Saturday, July 26, 2008

“There are some things man was not meant to know.” (The comments run from profound to hilarious)

http://entertainment.slashdot.org/article.pl?sid=08/07/25/229229&from=rss

San Francisco DA Discloses City's Passwords

Posted by Soulskill on Friday July 25, @06:59PM from the you-sure-showed-him dept. It's funny. Laugh. Security News

snydeq writes

"The office of San Francisco District Attorney Kamala Harris has made public close to 150 usernames and passwords used by various departments to connect to the city's VPN. The passwords were filed this week as Exhibit A in a court document arguing against a reduction in $5 million bail in the case against Terry Childs. Though they placed the passwords in the public record, city prosecutors do seem to think that they are sensitive. InfoWorld's Paul Venezia, who has been following the case closely, provides further analysis of the technical details in the city's case. 'By themselves, [the passwords] would not be enough to allow anyone to access the network via VPN,' Venezia writes, 'but the fact that the city entered them into evidence is quite shocking. At the very least, they'll have to shut down their VPN access for awhile until they've changed them all and modified the configurations of some large number of VPN clients.'"



Did they have an agreement with their vendor to cover the vendor's vendor?

http://www.phiprivacy.net/?p=566

Jul-25-2008

Grady patients’ medical records stolen

Craig Schneider reports:

The FBI is investigating the theft of medical records of patients at Grady Memorial Hospital, officials said Friday.

Grady spokeswoman Denise Simpson provided few details on the thefts that were discovered late Thursday. She said it remains unknown how many patient records were stolen, which patients were affected or how the records were stolen.

Grady officials do not at this point believe the records contained patients’ Social Security numbers or financial information such as credit card numbers, but Simpson emphasized that investigators are only starting their inquiry.

Simpson did not identify either the vendor or subcontractor.

Full story - AJC

[From the article:

The records pertained to recorded physician comments that Grady sent to a vendor to transcribe into medical notes. The records were stolen from a subcontractor employed by the vendor. [Fourth Party? Bob]

... Grady officials do not at this point believe the records contained patients' Social Security numbers or financial information such as credit card numbers, but Simpson emphasized that investigators are only starting their inquiry. [They had to include some form of identification to match the “notes” to the patients. Bob]



http://www.pogowasright.org/article.php?story=20080726062940590

Hackers Breach Connecticut College Library System

Saturday, July 26 2008 @ 06:29 AM EDT Contributed by: PrivacyNews

A Connecticut College library system was breached by hackers apparently looking to set up chat rooms or send spam e-mails, the school reported Friday.

The hackers broke into two servers holding data for a consortium of Connecticut College, Wesleyan University and Trinity College. The servers are located at the consortium's headquarters at Wesleyan.

The database includes the names, addresses and Social Security or driver's license numbers of approximately 2,800 Connecticut College library patrons, 12 Wesleyan University patrons and three from Trinity.

Source - courant.com



Follow-up: Copycats or “vast criminal conspiracy?”

http://www.phiprivacy.net/?p=569

Jul-26-2008

Kelsey-Seybold Clinic patients in second breach or one multi-year breach?

Bob Dunn had an eyebrow-raising story on FortBendNow.com earlier this week. The story concerned recent grand jury indictments of 38 people involved in stealing identities to use for a payday loan scheme.

... This is not the first report implicating Kelsey-Seybold Clinic. In March 2008, a story in the Houston Chronicle (archived copy here) reported that Kelsey-Seybold insurance analyst Kretia Lutriel Griffin had been sent to prison for her role in stealing patient information of 200 patients between October 2005 and March 2007.



Another ID Thief sentenced

http://www.pogowasright.org/article.php?story=20080726080444319

NJ: Teen ringleader gets 5 years for skimming data from credit cards

Saturday, July 26 2008 @ 08:04 AM EDT Contributed by: PrivacyNews

Using technology to steal credit-card numbers may seem like a well thought out plan to an older generation, defense attorney John Zarych said Friday. But to teens, "They're playing around. It's like a computer game."

But Zarych's client found out it's no joke. Vimal Patel, 19, was sentenced to five years in prison Friday for obtaining skimmers - handheld devices that can copy all the information from a credit card - and giving them out to friends to use at their jobs. One worked at Resorts Atlantic City and another at Dunkin' Donuts. At least 150 people had their information stolen.

Source - pressofAtlanticCity.com

[From the article:

"A credit-card offense, to us, seems to be very well planned," Zarych said. "But these kids think of something and, in an hour, it's done. [Yes, we call that Insta-Hacking Bob]

"They don't take it seriously."



Sanctions may take the form of a strongly worded letter -- “Gee we wish you hadn't done that” But, this is a strategic move to increase the FCC's power.

http://arstechnica.com/news.ars/post/20080725-hammer-drops-at-last-fcc-opposes-comcast-p2p-throttling.html

Hammer drops at last: FCC opposes Comcast P2P throttling

By Nate Anderson Published: July 25, 2008 - 09:13PM CT

Once FCC Chair Kevin Martin announced his support for sanctions against Comcast, penalties looked inevitable. The two Democrats on the Commission, long supportive of network neutrality, seemed set to vote along with Martin and punish Comcast for its P2P "delaying" techniques; late this afternoon at FCC headquarters, they did, and a majority has now spoken.

The Wall Street Journal reports tonight that commissioners Copps, Adelstein, and Martin have decided against the cable giant, paving the way for an official vote when the order is publicly voted on next Friday. US ISPs, take note: the FCC has just used its 2005 Internet Policy Statement to draw a line in the sand. Step across it at your peril.


Related? Proactive or over-active? Are Blogs really e-SuggestionBoxes?

http://tech.slashdot.org/article.pl?sid=08/07/26/1321211&from=rss

Comcast Is Reading Your Blog

Posted by CmdrTaco on Saturday July 26, @09:30AM from the they-want-to-know-about-your-cats dept. The Internet

Paolo writes

"A Washington student got a bit of a shock when he received an email from internet service provider Comcast about comments he had made on his blog. Brandon Dilbeck, a student at the University of Washington, writes a blog and used it to complain about the service he was getting from Comcast. Shortly afterwards he got an email message from Comcast apologizing for the problems and suggesting he might look at a guide it had posted on its web site. Lyza Gardner, a vice president at a Web development company in Portland used Twitter to complain about the company and was surprised to be contacted directly. Comcast is now monitoring blogs as a way of improving its image among customers. The company was ranked at the bottom of the most recent American Customer Satisfaction Index."



No wonder things get lost... Giga-Google?

http://search.slashdot.org/article.pl?sid=08/07/26/0036245&from=rss

Google URL Index Hits 1 Trillion

Posted by Soulskill on Saturday July 26, @12:03AM from the orders-of-magnitude dept.

mytrip points out news that Google's index of unique URLs has reached a milestone: one trillion. Google's blog provides some more information, noting,

"The first Google index in 1998 already had 26 million pages, and by 2000 the Google index reached the one billion mark. Over the last eight years, we've seen a lot of big numbers about how much content is really out there. To keep up with this volume of information, our systems have come a long way since the first set of web data Google processed to answer queries. Back then, we did everything in batches: one workstation could compute the PageRank graph on 26 million pages in a couple of hours, and that set of pages would be used as Google's index for a fixed period of time. Today, Google downloads the web continuously, collecting updated page information and re-processing the entire web-link graph several times per day."



How big is too big? If you index 99% of the Internet are you automatically a Monopoly?

http://news.cnet.com/8301-10787_3-10000039-60.html?part=rss&subj=news&tag=2547-1_3-0-5

July 25, 2008 3:42 PM PDT

Google explains: We're not a monopoly, not by a long shot

Posted by Charles Cooper

... But Google obviously doesn't agree that size and market dominance pose even remote antitrust parallels with IBM in the 1960s or Microsoft in the 1990s. The chief reason: the markets in question are very different. Earlier Friday, Google's general counsel, Kent Walker, and Dana Wagner, the U.S. competition counsel, got on the phone to explain why.

"The nature of the Internet is just a fundamentally different world from the sale of packaged software or the bundling of software with OEMs (original equipment manufacturers)," said Walker, "The standard line we have is that competition is just one click away,"

Walker offered what he called both a "structural" answer as well as the "behavioral" answer.

Listen now: [Note: the interview is sliced into sub-topics. Listen to them all or see the article for specifics... Bob]

http://podcast-files.cnet.com/podcast/googa.mp3

http://podcast-files.cnet.com/podcast/googb.mp3

http://podcast-files.cnet.com/podcast/googlec.mp3

http://podcast-files.cnet.com/podcast/googled.mp3

http://podcast-files.cnet.com/podcast/googlee.mp3



For those who should backup but never seems to remember. (Hacker note: If we could suppress the “You've been backed up” message, this could be used to automatically steal data.)

http://www.killerstartups.com/Web-App-Tools/backblaze-com-back-up-before-its-too-late

BackBlaze.com - Back Up Before It's Too Late

If you are thinking of backing up your data, but can’t find a secure server to do so in, then you should take a look at Backblaze.com. Once you become a paying costumer [$5 per month for “Unlimited Storage” Bob] of the site, you will be able to back up your computer’s information onto their server. This means that, no matter what happens to your computer (or maybe your whole office, in case of a natural disaster) you will be able to recuperate all of your data. The How It Works section has detailed information on how the back up process takes place. All of your information will be backed up to a secure facility, so you don’t need to worry about it being in harm’s way.

https://www.backblaze.com/



How to abandon your customers. Perhaps they will sell you the DRM codes you need? QUESTION: Is there a parallel to this in the non-digital world or can it only happen there?

http://www.pcworld.com/businesscenter/article/148925/yahoo_burn_your_drmed_tracks_to_cd_now.html

Yahoo: Burn Your DRMed Tracks to CD Now

Jeremy Kirk, IDG News Service Friday, July 25, 2008 4:10 AM PDT

Yahoo has become the latest company to abandon customers who bought tracks from its music store encoded with DRM (digital rights management), drawing fire from the Electronic Frontier Foundation (EFF).

(Read PC World blogger Erik Larkin's take on today's news.)

On Sept. 30, Yahoo will shut down the servers that are needed to reauthorize music purchased from its failed Unlimited Music Store if it is transferred to a new PC, Yahoo said in an e-mail to customers. The rule to designed to slow music piracy. Re-authorization is also needed if someone upgrades their PC's operating system.

The only workaround for customers wanting to listen to their music on a new or upgraded computer after this date is to burn the tracks to a CD and then reload them on a PC.



NASA gets big money to look for aliens, but only on the US-Mexico boarder...

http://science.slashdot.org/article.pl?sid=08/07/26/0119248&from=rss

NASA Opens Space Image Library

Posted by Soulskill on Saturday July 26, @05:13AM from the pretty-pictures dept. NASA Space

slatterz writes with an excerpt from a brief PC Authority article:

"Nasa is to make its huge collection of historic photographs, film and video available to the public for the first time. A partnership with the non-profit Internet Archive will see 21 major Nasa imagery collections merged into a single searchable online resource. The Nasa Images website is expected to go live this week. The content of the site covers all the diverse activities of America's space programme, including imagery from the Apollo missions, Hubble Space Telescope views of the universe and experimental aircraft past and present."

The site is working already, and it looks fantastic. Don't hesitate to share any interesting pictures or movies you find.



Humor: Doing things right v. doing the right things

http://video.google.com/videoplay?docid=6192322462621283244&q=humor&ei=RCqKSLGyLIHe4ALDy8j_Bw&hl=en

No comments: