Saturday, September 15, 2007

Perhaps a short course in security would help?

http://www.insidebayarea.com/sanmateocountytimes/ci_6850888

Foothill-De Anza College district looks at sensitive data security

Review follows theft of laptop containing Social Security numbers

By Sharon Noguchi, MEDIANEWS STAFF Inside Bay Area Article Last Updated:09/10/2007 02:35:27 AM PDT

Following the theft of a laptop containing 4,725 student names and Social Security numbers, Foothill-De Anza College District is reviewing policies on how staff handles personal and sensitive data.

... Chancellor Martha Kanter added, "We are trying to see if we can provide a secure server for this type of information." [Yes, but will that solve your problem? Bob]

The names, along with grades, Social Security numbers and student identification numbers, were on a laptop stolen from the home of a math professor on Aug. 24.

... Until November 2005, the district used Social Security numbers to identify students. After that, state law required schools and businesses to use other form of identification.

But the law, authored by then-Sen. Debra Bowen, now secretary of state, didn't require institutions to erase the old numbers. According to Linda Foley, founder of the San Diego-based Identity Theft Resource Center, most schools did not because of the difficulty.

Schools would have to notify each student of the change. [or make a list showing the SSAN and the new number... Duh! Bob] Locating all the students, who likely would have changed addresses several times, would be a daunting task, Foley said.

To safeguard information, institutions should keep sensitive data in password-protected files and require passwords for logging on to laptops, [and you should ask the tooth fairy for help! Bob] Foley said. In addition, personal information should be encrypted.

Businesses are more vigilant about encrypting data, she said, because they tend to be concerned about protecting proprietary information.



If TJX, why not you?

http://www.news.com/Security+Bites+Podcast+Whats+behind+retail+store+data+breaches/2324-12640_3-6208138.html?part=rss&tag=2547-1_3-0-5&subj=news

Security Bites Podcast: What's behind retail store data breaches

By CNET News.com Staff Published: September 14, 2007 3:24 PM PDT

When you make a purchase at most any retail store, chances are you swipe your credit card through a device that hasn't been updated in 15 years. But that isn't the problem. The card you swipe, and the authentication from Visa, MasterCard and Discover--that's all good and secure. A criminal can break into a store and steal the credit card swipers and maybe get 100 to 200 active credit card accounts. But the serious criminals know to look upstream.

The larger problem involves large retail stores with thousands of chain stores around the country. They pool their credit card data into what are called branch servers, and thieves, gaining access to the corporate network, know to look for these branch servers. That's what happened at TJX and OfficeMax. They lost up to 45 million credit card numbers.

This week, CNET.com's Robert Vamosi interviews Neal Krawetz of Hacker Factor, better known for his digital forensics work. Krawetz has looked at the vulnerabilities inherent in large retail store point-of-sale systems. He first noticed the problems back in 1992, and over the years, after contacting Verifone, Visa and Fujitsu Transaction Solutions, and receiving no response, he reluctantly made public his findings in a public report (click for PDF).


If Ameritrade, why not you?

http://it.slashdot.org/article.pl?sid=07/09/14/1849239&from=rss

Ameritrade Security Audit Finds Privacy-Busting Back Door

Posted by Zonk on Friday September 14, @05:01PM from the dang-canned-pork dept. Spam Security The Internet Privacy

RalphTheWonderLlama writes "In recent months, online stock brokers have apparently been upset by the sale of their email addresses to spammers. Today TD Ameritrade released details of their investigation into the matter (along with a video message from the CEO and special FAQ). It seems some 'unauthorized code' had exposed client email addresses and possibly other sensitive information from an internal database. 'TD Ameritrade tracked down the break-in while doing an internal investigation into stock-related spam. The company called in forensic investigators and they discovered "unauthorized code" in their system that provided access for the hacker or hackers. According to the advisory, the code has been eliminated from the system. Moglia, speaking in an online video-taped message to customers, said he is "confidant" that they have figured out how the information was taken.'" [Might be better to say, “We've figured out how to stop future data spills...” Bob]



Dang Demi-crats!

http://www.infoworld.com/article/07/09/14/Hacked-GOP-site-infects-visitors-with-malware_1.html?source=rss&url=http://www.infoworld.com/article/07/09/14/Hacked-GOP-site-infects-visitors-with-malware_1.html

Hacked GOP site infects visitors with malware

For the first time, the infamous Storm Trojan horse has moved from e-mail to the Web as a hacked Republican Party site has been spreading the worm

By Gregg Keizer, Computerworld September 14, 2007

A Republican Party Web site has been hacked, and for some time it has been spreading a variation of the long-running Storm Trojan horse to vulnerable visitors, a security researcher said Friday.



First thing, let's kill all the employees!”

http://www.infoworld.com/article/07/09/14/Insiders-overtake-viruses-as-biggest-security-worry_1.html?source=rss&url=http://www.infoworld.com/article/07/09/14/Insiders-overtake-viruses-as-biggest-security-worry_1.html

Insiders overtake viruses as biggest security worry

CSI reports other incidents, such as laptop and mobile device theft, could soon overtake viruses as the second most reported security hassle

By John E. Dunn, Techworld.com September 14, 2007

Company insiders have overtaken viruses as the most reported security incident, according to the annual report from the respected U.S. Computer Security Institute (CSI).



See, they haven't been here forever...

http://news.yahoo.com/s/afp/20070914/tc_afp/uscompanygoogleinternet

Google, at age 10, is the official heart of the Internet

by Laurence Benhamou Fri Sep 14, 3:57 AM ET

NEW YORK (AFP) - Born 10 years ago, the Google Internet search engine has grown into the electronic center of human knowledge by indexing billions of web pages as well as images, books and videos.

On September 15, 1997 Larry Page and Sergey Brin, two 24 year-old Stanford University students, registered the domain name of "google.com." The word is a variation of 'googol,' which refers to the number 10 to the power of 100, a term popularized by US mathematician Edward Kasner.

Page and Brin incorporated Google one year later, on September 7, 1998, in a household garage in northern California.

...When Google went public in August 2004 its shared initially sold at 85 dollars. Today its shares are valued at 525 dollars, and Google has a stock market value worth some 164 billion dollars.

In 2006 Google reached 13.4 billion dollars in revenue -- the third part based on Internet ads -- and profits of 3.7 billion dollars.



Everyone said, from the beginning, that this was a stupid strategy. Expect stockholders to go after the entire BoD

http://www.marketwatch.com/News/Story/Story.aspx?guid=%7BC96A4C25%2D4F92%2D4F9D%2DA359%2D14861180C4CB%7D&symb=&sid=&siteid=NYT&dist=NYT&osymb

SCO Group, noted for Linux litigation, files for bankruptcy

By John Letzing Last Update: 3:44 PM ET Sep 14, 2007

SAN FRANCISCO (MarketWatch) -- SCO Group Inc., the embattled software company best known for litigation targeting distributors of open-source, Linux software, said Friday it has filed for bankruptcy. SCO, which provides Unix-based software to run server computers, said in a prepared release that its board of directors has "unanimously determined that Chapter 11 reorganization is in the best long-term interest of SCO and its subsidiaries, as well as its customers, shareholders, and employees." SCO recently suffered a major setback in its litigation with Novell Inc., when a judge determined in August that SCO does not own rights to Unix software. SCO in 2003 had filed another, high-profile lawsuit against IBM for allegedly distributing parts of what it had thought to be its Unix property in freely-available Linux software code, creating concern among other Linux distributors that they, too, may be sued.



Google won't actually launch this from its server farm, but they are big enough to have their own fleet of satellites... Remember to look up & smile!

http://www.reuters.com/article/technologyNews/idUSN1445933620070914

New satellite to sharpen Google Earth

Fri Sep 14, 2007 2:58pm EDT By Andrea Shalal-Esa

WASHINGTON (Reuters) - DigitalGlobe, provider of imagery for Google Inc's interactive mapping program Google Earth, said a new high-resolution satellite will boost the accuracy of its satellite images and flesh out its archive.

The new spacecraft, dubbed WorldView I, is to be launched on Tuesday.

Together with the company's existing Quickbird satellite, it will offer half-meter resolution and will be able to collect over 600,000 square kilometers of imagery each day, up from the current collection of that amount each week, Chief Executive Jill Smith told Reuters in a telephone interview.

She said Tuesday's launch -- to be broadcast live on the Internet at http://www.boeing.com/defense-space/space/bls/missions/worldview-1/ -- and the planned launch of a second Worldview II satellite in late 2008, were critical milestones for the company.


Related? Perhaps we'll see a mashup that allows us to highlight maps to show how to get to from A to B

http://www.researchbuzz.org/wp/2007/09/14/yahoo-allows-you-to-mix-maps/

Yahoo Allows You to Mix Maps

14th September 2007

Wow, this is nice. The Yahoo blog has announced MapMixer, a way to overlay your own maps on to Yahoo Maps, and give your overlays Yahoo-Map-Like functionality. You can try it at http://maps.yahoo.com/mapmixer (you’ll need a Yahoo account.)

You can jump right in by uploading a map but I recommend browsing the existing maps to get an idea of how people are using the feature. Take a look at the Cerritos College map for an example of an overlay that crams a huge amount of information into what was a couple of blank blocks.

Note there’s a “layer opacity” slide bar in the upper right corner of the map that allows you to choose which layer of data is more prevalent. Sometimes the opacity tool is itself hard to find depending on how complicate the overlay is.

There are some limits to what you can do with the overlay. You can switch to satellite zoom without a problem, but I found that for some of the locations, switching to satellite was meaningless as pictures were not available for as close a zoom as the overlay. When the pictures WERE available, the overlay over a satellite image became very interesting (see this Los Angeles Convention Center map to do some zoom experimenting) Of course if you zoomed out too far you’d lose the overlay.

Uploading a map requires logging in to your Yahoo account, specifying an address, and then uploading an image. You can “point match” — specify two matching points on your and Yahoo’s map to allow Yahoo to align them. You can adjust the alignment as well if Yahoo doesn’t get it quite the way you want it. Note that all maps are searchable and public.

This is going to be a great tool for sites that have large areas that aren’t detailed in a mapping program, or businesses who want to create direction/map services with lots of landmarks. From here I’d love to see customized inlay maps — create an overlay, then an persistent inlay (maybe just an uploaded image?) That would provide a building layout, specific parking map, etc.


US tries not to lose ground in the satellite spying bid'ness

http://www.bespacific.com/mt/archives/015980.html

September 14, 2007

Documents Describe Use of Satellites in Support of Civil Agencies

Press release: "Today the National Security Archive publishes a collection of documents concerning the use of U.S. reconnaissance satellites to collect data on targets within the United States over the last four decades. This new publication follows the August 15, 2007, revelation in the Wall Street Journal that the United States is planning to expand the use of reconnaissance satellites over the United States in support of civil agencies (those outside of the Defense Department and Intelligence Community) in response to recommendations by an independent study group. Obtained primarily through the Freedom of Information Act and archival research, the declassified documents published today describe a number of uses for which U.S. reconnaissance satellites have been employed, including evaluation of satellite performance, mapping, disaster relief, and assistance to Environmental Protection Agency investigations."



Eventually we will be able to understand Gov. Schwarzenegger

http://www.killerstartups.com/User-Gen-Content/chuala--Language-Pronunciation-Community/

Chuala.com - Language Pronunciation Community

When learning a language, one of the most difficult obstacles to overcome is pronunciation. Sure you can say the words, but can you do it without having all of backwater Tennessee gushing out of your vowels and diphthongs? All isn’t lost though. New comer Chuala has dev eloped a user-generated pronunciation dictionary to help you tackle such difficulties as the umlaut and rolled R’s. The site, whose name incidentally stems from the Gaelic meaning ‘I heard a noise,’ requires the Flash media player plug-in. Users can craft their own study guides enlisting exercises and comparison tools on site. Alternatively, if you’d like to express your language abilities, you can record and create exercises and lessons to help others. Sign up now and you’ll have access to more than 7,000 languages, a social network, and advance Chuala player tools. It’s completely free.

http://www.chuala.com/



Because...

http://www.bespacific.com/mt/archives/015979.html

September 13, 2007

Constitution of the United States, Pocket Edition

Constitution of the United States, Pocket Edition - "The Constitution of the United States comprises the primary law of the U.S. Federal Government. It also describes the three chief branches of the Federal Government and their jurisdictions. In addition, it lays out the basic rights of citizens of the United States. The Constitution of the United States is the oldest Federal constitution in existence and was framed by a convention of delegates from twelve of the thirteen original states in Philadelphia in May 1787. The Constitution is the landmark legal document of the United States."

  • Constitution of the United States and the Declaration of Independence, Pocket Edition - 23rd Edition, 2007. (S. Doc. 110-51): Text | PDF



For my Marketing class

http://www.infoworld.com/article/07/09/14/The-eight-secrets-that-make-Apple-No.-1_1.html?source=rss&url=http://www.infoworld.com/article/07/09/14/The-eight-secrets-that-make-Apple-No.-1_1.html

The eight secrets that make Apple No. 1

A call to PC makers and consumer electronics companies to steal Apple's secrets and start making better products

By Mike Elgan, Computerworld September 14, 2007

[Summary:

Secret 1: Engineering supports design -- no exceptions

Secret 2: Fewer is better

Secret 3: The experience is the product

Secret 4: The product is the product

Secret 5: You can't please everyone, so please people with good taste

Secret 6: Leave the past behind

Secret 7: Product names are important. Really important.

Secret 8: Group affiliation is the driver

No comments: