Wednesday, April 30, 2008

Anyone think there would be a case if it was your medical records or mine? Only famous people have a right to privacy!

http://www.phiprivacy.net/?p=329

Apr-29-2008

L.A. woman accused of stealing stars’ medical info

Dan Whitcomb reports:

A former hospital worker implicated in the theft of medical records for “Charlie’s Angels” star Farrah Fawcett, Gov. Arnold Schwarzenegger’s wife and some 60 other celebrities and selling them to the media has been indicted on federal charges.

Lawanda Jackson, a former low-level administrative specialist at UCLA Medical Center in Los Angeles, was charged in an indictment unsealed on Tuesday with illegally obtaining medical information for sale. [Shouldn't the tabloid be charged too? Bob]

The indictment does not name the celebrities who Jackson, 49, is accused of snooping on, but the Los Angeles Times has linked her to a scandal over the burgled records of Schwarzenegger’s wife, Maria Shriver, and Fawcett.

Jackson told the paper in an interview for its April 9 edition that she pried into the records because she was “just being nosy” and hadn’t “leaked” the private information to anyone else.

But the indictment, which was handed down by a U.S. District Court grand jury that same day, accuses her of accepting $4,600 from an unnamed “national media outlet” in exchange for the information.

The indictment alleges that the media outlet disguised the payments by writing checks to her husband.

Source - The US Daily



Another 'payback' for Identity Theft...

http://www.phiprivacy.net/?p=328

Apr-29-2008

Identity theft drug scheme spanned 11 states

In an update to a previous story, Scott Daughterty of The Capital reports:

The Garrett County woman didn’t have back pain.

She didn’t visit hospitals in 11 states to get prescription pain killers to help her cope.

Still, federal prosecutors said, the hospitals kept sending her bills demanding payment for those medications and services. One hospital in Washington County even went so far as to seek an arrest warrant for the woman when she refused to pay.

In a new twist on the now-commonplace crime of identity theft, an Edgewater woman used the Garrett County woman’s driver’s license to fraudulently obtain OxyContin, Oxycodone and Percocet from 85 hospitals in late 2006 and early 2007.

Belinda Marie Glock, 33, pleaded guilty April 11 in U.S. District Court in Baltimore to aggravated identity theft and fraud. She was sentenced yesterday to three years and one day in federal prison. She faced up to life in prison.

Full story - The Capital



http://www.usatoday.com/tech/news/computersecurity/2008-04-29-spam-sentencing_N.htm

Man gets prison after for sending spam e-mails

Posted 16h 39m ago |

DENVER (AP) — A Colorado man accused of sending hundreds of thousands of spam e-mails has been sentenced to 21 months in prison after pleading guilty to tax evasion and falsifying e-mail headers.

Thirty-five-year-old Edward "Eddie" Davidson of Louisville was also ordered to pay nearly $715,000 to the Internal Revenue Service. He was sentenced Monday and ordered to report to prison authorities in May.

Federal prosecutors say Davidson's operation used false e-mail headers to disguise the sender. Prosecutors say some of the spam was meant to dupe stock investors and manipulate markets.

Authorities say Davidson made at least $3.5 million sending e-mails for nearly 20 companies. [He gets to keep $2.78 million after paying the IRS? Now I see why they do it. Bob]



Security is as Security does... May be much ado about nothing...

http://techdirt.com/articles/20080429/095514977.shtml

Microsoft Gives Vista Backdoor Keys To The Police

from the meaning-the-crooks-have-it-too dept

It's long been assumed that Microsoft has built in various "backdoors" for law enforcement to get around its own security, but now reader Kevin Stapp writes in to let us know that the company has also been literally handing out the keys to law enforcement. Apparently, they're giving out special USB keys that simply get around Microsoft's security, allowing the holder of the key to very quickly get forensic information (including internet surfing history), passwords and supposedly encrypted data off of a laptop. While you can understand why police like this, the very fact that the backdoor is there and that a bunch of these USB keys are out there pretty much guarantees that those with nefarious intent also have such keys. The second you build in such backdoors, no matter how noble the reason, you can rest assured that they will be used by criminals as well. No matter what, for those of you who didn't already know it, now you have more evidence as to why trusting Microsoft's "security" isn't such a good idea. Update: Some folks in the comments, and Ed Bott, claim that this post is a misreading of the original story. The USB key includes a bunch of standard tools, not access to a "backdoor." The confusion, on my part, was due to the original article claiming that the device "can decrypt passwords and analyze a computer's Internet activity, as well as data stored in the computer." In saying so, it appeared that the device must have access to a backdoor to decrypt the password -- but an update claims that it's merely "password security auditing technologies."

[From the second article:

...a Microsoft spokeswoman said COFEE is a compilation of publicly available forensics tools, such as "password security auditing technologies" used to access information "on a live Windows system."

... Further, she reiterated that the tool is intended for use "by law enforcement only with proper legal authority."



“We were pretty sure that “name” was sufficient to identify anyone – after all, when Mom called I knew just who she meant. But some guy named John Smith objected after being denied online booking rights because his name was similar to the known (and evil) terrorist Jayne Smyth. How silly!”

http://www.bespacific.com/mt/archives/018213.html

April 29, 2008

DHS Announces New Aviation Security and Traveler Screening Enhancements

News release: "The U.S. Department of Homeland Security (DHS) announced today improvements aimed at strengthening aviation security while decreasing the hassle factor for travelers. Among the key improvements, DHS is providing airlines more flexibility to allow passengers to check in remotely who have been unable to do so because they have a name similar to [not the same as... Bob] someone on a watch list. The department also unveiled the Checkpoint Evolution prototype, which begins full operation at Baltimore-Washington International Airport (BWI) today. Each airline will now be able to create a system to verify and securely store a passenger’s date of birth to clear up watch list misidentifications. By voluntarily providing this limited biographical data to an airline and verifying that information once at the ticket counter, travelers that were previously inconvenienced on every trip will now be able to check-in online or at remote kiosks."

[The article mentioned some new technology to be used at Baltimore/Washington airport. Apparently DC Politicians don't like getting on planes with second-class citizens (you and me) who haven't had a vigorous cavity search. Bob]



No need to worry about this until November...

http://it.slashdot.org/article.pl?sid=08/04/29/1712215&from=rss

Hard Evidence of Voting Machine Addition Errors

Posted by kdawson on Tuesday April 29, @01:56PM from the got-some-splainin'-to-do dept. Security Politics

goombah99 writes

"Princeton Professor, Ed Felton, has posted a series of blog entries in which he shows the printed tapes he obtained from the NJ voting machines don't report the ballots correctly. In response to the first one, Sequoia admitted that the machines had a known software design error that did not correctly record which kind of ballots were cast (republican or democratic primary ballots) but insisted the vote totals were correct. Then, further tapes showed this explanation to be insufficient. In response, State officials insisted that the (poorly printed) tapes were misread by Felton. Again further tapes showed this not to be a sufficient explanation. However all those did not foreclose the optimistic assessment that the errors were benign — that is, the possibility that vote totals might really be correct even though the ballot totals were wrong and the origin of the errors had not been explained. Now he has found (well-printed) tapes that show what appears to be hard proof that it's the vote totals that are wrong, since two different readout methods don't agree. Sequoia has made trade-secret legal threats against those wishing to mount an independent examination of the equipment. One small hat-tip to Sequoia: at least they are reporting enough raw data in different formats that these kinds of errors can come to light — that lesson should be kept in mind when writing future requirements for voting machines."


How to deal with election irregularities? (There is a video of this talk...)

http://blog.wired.com/27bstroke6/2008/04/florida-electio.html

After Records Reveal E-Voting Glitches, Election Official Jokes She'll Stop Keeping Records

By Kim Zetter April 29, 2008 12:06:00 PM

[I'm not sure she's joking... Bob]



I'd wager they will try this again (and again, and again)

http://news.slashdot.org/article.pl?sid=08/04/29/1840250&from=rss

Arizona Judge Shoots Down RIAA Theories

Posted by kdawson on Tuesday April 29, @05:33PM from the schmaking-available dept. The Courts

NewYorkCountryLawyer writes

"In Atlantic v. Howell, the judge has totally eviscerated the RIAA's theories of 'making available' and 'offering to distribute.' In a 17-page opinion (PDF), District Judge Neil V. Wake carefully analyzed the statute and caselaw, and based on a 'plain reading of the statute' concluded that 'Unless a copy of the work changes hands in one of the designated ways, a "distribution" under [sec.] 106(3) has not taken place.' The judge also questioned the sufficiency of the RIAA's evidence pointing towards defendant, as opposed to other members of his household. This is the Phoenix, Arizona, case in which the defendant is representing himself, but received some timely help from his friends. And it's the same case in which the RIAA suggested that Mr. Howell's MP3s, copied from his CDs, were unlawful. One commentator calls today's decision 'Another bad day for the RIAA.'"



For my web site students (who always ask if they can point & click)

http://news.slashdot.org/article.pl?sid=08/04/30/009245&from=rss

NYTimes.com Hand-Codes HTML & CSS

Posted by kdawson on Tuesday April 29, @10:43PM from the all-the-finest-sites dept. The Media The Internet

eldavojohn writes

"The design director of NYTimes.com, Khoi Vinh, recently answered readers' questions in the Times's occasional feature 'Ask the Times.' He was asked how the Web site looks so consistently nice and polished no matter which browser or resolution is used to access it. His answer begins: 'It's our preference to use a text editor, like HomeSite, TextPad or TextMate, to "hand code" everything, rather than to use a wysiwyg (what you see is what you get) HTML and CSS authoring program, like Dreamweaver. We just find it yields better and faster results.'"

No comments: