Friday, March 20, 2009

Convenience outweighs security. Nothing new here.

http://www.pogowasright.org/article.php?story=20090320042834620

Phone data makes 4.2 million Brits vulnerable to ID theft

Friday, March 20 2009 @ 04:28 AM EDT Contributed by: PrivacyNews

According to the findings of a survey by endpoint data protection security firm, Credant Technologies, 80% of phone users store information on their phones that could easily be used to steal their identities. The research surveyed 600 commuters at London railway stations about their mobile phones, typical usage and the types of sensitive information stored on them. The results were horrifying :

16% have their bank account details saved on their mobile phones
24% their pin numbers and passwords
• 11% keep social security and inland revenue details
• 10% store credit card information
• alarmingly 40% naively fail to protect their devices with a password

Source - PublicTechnology.net

[From the article:

99% of people use their phones for some sort of business use – even though 26% have been instructed by their employer not to do so



How I got your password. Hacking 101

http://news.cnet.com/8301-1009_3-10200631-83.html?part=rss&subj=news&tag=2547-1_3-0-5

Sniffing keystrokes via laser and keyboard power

by Elinor Mills March 19, 2009 4:27 PM PDT

VANCOUVER, B.C.--Presenters at the CanSecWest security conference detailed on Thursday how they can sniff data by analyzing keystroke vibrations using a laser trained on a shiny laptop or through electrical signals coming from a PC connected to a PS/2 keyboard and plugged into a socket.



Because the law doesn't specify, e-commerce isn't covered. I suspect that invalidates most fraud laws too, right?

http://www.pogowasright.org/article.php?story=20090319064604919

Federal Judge Rules In Favor Of E-Tailers, A Move Many Online Merchants May Come To Regret

Thursday, March 19 2009 @ 06:46 AM EDT Contributed by: PrivacyNews

In the Courts

Online retailers collecting credit card information and other personal information (e.g., name, address and telephone number) gained a victory against a privacy prohibition in a recent California federal case. However, in the long run the court decision may undo many protections for electronic commerce.

Source - StorefrontBacktalk



Update So, how's that censorship project going down under, mate? (It is useful to have this list, which I will check very carefully in case there are porn sites I haven't already found and bookmarked – for academic purposes only you understand.)

http://yro.slashdot.org/article.pl?sid=09/03/19/2321259&from=rss

Australia's Vast, Scattershot Censorship Blacklist Revealed

Posted by timothy on Thursday March 19, @10:59PM from the please-don't-click-here dept. Censorship The Internet IT

mask.of.sanity writes

"Australia's secretive Internet filter blacklist held by its communications watchdog has been leaked, revealing the government has understated the amount of banned Web pages by more than 1000. Multiple legitimate businesses and Web sites have been banned including two bus companies, online poker sites, multiple Wikipedia entries, Google and Yahoo group pages, a dental surgery and a tour operator. Betfair, a billion-dollar business blocked by the blacklist, CEO Andrew Twaits was furious the government has potentially annexed tens of millions of dollars in revenue after its Betfair.com gambling site was blacklisted. The blacklists were reportedly leaked by a Web filter operator to wikileaks which has published the full list of banned URLs. Outraged privacy advocates say the government has effectively lied about the amount of URLs included in the blacklists, totalling more than 2300, and the type of content which it would ban. The leak follows a series attacks on the watchdog in which irate users successfully lobbied for web sites to be banned, only to be threatened with an $11,000 fine for publishing the link contained in the PR response. It was also revealed the watchdog can ban Web sites at a whim, with no accountability."



I guess we can forget our hopes that MySpace is a passing fad. (Sigh)

http://news.cnet.com/8301-13846_3-10200669-62.html?part=rss&subj=news&tag=2547-1_3-0-5

Social networks, blogs more popular than e-mail

by Dave Rosenberg March 19, 2009 3:48 PM PDT



We've all run into these. It's a case of management failing to look at their site like a customer would and failing to insist that all customer reported concerns be addressed. (Also kicked off a storm of comments on the banking system...)

http://ask.slashdot.org/article.pl?sid=09/03/19/1936200&from=rss

Making Sense of Mismatched Certificates?

Posted by timothy on Thursday March 19, @03:51PM from the continue-anyway dept. Security The Almighty Buck

Ropati writes

"I bank with capitalone.com. Recently I went to log in to my credit card account, and my browser reported that the site certificate didn't match the web site I was on. [Expletive.] I'm wondering if I am getting a poisoned DNS URL. I have to log in and do my banking, so I accept the mismatched certificate. The banking site is complete, my transactions are listed but that doesn't mean there isn't a man in the middle attack here. I am still curious how much I have exposed my banking assets."

Read on for more, and offer advice on how to interpret what sounds like a flaky response from the bank.



For my web site students

http://www.bespacific.com/mt/archives/020885.html

March 18, 2009

National Marine Sanctuaries Media Library Online

"The National Marine Sanctuaries Media Library is an online vault where a comprehensive collection of select video clips and high-resolution still images from America's underwater treasures are securely stored and available for searchable access and download."

  • Key work search by: categories, subcategories, sanctuaries, images for web, images for print, and video



Propaganda to motivate my Javascript students.

http://news.cnet.com/8301-17939_109-10200329-2.html?part=rss&subj=news&tag=2547-1_3-0-5

Browser war centers on once-obscure JavaScript

by Stephen Shankland March 20, 2009 4:00 AM PDT

No comments: