Thursday, July 12, 2007

Think of a new game show: “Credible or Incredible” Perhaps we could get Howie Mandel to host?

http://techdirt.com/articles/20070711/135658.shtml

Ohio State Data Leak Now About 16 Times Worse Than Initially Disclosed

from the fun-with-numbers dept

Back in June, the state of Ohio said it had lost the personal information of some 64,000 state employees, after a storage device was stolen from an intern's car -- which, apparently according to its security protocols, was a suitable off-site storage location. The state dutifully followed the usual plan of releasing another announcement raising the number of people whose information was lost, putting it at 500,000. Turns out that was a little conservative; the state now says the figure is closer to one million, nearly 16 times the original claim. The governor and his staffers claim that nobody appears to have used the stolen information yet, and that it would take somebody with "special knowledge and understanding" to access it. Of course, coming from a place where storing stuff in an intern's car is regarded as secure and safe, that claim doesn't carry a lot of weight -- nor does it make up for the egregious breach that occured.


http://hosted.ap.org/dynamic/stories/D/DATA_THEFT?SITE=VALYD&SECTION=HOME&TEMPLATE=DEFAULT

Ohio: Stolen Device Contains 859,800 IDs

By MATT LEINGANG Associated Press Writer Jul 12, 12:37 AM EDT

COLUMBUS, Ohio (AP) -- A stolen computer storage device contained more than twice the number of taxpayers' identifications than had been previously reported, Gov. Ted Strickland said Wednesday, but he emphasized there is still no indication the data have been compromised.

The names and Social Security numbers of 561,126 people who had not cashed state income refund checks were on the device, as well as 14,874 people who did business with the state, according to an ongoing review of the information it held. That brings the total number of taxpayers affected to 859,800, Strickland said.



The Mouse didn't do it, but his customers my not see it that way.

http://www.pogowasright.org/article.php?story=20070711183746511

Disney Movie Club members victimized in latest data-breach horror show

Wednesday, July 11 2007 @ 06:37 PM CDT Contributed by: PrivacyNews News Section: Breaches

An undisclosed number of Disney Movie Club members have received letters informing them that their credit-card information was sold by an employee of a Disney contractor to a federal agent as part of an undercover sting operation, Network World has learned.

The sting occurred sometime in May, while the letter - a copy of which was forwarded to Buzzblog by the security Web site attrition.org - is dated July 6. Why notification took that long is among this morning's unanswered questions (update below from Disney ... and later comments here from a club member/database security expert who got one of the letters).

The latest in a seemingly endless string of data-breach incidents involving major organizations, this one is being pinned on a third-party contractor, Alta Resources, according to the letter signed, "John Flynn, for the Disney Movie Club." The address on the Disney Movie Club stationery matches that of an Alta Resources P.O. Box in Neenah, Wis., so I'm presuming the verbiage comes from Alta Resources.

Source - NetworkWorld



Not much in the news about this one... (or is it an old one?)

http://www.pogowasright.org/article.php?story=20070711060350586

University-owned laptop with student data stolen

Wednesday, July 11 2007 @ 06:03 AM CDT Contributed by: PrivacyNews News Section: Breaches

Elizabeth Beaumont and the political science department recently got a taste of technology's paradox: Convenience sometimes complicates matters.

While in Palo Alto, Calif., a perpetrator stole a laptop in Beaumont's possession that belonged to the political science department - out of a locked car. She is an assistant professor in the department.

According to an e-mail from department chair and Regents' professor John Sullivan to students enrolled in Beaumont's classes dating back to fall 2005, the information on the laptop included student names, e-mail addresses, University identification numbers and grades.

Source - The Minnesota Daily

[From the article:

... The files containing student data were not encrypted at the time of the theft. It is University policy to protect all nonpublic, electronic information through encryption.

... "The laptops are a security issue, of course," he said. "They've got a process afoot [Very Conan-Doyle old man... Bob] to do the encryption. They've got the product … it just hadn't been done yet."

... Hanna said last Friday about 20 to 30 percent of the laptops in the political science department were wholly encrypted.



Why CEOs get a bad reputation.

http://online.wsj.com/article/SB118418782959963745.html

Whole Foods Is Hot, Wild Oats a Dud -- So Said 'Rahodeb'

Then Again, Yahoo Poster Was a Whole Foods Staffer, The CEO to Be Precise

By DAVID KESMODEL and JOHN R. WILKE July 12, 2007; Page A1

In January 2005, someone using the name "Rahodeb" went online to a Yahoo stock-market forum and posted this opinion: No company would want to buy Wild Oats Markets Inc., a natural-foods grocer, at its price then of about $8 a share.

"Would Whole Foods buy OATS?" Rahodeb asked, using Wild Oats' stock symbol. "Almost surely not at current prices. What would they gain? OATS locations are too small." Rahodeb speculated that Wild Oats eventually would be sold after sliding into bankruptcy or when its stock fell below $5. A month later, Rahodeb wrote that Wild Oats management "clearly doesn't know what it is doing .... OATS has no value and no future."

The comments were typical of banter on Internet message boards for stocks, but the writer's identity was anything but. Rahodeb was an online pseudonym of John Mackey, co-founder and chief executive of Whole Foods Market Inc. Earlier this year, his company agreed to buy Wild Oats for $565 million, or $18.50 a share.

... Mr. Mackey's online alter ego came to light in a document made public late Tuesday1 by the Federal Trade Commission in its lawsuit seeking to block the Wild Oats takeover on antitrust grounds. Submitted under seal when the suit was filed in June, the filing included a quotation from the Yahoo site. An FTC footnote said, "As here, Mr. Mackey often posted to Internet sites pseudonymously, often using the name Rahodeb."

After The Wall Street Journal contacted Whole Foods yesterday, the company said in a statement that among millions of documents it gave the FTC were postings its CEO made from 1999 to 2006 "under an alias to avoid having his comments associated with the Company and to avoid others placing too much emphasis on his remarks." The statement said, "Many of the opinions expressed in these postings now have far less relevance than when they were written." Whole Foods didn't confirm every Rahodeb posting as being from Mr. Mackey.

... Mr. Mackey declined to be interviewed. But he soon posted on the company Web site, saying that the FTC was quoting Rahodeb "to embarrass both me and Whole Foods." He also said: "I posted on Yahoo! under a pseudonym because I had fun doing it. Many people post on bulletin boards using pseudonyms." He said that "I never intended any of those postings to be identified with me." [I bet he didn't. Isn't that rather naive in the Internet age? Bob]

Mr. Mackey's post continued: "The views articulated by rahodeb sometimes represent what I actually believed and sometimes they didn't. Sometimes I simply played 'devil's advocate' for the sheer fun of arguing. Anyone who knows me realizes that I frequently do this in person, too."



Someone sees revenue in free music? RIAA will plotz.

http://venturebeat.com/2007/07/12/warner-streams-entire-catalog-of-music-for-free-on-imeem/

Warner streams entire catalog of music for free on imeem

Posted By Matt Marshall On July 12, 2007 @ 12:55 am In Business and Technology

Warner Music Group is offering its entire music and video catalog for free streaming on [1] imeem, a Web site focused on letting users share music playlists.

The music is currently live on the San Francisco startup’s Web site, the company told VentureBeat Wednesday evening.

Now imeem users can make playlists with Warner music. Warner, in return, will get a piece of imeem’s ad revenue.

So music from Depeche Mode, a Warner artist, can be [2] played freely, for example. Press the play button on the widget below, for example, which we’ve just pulled from imeem.

This partnership is significant because it is the first time a major label has offered free ad-supported access to it entire catalog of music and video to such an online sharing site. It is also remarkable because Warner (along with other labels) had sued imeem less than two months ago for copyright infringement ([3] our coverage; scroll down). See suit [4] here.

Imeem has grown rapidly over the past year, bosting 16 million active users. Earlier this year, it arranged to pay a share of ad revenue to music content owners, as we [5] reported here. It recently offered free ad-supported streaming of music [6] from other labels, but not from the majors. Competitors such as SeeqPod ([7] our coverage) haven’t cut such deals.



Tools & Techniques I bet hackers can tap into your data from beyond 30 feet – still, an interesting and inevitable device.

http://www.belkin.com/pressroom/releases/uploads/07_11_07WUSBHub.html

Wirelessly Print, Watch Movies, and Listen to Music with Belkin’s New Wireless USB Hub

(Compton, CA) - July 11, 2007 – Belkin’s 4-port Wireless USB Hub gives you wireless access to your USB devices without the clutter of cables.

Simply plug your USB devices, such as your printer and hard drive, into the Wireless USB Hub. Then, attach the included USB Adapter to your computer. You are then free to roam the room with your laptop while still maintaining 30 feet of wireless access to your USB devices.



Hell hath no fury like a madam on trial... (I can't wait for the movie)

http://www.crooksandliars.com/2007/07/11/dc-madam-calls-for-senator-vitter-to-be-prosecuted/

DC Madam Calls For Senator Vitter To Be Prosecuted

By: Logan Murphy on Wednesday, July 11th, 2007 at 10:12 AM - PDT



Interesting twist. Conspiracy theory anyone?

http://www.technewsworld.com/rsstory/58273.html

Internet Explorer Linked to Firefox Security Hole

By Chris Maxcer LinuxInsider Part of the ECT News Network 07/11/07 2:00 PM PT

The latest browser war dustup pits Mozilla's Firefox against Microsoft's Internet Explorer, but this time the tiff isn't about market share. It appears that IE may undermine Firefox's security when a Net surfer clicks on malicious page links using the IE browser and Firefox also happens to be installed on the machine.

... How It Works

Basically, the end user must use IE to navigate to a malicious Web page and click on a link. The problem only occurs when the user also has Firefox installed -- it does nothing if Firefox isn't installed.

The link, according to Mozilla, can cause IE to invoke another Windows program -- in this case, Firefox -- via the command line and pass that program the URL from the malicious Web page. This can cause data to be passed from the malicious Web page to the second Windows program, which could allow remote Manage remotely with one interface -- the HP ProLiant DL360 G5 server. code execution in Firefox, the browser's maker notes on its Mozilla Security Blog.

It may be possible to use the same method in IE to invoke action with other Windows programs, but none have yet been reported.



Interesting if true.

http://techdirt.com/articles/20070711/072653.shtml

Is Microsoft Gaining Ground In The Search Wars?

from the maybe-a-little dept

A new report makes the surprising assertion that Microsoft is actually gaining ground in the search race and that in just the last couple of months it's significantly closed the gap with Yahoo for the #2 slot. Assuming the numbers are legitimate, this would be the first sign of life out of this business in quite a while. Still, it's hard to say whether Microsoft's momentum is real. The company is probably getting a moderate boost from the adoption of Vista and the new IE7, which has Live search set as a default. If you'll recall, this setting prompted Google to make an antitrust complaint against the company. The company has also been using other lures to get users, such as awarding points to certain searchers, which can be redeemed to purchase stuff from the company. None of this suggests that users are really switching from one site to another in significant numbers (which is what would be significant), though perhaps Microsoft is picking up a few marginal users that aren't particularly attached to one service or another. If true, Microsoft will probably hit a ceiling pretty quickly.



Is this a jurisdiction squabble? Whose laws apply to a global Internet service?

http://techdirt.com/articles/20070711/144927.shtml

Arguing Over The Constitutionality Of Online Cockfighting Videos

from the chicken-on-chicken dept

Over the last year or so, the Humane Society's been threatening Amazon.com because a third-party merchant that used its e-commerce platform was selling magazines about cockfighting. The Humane Society contended that the magazines were illegal under the Animal Welfare Act, though Amazon disagreed -- but in any case, since Amazon wasn't the publisher, they didn't seem like the right people to sue. Cockfighting and free speech has come up again now, as a company that sells online cockfighting videos is challenging a federal law that makes it illegal to sell depictions of animal cruelty. The law was enacted in 1999 to combat the sales of "crush videos", which apparently depict women crushing animals to death in order to deliver some sort of sexual stimulation to the viewer. Then-President Clinton instructed the DOJ to enforce the law narrowly, to target such material, even though the law is worded much more broadly. The company says it operates from Puerto Rico, where cockfighting remains legal. It contends that the fights are an accepted part of the culture there, and appears to be claiming that because the fights themselves are legal in Puerto Rico, it should be able to sell videos of them over the internet to users in the rest of the country.

It's a complicated case, since generally, depictions of illegal activity aren't themselves illegal, and don't fall under the exceptions to free speech in the First Amendment. Should the law be upheld, it could establish an interesting precedent for the government being able to limit speech that depicts illegal activities and give the government a useful censorship tool. While it's unlikely it would seek to criminalize the broadcast of surveillance footage of bank robberies, gambling-related content would be a possible target, given the fervor with which online gambling has been attacked. Already, at least one state has tried to crack down on online gambling sites that don't offer gaming, just discussion and links. If this law is upheld, such efforts could receive a boost.

No comments: