Saturday, May 09, 2009

Do you get the impression Berkeley doesn't check the logs after they set their security?

http://tech.yahoo.com/news/ap/20090508/ap_on_hi_te/us_tec_uc_data_theft

Hackers breach UC Berkeley computer database

By JASON DEAREN, Associated Press Writer - Fri May 8, 2009 3:05PM EDT

SAN FRANCISCO -

University of California, Berkeley, officials said Friday that hackers infiltrated restricted computer databases, putting at risk health and other personal information on 160,000 students, alumni and others.

… The server breach occurred on Oct. 6, 2008, and lasted until April 9, when campus staff performing routine maintenance found messages the school said were left by the hackers.

"Evidence uncovered to date suggests that this attack was launched by highly skilled criminal operations based overseas," the school said.

Former and current students did not receive e-mail notification of the hacks until Friday morning. The university said it took forensic technology experts until April 21 to figure out which databases were hacked.

… In March 2005, a thief walked into a UC Berkeley office and swiped a computer laptop containing personal information on nearly 100,000 alumni, graduate students and past applicants.

And six months earlier, a computer hacker gained access to UC Berkeley research being done for the state Department of Social Services. Those files contained personal information of about 600,000 people.



Think the FAA will bother notifying all 'frequent flyers?'

http://www.bespacific.com/mt/archives/021316.html

May 08, 2009

DOT OIG: Review of Web Applications Security and Intrusion Detection in Air Traffic Control Systems

Review of Web Applications Security and Intrusion Detection in Air Traffic Control Systems, May 04, 2009

  • "On May 4, 2009, we issued our report on Federal Aviation Administration (FAA) web applications security and intrusion detection in air traffic control (ATC) systems, requested by the Ranking Minority Members of the full House Transportation and Infrastructure Committee and its Aviation Subcommittee. We found that web applications used in supporting ATC systems operations were not properly secured to prevent attacks or unauthorized access. During the audit, our staff gained unauthorized access to information stored on web application computers and an ATC system, and confirmed system vulnerability to malicious code attacks. In addition, we found that FAA had not established adequate intrusion–detection capability to monitor and detect potential cyber security incidents at ATC facilities. Intrusion–detection systems have been deployed to only 11 (out of hundreds of) ATC facilities. Also, cyber incidents detected were not remediated in a timely manner."



This is going to take some serious interpretation. Is it okay to phish (pretend I'm someone else) as long as I'm wearing my uniform, or am I always a spy? Where will the e-Guantanamo be located? Who is this message directed to – China, North Korea, Osama, my hacker class?

http://news.slashdot.org/article.pl?sid=09/05/08/2219258&from=rss

Law of Armed Conflict To Apply To Cyberwar

Posted by Soulskill on Friday May 08, @07:14PM from the logic-bombs-vs-smart-bombs dept. Security The Military News

charter6 writes

"Gen. Kevin Chilton, the head of STRATCOM, just declared that the Law of Armed Conflict will apply to cyberwar, and that the US won't rule out conventional (read: kinetic) responses to cyber-attacks. This means that we consider state-supported 'hackers' to be subject to the Geneva Conventions and Customary International Law, including the rules of proportionality and distinction (i.e. if we catch them, we can try them for war crimes). [What is a cyberwar crime? Bob] Incidentally, it also means we consider non-state cyber-attackers to be illegal enemy combatants, which means we can do all kinds of nasty stuff to them."



Think of this as the government's playbook. They've already implemented the simple stuff (school closings) wait for the harder ones like mandatory flu shots...

http://www.bespacific.com/mt/archives/021312.html

May 08, 2009

CRS: The 2009 Influenza A(H1N1) Outbreak: Selected Legal Issues

CRS Report - The 2009 Influenza A(H1N1) Outbreak: Selected Legal Issues - May 4, 2009: "Recent human cases of infection with a novel influenza A(H1N1) virus have been identified both internationally and in the United States. Since there has been human to human transmission and the new virus has the potential to become pandemic, it is timely to examine the legal issues surrounding this emerging public health threat. This report provides a brief overview of selected legal issues including emergency measures, civil rights, liability issues, and employment issues."



Could Microsoft have thought any other way? Call it the curse of monopolistic culture.

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9132732

Mozilla, Opera blast Microsoft over IE8 upgrade practice

Opera wants the EU to make Microsoft download other browsers to PCs with Windows Update

By Gregg Keizer

May 8, 2009 (Computerworld) Browser makers Mozilla and Opera accused Microsoft yesterday of force feeding Internet Explorer 8 (IE8) to users with Windows Update and silently changing the default browser on PCs.

Both companies, which make Firefox and Opera, respectively, are involved in the European Union's antitrust action against Microsoft, which was accused in January of "shielding" IE from competition by bundling the browser with Windows.



Close to my idea for replacing how charities are funded, but with some clear flaws...

http://news.cnet.com/8301-17939_109-10236893-2.html?part=rss&subj=news&tag=2547-1_3-0-5

Kachingle to 'sprinkle' dollars to online publishers

by Mats Lewan May 8, 2009 2:43 PM PDT

Newspaper and content providers on the Internet are getting increasingly antsy about how to make money. Kachingle announced its solution in February, and it has gained so much interest, the founders say, that the launch is being delayed while the team builds out the service so it can support what they think will be a popular offering.

Here's the basic idea of Kachingle: Users contribute a small amount, currently $5.00 per month, voluntarily. On registration, they indicate which content sites they like and want to support. At the end of the month, their monthly fee is distributed to their sites, based on how much time they spent on each site.



Another free DVD burner. (Can you have too many?)

http://www.makeuseof.com/tag/how-to-create-a-dvd-from-any-video-file/

How to Create a DVD from Any Video File

May. 8th, 2009 By Tim Watson

It used to be true that, to produce a DVD, one must have expensive equipment and machinery. Thanks to some nifty free software, the creation of a DVD suitable for play in your home theater is not only possible, but simple.

Today I’ll be showing you how to use the free DVD Flick to convert just about any video files to DVD format. DVD Flick supports a huge number of audio and video file formats. You may create DVDs from avi, vob, iso, wmv, mp4 and even Flash video (FLV) so that you may preserve that YouTube pirated movie cute cat video for generations.



For certain Internet workaholics (you know who you are...)

http://minutesplease.com/

Minutes Please

Control your web time.

No comments: