Saturday, March 03, 2007

Too close to home.

http://cbs4denver.com/consumer/local_story_061205155.html

Mar 2, 2007 6:47 pm US/Mountain

Metro State Computer With SS Numbers Stolen

(CBS4) DENVER College of Denver is working with the Denver and Auraria Police in the investigation of a theft of a computer stolen from campus that contained the names and Social Security numbers of 988 former students.

The laptop computer was stolen from its docking station in the late afternoon of Feb. 28 from a Metro State faculty member's office on the Auraria Campus. The case remains under investigation.

The stolen computer contained roster information of students enrolled in the faculty member's classes from the beginning of the 1999 fall semester to the end of the 2002 fall semester. The stolen computer was password protected.

... Metro State President Stephen Jordan said that this is a very specific incident. "Last spring, it was mandated that all College reports or studies that access private student information, including Social Security numbers, were to be approved through the President's Office," [So, was this one approved? Bob] he said, adding, that the College is completing a project to have College-owned laptops turned over to the Information Technology division for review of the data contained on their hard drives. [“Because all our IT geeks are lawyers who will immediately recognize anything inappropriate.” Bob]

... At this time the campus has no evidence that personal data were actually retrieved or misused. [Why does every organization feel they need to include a statement like this? Clearly two days is not long enough for victims to recognize identity theft, determine the leaking organization, and report it. Clearly self-serving, but does it also lull the victims into a false sense of security? Bob]



Silly? Pay attention class...

http://www.pogowasright.org/article.php?story=20070302161820136

Saturday, March 03 2007 @ 06:45 AM CST

'Embarrassed' Gun Suspect Sues Microsoft After FBI Finds Sex Videos On His PC

Friday, March 02 2007 @ 04:18 PM CST - Contributed by: Lyger - Internet & Computers

A man awaiting trial for alleged gun crimes is suing Microsoft for privacy violations after FBI agents seized his home computer during a raid and found files containing sexually explicit videos of him and his girlfriend and evidence that he frequented pornographic Web sites.

Michael Alan Crooker, currently in jail in Connecticut, says security features advertised by Microsoft and its business partners should have kept federal agents from accessing the files on his PC. In court papers filed this week in Massachusetts Superior Court, Crooker says he "suffered great embarrassment" as a result of Microsoft's failure to keep the FBI's prying eyes off his computer.

Source - InformationWeek h/t - Fergie's Tech Blog

[From the article:

At the FBI lab, agents were able to access Crooker's files by making a mirror image of the hard drive. [A basic e-Discovery technique. Then the drive is attached as an external drive and read. If the operating system on the target drive is never used, all those security programs never run, never asks for your password, etc. Bob] Among the files, they found a video showing Crooker and his girlfriend having sex, his medical records, family photographs, and correspondence between Crooker and his attorneys. They also found Internet history files that showed Crooker's fondness for pornographic Web sites.

Crooker says he had set Internet Explorer to delete his Internet history every five days. "Any day beyond those parameters is supposed to be permanently deleted and is not supposed to be recoverable," Crooker says in the lawsuit. He also claims Compaq's DriveLock security system should have prevented the FBI from accessing his hard drive.

In the court papers, Crooker says he already has reached settlements with Hewlett-Packard, which owns the Compaq brand, and Circuit City.



Dear employee,

http://www.pogowasright.org/article.php?story=20070302083145515

Worker Can Be Fired for Refusing Search of Briefcase

Friday, March 02 2007 @ 08:31 AM CST - Contributed by: PrivacyNews - In the Courts

A man who was fired for refusing to let his boss inspect the contents of his briefcase is not entitled to unemployment benefits, a Florida appeals court has ruled. The court said Bradley Leedham would receive no benefits because he was fired for misconduct connected with work.

Source - FindLaw



Eventually, we should be able to do this with any video camera on the Internet...

http://digg.com/environment/Near_realtime_free_satellite_images_of_the_Earth

Near realtime free satellite images of the Earth

The MODIS satellites gaze back at the Earth constantly circling and snapping high res images of our world. You can see what they've been up to for the last couple days and download high res versions that are in the commons and ready for you to use for whatever you like.

http://rapidfire.sci.gsfc.nasa.gov/subsets/



Interesting. Other than “he passed” what does the test score reveal? Are grades confidential?

http://www.oaoa.com/news/nw030207g.htm

Lawsuit is about more than test scores

Attorney: Gallegos hopes to reverse AG ruling

BY ELAINE MARSILIO emarsilio@oaoa.com

A top ECISD administrator and his attorney said his fight to keep a test score private will have an impact on educators across the state.

... The test, called the Examination for the Certification of Educators in Texas, is one of two certification programs by the State Board for Educator Certification and Texas Education Agency that gauges an educator’s knowledge of information rather than performance, according to the TEA Web site.

... Lungwitz said everyone’s grades from bachelor’s to doctorate degrees are confidential, and Gallegos’ test scores are no different.
“Everybody’s grades are private in this country,” he said. “It’s in the same vein.”



Anyone want to start their own phone company?

http://www.washingtonpost.com/wp-dyn/content/article/2007/03/01/AR2007030101695.html

FCC Grants Internet Phone Access

By Molly Peterson Bloomberg News Friday, March 2, 2007; Page D03

Rural telephone companies must allow carriers such as Verizon Communications to use local lines to connect Internet-based calls, U.S. regulators said yesterday.



A logical strategy. There are plenty of stories showing how poorly government agencies understand technology, so it is only logical for them to say “Keep everything forever. We'll try to figure out what we need by examining what defense attorneys ask for...”

http://news.com.com/2100-1028_3-6163679.html

Justice Department takes aim at image-sharing sites

By Declan McCullagh Story last modified Fri Mar 02 07:33:00 PST 2007

The Bush administration has accelerated its Internet surveillance push by proposing that Web sites must keep records of who uploads photographs or videos in case police determine the content is illegal and choose to investigate, CNET News.com has learned.

That proposal surfaced Wednesday in a private meeting during which U.S. Department of Justice officials, including Assistant Attorney General Rachel Brand, tried to convince industry representatives such as AOL and Comcast that data retention would be valuable in investigating terrorism, child pornography and other crimes. The discussions were described to News.com by several people who attended the meeting.

A second purpose of the meeting in Washington, D.C., according to the sources, was to ask Internet service providers how much it would cost to record details on their subscribers for two years. At the very least, the companies would be required to keep logs for police of which customer is assigned a specific Internet address.

Only universities and libraries would be excluded, one participant said. [News flash: Real ID required to use library! Bob] "There's a PR concern with including the libraries, [It is better to look good than to be secure... Bob] so we're not going to include them," the participant quoted the Justice Department as saying. "We know we're going to get a pushback, so we're not going to do that."

Attorney General Alberto Gonzales has been lobbying Congress for mandatory data retention, calling it a "national problem that requires federal legislation." Gonzales has convened earlier private meetings to pressure industry representatives. And last month, Republicans introduced a mandatory data retention bill in the U.S. House of Representatives that would let the attorney general dictate what must be stored and for how long.

... Often invoking terrorism and child pornography as justifications, the administration has argued that Internet providers must install backdoors for surveillance and has called for routers to be redesigned for easier eavesdropping. President Bush's electronic surveillance program, which was recently modified, has drawn an avalanche of lawsuits.

The Justice Department's request for information about compliance costs echoes a decade-ago debate over wiretapping digital telephones, which led to the 1994 Communications Assistance for Law Enforcement Act. To reduce opposition by telephone companies, Congress set aside $500 million for reimbursement and the legislation easily cleared both chambers by voice votes.

Once Internet providers come up with specific figures, privacy advocates worry, Congress will offer to write a generous check to cover all compliance costs and the process will repeat itself.

... Because the Justice Department did not circulate a written proposal at the private meeting, it's difficult to gauge the effects on Web sites that would be forced to record information on image uploads for two years. Meeting participants said that Justice officials (including Brand, the assistant attorney general for legal policy and a former White House attorney) did not answer questions about anonymously posted content and whether text comments on a blog would qualify for retention.

In practice, some Web businesses already make it a practice to store personal information forever. Google stores search terms indefinitely, for instance, while AOL says it deletes them after 30 days.

David Weekly, a San Francisco-area entrepreneur who founded popular Wiki-creation site PBWiki.com, said the Justice Department's proposal would be routinely evaded by people who use overseas sites to upload images. (PBWiki, which recently raised $2 million from Mohr Davidow Ventures, lets people embed photographs on pages they create with a point-and-click editor.)

If the proposal were to become law, PBWiki would already be in compliance, Weekly said. "We already keep all that data pretty much indefinitely because it's invaluable for us to mine and figure out how people use services," he said. "How do they use services now versus a year ago? Was February a bad month for traffic?... We already have the data there. It's already searchable. It's already indexed."

[Sidebar:

ISP snooping timeline

In events first reported by CNET News.com, Bush administration officials have said Internet providers should keep track of what Americans are doing online. Here's the timeline:

June 2005: Justice Department officials quietly propose data retention rules.

December 2005: European Parliament votes for data retention of up to two years.

April 14, 2006: Data retention proposals surface in Colorado and the U.S. Congress.

April 20, 2006: Attorney General Alberto Gonzales says data retention "must be addressed."

April 28, 2006: Democrat proposes data retention amendment, followed by a Republican.

May 26, 2006: Gonzales and FBI Director Robert Mueller pressure Internet and telecom companies.

September 26, 2006: Politicians suggest that Web hosts and registrars might have to comply. Search engines are also mentioned.

January 18, 2007: Gonzales says administration will ask Congress for new laws.

February 6, 2007: Republicans introduce mandatory data retention "Safety Act."



How do I love my customers, let me count the ways... OR How to attract a swarm of Class Action lawyers... OR No one will ever notice....

http://www.courant.com/news/local/hc-watchdog0302,0,5198012.column?coll=hc-utility-local

Best Buy Confirms It Has Secret Website

March 2, 2007

Under pressure from state investigators, Best Buy is now confirming my reporting that its stores have a secret intranet site that has been used to block some consumers from getting cheaper prices advertised on BestBuy.com.

Company spokesman Justin Barber, who in early February denied the existence of the internal website that could be accessed only by employees, says his company is "cooperating fully" with the state attorney general's investigation.

Barber insists that the company never intended to mislead customers.

... Blumenthal said Wednesday that Best Buy has also confirmed to his office the existence of the intranet site, but has so far failed to give clear answers about its purpose and use.

"Their responses seem to raise as many questions as they answer," Blumenthal said in an interview. "Their answers are less than crystal clear."

... Then they threw in this interesting line: "Although we have an intra-store web site in place to support store operations (including products and pricing), we are reminding our employees how to access the external BestBuy.com web site to ensure customers are receiving the best possible product price."

That last sentence seems to indicate that Best Buy, which is supposed to be staffed by tech-savvy employees, is putting the blame on memory lapses: that employees have somehow forgotten how to access BestBuy.com from the store.

... This is not the first time the giant electronic retailer has gotten into trouble misleading customers. The firm, based in Minneapolis, operates more than 1,100 electronic retail stores in the U.S., Canada and China. It has more than 125,000 full-time employees.

Attorneys general in New Jersey and Ohio have accused Best Buy of deceptive sales practices, repackaging used merchandise and selling it as new, and failing to pay rebates and refunds. It paid $135,000 in New Jersey three years ago to settle that state's suit, which was based on hundreds of consumer complaints. The Ohio case is ongoing.


Ditto

http://hardware.slashdot.org/article.pl?sid=07/03/02/2110259&from=rss

Disk Drive Failures 15 Times What Vendors Say

Posted by Zonk on Friday March 02, @04:15PM from the cough-sputter-wheeze-choke dept. Data Storage Hardware

jcatcw writes "A Carnegie Mellon University study indicates that customers are replacing disk drives more frequently than vendor estimates of mean time to failure (MTTF) would require.. The study examined large production systems, including high-performance computing sites and Internet services sites running SCSI, FC and SATA drives. The data sheets for the drives indicated MTTF between 1 and 1.5 million hours. That should mean annual failure rates of 0.88%, annual replacement rates were between 2% and 4%. The study also shows no evidence that Fibre Channel drives are any more reliable than SATA drives."


Ditto

http://it.slashdot.org/article.pl?sid=07/03/02/189234&from=rss

Security Software Costs More to Renew Than Buy New

Posted by Zonk on Friday March 02, @01:21PM from the helping-the-consumer-choose dept. Security The Almighty Buck Software

Matt Whipp writes " In a story I wrote for PCPro, I explore a tip submitted by one of our readers. They pointed out how much more it costs to renew security software, rather than buying it new. In fact it cost less than half the price to buy it new than it does to renew the license because of heavy discounting. He feels a bit cross that, as a loyal customer, he is the one penalized.

From the article: 'ZoneAlarm may have tripped up on this discount issue, but it's not alone. It highlights just how cynical companies can be in relying on customers' assumptions that a renewal should be cheaper than buying new. McAfee's Internet Security Suite costs just £24.99 with the current 50 per cent discount. However, should you be fool enough to already be a customer of McAfee, you'll have to pay £39.99 to renew your licence.'"



How good is your antivirus?

http://www.f-secure.com/weblog/#00001129

ADVANCED+

Posted by Mikko @ 14:26 GMT

Latest comparative test results from AV-Comparatives.org are out. We did very nicely in the test and netted the highest "ADVANCED+" rating - unlike the big boys.

This test used almost half a million sample files. For full results, download the test report.



Cool! I only got 49... Shame on me. I like the format though...

http://digg.com/playable_web_games/You_have_10_minutes_to_name_as_many_of_the_54_African_Countries_as_you_can

You have 10 minutes to name as many of the 54 African Countries as you can.

If you thought that naming the 50 States was easy, test yourself with this significantly harder challenge. You'll be surprised how little you know about Africa--yes, even less than you think you do.



Dare the New York Times (or the National Enquirer) fall behind?

http://www.wired.com/news/culture/0,72829-0.html?tw=rss.index

The Onion Goes Viral With Video

By Sonia Zjawinski 07:50 AM Mar, 01, 2007

Before The Daily Show With Jon Stewart and The Colbert Report, there was The Onion. So why hasn't the satirical weekly taken a swipe at broadcast journalism yet?

"We've been waiting for technology to catch up with our frighteningly advanced vision for the future of news," says Sean Mills, president of Onion Inc. "That day has finally come."

In late March, the company will launch The Onion News Network, a service that will stream original clips every week produced by a team of 15 new hires, including an entire production team. (That pushes the Onion empire to roughly 145 staffers.)

... Footage is based on the premise that the paper has been running a 24-hour news service for the past 75 years, only no one knew about it.

... But while Time and washingtonpost.com restrict their videos to their sites or affiliates' sites, the Onion News Network will encourage bloggers to embed clips on their own pages.



Too cruel? Or too true?

http://digg.com/security/Visual_Aid_For_Boston_Police_Department

Visual Aid For Boston Police Department

This person has created a visual aid to help the hard working officials in Boston spot items that are NOT bombs.

http://flickr.com/photos/groovymother/sets/72157594564032667/

No comments: