Tuesday, November 03, 2009

There should be an MBA class on mitigating the cost of a security breach.

http://www.databreaches.net/?p=8083

Heartland Payment Systems Reports Third Quarter Financial Results

November 3, 2009 by admin Filed under Breach Incidents, Financial Sector

Heartland Payment Systems, Inc. announced a GAAP net loss of $13.6 million or ($0.36) per share for the three months ended September 30, 2009. Results for the quarter are after $35.6 million (pre-tax), or $0.59 per share, of various expenses, accruals and reserves, all of which are attributable to the processing system intrusion, including charges related to settlement offers made by the Company in attempts to resolve certain processing system intrusion related claims and settlements of certain claims deemed to be likely to be agreed upon in the near future based upon discussions between the Company and the claimants.

(emphasis added by me).

Read more on Business Wire.



Clearly this is malware that “escaped into the wild” or maybe that's what we're supposed to think?

http://www.databreaches.net/?p=8080

New Trojan encrypts files but leaves no ransom note

November 3, 2009 by admin Filed under Malware

Elinor Mills reports:

Symantec is warning about a new Trojan horse that encrypts files on compromised computers but offers no ransom note like other software designed to hold data hostage for a fee.

Instead, a Web search for terms related to the Trojan horse leads to a company offering a way to remove the malware. The company offering the product used to charge for it but now offers it for free.

Read more on Cnet.



Using Cloud Computing you can dramatically reduce time, but cost rises exponentially.

http://it.slashdot.org/story/09/11/03/0053230/Cracking-PGP-In-the-Cloud?from=rss

Cracking PGP In the Cloud

Posted by kdawson on Tuesday November 03, @05:17AM from the distant-thunder dept.

pariax writes

"So you wanna build your own massively distributed password cracking infrastructure? Electric Alchemy has published a writeup detailing their experiences cracking PGP ZIP archives using brute force computing power provided by Amazon EC2 and a distributed password cracker from Elcomsoft."

[From the article:

Unfortunately, on a fast dual core Windows7 box we were looking at something like 2100 days to brute force a reasonably long complex passphrase for these PGP ZIPs.

… Clearly each additional character of password length adds a significant amount of cost to the brute forcing effort. One might speculate that an average corporate adversary could quite easily come up with ~$50K USD to brute an 11 character simple password, but struggle to find the $1.5M USD to brute a 12 character simple password.



Lest you thought new technologies were more “hacker proof”

http://arstechnica.com/apple/news/2009/11/dutch-hacker-holds-jailbroken-iphones-hostage-for-5.ars

Dutch hacker holds jailbroken iPhones "hostage" for €5

One Dutch hacker managed to find and hack into jailbroken iPhones, though it seems the hacker was more interested in a few euros than malicious ends. However, the incident is another reminder that users of jailbroken iPhones need to be more vigilant about security.

By Chris Foresman Last updated November 2, 2009 4:27 PM CT

… The hacker relied on unchanged root passwords to hack into the phones [Users never learn (or read the manual) Bob]



Patent weirdness. I thought it might be because “humans” were prior art,

http://www.wired.com/threatlevel/2009/11/genes/

Judge OKs Challenge to Human-Gene Patents

By David Kravets November 2, 2009 8:11 pm

… The first-of-its-kind lawsuit by the American Civil Liberties Union and the Public Patent Foundation at the Benjamin Cardozo School of Law claims that the patents violate free speech by restricting research.



Think of all the things the government makes us buy now. Auto insurance, Drinking water (once they pollute ground water), etc. This is unique only in that it require everyone to purchase something.

http://www.pogowasright.org/?p=4940

Health insurance mandate alarms some

November 2, 2009 by Dissent Filed under Govt, Legislation, U.S.

David G. Savage reports:

Among some libertarians and conservatives, the most troubling aspect of the pending healthcare reform bills is the prospect of a federal requirement that Americans buy insurance.

“What next? Can Congress order you to buy spinach?” asked Roger Pilon, director of constitutional studies at the Cato Institute.

He and other defenders of limited federal power foresee a constitutional challenge to the mandate to buy insurance based on the claim that Congress’ power to regulate commerce does not extend to forcing citizens to buy a commercial product.

Read more in the L.A. Times.



When did anonymous become the equivalent of evil? Shouldn't the test be: Would this be actionable without the anonymity?

http://www.pogowasright.org/?p=4950

ACLU appeals ruling in Review-Journal subpoena case

November 2, 2009 by Dissent Filed under Court, Featured Headlines, Internet

Joan Whitely reports:

Litigation continues about the right to anonymously post disparaging comments online about a Las Vegas-based jury and prosecutor.

The American Civil Liberties Union of Nevada has filed an appeal of federal Judge Kent Dawson’s October decision to not examine the legality of subpoenas served last summer on the Las Vegas Review-Journal to identify who wrote the comments, which had appeared on the newspaper’s Web site.

The government “shouldn’t be permitted to go on a fishing expedition,” the ACLU’s Margaret McLetchie said today on behalf of four anonymous clients who had posted comments. “It took the bravery of the Review-Journal to let the four (John) Does know” that prosecutors were seeking personal information on them, she added. Rarely do subpoena recipients publicize such government efforts to extract information.

The civil rights organization is appealing to have a higher court declare that the two past subpoenas were unconstitutional, even though one was withdrawn and the other has already reaped a harvest of personal data for prosecutors to use in tracking the authors of two specific comments.

In October, Dawson dismissed the ACLU’s effort to intervene as “moot,” or no longer relevant. But the ACLU argues that prosecutors could still be forced by a court to return the data to the newspaper and cease any ongoing search to locate the authors.

Read more in the Las Vegas Review-Journal. More background can be found on the ACLU of Nevada’s web site.



There once was the promise of universal access to knowledge, but we're apparently not yet knowledgeable enough to pull it off.

http://www.time.com/time/business/article/0,8599,1933055,00.html

The Global Antitrust Battle Over Google's Library

By Theo Emery Saturday, Oct. 31, 2009

… The original settlement appeared to be a fait accompli until last summer, when a sleepy copyright case, Authors Guild et al. vs. Google Inc., erupted into an intercontinental brawl. Hundreds of authors and publishers from the Netherlands to New Zealand have written to U.S. District Court Judge Denny Chin, some expressing astonishment and outrage. France and Germany have protested; German Chancellor Angela Merkel singled out Google for criticism in a podcast this month.

… Last month the DOJ dropped perhaps the biggest bombshell. While saying that the settlement could breathe life into millions of unavailable works, the government also said the deal raised "significant legal concerns," and was the target of an antitrust probe.


(Related) I thought cutting off customers was bad. This article suggests you can lose your best content providers too. Apparently there is an audience for a well reasoned opinion. (Some very interesting comments)

http://news.slashdot.org/story/09/11/02/168232/Paywalls-To-Drive-Journalists-Away-In-Addition-To-Consumers?from=rss

Paywalls To Drive Journalists Away In Addition To Consumers?

Posted by ScuttleMonkey on Monday November 02, @12:31PM from the lose-lose-lose dept.

Hugh Pickens writes

"With news organizations struggling and newsroom jobs disappearing, each week brings new calls from writers and editors who believe their employers should save themselves by charging for Internet access. However, in an interesting turnabout, the NY Times reports that Saul Friedman, a journalist for more than 50 years and a columnist for Newsday since 1996, announced last week he was quitting after Newsday decided that non-subscribers to Newsday's print edition will have to pay $5 a week to see much of the site, making it one of the few newspapers in the country to take such a plunge. 'My column has been popular around the country, but now it was really going to be impossible for people outside Long Island to read it,' he says. Friedman, who is 80, said he would continue to write about older people for the site 'Time Goes By.' 'One of the reasons why the NY Times eventually did away with its old "paywall" was that its big name columnists started complaining that fewer and fewer people were reading them,' writes Mike Masnick at Techdirt. 'Newspapers who decide to put up a paywall may find that their best reporters decide to go elsewhere, knowing that locking up their own content isn't a good thing in terms of career advancement.'"


(Related) One would think anything that increased your audience was to be accepted. But then, you have to understand how these things work rather than assume the worst.

http://entertainment.slashdot.org/story/09/11/02/1653246/DVRs-Help-Some-TV-Shows-Improve-Ratings?from=rss

DVRs Help Some TV Shows Improve Ratings

Posted by Soulskill on Monday November 02, @01:55PM from the we've-only-been-telling-them-that-for-a-decade dept.

ubermiester writes

"After years of panicked lawsuits by content providers against TiVo and DVR technology in general, the NYTimes is reporting on yet another lesson for the content providers to learn and then immediately forget: [Great line! Bob] 'Against almost every expectation, nearly half of all people watching delayed shows are still slouching on their couches watching messages about movies, cars, and beer. According to Nielsen, 46 percent of viewers 18 to 49 years old for all four networks taken together are watching the commercials during playback, up slightly from last year.' The article also notes viewership increases 'in the range of 7 to 12 percent, with some shows having increases of more than 20 percent when DVR ratings are added. The four networks together are averaging a 10 percent increase."


(Related) Another unintended consequence.

http://tech.slashdot.org/story/09/11/02/1821232/Pirate-Bay-Closure-Sparked-P2P-Explosion?from=rss

Pirate Bay Closure Sparked P2P Explosion

Posted by ScuttleMonkey on Monday November 02, @03:22PM from the can't-stop-the-signal-mal dept.

Barence writes to share that the closure of The Pirate Bay seems to have done nothing to stem the flow of potentially copyrighted materials. In fact, there has been an estimated 300% increase in the number of sites providing access to copyright files, according to McAfee.

"In August, Swedish courts ordered that all traffic be blocked from Pirate Bay, but any hope of scotching the piracy of music, software and films over the web vanished as copycat sites sprung up and the content took on a life of its own. 'This was a true "cloud computing" effort,' the company said in its Threats Report for the third quarter. 'The masses stepped up to make this database of torrents available to others.'" [And as happens whenever “the masses” is mentioned, they got their own political party. Bob]



I'm not sure this is where the FTC wanted the discussion to go, but that's never stopped the RIAA or MPAA before.

http://arstechnica.com/telecom/news/2009/11/paramount-pictures-over-five-million-copies-of-star-trek-stolen.ars

5 million Star Trek pirates vs. 1 FCC broadband plan

Paramount Pictures says the widespread availability of a bootleg version of Star Trek means it needs to get tough on Internet users and websites, maybe even Google, Yahoo, and Bing. But what does this have to do with the FCC's national broadband plan? Everything, says Paramount.

By Matthew Lasar Last updated November 2, 2009 8:10 AM CT



You know, with the right tweaks to an AI program, we could make a bunch of money in the God business.

http://news.yahoo.com/s/ap/20091102/ap_on_re/us_rel_church_online;_ylt=AiZeyxs4vWTfDX6Vq.9D4q6s0NUE;_ylu=X3oDMTFoNnRzN2E4BHBvcwMxMzQEc2VjA2FjY29yZGlvbl90ZWNobm9sb2d5BHNsawNpbnRlcm5ldGJlbGk-

Internet believers: Pastors open online churches

… The World Wide Web has become the hottest place to build a church. A growing number of congregations are creating Internet offshoots that go far beyond streaming weekly services.

The sites are fully interactive, with a dedicated Internet pastor, live chat in an online "lobby," Bible study, one-on-one prayer through IM and communion.

No comments: