Thursday, June 18, 2009

This is (at least partially) a failure of Risk Analysis. Protection levels were based on the value of a used laptop, not on the costs of dealing with 75,000 irate customers.

http://www.databreaches.net/?p=5598

IE: Bord Gáis customer details on stolen laptops

June 17, 2009 @ 2:05 pm by admin

A laptop computer containing bank account details of 75,000 Bord Gáis customers has been stolen in Dublin.

It is understood the confidential information was held on one of four laptops stolen from the offices of Bord Gáis nearly two weeks ago.

[...]

The computer was not encrypted. [Not required if no sensitive data is on the laptop. Bob]

The incident occurred early on Friday 5 June when the Bord Gáis offices in Dublin and a number of adjacent offices were burgled.

Read more on RTÉ.


(Related) “We're secure as long as the hackers are under 12-years old.”

http://www.databreaches.net/?p=5602

JFY Networks reports security breach

June 17, 2009 @ 2:16 pm by admin

A Boston-based non-profit organization that provides job training, JFYNetWorks, has notified (pdf) the New Hampshire Attorney General’s Office last week of a recent incident:

We recently learned of the possible unauthorized access as part of what appears to have been part of a larger attack [??? Bob] on our organization, which occurred on June 3, 2009. The attacker gained access to one of our website applications, which was inadvertently accessible over the Internet, and proceeded to post obscene and inaccurate messages on our website (www.jfynetworks.org) and alter archived JFY press releases. That same day, the attacker sent email messages to three (3) of our program applicants (none of whom were New Hampshire residents) claiming that he had been able to acquire their personal information, including Social Security number, mailing address, email address, and in some cases, telephone number.

Information applicants would submit via the web site included names Social Security numbers, mailing addresses, and in some cases, telephone numbers and email addresses.



The other side of Identity Theft – once you have the information you have to ensure the data is valid, then you can turn it into serious cash.

http://voices.washingtonpost.com/securityfix/2009/06/an_odyssey_of_fraud.html

An Odyssey of Fraud

Andy Kordopatis is the proprietor of Odyssey Bar, a modest watering hole in Pocatello, Idaho, a few blocks away from Idaho State University. Most of his customers pay for their drinks with cash, but about three times a day he receives a phone call from someone he's never served -- in most cases someone who's never even been to Idaho -- asking why their credit or debit card has been charged a small amount by his establishment.

Kordopatis says he can usually tell what's coming next when the caller immediately asks to speak with the manager or owner.

"That's when I start telling them that I know why they're calling, and about the Russian hackers who are using my business," Kordopatis said.

The Odyssey Bar is but one of dozens of small establishments throughout the United States seemingly picked at random by organized cyber criminals to serve as unwitting pawns in a high-stakes game of chess against the U.S. financial system. This daily pattern of phone calls and complaints has been going on for more than a year now. Kordopatis said he has talked to the company that processes his bar's credit card payments about fixing the problem, but says they can't do anything because he hasn't actually lost any money from the scam.


(Related) It's an industry. (I should have jumped on this business model years ago.)

http://www.databreaches.net/?p=5590

Security experts uncover one-stop botnet marketplace

June 17, 2009 @ 10:52 am by admin

Researchers have uncovered a fully-functional marketplace for the building and selling of botnets.

Security firm Finjan said that the site allows criminals to obtain everything from malware and data, to networks of infected PCs.

Yuval Ben-Itzhak, chief technology officer at Finjan, described the new site an “eBay for stolen data”.

“It is basically a hacker-to-hacker platform to provide everything you want, ” he said. “You do not need to go elsewhere. You get everything you need to do the business.”

Read more on vnunet.com. The Finjan report can be found here (pdf).



Another article for the 'Sex & Power' class.

http://www.wired.com/threatlevel/2009/06/email-obscenity/

Appeals Court Backs Prison for E-Mail Obscenity

By David Kravets June 17, 2009 8:30 pm

Sharing an obscene sexual fantasy over e-mail is a federal crime that enjoys no protection under the First Amendment, a federal appeals court said Monday, in a decision that drew sharp dissent from one judge and potentially set the stage for a Supreme Court appeal.

In a 10-1 decision, the 4th U.S. Circuit Court of Appeals declined to rehear the case of Dwight Whorley, a Virginia man whose criminal trial marked two firsts for the American justice system:

the first conviction for possession of obscene Japanese manga, and

the first for authoring pornographic fiction and sending it over e-mail.

“Whorley violated criminal statues regulating obscenity,” Judge Paul Niemeyer wrote for the majority, “and his convictions may not be forgiven because his conduct was prompted by his sexual fantasies.”

But in a lengthy dissent, Judge Roger Gregory urged the Supreme Court to take up the case and reverse it.

“I am hard-pressed to think of a better modern day example of government regulation of private thoughts than what we have before us in this case: convicting a man for the victimless crime of privately communicating his personal fantasies to other consenting adults,” Gregory wrote.



Why does Harvard hate the RIAA? Or are these the bare facts?

http://yro.slashdot.org/story/09/06/18/0311216/Harvard-Study-Says-Weak-Copyright-Benefits-Society?from=rss

Harvard Study Says Weak Copyright Benefits Society

Posted by samzenpus on Thursday June 18, @04:56AM from the free-is-good dept. internet

An anonymous reader writes

"Michael Geist summarizes an important new study on file sharing from economists Felix Oberholzer-Gee and Koleman Strumpf. The Harvard Business School working paper finds that given the increase in artistic production along with the greater public access conclude that "weaker copyright protection, it seems, has benefited society." The authors' point out that file sharing may not result in reduced incentives to create if the willingness to pay for "complements" such as concerts or author speaking tours increases."



Another TED talk. How media works today?

http://www.ted.com/talks/clay_shirky_how_cellphones_twitter_facebook_can_make_history.html#top

Talks Clay Shirky: How Twitter can make history

While news from Iran streams to the world, Clay Shirky shows how Facebook, Twitter and TXTs help citizens in repressive regimes to report on real news, bypassing censors (however briefly). The end of top-down control of news is changing the nature of politics.



“We're your Congress. We listen to you and we love you. We know you really, really hate Real ID, so we're gonna change the name! There! All better now.”

http://www.pogowasright.org/?p=218

Is the REAL ID Revival Bill, “PASS ID,” a National ID?

Although CDT and others were quick to praise S. 1261, “PASS ID,” Jim Harper of Cato Institute is not enthused:

On balance, REAL ID and PASS ID are peas in a pod. They are both aimed at being practically required. The plan under both is for everyone who has a driver’s license to have a nationally standardized, REAL-ID-type license.



This interest me. I've long suggested that the Internet, with it's suggestion of anonymity, would be fertile ground for Psych research. This appears to be a tech approach to that end. I went to http://monitter.com/#, typed in a topic and randomly selected a 'test subject' With a bit more work, this could be very dangerous... (Attention NSA?)

http://news.cnet.com/8301-17939_109-10266918-2.html

TweetPsych: This is your brain on Twitter

by Josh Lowensohn June 17, 2009 5:51 PM PDT

We've covered several utilities that have found fun and creative ways to analyze Twitter messages, but TweetPsych takes the cake. This one looks at your past 1,000 Twitter posts and gives you a "psychological" profile, including how much you talk about yourself, work, money, and "negative emotions."

… In an introductory blog post about the tool, creator Dan Zarrella says the it works by cross-referencing the words and phrases you use in your tweets to two different dictionaries that are sorted into various psychological profiles. It then scores you in each category based on the results of other TweetPsych users. This makes it less about psychology and more about your personal lexicon, but the results are still quite fun.



Spare time eliminator.

http://www.wired.com/culture/culturereviews/magazine/17-06/st_tubes

Wired Guide to the Tubiverse, From SimTube to PotTube

By Steven Leckart 05.22.09

Turns out the Internet really is a mess of tubes. This summer marks the third anniversary of the YouTube explosion, [Seems like forever... Bob] and since the site's epic takeover of all things video, a server-farm-load of specialized copycats has swiped its sobriquet. Got time to waste? Go tubing. Here's a sample of what you'll find. Warning: Some of these sites show a lot more than adorable puppies.



Tools & Techniques

http://www.makeuseof.com/tag/fix-unreadable-cds-or-dvds-in-windows/

How To Read Scratched CDs or DVDs In Windows

Jun. 17th, 2009 By Karl L. Gechlik

… That’s right, kiddies! I have an awesome free program that attempts to get your data back for you lickity split! Here’s how you can read and retrieve all the data from scratched CDs and DVDs.

To start my testings, I whipped out an old spindle of CDs circa 2003. These things were scratched to high hell and they worked (a little) in my CD-ROM but not reliably.

Next, I downloaded Roadkil’s Unstoppable Copier version 3.56 from here: http://www.roadkil.net/program.php?ProgramID=29 and simply ran it without installation.

… If your disc is broken beyond repair, or at least, that’s what you think — then read Varun’s post on How To Repair Damaged CD’s Or DVD’s & Recover Data. You’re bound to learn something new.



Tools & Techniques Because no one uses Google to its fullest

http://www.makeuseof.com/dir/googleguide-how-to-really-use-google/

GoogleGuide: Learn How To Really Use Google

GoogleGuide is an online interactive tutorial site that can show you how to really use Google. It provides tips, tricks and tutorials on making Google search easier and effective for novices, experts and everyone else.

No comments: