Thursday, July 10, 2008

Is there a crime here?

http://www.pogowasright.org/article.php?story=20080710061729331

California state worker probed in ID security breach (follow-up)

Thursday, July 10 2008 @ 06:17 AM EDT Contributed by: PrivacyNews

A state worker recently married to a member of the Mexican Mafia who is in Corcoran State Prison for a gang murder is herself under investigation for downloading more than 5,000 names, addresses and Social Security numbers belonging to Department of Consumer Affairs staff, The Bee has learned.

Source - SacBee

Prior coverage: CA: Security breach compromises 5,000 social security numbers at Consumer Affairs

[From the article:

Dumbrique did not respond to several e-mail or telephone messages seeking her comment, but she suggested in an e-mail to her former bosses on June 11 that she sent the data file to her personal e-mail account by mistake. [If she normally emailed files like this, that could be a hard argument to disprove. Esp. if she was emailing a number of personal files because she was leaving this job for another. Bob]

... The affidavit by Consumer Affairs investigator Loomis claims that Dumbrique downloaded the data [...] on Friday, June 6.

She then reportedly forwarded the roster, as an attachment, to her own personal Yahoo e-mail account, the affidavit adds.

Special security software alerted Consumer Affairs data security officials to the breach that same day, but the department's criminal probe only began Monday, June 9. There was no explanation for the two-day delay, other than it was a weekend.

Consumer Affairs data security experts and Dumbrique's former bosses in the human resources unit told Loomis that Dumbrique had access to the confidential data on a daily basis as a regular part of her job, the affidavit states.

But the personnel specialist did not have a valid reason to download the data nor did she have permission to transmit it to an outside e-mail account, the affidavit adds.



The Hacker misplayed this one. Politicians plea for money all the time. What he should have done is requested that they send the money directly to his bank account... but then, he probably didn't know what a potential gold mine he had.

http://www.pogowasright.org/article.php?story=2008070919135030

Guam: Senator Stung By Identity Theft

Wednesday, July 09 2008 @ 07:13 PM EDT Contributed by: PrivacyNews

With the warning from federal authorities of increased cases of identity theft, one case would hit close to home.

Senator Adolpho Palacios has revealed that someone hacked into his email account over the weekend and sent a letter to everyone in his address book asking for money.

Palacios says the hacker, in the letter said that he needed money because he was stranded in London. Palacios says that wasn’t true and reported the incident to the FBI.

Source - Pacific News Center



Question for the “Command Structure” Could spam cause a war? (Social engineering on a national scale?)

http://news.cnet.com/8301-10789_3-9986675-57.html?hhTest=1

July 9, 2008 12:50 PM PDT

Storm worm e-mail says U.S. attacked Iran

Posted by Robert Vamosi

Recent e-mails stating that the U.S. has already attacked Iran and, in some cases, also offering links to a video purportedly from a soldier, are not to be believed, according to Websense. The security vendor said in an advisory Wednesday that it has linked the provocative e-mails to the Storm worm.



Very different cultures produce very different laws?

http://www.pogowasright.org/article.php?story=20080710062140109

Data Security, Privacy in Asia

Thursday, July 10 2008 @ 06:21 AM EDT Contributed by: PrivacyNews

This note undertakes a discussion of historical evolution, culture and current Asian data security and privacy laws by examining these aspects in three Asian countries - Japan, China and South Korea. Next, this note compares data security and privacy laws in Asia to that of relevant laws in the United States. Finally, this note works toward making a proposal to harmonize a legal solution for the international contexts because the Internet is inherently international. This note suggests a reciprocal enforcing system among countries as one of the possible solutions. [Perhaps we could send all the Crackers to Guantanamo? Bob]

Source - The Seoul Times



Is this the Internet (global) equivalent of hanging lost hubcaps on your fence?

http://www.pogowasright.org/article.php?story=20080710063100164

Lose a camera?

Thursday, July 10 2008 @ 06:31 AM EDT Contributed by: PrivacyNews

Imagine you lost the camera that had those one-of-a-kind vacation photos, or images of a keepsake moment. Now imagine a stranger finding it: Would you feel happy, or somehow that your privacy was invaded, if that stranger put some of your images on the web to track you down?

A new website, www.Ifoundyourcamera.net, aims to do exactly that: Using the power and reach of the Internet, it asks people who find cameras, memory sticks or photos to upload and send a few of the images, which are posted for all to see. The intent is for people who visit the site to scroll through the pictures for their lost memories or for faces they know.

Source - North Bay Nugget



Not everyone who cracks new technology is nice enough to tell us about it.

http://www.pogowasright.org/article.php?story=20080709190928723

FasTrak Toll Hacked, Exposing Privacy Dangers

Wednesday, July 09 2008 @ 07:09 PM EDT Contributed by: PrivacyNews

Zipping through that electronic toll fast-lane on the highway may save you time, but it also may cost you your privacy.

A Black Hat researcher recently reverse-engineered the popular RFID-based FasTrak toll tag that some drivers in the San Francisco Bay Area affix to their windshields for pre-paying highway tolls and discovered some gaping security holes that leave these transponders vulnerable to sniffing, cloning, and surreptitious tracking of a driver’s comings and goings. Nate Lawson, principal with Root Labs, will demonstrate at Black Hat USA next month in Las Vegas what he found inside those toll tags (hint: no encryption), and he will release an open-source tool for users to protect their toll tags from abuse.

Source - Dark Reading



I'm glad someone is trhying to explain this to me. (Would shipping the PC back to an out-of-state manufacturer violate the law?)

http://news.slashdot.org/article.pl?sid=08/07/09/2226252&from=rss

Follow-up On Texas PI Law For PC Techs

Posted by samzenpus on Wednesday July 09, @07:14PM from the are-you-licensed-to-look dept. Government

boyko.at.netqos writes

"Network Performance Daily has put out an in-depth series on the Texas law that requires private investigator licenses for computer repair techs, network analysts, and other IT professionals. It includes an interview with the author of the law, Texas Rep. Joe Driver, the captain of the Texas Private Security Bureau, RenEarl Bowie, and Matt Miller at the Institute for Justice, which is suing the state over the law. Finally, there's a series summary and editorial."



If true, does “always on” Internet access mean I should be paid for working 24 hours per day? Would a policy that says:”Outside of normal business hours, turn your toy off” solve this problem? Ah, but then why give them to employees in the first place.

http://mobile.slashdot.org/article.pl?sid=08/07/09/2236201&from=rss

Workplace BlackBerry Use May Spur Lawsuits

Posted by samzenpus on Wednesday July 09, @10:23PM from the I've-worked-80-hours-this-week dept. The Courts

An anonymous reader writes

"From an article on cnbc.com: 'As employers hand out electronic devices to their employees at a greater pace, there are growing concerns that workers eligible for overtime pay, known as non-exempt employees, could begin suing their employers for overtime hours earned while tapping on their devices during after-work hours. As a result, lawyers are advising their corporate clients to update their policies and handbooks related to BlackBerry use and reconsider who gets a device.'"



This from IBM, Open Office (Star Office) from Sun, Koffice and several others are free alternatives to Microsoft's Office suite. Since none are “significantly better,” there still is no compelling reason to switch other than cost.

http://www.technewsworld.com/rsstory/63734.html

Lotus Symphony: Big Blue Got It Right This Time

By Lou Dolinar Newsday 07/10/08 4:00 AM PT

... It includes a word processing module, a spreadsheet, and a presentation graphics package. Its underlying coding draws on OpenOffice, with a radically different user interface by IBM. For the first version, IBM left out the database and drawing tools that come with OpenOffice, although they may show up at a later date.

IBM/LS demonstrates both the strengths and weaknesses of open source. Of course, it's free, but unless you're a corporate client of IBM's, you'll have to pay for support.

No comments: