Sunday, August 03, 2008

Secondhand breach report. How major is massive? Likely this will be another case (like COLT) where many organizations go through the same process because Visa can't/won't address it directly.

http://www.pogowasright.org/article.php?story=20080802084403271

Macy's security breach halts card service

Saturday, August 02 2008 @ 08:44 AM EDT Contributed by: PrivacyNews

Macy's had to notify 4,100 customers across the country who hold a Macy's Visa credit card -- not the regular charge card.

Macy's says there was a massive security breach at a Visa processing center in England. Theives got hold of Visa account numbers and started making unauthorized charges, mainly at gas stations.

Source - ABC7news.com Props, ITRC



So many unanswered questions.

http://www.pogowasright.org/article.php?story=20080802165058234

Ohio official: Former Delphi workers' data missing

Saturday, August 02 2008 @ 04:50 PM EDT Contributed by: PrivacyNews

A state official says a computer flash drive with Social Security numbers and other personal information for 2,600 former Dayton-area Delphi Corp. workers is missing.

Ohio Department of Job and Family Services Director Helen Jones-Kelley said Friday that the drive was removed from the unattended laptop computer of a state employee on July 25 in Lebanon.

Source - mLive.com



Is the a video on YouTube that shows how to build a skimmer? Someone seems to be spreading the word to a lot of petty criminals.

http://www.pogowasright.org/article.php?story=20080802165315562

Lawrenceville police arrest 3 men for ATM scam

Sunday, August 03 2008 @ 07:18 AM EDT Contributed by: PrivacyNews

Lawrenceville police have arrested three men suspected of stealing ATM information from several hundred Washington Mutual customers.

Police chief Greg Vaughn said the thieves used a skimming device and a small video camera to steal customer data that allowed them to access the accounts.

Source - AJC.com

[Quick search shows over 1100 hits, including: http://www.youtube.com/watch?v=FSmv-LkPNX0&feature=related


Related: Apparently it takes little to turn this into big business...

http://www.nola.com/timespic/stories/index.ssf?/base//library-152/1217596226252680.xml&coll=1

LA: Man pleads guilty to fraud via ATMs

Sunday, August 03 2008 @ 07:15 AM EDT Contributed by: PrivacyNews

An Avondale man faces up to 15 years in prison and a $250,000 fine after he admitted skimming credit and debit card information from automated teller machines at two Metairie convenience stores, authorities said.

Harry Temple, 38, of 120 Mandy Drive, pleaded guilty Wednesday in federal court to three counts of access device fraud and one count of aggravated identity theft, according to U.S. Attorney Jim Letten's office.

Investigators said Temple attached homemade skimmers to ATMs at Exxon Mobil stores at 3140 Veterans Memorial Blvd. and 2209 Causeway Blvd. in Metairie last year.

Source - nola.com

[From the article:

He used the stolen credit card information of a Las Vegas man to buy a $359 air compressor from a Home Depot in Covington, court records said.

... A search of Temple's residence turned up the air compressor, 75 counterfeit credit cards, 450 handwritten credit card numbers on notebook paper and equipment to scan and load pilfered data onto blank debit and credit cards, court records said.



What happens when “Free Speech” falls out of favor with the government... (New term: “infodemics”)

http://www.reuters.com/article/technologyNews/idUSSEO7244220080803?feedType=RSS&feedName=technologyNews

Bruised South Korean government takes on "infodemics"

Sun Aug 3, 2008 3:59am EDT By Kim Junghyun

SEOUL (Reuters) - South Korea's unpopular young government is having second thoughts about the benefits of running the world's most wired society.

The mass access to the Internet, which helped ex-CEO Lee Myung-bak to his resounding presidential election victory, went on to become the instrument helping shatter that popularity in just five months in office.

Now the government is working on new rules to rein in the excesses of its netizens and bring some control to the information -- and disinformation -- that bombards the nation's computer screens.

"We have to guard against 'infodemics,' in which inaccurate, false information is disseminated, prompting social unrest that spreads like an epidemic," Lee told parliament early in July.

... Stories abound of people being cruelly and very publicly hounded on the Internet, sometimes to the point of suicide.

Personal information too has become increasingly vulnerable. Earlier this year, the country's biggest online market place was hacked and enough information to identify some 13 million people released to anyone with an Internet connection -- which includes most of South Korea's population.

The Justice Ministry is working on what it calls a Cyber Defamation Law.

"The reality is that we lack the means to effectively deal with harmful Internet messages," a ministry official said.



Not just “ubiquitous surveillance” but “Big Brother Tools” for home use?

http://www.pogowasright.org/article.php?story=2008080305403247

How much information is too much?

Sunday, August 03 2008 @ 07:22 AM EDT Contributed by: PrivacyNews

Want to vet a baby sitter? Need to peek into the background of a prospective employee? Curious about the past of a potential date?

Last month, PeopleFinders, a 20-year-old company based in California, introduced CriminalSearches.com, a free service to satisfy those common impulses. The site, which is supported by advertising, lets people search by name through criminal archives of all 50 states and 3,500 counties in the United States. In the process, it just might upset a sensitive social balance once preserved by the difficulty of obtaining public documents like criminal records.

Source - International Herald Tribune

[From the article:

Academics have a term for the old inaccessibility of records like those for criminal convictions: "practical obscurity." [and investigators no doubt called it “impractical public records” Bob]

[The site: http://criminalsearches.com/



I wonder if they can identify a “not reported stolen” plate that is not on the registered vehicle? Probably only checks the plate, which could make for some interesting traffic stops...

http://yro.slashdot.org/article.pl?sid=08/08/02/203216&from=rss

"Mobile Plate Hunter" Cameras Raise Questions

Posted by kdawson on Saturday August 02, @08:44PM from the mission-creep-meets-big-brother dept.

The Washington Post has a story on "Minority Report"-style license-plate scanners that mount on police cars. They are the size of softballs, cost $25K, and can scan and run thousands of plates a day through the local Motor Vehicle Administration database. The easy mission creep these devices encourage is summarized in the article:

"Initially purchased to find stolen cars, a handful of so-called tag readers are in use across the Washington region to catch not just car thieves, but also drivers who neglected or failed their emissions inspections or let their insurance policies lapse. The District and Prince George's County use them to enforce parking rules... 'I just think it makes us a lot more effective and a lot more efficient in how our time is being used,' [a senior detective] said."

The article doesn't mention what happens to the data on legal plates. Suppose the DHS decides it wants a permanent archive of who was where, when?



A sure sign the “Cloud Computing” has arrrived.

http://news.slashdot.org/article.pl?sid=08/08/02/2224217&from=rss

Dell Tries To Trademark "Cloud Computing"

Posted by kdawson on Saturday August 02, @10:43PM from the head-in-the-clouds-or-perhaps-some-other-orifice dept. United States

Ian Lamont writes

"The Industry Standard reports that Dell is trying to trademark the term cloud computing . The phrase entered the tech lexicon years ago, but Dell's application (serial number 77139082) was made in early 2007 to the US Patent and Trademark Office, apparently in connection with data center products and services that it was promoting around that time. A quick search of Google News indicates that Dell itself did not use the term in press releases or discussions with indexed English-language media sources from 1996 to 2006. Dell is not the first company to attempt to trademark this term: The Standard notes that NetCentric, a company that provided 'carrier-class Internet fax technology,' also gave it a shot in the late 1990s, but was rejected."



“Stupid policy tricks?”

http://tech.slashdot.org/article.pl?sid=08/08/02/2239215&from=rss

Verizon Denies DSL Because of Subscriber's Name

Posted by kdawson on Sunday August 03, @05:43AM from the gravel-in-ya-guts-and-the-spit-in-ya-eye dept. The Internet

mikek2 writes

"When retired Philadelphia-area doctor and Vietnam veteran Dr. Herman I. Libshitz went to upgrade his dial-up connection to Verizon DSL, he was informed they wouldn't complete the order because his last name contained an expletive. Repeated calls to several levels of management at Verizon failed to resolve the problem, with several managers suggesting he change his last name. It all worked out in the end, after the Philadelphia Enquirer intervened."

[From the article:

"These people have no trouble putting me in their phone book. They send me mail with that name, they send me a bill routinely, and they cash my checks with Libshitz on it. They just offended me."



It is very easy to make research available. It's deciding what to do with it that's difficult

http://www.bespacific.com/mt/archives/018939.html

August 02, 2008

New on LLRX.com - Law of the Pacific Islands: A Guide to Web Based Resources Updated

Law of the Pacific Islands: A Guide to Web Based Resources: Ruth Bird's guide is expertly updated by Dianne Thompson and Anna Matich, each of whom possess comprehensive legal research expertise on this topical area — Published July 31,



Hacking the iPhone (It's too much like a computer to ignore)

http://blog.wired.com/gadgets/2008/08/tutorial-turn-1.html

Tutorial: Turn Your iPhone Into a Wireless Modem

By Brian X. Chen EmailAugust 01, 2008 | 5:33:54 PM



For your Security Manager: Interesting hack. Why would a counter interact with the browser?

http://blog.wired.com/27bstroke6/2008/08/web-sites-using.html

Web Sites Using SiteMeter Are Crashing with Internet Explorer

By Kim Zetter EmailAugust 02, 2008 | 4:23:19 AM

A number of web sites that use SiteMeter tracking code to monitor the number of visitors to their site are reporting that the code is causing Internet Explorer browsers to crash when users visit their sites.

... The problem appears to be affecting IE 5.5, 6.0 and 7.0. Internet surfers using IE to access a site that has SiteMeter tracking it receive a message saying the site cannot be loaded and "operation aborted." The issue seems to have begun late afternoon Friday.

SiteMeter has not responded to a request for comment and so far has posted no announcement to its web site addressing the issue. But SiteMeter's blog has a few posts published earlier this week referencing its move to a new platform and changes to its tracking code.

A number of sites are reporting that once they remove the SiteMeter code, the problem disappears and their page loads fine in IE.

[From the comments:

The ultimate fix, sitemeter.com is the problem. If you go into your internet explorer security settings and add the following to restricted sites then the page loads. http://*.sitemeter.com

No comments: