Thursday, April 17, 2008

“They're only backup tape, no need for security.”

http://www.pogowasright.org/article.php?story=2008041710261620

FL: Information on thousands of UM patients stolen

Thursday, April 17 2008 @ 10:26 AM EDT Contributed by: PrivacyNews News Section: Breaches

The confidential information of tens of thousands of University of Miami patients was stolen last month when thieves took a case out of a vehicle used by a private off-site storage company, UM said Thursday morning

'' Anyone who has been a patient of a University of Miami physician or visited a UM facility since Jan. 1, 1999, is likely included on the tapes,'' the university said in a news release. `` The data included names, addresses, Social Security numbers or health information. The university will be notifying by mail the 47,000 patients whose data may have included credit card or other financial information regarding bill payment.''

The information was in a container holding computer back-up tapes. The container was removed from a vehicle in downtown Coral Gables on March 17, the storage company told UM.

Source - Miami Herald

[From the article:

''Shortly after learning of the incident, the university determined it would be unlikely that a thief would be able to access the backup tapes because of the complex and proprietary format in which they were written,'' UM said in the statement. [Very unlikely to be true. Bob]



Outside contractor who kept the data too long...

http://www.pogowasright.org/article.php?story=20080417063117929

Laptop stolen with student data, contained personal information of 3,400 CSU System pupils

Thursday, April 17 2008 @ 06:31 AM EDT Contributed by: PrivacyNews News Section: Breaches

The Connecticut State University System announced Wednesday a laptop computer that was stolen from a vendor contained the data of about 3,400 current and former students from the four state universities, including Western Connecticut State University.

The computer was password-protected but contained unencrypted files with personally identifiable data, including names and Social Security numbers for certain students who attended Central, Eastern, Southern and Western Connecticut State universities between September 2001 and December 2004.

Source - The News-Times

Related - Personal data of Connecticut students on stolen laptop

[From the first article:

SunGard Higher Education, provider of the state system's student data management software, informed officials April 9 that a laptop computer owned by SunGard and in the possession of one of its employees had been stolen.

The data was originally provided for SunGard to perform various services for the university system, but it was apparently retained longer than necessary to perform those services, Kavaler said.

[From the second article:

State officials say a company has waited nearly a month before telling Connecticut State University System officials that personal information on students is on a stolen laptop computer.

[Related:

http://www.nhregister.com/WebApp/appmanager/JRC/BigDaily;jsessionid=p21DLHNT2yZ0nhg1tRVFG1CMWtTmyhdKGd6vwm5m513S22ytyTFt!1297755145?_nfpb=true&_pageLabel=pg_article&r21.pgpath=%2FNHR%2FHome&r21.content=%2FNHR%2FHome%2FFeaturedArticle_Story_1908002

Students’ personal data lost in laptop theft

By Mark Zaretsky, Register Staff Posted on Thu, Apr 17, 2008

... The stolen laptop contained data from projects with a number of customers. SunGard suggested on its Web site that the security breach goes beyond four universities in Connecticut.

... The attorney general said he has seen “no evidence yet that any of the information has been used,” although “commonly, confidential, private information is used for identity theft only after a number of months because the identity thieves often wait for the victims to be complacent” [Now there's a quote I can use! Bob] and “for there to be a false sense of security.”



Almost no detail...

http://www.pogowasright.org/article.php?story=20080416125359353

Company warns of security breach

Wednesday, April 16 2008 @ 12:53 PM EDT Contributed by: PrivacyNews News Section: Breaches

Customers of Brookings-based Fishback Financial Corporation are getting letters advising them to watch their accounts for identity theft.

The company says a third party recently had unauthorized access to a computer database that includes people's names, addresses and Social Security numbers.

Source - KXMB

[Link that works: http://www.kxmb.com/News/229288.asp



We just love to know what everyone else is doing...

http://yro.slashdot.org/article.pl?sid=08/04/17/1210250&from=rss

Senator Proposes To Monitor All P2P Traffic for Illegal Files

Posted by Zonk on Thursday April 17, @09:19AM from the kind-of-strains-the-mind-to-think-about-huh dept. Privacy The Courts The Internet Government United States Politics

mytrip writes

"Senator Joe Biden (D-Del) has proposed an ambitious plan, costing on the order of $1 billion, aimed at curtailing illegal activities via P2P networks. His plan involves utilizing new software to monitor peer-to-peer traffic on an ongoing basis. 'At an afternoon Senate Judiciary subcommittee hearing about child exploitation on the Internet, Sen. Joe Biden (D-Del.) said he was under the impression it's "pretty easy to pick out the person engaged in either transmitting or downloading violent scenes of rape, molestation" simply by looking at file names. He urged use of those techniques by investigators to help nab the most egregious offenders."



Put your money where the crime is, join my “Cameras in Congress” campaign.

http://blog.wired.com/27bstroke6/2008/04/lawmakers-propo.html

Lawmakers Proposing Millions for Elementary School Surveillance Cams - UPDATE

By Ryan Singel EmailApril 15, 2008 | 7:06:07 PM Categories: Surveillance

Call it the No Child Left Unsurveilled Act.

... In what seems a plain attempt to arise the ire of Bruce Schneier, the bill would bar schools from using the money for actually assessing what the threats and weaknesses to the school are.



“Stupidity is a right!”

http://hardware.slashdot.org/article.pl?sid=08/04/17/149201&from=rss

Some 12% of Consumers 'Borrow' Unsecured Wi-Fi

Posted by Zonk on Thursday April 17, @10:27AM from the other-88-percent-are-lying dept. Wireless Networking The Internet Security Networking

alphadogg writes

"Despite the fact that it's often considered an illegal act, a sizeable percentage of the UK/US internet-using population 'borrows' unsecured Wi-Fi access. This is according to a study conducted by the group Accenture. 'The Accenture study found that computer users are still engaging in some unsafe computing practices. Nearly half of all respondents said that they used the same password for all of their online accounts, and only a quarter of them have ever encrypted files on their computers.'"

My guess is the actual figure is higher than that.



Interesting. I wonder if they have real lawyers?

http://techdirt.com/articles/20080416/133815864.shtml

Oregon Using Copyright Law To Prevent Other Sites From Publicizing Oregon Law

from the just-as-the-law-intended dept

Well here's a story about copyright that's so bizarre it makes you think that there must be a mistake somewhere -- but it seems to be completely true. Apparently, Oregon is complaining to sites like Justia (which publish public domain legal documents) that they are violating copyright by republishing some of Oregon's laws. The state admits that the text of the laws are not covered by copyright, but that everything else about the way the law is presented is covered by copyright (such as the numbering, the notes and annotations). This is an accurate portrayal of copyright law, which does allow such things to be covered by copyright (though, the "numbering" part seems questionable), but it's difficult to see how the state could possibly get upset that someone is trying to better publicize Oregon's laws. The state does make one good point: Justia adds its own copyright notice to the text, which is bad form, but was probably just a template issue. Either way, it's difficult to see what Oregon could possibly gain in trying to force copies of its laws off of public resource legal sites.



Interesting test of 'fair use?”

http://www.nytimes.com/2008/04/16/technology/16school.html?_r=1&oref=slogin

Publishers Sue Georgia State on Digital Reading Matter

By KATIE HAFNER April 16, 2008

Three prominent academic publishers are suing Georgia State University, contending that the school is violating copyright laws by providing course reading material to students in digital format without seeking permission from the publishers or paying licensing fees.

... The lawsuit, which may be the first of its kind, raises questions about digital rights, which are confronting many media companies, but also about core issues like the future of the business model for academic publishers.

... The case centers on so-called course packs, compilations of reading materials from various books and journals. The lawsuit contends that in many cases, professors are providing students with multiple chapters of a given work, in violation of the "fair use" provision of copyright law.



May revel some interesting details...

http://www.pogowasright.org/article.php?story=20080416150549386

Computer tech pleads guilty to stealing ID's

Wednesday, April 16 2008 @ 03:05 PM EDT Contributed by: PrivacyNews News Section: Breaches

A Los Angeles computer security consultant pleaded guilty today to using spyware that turned thousands of computers into "zombies" so he could steal their owners' identities.

John Schiefer, 26, admitted using "botnets" -- armies of infected computers -- to steal the identities of victims nationwide by extracting information from their personal computers and wiretapping their communications, according to the U.S. Attorney's Office.

... This is the first time someone in the United States has been charged under the federal wiretap statute for conduct related to botnets, prosecutors said.

Source - DailyBreeze.com

[From the article:

This is the first time someone in the United States has been charged under the federal wiretap statute for conduct related to botnets, prosecutors said.



More quotable (but debatable) quotes.

http://www.pogowasright.org/article.php?story=20080416171420529

One-third of breach victims walk away from company, survey

Wednesday, April 16 2008 @ 05:14 PM EDT Contributed by: PrivacyNews News Section: Older News Stories

Nearly one-third of consumers notified of a security breach terminate their relationship with the company, according to a recently released survey by the Ponemon Institute.

The Consumer's Report Card on Data Breach Notification, sponsored by ID Experts, also revealed that 63 percent of survey respondents said notification letters they received offered no direction on the steps the consumer should take to protect their personal information.

The survey interviewed 1,795 people across the United States to find out if consumers notified about a data breach involving their personal information were satisfied with the company's response, according to Larry Ponemon, founder of the Ponemon Institute.

Source - SC Magazine The report is available as a free download with registration



Quotable quotes (Remember, 86.2% of statistics are made up as needed.)

http://it.slashdot.org/article.pl?sid=08/04/16/2217214&from=rss

New Spam Site Found Every Three Seconds

Posted by samzenpus on Wednesday April 16, @10:24PM from the spam-sausage-spam-spam-spam-mail-and-spam dept. Security Spam

Stony Stevenson writes

"New figures suggest that 92.3 percent of all email sent globally during the first three months of 2008 was spam. The data from Sophos also indicated that 23,300 new spam-related web pages were created every day during the period, or one about every three seconds. For the first time Turkey's contribution to the global spam problem puts it in the top three offending countries. Compromised computers in Turkey are now responsible for relaying 5.9 percent of the world's junk email, compared to 3.8 percent in the final quarter of 2007."



Seems these are always mind expanding...

http://digg.com/business_finance/Open_source_economics_from_TED_com

Open-source economics from TED.com watch!

ted.com — Law professor Yochai Benkler explains how collaborative projects like Wikipedia and Linux represent the next stage of human organization. By disrupting traditional economic production, copyright law and established competition, they're paving the way for a new set of economic laws, where empowered individuals are put on a level playing field...

http://www.ted.com/talks/view/id/247



Blogs may be good for something after all (even if they do ramble a bit). This one raises an interesting question and there is a (probable) answer in to comments. Note to Comcast: I have no special animosity toward you – I'll happily blog about and incompetent organization.

http://www.scripting.com/stories/2008/04/16/aNewReasonToHateComcast.html

A new reason to hate Comcast

Wednesday, April 16, 2008 by Dave Winer.

... Then this morning around 9AM the service went down. I called the service number, and was quickly directed to call a special number. I couldn't record the call because I didn't have Skype working, but I wish I had found a way. The recording said I was talking to their legal services department, Press 1 if you are stealing content, 2 if you are using too much bandwidth, 3 if Comcast hates your guts, 4 if you're a criminal. (I don't remember the exact wording, this wasn't it, but the implication was that I was guilty of abuse, me, a paying customer, in good standing. By pressing a button I was admitting to doing something wrong.)

... Then he threatened me. He told me I was in the top 1/10th of 1 percent of all their Internet users and that if I didn't immediately stop using so much bandwidth they would suspend my service for 12 months. I asked if I could get this in writing, he said no. I asked how much bandwith would be acceptable, he wouldn't say. I told him this wasn't much of a threat if they weren't willing to put it in writing, and I wasn't intimidated. I also told him I was a blogger and would be writing it up. He didn't care.


[From the comments...

Kevin Hart 16 hours ago

... What Ive dug around and seems to be the reason is this. Some people on your node in your neighborhood called and complained things were slow. if they get a few of these calls they go into the node and check the logs. Then they blanket call everyone in the top '10%' there and threaten them. Its not an automated system, they wait for some complains, more than one, and then they call. Or that seems to be the common consensus around the net.



Another phone company, another self-serving “policy”

http://www.pogowasright.org/article.php?story=20080417064600364

Verizon cell customers last to know when their data pinched

Thursday, April 17 2008 @ 06:46 AM EDT Contributed by: PrivacyNews News Section: Breaches

In case you Verizon customers ever wonder what will happen if the company discovers that your cell phone data has been pinched, the wireless giant recently filed a summary of its procedures with the Federal Communications Commission. Here is the rundown:

First, Verizon will contact not you, but the United States Secret Service (USSS) and the Federal Bureau of Investigation (FBI). These two agencies will be notified "as soon as practicable," but no more than seven days after Verizon figures out that the theft took place. [“and if we never figure it out...” Bob]

Source - Ars Technica

[From the article:

"If an unauthorized individual has gained access to personal telephone records involving victims of stalking or spousal violence," Copps warned, "it won’t be the carrier or the law enforcement agency—but the victims—who are in the best position to know when and how harm may be heading toward them."



Interesting...

http://www.news.com/8301-10784_3-9920955-7.html?part=rss&subj=news&tag=2547-1_3-0-5

April 16, 2008 9:09 PM PDT

Darwin's private papers go digital

Posted by Desiree Everts

The works of one of the most towering figures of modern science are now available to anyone on the Web.

The Darwin Online Project is releasing on Thursday more than 90,000 online pages of Charles Darwin's photographs, sketches, and manuscripts, including the first draft of his theory of evolution.

No comments: