Thursday, June 28, 2007

In theory, these are computer professionals... (They are having a sale on an Internet Security Suite today. Somehow, I don't have much confidence in their ability.)

http://www.todaystmj4.com/news/local/8202232.html

65,000 Milwaukee PC Customers May Be at Risk

Heather Shannon Story Updated: Jun 27, 2007

MILWAUKEE - The credit card information of 65,000 customers who've used Milwaukee PC may have been compromised.

The staff at the computer retailer and service center noticed a file in their server and was concerned that file could contain customers' credit card numbers and personal information. [They can't tell? Bob]

No one has reported their information stolen yet, [How would they know it was your fault before you announced? Bob] but Milwaukee PC isn't taking any chances.

"We think that it is possible that we stopped it before it got out, but to stay on the safe side for our customers, we thought it best to send them a letter,” Troy Salchow, general manager of Milwaukee PC said.



At lest they won't say “We have no indication that the information was used...”

http://www.pogowasright.org/article.php?story=20070627165756145

Criminal Probe Launched Into Computer Hacking of Vet School Admissions Info

Wednesday, June 27 2007 @ 04:57 PM CDT Contributed by: PrivacyNews News Section: Breaches

A criminal investigation into the apparent hacking and misuse of computerized veterinary medical school admissions records has been launched by the University of California, Davis, Police Department, in cooperation with the Sacramento Valley High Tech Crimes Task Force.

On June 15, the university determined that its computer-security safeguards had been breached and someone had gained access to the personal information of an estimated 1,120 applicants to the School of Veterinary Medicine for the 2007-2008 school year, including 131 accepted students. The hacker had accessed information including the applicants' names, birth dates and, in most cases, Social Security numbers.

The security breach became apparent when applicants who had recently been admitted to the School of Veterinary Medicine attempted to set up campus computer accounts and were notified that accounts had already been established in their names. [Strong indication that the hacker was an amateur. No pro would tip his hand this way... Bob] Further investigation revealed that the records of 375 veterinary medical school applicants for the 2004-2005 school year -- seven of them admitted students -- also might have been illegally accessed.

Source - UC Davis



Again someone lost a thumb drive. These won't be secure until they are subcutaneous. (At the rate they are shrinking, it should be possible in time for Christmas.)

http://www.wtol.com/Global/story.asp?S=6718096

BGSU: Flash Drive With Students' Personal Info Has Been Lost

June 27, 2007 01:06 PM

The following came from Bowling Green State University.

BOWLING GREEN -- Bowling Green State University is notifying current and former students of accounting professor Dr. W. David Albrecht that a computer flash drive with information about them has been lost.

Files on the portable storage device contained Social Security numbers for 199 students from his classes in 1992, and the names, grades and University identification numbers -- but not the Social Security numbers -- for approximately 1,600 other students.

There is no indication that any information on the missing flash drive has been accessed in any way, [The is no possible indication of access until evil things start happening, is there? Bob] and there was no system breach or hacking of the University's computer systems.

Albrecht informed University officials May 30 that after an extensive search, he was unable to locate his computer flash drive.



You tell these kids their information is not private, but do they listen?

http://techdirt.com/articles/20070627/012707.shtml

Who Needs A Yearbook When You Already Have Facebook.com?

from the welcome-to-the-new-world dept

There's an interesting in the Washington Post about students at a high school in Maryland who got a bit of a shock when they opened up their latest yearbooks... only to find photos from their Facebook.com profiles included in the book. Apparently, the yearbook staff procrastinated on finding photos for the yearbook and took the shortcut route of simply copying them from various student Facebook.com profiles, without bothering to ask permission. [Would they need permission? Bob] This has freaked out some of the students. There are a few things that come across as interesting about this story. First, it shows yet another example of students thinking of everything on the web as being open content for use. Second, the reaction of the students freaked out by this reminds us that the social networking sometimes forgets that the content on these sites is publicly available for people to find outside their closeknit group of friends. All in all, it seems pretty lazy for the yearbook staff to not at least ask the individuals for permission to use their photos, but at the same time it's fairly creative for the staff to also realize that they were more likely to get interesting candid photos of students via the website. Then, of course, why isn't anyone asking whether the whole concept of "the yearbook" is starting to get outdated thanks to social networks like Facebook?


Speaking of Facebook...

http://blog.wired.com/27bstroke6/2007/06/facebook-privat.html

Facebook Private Profiles Not As Private As You Think They Are

-- UPDATED With Facebook Changes

By Ryan Singel EmailJune 27, 2007 | 12:30:15 PMCategories: Privacy, Privacy

Facebook users who set their profiles to private aren't quite as hidden as they might think they are, according to security researcher Christopher Soghoian, who discovered that Facebook's advanced search features reveals people's names, pictures, religion and sexual orientation to people who don't have permission to see their profile.



On the flip side... (Does anyone under 25 remember where that phrase came from?)

http://www.securityfocus.com/brief/536?ref=rss

Cybercrime busts net data-theft suspects

Robert Lemos 2007-06-27

Two operations run by the the U.S. Secret Service led to the arrests of French and Canadian citizens on charges stemming from the theft of user names and passwords and illegal carding activity, the federal agency said this week.

In Operation Lord Kaisersose, the Secret Service's Miami field office identified an individual, known online as "Lord Kaisersose," that had allegedly stolen more than 28,000 compromised accounts and used the information to commit more than $14 million in fraud. The investigation led the French National Police to arrest a French citizen and three associates, the Secret Service said in a statement. A second operation led the Calgary Police Service to arrest an Alberta resident on charges of possessing and trading credit-card skimming devices and a French resident on charges of illegal carding activities.

The Secret Service stressed that the operations, as with most other Internet investigations, would not have been successful without international cooperation.

"Technology has forever changed the way commerce is conducted, virtually erasing geographic boundaries," Michael Stenger, assistant director of the U.S. Secret Service Office of Investigations, said in a statement (PDF).

... Most cybercrime investigations have had international components. An investigation into online funds transfer service E-Gold has been complicated by the fact that the company is registered in Nevis, West Indies, even though the company's assets appear to be entirely based in Florida. Operation Cardkeeper -- an FBI investigation into the illegal trading of credit-card numbers, so-called "carding" -- led to the arrest last year of three people in the U.S. and another 13 in Poland.

The U.S. Secret Service is developing the curriculum for the National Computer Forensics Institute in Hoover, Alabama, which will train both U.S. and international law enforcement personnel.



How do you prove “infringing” objectively enough to program it into your search engine?

http://techdirt.com/articles/20070627/121427.shtml

MPAA Sues Sites For Linking To Infringing Content

from the just-a-link dept

It's amazing how badly the entertainment industry wants people to believe that anything they don't like [..or understand.. Bob] must be illegal. There's already a long history of them suing the easiest party for them to find rather than the party actually breaking the law, so it shouldn't be much of a surprise to see them doing so again. Apparently the MPAA has sued some sites that create a directory of online videos, mainly TV shows and movies. These sites do not host the files. They simply point people to where they are online. Effectively, it's the same thing that a search engine like Google does. There are plenty of Google searches that will lead you to unauthorized content, but for some reason, the entertainment industry believes that if you make a specialized search engine or directory you're somehow liable. These sites have come under attack before, and the MPAA may be hoping that by creating a specialized search engine they'll be able to show "inducement" under the Supreme Court's Grokster standard. It will definitely be worth watching how these court cases go, because if the MPAA succeeds, it effectively means that they'll have the right to sue anyone who links to infringing content by claiming inducement. That would be a horrible precedent to set.



Documenting a dying industry (from a reputable source?)

http://www.rollingstone.com/news/story/15137581/the_record_industrys_decline/print

The Record Industry's Decline

Record sales are tanking, and there's no hope in sight: How it all went wrong

Brian Hiatt and Evan Serpick Posted Jun 19, 2007 2:29 PM

This is the first part of a two-part series on the decline of the record industry. Today we're including Brian Hiatt and Evan Serpick's report on where the music business went wrong, from the current issue of Rolling Stone, as well as an interactive graphic illustrating the industry's slide. Tomorrow, check back with RollingStone.com for interviews with industry leaders on the future of the music business.



Someone else who does not understand technology?

http://arstechnica.com/news.ars/post/20070627-ftc-shoots-down-net-neutrality-says-it-is-not-needed.html

FTC shoots down Net Neutrality, says it is not needed

By Ken Fisher | Published: June 27, 2007 - 06:07PM CT

The Federal Trade Commission today dealt a serious blow to "Net Neutrality" proponents as it issued a report dismissive of claims that the government needs to get involved in preserving the fairness of networks in the United States.

FTC Report (PDF)



Isn't this just a good interpretation of a badly worded law?

http://www.law.com/jsp/article.jsp?id=1182848790153

Appeals Panel 'Reluctantly' Tosses Child Porn Case

Alyson M. Palmer Fulton County Daily Report 06-27-2007

Judges of the Georgia Court of Appeals last week said they must "reluctantly" issue an opinion that may make it more difficult for the state to prosecute people who look at child pornography.

A three-judge panel on June 21 reversed the conviction of a North Georgia man on 106 counts of sexual exploitation of children because, the judges found, prosecutors didn't prove that the man knew he had pornographic images stored in his computer hard drive. [Shouldn't that be a minimum requirement? Bob]

In what it said was an issue of first impression in Georgia, the panel of Judge M. Yvette Miller, Chief Judge Anne Elizabeth Barnes and Presiding Judge J.D. Smith narrowly construed what it means to "knowingly" possess child pornography under the state's sexual exploitation law. It's not enough, wrote Miller for the panel, to prove a defendant has pornographic images in the inaccessible cache files of his computer.

... But the lawyer who won the appeal, Daniel J. Ripper, of Luther-Anderson in Chattanooga, Tenn., said the opinion just gives prosecutors a roadmap for handling child pornography cases. "This is a case that says, 'Here are the facts that you need,'" said Ripper, a member of the State Bar of Georgia who said about half of his work is in Georgia.

... At the jury trial before Walker Superior Court Judge Kristina C. Connelly, a U.S. Secret Service forensic computer analyst testified that each of the pornographic images on Barton's computer was stored on the hard drive of his computer in temporary Internet file folders, according to the opinion. The agent said the files' existence meant that Barton had viewed the images on the Internet but hadn't taken any additional steps to save them on his computer -- and couldn't retrieve the images again without special software he didn't have.

According to the court's opinion, the agent said that Barton had looked at each of the 106 images once over the course of two separate time periods totaling less than four hours on Dec. 2 and 3, 2003. He testified that even those unwanted images that "pop-up" on a computer screen are stored on a computer's hard drive but didn't say whether any of the images stored on Barton's computer represented "pop-ups."

A jury acquitted Barton of child molestation and sodomy charges, which Ripper said arose in the context of a bitter divorce. But he was convicted on the sexual exploitation charges based on the photos and sentenced to serve 20 years in prison.

Barton appealed, arguing that the state hadn't shown he knowingly possessed the images because he hadn't taken any affirmative action to store the photos on his computer, was unaware the computer had automatically saved the images and had no ability to access the saved images.

... However, he said, a forensics expert could determine the manner in which the images came to appear on the computer by examining Internet search histories stored on the computer. If such a search reveals that the defendant sought out the child pornography, said Ripper, "you take that and add it to number of images and the amount of time, then bingo."



How to Blog?

http://www.bespacific.com/mt/archives/015285.html

June 27, 2007

The Blogging Revolution: Government in the Age of Web 2.0

The Blogging Revolution: Government in the Age of Web 2.0 David C. Wyld Associate Professor Southeastern Louisiana University (99 pages, PDF)

  • Description: "Dr. Wyld examines the phenomenon of blogging in the context of the larger revolutionary forces at play in the development of the second-generation Internet, where interactivity among users is key. This is also referred to as "Web 2.0." Wyld observes that blogging is growing as a tool for promoting not only online engagement of citizens and public servants, but also offline engagement. He describes blogging activities by members of Congress, governors, city mayors, and police and fire departments in which they engage directly with the public. He also describes how blogging is used within agencies to improve internal communications and speed the flow of information. Based on the experiences of the blogoneers, [Please. Bloggers is more logical. Bob] Wyld develops a set of lessons learned and a checklist of best practices for public managers interested in following in their footsteps. He also examines the broader social phenomenon of online social networks and how they affect not only government but also corporate interactions with citizens and customers."



Where to video? Monopoly concerns? (see next)

http://weblogs.hitwise.com/leeann-prescott/2007/06/youtube_50_more_traffic_than_o_1.html

June 27, 2007

YouTube: 50% More Traffic than Other Video Sites Combined

YouTube's growth has not begun to slow yet this year. Hitwise traffic data shows that the market share of US visits to YouTube has increased by 70% when comparing January 2007 to May 2007 (this only includes site visits, not streams or streams from views on embedded videos). In comparison, the market share of visits to a custom category of 64 other video sites increased by only 8% in that period. As of May 2007, YouTube's market share was 50% greater than those 64 sites combined. Here is a ranking of the top 10 sites in that custom category for May 2007.


Some people have concerns...

http://bits.blogs.nytimes.com/2007/06/27/myspace-tv-and-the-salary-story/

MySpace TV, and the Salary Story

By Brad Stone June 27, 2007, 2:33 pm

In today’s paper I wrote about MySpace TV, the social network’s challenge to YouTube, a company it inadvertently helped emerge from the nursery when MySpace members began posting YouTube videos to their profile pages. After the jump is a first look at the new MySpace TV home page, which should go live later this week.



Tools & Techniques for ubiquitous surveillance... So simple a caveman can do it!

http://infectedproject.wordpress.com/2007/06/26/set-up-a-webcam-security-system/

Set-up a Ubuntu webcam security system

26Jun07

Have you ever wanted to spy see on what is going on in your home while you are away? Motion is a piece of open source software that acts as a motion detector. It enables you to set-up a webcam server that you can have all your cameras connected too, so you can view them remotely and also upload them to a remote server. Motion should run on most linux distributions but for this exercise I’m using the desktop version of Ubuntu linux.



Read this or I'll take your lunch money!

http://www.bespacific.com/mt/archives/015291.html

June 27, 2007

New Pew Internet Data Memo on Cyberbullying

Press release: "The Pew Internet & American Life Project has just released a short new report that looks at online harassment and cyberbullying among online teens ages 12-17. The report finds that about one third (32%) of all teenagers who use the internet say they have been targets of a range of annoying and potentially menacing online activities - such as receiving threatening messages; having their private emails or text messages forwarded without consent; having an embarrassing picture posted without permission; or having rumors about them spread online...the full report is available here."



A world without cash has been coming for at least thirty years now...

http://www.infoworld.com/article/07/06/28/cash20security_1.html?source=rss&url=http://www.infoworld.com/article/07/06/28/cash20security_1.html

Fed weighs future of contactless payments

Payments industry defends security of technology at recent meeting and claims that waiters, not wireless, are the biggest security threat

By Paul F. Roberts June 28, 2007

You can call it 'cash 2.0': a new age of wireless payment technology that may replace even the smallest cash transactions in the coming years with the wave of a credit card or mobile phone.

But as major corporations like CVS, McDonald's, and Walgreens begin deploying new RF, or "contactless," payment technology, the Federal Reserve is taking a closer look at the technology and is asking the payment industry and card companies, among other questions, whether the new payment systems are secure.



As baby boomers get older, certain technologies gain in appeal...

http://www.techcrunch.com/2007/06/27/when-youve-got-to-go-go-to-mizpeecom/

When You’ve Got To Go, Go To Mizpee.com

Duncan Riley June 27 2007

MizPee is a new service focused on delivering pertinent information regarding the location of nearby restrooms.

No comments: