Thursday, November 02, 2006

Once again the media has called on Prof. John Soma to put some perspective on the Privacy implications of a recent story about theft of a computer with personal identity information... I'd like to see the whole list of things that might (should?) happen to managers who allow this to happen.

http://www.9news.com/acm_news.aspx?OSGNAME=KUSA&IKOBJECTID=a201d668-0abe-421a-0086-5200cc35add2&TEMPLATEID=0c76dce6-ac1f-02d8-0047-c589c01ca7bf&GID=TguDwnGpVNB58v4lhA79duiZWJ8Bk4hHrQZn+E3T1Ng%3D

More than a million at risk for identity theft

written by: Anastasiya Bolton Reporter posted by: Jeffrey Wolf Web Producer Created: 10/31/2006 10:33 PM MST - Updated: 11/1/2006 6:55 PM MST

DENVER - A computer with sensitive information was stolen and now up to 1.4 million people across the country could be at risk of identity theft.



I'm sure there will be several jokes about who the bomber will be, but I suspect this site was protected better than your average airport. Could be interesting to follow...

http://www.valleywag.com/tech/ebay/ebay-building-bombed-exclusive-ims-from-an-ebayer-inside-the-building-211579.php

EBay building bombed: Exclusive IMs from an eBayer inside the building

Firefighters rushed to eBay's San Jose headquarters last night after an explosion in a four-story eBay building. First thought to be a transformer, the cause is now being reported as a bomb.

A live TV report from last night is available at KRON 4. If you have any information, photos, or first-hand accounts, e-mail tips@valleywag.com. A reader sends the following IM conversation they had with an eBay employee in the building.

My friend was working late at eBay tonight when there was a large explosion within the building.

Here's the breaking news story: Firefighters Respond to Explosions within eBay Building




You known, I like the way this guy thinks...

http://knowledge.wharton.upenn.edu/article.cfm?articleid=1594

Michael Porter Asks, and Answers: Why Do Good Managers Set Bad Strategies?

Published: November 01, 2006 in Knowledge@Wharton

Errors in corporate strategy are often self-inflicted, and a singular focus on shareholder value is the "Bermuda Triangle" of strategy, according to Michael E. Porter, director of Harvard's Institute for Strategy and Competitiveness.

... During his remarks, Porter stressed that managers get into trouble when they attempt to compete head-on with other companies. No one wins that kind of struggle, he said. Instead, managers need to develop a clear strategy around their company's unique place in the market.

... Managers who think there is one best company and one best set of processes set themselves up for destructive competition. "The worst error is to compete with your competition on the same things," Porter said. "That only leads to escalation, which leads to lower prices or higher costs unless the competitor is inept." Companies should strive to be unique, he added.

... Years ago, corporate strategy was considered a secret known only by top executives for fear competitors might use the information to their advantage, said Porter. Now it is important for everyone in the organization to understand the strategy and align everything they do with that strategy every day. Openness and clarity even help when coping with competition. "It's good for a competitor to know what the strategy is. The chances are better that the competitor will find something else to be unique at, instead of creating a zero-sum competition."



Is this how it's done?

http://yro.slashdot.org/article.pl?sid=06/11/01/2334226&from=rss

Groups Call for Investigation of MS Ad Service

Posted by samzenpus on Wednesday November 01, @07:05PM from the learning-all-about-you dept. Microsoft

narramissic writes "The Center for Digital Democracy (CDD) and the U.S. Public Interest Research Group (US PIRG) have filed a complaint with the FTC, asking for an investigation into Microsoft's use of customer data collection in its adCenter Web advertising service. The groups claim that 'Microsoft has embarked on a wide-ranging data collection and targeting scheme that is deceptive and unfair to millions of users.' Microsoft, for its part, says the groups 'have got it all wrong.'"



I wonder if a collection (or searchable database) of campaign ads would result in screams from the candidates (or perhaps a new law banning “politician stalking”)

http://www.technewsworld.com/rsstory/54018.html

An Alternative Guide to Election 2006

By Erika Morphy TechNewsWorld 11/01/06 8:00 AM PT

Politicians and their operatives are no dummies. YouTube might have started out as a site for ordinary people to post their own videos, but it is now well seeded with videos produced by candidates -- both focusing on themselves and on their opponents.

... Call it "Election 2.0." Call it the revenge of voters tired of watching the increasingly negative 30-second ads on network television. Whatever the reason, it is clear that voters are going outside mainstream media -- far outside -- to learn more about the candidates and the issues.

Consider YouTube, says Robb Hecht, an adjunct marketing professor at the City University of New York's Baruch College and social tech media strategist.

"Its role in this year's elections cannot be underestimated," he tells the E-Commerce Times. "While people need to tune into CNN, they also need to check out YouTube's vault of political videos and sites like WhereIStand.com to find out where [the politicians] stand on issues."



What aspects of his job can he remember?

http://www.infoworld.com/article/06/11/01/HNhphurdforgetful_1.html?source=rss&url=http://www.infoworld.com/article/06/11/01/HNhphurdforgetful_1.html

HP: Hurd can't recall probe meeting details

CEO says he wishes he could have been more "focused" during meetings with private investigators

By Robert Mullins, IDG News Service November 01, 2006

Hewlett-Packard Co. Chairman and Chief Executive Officer (CEO) Mark Hurd has an incomplete recollection of details of a crucial internal meeting on the HP board scandal, according to new information released Wednesday.



Automated stalking?

http://news.com.com/2061-12572_3-6131727.html?part=rss&tag=6131727&subj=news

Looking for someone? Spock will track them down

November 1, 2006 3:49 PM PST

Spock, a start-up that wants to make it easier to find personal information about people on the web, has launched its private beta.

Type in a name, and Spock says it can serve up a picture, address, occupation, interests and other information. Conversely, you can type in an occupation and location ("Rodeo Clown, Lubbock") and it will spit up people that fit that category.

... Spock's public beta hasn't started, but the founders told VentureBeat that it will have 100 million profiles.

No word on whether Leonard Nimoy is filing suit against them yet. Oh, humans, you are so irrational.



Negotiating ploy? Perhaps they want to be treated like North Korea and have a Chinese pipeline supply them with fuel oil for those cold Seattle winters?

http://news.bbc.co.uk/2/hi/technology/6102180.stm

Microsoft considers China policy

By Darren Waters Technology editor, BBC News website, Athens

There is mounting pressure on tech firms for their dealings in China

A senior executive for Microsoft has said the firm could pull out of non-democratic countries such as China.



http://politics.slashdot.org/article.pl?sid=06/11/01/2344209&from=rss

E-voting State By State

Posted by samzenpus on Wednesday November 01, @09:31PM from the make-them-count dept. United States Politics Technology

jcatcw writes "One-third of Americans will use voting machines next week that have never before served in a general election. Computerworld.com provides an overview of e-voting in each of the 50 states and the District of Columbia — equipment, systems for voter registration, polling, significant legal challenges to the systems, previous media coverage, links to government watchdog sites, the vendors, technologies and laws that are important to the issue, and a review of 'Hacking Democracy.'"



We're number 30! We're number 30!

http://www.theglobeandmail.com/servlet/story/RTGAM.20061101.wpriv1101/BNStory/Front/?page=rss&id=RTGAM.20061101.wpriv1101

Canada #2 in maintaining personal privacy

KATIE FRETLAND Canadian Press and Associated Press

LONDON — Germany and Canada are the best defenders of privacy, and Malaysia and China the worst, an international rights group said in a report released Wednesday.

Britain was rated as an endemic surveillance society, at No. 33, just above Russia and Singapore on a ranking of 37 countries' privacy protections by London-based Privacy International.

The United States did only slightly better, at No. 30, ranked between Israel and Thailand, with few safeguards and widespread surveillance, the group said.



If your ass is uncovered, scream National Security!

http://www.wired.com/news/technology/0,72051-0.html?tw=rss.index

The Virus That Ate DHS

By Kevin Poulsen 02:00 AM Nov, 02, 2006

A Morocco-born computer virus that crashed the Department of Homeland Security's US-VISIT border screening system last year first passed though the backbone network of the Immigrations and Customs Enforcement bureau, according to newly released documents on the incident.

The documents were released by court order, following a yearlong battle by Wired News to obtain the pages under the Freedom of Information Act. They provide the first official acknowledgement that DHS erred by deliberately leaving more than 1,300 sensitive US-VISIT workstations vulnerable to attack, even as it mounted an all-out effort to patch routine desktop computers against the virulent Zotob worm.

... U.S. District Judge Susan Illston reviewed all the documents in chambers, and ordered an additional four documents to be released last month. The court also directed DHS to reveal much of what it had previously hidden beneath thick black pen strokes in the original five pages.

"Although defendant repeatedly asserts that this information would render the CBP computer system vulnerable, defendant has not articulated how this general information would do so," Illston wrote in her ruling (emphasis is lllston's).

A before-and-after comparison of those documents offers little to support CBP's security claims. Most of the now-revealed redactions document errors officials made handling the vulnerability, and the severity of the consequences, with no technical information about CBP's systems. (Decide for yourself with our interactive un-redaction tool.)



Must be simple if you can reduce it to a PowerPoint presentation...

http://www.bespacific.com/mt/archives/012895.html

November 01, 2006

Presentation on Deconstructing Information Warfare

K. A. Taipale, "Deconstructing Information Warfare," presented to the Committee on Policy Consequences and Legal/Ethical Implications of Offensive Information Warfare, The National Academies, Washington, DC (Oct. 30, 2006) [download presentation slides in PDF).



I like it! (Who says there are no innovators left in business...)

http://techdirt.com/articles/20061101/221144.shtml

Innovative Funding Strategy: Steal Employees' IDs, Apply For Loans And Credit Cards In Their Names

from the nothing-to-it dept

It's one thing to be the victim of identity theft where the crook uses your identity to get loans, lines of credit and credit cards, but it's taken to an entirely different level when it's the CEO of a well-known company, and the victims are his employees. That's apparently what happened with Compulinx. Apparently, the company needed some money, and rather than raising it the old-fashioned way, the CEO and his nephew are accused of taking the data they had on file of some of the company's 50 employees, and using them to get loans, lines of credit and credit cards. The employees were apparently totally unaware that their CEO was pretending to be them, and sometimes claiming (falsely) that they were officers of the company.



http://techdirt.com/articles/20061101/222131.shtml

Spam Scam Says You're Fired

from the well-that-sucks dept

In the last year or so, the concept of "spear phishing" has gained a lot of popularity. Rather than broadly phishing by sending out emails pretending to be from companies with huge numbers of users/customers such as eBay or Citibank, spear phishing is much more targeted, and sometimes much more devious. It is often sent directly to people at a certain organization, made to look like it comes from someone at that organization and designed to play on what that organization does. It seems that some phishing scammers went one step further last week, using a spear phishing attack on employees of the Dekalb Medical Center. The email itself appeared to come from the medical center and told the employees they were being laid off. It included a link to a website supposedly for "career-counseling information," but actually directing people to a website that automatically downloaded a keylogger program. Enough employees were freaked out enough by the notice that they didn't consider it might be a scam, and clicked on the link. Once again, it shows how the scammers continue to adjust and adapt, and how difficult it can be to spot some of these types of scams.

No comments: