Possible this breach could set a new
record? Stand by for news...
MasterCard,
VISA Warn of Processor Breach
March 30, 2012 by admin
Brian Krebs reports:
VISA and
MasterCard are alerting banks across the country about a recent major
breach at a U.S.-based credit card processor. Sources in the
financial sector are calling the breach “massive,”
and say it may involve more than 10 million
compromised card numbers. [If so, the record is safe Bob]
Read more on KrebsonSecurity.
As always, Brian is all over this story and has gotten some leads
from sources and interviews:
Sources at two
different major financial institutions said the transactions that
most of the cards they analyzed seem to have in
common are that they were used in parking garages in and around the
New York City area.
Ever since Heartland’s breach,
numerous breach reports in the media have (erroneously) mentioned a
payment processor. This time, it sounds like we really do have
another processor breach. Brian reports that “PSCU —
a provider of online financial services to credit unions — said it
alerted 482 credit unions that appear to have had cards impacted by
the breach.”
ELGA
, a credit union in Michigan, was one of the credit unions that
received notification, although it’s not clear whether they were
notified by PSCU or by VISA or MasterCard; 450 of their members were
reportedly affected.
The missing information will eventually
come out. Why are they holding it back? It makes them look either
ignorant or secretive – or both.
By Dissent,
March 29, 2012
Steven Harmon reports:
In a puzzling
breach of security, computer storage devices containing
identification information of 800,000 Californians using the state’s
child support services have gone missing.
The Department of
Child Support Service reported on Thursday the data devices were lost
March 12 en route to California from the Colorado
facilities of IBM, one of the contractors in charge of the storage
devices.
Read more on Mercury
News.
From the FAQ
posted by DCSS:
1. What happened?
… The devices
were in transit from IBM’s facility in Colorado to California.
Upon arrival, several devices were missing.
2. When did it
happen?
We were notified
on March 12th that the storage devices were missing. It was
confirmed on March 20th that the devices contained personal
information.
Okay, but you
didn’t answer your own question: WHEN did it happen? And while
we’re at it, what transit system was being used to transport the
devices? – Dissent
Win friends and influence people...
NOT!
Shouldn’t
they be hearing this from you instead of me?
March 29, 2012 by admin
As if we needed another reason to
disclose breaches in a timely fashion:
Some
nuclear workers are really upset that the Office of Workers’
Compensation Programs didn’t inform them of the Impairment
Resources breach. It seems that they first learned about it from a
recent post on
this blog.
Yeah, that’s no way to find out your
data were stolen months earlier.
Will Homeland Security be in charge of
voting security? A TSA agent at every polling place?
DHS:
Cybersecurity plays into online voting
As the 2012 presidential election revs
up, 33 states now permit some form of Internet ballot casting.
However, a senior cybersecurity adviser at the U.S. Department of
Homeland Security warned today that online voting
programs make the country's election process vulnerable to
cyberattacks. [Actually, no. It's crappy security that makes it
vulnerable. Bob]
… "Because we vote by secret
ballot there is no way to confirm that a digital ballot cast over the
Internet is received as it was sent, making detection difficult if
not impossible." [Horsefeathers! Bob]
...but how do you get your name off the
“Harass this uppity second class citizen” list?
Judge:
Bradley Manning supporter can sue government over border search
David Maurice House, an MIT researcher,
was granted the right to pursue a case against the government on
Wednesday after a federal judge denied the government’s motion to
dismiss.
The American Civil Liberties Union
filed
a federal lawsuit in May 2011 on House’s behalf, charging that
he had been targeted solely for his lawful association with the
Bradley Manning Support Network.
… “Despite the government’s
broad assertions that it can take and search any laptop, diary or
smartphone without any reasonable suspicion, the court said the
government cannot use that power to target political speech.”
US customs agents met and briefly
detained House as he deplaned at Chicago’s O’Hare Airport in
November 2010. The agents searched House’s bags, then took him to
a detention room and questioned him for 90 minutes
about his relationship to Manning (the former Army intelligence
analyst currently facing a court martial for leaking classified
documents to the secret-spilling site WikiLeaks). [Why would TSA even
know about this? Is there that much background on every traveler?
Bob] The agents confiscated a laptop computer, a thumb
drive, and a digital camera from House and reportedly demanded, but
did not receive, his encryption keys.
