Big, but no TJX.
Identity attack spreads; 1.6M records stolen from Monster.com
Convincing phishing mail seeds bank account-stealing Trojan horse and 'ransomware'
Gregg Keizer
August 19, 2007 (Computerworld) -- The 46,000 people reportedly infected by ads on job sites may be only a fraction of the victims of an ambitious, multistage attack that has stolen data belonging to several hundred thousand people who posted resumes on Monster.com, a researcher said this weekend.
According to Symantec Corp. security analyst Amado Hidalgo, a new Trojan horse called Infostealer.Monstres by Symantec has stolen more than 1.6 million records belonging to several hundred thousand people from Monster Worldwide Inc.'s job search service. That data is then used to target the Monster.com users with credible phishing mail that plants more malware on their machines.
Do you really want to irritate someone who hold a straight razor to your throat?
http://www.pogowasright.org/article.php?story=20070820164301215
WV: Break-in Could Turn Hairdressers into Identity Theft Victims
Monday, August 20 2007 @ 04:43 PM CDT Contributed by: PrivacyNews News Section: Breaches
CHARLESTON -- Suspects who broke into the Board of Barbers and Cosmetologists' Office on Friday made off with personal information of nearly ever West Virginia barber and cosmetologist licensed since 1986, according to Larry Absten, the board's director .
Source - WBOY
PogoWasRight.org Editor's note: According to the web site for the WV Board of Barbers and Cosmetologists, the Board has issued more than 35,000 individual licenses since its inception in 1934 and currently licenses over 10,000 individuals.
...summarizing all the stories I didn't report.
http://www.pogowasright.org/article.php?story=20070820064134648
Data “Dysprotection:” breaches reported last week
Monday, August 20 2007 @ 07:18 AM CDT Contributed by: PrivacyNews News Section: Breaches
A recap of incidents or privacy breaches reported last week for those who enjoy shaking their head and muttering to themselves with their morning coffee.
Source - Chronicles of Dissent
Business opportunity? Elegantly simple – you go in and point out all the (incredibly obvious) things management didn't do.
http://www.pogowasright.org/article.php?story=20070820170536556
Breach Notification Service Is a Bad Sign
Monday, August 20 2007 @ 05:05 PM CDT Contributed by: PrivacyNews News Section: Breaches
You know data security breaches are way too common when a company builds a business around customer notification of stolen information.
First Advantage Membership Services is launching the Security Incident Response Notification (SIRN—get it, like a siren?). If you've just exposed personally identifiable information, this service will leap into action to let your customers know they are screwed. (I wonder if there's a companion service that alerts attorneys specializing in class action lawsuits.)
Source - Dark Reading
This is interesting. Perhaps we could do something similar and then MAKE IT MANDATORY for officers & directors of organizations that spill data? Sorta like traffic school for drunk drivers...
http://www.pogowasright.org/article.php?story=20070820144709595
Ca: Privacy Commissioner launches e-learning tool for retailers
Monday, August 20 2007 @ 02:47 PM CDT Contributed by: PrivacyNews News Section: Non-U.S. News
Retailers now have a free, do-it-yourself interactive tool to help them bring their privacy practices and policies in line with the law, the Privacy Commissioner of Canada, Jennifer Stoddart, announced today.
The online retailer training session takes only about 30 minutes to complete. [Too short Bob] At the end, retailers will have: an information audit of their business; consent provisions required specifically for their business; a security plan; a sample privacy brochure for customers; and a training needs assessment. The interactive training is available online at www.privcom.gc.ca.
Source - CNW Group
Related - Direct Link to Retailers Online Training
Gosh! What a shock!
http://www.pogowasright.org/article.php?story=20070820182452678
DHS Data Mining Program Suspended After Evading Privacy Review, Audit Finds
Monday, August 20 2007 @ 06:24 PM CDTContributed by: PrivacyNews News Section: Fed. Govt.
A controversial Homeland Security data mining system called ADVISE that dreamed of searching through trillions of records culled from government, public and private databases analyzed personal information without the required privacy oversight, may cost more than commercially available alternatives and has been suspended until a privacy review has been completed, according to an internal audit.
The Analysis, Dissemination, Visualization, Insight, and Semantic Enhancement program, one of twelve DHS data mining efforts, hit the trifecta of civil libertarians concerns about data mining programs – invasiveness, secrecy and ineffectiveness, according to a recent DHS Inspector General report (.pdf).
Source - Threat Level (blog)
...so, does this constitute a contract? Could they ask me if I'd like to “opt out” of a loan, and send me $10,000 at 29.5% if I don't reply?
Got An Inactive Macy's Store Account? Here's Your New Citibank Mastercard
Recently, a Consumerist tipster sent in an internal memo from Macy's explaining that the store was "flipping" 3.5 million inactive store accounts into Citibank Mastercards. The memo reads:
"Approximately 3.5 million inactive (24-48 months) Macy's accounts have been selected to "flip" to the Citibank Mastercard. That means the customer will be sent a Citibank Mastercard to replace their inactive Macy's card. "
The "flip," as they call it, was "opt-out"—which means that if you missed a recent letter from Macy's explaining that they were going to open a credit card for you, you can expect a Citibank Mastercard in the mail.
People still use wired phones?
http://www.summitdaily.com/article/20070820/NEWS/70820005/-1/rss02
State, federal investigators using more wiretaps in Colorado
THE ASSOCIATED PRESS August 20, 2007
DENVER — Court-approved wiretaps are rising dramatically in Colorado, resulting in more drug arrests but raising privacy concerns.
Federal prosecutors used 108 wiretaps in Colorado during U.S. Attorney Troy Eid’s first year, a fourfold increase over the previous 12 months, the Rocky Mountain News reported Monday, citing data from Eid’s office.
State prosecutors used 43 court-authorized wiretaps in 2006, about 3 1-2 times more than in 2005, according to figures from the Administrative Office of the U.S. Courts.
Eid’s office said the increase in wiretaps has led to more drug seizures. Since Eid took office in August 2006, federal agents have sized 1,151 kilograms of marijuana and 126 kilograms of cocaine, compared with 122 kilograms of pot and 13 kilograms of cocaine in the previous 12 months.
... The court administrative office reported that no state or federal judge turned down a request for a wiretap last year, and only five requests were turned down over the past decade, out of more than 15,000 sought.
I don't get it. Will they need to prove the deletion was not in the “normal course of business?” What idiot designed their “security” in the first place?
http://yro.slashdot.org/article.pl?sid=07/08/21/023235&from=rss
DMCA Means You Can't Delete Files On Your PC?
Posted by kdawson on Monday August 20, @11:39PM from the heck-of-a-way-to-apply-for-a-job dept. The Courts The Almighty Buck
DragonHawk writes "According to Wired, John Stottlemire found a way to print duplicate coupons from Coupons.com by deleting some files and registry entires on his PC. Now he's being sued for a DMCA violation. He says, 'All I did was erase files or registry keys.' Says a lawyer: '[The DMCA] may cover this. I think it does give companies a lot of leverage and a lot of power.' So now the copyright cartels are saying that not only can we not copy things on our computers, but we can't delete things on our computers? Time to buy stock in Seagate."
They are giving us permission to copy this video? RIAA will have a heart attack!
http://www.cnn.com/2007/LIVING/studentnews/08/20/cnnce.how.to.rob.bank/index.html
updated 9:46 p.m. EDT, Mon August 20, 2007
CNN Classroom Edition: Identity Theft: How to Rob a Bank
(CNN Student News) -- Record the CNN Presents Classroom Edition: Identity Theft: How to Rob a Bank when it airs commercial-free on Monday, August 27, 2007 from 4:00-- 5:00 a.m. ET on CNN. (A short feature begins at 4:00 a.m. and precedes the program.)
Program Overview
If Bonnie and Clyde were alive today, they would not be using guns for their heists. Instead, they would probably use stolen identities -- the modern method for looting bank accounts, laundering checks and defrauding credit card companies. Drawing on documents from criminal cases, surveillance tapes and immigration records, as well as interviews with law enforcement agents, victims and criminals, CNN Presents goes inside the murky world of identity theft to expose what the bandits do after stealing identities.
Doom for Lexus and Westlaw?
http://www.bespacific.com/mt/archives/015771.html
August 20, 2007
Nonprofit Public Benefit Corporation Seeks to Create Free Archive of Federal and State Cases
Public.Resource.Org, In Re: State and Federal Cases and Codes [the current source material is ultrafiche]: "The short-term goal is the creation of an unencumbered full-text repository of the Federal Reporter, the Federal Supplement, and the Federal Appendix. The medium-term goal is the creation of an unencumbered full-text repository of all state and federal cases and codes."
See also: New York Times, A Quest to Get More Court Rulings Online, and Free (thanks James S. Tyre)
Okay, cute – but who would want to watch this pap?
http://www.bespacific.com/mt/archives/015777.html
August 20, 2007
UCSC's Open Archive of Congressional Proceedings
"Metavid, hosted by The University of California at Santa Cruz, is a project which seeks to capture, stream, archive and facilitate real-time collective [re]mediation of legislative proceedings. Metavid makes use of entirely free and open source software and video codecs to make both the footage and the architecture of the site available, accessible and recontextualizable."
"Metavid was created by Michael Dale and Abram Stern last year as their thesis project in UC Santa Cruz’s new Digital Arts and New Media (DANM) graduate program. Using public domain video feed from C-SPAN, Metavid makes video archives of congressional floor proceedings on the web, searchable according to who said what, and indexed, so that users can easily link to any moment of dialogue."
Keeping up...
http://news.com.com/8301-13577_3-9763146-36.html?part=rss&subj=news&tag=2547-1_3-0-5
Trendy Terminology: Bacn
Posted by Caroline McCarthy August 21, 2007 5:02 AM PDT
Despite the obligatory missing vowel, bacn (pronounced "bacon") isn't a hot Web 2.0 start-up. It's "the middle class of e-mail," the stuff that isn't really spam because it's not totally unwanted, but isn't really wanted either. Case in point: Pownce messages, Facebook friend requests, Amazon "recommendations."
... Fearless Cooking video blogger Grace Piper, for example, who clarified that "steak" is e-mail you always want to read.
Now I can remove Cousin Eddie from those family photos!
http://www.gizmag.com/go/7812/
Algorithm draws on millions of images to seamlessly fill blanks in photographs
August 17, 2007 The advent of digital photography has opened up a new world of image editing possibilities including the ability to fill-in blanks or replace unwanted parts of an image. A new algorithm devised by James Hayes and Alexei A. Efros of Carnegie Mellon University facilitates this process by drawing on a huge database of more than a million images from the World Wide Web in order to seamlessly fill in the missing areas of incomplete photographs.
There could be many reasons for an image to feature an undesirable blank area - a patch of bright light that needed to be cropped out or perhaps a shadow, a person or an object ruined an otherwise perfect shot.
The algorithm tackles this problem by completing a given image in a number of different ways leaving the user to select the one which is deemed most suitable. This can be achieved without the user having to label the image fragments being used, or for that matter, offer any direction at all.
‘Holes’ in images are ‘patched’ as suitable image fragments are found and re-arranged to complete the image in a manner that is claimed to be semantically valid. That is, the patched area is consistent with the rest of the image. Hays and Efros claim that their algorithm is a means to restore data missing from an image that ‘should have been there’. Existing methods of filling such blank areas have largely involved drawing image fragments from other parts of the same picture. This algorithm is quite unique in that it draws from an exterior database and also in the means by which it achieves this.
To learn more visit this page on the Carnegie Mellon University Graphics site where a PDF paper and Presentation are available for download.
Research tool?
http://www.researchbuzz.org/wp/2007/08/20/one-of-these-pages-is-sorta-like-the-other/
One of These Pages Is Sorta Like the Other
Filed under: Net-Tech-Wikis, Net-Web
I don’t know if I would use this tool to find derivative content on Wikipedia, but it’s an interesting way to browse. Similpedia, at http://similpedia.org/index.html, allows you to enter a URL or a block of text and get Wikipedia entries that are similar to what you’ve entered. In the tests I ran, I didn’t get results that were so similar that there was lots of matching text, but I got results that were closely enough related that the searches led to interesting browsing.
No comments:
Post a Comment