Tuesday, October 09, 2007

If you are a high-profile target, you must expect (and plan for) attacks. And still, they manage to break in!

http://www.infoworld.com/article/07/10/08/Hacker-breaks-into-eBay-server-locks-out-users_1.html?source=rss&url=http://www.infoworld.com/article/07/10/08/Hacker-breaks-into-eBay-server-locks-out-users_1.html

Hacker breaks into eBay server, locks out users

According to eBay, perpetrator was unable to access sensitive information, affected users have been notified, and servers have been restored

By Juan Carlos Perez, IDG News Service October 08, 2007

A malicious hacker broke into an eBay server on Friday and temporarily suspended the accounts of a "very small" number of members, the company said.



Pay me now or pay me later...

http://www.pogowasright.org/article.php?story=2007100907171521

Cost of a sensitive data breach will increase 20 percent per year through 2009, says Gartner

Tuesday, October 09 2007 @ 07:17 AM EDT Contributed by: PrivacyNews News Section: Breaches

Enterprise IT security needs to shift from a reactive approach to security needs to a mix of strategic planning and rapid tactical execution, according to Gartner analysts speaking at the Gartner Symposium/ITxpo in Orlando, FL. Financially motivated targeted attacks are becoming more prevalent and more costly, and new vulnerabilities continue to be reported. However, 90 percent of these attacks can be avoided without requiring any increase in security spending, according to Gartner.

Source - Tekrati



This letter puts you on “double secret probation” (Hey, it works for the FBI!)

http://techdirt.com/articles/20071005/174623.shtml

Don't Post This Cease-and-Desist Letter, Or Else

from the let's-test-that-theory dept

Greg Beck writes "In an apparent attempt to avoid the Streisand Effect, lawyers sending threat letters sometimes claim that the recipient would violate the firm's copyright by posting it online. This post is about Public Citizen's response to one dumb threat letter and its decision to post the letter online despite the copyright claim." It's funny how popular it has become for lawyers to claim it's illegal to post or even show anyone their cease-and-desist letters. Remember: just because a lawyer says so, it doesn't mean it's true. You can see Public Citizen's response to the letter (pdf), which lays out a variety of reasons why the cease and desist is ridiculous (it's yet another attempt to force criticism offline) and ends with a fantastic response to the claim that the original C&D is covered by copyright and cannot be posted online without additional charges: "By this letter, we are inviting you to test the validity of your theory that the writer of a cease and desist letter can avoid public scrutiny by threatening to file a copyright law suit if his letter is disclosed publicly on the internet." Somehow, I doubt the opposing lawyer will test out this theory.



Boys will be boys! Then daddy's gotta cover up!

http://www.pogowasright.org/article.php?story=20071009072016578

Editorial: Wrong view of privacy threatens access to court records

Tuesday, October 09 2007 @ 07:20 AM EDT Contributed by: PrivacyNews News Section: State/Local Govt.

Privacy is the right of an individual not to have the government or an individual snooping into your medical history or web surfing habits. It’s not the right of an individual to have a 20-year-old disorderly conduct conviction buried in a courthouse vault.

Republican Attorney General J.B. Van Hollen knows the difference. State Rep. Marlin Schneider (D-Wisconsin Rapids) doesn’t.

Source - The Tomah Journal



Strategy?

http://techdirt.com/articles/20071008/111929.shtml

Vonage Settles With Sprint... Prelude To A Sale?

from the maybe-possibly dept

Just a couple weeks after losing yet another patent lawsuit, Vonage has decided to settle its patent lawsuit with Sprint, agreeing to pay $80 million, covering both past and future licensing costs. The company is still fighting over Verizon's questionable patents. Again, it seems pretty silly that the company that actually figured out how to bring phone-based VoIP to the market in a way that people wanted now has to pay the incumbents who were unable (or unwilling) to do so. Of course, there's also been lots of talk that these patent lawsuits were really an attempt by the telcos to crush Vonage to the point where it was an easy buyout target. Thus, settling with Sprint, could open up the possibility of a Sprint purchase... but it probably would have just made more sense to do the buyout first before "settling," as the news of the settlement has sent Vonage's stock soaring. Based on that, don't be too surprised if Vonage reaches a bit deeper into its dwindling cash reserves to to pay off Verizon as well -- the resulting stock bump could effectively pay for the licensing fees. All in all, though, it does highlight how silly the patent system has become. The uncertainty over the suits hurts a company's stock and pushes companies to settle, even if they shouldn't. That's exactly what happened with RIM and NTP, and it looks like what happened here.



Need a hobby? Become a music mogul!

http://techdirt.com/articles/20071005/161244.shtml

A Few More Music Business Model Suggestions

from the keep-'em-coming dept

Every time we talk about the economics of the entertainment industry, someone accuses us of not suggesting any alternative business models. However, we actually have suggested other business models all the time, while showing how other musicians have succeeded in embracing new models to make money while giving fans reasons to pay. Of course, part of the confusion is that many musicians are using slightly different business models to make this work -- which is exactly how it should be. No one is saying that all musicians are going to find that any particular business model works, but there are a number of different business models that all involve using the music to make other (scarce) things more valuable and worth paying for. Reader alex points us to a column from Pitchfork Media that has a bunch of other business model suggestions, mostly focused on giving people a reason to pay, rather than just complaining that they won't pay. Once again, it's important to remember that "free" isn't the business model -- but it's an important part of any business model involving infinite goods.



At Hogwarts, a flick of a wand eliminates entire segments of technology!” Go get 'em. hackers!

http://www.theregister.co.uk/2007/10/08/bluetooth_spam_ico/

Info chief shrugs off Bluetooth regulation

Blue spam free for all

By OUT-LAW.COM Published Monday 8th October 2007 12:39 GMT

The Information Commissioner will no longer regulate the use of Bluetooth mobile technology, prompting fears of a wave of "Bluetooth spam".

The commissioner no longer considers the wireless connection technology to be covered by the UK's privacy laws.



Now wouldn't this be fun!

http://www.infoworld.com/article/07/10/08/IT-trainer-offers-hacker-masters_1.html?source=rss&url=http://www.infoworld.com/article/07/10/08/IT-trainer-offers-hacker-masters_1.html

IT trainer offers master's degree for hackers

EC-Council University's security science program aimed at helping qualified IT professionals advance their skills and take on high-level industry jobs

By Matt Hines October 08, 2007

In an effort to produce the next generation of chief security officers and IT systems defense experts, an online training company is offering a new master's degree program in security science.



For my Security Management students

http://www.bespacific.com/mt/archives/016204.html

October 08, 2007

Deloitte 2007 Global Security Survey

"Two of the key findings from this year’s Global Security Survey revolve around an organization’s people and a paradox that has been around for years. The weakest link in an organization’s security is its people. An organization’s people include employees, customers, third parties and business partners. And of those people, the highest number of breaches are perpetrated via the customer. Even though information security incidents are grabbing the attention of business executives and boards, these individuals do not yet feel that they “own” the problem. In their estimation, the execution of solutions is the mandate of IT. This information security paradox has been alive and well for years; the 2007 security survey confirms just how widespread it is."


Ditto

http://www.bespacific.com/mt/archives/016200.html

October 08, 2007

Analyst Toolbox, A Toolbox for the Intelligence Analyst,

"The U.S. Department of Justice's (DOJ) Global Justice Information Sharing Initiative (Global) Intelligence Working Group (GIWG) has prepared and made available via the Office of Justice Programs Information Technology Initiatives Web site, a valuable resource for the law enforcement community. This resource titled: Analyst Toolbox, A Toolbox for the Intelligence Analyst, represents the results of extensive Web-based, open source research and the collection of systems currently utilized by local, state, tribal, and federal law enforcement agencies. The Analyst Toolbox will assist law enforcement agencies with making the proper decisions on the products necessary to effectively serve their communities."



Shhh! Don't tell a soul!

http://lifehacker.com/software/technophilia/discover-the-edu-underground-307427.php

Discover the .EDU Underground

Little appreciated outside the world of academia, there are literally thousands of .edu sites bursting with incredibly useful and interesting information and resources. Most of these sites won't pop up to the surface of the average search engine quest, and so they wait, neglected and underused...until now. Keep reading for a quick tour through the mysterious underground world of .edu.



Tools & Techniques

http://ca.news.finance.yahoo.com/s/08102007/34/biz-finance-news-call-ring-number-new-service-offers-free-privacy.html

''Call Me On My Ring-To Number...''

-- New Service Offers FREE Privacy Number for US and Canadian Consumers to ''Veil'' their Identity on Social Netwo

Mon Oct 8, 10:12 AM

WEST DES MOINES, Iowa--(BUSINESS WIRE)--WebPoint Communications LLC, a next-generation communications service provider, today unveiled Ring-To Number, a new service to safeguard a person’s identity and privacy when interacting on social networks, auctions and online dating sites. This FREE widget provides a private channel of communication to receive phone calls without divulging the person’s actual number, address and location.



Out of control?

http://ralphlosey.wordpress.com/2007/10/06/survey-shows-negligent-e-records-management-is-creating-stunning-business-risks/

Survey Shows Negligent e-Records Management is Creating “Stunning Business Risks”

A new survey of records managers by Cohasset reveals continued neglect in the management of electronic records. The survey shows 40% of organizations do not include electronic records in their retention schedules and 55% do not include emails; only 14% always follow their records retention policy; 44% do not include electronic records in their litigation hold procedures; and, 46% do not think their electronic records are accurate, reliable or trustworthy. These statistics are amazing to me, especially when you consider this survey is limited to those organizations with full time professional records managers. It is reasonable to assume that the statistics are far worse for companies that do not have a records management department. The bottom line of the study is that: [see full article... Bob]



Free is good! (Got an older PC you'd like to revitalize?

http://digg.com/linux_unix/Ubuntu_Gutsy_Gibbon_free_CD_s_orders_are_taken_NOW

Ubuntu Gutsy Gibbon free CD's: orders are taken NOW

The shipit service of Ubuntu is now taking orders for Gutsy shipments. Standard options: 1 or 2 x86 cd's or 1 x86_64 cd's

https://shipit.ubuntu.com/



Not for everyone. Some of my students have problems studying at home...

http://www.killerstartups.com/Web20/guide--A-Study-Abroad-Guide/

Guide.StudyAbroadOffers.com - A Study Abroad Guide

The Study Abroad Guide is a site designed to help students with making their study abroad destinations and also with the actual process. The Study Abroad Guide features articles on different universities and language programs. When you visit the homepage there is a list of recent study abroad articles, but you can scroll down to see the different categories of articles such as; business schools, Colleges, Universities, education online, Study abroad in Italy, Study abroad Asia, etc. Many of these articles have links to the programs or Universities in the study abroad destination. There are also articles and links that focus on travel and traveling bargains. Once you have registered and you have finished reading an article you can make a comment voicing your opinion on the article. If you are a study abroad provider, a University, College or School, you can apply to be featured on the site for $495 a year. The Study Abroad Guide will give your school exposure to students interested in international study abroad. So if you have been considering studying abroad the Study Abroad Guide might have some article that might interest you.

http://guide.studyabroadoffers.com/

No comments: