http://www.databreaches.net/?p=2250
Visa confirms RBS WorldPay also placed on probation
March 13, 2009 by admin
… In the meantime, I have obtained the following statement by Visa that confirms that, like Heartland Payment Systems, RBS WorldPay has also been placed on probation by Visa:
So, what did they do wrong? Apparently, NOTHING!
http://www.databreaches.net/?p=2256
RBS WorldPay statement
March 13, 2009 by admin
In response to my request for a statement, a spokesperson for RBS WorldPay sent this statement:
… Visa has asked us to obtain a new certification of PCI compliance because of the recent data-security compromise. Visa has removed us from its list of approved PCI-compliant processors until the new certification is complete. Our goal is to have a new ROC by the end of April.
There have been no material system changes that would have negatively altered this certification and we have in fact enhanced the security of our systems in the interim. Because of the criminal intrusion, we need to be recertified earlier than the normal schedule.
Note that again, Heartland assures us they were also PCI compliant. Maybe that isn't enough?
http://www.databreaches.net/?p=2269
Statement from Heartland Payment Systems
March 13, 2009 by admin
Just sent to me by HPS:
… Heartland was certified as PCI-DSS compliant in April 2008 and expects to continue to be assessed as PCI-DSS compliant in the future. We’re undergoing our 2009 PCI-DSS assessment now, which Heartland believes will be complete no later than May 2009 and will result in Heartland, once again, being assessed as PCI-DSS compliant.
Interesting but not very strong article on various views of privacy.
http://www.pogowasright.org/article.php?story=20090314061813405
'Privacy' doesn't matter to those seeking to control you (commentary)
Saturday, March 14 2009 @ 06:18 AM EDT Contributed by: PrivacyNews
The right to privacy is a very big deal in this country.
Well, at least when it comes to abortion. In other areas, not so much. Call it the selective right to privacy.
Source - newburyportnews.com
Consider a world where it takes a drunk only a few minutes to do this...
http://www.ntnews.com.au/article/2009/03/13/38995_ntnews.html
Public sector crippled by 'lovesick' hacker
EMILY WATKINS March 13th, 2009
A MAN who crashed the Territory Government's computer system - costing taxpayers $1.2 million - was drunk and upset his fiancee had broken off their engagement, a court has heard.
… In submissions from his lawyer Tom Berkley and prosecutor Paul Usher yesterday, the court heard that McIntosh hacked into the system on his workmate's computer, using her password.
He was living with her in May, 2008, when he logged into government servers and deleted 10,475 user accounts from the Health Department, hospital, prison and Supreme Court servers.
Mr Usher said 130 experts were needed to find the problem and fix it. [“After an exhaustive analysis, we determined that the missing accounts had been deleted.” Or maybe they were looking for the backup files... Bob]
He said it took five days for the systems to be restored, costing the government $1,253,750.
...now consider a world where entire divisions of hackers, funded by a hostile government, and after years of studying and mapping our infrastructure decide to attack.
Government Needs To Get Its Cybersecurity In Gear, Experts Tell Congress
Security industry leaders agree that White House should lead revamped cybersecurity effort
Mar 10, 2009 06:17 PM By Tim Wilson DarkReading
Some of the nation's top cybersecurity experts today told a congressional subcommittee that the United States isn't ready for a major online attack, and called on the White House and the rest of the federal government to get their acts together.
“We will better serve our customers if we make our product useless.”
http://news.cnet.com/8301-13578_3-10196424-38.html?part=rss&subj=news&tag=2547-1_3-0-5
Amazon invokes DMCA against Kindle e-books from other vendors
by Declan McCullagh March 13, 2009 8:00 PM PDT
… This week, an e-book Web site said Amazon.com invoked the 1998 law to prevent books from some non-Amazon sources from working on its Kindle reader.
Amazon sent a legal notice to MobileRead.com complaining that information relating to a computer utility written in the Python programming language "constitutes a violation" of the DMCA, according to a copy of the warning letter that the site posted. MobileRead.com is an e-book news and community site.
MobileRead.com forum moderator Alexander Turcic said in a post on Thursday that although he did not believe the program violated the law, the site would "voluntarily follow their request and remove links and detailed instructions related to it." Turcic said that, contrary to Amazon's claim, his site never "hosted" the software.
… Kindlepid.py and a related piece of accompanying Python code don't allow piracy. Rather, they accomplish something akin to the opposite: they allow legally-purchased books from other e-book stores to be used on the Kindle. (Amazon owns MobiPocket, one of those stores. Another would be OverDrive.com, which counts schools and libraries as customers.)
… A copy of a MobileRead.com Wiki page -- now empty -- saved in Google's cache says Kindlepid.py allows you to "obtain books from sites that use DRM (Digital Rights Management - encryption) on their books for specific devices. This includes book sellers and public libraries." It provides instructions on how to install and use the software.
MobileRead.com readers with Kindles were not pleased with Amazon. "What this script does is make the Kindle more useful," wrote JS Reed. "With Amazon using the DMCA to get rid of this, they are alienating their customers and causing prospective customers to purchase a different device."
And the Kindlefix.py code is already being mirrored, including in a post on Slashdot.org. [No doubt people will download the code only for academic research... Bob]
“Strategy” should include the fact checking that comes from “looking out the window”
http://yro.slashdot.org/article.pl?sid=09/03/14/0150223&from=rss
RIAA Argument About Streaming To Be Streamed
Posted by Soulskill on Saturday March 14, @12:06AM from the who-streams-the-streamers dept. The Courts Music
NewYorkCountryLawyer writes
"You may recall that in an RIAA case, SONY BMG Music v. Tenenbaum, the district court ruled that an oral argument about the constitutionality of statutory damages could be streamed, and the RIAA has been fighting that with a petition for 'mandamus or prohibition' in the appeals court, which is opposed by the press. Interestingly, it now turns out that the appeals court's oral argument about the streaming will itself be recorded and then streamed. It is hard to imagine how a court which routinely streams its own oral arguments can rule that it is somehow inappropriate for similar oral arguments in the district court to be streamed as well."
Looks like Funk & Wagnalls will need to re-write their definition. Next we can re-define libel to include birthday wishes to anyone over 65.
http://yro.slashdot.org/article.pl?sid=09/03/13/1542206&from=rss
Libel Suits OK Even If Libel Is Truthful
Posted by ScuttleMonkey on Friday March 13, @02:46PM from the tap-dancing-on-the-slippery-slope dept.
Defeat Globalism writes to tell us that many journalists, bloggers, and media law specialists are concerned about a new ruling by a US Court of Appeals in Boston. The new ruling is allowing a former Staples employee to sue the company for libel after an email was sent out informing other employees that he had been fired for violations of company procedures regarding expenses reimbursements.
"Staples has asked the full appeals court to reconsider the ruling, and 51 news organizations have filed a friend-of-the-court brief saying that the decision, if allowed to stand, 'will create a precedent that hinders the media's ability to rely on truthful publication to avoid defamation liability.' But Wendy Sibbison, the Greenfield appellate lawyer for the fired Staples employee, Alan S. Noonan, said the ruling applies only to lawsuits by private figures against private defendants, that is, defendants not involved in the news business, over purely private matters."
This is the future. Carry your corporate desktop on a thumb drive (or laptop.) Anywhere you plug in, you have complete access to the same applications and data you would have if you lived in your office. Security should be a big consideration, but not impossible.
http://www.killerstartups.com/Web-App-Tools/ringcube-com-the-home-of-vdesk
RingCube.com - The Home Of vDesk
http://www.ringcube.com/portal/content/
Cloud computing has evolved since the time people first pondered it. It has grown in such proportions that new and useful applications are being built constantly to take advantage of online storage.
If you’re looking for a useful remote computing solution, then you’re going to love Ringcube.com. On the site, you’ll be able to read and set up an account to use the company’s innovative vDesk application. This will allow all of your company’s employees to access a remote desktop that launches applications and files from any computer. Why do you want to do this? Well, for one, there are so many reasons why your employees might not be able to come into the office, that it’s great to give them a tool that allows them to access their files and applications from any computer. It also boosts productivity, as work will always be one click away.
If all of this sounds interesting, then you’re going to want to check out the company’s site. It’s filled with information on pricing and product variations that will make sure you find just what you’re looking for.
This seems to work well (and I can never resist “free.”) I found a number of papers describing Computer Security Capstone Projects (which I'm working on at the moment.)
http://singlefunction.com/docjax/
DocJax
DocJax is a search engine for documents, which allow you to search documents and e-book from everywhere, preview them and even download them for free.
For those of you with 42 inch monitors? (Justification for a new monitor?) I might use this in class, since the projectors generate a large enough image...
http://www.killerstartups.com/Web-App-Tools/maxto-net-maximizing-your-monitor
MaxTo.net - Maximizing Your Monitor
MaxTo is a small windows app that will allow you to maximize the way in which you make daily use of your monitor space. It isn’t uncommon for someone to need to visualize several active windows at once. Sure, for this simple purpose one may simply click and drag from the edges and arrange things according to his likes. However, this can prove to be quite time consuming and (to be perfectly honest) quite annoying if you are the sort of person who likes to switch things around a lot.
To fulfil that purpose MaxTo comes to the rescue. To put it quite simply, what it does is to split your monitor into different regions. These regions will then each become a 'maximizable' space, to put it in a sort of invented word. What happens is that from now on every time you try to maximize a window when you are above a specific region it will only maximize to the size of that region you had previously determined. In this way you may easily and quickly handle the size and appearance of all your windows. Sometimes one is bedazzled by the sher simplicity of an app and yet how cunning it can be.