Thursday, October 02, 2008

Local

http://www.pogowasright.org/article.php?story=20081001172638360

CO: Parks Web site hacked; personal information may be compromised

Wednesday, October 01 2008 @ 05:26 PM EDT Contributed by:PrivacyNews

The Foothills Parks and Recreation District is contacting customers who may have had their personal information stolen by someone who illegally accessed the district's computer network.

Executive Director Ronald Hopp says the access happened sometime in the past week and on Monday they determined that some customer information, including credit card information, may have been compromised. The district noticed unusual activity last week which they believe was caused by a virus introduced to cover up the actions of the intruder.

Source - 9News.com



The cost of a security breach...

http://www.pogowasright.org/article.php?story=20081002050918551

TX: Discarded Records Could Cost Company $2 Million

Thursday, October 02 2008 @ 05:09 AM EDT Contributed by: PrivacyNews

A lawsuit just filed by the Texas Attorney General says more than 44 people in San Antonio were victims of violations of the Identity Theft Enforcement and Protection Act.

Because of what the News 4 Trouble Shooters found in their dumpster, the drug treatment facility could face more than $2 million in civil penalties.

Source - WOAI


Related Details from the Breach Blog

http://breachblog.com/2008/10/01/treatment.aspx?ref=rss

Texas AG gets tough with Treatment Associates of Victoria



How could managers miss this? Oh, wait – not managers – bureaucrats! Thank god they're not in charge of anything important like Naval Research!

http://yro.slashdot.org/article.pl?sid=08/10/02/0246203&from=rss

Sysadmin Steals Almost 20,000 Pieces Of Computer Equipment

Posted by samzenpus on Thursday October 02, @07:57AM from the was-that-wrong dept. The Courts The Military News

coondoggie writes

"Now this is some serious computer theft. We're talking 19,709 pieces of stolen computer equipment from the US Naval Research Laboratory in Washington, DC. The theft included everything from PCs and printer toner to hard drives, software and other office equipment amounting to over $120,000, according to court documents and published reports."



For your Security Manager: Training for those who insist on using a “not very secure” email system. (Wouldn't you rather use a system that isn't regularly hacked, Gov. Palin?)

http://www.makeuseof.com/tag/check-if-your-gmail-is-hacked-with-activity-monitor/

Check if Your Gmail is Hacked with Activity Monitor

Sep. 30th, 2008 | by Aibek



For your Security Manager's Manager

http://www.infoworld.com/article/08/10/02/Does_patch_management_need_patching_1.html?source=rss&url=http://www.infoworld.com/article/08/10/02/Does_patch_management_need_patching_1.html

Does patch management need patching?

Report says 90 percent of successful exploits these days involve vulnerabilities for which a patch has been available for six months or longer

By Rick Cook, CSO October 02, 2008

... "For the overwhelming majority of attacks exploiting known vulnerabilities, the patch had been available for months prior to the breach," Verizon says on page 15 of its 2008 Data Breach Investigations Report . " Also worthy of mention is that no breaches were caused by exploits of vulnerabilities patched within a month or less of the attack."



Chinese discovered in China! Word finally reaches NY Times! ...and other obvious facts.

http://www.pogowasright.org/article.php?story=20081001172454738

Huge System for Web Surveillance Discovered in China

Wednesday, October 01 2008 05:24 PM EDT Contributed by: PrivacyNews

A group of Canadian human-rights activists and computer security researchers has discovered a huge surveillance system in China that monitors and archives certain Internet text conversations that include politically charged words.

The system tracks text messages sent by customers of Tom-Skype, a joint venture between a Chinese wireless operator and eBay, the Web auctioneer that owns Skype, an online phone and text messaging service.

Source - New York Times


On the other hand... (Perhaps they should hire teachers who can read?)

http://www.pogowasright.org/article.php?story=20081002045952389

Sweden condemns surveillance in schools

Thursday, October 02 2008 @ 04:59 AM EDT Contributed by: PrivacyNews

Sweden’s Data Inspection Board (Datainspektionen – DI) has demanded that seven schools change their use of surveillance cameras in a decision it hopes will set a precedent for schools across the country.

... Six of the schools were told they could no longer use any of their surveillance cameras when school is in session on the weekdays.

But Tensta high school, which today has 60 surveillance cameras in place, will be allowed to keep one camera in operation during school hours.

Source - The Local

[From the article:

The ruling follows an investigation by the Board revealed that seven different school were currently deploying surveillance cameras in a way which violated Swedish regulations governing the use of the cameras.

... In the article, Gräslund writes that the Board’s decision is “a wake-up call for all schools in Sweden which use or are considering using surveillance cameras indoors during the day” and claims that there is widespread ignorance about rules governing surveillance, which occurs regularly and is often an invasion of privacy.



“Stupid is as stupid does.” F. Gump

http://idle.slashdot.org/article.pl?sid=08/10/01/231247&from=rss

Man Uses Remote Logon To Help Find Laptop Thief

Posted by samzenpus on Thursday October 02, @12:48AM from the cyber-bloodhound dept.

After his computer was stolen, Jose Caceres used a remote access program to log on every day and watch it being used. The laptop was stolen on Sept. 4, when he left it on top of his car while carrying other things into his home. "It was kind of frustrating because he was mostly using it to watch porn," Caceres said. "I couldn't get any information about him." Last week the thief messed up and registered on a web site with his name and address. Jose alerted the police, who arrested a suspect a few hours later. The moral of the story: never go to a porn site where you have to register. [Well, DUH! Bob]


Related Would James Bond have made this mistake?

http://www.schneier.com/blog/archives/2008/10/mi6_camera_--_i.html

October 1, 2008

MI6 Camera -- Including Secrets -- Sold on eBay

I wish I'd known:

A 28-year-old delivery man from the UK who bought a Nikon Coolpix camera for about $31 on eBay got more than he bargained for when the camera arrived with top secret information from the UK's MI6 organization.

Allegedly sold by one of the clandestine organization's agents, the camera contained named al-Qaeda cells, names, images of suspected terrorists and weapons, fingerprint information, and log-in details for the Secret Service's computer network, containing a "Top Secret" marking.

He turned the camera in to the police.



Elvis lives! Note that the headline isn't: “Hackers create an Elvis Passport” They cloned the King's!

http://it.slashdot.org/article.pl?sid=08/10/02/0242214&from=rss

Hackers Clone Elvis' Passport

Posted by samzenpus on Thursday October 02, @05:30AM from the don't-mess-with-the-king dept. Security Privacy Government Technology

Barence writes

"Hackers have released source code that allows the 'backup' of RFID-protected passports, although the tool can potentially be used to create fake or cloned documents. The Hacker's Choice, a non-commercial group of computer security experts, has released a video showing a cloned passport being approved by a security scanner at a Dutch airport. When the reader scans the passport, it is revealed to belong to one Elvis Aaron Presley, complete with picture. Reports of the hackers serenading security staff with 'Are You Clonesome Tonight' are unconfirmed."



Still inadequate? Read th comments!

http://it.slashdot.org/article.pl?sid=08/10/02/0239239&from=rss

Credit Card Security Standard Issued

Posted by samzenpus on Thursday October 02, @03:27AM from the do-it-like-this dept. Security

alphadogg writes

"The Payment Card Industry Security Standards Council, the organization that sets technical requirements for processing credit- and debit-cards, Wednesday issued revised security rules, while also indicating next year it will focus on new guidelines for end-to-end encryption, payment machines and virtualization. PCI adherence has been pushed big time in the industry to help avoid more big breaches such as the one involving TJX. Those familiar with the standard say it could be expensive to implement and that there are some things those using wireless LANs will need to pay especially close attention to."



Interesting summaries of e-Discovery rulings. (Even to non-lawyer me...)

http://ralphlosey.wordpress.com/2008/07/13/more-must-read-2008-cases-part-one-in-a-three-part-series/

More “Must Read” 2008 Cases - Part One in a Three Part Series



Interesting business model? Imagine getting paid in beer!

http://www.killerstartups.com/Search/properpint-com-information-on-dublin-pubs

ProperPint.com - Information On Dublin Pubs

http://www.properpint.com

The aptly-named ProperPint website is an online resource that provides users with fully up-to-date information on Dublin-based pubs and happening nightspots. The site has an unobtrusive layout and upon directing your browser to this startup you will be greeted with a concise navigation menu. The items that make it up include “Browse Dublin Pubs”, “Add a New Pub” and a “Google Earth Pubs” link that will help you visualize the pubs of your choice in a straightforward fashion.

Moreover, the site includes a “Write a Pub Review” section that will let any user offer his opinion on any existing nightspot in the Dark Pool city. There is also a “20 Most Popular Pubs” category that showcases notable venues based on the ratings that have been submitted by visitors of the site. Finally, the site also boasts a “Most Recent Pubs” section that charts those pubs that have recently opened their doors.

It is also interesting to point out that when writing a review it is possible to pose questions such as “I would like to work in this pub, who should I contact?” and related considerations.



Geeky stuff...

http://www.infoworld.com/article/08/10/01/Free_version_of_HyperV_now_available_1.html?source=rss&url=http://www.infoworld.com/article/08/10/01/Free_version_of_HyperV_now_available_1.html

Free version of Hyper-V now available

Microsoft aims to catch up to VMware; follows its lead in releasing a free, low-footprint version of its software

By Elizabeth Montalbano, IDG News Service October 01, 2008



Something for my website class (Maybe I'll broadcast my classes!)

http://www.killerstartups.com/Web-App-Tools/youstream-fm-broadcast-your-own-radio-station

YouStream.fm - Broadcast Your Own Radio Station

http://www.youstream.fm

The premise behind the YouStream.fm website is quite simple: members can broadcast their own programs online. The main page of the site lists already existing radio broadcasts by random users, whereas a “Top 10” chart is likewise featured. This chart provides instant access to the 10 top radios that broadcast using the YouStream.fm web service.

A supple navigation menu is also provided, and it enables users to browse through the existing radios by genre. Some of these include “Music & DJ”, “Talk Show” and “Religious”.

Information on the current users of YouStream.fm can also be procured using this navigation menu. It is possible to inform oneself about listeners in general as well as finding out more about the current disc jockeys and radio managers.

Guidance is given on a plethora of issues that range from how to install both Winamp and ShoutCast to advanced tricks and tips in order to maximize your online time and reach a wider audience.

Lastly, the site provides links for those who want to do some online music-related shopping, as items such as instruments can be procured along with music software under the “Store” heading



Something to intimidate my Excel class?

http://books.slashdot.org/article.pl?sid=08/10/01/1329243&from=rss

Advanced Excel for Scientific Data Analysis

Posted by samzenpus on Wednesday October 01, @01:02PM from the read-all-about-it dept.

cgjherr writes

"If the recent financial meltdown has left you wondering, 'When does exponential decay function stop?' then I have the book for you. Advanced Excel for Scientific Data Analysis is the kind of book that only comes along every twenty years. A tome so densely packed with scientific and mathematical formulas that it almost dares you to try and understand it all. A "For Dummies" book starts with a gentle introduction to the technology. This is more like a "for Mentats" book. It assumes that you know Excel very well. The first chapter alone will have you in awe as you see the author turn the lowly Excel into something that rivals Mathematica using VBA, brains, and a heaping helping of fortitude."

Read on for the rest of Jack's review.

No comments: