Tuesday, March 06, 2007

Note: This blog is available (I'm not subversive enough? I'm insulted!) But our friends at http://www.privacyfoundation.org/ are blocked. Congratulations!

http://digg.com/security/Check_if_your_website_is_blocked_in_China

Check if your website is blocked in China

China; a country notorious for censoring the Internet. Touted as having some of the most sophisticated firewalls in the world, greatfirewallofchina.org lets you check if you can pass China’s strict IP monitors.

http://nextlust.com/the-great-firewall-of-china



Why is sensitive information accessible over the internet?

http://today.reuters.co.uk/news/articlenews.aspx?type=internetNews&storyID=2007-03-05T165940Z_01_L05129446_RTRIDST_0_OUKIN-UK-FRANCE-ELECTIONS-LEPEN.XML

Hacker steals election data from Le Pen

Mon Mar 5, 2007 4:59 PM GMT

PARIS (Reuters) - A hacker stole sensitive data from a computer in the offices of French far-right leader Jean-Marie Le Pen, police said, fuelling his fears that rivals used it to try and keep him out of the presidential race.

The security breach at Le Pen's National Front party headquarters comes as the campaign intensified ahead of the April and May election with several candidates facing smear scandals in recent weeks.

... After a visit to the headquarters of his National Front party on Friday, the police said the list of officials who had agreed to back Le Pen had been stolen by a hacker.

The hacker had gained access using an internet site specialising in breaking entry codes. A National Front employee who used the computer that was hacked into was detained but later released.



Some background Q&A

http://www.iht.com/articles/2007/03/05/business/workcol06.php

The Workplace: Your company monitors your personal e-mail

Matt Villano Monday, March 5, 2007

Your company recently announced a new policy to monitor all outgoing e-mail, including personal correspondence. How concerned should you be?

Don't panic, but definitely watch out. Mary Crane, president of MC & Associates, a training and consulting firm in Denver, said that if employers actively monitor outgoing e-mail traffic, messages about anything other than work may attract unwanted attention.

"The last thing you want to do is make your employer think you're slacking off," Crane said. "Nothing you're doing on e-mail is worth jeopardizing your career."

Do employers have the right to monitor e-mail?

The Sarbanes-Oxley Act of 2002 and other U.S. regulations require publicly traded companies to archive all e-mail messages. Employers in the private sector also have complete authority to scrutinize every word, provided that they have established a policy and put it into writing.


...sometimes we listen in on your phone calls too..

http://news.com.com/2061-10789_3-6164404.html?part=rss&tag=2547-1_3-0-20&subj=news

Wal-Mart fires systems technician over pretexting debacle

March 5, 2007 12:05 PM PST

Discount giant Wal-Mart has fired an unidentified employee who was responsible for monitoring telephone conversations between a Wal-Mart public relations representative and a New York Times reporter, as well as intercepting various text messages and pages. The employee, who worked for Wal-Mart as a systems technician, had monitored the aforementioned phone calls between September 2006 and January 2007, and Wal-Mart was alerted to the activity on January 11 by an internal tipster. The company informed the New York Times of the incident on Monday.

Technically, recording the telephone conversations wasn't illegal. Federal and state laws dictate that recordings are O.K. if one of the parties gives consent, and since Wal-Mart's policies state that "all electronic communications of associates using Wal-Mart communication systems are subject to monitoring and recording," that counts as consent from that camp.

However, Wal-Mart claims to have practices that restrict company call monitoring to "compelling circumstances," calls that have been approved in writing from the company's legal department, and a few exceptions (for example, customer hotline calls). Since there was no written permission from Wal-Mart's legal department in the pretexting case, [What pretexting case? Bob] the recordings were a violation of its operational policy.

Additionally, the company's internal investigation revealed that the same systems technician had intercepted various text messages and pages, some of which did not involve Wal-Mart associates. This, too, is a violation of Wal-Mart policy.

The U.S. Attorney for the Western District of Arkansas, which includes Wal-Mart's headquarters in Bentonville, was notified of the incident by Wal-Mart's attorneys on January 13. On March 1, the U.S. Attorney's office informed the company that it would be launching a formal investigation into the recorded phone calls and intercepted text messages.

At this point, there is no word on whether the incident was an act on the part of an individual or if there was any connection further up in Wal-Mart's hierarchy, as in the Hewlett-Packard pretexting scandal that made headlines for much of last year.

UPDATE: Wal-Mart held a press conference Monday afternoon in which Mona Williams, vice president of corporate communications, answered questions from reporters concerning the pretexting incident. Williams repeatedly stressed that since it's now a federal investigation, the company cannot answer a whole lot of questions about it.

However, the press conference did reveal a few points:

-- there were other telephone conversations recorded by the terminated employee, but none of them involved journalists, "public figures," or people who could be identified as "Wal-Mart critics

-- in addition to the unidentified employee responsible for the pretexting, his supervisor has been fired as well and another manager has been "disciplined"

-- despite the termination of the supervisor, Williams still stressed that the systems technician was believed to have been acting alone

-- as far as Wal-Mart knows, the equipment used was owned by the company

-- the text messages were captured from pagers as well as personal digital assistants, but not ordinary cell phones.


...and we may ask you kids for a sample or two

http://www.usatoday.com/news/nation/2007-03-04-kidsdrinking_N.htm?POE=NEWISVA

Schools' test can detect alcohol use 3 days prior

By Charisse Jones, USA TODAY

PEQUANNOCK, N.J. — It may not be the SAT, but for some New Jersey students, passing their school district's newest test may be almost as urgent.

Randomly selected students in Pequannock Township last month began undergoing a screening that can detect whether they drank alcohol up to 80 hours before.

... "The desire to protect students from the dangers of alcohol or other drugs is understandable," says Ed Barocas, legal director of the ACLU of New Jersey. "But sometimes this concern takes on a zeal that ignores other legitimate concerns such as … whether it intrudes on family privacy and whether guilty until proven innocent is a lesson we want to teach our students."

About 75% of Pequannock Township High School's 800 students could be tested. They are involved in extracurricular activities or have privileges such as being able to park on campus. Only those students will make up the pool that can be given the EtG test.

... "It's the stupidest idea ever," says James Martinez, 17, a senior. "I think it's our parents' responsibility. … My dad has a breathalyzer, so if he wants, he can test me." [Why would dad have a breathalyzer? Is it a “New Jersey thing?” Bob]

Martinez and several others say they don't object to drug screening or a tongue-swab test, which picks up more recent alcohol use.

... The EtG screen is so sensitive that even hand sanitizer or fermented apple juice can show exposure to alcohol. That led the federal Substance Abuse and Mental Health Services Administration last fall to say it is "inappropriate" to rely on the EtG test alone for legal and disciplinary action.


...and we might try the “new Google”

http://www.startribune.com/389/story/1033814.html

Internet background checks tell all about a new love interest

For $49.95, learn what lurks in a would-be partner's past.

By Heidi Stevens, Chicago Tribune Last update: March 05, 2007 – 4:36 PM

Nothing says "I love you" like a background check.

Actually, maybe it's more of an "I'm interested in you, but I want to make sure you're not a sociopath who's going to burn down my house, steal my car and set out on a shooting rampage across the Great Plains."

Either way, background checks are the new Google. A simple Internet search is no longer sufficient if you want to get the goods on someone, according to a new commercial push by Intelius. The company has launched TV and print ads urging a buyer-beware approach to relationships.

... The folks at Intelius aren't the only ones sniffing out nefarious would-be partners. Trufina.com will verify a person's age, identity and address for free and for $9.95 will throw in a criminal check. And, of course, you have your sites that allow the burned-by-love set to warn others about potential lotharios, including DontDateHimGirl.com and WhatDoYouKnowAboutRomeo.com.



Is a procedure different if it is done electronically?

http://www.dailymail.com/story/News/+/2007030533/Warrantless-surveillance-in-homes-struck-down

Warrantless surveillance in homes struck down

Maynard says court decision will hamper police investigations

Justin D. Anderson Daily Mail Staff Monday March 05, 2007

Most members of the state Supreme Court say police can't use electronic surveillance on oblivious suspects in their homes without first getting a warrant.

But one of the justices said the ruling is "nonsense" and "overblown rhetoric," claiming that an informant could walk into a defendant's home, make some observations and testify in court with no trouble -- but electronic versions of the same observations would not be admissible.

... The justices noted that they were ruling only on surveillance inside a home and that their opinion should have no impact on electronic surveillance outside a suspect's home.



Attention meat lawyers! You will be assimilated! Resistance is futile!

http://blog.wired.com/27bstroke6/2007/03/ai_cited_for_un.html

27B Stroke 6

by Ryan Singel, Luke O'Brien, and Kevin Poulsen Monday, 5 March 2007

AI Cited for Unlicensed Practice of Law

A web-based "expert system" that helped users prepare bankruptcy filings for a fee made too many decisions to be considered a clerical tool, [by that logic, most paper forms are lawyers Bob] an appeals court said last week, ruling that the software was effectively practicing law without a license.

At issue were two websites maintained by entrepreneur Henry Ihejirika -- Ziinet.com and 700law.com -- which offered automated bankruptcy assistance. That sounded good to consumer Jayson Reynoso, who paid $219 for 60 days of access to the "Ziinet Bankruptcy Engine," described on the websites like this:

Ziinet is an expert system and knows the law. Unlike most bankruptcy programs which are little more than customized word processors the Ziinet engine is an expert system. It knows bankruptcy laws right down to those applicable to the state in which you live. Now you no longer need to spend weeks studying bankruptcy laws.

... Ihejirika had a human lawyer for his defense.



An e-Discovery challenge?

http://hosted.ap.org/dynamic/stories/I/INFORMATION_EXPLOSION?SITE=VALYD&SECTION=HOME&TEMPLATE=DEFAULT

Tech Researchers Calculate Digital Info

By BRIAN BERGSTEIN AP Technology Writer Mar 6, 8:07 AM EST

BOSTON (AP) -- A new study that estimates how much digital information is zipping around (hint: a lot) finds that for the first time, there's not enough storage space to hold it all. Good thing we delete some stuff.

... Add it all up and IDC determined that the world generated 161 billion gigabytes - 161 exabytes - of digital information last year.

That's like 12 stacks of books that each reach from the Earth to the sun. Or you might think of it as 3 million times the information in all the books ever written, according to IDC. You'd need more than 2 billion of the most capacious iPods on the market to get 161 exabytes.

... Bohn said it would be wise to take IDC's figures "with a certain grain of salt," but he added: "I don't think the numbers are going to turn out to be wildly off target."

Considering that Berkeley's 2003 figure of 5 exabytes already was enormous - it was said at the time to be 37,000 Libraries of Congress - why does it matter how much more enormous the number is now?

For one thing, said IDC analyst John Gantz, it's important to understand the factors behind the information explosion.

Some of it is everyday stuff in this YouTube age - IDC estimates that by 2010, about 70 percent of the world's digital data will be created by individuals. For corporations, information is inflating from such disparate causes as surveillance cameras and data-retention regulations.

Perhaps most noteworthy is that the supply of data technically outstrips the supply of places to put it.

IDC estimates that the world had 185 exabytes of storage available last year and will have 601 exabytes in 2010. But the amount of stuff generated is expected to jump from 161 exabytes last year to 988 exabytes (closing in on 1 zettabyte) in 2010.

... ---On the Net: http://www.idc.com

2003 Berkeley study: http://www2.sims.berkeley.edu/research/projects/how-much-info-2003



An e-Discovery Oops...

http://news.com.com/2100-1014_3-6164547.html?part=rss&tag=2547-1_3-0-5&subj=news

Intel admits lapse in document preservation

By Tom Krazit Story last modified Tue Mar 06 04:30:55 PST 2007

Intel disclosed Monday that it has failed to preserve some documents related to Advanced Micro Devices' antitrust suit against it--and AMD pounced on the admission.

Santa Clara, Calif.-based Intel said human error allowed documents--mainly e-mails--to slip through the cracks of a document-retention system put in place after AMD sued [Oops Bob] Intel in June 2005. AMD alleged that the larger chipmaker used the selective distribution of rebates to prevent certain customers from using AMD's chips.

... AMD was quick to respond to Intel's disclosure. "Through what appears to be a combination of gross communication failures, an ill-conceived plan of document retention and lackluster oversight by outside counsel, Intel has apparently allowed evidence to be destroyed," AMD said in a filing Monday with the U.S. District Court in Delaware.

The day after AMD filed suit, Intel preserved the data on its network, and later sent notices asking about 600 employees to retain specific information, the company said in its letter to Farnan. However, it did not instruct those employees to preserve e-mails from their "sent" folders, and since Intel automatically erases e-mails older than a few weeks or months--depending on the employee--those messages could be gone.

The company also failed to send document-retention notices to employees identified in 2006 as additional targets for the document-retention policy, despite having put them on such a list. And despite having preserved data on its network after the complaint was filed, the company has identified "a small number of backup tapes" in its Munich offices that were erased.

... AMD called on the judge to require Intel to produce a full accounting of its document retention policy and errors, and to investigate possible remedial action.

... "The paradoxical result in a lot of these situations is that the company is worse off than what the document would have shown, because people assume the worst," Ostrau said. "When in fact it may be that the documents are completely innocuous, no one can completely be sure."

Problems such as lost documents are generally rare, but occur more and more in the electronic record-keeping era, Ostrau said. "The fact is that complying with your document retention policies is really hard in this day and age," he said. In fact, Fenwick & West has a group of lawyers and technology professionals dedicated solely to managing electronic records.



Huh! Does the patent office do this kind of thing often? Note: This is a report TO the USPTO not FROM.

http://www.bespacific.com/mt/archives/014153.html

March 05, 2007

USPTO Report Finds Inadvertent Filesharing Threatens Personal, Government and Corporate Data

Press release: "...the Department of Commerce's United States Patent and Trademark Office (USPTO) released a report that concludes that the distributors of five popular filesharing programs repeatedly deployed features that they knew or should have known could cause users to share files inadvertently. The report, Filesharing Programs and "Technological Features to Induce Users to Share, identifies five features in recent versions of five popular filesharing programs that could cause users to inadvertently distribute to others downloaded files or their own proprietary or sensitive files. "Computer programs that can cause unintended filesharing contribute to copyright infringement, and they threaten the security of personal, corporate, and governmental data," noted Jon Dudas, under secretary of commerce for intellectual property-the Bush Administration's point person on copyright policy."



We have seen the problem with “information overload” and we think we can do more...

http://hosted.ap.org/dynamic/stories/J/JAPAN_CHIPS_EVERYWHERE?SITE=VALYD&SECTION=HOME&TEMPLATE=DEFAULT

Chattering Chips Enliven Tokyo Stroll

By YURI KAGEYAMA AP Business Writer Mar 5, 2:31 PM EST

TOKYO (AP) -- Downtown strollers looking for directions, store guides or historical tidbits will be able to get an earful without talking to anyone - thanks to 1,200 computer chips embedded around Tokyo's Ginza shopping district.

The information can be heard through earphones that pick up signals from chips stuck in cement, lampposts and subway-station ceilings. The 1 billion yen ($8.7 million) government-backed Tokyo Ubiquitous Technology Project [There's that “ubiquitous” word again Bob] spans several blocks.

University of Tokyo professor Ken Sakamura says the effort gives a glimpse into the future, when such chips will become so widespread that government offices and private businesses will use them to zap information to passers-by.

... U.S. cities have expressed interest in the technology, Sakamura said.



Free is good the best

http://linux.slashdot.org/article.pl?sid=07/03/05/1812247&from=rss

Open Source Network Management Beats IBM and HP

Posted by ScuttleMonkey on Monday March 05, @02:29PM from the slow-and-steady-going-for-the-win dept. Software Linux

mjhuot writes "Last week SearchNetworking.com announced their Product Leadership Awards for 2007. It was a pleasant surprise to see an open source project, OpenNMS, win the Gold in their Network and IT Management Platforms category. OpenNMS beat out the established players of Hewlett-Packard's OpenView and IBM's Tivoli. This was based on a user survey of all IT solutions, not just open source; it demonstrates that open source software is indeed making inroads into the enterprise."


Also free...

http://slashdot.org/article.pl?sid=07/03/06/0217215&from=rss

How Open Source Is Changing Education

Posted by kdawson on Tuesday March 06, @05:29AM from the apple-for-the-penguin dept. Education GNU is Not Unix

ftblguy writes "MIT's Open CourseWare program provides a great example of how the open source movement is impacting education. The Online Education Database also lists Project Gutenberg, Wikipedia, Linux, Firefox, and Google (?) as some of the other open source in education success stories. Open source and open access resources have changed how colleges, organizations, instructors, and prospective students use software, operating systems, and online documents for educational purposes. Each success story has served as a springboard to create more open source successes."



...with short bios

http://www.bespacific.com/mt/archives/014151.html

March 05, 2007

Homeland Security Advisory Council Members

Homeland Security Advisory Council Members - Names and Bios.

No comments: