Tuesday, July 10, 2007

How do you increase the probability of new “identity theft” legislation?

http://www.pogowasright.org/article.php?story=2007070913542759

JP: Resona 'lost 980,000 customer records'

Monday, July 09 2007 @ 01:54 PM CDT Contributed by: PrivacyNews News Section: Breaches

Resona Bank announced Monday it had lost records, including receipts, containing personal information of about 980,000 clients at 27 branches.

Among the branches affected was the one in the Diet building housing the House of Representatives.

The bank said it had not received any reports of illegal use of the information or withdrawals of cash as the records did not contain customers' passwords. However, the information lost did include names, account numbers and transaction details, a bank official said.

If correct, the loss of information on about 980,000 clients would exceed the 960,000 customers affected by information lost by Bank of Tokyo-Mitsubishi UFJ in October.

Source - Daily Yomiuri Online

[From the article:

Details of Resona's problems were discovered at the end of last year when the branches transferred the materials to control centers in Tokyo and Osaka.

As records on transactions using automated teller machines could not be found, the bank spent about six months searching all of its branches, and discovered three types of information--records of ATM use, withdrawal and deposit slips, and copies of tax payments--had gone missing at 27 branches in Osaka, Tokyo and the surrounding areas.



Someone got the word?

http://www.pogowasright.org/article.php?story=20070709181653250

State computers stolen at Elma, but ID theft unlikely, officials say

Monday, July 09 2007 @ 06:16 PM CDT Contributed by: PrivacyNews News Section: Breaches

The items stolen in a string of East County burglaries last month included state-owned computers that held information about clients served by the state’s Women, Infants & Children program. The program, commonly known as WIC, has a clinic located in the Elma Church of God, one of several places hit by the burglars.

The database in the computers didn’t contain Social Security numbers or banking or credit card information, Janet Charles, the state WIC director, said in a news release.

... The stolen database includes some limited WIC client information. “The database is protected by encryption that requires two separate passwords, Charles said. “While this system provides some protection, the state WIC office is considering more sophisticated technology that will increase the level of security.”

Source - The Daily World



“She did nothing wrong...”

http://www.pogowasright.org/article.php?story=20070709181838321

Thousands Of Personal Records Stolen In Carjacking

Monday, July 09 2007 @ 06:18 PM CDT Contributed by: PrivacyNews News Section: Breaches

A carjacking that took place late last month led to the theft of thousands of records and the potential risk for identity theft. The carjacking happened on West 25th Street two weeks ago. The thieves got away with the car and thousands of sensitive records, reported chief investigator Duane Pohlman.

The carjackers struck in broad daylight, stealing the car from a man married to a county employee. Within the car was a computer memory stick filled with names and sensitive personal information on nearly 3,000 people who have received energy assistance from a county weatherization program.... "It contained their name, address, phone number and Social Security number," said Cuyahoga County director of development Paul Oyaski.

Source - NewsNet5.com



Fun and games in DC! (The web site was down when I looked. Overloaded, no doubt.)

http://www.pogowasright.org/article.php?story=20070710054108466

"DC Madam" Posts Phone Records Online

Tuesday, July 10 2007 @ 05:41 AM CDT Contributed by: PrivacyNews News Section: Other Privacy News

In a move that will certainly set into motion hundreds of bloggers and journalists eager to unearth the next Washington sex scandal, Deborah Jeane Palfrey, aka the "DC Madam," has posted 13 years worth of phone records on her website Monday afternoon. The records cover Palfrey's time as head of “Pamela Martin & Associates," a Washington, D.C.-based escort service. As Yeas & Nays noted last week, U.S. District Judge Gladys Kessler recently lifted the temporary restraining order prohibiting Deborah Jeane Palfrey from releasing those telephone records.

Source - Examiner.com



Be careful when you hold yourself out as techno-wizards. People will look behind the curtain.

http://www.pogowasright.org/article.php?story=20070709092107865

Cell Phone Spying Service Leaking Data?

Monday, July 09 2007 @ 09:21 AM CDT Contributed by: PrivacyNews News Section: Breaches

Last week, the geek news world was abuzz with news of a spying service that lets people intercept text messages, call logs, e-mails and other information from BlackBerry and Windows Mobile-equipped smart phones. But it appears the privacy threat is even bigger: According to evidence unearthed by at least one security researcher, the company that offers the intercept service has left its database freely viewable to anyone with a Web browser.

The service at issue, FlexiSPY, is touted as one that can help customers "catch cheating wives or cheating husbands, stop employee espionage, protect children, make automatic backups, bug meetings rooms [sic] etc." The company even offers a demo account that potential customers can use to check out a sampling of intercepted communications.

One security researcher found that by using this application, people are exposing the records of those they're spying on to the entire world.

Source - Security Fix



Some courts have no sense of humor... (Doesn't this open a can of worms?)

http://www.law.com/jsp/article.jsp?id=1183626396604

2nd Circuit Upholds Student's Suspension for Instant-Messaging Violent Image

Mark Hamblett New York Law Journal July 6, 2007

The First Amendment was not violated by the suspension of a student who sent his instant messaging buddies a violent image calling for the death of a teacher, even though the message was a joke, a federal appeals court ruled Thursday.

Even if the sending of the message could be seen as an expression of opinion, the 2nd U.S. Circuit Court of Appeals said "it crosses the boundary of protected speech and constitutes student conduct that poses a reasonably foreseeable risk that the icon would come to the attention of school authorities" and disrupt the work of the school.

Judges Jon Newman, John Walker and Chester Straub decided the appeal of Wisniewski v. Board of Education of the Weedsport Central School District, 06-3394-cv. Newman wrote for the court.

... "It's significant because the court decided that school officials have significantly broader authority to sanction student speech," Galbato said. "It clarifies that there doesn't have to be a true threat for school officials to impose discipline."


I suppose this is related...

http://www.law.com/jsp/article.jsp?id=1183971977785

City in China May Ban Anonymous Web Posts

The Associated Press July 9, 2007

A southern Chinese city is considering a new rule banning anonymous Web postings after residents used the Internet to successfully halt construction of a massive chemical factory, a report said Friday.



Petard hoisting time?

http://slashdot.org/article.pl?sid=07/07/10/0030227&from=rss

Groklaw Explains Microsoft and the GPLv3

Posted by kdawson on Monday July 09, @11:21PM from the those-pesky-vouchers dept. Microsoft GNU is Not Unix Novell

A Groklaw Reader writes "After all the questions about how the GPLv3 will or won't apply to Microsoft following Microsoft's declaration that they weren't bound by it, PJ of Groklaw wrote this story about how and why the GPLv3 will apply to Microsoft. Specifically, it covers in what ways Microsoft would convey GPLv3 software under the Novell agreement, and how Microsoft's refusal to allow previously sold vouchers to be redeemed for GPLv3 software would impact that agreement. Given that Novell has said that they will distribute GPLv3 software, Microsoft may have had the tables turned on them already."



Stupid is as stupid does.” F. Gump (Nothing teaches as easily as a good bad example.) Accountants know you have to keep a separate set of books (separate computer system) if you want to avoid this problem. Definitely worth reading!

http://ralphlosey.wordpress.com/2007/07/07/ghostsurfer-wipe-out-leads-to-jail-order-sanction-in-bankruptcy-court/

GhostSurfer Wipe Out Leads to Jail Order Sanction in Bankruptcy Court

A debtor in a bankruptcy was recently caught destroying evidence using a popular software program called GhostSurf. United States v. Krause (In re Krause), 2007 WL 1597937, 2007 Bankr. LEXIS 1937 (Bankr. D. Kan. June 4, 2007). The debtor was an attorney representing himself. The case proves the old adage that “a lawyer who represents himself has a fool for a client.” The lawyer used GhostSurf to try and wipe all incriminating evidence from his computers before producing them to the government. His GhostSurf wipeout failed, and he was ordered to jail as a result.

... But, the lawyer slipped up in at least two ways, and his scheme to destroy evidence was exposed. First, he did not hide his use of the GhostSurf software very well. It was easy for the forensic experts to see how many files were deleted and when (right after the order). Second, a few of the files were not visible to GhostSurf, probably because they were “orphan files,” and so they were not super-deleted by GhostSurf. Id. at *9. As a consequence a few temporary internet email and web browser files were not wiped from on the hard drives. These files showed that the bankrupt debtor had recently traveled to Zurich, Switzerland to pursue investment opportunities, and suggested that he had substantial, secret off shore assets.

It is interesting to note that even though the metadata showing dates had been deleted along with the files, the forensic experts were still able to prove that they were very recent, and thus very relevant. They used an ingenious method to date these files. The debtor’s computers used Norton Antivirus software. It keeps its own log of all files checked for viruses when downloaded from the Internet. The Norton logs they located did not have download time information, but the forensic experts were still able to prove that the erased files had been recently downloaded. They could do that because the logs showed that a recent version of the software had been used to inspect these files. Id.



The future of reasoned debate?

http://www.bespacific.com/mt/archives/015406.html

July 09, 2007

MotherJones Examines Role of Web 2.0 in Political Campaigns

"Open-source politics is the idea that social networking and participatory technologies will revolutionize our ability to follow, support, and influence political campaigns. Forget party bosses in smoky backrooms—netroots evangelists and web consultants predict a wave of popular democracy as fundraisers meet on MySpace, YouTubers crank out attack ads, bloggers do oppo research, and cell-phone-activated flash mobs hold miniconventions in Second Life..." [Table of Contents for this issue]


Related

http://www.newswise.com/articles/view/531171/?sc=dwtr

Professor Documents Blogging Revolution Among Elected Officials, Public Agencies

A new report by a Southeastern Louisiana University management professor and issued by the IBM-based Center for the Business of Government examines how blogging is becoming an increasingly common method for elected officials and public agencies to communicate with constituencies. The report chronicles blogging activities at all levels of government, including members of Congress, governors, mayors police and fire departments.

... Copies of the report can be downloaded for free at http://www.businessofgovernment.org/main/publications/grant_reports/details/index.asp?gid=291. The Center for the Business of Government will also provide free hard copies of the report to interested public officials, members of the media, and educators.


Related (If Google can do it, so can I?)

http://www.eff.org/deeplinks/archives/005350.php

YouTube Embedding and Copyright

July 09, 2007

There seems to be a considerable amount of interest in, and confusion about, the copyright law consequences of embedding a YouTube video in your blog. In fact, the Blog Herald just ran a story suggesting that bloggers could be on the hook for copyright infringement if they embed a video that turns out to be infringing.

Well, the news really isn't that dire. In fact, I'd say bloggers are generally pretty safe on this score, at least until someone notifies them that an embedded video is infringing.



How (in)secure are your applications? (In my “Intro to Hacking” toolkit)

http://www.phenoelit-us.org/dpl/dpl.html

Default Password List

2007-07-03



I love lists like this...

http://digg.com/tech_news/Time_com_s_50_Best_Websites_of_2007

Time.com's 50 Best Websites of 2007

Time lists some of the best websites of 2007. Categories include Arts & Leisure, Audio & Video, News & Info, Social Networks, and Web Services.

http://www.time.com/time/specials/2007/0,28757,1633488,00.html

No comments: