Confusing,
and my Ethical Hackers will need some guidance. It is hypothetically
possible that some of my Ethical Hackers could write a program like
this – not that they ever would of course. Does this mean that
anyone who writes a “key logger” program will make it on the
FBI's “Uncle Sam wants YOU in Guantanamo” list? (But
not the instructors who taught them how to do it, right?)
AP reports:
It’s
not just the US government intercepting your communications. It
could be a nosy relative or jealous partner.
Among
the five people added this week to the FBI’s list of “most
wanted” cybercriminals is a former San Diego college student who
developed an $US 89 program called “Loverspy” or “Email PI.”
Sold online from his apartment, the program was advertised as a way
to “catch a cheating lover” by sending the person an electronic
greeting card that, if opened, would install malicious software to
capture emails and instant messages, even spy on someone using the
victim’s own webcam.
Read more on Perth
Now.
An
arrest warrant was issued for Perez-Melara in the Southern District
of California on July 21, 2005, after he was charged with the
following crimes: manufacturing a surreptitious interception device;
sending a surreptitious interception device; advertising a
surreptitious interception device; unlawfully intercepting electronic
communications; disclosing unlawfully intercepted electronic
communications; unauthorized access to protected computer for
financial gain; and aiding and abetting.
[From
the article:
According to his
indictment, Perez-Melara sold the software to 1000 customers, who
then tried to infect about 2000 computers. Victims took the bait only
about half the time, the government said. People who purchased the
spyware were charged with illegally intercepting electronic
communications. Most of those cases appear to have resulted in
probation and fines.
It keeps on growing!
Just yesterday DataLossDB.org was reporting 130 million.
Yes, the Adobe breach
is back in the news as some have discovered that a data dump posted
online contains the email addresses, encrypted passwords and password
hints stored in clear text from 152
million Adobe user accounts. Embarrassingly, one report notes
that 1.9 million Adobe users used “123456″
as their password.
I don't suppose it was
the IRS, anonymously “taxing” anonymous money?
Ben Grubb reports:
A
four-month-old Australian Bitcoin bank holding more than $1 million
has been hacked, leaving thousands of customers in the lurch
including a man who claims he was holding the virtual currency to buy
a house with his girlfriend.
The
alleged hacking happened on both October 23 and 26, with the
service’s operator, known only as “Tradefortress”, saying
hackers stole all 4100 Bitcoins held by the wallet service, or $1.3
million at the time of writing. The Bitcoins were stored on servers
in the US and it wasn’t until this week that he decided to notify
customers.
Read more on The
Age.
Attention Congress:
Perhaps we could learn from the “more advanced” countries?
On
November 26, 2013, Kazakhstan’s new data privacy law, On
Personal Data and Their Protection, will come into effect. The
law was passed on May 21, 2013. Kazakhstan is the second country in
Central Asia to enact a data privacy law, joining the Kyrgyz
Republic, which passed the Law
on Personal Data in 2008.
Read more on Hunton &
Williams Privacy
and Information Security Law Blog.
Simple concept. Too
simple?
David T.S. Fraser
writes:
The
Supreme Court of Canada just released its decision in R.
v. Vu, 2013 SCC 60. The issue under appeal was whether police
could search a computer that was seized pursuant to a warrant that
did not specifically authorize the search of the computer.
Read more on Canadian
Privacy Law Blog.
As I read this, he is
saying that if someone claims you drown puppies while smoking crack,
that's okay. But it's important to remove all of those “I had
lunch at Taco Bell” tweets?
Woodrow Hartzog has an
opinion piece in the New Scientist about California’s new
“online eraser law,” SB-568. The law gives minors under the age
of 18 some limited rights to delete personal information that they
had posted online or on a mobile app. The key word here is
“limited,” as the right is not absolute.
Woody writes, in part:
Critics
claim it is a toothless law because it is full of exceptions and its
scope too limited to properly protect teenagers, for example by
excluding re-posts. They also fear a disastrous effect on the social
web, with broken conversation chains abounding (though many social
media users have been able to delete posts for years without
significant issues of this sort).
While
the critics correctly identify the unclear language in the statute,
they miss the point when they say it will be ineffective because
it won’t remove the truly harmful “viral” information that gets
widely shared on the internet.
What
they fail to realise is that the modest protection offered by this
eraser law is not a defect, it’s a feature. These limitations
represent deference to free speech principles while giving users the
option of erasing heaps of disclosures that no one found interesting
enough to share.
Read more of his
commentary here.
I have a few hours of
flight time, maybe I'll switch to drones? I can do that from the
same computer I use to blog and the market seem ready to boom. (TV
News Drones, Paparazzi support, Traffic Drones, Forest Fire Drones,
Pizza Delivery Drones, etc.)
Nidhi Subbaraman
reports:
Is
this country ready for the drone revolution? Baby steps, says the
Federal Aviation Administration, which on Thursday unveiled its new
roadmap for releasing drones into the U.S. airspace.
Among the recommendations under consideration: Drone
pilots will get certification, drone designs must meet minimum
standards, and a pilot flying the machine will be responsible for the
craft during flight.
The
FAA has also specifically and officially acknowledged that it would
take on the responsibility of regulating privacy, in addition to
safety, a shift in the administration’s stance so far.
Read more on NBC.
Oh good. No doubt this
will settle everything.
Senate
Intelligence Committee Approves FISA Improvements Act
by Sabrina
I. Pacifici on November 7, 2013
Increases
privacy protections, oversight, transparency of critical intelligence
programs: The Senate Intelligence Committee [October 31,
2013] approved the FISA
Improvements Act by a vote of 11-4. The bipartisan legislation
increases privacy protections and public transparency of the National
Security Agency call-records program in several ways, while
preserving the operational effectiveness and flexibility of this
vital national security program.
A question for you
Constitutional Law professors: Do we have a “Right to keep and
bear the designs for guns?”
Don't
Freak Out, but the First 3D-Printed Metal Gun Totally Works
… When a design for
The
Liberator, the open-sourced and 3D-printed gun, was released last
year, worriers could take some solace: The gun wasn't entirely
composed of 3D-printed materials. The gun's firing pin—the thing,
essentially, that put the fire in the firearm—was
made of metal. And metal is extremely difficult to use as a
material for 3D printing.
Until ... it's not. A
company called Solid Concepts, which specializes in direct metal
laser sintering, or DMLS, has created a gun, it claims, that is
composed
entirely of 3D-printed
metal. The gun is not only fully metal-made; it is also capable
of firing multiple rounds.
Perspective. It's not
just developing Big Systems that causes governments problems.
Anything new (i.e. roughly anything after the British burned the
White House) can do it.
IRS
Case Processing Delays and Tax Account Errors Increased Hardship for
Victims of ID Theft
by Sabrina
I. Pacifici on November 7, 2013
Treasury Inspector
General for Tax Administration: Case
Processing Delays and Tax Account Errors Increased Hardship for
Victims of Identity Theft – September 26, 2013, Reference
Number: 2013-40-129.
“It
took the Internal Revenue Service (IRS) an average of 312 days to
resolve tax-related identity theft cases, according to a
new report released by the Treasury Inspector General for Tax
Administration (TIGTA) that studied a statistical sample of these
cases. This audit was a follow-up to a May
2012 identity theft audit report. The IRS reported that identity
theft affected 1.2 million taxpayers in Calendar Year 2012, and an
additional 1.6 million were affected in Calendar Year 2013, as of
June 29, 2013… TIGTA’s review of a statistical sample of 100
identity theft cases closed between August 1, 2011 and July 31, 2012
found that the IRS correctly determined the rightful owner of the
Social Security Number in all cases. However, taxpayers faced
delays, with some cases having significant inactivity during case
processing. Inactivity on the 100 identity theft cases averaged 277
days. This is due, in part, to assistors being required to also
answer telephone inquiries during the Filing Season. In addition,
tax accounts were not correctly resolved for 25 percent of the cases
reviewed by TIGTA, resulting in delayed refunds and/or incorrect
refunds to all 25 taxpayers. TIGTA surveyed 183 IRS assistors who
work identify theft cases. Seventy-three percent of those
surveyed stated that the IRS’s identity theft procedures are
confusing. Finally, the IRS needs to improve the accuracy of its
Refund Fraud and Identity Theft Global Report. The IRS Accounts
Management function’s open case inventory was overstated by 95,429
cases in the Calendar Year 2012 Global Report. TIGTA recommended the
IRS: 1) ensure that assistors assigned to identity theft cases work
these cases exclusively and are provided with ongoing training and
the ability to perform actions to work these cases to conclusion, 2)
develop clear and consistent processes and procedures to ensure that
taxpayer accounts are correctly updated, and 3) develop validation
processes and procedures to ensure the accuracy of information
included in the Identity Theft Global Report.”
Amusing.
Bob(@Centennial-Man)
Is
Economics 'The Biggest Fraud Ever Perpetrated on the World?'
… As he writes in
his introduction to the whole imbroglio, “Sometimes a few informal
words can lead to a much more thoughtful response.” But Horton’s
reply was thoughtful in its way, too—or, at least, interesting.
And this kind of dialogue—between fields, between forms, even
between types of feeling—seems worthwhile in the academic
conversation, a way to possibly expand the means by which these
conversations occur. The cycle of academe groans to keep up with the
churn of the stream, and upset and frustrated jeremiads may attract
more attention as tweets than as papers.
Which is to say: More
exchanges like this one, please—or, as Horton himself writes, “I
hope this dialogue provokes you to tweet too.”
For my technically
innovative students...
… Classic
disruptive innovation says that a cheaper, but lower-quality,
innovator can eventually overtake an incumbent by gradually siphoning
off customers the incumbent doesn’t find it profitable to defend.
As the disruptor improves its offering, though, the incumbent’s
position becomes increasingly fragile. Big bang disruption differs
in that the start-up offers an innovation that’s not only cheaper,
but better — higher quality, more convenient, or both —
almost right off the bat. The Blockbuster-Netflix skirmish is a case
in point.
For my
students. May you work occasionally.
37signals
Launches ‘We Work Remotely’ Job Board
37signals, makers of
project management app Basecamp and the Ruby
On Rails programming language, has launched a new online job
board meant specifically for remote workers. 37signals will be
shutting down their existing
job board and will migrate all listings to the new site, We
Work Remotely.
No comments:
Post a Comment