DHS held onto House’s equipment for
49 days and returned it only after the ACLU sent a strongly worded
letter.
Perhaps this is how you get on some of
those government lists?
The
Perils of Social Reading
March 30, 2012 by Dissent
Back in January, Neil Richards had
commented
on attempts to amend the Video Privacy Protection Act (VPPA),
suggesting that allowing “seamless” sharing could be cutting back
on important privacy protections that we should not weaken. Neil’s
argument didn’t convince me that we shouldn’t allow those who
want to share, to share, and I posed
some questions to him.
I am pleased to point readers to Neil’s
fuller article on this topic, which will be published in the
Georgetown Law Journal, “The Perils of Social Reading.”
Here’s the abstract:
Our
law currently treats records of our reading habits under two
contradictory rules – rules mandating confidentiality, and rules
permitting disclosure. Recently, the rise of the social
Internet has created more of these records and more pressures on when
and how they should be shared. Companies like Facebook, in
collaboration with many newspapers, have ushered in the era of
“social reading,” in which what we read may be “frictionlessly
shared” with our friends and acquaintances. Disclosure and sharing
are on the rise.
This Article
sounds a cautionary note about social reading and frictionless
sharing. Social reading can be good, but the ways in which we set up
the defaults for sharing matter a great deal. Our reader records
implicate our intellectual privacy – the protection of reading from
surveillance and interference so that we can read freely, widely, and
without inhibition. I argue that the choices we make about how to
share have real consequences, and that “frictionless sharing” is
not frictionless, nor it is really sharing. Although sharing is
important, the sharing of our reading habits is special. Such
sharing should be conscious and only occur after meaningful notice.
The stakes in this
debate are immense. We are quite literally rewiring the public and
private spheres for a new century. Choices we make now about the
boundaries between our individual and social selves, between
consumers and companies, between citizens and the state, will have
unforeseeable ramifications for the societies our children and
grandchildren inherit. We should make choices that preserve our
intellectual privacy, not destroy it. This Article suggests
practical ways to do just that.
You can download the full article from
SSRN.
I try to avoid using words like
“Philosophy” in my classes, it tends to frighten the students...
The
Philosopher Whose Fingerprints Are All Over the FTC's New Approach to
Privacy
… The standard explanation for
privacy freakouts is that people get upset because they've "lost
control" of data about themselves or there is simply too much
data available. Nissenbaum argues that the real problem "is the
inappropriateness of the flow of
information due to the mediation of technology." In her scheme,
there are senders and receivers of messages, who communicate
different types of information with very specific expectations of how
it will be used. Privacy violations occur
not when too much data accumulates or people can't direct it, but
when one of the receivers or transmission principles
change. The key academic term is "context-relative
informational norms." Bust a norm and people
get upset.
The Google Feature-du-jour. Also see
the “Play” link on the Google Home page.
Google
Would Like Your Thoughts on This Gluten-Free Brownie Mix
Google has rolled
out a new feature: Consumer
Surveys, a scheme that takes a series of marketer-to-consumer
surveys and puts them to work on the sites of media publications.
The new feature is the official version of the "surveywall"
that Nieman Lab's Justin Ellis reported on when
he came across an experimental version of it back in October.
It's "basically a substitute for a paywall,"
Consumer Surveys product manager Paul McDonald says.
… Google pays publishers for
hosting the surveys (the equivalent of a $15 CPM); marketers, in
turn, pay Google for the demographic-targetable
data the publisher-hosted surveys provide; and users, in turn --
provided they don't find the pop-up microsurveys too annoying to
complete -- get an alternate way of accessing publisher content that
they might otherwise be made to pay for.
I capture lots of videos for my
classes. I'm always looking at new tools...
Web Video Fetcher is an online tool
that allows users to convert any audio or video URL from YouTube,
Myspace, Google, Facebook or any other site
into much more common formats such as Mp3, Mp4, FLV in a few simple
clicks.
The very first thing you should do is
find the video/audio which you want to convert and save in your
computer. Once you find it, just copy the link and paste it into the
text-box provided and click the “Search” icon. The
website will automatically figure out the format of the
audio/video and provide you with the options to download the
video/audio in the common file formats.
List of suported websites:
https://docs.google.com/viewer?url=http://webvideofetcher.com/docs/webvideofetcher_com_supportedsites.pdf
No comments:
Post a Comment