Tuesday, August 14, 2012

Phil does good software. Adding the Seals is interesting, but probably not significant. Perhaps they could market to law firms for client communications?
Email Privacy Pioneer Launches Silent Circle To Protect Mobile, Internet Calls
August 14, 2012 by Dissent
An Internet privacy veteran and inventor of a popular email encryption scheme is launching a suite of new products next month that will allow people to scramble their mobile phone calls, e-mails, text messages and Internet voice and video calls.
Phil Zimmermann, creator of the standard email encryption known as PGP, which stands for ‘Pretty Good Privacy’, will roll out the private, encrypted communications tools on September 17 through his company, Silent Circle.
The software will be available for download to iPhones, Androids, desktops and laptops worldwide, and will give customers the ability to scramble their mobile and Internet voice calls and messages, including those conducted via Skype and FaceTime.
Read more on RedOrbit.

No mention of the resolution of the 'excessive force' claim. If the quotes were published in a newspaper article there would have been no violation (and everyone could claim they were mis-quoted) Would this also apply to a live TV interviewer asking the same questions? (Perhaps answering with a camera in your face is “consent?”)
Anatomy of a Privacy Victim
August 14, 2012 by Dissent
Stewart Baker writes:
Adam Mueller, a police-the-police campaigner, has been convicted and sentenced to three months in jail for recording and posting telephone conversations with a police captain, a high school principal and a school secretary in Manchester, NH. Mueller was calling for comment on a student’s cell phone video allegedly showing a Manchester officer using excessive force. The conviction has led to sympathetic coverage in both the left and right blogospheres.
But one point hasn’t gotten much coverage. It turns out that Mueller was convicted of violating a privacy law.
He had recorded a conversation “without the consent of all parties to the communication,” a violation of NH 570-A:2. New Hampshire is one of about a dozen “all party consent” states.
Read more on The Volokh Conspiracy

(Related) Another pesky Privacy law
By Dissent, August 14, 2012
Rich Daly reports:
Strong state privacy laws continue to complicate health information exchanges’ efforts to ease health-data sharing, a senior federal health technology official said Monday. And a key to overcoming such obstacles may be greater use of meta tags.
Joy Pritts, chief privacy officer in the Office of the National Coordinator for Health Information Technology, told a Washington health policy gathering that some health information exchanges are not accepting electronic health records containing mental health or substance-abuse data. Their refusal stems from concerns that certain state medical privacy laws that are more strict than federal law and require individual patient agreement before their data is shared preclude exchanges’ use of the information.
The proposed solution – meta-tagging sensitive elements and requiring patient permission to open the protected elements – may not be an adequate solution, however. In the last few years, we have seen all too many hacks of data that custodians may have believed were secure. As long as the sensitive data are embedded, they will be at some level of risk of acquisition and viewing by unauthorized individuals.
Read more on Modern Healthcare (free subscription required)

Perhaps the law does apply to Hulu
Hulu’s attempt to dismiss privacy lawsuit fails
August 13, 2012 by Dissent
Hulu’s attempt to dismiss a consolidated class action complaint alleging violations of the Video Privacy Protection Act (VPPA) failed when federal Magistrate Judge Laurel Beeler denied their motion on Friday.
The lawsuit (previous coverage) is one of a few that were filed over the use of re-spawning cookies (“supercookies”). In this case, the plaintiffs allege that their personally identifiable information was shared, without their knowledge or consent, with third parties that included online ad networks, metrics companies,and social networks such as Scorecard Research (“Scorecard”), Facebook, DoubleClick, GoogleAnalytics, and QuantCast.
Hulu’s arguments – all of which were rejected by the court – claimed that the plaintiffs did not have standing, a streaming service was not covered by the VPPA, and even if it was, the sharing of data was part of the firm’s “usual course of business,” and hence, did not violate the Act.
Their motion to dismiss also argued that the plaintiffs were not paid “subscribers” to their service. The VPPA talks about “consumers,” defined as renters, purchasers, or subscribers. Hulu argued – unsuccessfully – that the term “subscriber” should involve some payment, and since the plaintiffs hadn’t paid anything, they had no standing. The court disagreed.
In September 2011, Congressmen Markey and Barton asked the FTC to investigate the use of re-spawning cookies as a deceptive and unfair practice under the FTC Act. The FTC, however, has not taken any action that has been made public as of this date. .
In light of Hulu’s failure to get a dismissal of the lawsuit, can a settlement be far behind?

The tools of Big Brother
Big Brother is watching UAE’s kids: National ID cards roll-out
August 13, 2012 by Dissent
Emirati and expatriate children under the age of 15 across the country have to register for a national ID card by September 30 to avoid fines. There is however an exception for expatriate children whose visa is set to expire later this year…. Except the two exempted categories, most UAE residents have already registered for national ID cards, Al Khoury said. “About 95 per cent of the population has already registered as the deadline for all other categories has ended,” he said.
Read more on Albawaba.

We can, therefore we must?
Scottish police have snooped on emails and calls 85,000 times in the last five years
August 13, 2012 by Dissent
Mark Aitken reports:
Scots police have secretly accessed people’s private email and phone records more than 85,000 times in the last five years.
But each application to telecom firms for the information can contain requests for several different individuals, so the true scale of the scrutiny is far greater.
Northern Constabulary, who serve a population of 300,000, made more than 20,000 snooping applications – roughly one for every 15 people in the area.
Yesterday, one civil liberties campaigner warned Scotland was moving towards the same levels of surveillance as China and Iran.
Read more on Daily Record.

An argument we will have here in the US
Australian Privacy Foundation slams privacy amendments
August 13, 2012 by Dissent
Chris Jager reports:
The Australian Privacy Foundation (APF) has slammed the Federal Government’s proposed amendments to privacy legislation as a “lost opportunity” in improving areas such as credit reporting practices and protection from data off-shoring.
APF board member Nigel Waters told a Senate inquiry late last week that the proposed bill would “significantly weaken” privacy protections for Australians.
The amendments would introduce a new set of privacy principles aimed at improving practices within both Government and the private sector, while providing the Privacy Commissioner with new powers, and the ability to fine companies up to $1.1 million for repeated breaches of the law.
However, Waters criticised the proposed amendments for further complicating aspects of the privacy regime, stating the act would fail to meet current international best practice standards.
Read more on ITnews.

“Can't tell your claims without a scorecard!” (I still don't get it.)
All of Apple's patent claims against Samsung in one chart

Problems are inevitable, so we might as well create a few “I told ya so” articles
FAA Documents Raise Questions About Safety of Drones in U.S. Airspace

Good managers find enabling lawyers – the other kind are a dime a dozen. (It's much easier to say, “You can't do that!” than it is to say, “Here's what you must do before you do that.”)
"In the documentary Scared Straight! a group of inmates terrify young offenders in an attempt to 'scare them straight'" (hence the show's title) so that those teenagers will avoid prison life. A 2002 meta-analysis of the results of a number of scared straight and similar intervention programs found that they actively increased crime rates, leading to higher re-offense rates than in control groups that did not receive the intervention. For those considering the use of social media in their business, it is quite easy to read Navigating Social Media Legal Risks: Safeguarding Your Business as a scared straight type of reference. Author Robert McHale provides so many legal horror stories, that most people would simply be too afraid of the legal and regulatory risks to every consider using social media."
Keep reading for the rest of Ben's review.

Perspective (and it's not like they have just one) What other industries will need data centers of this scale?
"JPMorgan Chase spends $500 million to build a data center, according to CEO Jamie Dimon. That figure places the firm's facilities among the most expensive in the industry, on a par with investments by Google and Microsoft in their largest data centers. Dimon discussed the firm's IT spending in an interview in which he asserts that huge data centers are among the advantages of ginormous banks. Dimon also offered a vigorous defense of the U.S. banking industry. 'Most bankers are decent, honorable people,' Dimon says. 'We're wrapped up in all this crap right now. We made a mistake. We're sorry. It doesn't detract from all the good things we've done. I am not responsible for the financial crisis.'"

The strait is a mere 21 miles wide, the channel much narrower, but you would think that a 333meter long tanker would be noticed even at night. The Porter at 154 meters should be agile enough to avoid the tanker. So what really happened?
US Navy ship collides with oil tanker in Gulf
DUBAI, United Arab Emirates — A U.S. Navy guided missile destroyer was left with a gaping hole on one side after it collided with an oil tanker early Sunday just outside the strategic Strait of Hormuz.
The collision left a breach about 10 feet by 10 feet (three by three meters) in the starboard side of USS Porter. No one was injured on either vessel, the U.S. Navy said in a statement.
The collision with the Panamanian-flagged and Japanese-owned bulk oil tanker M/V Otowasan happened about 1 a.m. local time.

For my Ethical Hackers.
"NASA's Curiosity rover has now been on the surface of Mars for just over a week. It hasn't moved an inch after landing, instead focusing on orienting itself (and NASA's scientists) by taking instrument readings and snapping images of its surroundings. The first beautiful full-color images of Gale Crater are starting to trickle in, and NASA has already picked out some interesting rock formations that it will investigate further in the next few days. Over the weekend and continuing throughout today, however, Curiosity is attempting something very risky indeed: A firmware upgrade. This got me thinking: If NASA can transmit new software to a Mars rover that's hundreds of millions of miles away... why can't a hacker do the same thing? In short, there's no reason a hacker couldn't take control of Curiosity, or lock NASA out. All you would need is your own massive 230-foot dish antenna and a 400-kilowatt transmitter — or, perhaps more realistically, you could hack into NASA's computer systems, which is exactly what Chinese hackers did 13 times in 2011."

Perspective and a case study for my Business Continuity students. Be careful who you annoy..
WikiLeaks endures a lengthy DDoS attack
… "The attack is well over 10Gbits/second sustained on the main WikiLeaks domains," read one of several tweets the organization posted on Friday. "The bandwidth used is so huge it is impossible to filter without specialized hardware, however... the DDoS is not simple bulk UDP or ICMP packet flooding, so most hardware filters won't work either. The range of IPs used is huge. Whoever is running it controls thousands of machines or is able to simulate them."

It's no longer a few wax cylinders... With a Google account (and audio & video gear) I could stream seminars to a global audience.
Google Nerds Request Entry to Your Rock Concert
The internet has revolutionized the distribution of music over the past 15 years, but the staging of big concerts and smaller live shows has remained steadfastly analog. Musicians who worried that tools like Napster and BitTorrent undermined their livelihoods could take solace in the notion that they’d still make money off ticket sales.
But today Google launched a feature that could be hugely disruptive to the concert business. You wouldn’t necessarily know it from its complicated title — Google+ Hangouts On Air Studio Mode — but the new feature finally takes live concert streaming from an occasional internet curiosity requiring big-company expertise to something any band can do.
By making it easier to stage live shows for far-flung fans, Google will change the music business in ways that are hard to predict. Clearly, established artists will still be able to charge for live, face-to-face shows — a video conference might be better than no concert, but it’s not yet a substitute for the real thing. At the same time, Google’s mass video conferences can open doors. At least one artist is already saying she’s found stardom through a precursor to Google+ Hangouts On Air Studio Mode that launched four months ago.

Is this the new Yahoo?
Yahoo unveils #HashOut, a social media talk show
As a slew of Internet companies have started creating their own content, Yahoo is also getting in the game.
The Web pioneer announced today that it is working on a social media talk show called #HashOut with some big-hitter names like Arnold Schwarzenegger's ex-wife and journalist Maria Shriver, Princeton professor Anne-Marie Slaughter, "Lost" co-creator Damon Lindelof, and more.
Yahoo is deeming the show as "a new way to talk about the news," and says that it is also "the first talk show conducted over social media."

No comments: