social-networking companies to deploy special
features to support law enforcement. Without the update, the
opportunity for U.S. companies to develop and launch intercept
products domestically for eventual export will be greatly curtailed.
Additionally, in
some countries U.S. companies are already refusing to provide
intercept support and are banned from doing business. But
Chinese equivalents, with lawful-intercept features, crop up in their
absence. [Lawful under whose laws? Bob] Like it or not,
many countries will adopt the Chinese model, leaving U.S. companies
and job growth behind.
So, to be clear, Ms. Lucas is arguing
that we should throw human rights out the window to enable American
businesses to make huge profits by supporting unconscionable
surveillance of human rights activists. We should not put pressure
on American businesses to behave ethically because, well hey, there’s
big money to be made, and if American businesses don’t make it,
Chinese businesses will. If people are going to be surveyed,
tortured, and imprisoned anyway, we should just lie back and allow
American businesses to make a profit off it.
Think again, Ms. Lucas.
And then again.
You seem to have an ethical screw
that’s seriously loose.
(Related) My God, she's right! We'll
have to move the business to China!
"The European Union is asking
companies that sell surveillance and law enforcement tech to
repressive regimes to stop
doing so. The EU is not taking concrete action yet, but has
warned that sanctions may be applicable. All this comes little more
than a week after Wikileaks published the Spy
Files, a name-and-shame list of the companies offering tools for
mass surveillance and interception to despotic regimes, but also to
Western governments."
Now this is smart! Proof you copied
the game (often all a hacker wants is bragging rights) Still it
shows off the game, perhaps enticing a purchase?
The developer of Serious Sam 3 came up
with some creative DRM.
Pirates can play but not for long, as
they are up against an invincible scorpion.
No mercy, let them bleed to death.
This is not really new. Microsoft has
been pushing software “updates” to your computer for years.
"The terms of service for
Microsoft's newly launched Windows Store allows the
seller [not
just Microsoft? Bob] to
remotely
kill or remove access to a user's apps for security or legal
reasons. The story also notes that MS states purchasers are
responsible for backing up the data that you store in apps that you
acquire via the Windows Store, including content you upload using
those apps. If the Windows Store, an app, or any content is changed
or discontinued, your data could be deleted or
you may not be able to retrieve data you have stored."
I'll take “Prior Art” for a
$Billion, Alex. (“We don't need no stinking Patent Lawyers.” )
"IBM's Watson is made of many
parts: speech recognition, natural language processing, machine
learning, and data mining. All of these factors were perfectly
combined to beat
Ken Jennings in Jeopardy, and now each of these components are
slowly finding their way into other applications. Health plan
company WellPoint, for example, is using Watson to investigate
patient records to improve diagnosis, and in a self-referential,
possibly universe-destroying twist, IBM itself is using
Watson to help sell Watson (and other IBM products) to other
companies. Now, using Watson's data mining and natural language
talents, IBM has created the Strategic IP Insight Platform, or SIIP,
a tool that has already scanned millions of medical patents and
journals for the sake of improving drug discovery — and in the
future, it's easy to see how the same tool could be used to battle
patent trolling, too."
This could be handy. I'll add it to
the “portable Firefox” on my thumb drive for use at school. Be
sure to watch the video!
CC:to me is one of those bookmarklets
that you are elated to have discovered, and also makes you wonder why
an idea as simple as this wasn’t implemented by anyone earlier. As
the name suggests, it allows you to email stuff to yourself via a
bookmarklet. The best part – you can drag and drop text, images,
videos and more from the web onto it and it emails them flawlessly
along with the link. It’s free at the moment (sign up needed), and
the pro accounts (coming soon) will bring goodies like multiple
recipients and more.
Try all 6, the price is right!
6
Best Desktop eBook Readers For Reading At Home (Or At Work)
… reading on a computer is nice
because it’s a device you already have. Buying expensive hardware
just to do one thing can be pricey, especially when computers can do
pretty much everything those devices can (and more).
Calibre:
The Ultimate eBook Software
Calibre is the
ultimate way to manage your collection on a desktop computer. It’s
compatible with seemingly every known ebook format on the planet, and
supports sending books to a wide variety of handheld ereaders and
smartphones.
This program does
too much for me to describe here, so find out all about Calibre in
Open
Book: Managing Your eBooks With Calibre, a free MakeUseOf
download.
Google
Books
Prefer using
something in your browser? You might not be able to install software
on your work computer, or you might switch computers regularly.
Whatever your reason, you should check out Google
Books, which gives you access to an eBook reader in your browser.
Firefox
EPUB Extension
Do you want to
read in your browser, but have already downloaded the EPUB files you
want to read? You’re in luck! A
Firefox extension for reading EPUB files works really well, and
is free to install right now.
Magic
Scroll
Upload your EPUB
file so you can read it in your browser. MagicScroll
is a great web-based eBook reader, featuring a very minimal
interface and intuitive keyboard shortcuts.
Kindle
Do you already own
a Kindle eReader,
or make use of the Kindle app on your smartphone? Make sue you
install the Kindle
software for your desktop computer, then. You’ll be able to
read your Kindle eBooks on your desktop. Best of all, your pages and
bookmarks will stay in sync with your device.
Kobo
Own a Kobo instead
of a Kindle? Me too! Good news: Kobo’s
desktop software gives you access to thousands of free eBooks,
and it’s free to download.
Nook
Are you a Nook
user? You should check out the Nook
software then. Like the above two programs, this eBook reader
gives you access to books you’ve purchased at its respective store,
and syncs.
No comments:
Post a Comment