Saturday, May 14, 2011

Finally posted yesterday's Blog at 11:00AM (and re-posted the Blog for the 12th)



An end to Flash Cookies?

http://www.pogowasright.org/?p=22851

Adobe Flash update puts users in charge of privacy

May 13, 2011 by Dissent

Robert McMillan reports:

Adobe has released an important update to its Flash Player software that fixes critical security flaws and gives users a better way of controlling whether they are being tracked on the Web.

The Flash Player 10.3 update, released Thursday, lets users manage Flash cookies using their browser’s privacy settings or through a new control panel.

Read more on Computerworld.



One airport, one Ranger?

http://www.pogowasright.org/?p=22856

Texas House passes bill banning TSA ‘groping

May 13, 2011 by Dissent

Jim Forsyth and Corrie MacLaggan of Reuters report:

The Texas House of Representatives late on Thursday approved a bill that would make invasive pat-downs at Texas airports a crime, after a former Miss USA said she felt “molested” at the Dallas/Fort Worth airport last month.

Transportation Security Administration agents could be charged with a misdemeanor crime, face a $4,000 fine and one year in jail under the measure.

Read more on MSNBC.



Could this be the MPAA's Betamax case?

http://yro.slashdot.org/story/11/05/13/215216/Zediva-Fights-Back-Against-MPAA?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Zediva Fights Back Against MPAA

"When Zediva burst onto the streaming scene earlier this year, they managed to do something nobody else was doing. Navigating around the copyright law, they found a way to stream rental movies not currently available on other services, because they were still inside the DVD sales window, and filled a role not currently part of the competitions' services. The service grants a 'rental' of the physical movie to the user, who is then able to stream it over the internet, usually with the option to re-rent after being played. By having it be a rental service, they were able to avoid some of the legalese associated with streaming movies outside of that sales window. Needless to say the MPAA was not pleased. But instead of making nice with the MPAA, Zediva has decided to fight back in the form of expensive legal heavy-hitters from 'elite San Francisco law firm Durie Tangri,' which has forced the MPAA to hire their own team of expensive legal ninjas. Zediva argues what most technologically informed people would when looking at this service: that they are essentially a rental service who are renting physical media, and providing the DVD player and a very long cable to the renter's TV."

[From the first article, MPAA claims:

“Zediva illegally streams movies to its customers without obtaining required licenses from the movie studios,” the MPAA states in their press release.

“Zediva claims it is like a brick-and-mortar DVD ‘rental’ store and therefore not obligated to pay licensing fees to copyright holders. But the DVD ‘rental’ label is a sham. In reality, Zediva is a video-on-demand service that transmits movies over the Internet using streaming technologies in violation of the studios’ copyrights,” the MPAA added.


(Related) Not quite “everything you wanted to know...” but interesting. Including a blast at Cloud Computing by RIAA.

http://web.docuticker.com/go/docubase/64316

Rethinking Music: A Briefing Book

May 13, 2011 15:54

Source: The Berkman Center for Internet & Society at Harvard University



“We ran the program before we tested it.”

http://politics.slashdot.org/story/11/05/13/2249256/Algorithm-Glitch-Voids-Outcome-of-US-Green-Card-Lottery?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Algorithm Glitch Voids Outcome of US Green Card Lottery

"Results for the United States Diversity Visa Lottery for 2012 were declared void due to a programming glitch in the random selection algorithm. At first, the results were published as promised on May, 1st. Then, on May, 6th, the results were withdrawn with the web site claiming to experience 'technical difficulties.' Today (May, 13th), it is declared that the results are invalid due to an algorithm glitch; the computer program has been fixed and the lottery will be re-run. The final results are expected to be published July 15th."



For the Privacy module in my Computer Security class... Not as good as some...

http://www.makeuseof.com/dir/waatp-excellent-people-search/

Waatp: An Excellent People Search Engine

www.waatp.com

Similar tools: Webmii, People Lookup and PeekYou.

Also read related articles:

15 Websites to Find People On The Internet
7 Tips For Effective Facebook People Search
3 Ways To Find People With Social Search Engines



Is this why everyone wants to see the pictures?

http://politics.slashdot.org/story/11/05/14/0028243/Porn-Reportedly-Found-At-Bin-Laden-Compound?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Porn Reportedly Found At Bin Laden Compound


Friday, May 13, 2011

This did not result in Centennial-Man being deleted, but at 7:45AM I can't update the Blog. Can I sue them anyway?

http://news.cnet.com/8301-1023_3-20062428-93.html

Blogger goes down, taking 30 hours of posts with it

Google's Blogger service has been offline or unreliable for much of the day, with Blogger-hosted blogs changed to read-only mode, and posts and comments made after 7:37 a.m. PDT on May 11, 2011, removed.

In a post on the Blogger help forum, the product team said that it had rolled back a scheduled maintenance release from last night and that its "engineers are working hard to return Blogger to normal and restore your posts and comments."



Either Marketing trumps Security or Consumers are ignorant or both?

http://ps3.ign.com/articles/116/1168039p1.html

PS3 Sales Up Despite the PSN Outage

The PlayStation Network has been offline for more than three weeks, but despite the outage, April saw an increase in PlayStation 3 sales. According to a Sony statement from Patrick Seybold, senior director of corporate communications at SCEA, NPD reported a 13 percent April increase for hardware sales and 40 percent year-over-year increase in software sales.

… Of course, April had 20 days to sell PS3s before the outage occurred, so the real test of consumer loyalty and the impact of this outage will come next month when May's sales are revealed.


(Related)

http://www.databreaches.net/?p=18226

Sony notifications to New Hampshire Attorney General’s Office

May 12, 2011 by admin

Although there doesn’t seem to be anything new in them, if you’re curious, you can see Sony’s breach notifications to New Hampshire of April 26 and May 2.



An Auditor? I'm professionally appalled... And there is no indication that this data was encrypted!

http://www.databreaches.net/?p=18228

OH: Laptop with financial information stolen from the home of state Auditor’s Office employee

May 12, 2011 by admin

Reginald Fields reports:

A state-owned laptop containing some financial audits of public offices in northwest Ohio was stolen this week during a burglary at a house in Findlay.

It was the home of a regional auditor for the state Auditor’s Office.

The employee, whose identity has not been released, was suspended for 15 days [Insufficient. Fire him! Bob] because a password that opens access to the financial records was attached to the computer, [A sticky note? Unbelievable. Bob] a violation of the office policy.

The Auditor’s Office said the public offices whose information was contained on the computer are being notified, according to a news release from Auditor Dave Yost’s office.

The release said there was very little personal information included in the files on the laptop.

Read more on Cleveland.com.

I wonder what they consider “very little personal information.”

[From the article:

In 2007, a data backup cartridge that contained sensitive information, including some Social Security numbers, for 1.3 million individuals, business and other entities was stolen from a car owned by a state intern.

After that incident, Ohio spent about $1.8 million for new software to better encrypt information on state computers and other electronic devices and add tracking devices to state computers so information could be deleted remotely.



For my Ethical Hackers: How would you detect these emails?

http://news.yahoo.com/s/ap/20110513/ap_on_re_us/us_bin_laden

How bin Laden emailed without being detected by US

… Bin Laden's system was built on discipline and trust. But it also left behind an extensive archive of email exchanges for the U.S. to scour. [Because he rarely deleted the emails? Bob]

… Holed up in his walled compound in northeast Pakistan with no phone or Internet capabilities, bin Laden would type a message on his computer without an Internet connection, then save it using a thumb-sized flash drive. He then passed the flash drive to a trusted courier, who would head for a distant Internet cafe.

At that location, the courier would plug the memory drive into a computer, copy bin Laden's message into an email and send it. Reversing the process, the courier would copy any incoming email to the flash drive and return to the compound, where bin Laden would read his messages offline.

… Navy SEALs hauled away roughly 100 flash memory drives after they killed bin Laden, and officials said they appear to archive the back-and-forth communication between bin Laden and his associates around the world.

Al-Qaida operatives are known to change email addresses, so it's unclear how many are still active since bin Laden's death. But the long list of electronic addresses and phone numbers in the emails is expected to touch off a flurry of national security letters and subpoenas to Internet service providers.



Interesting stuff.

http://www.pogowasright.org/?p=22832

UK: Police buy software to map suspects’ digital movements

May 13, 2011 by Dissent

Ryan Gallagher and Rajeev Syal report:

Britain’s largest police force is using software that can map nearly every move suspects and their associates make in the digital world, prompting an outcry from civil liberties groups.

The Metropolitan police has bought Geotime, a security programme used by the US military, which shows an individual’s movements and communications with other people on a three-dimensional graphic. It can be used to collate information gathered from social networking sites, satellite navigation equipment, mobile phones, financial transactions and IP network logs.

Read more in The Guardian.



http://www.databreaches.net/?p=18231

President’s cybersecurity agenda includes proposed federal data breach notification law

May 12, 2011 by admin

To cut to the chase: you can read the language of the proposed data breach notification law here.

Sadly, the proposed language allows entities NOT to notify affected individuals if they conduct a risk assessment and determine that there is no risk to those whose data were breached.

Other problems I see on a first reading are:

1. The law would only apply to entities dealing with 10,000 or more individuals in a 12-month period. That would still leave us without a national data breach law for smaller entities. Don’t their breaches put us at risk?

2. There does not seem to be a provision that would permit the FTC to reject an entity’s risk assessment exemption and to tell them that no, they must notify individuals.

3. The proposal does not require the entity to provide important details about the breach to affected individuals such as when the breach occurred and when it was first detected, or even how the breach occurred – was it a hack, or web exposure, or…?

4. The proposal would supersede much stronger state breach notification laws.

5. The proposal does not establish or recognize a private cause of action.

6. The proposal would still leave us without any national data breach notification law that would apply to paper records outside of HIPAA-covered entities.

7. The proposal does not require the breached entity to post a prominent notice linked from the home page of any web site they maintain.

I’m sure I’ll have other concerns when I read this again tomorrow, but right now, there’s just so much wrong with this weak bill that I wish someone would just go smack the WH on its head and tell them to read this blog or other privacy advocacy sites that have been pointing out certain problems and needs forever.

Update: The government has posted a section-by-section analysis of the data breach notification provisions.



Logic be damned! “On occasion, someone takes your pictures without compensation. From now on, we will take your pictures and receive compensation. Isn't that better?”

http://yro.slashdot.org/story/11/05/12/1935205/TwitPic-Will-Sell-Your-Photos-But-No-Cash-For-You?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

TwitPic Will Sell Your Photos, But No Cash For You

"Twitter picture-posting service TwitPic has defended its plans to sell users' photos, but still won't cut users in on the deal. TwitPic founder Noah Everett claims that the move has been made to 'protect' users of the service."

[From the Meejahor Blog:

As we’ve grown, Twitpic has been a tool for the spread of breaking news and events. Since then we’ve seen this content being taken without permission and misused. We’ve partnered with organizations to help us combat this and to distribute newsworthy content in the appropriate manner. This has been done to protect your content from organizations who have in the past taken content without permission. As recently as last month, a Twitpic user uploaded newsworthy images of an incident on a plane, and many commercial entities took the image from Twitpic and used it without the user’s permission.



...if you have a smartphone.

http://tech.slashdot.org/story/11/05/13/0451222/Facebook-Adds-Two-Factor-Authentication?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Facebook Adds Two-Factor Authentication

"To help its hundreds of millions of users prevent unauthorized access to their accounts, Facebook has added an optional verification step to its log-in process. The new security feature, called Login Approvals, is a form of two-factor authentication."


(Related) On the other hand...

http://techcrunch.com/2011/05/12/karma-is-a-bitch/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29

Facebook, You’re Going To Need A Better Answer For Your Slimeball Stunt

At this point, I think it’s pretty clear what Facebook’s strategy for this whole Burson-Marsteller caught-with-their-pants-down situation is going to be: say as little as possible and move on. And it will work.

Like it or not, Facebook is too integrated into the fabric of the web now for everyone to just walk away. As has been proven time and time again, people will get really angry with them for some misstep, and then totally forget about it a week later. So this is the smart play by Facebook.



Future watch: Perhaps we can look forward to e-Walmart? Or you might order stuff online and pick it up at Walmart (free shipping)

http://techcrunch.com/2011/05/13/walmart-invests-in-yihaodian-a-massive-chinese-e-commerce-company/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29

Walmart Invests In Yihaodian, A Massive Chinese E-Commerce Company


Blog for May 12th (Deleted when Blogger went down)

Of course they fixed it! (after initially denying that it existed) How could they sell something that advertisers could get for free?

http://www.makeuseof.com/tag/facebook-quietly-patches-massive-security-hole-millions-potentially-affected-news/

Facebook Quietly Patches A Massive Security Hole, Millions Potentially Affected [News]

Facebook has confirmed claims made by Symantec over millions of leaked “access tokens”. These tokens enable an application to access personal information and make changes to profiles, essentially giving third parties the “spare key” to your profile information, photographs, wall and messages.

It is not confirmed whether these third parties (mostly advertisers) knew about the security hole, though Facebook has since told Symantec that the flaw has been fixed. Access granted via these keys could have even been used to mine users’ personal data, with evidence that the security flaw could date back to 2007 when Facebook applications were launched.

… Users who are concerned that their access keys have been well and truly leaked should change their passwords immediately to automatically reset the token.

There was no news of the breach on the official Facebook blog, though revised application authentication methods have since been posted on the developers blog, requiring all sites and applications to switch to OAUTH2.0.



Even while the “victim” remains ignorant, banks and credit unions are taking action.

http://www.databreaches.net/?p=18213

(update) Michaels Stores finds tampered PIN pads in 20 states

May 11, 2011 by admin

As noted yesterday by Brian Krebs, the Michaels Store breach appears to be significantly larger than what was originally reported on May 4. NBC in Chicago reports:

The Irving, Texas-based company reports it removed 7,200 PIN pads from stores as a precautionary measure. Of those removed, less than 90 devices (or 1percent of the total devices) were identified as being compromised.

“The company has commenced replacing these PIN pads in all US stores,” Michaels said in an official statement, “and expects the replacement to be completed within the next 15 days.”

The list of 20 states with PIN pad tampering includes Illinois, Georgia, North Carolina, Ohio, Virginia, New Mexico, Iowa, Delaware, Colorado, Pennsylvania, Rhode Island, Utah, New Jersey, Nevada and Washington.

Gregory Karp of the Chicago Tribune adds:

llinois was hit the hardest, with PIN pads compromised in 14 Michaels stores, all in the Chicago region. They are Bloomingdale, Burbank, Chicago Ridge, Downers Grove, Glenview, Gurnee, McHenry, Mount Prospect, Naperville, Niles, Norridge, Skokie, Vernon Hills and Willowbrook.

The fraud attack has led many banks to proactively freeze bank accounts of customers they think may be vulnerable. [Overreaction? Bob] For example, Marquette Bank, with 24 branches in the Chicago region, said 1,900, or 3 percent, of its customers were identified as potential victims, meaning they made a PIN-based debit card transaction at Michaels over the past six months.

We were able to identify fraud early, before Michaels went public with their data breach, so we were able to avoid large losses,” said bank spokesman Jeff McDonald. The bank posted warnings on its Web page and on social media site Twitter, while it also called customers, sent letters and began proactively replacing debit cards of some customers. “Unfortunately, we have become experts in addressing these issues quickly with minimal customer inconvenience after dealing with past retail store breaches,” he said.

[...]

Credit Union 1 recently posted a warning on its website: “Due to an enormous surge in fraudulent ‘Pin based’ ATM transactions in California throughout the financial industry, Credit Union 1 has shut down the availability of ‘Pin based’ ATM transactions in California only. Effective immediately, when a ‘Pin based’ transactions occurs in California, your Credit Union 1 Visa Debit card will be ‘flagged and will not be able to be used again.”

A list of stores known to be affected are included in Michaels Stores’ official statement on pages 2 and 3.

This whole incident is reminiscent of the breaches involving Hancock Fabrics and ALDI.



For my Ethical Hackers.

http://techcrunch.com/2011/05/12/search-contrarian-blekkos-next-move-limiting-its-user-data-retention-to-48-hours/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29

Search Contrarian Blekko’s Next Move: Limiting Its User Data Retention To 48 Hours

Search engine Blekko, ever eager to differentiate itself and make headlines with its countless product development advances, is announcing today that it will reduce its data retention period to 48 hours, retaining far less user personal information (like IP addresses) than the the dominant players in the space.

For comparison, competitors Google and Yahoo are currently at 18 months of user data retention and Bing is at six months, which is the European standard. In fact, Yahoo recently extended its data retention policy from 90 days to 18 months because it needed it to “compete” with Google in offering personalized recommendations.



Crazy IS a defense...

http://www.phiprivacy.net/?p=6646

NY’s highest court rules HIPAA trumps Kendra’s law

By Dissent, May 11, 2011

Alison Frankel of Reuters reports:

U.S. privacy laws bar release of a mental health patient’s records as part of an effort to compel outpatient treatment unless the disclosure is authorized by the patient or a court, the New York Court of Appeals ruled on Tuesday.

It was the first time a state’s highest court had ruled on the scope of the Health Insurance Portability and Accountability (HIPAA) Act’s privacy provisions in an involuntary mental health treatment proceeding, said the patient’s lawyers, Scott M. Wells and Dennis Feld of the New York Mental Hygiene Legal Services.

The ruling was In the Matter of Miguel M. The New York City Department of Health and Mental Hygiene sought in 2007 to compel Miguel M. to receive mental health treatment under Kendra’s Law, a 1999 New York statute that permits public officials to demand outpatient treatment orders for mental health patients who have been hospitalized after failing to comply with treatment plans.

At the Supreme Court hearing on Miguel M.’s treatment order, counsel for the city asked to introduce into evidence records of the patient’s two recent hospitalizations for schizoaffective disorder. Although the city conceded that the records had been obtained without the patient’s consent or a court order, it argued that the disclosure was permissible under Kendra’s Law.

Miguel M.’s counsel opposed the introduction of his hospital records, citing HIPAA’s privacy strictures. After briefing on the question, the trial court admitted the records, finding that HIPAA permits the disclosure under a provision authorizing public health officials to collect information in order to prevent disease or injury or to conduct a public health investigation or intervention. An intermediate appellate court upheld the ruling.

But in Tuesday’s decision, the Court of Appeals found that neither of those exceptions to HIPAA’s presumption of privacy apply in this case.

Read more on Reuters.

I’m really pleased to see this decision.



“No conflict here. This is not the unethical behavior you are looking for. Move along.”

http://yro.slashdot.org/story/11/05/11/2156237/FCC-Commissioner-Leaves-To-Become-Lobbyist?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

FCC Commissioner Leaves To Become Lobbyist

"Meredith Attwell Baker, one of the FCC Commissioners, is leaving the FCC to become a lobbyist for Comcast-NBC, just four months after approving their merger deal. She refused to put any significant conditions on the merger, saying that the deal would 'bring exciting benefits to consumers that outweigh potential harms.' Comcast has released an official statement saying that, 'Meredith's executive branch and business experience along with her exceptional relationships in Washington bring Comcast and NBCUniversal the perfect combination of skills.'"



What does Facebook gain from this? Did they think it would allow them to say, “everyone does it?”

http://www.pogowasright.org/?p=22824

Facebook Busted in Clumsy Smear on Google

May 12, 2011 by Dissent

Dan Lyons reports:

For the past few days, a mystery has been unfolding in Silicon Valley. Somebody, it seems, hired Burson-Marsteller, a top public-relations firm, to pitch anti-Google stories to newspapers, urging them to investigate claims that Google was invading people’s privacy. Burson even offered to help an influential blogger write a Google-bashing op-ed, which it promised it could place in outlets like The Washington Post, Politico, and The Huffington Post.

The plot backfired when the blogger turned down Burson’s offer and posted the emails that Burson had sent him. It got worse when USA Today broke a story accusing Burson of spreading a “whisper campaign” about Google “on behalf of an unnamed client.”

But who was the mysterious unnamed client? While fingers pointed at Apple and Microsoft, The Daily Beast discovered that it’s a company nobody suspected—Facebook.

Confronted with evidence, a Facebook spokesman last night confirmed that Facebook hired Burson, citing two reasons: First, because it believes Google is doing some things in social networking that raise privacy concerns; second, and perhaps more important, because Facebook resents Google’s attempts to use Facebook data in its own social-networking service.

Read more in The Daily Beast.



I'm sure there is a law against acting like a teenager... Right?

http://news.cnet.com/8301-17852_3-20061728-71.html

Teen arrested after allegedly ranking girls on Facebook

The Chicago Tribune reports that the boy was arrested Monday and charged with disorderly conduct after he allegedly published on Facebook his rankings of female classmates.

There are those who find much of Facebook disorderly. However, the Chicago Sun-Times reported last month that the young gentleman had allegedly posted a comprehensive list, ranking 50 of his female classmates. It apparently included some rather predictable criteria.

There was allegedly a subjective bio of each girl, coupled with separate ratings for their faces and bodies and references to race, ethnicity, and alleged sexual behavior. There was also an indicator of whether their "stock" might be in the ascendancy or not. The vocabulary was not exemplary.

This, some might imagine, is precisely the content of conversations boys have with boys about girls. However, in this case, it was public, on Facebook, and accompanied by fliers that contained full details of the list.

Moreover, the Sun-Times reported that there exists a cell phone video in which the accused is seen at school addressing a crowd and proclaiming the philosophy: "Women are the future, unless we stop them now."



Fortunately, half a billion dollars is chicken feed...

http://www.bespacific.com/mt/archives/027244.html

May 11, 2011

Google Announces First Quarter 2011 Results and $500M Set Aside for DOJ Investigation

Google Announces First Quarter 2011 Results: "In May 2011, in connection with a potential resolution of an investigation by the United States Department of Justice into the use of Google advertising by certain advertisers, we accrued $500 million for the three month period ended March 31, 2011. Although we cannot predict the ultimate outcome of this matter, we believe it will not have a material adverse effect on our business, consolidated financial position, results of operations, or cash flows. As a result, we have updated the affected financial data in this release, as noted, as well as the accompanying financial tables."



'cause I know people who love 'em.

http://www.smashingapps.com/2011/05/11/40-insightful-yet-deadly-creative-examples-of-infographics.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+SmashingApps+%28Smashing+Apps%29

40 Insightful (Yet Deadly Creative) Infographics



You are unlikely to win a T-shirt, but the list is useful.

http://www.makeuseof.com/tag/needed-10-favorite-websites-tshirt/

[HELP NEEDED] Tell Us Your Top 10 Websites & Get A T-Shirt!



For my starving students...

http://news.cnet.com/8301-13845_3-20061950-58.html

Free Windows utility lowers your printing costs

Tired of burning through pricey ink and toner cartridges? PretonSaver Home promises to cut these consumable costs by up to 70 percent. Best of all, it's free.



For my programming students. Handles: Basic, C/C++, C#, CSS, HTML/XML, Java, Javascript, Perl, Python, Ruby and others.

http://www.makeuseof.com/dir/syntaclet-make-code-pretty/

Syntaclet: Makes Code Pretty & Easy To Read

As a developer you might find yourself browsing program codes on websites. Often sites do not neatly present these codes. SyntacLet is here to help you better understand those codes and display them in a friendlier manner.

SyntacLet is a browser bookmarklet that presents codes on websites in a neater manner.

… The language of the code is automatically detected.

www.syntaclet.com

Also read related articles: Top 10 Professional Sample Code Websites For Programmers and How To Change Default Webpage Source Editor Of Browsers.



The future of personal computing?

http://techcrunch.com/2011/05/11/google-posts-chromebook-product-page-with-specs-faq-and-notifications/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29

Google Posts Chromebook Product Page With Specs, FAQ, And Notifications

Just a few short moments after Google officially announced the Chromebook at its I/O event, the search giant also posted the Chromebook product page, offering up some some juicy details about what we can expect to see on these Chrome OS Notebooks for their June 15 arrival.

According to features listed on the product page, the Chromebooks are definitely catering to the demands of consumers, while simultaneously differentiating itself from other tablets on the market. The core idea behind the Chromebook is pretty simple: this device is virtually a barebones computer with Chrome OS running on top, rather than a traditional notebook.

The product page offers up a number of features, as well as basic specs for both versions of the Chromebook, manufactured by Samsung and Acer respectively. You’ll also find a support tab on the product page, which includes a guided tour, a FAQs page, and a help center. You can also sign up for notifications on the Chromebook under the highlighted “Notify Me” tab.

We’re pretty excited about the Chromebooks, so if this sounds as great to you as it does to us, check out Matt’s full coverage of the Chromebook announcement at Google I/O, or visit the Chromebook product page.


Thursday, May 12, 2011

Of course they fixed it! (after initially denying that it existed) How could they sell something that advertisers could get for free?

http://www.makeuseof.com/tag/facebook-quietly-patches-massive-security-hole-millions-potentially-affected-news/

Facebook Quietly Patches A Massive Security Hole, Millions Potentially Affected [News]

Facebook has confirmed claims made by Symantec over millions of leaked “access tokens”. These tokens enable an application to access personal information and make changes to profiles, essentially giving third parties the “spare key” to your profile information, photographs, wall and messages.

It is not confirmed whether these third parties (mostly advertisers) knew about the security hole, though Facebook has since told Symantec that the flaw has been fixed. Access granted via these keys could have even been used to mine users’ personal data, with evidence that the security flaw could date back to 2007 when Facebook applications were launched.

… Users who are concerned that their access keys have been well and truly leaked should change their passwords immediately to automatically reset the token.

There was no news of the breach on the official Facebook blog, though revised application authentication methods have since been posted on the developers blog, requiring all sites and applications to switch to OAUTH2.0.



Even while the “victim” remains ignorant, banks and credit unions are taking action.

http://www.databreaches.net/?p=18213

(update) Michaels Stores finds tampered PIN pads in 20 states

May 11, 2011 by admin

As noted yesterday by Brian Krebs, the Michaels Store breach appears to be significantly larger than what was originally reported on May 4. NBC in Chicago reports:

The Irving, Texas-based company reports it removed 7,200 PIN pads from stores as a precautionary measure. Of those removed, less than 90 devices (or 1percent of the total devices) were identified as being compromised.

“The company has commenced replacing these PIN pads in all US stores,” Michaels said in an official statement, “and expects the replacement to be completed within the next 15 days.”

The list of 20 states with PIN pad tampering includes Illinois, Georgia, North Carolina, Ohio, Virginia, New Mexico, Iowa, Delaware, Colorado, Pennsylvania, Rhode Island, Utah, New Jersey, Nevada and Washington.

Gregory Karp of the Chicago Tribune adds:

llinois was hit the hardest, with PIN pads compromised in 14 Michaels stores, all in the Chicago region. They are Bloomingdale, Burbank, Chicago Ridge, Downers Grove, Glenview, Gurnee, McHenry, Mount Prospect, Naperville, Niles, Norridge, Skokie, Vernon Hills and Willowbrook.

The fraud attack has led many banks to proactively freeze bank accounts of customers they think may be vulnerable. [Overreaction? Bob] For example, Marquette Bank, with 24 branches in the Chicago region, said 1,900, or 3 percent, of its customers were identified as potential victims, meaning they made a PIN-based debit card transaction at Michaels over the past six months.

We were able to identify fraud early, before Michaels went public with their data breach, so we were able to avoid large losses,” said bank spokesman Jeff McDonald. The bank posted warnings on its Web page and on social media site Twitter, while it also called customers, sent letters and began proactively replacing debit cards of some customers. “Unfortunately, we have become experts in addressing these issues quickly with minimal customer inconvenience after dealing with past retail store breaches,” he said.

[...]

Credit Union 1 recently posted a warning on its website: “Due to an enormous surge in fraudulent ‘Pin based’ ATM transactions in California throughout the financial industry, Credit Union 1 has shut down the availability of ‘Pin based’ ATM transactions in California only. Effective immediately, when a ‘Pin based’ transactions occurs in California, your Credit Union 1 Visa Debit card will be ‘flagged and will not be able to be used again.”

A list of stores known to be affected are included in Michaels Stores’ official statement on pages 2 and 3.

This whole incident is reminiscent of the breaches involving Hancock Fabrics and ALDI.



For my Ethical Hackers.

http://techcrunch.com/2011/05/12/search-contrarian-blekkos-next-move-limiting-its-user-data-retention-to-48-hours/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29

Search Contrarian Blekko’s Next Move: Limiting Its User Data Retention To 48 Hours

Search engine Blekko, ever eager to differentiate itself and make headlines with its countless product development advances, is announcing today that it will reduce its data retention period to 48 hours, retaining far less user personal information (like IP addresses) than the the dominant players in the space.

For comparison, competitors Google and Yahoo are currently at 18 months of user data retention and Bing is at six months, which is the European standard. In fact, Yahoo recently extended its data retention policy from 90 days to 18 months because it needed it to “compete” with Google in offering personalized recommendations.



Crazy IS a defense...

http://www.phiprivacy.net/?p=6646

NY’s highest court rules HIPAA trumps Kendra’s law

By Dissent, May 11, 2011

Alison Frankel of Reuters reports:

U.S. privacy laws bar release of a mental health patient’s records as part of an effort to compel outpatient treatment unless the disclosure is authorized by the patient or a court, the New York Court of Appeals ruled on Tuesday.

It was the first time a state’s highest court had ruled on the scope of the Health Insurance Portability and Accountability (HIPAA) Act’s privacy provisions in an involuntary mental health treatment proceeding, said the patient’s lawyers, Scott M. Wells and Dennis Feld of the New York Mental Hygiene Legal Services.

The ruling was In the Matter of Miguel M. The New York City Department of Health and Mental Hygiene sought in 2007 to compel Miguel M. to receive mental health treatment under Kendra’s Law, a 1999 New York statute that permits public officials to demand outpatient treatment orders for mental health patients who have been hospitalized after failing to comply with treatment plans.

At the Supreme Court hearing on Miguel M.’s treatment order, counsel for the city asked to introduce into evidence records of the patient’s two recent hospitalizations for schizoaffective disorder. Although the city conceded that the records had been obtained without the patient’s consent or a court order, it argued that the disclosure was permissible under Kendra’s Law.

Miguel M.’s counsel opposed the introduction of his hospital records, citing HIPAA’s privacy strictures. After briefing on the question, the trial court admitted the records, finding that HIPAA permits the disclosure under a provision authorizing public health officials to collect information in order to prevent disease or injury or to conduct a public health investigation or intervention. An intermediate appellate court upheld the ruling.

But in Tuesday’s decision, the Court of Appeals found that neither of those exceptions to HIPAA’s presumption of privacy apply in this case.

Read more on Reuters.

I’m really pleased to see this decision.



“No conflict here. This is not the unethical behavior you are looking for. Move along.”

http://yro.slashdot.org/story/11/05/11/2156237/FCC-Commissioner-Leaves-To-Become-Lobbyist?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

FCC Commissioner Leaves To Become Lobbyist

"Meredith Attwell Baker, one of the FCC Commissioners, is leaving the FCC to become a lobbyist for Comcast-NBC, just four months after approving their merger deal. She refused to put any significant conditions on the merger, saying that the deal would 'bring exciting benefits to consumers that outweigh potential harms.' Comcast has released an official statement saying that, 'Meredith's executive branch and business experience along with her exceptional relationships in Washington bring Comcast and NBCUniversal the perfect combination of skills.'"



What does Facebook gain from this? Did they think it would allow them to say, “everyone does it?”

http://www.pogowasright.org/?p=22824

Facebook Busted in Clumsy Smear on Google

May 12, 2011 by Dissent

Dan Lyons reports:

For the past few days, a mystery has been unfolding in Silicon Valley. Somebody, it seems, hired Burson-Marsteller, a top public-relations firm, to pitch anti-Google stories to newspapers, urging them to investigate claims that Google was invading people’s privacy. Burson even offered to help an influential blogger write a Google-bashing op-ed, which it promised it could place in outlets like The Washington Post, Politico, and The Huffington Post.

The plot backfired when the blogger turned down Burson’s offer and posted the emails that Burson had sent him. It got worse when USA Today broke a story accusing Burson of spreading a “whisper campaign” about Google “on behalf of an unnamed client.”

But who was the mysterious unnamed client? While fingers pointed at Apple and Microsoft, The Daily Beast discovered that it’s a company nobody suspected—Facebook.

Confronted with evidence, a Facebook spokesman last night confirmed that Facebook hired Burson, citing two reasons: First, because it believes Google is doing some things in social networking that raise privacy concerns; second, and perhaps more important, because Facebook resents Google’s attempts to use Facebook data in its own social-networking service.

Read more in The Daily Beast.



I'm sure there is a law against acting like a teenager... Right?

http://news.cnet.com/8301-17852_3-20061728-71.html

Teen arrested after allegedly ranking girls on Facebook

The Chicago Tribune reports that the boy was arrested Monday and charged with disorderly conduct after he allegedly published on Facebook his rankings of female classmates.

There are those who find much of Facebook disorderly. However, the Chicago Sun-Times reported last month that the young gentleman had allegedly posted a comprehensive list, ranking 50 of his female classmates. It apparently included some rather predictable criteria.

There was allegedly a subjective bio of each girl, coupled with separate ratings for their faces and bodies and references to race, ethnicity, and alleged sexual behavior. There was also an indicator of whether their "stock" might be in the ascendancy or not. The vocabulary was not exemplary.

This, some might imagine, is precisely the content of conversations boys have with boys about girls. However, in this case, it was public, on Facebook, and accompanied by fliers that contained full details of the list.

Moreover, the Sun-Times reported that there exists a cell phone video in which the accused is seen at school addressing a crowd and proclaiming the philosophy: "Women are the future, unless we stop them now."



Fortunately, half a billion dollars is chicken feed...

http://www.bespacific.com/mt/archives/027244.html

May 11, 2011

Google Announces First Quarter 2011 Results and $500M Set Aside for DOJ Investigation

Google Announces First Quarter 2011 Results: "In May 2011, in connection with a potential resolution of an investigation by the United States Department of Justice into the use of Google advertising by certain advertisers, we accrued $500 million for the three month period ended March 31, 2011. Although we cannot predict the ultimate outcome of this matter, we believe it will not have a material adverse effect on our business, consolidated financial position, results of operations, or cash flows. As a result, we have updated the affected financial data in this release, as noted, as well as the accompanying financial tables."



'cause I know people who love 'em.

http://www.smashingapps.com/2011/05/11/40-insightful-yet-deadly-creative-examples-of-infographics.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+SmashingApps+%28Smashing+Apps%29

40 Insightful (Yet Deadly Creative) Infographics



You are unlikely to win a T-shirt, but the list is useful.

http://www.makeuseof.com/tag/needed-10-favorite-websites-tshirt/

[HELP NEEDED] Tell Us Your Top 10 Websites & Get A T-Shirt!



For my starving students...

http://news.cnet.com/8301-13845_3-20061950-58.html

Free Windows utility lowers your printing costs

Tired of burning through pricey ink and toner cartridges? PretonSaver Home promises to cut these consumable costs by up to 70 percent. Best of all, it's free.



For my programming students. Handles: Basic, C/C++, C#, CSS, HTML/XML, Java, Javascript, Perl, Python, Ruby and others.

http://www.makeuseof.com/dir/syntaclet-make-code-pretty/

Syntaclet: Makes Code Pretty & Easy To Read

As a developer you might find yourself browsing program codes on websites. Often sites do not neatly present these codes. SyntacLet is here to help you better understand those codes and display them in a friendlier manner.

SyntacLet is a browser bookmarklet that presents codes on websites in a neater manner.

… The language of the code is automatically detected.

www.syntaclet.com

Also read related articles: Top 10 Professional Sample Code Websites For Programmers and How To Change Default Webpage Source Editor Of Browsers.



The future of personal computing?

http://techcrunch.com/2011/05/11/google-posts-chromebook-product-page-with-specs-faq-and-notifications/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29

Google Posts Chromebook Product Page With Specs, FAQ, And Notifications

Just a few short moments after Google officially announced the Chromebook at its I/O event, the search giant also posted the Chromebook product page, offering up some some juicy details about what we can expect to see on these Chrome OS Notebooks for their June 15 arrival.

According to features listed on the product page, the Chromebooks are definitely catering to the demands of consumers, while simultaneously differentiating itself from other tablets on the market. The core idea behind the Chromebook is pretty simple: this device is virtually a barebones computer with Chrome OS running on top, rather than a traditional notebook.

The product page offers up a number of features, as well as basic specs for both versions of the Chromebook, manufactured by Samsung and Acer respectively. You’ll also find a support tab on the product page, which includes a guided tour, a FAQs page, and a help center. You can also sign up for notifications on the Chromebook under the highlighted “Notify Me” tab.

We’re pretty excited about the Chromebooks, so if this sounds as great to you as it does to us, check out Matt’s full coverage of the Chromebook announcement at Google I/O, or visit the Chromebook product page.


Wednesday, May 11, 2011

...and the beat-down goes on. La-de-da-de-da...

http://games.slashdot.org/story/11/05/11/0423222/Sony-Could-Face-Developer-Exodus-On-PSN?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Sony Could Face Developer Exodus On PSN

"As the PlayStation Network outage continues, developers are feeling the economic pinch. There's been no word from Sony on whether they'll compensate companies who produce games for PSN, but Capcom has already said it's losing potentially 'millions' from the downtime. Worse yet, developers who rely on PSN revenues may jump ship if they aren't compensated, warns Dylan Cuthbert, creator of popular PSN game PixelJunk. 'I have a feeling they [Sony] are thinking about doing something or they will lose developers, which of course is pretty bad for them,' he said."

While a major shift away from the PS3 is unlikely — downtime or not, developers don't want to lock themselves out of such a big piece of the market — it does have undeniable negative effects on some companies. For example, Bethesda's FPS Brink, which focuses heavily on multiplayer, launched without that capability for PS3 users. You can bet Microsoft will use this outage as a selling point for exclusivity or Xbox-first arrangements.



No numbers yet, but “coast to coast” suggests it was not a lone teenager...

http://www.databreaches.net/?p=18201

Michaels Stores breach bigger than first reported

May 10, 2011 by admin

Brian Krebs reports that a breach involving Michaels Stores is not just a Chicago-area breach but is affecting stores nationwide:

Earlier this month, arts & crafts chain Michaels Stores disclosed that crooks had tampered with some point-of-sale devices at store registers in the Chicago area in a scheme to steal credit and debit card numbers and associated PINs. But new information on the investigation shows that many Michaels stores across the country have discovered compromised payment terminals.

Investigators close to the case, but who asked to remain anonymous because they did not have permission to speak publicly, said that at least 70 compromised POS terminals have been discovered so far in Michaels stores from Washington D.C. to the West Coast.

Read more on KrebsonSecurity.com

[From the article:

In an alert (PDF) sent to customers, Irving, Texas based Michaels Stores said it learned of the fraud after being contacted by banking and law enforcement authorities regarding fraudulent debit card transactions traced back to specific stores. The Beacon-News, a Chicago Sun-Times publication, last week cited local police reports from several victims, describing the typical fraud as multiple unauthorized withdrawals of up to $500 made from ATMs at banks on the West Coast. It remains unclear when affected stores were compromised.

It also is not clear yet how the fraudsters compromised the POS devices, or whether the devices were tampered with in-place, or were replaced with pre-compromised look-alikes. But investigators say the fraudsters have used the stolen data to create counterfeit cards that are used in tandem with stolen PINs to withdraw funds from ATMs.



For my Ethical Hackers. This is NOT the way to use your superpowers...

http://www.databreaches.net/?p=18198

Catch a clue from an EDU: Universities that get security right

May 10, 2011 by admin

Mary K. Pratt reports:

Professor Corey Schou was working in his school’s library when he realized his computer was picking up a particularly strong Wi-Fi signal.

Normally that would be welcome news. But Schou knew that spot was usually a dead zone, which meant something was probably amiss. So Schou, a professor of informatics at Idaho State University, set out with some of the school’s IT workers to solve the mystery.

Turns out a young man in a nearby coffee shop was causing trouble. “He was running an access point and broadcasting without credentials on the same address as the university’s access point, and people were logging in,” Schou says.

Read more on Computerworld.



For my Ethical Hackers, ditto. It should be fun to analyze though... Also note that even hackers can be hacked...

http://it.slashdot.org/story/11/05/11/1326257/Zeus-Crimeware-Kit-Source-Code-Leaked?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Zeus Crimeware Kit Source Code Leaked

"The source code to the infamous Zeus crimeware kit, which has been sold on underground forums for years, has been leaked and is now available for anyone to see if they know where to look. Security researchers over the weekend noticed that files appearing to contain the source code for the Zeus crimeware kit were starting to pop up on various forums frequented by attackers and cyber-criminals. The Zeus exploit kit is perhaps the most well-known kit of its kind right now, and has been used by a variety of attackers for numerous malware campaigns and targeted attacks."



A question for my Computer Security students: If they can easily tell where you are why do they need to install a “special chip?” What do you suppose the chip really does?

http://mobile.slashdot.org/story/11/05/10/2222233/Cellphones-Get-Government-Chips-For-Disaster-Alert?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Cellphones Get Government Chips For Disaster Alert

"The chairman of the Federal Communications Commission, Julius Genachowski, said the Commercial Mobile Alert System that Congress approved in 2006 will direct messages to cellphones in case of a terrorist attack, natural disaster, or other serious emergency. There will be at least three levels of messages, ranging from a critical national alert from the president to warnings about impending or occurring national disasters to alerts about missing or abducted children. The alert would show up on the phone's front screen, instead of the traditional text message inbox, and arrive with a distinct ring and probably a vibration. People will be able to opt out of receiving all but the presidential alerts."


(Related) If this can be implemented with “a software download” why do they need a chip?

http://www.wired.com/epicenter/2011/05/bloomberg-fema-fcc/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+wired%2Findex+%28Wired%3A+Index+3+%28Top+Stories+2%29%29

Bloomberg, FEMA, FCC Detail NYC Emergency Notification System

Mayor Michael R. Bloomberg unveiled the nation’s first comprehensive, geographically targeted emergency notification system for cellphones on Tuesday, declaring the launch to be a “quantum leap forward in using technology to help keep people safe.”

“The City’s opt-in Notify NYC system is a great example of that: It alerts people to dangers and delays via e-mail, text and phone, and it has become a national model of emergency communication.”

“But given the kinds of threats made against New York City at the World Trade Center, Times Square and other places popular with visitors and tourists, we’ll be even safer when authorities can broadcast warnings to everyone in a geographic area regardless of where they came from or bought their phone,” Bloomberg said.

PLAN runs on existing wireless networks but only a handful of the newest mobile phones are currently compatible, Bloomberg said, and they require a software download. The assembled wireless-company executives, including AT&T CEO Randall L. Stephenson and Verizon CEO Ivan Seidenberg, pledged their support for the system and said new devices will be equipped with a PLAN chip.

… About 90 percent [In New York, that's a “handful” Bob] of New Yorkers who have a PLAN-capable mobile device will be able to receive alerts from the system

the PLAN system will have the ability to override existing network traffic in times of emergency to ensure that critical alerts reach citizens. [What a target! Bob]



The “Recapitulation Theory” (Ontogeny Recapitulates Phylogeny) applies to Security as well. Every new technology is conceived with none of the “Best Practices” of earlier generations and must develop their own from scratch.

http://tech.slashdot.org/story/11/05/10/191259/WebGL-Poses-New-Security-Problems?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

WebGL Poses New Security Problems

"Researchers are warning that the WebGL standard undermines existing operating system security protections and offers up new attack surfaces. To enable rendering of demanding 3D animations, WebGL allows web sites to execute shader code directly on a system's graphics card. This can allow an attacker to exploit security vulnerabilities in the graphics card driver and even inject malicious code onto the system."



Not exactly on point, but will this even be noticed by the US Copyright Group which is going after 23,000 downloaders (see yesterday's blog)

http://www.databreaches.net/?p=18192

UK’s ICO fines ACS:Law for data breach (updated)

May 10, 2011 by admin

John Oates reports:

ACS:Law has been fined by the Information Commissioner’s Office for failing to follow data protection law.

The one-man law firm, which has since ceased trading, won infamy for using IP numbers to accuse people of illegal file-sharing. Victims received a letter offering to settle the claims rather than go to court. But ACS:Law never took anyone to court, and some judges doubted whether it ever had the legal basis to do so.

The ICO said it would have fined ACS:Law £200,000 for failing to keep information secure, but since it’s gone titsup it will instead fine Andrew Crossley as an individual.

Crossley has been served with notice to pay a fine of £1,000 because he has limited means.

Read more in The Register. Links to previous coverage of the ACS:Law breach can be found on DataBreaches.net.

In a press release issued today, the Information Commissioner, Christopher Graham, said:

“This case proves that a company’s failure to keep information secure can have disastrous consequences. Sensitive personal details relating to thousands of people were made available for download to a worldwide audience and will have caused them embarrassment and considerable distress. The security measures ACS Law had in place were barely fit for purpose in a person’s home environment, let alone a business handling such sensitive details.”

[...]

In September 2010, ACS Law’s website was subjected to an online attack which caused it to crash. After the attack a file containing emails between ACS Law staff, and some to and from ISPs or members of the public, appeared on a website which allowed anyone who downloaded the file access to around 6,000 people’s sensitive personal information. This included individuals’ ISP account details, their names and addresses, their IP addresses and information about the content they were alleged to have illegally copied. Some of the emails also included people’s credit card details, as well as references to their sex life, health and financial status.

The monetary penalty served on Andrew Jonathan Crossley is available on the ICO website here: http://www.ico.gov.uk/what_we_cover/promoting_data_privacy/~/media/documents/library/Data_Protection/Notices/acs_law_monetary_penalty_notice.ashx

Update: The ICO is being criticized by Privacy International for only fining Crossley £1,000 as an individual instead of fining the firm £200,000. Read more in The Guardian.


(Related) I don't suppose “Academic Purposes” is an adequate defense?

http://www.wired.com/threatlevel/2011/05/bittorrent-lawsuit-checker?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+wired%2Findex+%28Wired%3A+Index+3+%28Top+Stories+2%29%29

Find Out if You’re a Target in the Biggest U.S. BitTorrent Lawsuit Ever

More than 23,000 people will soon be notified by their internet service providers that their subscriber information is being turned over to lawyers suing over the 2010 Sylvester Stallone flick The Expendables.

As we first reported Monday, the case is the largest BitTorrent file-sharing lawsuit in U.S. history.

We just updated our IP Detective tool with the 23,322 IP addresses targeted between Feb. 5 and April 22 in the mass lawsuit filed by the Washington-based U.S. Copyright Group on behalf of Nu Image.

All told, more than 140,000 BitTorrent downloaders are being targeted in dozens of lawsuits across the country, many of them for downloading B-grade movies and porn. Film companies pay snoops to troll BitTorrent sites, dip into active torrents and capture the IP addresses of the peers who are downloading and uploading pieces of the files.

The Electronic Frontier Foundation has a great resource on what to do if you’re a target.



Grasping the obvious?

http://www.bespacific.com/mt/archives/027236.html

May 10, 2011

Law Enforcement Use of Global Positioning (GPS) Devices to Monitor Motor Vehicles: Fourth Amendment Considerations

CRS - Law Enforcement Use of Global Positioning (GPS) Devices to Monitor Motor Vehicles: Fourth Amendment Considerations, February 28, 2011

  • "As technology continues to advance, what was once thought novel, even a luxury, quickly becomes commonplace, even a necessity. Global Positioning System (GPS) technology is one such example. Generally, GPS is a satellite-based technology that discloses the location of a given object. This technology is used in automobiles and cell phones to provide individual drivers with directional assistance. Just as individuals are finding increasing applications for GPS technology, state and federal governments are as well. State and federal law enforcement use various forms of GPS technology to obtain evidence in criminal investigations. For example, federal prosecutors have used information from cellular phone service providers that allows real-time tracking of the locations of customers’ cellular phones. Title III of the Omnibus Crime Control and Safe Streets Act of 1958 (P.L. 90-351) regulates the interception of wire, oral, and electronic communications. As such, it does not regulate the use of GPS technology affixed to vehicles and is beyond the scope of this report. The increased reliance on GPS technology raises important societal and legal considerations. Some contend that law enforcement’s use of such technology to track motor vehicles’ movements provides for a safer society. Conversely, others have voiced concerns that GPS technology could be used to reveal information inherently private. Defendants on both the state and federal levels are raising Fourth Amendment constitutional challenges, asking the courts to require law enforcement to first obtain a warrant before using GPS technology."

[From the report:

In California, the Los Angeles Police Department “outfit[ted] its cruisers with air guns that can launch GPS-enabled ‘darts’ at passing cars.”15 Once affixed to a vehicle, police can track it in real time from police headquarters. The air guns are generally used in situations requiring immediate action such as a high-speed chase.



How will news be delivered and paid for. It's a long way from the three modes of communication in the mid-20th Century (telephone, telegraph and tell-a-woman)

http://www.bespacific.com/mt/archives/027228.html

May 10, 2011

The Story So Far: What We Know About the Business of Digital Journalism

"Can digital journalism be profitable? What's making money, what isn't, and why? A new report from Columbia University faculty members Bill Grueskin, academic dean of the Columbia Graduate School of Journalism, and Ava Seave, principal at Quantum Media and adjunct professor at the Columbia Business School, addresses these questions about the financial state of digital journalism. The report provides the most comprehensive analysis to date of the business challenges that for-profit news organizations face with their digital ventures. The report, The Story So Far: What We Know About the Business of Digital Journalism, is being issued by the school's Tow Center for Digital Journalism, which is committed to the research and advancement of journalism on digital platforms."



Because free is good! At least you can try programs very similar to those costing hundreds of dollars...

http://www.makeuseof.com/tag/7-free-open-source-programs-replace-commercial-windows-software/

The 7 Best Free Open Source Programs To Replace Commercial Windows Software

LibreOffice replaces Microsoft Office

Mozilla Thunderbird replaces Windows Live Mail

Inkscape replaces CorelDraw & Adobe Illustrator

GIMP replaces Adobe Photoshop

Blender replaces 3ds Max

BRL-CAD replaces AutoCAD

7-Zip replaces WinZip or WinRAR