Wednesday, November 14, 2007

More points to control, same controls, what's missing?

http://www.pogowasright.org/article.php?story=2007111309044056

Corporate data control policies are failing

Tuesday, November 13 2007 @ 09:04 AM EST Contributed by: PrivacyNews News Section: Businesses & Privacy

More than a fifth of employees stores corporate files on memory sticks, despite the risk to security, new research has found.

A survey of 300 employees across the UK and Ireland found that nearly half – 49% - stored work material “in multiple locations”, with 21% holding it on portable USB memory sticks.

Another 14% of employees said they stored corporate material on a laptop hard drive, with 9% admitting that they kept work-related material on non-work owned personal devices, the research by Dynamic Market for enterprise content management company, Tower Software found.

Source - ComputerworldUK



Would HIPAA be interpreted the same way?

http://www.pogowasright.org/article.php?story=20071113210223209

(update) Ca: Capital Health failed to protect patient info

Tuesday, November 13 2007 @ 09:02 PM EST Contributed by: PrivacyNews News Section: Breaches

Capital Health breached the Health Information Act when it failed to adequately protect health information stored on laptop computers that were later stolen, Information and Privacy Commissioner Frank Work said today.

Work has issued the final report of his investigation into the theft of four laptop computers from a Capital Health office in downtown Edmonton on May 8.

One of the laptops contained patient information.

Source - Edmonton Journal



Don't let the name fool you. This is the Total Information Awareness database that has been “canceled” several times now...

http://www.bespacific.com/mt/archives/016513.html

November 13, 2007

DHS OIG Audit: Automated Targeting System Controls and Personally Identifiable Information

OIG-08-06 - Better Administration of Automated Targeting System Controls Can Further Protect Personally Identifiable Information (Redacted) (PDF, 22 pages) - New 11/09/2007



Hey, its cheaper than keeping them in prison! (Perhaps they could make them an 'un-protected class' and declare open season?)

http://www.reuters.com/article/oddlyEnoughNews/idUSN2843294720070301

State wants special car plates for sex offenders

Thu Mar 1, 2007 2:54pm EST

CINCINNATI (Reuters) - Lawmakers in Ohio said on Wednesday they want to force convicted sex offenders to use a fluorescent-green license plate on their cars so they can be easily identified.

A Republican and a Democrat in the state legislature in Columbus have joined forces to propose the law, which echoes measures in several U.S. states that require convicted drunken drivers to use a yellow, pink or red plate on their cars.


Thinking along the same lines? Why not put them on the Internet so parents, the producers of 'America's funniest videos,' and the guys with fluorecent green license plates can watch too?

http://www.pogowasright.org/article.php?story=20071113074007228

Sign Of Times: NJ School Cameras Fed Live To Cops

Tuesday, November 13 2007 @ 07:40 AM EST Contributed by: PrivacyNews News Section: Minors & Students

Surveillance cameras rolling inside our local schools is nothing new, but what's taking place inside Demarest's public schools is truly cutting edge: a live feed from more than two dozen cameras with a direct connection to the police.

It's an expensive, but effective [but not as a preventative measure Bob] tool that could be a sign of the times with an increase in school shootings over the years.

The system, which cost about $28,000, can even track movement in a crowded room.

Source - CBS



Toward “Ubiquitous Surveillance” All this information stays with the picture

http://www.news.com/8301-13580_3-9816371-39.html?part=rss&subj=news&tag=2547-1_3-0-5

Up next: Cameras that know who you photographed

Posted by Stephen Shankland November 14, 2007 4:00 AM PST

... Many cameras today can detect the faces of those being photographed, which is handy for guiding the camera to set its exposure, focus, and color balance properly. But the more difficult challenge of face recognition is more useful after the photo has been taken.

... That's because of a concept called autotagging, one of a number of technologies that make digital photography qualitatively different from the film photography of the past.

Tags of descriptive data can be attached to digital photos, and they help people find and organize pictures. The only problem is that tagging your photos, today a laborious manual task, is like eating your vegetables. It's good for you but a lot of people don't like it.



I'm sure it is 'frightening' but it is also something the security community has been saying for years.

http://www.news.com/Microsoft-exec-calls-XP-hack-frightening/2100-7349_3-6218238.html?tag=nefd.top

Microsoft exec calls XP hack 'frightening'

By Tom Espiner Story last modified Tue Nov 13 07:00:47 PST 2007

A Microsoft executive calls the ease with which two British e-crime specialists managed to hack into a Windows XP computer as both "enlightening and frightening."

The demonstration took place Monday at an event sponsored by Get Safe Online--a joint initiative of the U.K. government and industry. At the event, which was aimed at heightening security awareness among small businesses, two members of the U.K. government intelligence group Serious Organized Crime Agency connected a machine running Windows XP with Service Pack 1 to an unsecured wireless network. The machine was running no antivirus, firewall, or anti-spyware software and contained a sample target file of passwords to be stolen.

... Mick used a common, open-source exploit-finding tool he had downloaded from the Internet. SOCA asked ZDNet UK not to divulge the name of the tool.

... Using a different attack tool, he produced a security report detailing the vulnerabilities found on the system. Mick decided to exploit one of them. Using the attack tool, Mick built a piece of malware in MS-DOS, giving it a payload that would exploit the flaw within a couple of minutes.

Getting onto the unsecured wireless network, pinging possible IP addresses of other computers on the network, finding Andy's unpatched computer, scanning open ports for vulnerabilities, using the attack tool to build an exploit, and using the malware to get into the XP command shell took six minutes.

... Mick then went into the My Documents folder and, using a trivial transfer protocol, transferred the document containing passwords to his own computer. The whole process took 11 minutes.

A SOCA representative said that the demonstration was "purely to point out that, if a system hasn't had patches, it's a relatively simple matter to hack into it." SOCA stopped short of recommending small businesses move to Vista; a SOCA representative said that applying Service Pack 2 to XP, with all the patches applied, and running a secured wireless network is "perfectly sensible way to do it."



...and they're all guilty!

http://politics.slashdot.org/article.pl?sid=07/11/13/1852206&from=rss

All Fifty States May Face Voting Machine Lawsuit

Posted by ScuttleMonkey on Tuesday November 13, @02:51PM from the counters-fans-of-fuzzy-math dept.

according to an announcement made by activist Bernie Ellis at the premier of David Earnhardt's film "Uncounted [The Movie]" all fifty states could be receiving subpoenas in the National Clean Election lawsuit. The documentary film, like the lawsuit, takes a look at the issue of voting machine failure and the need for a solid paper trail. "The lawsuit is aimed at prohibiting the use of all types of vote counting machines, and requiring hand-counting of all primary and general election ballots in full view of the public. The lawsuit has raised significant constitutional questions challenging the generally accepted practices of state election officials of relying on "black box" voting machines to record and count the votes at each polling station, and allow tallying of votes by election officials outside the view of the general public."


...and so is the rest of the world?

http://www.pcpro.co.uk/news/138441/privacy-group-slams-government-stance-on-evoting.html

Privacy group slams government stance on e-voting

1:21PM, Tuesday 13th November 2007

The Open Rights Group has condemned the UK government's decision to continue with e-voting, despite calls from the Electoral Commission to abandon the scheme.

The commission, which oversees all elections in the UK, called on the government in August to suspend internet voting until the current system had been modernised and made more secure.

The government disagrees, claiming that each of its pilot e-voting tests, "supported successful elections".

"The Government is not aware of any instances of alleged fraud during the elections and does not believe that the pilots increased the risk of electoral fraud," the Ministry of Justice concluded. "We do not agree



Reminds me of the story about “Famous Amos” giving away cookies at the mall. Soon he had to expand because he couldn't bake enough in his original kitchen...

http://techdirt.com/articles/20071113/170813.shtml

Independent Film Makers Thrilled That People 'Pirated' Their Movie

from the understanding-buzz dept

On the same day that the guy who was caught filming the Simpson's movie with his mobile phone (which still doesn't make sense to us) was fined in Australia, some independent film makers are talking up how wonderful it is that people are "pirating" their film. The website rslog.net reviewed their film, The Man from Earth, and pointed out the many places online where it could be downloaded. It turned out that people really seemed to love the movie. Thousands downloaded it... and they started promoting it to others. The movie's ranking on IMDB shot up and it's getting attention from all over the place. The producer of the movie wrote to rslog to thank them for promoting the movie, noting that next time he'll probably upload his next movie to various torrent sites himself.

The director of the movie also chimed in with his support. He notes that they definitely view this a bit as "doing a Radiohead," but that's perfectly reasonable. They're hoping many people do decide to buy the DVD or donate money to the project, which seems like a reasonable request. However, what may be more likely is that they can use this groundswell to push for both theater showings of the movie and a distribution deal for their followup. And while this shows an example of moviemakers using the Radiohead example -- there's a big difference here as well. Many critics have been falsely dismissing the Radiohead experiment by saying that only big, well known bands can pull it off. However, what the folks behind this movie are doing is exactly the opposite. They're smaller names, who are generating tremendous publicity and opportunity for themselves by not treating their fans as criminals -- even those who clearly are downloading unauthorized versions. Instead, they're embracing them for the free publicity they're providing the movie and helping to turn it into a hit. Once again, the old saying is true: obscurity is a much bigger threat to creative works than piracy.



Pull down a copy of “War & Peace”, change all those funny Russian names to sound more American, change a few scenes to resemble modern day Washington, and you have a novel about Iraq.

http://mashable.com/2007/11/12/public-domain-ebook-sources/

20+ Places for Public Domain E-Books

November 12, 2007 — 10:24 PM PST — by Sean P. Aune



Another freebie...

http://www.news.com/8301-10784_3-9816250-7.html?part=rss&subj=news&tag=2547-1_3-0-5

IBM updates free Symphony suite

Posted by Elsa Wenzel November 13, 2007 2:43 PM PST

IBM is releasing an update today to its free Lotus Symphony productivity suite, which remains in beta testing.

The three desktop applications, Documents, Spreadsheets and Presentations, are counterparts to Microsoft Word, Excel and PowerPoint. The latest iteration of Symphony is supposed to be faster than its predecessor, which debuted less than two months ago.

The package is one of several low-cost or free alternatives to Microsoft Office.

... More than one quarter of a million people have downloaded the software to date, according to IBM.

Our first take review details how Symphony worked in CNET's early tests.



Expect military tech to be at least an order of magnitude better...

http://www.news.com/8301-10784_3-9815939-7.html?part=rss&subj=news&tag=2547-1_3-0-5

This world view is twice as sharp

Posted by Mark Rutherford November 14, 2007 6:37 AM PST

A global leader in commercial satellite imagery and geospatial information has just doubled up.

DigitalGlobe has released photos captured by its WorldView-1 remote sensing satellite launched in September that have twice the resolution of previous images, allowing viewers to see things on the ground as small as 20 inches in diameter. The black and white shots captured with equipment developed by ITT's Space Systems Division are part of a program sponsored by the National Geospatial-Intelligence Agency to provide imagery for military, intelligence, foreign policy, homeland security, and civil use.

They include shots of Houston, Texas, Yokohama, Japan, and Addis Ababa, Ethiopia. To date, the company's library contains more than 300 million square kilometers of satellite and aerial imagery. The unit is capable of collecting 290,000 square miles of images every day, according to the company, which promises to produce the "most advanced imagery ever seen."

The new gear is four times more power-efficient, six times lighter, and costs a third as much as previous models, according to ITT. The system captures "panchromatic" imagery, multispectral imagery across a wide swath, the end product is a 11x11 kilometer snapshot.

If you hold out until 2008, the company promises to deliver "lifelike true color" with an ITT eight-band, multispectral system from aboard the WorldView-2. And speaking of the NGA, it offers a Baghdad reference map, plus tons of other cool stuff available to the public here.



Geek alert!

http://slashdot.org/article.pl?sid=07/11/13/1710224&from=rss

MIT Releases the Source of MULTICS, Father of UNIX

Posted by Zonk on Tuesday November 13, @01:24PM from the linux's-dad's-dad dept. Operating Systems Education Unix

mlauzon writes "Extraordinary news for computer scientists and the Open Source community was announced over the weekend, as the source code of the MULTICS operating system (Multiplexed Information and Computing Service), the father of UNIX and all modern OSes, has finally been opened. Multics was an extremely influential early time-sharing operating system and introduced a large number of new concepts, including dynamic linking and a hierarchical file system. It was extremely powerful, and UNIX can in fact be considered to be a 'simplified' successor to MULTICS. The last running Multics installation was shut down on October 31, 2000. From now on, MULTICS can be downloaded from an official MIT site (it's the complete MR12.5 source dumped at CGI in Calgary in 2000, including the PL/1 compiler). Unfortunately you can't install this on any PC, as MULTICS requires dedicated hardware, and there's no operational computer system today that could run this OS. Nevertheless the software should be considered to be an outstanding source for computer research and scientists. It is not yet known if it will be possible to emulate the required hardware to run the OS." [Expect the virtual machine folks will do this! Bob]

No comments: