Monday, July 03, 2006

July 3, 2006

I see this as a “Copy any CD or DVD” tool. Might be useful for evidence gathering, but also for duplicating copy protected media. Anyone have experience with this?

http://www.vso-software.fr/products/Blindwrite/blindwritephp

BlindWrite - Game Copy Software

Blindwrite, your ultimate game copy software back up tool! BlindWrite extracts all the characteristics of your media to your harddrive to reproduce a working copy of your media. It allows you to protect your investments against damage caused by children, scratches or by frequent use. Your personal CD or DVD backups can even be run directly from your computer using a virtual drive (i.e. Daemon Tools). Blind write's Game Copy Software supports a large number of formats and is regularly updated to support the latest technology. Combined with CopyToDVD, it is a complete set of software for all your backup needs: data files, 1:1 CD/DVD backups, audio CDs from music files and DVD movies. A must-have!

Blind Write supports all popular CD/DVD writers and handles every available DVD format (DVD-R, DVD+R, DVD-RW, DVD+RW, DVD-RAM, DVD+R Double Layer, DVD-R Dual Layer).



http://www.washingtonpost.com/wp-dyn/content/article/2006/07/01/AR2006070100479.html

Red Cross Laptop With Donor Data Stolen

The Associated Press Saturday, July 1, 2006; 1:10 PM

DALLAS -- A laptop containing personal information from thousands of blood donors _ including Social Security numbers and medical information _ was stolen from a local office of the American Red Cross, but officials said the information was encrypted. [Someone is thinking? Bob]

The data included matching names and birth dates of donors from Texas and Oklahoma, as well as donors' sexual and disease histories.

"We haven't viewed this as a security breach at this point," Darren Irby, spokesman for the national American Red Cross office, told The Dallas Morning News for its Saturday editions.

The laptop was one of three stolen from a locked closet in the Farmers Branch office of the American Red Cross [Sounds remarkably like a security breach to me. Bob] in May, but the two others did not contain the personal information. There was no sign of forced entry, said Red Cross spokeswoman Audrey Lundy.

Local officials alerted police and national Red Cross offices, Lundy said. Donors were not notified about the missing information, and the Red Cross had no legal obligation to do so.

The laptops disappeared on two separate occasions in May, according to police reports. They could have been gone as long as a week before being reported missing.

Gordon Bass, acting chief information security officer for the national Red Cross, said supervisors have their own user names and passwords. Access is time-and-date based, so information can be accessed only during blood drives or when new information is uploaded to a central database.

The Farmers Branch Red Cross also lost a laptop with encrypted donor information in June 2005, Lundy said, but she could provide no details on circumstances of that incident or any follow-up investigation.

Security in the Farmers Branch office was tightened after the most recent disappearances, Lundy said.



Yumping Yiminy Sven! You're just noticing this now?

http://virtuelvis.com/archives/2006/02/microsoft-censoring-msn-messenger

Microsoft censoring MSN Messenger conversations

Computer Sweden is reporting that Microsoft is doing automatic real-time censoring of certain messages on MSN Messenger.

According to communications director of MSN Sweden, Jessica Börjel, this is being done to protect users against exploits and worms spreading through the MSN Messenger service.

Among the things Microsoft appears to want to block are URLs and file name references. And this is where the trouble starts:

  • You cannot use the string download.php anywhere in a message, not even when it’s not part of a URL.

  • The link filter does not take canonical URLs into account: http://evil.example.com/download.php and http://evil.example.com/down%6Coad.php is the same URL, expressed in two different ways. The first one is blocked, while the second one is not.

  • Even if Microsoft fixed the canonization issue, and were able to block both, there are a loads and loads of redirector services, like as TinyURL that can be used to mask known bad URLs

And, for the truly paranoid: Since Microsoft are automatically monitoring your conversations, and block certain messages — what prevents them from eavesdropping on your messages, and sending any “suspicious” content off to third parties, such as governments and their agencies?



http://www.contracostatimes.com/mld/cctimes/news/local/states/california/14952762.htm

Some countries already monitor text messages

By Andrew Becker CONTRA COSTA TIMES Posted on Sun, Jul. 02, 2006

As text messaging evolves into a popular method of global communication, some repressive governments are reading along, texting back and even editing messages -- with the help of North American companies.

A joke received by cell-phone text message last spring that Iran's President Mahmoud Ahmadinejad took the wrong way led to arrests in that country, where the government has acknowledged monitoring text messages, according to reports.

In March, the day before voters cast ballots in the presidential race, thousands around the Belarusian capital of Minsk received text messages warning of violence sparked by "provocateurs" on Election Day. The country's largest mobile phone company reportedly refused to say who sent the messages.

Spurred by leaks announcing the SARS outbreak, Chinese authorities have filtered SMS (short message service) text messages since 2004 and are believed to be sharing such technology with other countries. [Open Source censorship? Bob]

In recent months there's been a spotlight, both in the media and in the U.S. Congress, on the willingness of Google, Microsoft, Yahoo and other tech companies willing to trade freedom of speech for business licenses in China.

But self-censorship of a potentially more powerful way of communicating -- cell phones and text messaging -- is not new to North American companies.

Known as predictive text, the library of words that cell phones recognize, suggest and even learn has stayed below the regulatory radar as companies such as AOL's Tegic/T9 and Calgary-based Zi Corp. support business worldwide.

... "All governments are trying to find ways to monitor mobile phones and, of course, SMS text messaging," Pain said. "We have the impression that we're free because we can send as much information as we want. But the dark side is, through technology, they can monitor all communication without human intervention."



See what happens when techies argue.

http://slashdot.org/article.pl?sid=06/07/03/0055211&from=rss

Freedb.org Ending

Posted by jamie on Sunday July 02, @09:04PM from the this-too dept. Music

haroldag writes "Freedb, the free music database used by tons of CD ripping software, has been shut down due to a disagreement among its developers. One of its developers used a data dump from the original freedb.org and is providing the service at freedb2.org, though, and will be adding features and posting them at his site as they become available. Unfortunately, a database dump or source code for freedb2.org is yet nowhere to be found."



Is this the ultimate guide? If not, do you want to write it?

http://www.allbusiness.com/articles/QuestionsAnswers/2639-2057-2436.html

What Should My Business Web Site's Privacy Policy Cover?

Every business Web site should have a privacy policy. Make sure your privacy policy covers the following topics.

The "we collect" statement describes what you collect from your users. This can include email addresses from sign-up forms, contact information, physical addresses, credit card or bank information, IP addresses, browser and operating system information, as well as other information you may require your customers to enter.

You should state if you save, share, or sell your customers' email addresses. Keep in mind that if you use a third-party ad service, merchant account, or service, the customer’s email address may be used in this transaction. You should state that you or a third party will use their information for placing their order. Find out if the third party will retain the user's information and, if so, what will be done with it. Be sure your policy covers this as well.

On an e-commerce site, credit card information and physical addresses are used to process orders. You should also state what you will do with this information once an order has been processed. Do you retain their credit card numbers and addresses once an order has shipped? Will you sell or share this information with third parties?

If your site uses cookies, say so in your policy. Inform your users what information is collected with the cookie and what is done with the information once it has been collected. Since many companies that serve ads collect information on site visitors, you should also consider revealing your ad-server relationships.

Future use of any data collected should be covered as well. For example, if you process an order and save the customer’s address to send out a postcard on a new product, disclose that too. This can include customer promotional emails, or anything that you might use their data for in the future.

Your policy should also cover your site's security. If you use SSL to transmit sensitive data, mention it here. Also, mention any steps you've taken to protect customer data from hackers.

Last, but certainly not least, include your business contact information, including specific email addresses or phone numbers visitors can use in the event that they feel that your privacy policy has been broken in any way, or if they have questions about your policy.

It's always a good idea to seek legal advice before writing your policy, just to make sure you've covered all eventualities. These key points are just a guideline to help you write your own policy. Each business is different, and each privacy policy should be unique.

In addition, make sure to read these articles:



Eat worms, Al “I invented global warming.” Gore!

http://www.opinionjournal.com/extra/?id=110008597

Don't Believe the Hype

Al Gore is wrong. There's no "consensus" on global warming.

BY RICHARD S. LINDZEN Sunday, July 2, 2006 12:01 a.m. EDT

... Alpine glaciers have been retreating since the early 19th century, and were advancing for several centuries before that. Since about 1970, many of the glaciers have stopped retreating and some are now advancing again. And, frankly, we don't know why. [If glaciers = “ice age,” no glaciers = ??? Bob]

... So what, then, is one to make of this alleged debate? I would suggest at least three points.

First, nonscientists generally do not want to bother with understanding the science. Claims of consensus relieve policy types, environmental advocates and politicians of any need to do so. Such claims also serve to intimidate the public and even scientists--especially those outside the area of climate dynamics. Secondly, given that the question of human attribution largely cannot be resolved, its use in promoting visions of disaster constitutes nothing so much as a bait-and-switch scam. That is an inauspicious beginning to what Mr. Gore claims is not a political issue but a "moral" crusade.

Lastly, there is a clear attempt to establish truth not by scientific methods but by perpetual repetition. An earlier attempt at this was accompanied by tragedy. Perhaps Marx was right. This time around we may have farce--if we're lucky.

Mr. Lindzen is the Alfred P. Sloan Professor of Atmospheric Science at MIT.



http://www.galatea.com/opensource.html

The Open Source Monopoly

"The Open Source Monopoly" was originally published as a single paper. It has since become the first in a series of three. The second paper, The Economics of Commercial Open Source, looks in more detail at the economic models of companies like Red Hat Inc., JBoss and MySQL AB. The third paper, Openstructure: A Call for Open Source Reform presents some solutions to the current trend in open source and offers a challenge to the open source community for reform.

No comments: