Sunday, November 08, 2009

Who says New Yorkers aren't innovative? I've never seen this type of Data Breach before. We'll have to be careful if the Rockies go on another run...

http://www.databreaches.net/?p=8154

Private paperwork found in Yankee parade confetti

November 7, 2009 by admin Filed under Business Sector, Exposure, Financial Sector, Government Sector, Healthcare Sector, Of Note, U.S.

Julia reports:

The half ton of recycled confetti provided to buildings lining the Canyon of Heroes in downtown Manhattan for the Yankees’ victory parade yesterday turned out not to be enough for some people to show their enthusiasm. Medical records, financial statements, pay stubs, law firm invoices and court records were found in the fifty tons of paper trash left behind.

Office workers from buildings lining the route got a little too enthusiastic and started throwing paperwork out of their windows. The records that were found included unshredded files from A.L. Sarroff, Goldman Sachs, and the Bronx Supreme Court, as well as medical test reports, some with identifying information and Social Security numbers which would make identity theft remarkably easy. Some of their more sensible colleagues threw toilet paper.

Read more in the Village Voice.



Here's one to give your CEO a heart attack (once you've explained it to him)

http://www.pcworld.com/article/181467/vendors_scrambling_to_fix_bug_in_nets_security.html

Vendors Scrambling to Fix Bug in Net's Security

Robert McMillan, IDG News Service Nov 5, 2009 1:10 am

… The flaw lies in the SSL protocol, best known as the technology used for secure browsing on Web sites beginning with HTTPS, and lets attackers intercept secure SSL (Secure Sockets Layer) communications between computers using what's known as a man-in-the-middle attack.

… Although the flaw can only be exploited under certain circumstances, it could be used to hack into servers in shared hosting environments, mail servers, databases, and many other secure applications, according to Chris Paget, a security researcher who has studied the issue.

[From the Blog:

Assuming all the conditions are right (and we’ll get back to that) at best it allows an attacker to inject an arbitrary request into an SSL-protected stream. It does not allow you to decrypt data, it does not allow you to read any information back, it does not allow you to inject into the returning stream of data.



For your Security Manager NOTE: The PDF includes links to many free online removal tools

http://tech.slashdot.org/story/09/11/08/0233248/Test-of-16-Anti-Virus-Products-Says-None-Rates-Very-Good?from=rss

Test of 16 Anti-Virus Products Says None Rates "Very Good"

Posted by timothy on Saturday November 07, @10:20PM from the keeps-the-av-people-in-business-though dept.

An anonymous reader writes

"AV-Comparative recently released the results of a malware removal test in which they evaluated 16 anti-virus software solutions. The test focused only on the malware removal/cleaning capabilities, therefore all the samples used were ones that the tested anti-virus products were able to detect. The main question was if the products were able to successfully remove malware from an already infected/compromised system. None of the products performed at a level of 'very good' in malware removal or removal of leftovers, based on those 10 samples."

[Test results (PDF):

http://www.av-comparatives.org/images/stories/test/removal/avc_removal_2009.pdf



Well, as long as everyone agrees...

http://yro.slashdot.org/story/09/11/08/0010243/WIPO-Committee-Presentations-Show-Nuanced-View-of-Copyright?from=rss

WIPO Committee Presentations Show Nuanced View of Copyright

Posted by timothy on Saturday November 07, @07:14PM from the at-least-given-the-context dept.

AtomicJake writes

"As the World Intellectual Property Organization (WIPO) is known for a very rigid course combating counterfeiting and piracy in general, it comes as a surprise that during a meeting of the WIPO Advisory Committee on Enforcement, several presenters have shown nuanced views on the economics of enforcing intellectual property rights. Combating clothing piracy might not be beneficial for the welfare of a developing country. Most surprising is the presentation of WIPO Chief Economist (PDF) Carsten Fink, which says that illegal copies of software may actually be beneficial even for consumers of the original goods. Also the piracy of audio-visual goods creates not only losses but also benefits for e.g. hardware manufacturers. Maybe this is because Mr. Fink wrote the presentation before joining WIPO?"



A good side-by-side. I wish I could say a good plan, but that might be asking too much.

http://www.bespacific.com/mt/archives/022749.html

November 07, 2009

WSJ - Health-Care Reform Proposals Comparison Chart

Follow up on previous postings on health care reform, from WSJ.com - Health-Care Reform Proposals - "Compare health-care legislation taking shape in the House and Senate as President Barack Obama pushes to overhaul the system. Details are still being negotiated and any final health care bill would have to meld proposals from the House and Senate."



Completely unrelated? More about a learning curve than technological breakthroughs.

http://news.cnet.com/8301-27083_3-10392954-247.html?part=rss&subj=news&tag=2547-1_3-0-20

How much would you pay to see your future?

by Elizabeth Armstrong Moore November 7, 2009 1:38 PM PST

My dad used to say technology is advancing so quickly that, by the time a product reaches market, it is already obsolete. [Nonsense. Bob] Moreover, if you wait just a little longer, you can pay a lot less. The sequencing of the human genome takes the advancement of technology, and its fast reduction in cost, to an entirely new level.

The Human Genome Project, which officially completed the mind-boggling achievement of sequencing Jim Watson's genome in 2006, carried the equally mind-boggling price tag of $3 billion. If I may be so bold as to use that word thrice in one paragraph, even more mind-boggling is that a company called Complete Genomics has just sequenced three human genomes for $4,400 in materials, with an error rate of less than one base in 100,000.



I don't have much of a SPAM problem (except through my University emails) but I hear other do. Perhaps this will help?

http://www.makeuseof.com/tag/5-ways-to-protect-hide-your-email-to-stop-receiving-spam/

5 Ways to Protect & Hide Your Email to Stop Receiving Spam

Nov. 7th, 2009 By Tina



For my Computer Forensics students. It may be better to make our own version.

http://tech.slashdot.org/story/09/11/08/1340208/Microsoft-COFEE-Leaked?from=rss

Microsoft COFEE Leaked

Posted by Soulskill on Sunday November 08, @09:05AM from the not-so-hot-cofee-incident dept.

54mc writes

"Crunchgear reports that Microsoft's long-searched-for forensics tool, COFEE, has been leaked. The tool started on a small, private tracker, but has since worked its way to The Pirate Bay. Not all those who have gotten hold of it are enthused, and reviews have ranged from 'disappointing' to 'useless.' From the article: 'You have absolutely no use for the program. It's not something like Photoshop or Final Cut Pro, an expensive application that you download for the hell of it on the off-chance you need to put Dave Meltzer's face on Brett Hart's body as part of a message board thread. No, COFEE is 100 percent useless to you.'"

No comments: