Tuesday, November 28, 2006

http://www.bespacific.com/mt/archives/013122.html

November 27, 2006

Florida Dept. of State Announces Audit of Sarasota Voting Machines

This memo from the Deputy Chief of Staff for Communications, Florida State Department, announces that an audit will commence on November 28, 2006 to test the voting systems and administrative procedures used in the Congressional District 13 race in Sarasota. [via USACM, this backgounder on the Florida voting problems and the lawsuits contesting the election.]

[This is at the bottom of the memo. I like it!

Please note: Florida has a very broad public records law. Most written communications to or from state officials regarding state business are considered to be public records and will be made available to the public and the media upon request. Therefore, your e-mail message may be subject to public disclosure.

Bob]



http://www.eweek.com/article2/0,1759,2064416,00.asp?kc=EWRSS03119TX1K0000594

Saving the Data

November 27, 2006 By Chris Preimesberger

U.S. businesses are going to have to change the way they handle electronically stored information when new federal rules go into effect Dec. 1.

The new regulations, adopted by the U.S. Supreme Court in April, say businesses must be able to quickly find such data when required by the federal court.

That means that every electronic document stored by businesses—e-mail, instant messages, financials, voice mail and all text and graphical documents—must be easily retrievable.

... "It's meant a lot of extra hours for our staff because it means we can't just save our data on tape or on disk anymore and make sure it's safe. We have to be able to get pretty granular about how to access it."

... According to people involved in the move to get the rules adopted, the match that lit all this was struck in March 2000, when then-Vice President Al Gore reported that he could not immediately produce e-mails related to a probe by the Department of Justice into his fund-raising activities.

At the time, White House counsel Beth Nolan said the White House e-mails were recorded on a series of 625 tapes that would take up to six months to be searched.

Setting up the tape-searching equipment alone would take two months, Nolan claimed.

... Essentially, businesses engaged in federal court proceedings are now required to have full knowledge of the whereabouts of all their electronic data to produce evidence needed in a reasonable amount of time.

In litigation, for example, this would mean producing within 30 days relevant e-mails, text documents, spreadsheets or IMs that were originated months or years ago.

... However, there is a caveat: Businesses do not have to keep everything. The rules say that documents deleted in the course of regular business are immune in the case of a litigation. [You better have a written document retention plan 9and evidence that you follow it) to support this. Bob]

"What a business needs to show is a repeatable, predictable process of data storage and accessibility," said Allman, the principal author of the new rules.

... The new regulations have spawned a rash of new storage hardware and software that identifies, classifies and makes accessible unstructured data such as e-mail. Major players such as IBM, Network Appliance, Hewlett-Packard, Symantec and other large IT companies offer their own compliance packages, and the rules also are giving rise to new companies looking to serve the niche market.

... Managing Data

Five tips for deploying a successful e-discovery solution:

1. Get cross-functional Get IT and legal departments to talk to each other as well as with records management and business line representatives

2. Separate backups from archives Mixing them makes e-discovery more difficult and expensive

3. Deploy ILM (information lifecycle management) methodology Policy-manage information with a "big buckets" approach and then move the data into more granular "little buckets"

4. Don't boil the ocean Focus on efforts that provide the greatest return, such as e-mail management

5. Deploy search technology Powerful tools such as federated search can dramatically enhance e-discovery capabilities



http://www.pogowasright.org/article.php?story=20061127093916411

Ex-Chicago School Workers' Info Exposed

Monday, November 27 2006 @ 09:48 AM CST - Contributed by: PrivacyNews - Businesses & Privacy

Names, Social Security numbers and home addresses of nearly 1,740 former Chicago school employees were mistakenly mailed to other members of the group, prompting concerns the information could be used for identity theft. All Printing & Graphics Inc., which Chicago Public Schools hired to print and mail health-insurance information to the former employees, said Sunday it hadn't realized one document it sent contained personal data belonging to all of them.

Source - AP



http://www.pogowasright.org/article.php?story=20061127170626925

School district sold computers with personal information

Monday, November 27 2006 @ 05:06 PM CST - Contributed by: PrivacyNews - Internet & Computers

The Greenville County School District sold computers that contained Social Security numbers and birthdates for roughly 100,000 students and at least 1,000 employees, according to a district official and the buyers' attorney. The two buyers never released the information found in computers they bought at a dozen school district auctions between 1999 and last March, but worry about other computers sold, their attorney David Gantt told The Greenville News.

Source - AP




http://www.insecuremag.com/archive.html

ISSUE 1.9 (December 2006)

DOWNLOAD ISSUE 1.9 HERE

The covered topics are:

  • Effectiveness of security by admonition: a case study of security warnings in a web browser setting

  • Interview with Kurt Sauer, CSO at Skype

  • Web 2.0 defense with AJAX fingerprinting and filtering

  • Hack In The Box Security Conference 2006

  • Where iSCSI fits in enterprise storage networking

  • Recovering user passwords from cached domain records

  • Do portable storage solutions compromise business security?

  • Enterprise data security - a case study

  • Creating business through virtual trust: how to gain and sustain a competitive advantage using information security



Public means public? Brilliant!

http://hosted.ap.org/dynamic/stories/C/COURT_WEBCAST?SITE=VALYD&SECTION=HOME&TEMPLATE=DEFAULT

Maryland Court to Launch Webcasting Plan

Nov 27, 6:44 PM EST

ANNAPOLIS, Md. (AP) -- Maryland's highest court is launching a project for live Webcasting of its sessions, hoping to be ready in time to broadcast arguments set for Dec. 4 in a high-profile case involving gay marriage.

... "It's all part of this outreach thing," [Don't you just love complex legal terminology? Bob] Chief Judge Robert M. Bell of the Court of Appeals told The (Baltimore) Sun. "Other courts have done it. I don't see why we shouldn't do it."

... Bell has been a proponent of opening up Maryland courts to make them more accessible to the public. About half of the appellate state courts in the nation allow coverage of hearings on the Web or on cable channels.



Hey! I'm a theater owner!

http://yro.slashdot.org/article.pl?sid=06/11/28/053226&from=rss

MPAA Goes After Home Entertainment Systems

Posted by ScuttleMonkey on Tuesday November 28, @04:22AM from the jokes-that-some-people-just-wont-get dept. It's funny. Laugh.

philba writes to tell us that home theaters may become the new jurisdiction of our MPAA overlords. The MPAA is lobbying to make sure that home users authorize their entertainment systems before any in-home viewings. From the article: "The MPAA defines a home theater as any home with a television larger than 29" with stereo sound and at least two comfortable chairs, couch, or futon. Anyone with a home theater would need to pay a $50 registration fee with the MPAA or face fines up to $500,000 per movie shown."



http://blog.washingtonpost.com/securityfix/2006/11/guidance_software_settles_ftc.html

Guidance Software Settles With FTC Over Data Compromise

Guidance Software -- the leading provider of software used to diagnose hacker break-ins -- has settled a case brought by the Federal Trade Commission after a database compromise at the company exposed financial and personal data connected to thousands of law enforcement and network security professionals.

Pasadena, Calif.-based Guidance alerted customers to the incident in a letter sent late last year. The company discovered that hackers had broken into a company database and made off with approximately 3,800 customer credit card numbers.

According to the FTC, Guidance violated federal law when it failed to "implement simple, inexpensive and readily available security measures to protect consumers' data. In contrast to claims about data security made on Guidance's Web site, the company created unnecessary risks to credit card information by permanently storing it in clear readable text" [emphasis added].



Minority Report was right. “Just because you are innocent, doesn't mean we won't watch you like a hawk; interview your employer; and bring your friends and family in for questioning... We got the idea from the techniques the US uses to track people convicted of sex crimes.”

http://www.pogowasright.org/article.php?story=20061127131510239

UK: Police target dangerous suspects before they can offend

Monday, November 27 2006 @ 01:15 PM CST - Contributed by: anonadmin - Non-U.S. News

Criminal profilers are drawing up a list of the 100 most dangerous murderers and rapists of the future even before they commit such crimes, The Times has learnt. The highly controversial database will be used by police and other agencies to target suspects before they can carry out a serious offence.

Source - Times Online

No comments: