Saturday, April 18, 2009

Soon your computer will do everything for you, except open the pod bay door...

http://news.cnet.com/8301-17939_109-10222414-2.html?part=rss&subj=news&tag=2547-1_3-0-5

Gmail now knows who you want to e-mail

by Josh Lowensohn April 17, 2009 2:15 PM PDT

Google's Gmail Labshas just rolled out a useful, but mildly creepy feature that gives you suggestions on who you should e-mail based on previous conversations.


Related What other fun things can Google do?

http://www.techcrunch.com/2009/04/16/google-maps-now-shows-views-from-webcams/

Google Maps Now Show Views From Webcams

by Erick Schonfeld on April 16, 2009

The latest layer to be turned on in Google Maps is one for webcams. Just click on the “More” button on the top right of each map right next to the “Traffic” button. When you do that, it shows you thumbnails from different public Webcams around the world as tracked by Webcams.travel.

You don’t see an actual video, just the most recent still image captured by the Webcam.



This seems a bit far out, but then I'm having trouble seeing any other use for Twitter and its ilk. (Are they recommending using Twitter to communicate or Twitter-taping users to find terrorist wanna-bes?

http://www.upi.com/Emerging_Threats/2009/04/16/Social-media-tools-could-support-security/UPI-74281239924717/

Social-media tools could support security

Published: April 16, 2009 at 7:31 PM

WASHINGTON, April 16 (UPI) -- National Defense University researchers are encouraging the U.S. Defense Department to develop a strategy to use social media to strengthen national security.

… "If you work in national security, some of these things happening in other countries may affect your job or mission. What's happening over the past couple years is people in other countries are using Facebook, Twitter and blogs to organize. In some cases, even when government security knew it was happening, they were overwhelmed by the amount of people who show up."



This is interesting. Someone actually got it right?

http://yro.slashdot.org/article.pl?sid=09/04/17/1710205&from=rss

Looking Back at Copyright Predictions

Posted by ScuttleMonkey on Friday April 17, @01:48PM from the 20-20-hindsight dept.

Techdirt has an interesting look back at some of the more interesting predictions on copyright. The article looks at two different pre-DMCA papers and compare them to what has happened in the world of copyright.

"The second paper is by Pamela Samuelson, and it discusses (again, quite accurately) the coming power grab by "copyright maximalists" via the DMCA, entitled The Copyright Grab. It clearly saw the intention of the DMCA to remove user rights, and grant highly questionable additional rights and powers to copyright holders in an online world. Samuelson lays out many concerns about where this is headed -- including how these proposals appear to trample certain fair use rights -- and in retrospect, her fears seem to have been backed up by history. Samuelson, by the way, has just written a new paper that is also worth reading pointing out how ridiculous current copyright statutory rates are -- an issue of key importance in the ongoing Tenebaum lawsuit, which (thankfully) the judge in the case is going to consider."


Related? This could have been a Liberal theme, but the RIAA was there first with big contributions.

http://news.slashdot.org/article.pl?sid=09/04/17/2041208&from=rss

Swedish Pirate Party Gains 3000 Members In 7 Hours

Posted by ScuttleMonkey on Friday April 17, @05:33PM from the unintended-consequences dept. Politics

An anonymous reader writes

"Due to outrage over the verdict in The Pirate Bay trial, the Swedish Pirate Party has gained 3000 members in less than 7 hours. It is now bigger than 3 of the 7 parties represented in the Swedish parliament. 'Ruling means that our political work must now be stepped up. We want to ensure that the Pirate Bay activities — to link people and information — is clearly lawful. And we want to do it for all people in Sweden, Europe and the world, continues Rick Falk Vinge. We want it to be open for ordinary people to disseminate and receive information without fear of imprisonment or astronomical damages.'"



Never point out the flaws in a politician's reasoning – wait for some 12-year-old to do it for you.

http://news.cnet.com/8301-1023_3-10222512-93.html?part=rss&subj=news&tag=2547-1_3-0-5

YouTube's legal end-run irks Korean officials

by Stephen Shankland April 17, 2009 3:23 PM PDT

Google's advice on sidestepping a South Korean law against anonymous YouTube video postings and comments doesn't seem to be sitting well with some of the country's authorities.

Google, citing free-speech concerns, on Monday said it will comply with the Korean law--but by prohibiting uploads and comments rather than by requiring people to verify their identities. And it told people they could work around the constraint by visiting another country's version of the video-sharing site.

Now the backlash is beginning to set in, according to one Korean media report.

"Korea Communications Commission network policy official Hwang Cheol-jeung says that the commission will be examining whether or not Google has engaged in illegal activities in any of the various services it operates in South Korea," the Hankyoreh reported Friday, saying that could include many more Google activities than just YouTube.

[“You made us look dumb. Now we must look for something so we can get even. We've been too lazy to do this before, and we're probably not smart enough to find anything, so we'll have to make something up.” Bob]



A tool for addressing my fans... Just as soon as I get some. Or perhaps I could record a seminar...

http://www.killerstartups.com/Web-App-Tools/procaster-com-showcase-who-you-are

ProCaster.com - Showcase Who You Are

http://www.procaster.com/

Procaster is a unique desktop application that is completely integrated with the Mogulus streaming service, an online video broadcast solution. This solution stands as a player that you can use to start streaming live. Linear and on-demand content can be streamed as well.

… This solution allows users to broadcast live, and broadcast virtually anything at that. Games, webcams and desktops are fully accounted for. This tool is very simple and it can be used by many people.



Ethics and the White hat Hacker Club

http://news.cnet.com/8301-1009_3-10222373-83.html?part=rss&subj=news&tag=2547-1_3-0-5

Teen Twitter worm writer gets job, spreads new worm

by Elinor Mills April 17, 2009 2:02 PM PDT

The teenager who takes credit for the worms that hit Twitter earlier this week has been hired by a Web application development firm and on Friday released a fifth worm on the microblogging site, he said.

… Mooney is not the first hacker to have parlayed online stunts into profit.

… Rowland said he plans to help guide Mooney away from pranks and toward a promising career as a white hat hacker.



Tool for my website students

http://news.cnet.com/8301-17939_109-10222664-2.html?part=rss&subj=news&tag=2547-1_3-0-5

DoInk lets you draw, animate in your browser

by Josh Lowensohn April 17, 2009 5:49 PM PDT

DoInk is a free online drawing and animation tool that runs right in your browser. You can treat it like Microsoft Paint and use it to do just a quick doodle, or take advantage of its layer cloning and vector-based designs to create relatively advanced animations.



Toys for my students. (I want the USB Panic Button)

http://news.cnet.com/8301-17939_109-10222031-2.html?part=rss&subj=news&tag=2547-1_3-0-5

How to hide your tracks at work

by Don Reisinger April 18, 2009 6:00 AM PDT

We all spend some of our time at work doing things that have nothing to do with our job. We surf the Web. We play games. Sure, we all need our downtime, and the enlightened manager knows that. But still, we'd rather just surf in private than deal with the raised eyebrows.

That's why we need ways to ensure that when our boss surprises us or sneaks up behind us, she'll think that we're actually working. Here's a list of apps and services that help.

Friday, April 17, 2009

Rule 56: Data Breaches are always bigger than initial reports suggest.

http://www.databreaches.net/?p=3127

(Update) Laptop theft from Vavrinek, Trine, Day and Co. reportedly affected 50 banks

April 17, 2009 by admin Filed under: Business Sector, Financial Sector, Subcontractor, Theft, U.S.

Add Mission Bank to what may become a whole list of banks affected when six laptops were stolen from accounting firm Vavrinek, Trine, Day and Co. on or about March 5. Borrego Bank was the first bank we learned about. Now Mission Bank, which reports that it first learned about the theft on April 1, reports that it notified all of its customers. According to a news report by James Chilton of the Kingman Daily Miner, Mission Bank president Darrell Lautaret “noted that the compromised data includes that of roughly 50 other banks. In the month and a half since the burglary, he said none of the banks involved has reported any incidence of related identity theft.”

Even so, one wonders whether data on customers from all approximately 50 banks were left unencryped on the stolen laptops, and if so, what the banks’ agreements with the accounting firm required in terms of security.



I love it! This is the first such lawsuit I've seen. Do you suppose there was any language addressing this in their contract/service agreement?

http://www.databreaches.net/?p=3118

LA: Lawsuit filed over data theft

April 17, 2009 by admin Filed under: Business Sector, Hack, ID Theft, U.S.

Joe Gyan Jr. of The Advocate http://www.2theadvocate.com/news/43149297.html:

A Baton Rouge seafood restaurant from which more than 1,800 patron credit card numbers were stolen in April 2008 is suing the providers of its computers and software.

On the Half Shell, which has one eatery on Bluebonnet Boulevard and another in Prairieville, claims Acadiana-based Computer World Inc. and Radiant Systems Inc. of Georgia should have been able to prevent the thefts.

[...]

The suit says the thieves gained access to the credit card data via the remote access software — PC Anywhere — sold, installed and maintained by the defendants.

Read more in The Advocate.

[From the article:

The suit alleges there were “inadequate security measures and/or precautions in place to prevent attackers from gaining access’’ to the Radiant Aloha point-of-sale system at the Bluebonnet location.

The suit also says there was no firewall in place in the POS systems at the time of the compromise, and that no anti-virus software was installed in the POS terminals.

The suit alleges negligence, fraud, breach of contract, and breach of express and implied warranties.


Unfortunately, I see this far too often.

http://www.databreaches.net/?p=3124

(Follow-up) UK: Human error blamed for data loss

April 17, 2009 by admin Filed under: Healthcare Sector, Lost or Missing, Non-U.S.

A health trust did not take adequate steps to prevent the loss of a memory stick with data on 6,360 prisoners and ex-prisoners, a report has said.

The USB stick was being used to back up clinical databases at HMP Preston when it was lost on 30 December.

A report found that human error was to blame, but that procedures on data security had not been adhered to.

NHS Central Lancashire said it had taken action and reminded staff of their responsibilities.

The data lost was encrypted but the password had been written on a note which was attached when it was misplaced. The USB stick has not been found.

Read more on BBC



Convergence of IP Law and Computer Law?

http://news.slashdot.org/article.pl?sid=09/04/16/1945246&from=rss

The Long-Term Impact of Jacobsen v. Katzer

Posted by timothy on Thursday April 16, @06:00PM from the stabs-in-the-dark dept. The Courts GNU is Not Unix Software Patents

snydeq writes

"Lawyer Jonathan Moskin has called into question the long-term impact last year's Java Model Railroad Interface court ruling will have on open source adoption among corporate entities. For many, the case in question, Jacobsen v. Katzer, has represented a boon for open source, laying down a legal foundation for the protection of open source developers. But as Moskin sees it, the ruling 'enables a set of potentially onerous monetary remedies for failures to comply with even modest license terms, and it subjects a potentially larger community of intellectual property users to liability.' In other words, in Moskin's eyes, Jacobsen v. Katzer could make firms wary of using open source software because they fear that someone in the food chain has violated a copyright, thus exposing them to lawsuit. It should be noted that Moskin's firm has represented Microsoft in anti-trust litigation before the European Union."



Attention records managers! When your DVDs fail, so do your backups?

http://blog.wired.com/gadgets/2009/04/cracked-netflix.html

Netflix Subscribers See Red Over Cracked Blu-ray Discs

By Priya Ganapati April 16, 2009 7:15:33 PM



More than a common blogger ranter, this was Google's privacy guy in Europe.

http://www.pogowasright.org/article.php?story=20090416083949746

The Cloud: policy consequences for privacy when data no longer has a clear location

Thursday, April 16 2009 @ 08:39 AM EDT Contributed by: PrivacyNews

Cloud Computing has become one of the more influential tech trends of our day. The Cloud is roughly analogous to remote computing, where computing and storage move away from your personal device to servers run by companies. A simple example might be online photo albums, which allow users to move their pictures off personal computers and into a secure and accessible space on the Web. Some Cloud services, like Hotmail, have been around for roughly a decade. And others have appeared since; almost all of Google's services, for example, run in the Cloud. As these services become more widely used, it's important to ask how our privacy laws and regimes should deal with this new phenomenon.

Source - Peter Fleischer



Personal surveillance tools are popular.

http://www.atthebreach.com/blog/want-to-see-what-other-people-txt-dont-fall-for-it/

Want to see what other people TXT? Don’t Fall For It.

Websense has recently detected a new scam aimed at infecting systems with malware. The scam includes an email that tells people that by clicking a link and installing and application, they can see other peoples SMS messages. So slooths and wood be snoops are in danger of infection if they aren’t careful.



IT Governance: What do you mean, you don't have a strategy/policy/procedure? What will you do when Al Gore comes calling?

http://hardware.slashdot.org/article.pl?sid=09/04/16/1819206&from=rss

Why IT Won't Power Down PCs

Posted by timothy on Thursday April 16, @02:42PM from the sheer-cussedness dept. Power Businesses The Almighty Buck IT

snydeq writes

"Internal politics and poor leadership on sustainable IT strategies are among the top reasons preventing organizations from practicing proper PC power management — to the tune of $2.8 billion wasted per year powering unused PCs. According to a recent survey, 42 percent of IT shops do not manage PC energy consumption simply because no one in the organization has been made responsible for doing so — this despite greater awareness of IT power-saving myths, and PC power myths in particular. Worse, 22 percent of IT admins surveyed said that savings from PC power management 'flow to another department's budget.' In other words, resources spent by IT vs. the permanent energy crisis appear to result in little payback for IT."



Mostly patting themselves on the back, but eventually, non-encrypted drives will be the exception and inability to access the data (I forgot my pass-phrase) will become increasingly common.

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9131684

Full disk encryption comes to SSDs for mobile devices, laptops

Dell adds encrypted drives to its Latitude line of laptops

By Lucas Mearian

April 16, 2009 (Computerworld) Samsung Electronics Co. announced today it is shipping its first self-encrypting solid-state disk (SSD) drives.

… Full disk encryption (FDE) is already a standard feature on some desktop and laptop hard disk drives, including Seagate's Momentus 5400 FDE.2 laptop drive.



Not a popular decision with the commenters. Perhaps the courts will permit this some day...

http://news.slashdot.org/article.pl?sid=09/04/17/0423250&from=rss

Appeals Court Says RIAA Hearing Can't Be Streamed

Posted by timothy on Friday April 17, @01:39AM from the may-not-is-more-like-it dept. The Courts

NewYorkCountryLawyer writes

"The US Court of Appeals for the First Circuit has overturned a lower court order permitting webcast of an oral argument in an RIAA case, SONY BMG Music Entertainment v. Tenenbaum, in Boston. As one commentator put it, the decision gives the RIAA permission to 'cower behind the same legal system they're using to pillory innocent people.' Ironically, the appeals court's own hearing had been webcast, via an mp3 file. The court admitted that this was not an appropriate case for a 'prerogative writ' of 'mandamus,' but claimed to have authority to issue a writ of 'advisory mandamus.' The opinion came as a bit of a surprise to me because the judges appeared, during the oral argument, to have a handle on the issues. The decision gave me no such impression. From where I sit, the decision was wrong in a number of respects, among them: (a) it contradicted the plain wording of the district court rule, (b) it ignored the First Amendment implications, and (c) there is no such thing as 'advisory' mandamus or 'advisory' anything — our federal courts are specifically precluded from giving advisory opinions."



Another unpopular verdict. Their criteria seem to include Google, browsers, storage manufacturers, etc.

http://yro.slashdot.org/article.pl?sid=09/04/17/110235&from=rss

Pirate Bay Trial Ends In Jail Sentences

Posted by timothy on Friday April 17, @07:10AM from the even-non-commercial-use dept. The Courts

myvirtualid writes

"The Globe and Mail reports that the Pirate Bay defendants were each sentenced Friday to one year in jail. According to the article, 'Judge Tomas Norstrom told reporters that the court took into account that the site was "commercially driven" when it made the ruling. The defendants have denied any commercial motives behind the site.' The defendants said before the verdict that they would appeal if they were found guilty. 'Stay calm — Nothing will happen to TPB, us personally or file sharing whatsoever. This is just a theater for the media,' Mr. Sunde said Friday in a posting on social networking site Twitter."

[From the article:

The court found the defendants guilty of helping users commit copyright violations "by providing a website with ... sophisticated search functions, simple download and storage capabilities, and through the tracker linked to the website."



Support for my “pay by the drink” business model for media.

http://news.cnet.com/8301-1023_3-10221501-93.html?part=rss&subj=news&tag=2547-1_3-0-5

Google bringing pay-per-view to YouTube

by Stephen Shankland April 16, 2009 2:51 PM PDT

So far, YouTube has been a free, advertising-supported service, but Google plans to build payment mechanisms into its video-sharing site.

"With respect to how it'll get monetized, our first priority is on the advertising side. We do expect over time to see micropayments and other forms of subscription models coming as well," said Google Chief Executive Eric Schmidt after the company reported first-quarter profits Thursday. "We'll be announcing additional things in that area literally very, very soon."


Related. I think dropping cable for content on the Internet will be a “big thing” this year. This might be a project for the Hacker Club.

http://www.popularmechanics.com/technology/how_to/4313545.html

How to Ditch Your Cable Provider Without Giving Up on TV

Let's face it. You don't like your cable provider (here's why). Yet the average American cable subscriber pays more than $700 per year on subscription fees. But with the right combination of antenna and Internet streaming sources, you can get the shows and movies you like without the expense.

By Glenn Derene Published in the May 2009 issue.



Another possible Hacker Club project. Locate, acquire, analyze, defeat? Mostly the FBI trying to convince someone (congress?) that they're cool.

http://it.slashdot.org/article.pl?sid=09/04/17/0534232&from=rss

The Secret History of the FBI's Classified Spyware

Posted by timothy on Friday April 17, @08:12AM from the but-we-just-want-to-peek dept. Security Privacy United States

An anonymous reader writes

"A sophisticated FBI-produced spyware program has played a crucial behind-the-scenes role in federal investigations into extortion plots, terrorist threats and hacker attacks in cases stretching back at least seven years, according to newly declassified documents obtained by Wired.com. The so-called 'computer and internet protocol address verifier,' or CIPAV, is delivered through links to websites controlled by the FBI, and it silently reports back to a government server in Virginia. Among other cases, the FBI used it to track a Swedish hacker responsible for cracking thousands of computers at national labs and NASA's JPL in 2005."

[From the article:

As first reported by Wired.com, the software, called a "computer and internet protocol address verifier," or CIPAV, is designed to infiltrate a target's computer and gather a wide range of information, which it secretly sends to an FBI server in eastern Virginia. The FBI's use of the spyware surfaced in 2007 when the bureau used it to track e-mailed bomb threats against a Washington state high school to a 15-year-old student. [Clearly not new, certainly not sophisticated. Bob]

… The documents, which are heavily redacted, do not detail the CIPAV's capabilities, but an FBI affidavit in the 2007 case indicate it gathers and reports a computer's IP address; MAC address; open ports; a list of running programs; the operating system type, version and serial number; preferred internet browser and version; the computer's registered owner and registered company name; the current logged-in user name and the last-visited URL.



Did you ever want to be a twit? If so, be a good one.

http://www.killerstartups.com/Web20/tweepmeup-com-all-there-is-to-know-about-twitter

TweepMeUp.com - All There Is To Know About Twitter

http://tweepmeup.com/

This website aims to let you know “everything there is to know about Twitter”. In order to do so, it includes a host of Twitter tips, tricks and free downloads.

… On the other hand, links to worthwhile Twitter tools and resources like the TweetMyBlogWP plugin and Twitter’s info pack are included and prominently displayed.


Related, Celebrity Twit?

http://news.cnet.com/8301-17939_109-10222030-2.html?part=rss&subj=news&tag=2547-1_3-0-5

Twitter's big day? Here comes Oprah

by Stephen Shankland April 17, 2009 7:26 AM PDT



Is this type of service useful? No one Evites me anywhere, but the wife forwarded one recently because in included directions.

http://news.cnet.com/8301-17939_109-10220916-2.html?part=rss&subj=news&tag=2547-1_3-0-5

10 Evite alternatives: The good and the bad

by Don Reisinger April 16, 2009 4:45 PM PDT

I recently used Evite to send invitations for a party … Overall, I was pleased … the site's user interface made it too complicated … there's no Evite app on Facebook nor Twitter integration

... So I set out to find some alternatives to Evite to see if they could provide a better service.



“Big fleas have little fleas upon their backs to bite them, and little fleas have lesser fleas, and so ad infinitum.” This could be an interesting test for my web site students...

http://news.cnet.com/8301-17939_109-10221086-2.html?part=rss&subj=news&tag=2547-1_3-0-5

National Geographic's Infinite Photograph will mesmerize you

by Josh Lowensohn April 16, 2009 2:32 PM PDT

National Geographic has a fun new feature called the Infinite Photograph that takes over 300,000 photos collected from its archives and submitted by users, and turns them into a giant photo mosaic. It lets you zoom in infinitely, making your way deeper into each photo as it breaks down into smaller photos of various colors.

Thursday, April 16, 2009

Isn't there a risk (to your credibility) if you don't tell the press?

http://www.databreaches.net/?p=3095

North Carolina breach data, 2007- March, 2009

April 15, 2009 by admin Filed under: Breach Reports, U.S.

Between January 2007 and March 19, 2009, North Carolina received 231 notifications of breaches under their breach reporting requirements. NC’s statute includes breaches involving paper records as well as electronic records, but only breaches requiring notification of 1,000 individuals or more must be reported to NC’s Consumer Protection Division of the Attorney General’s Office. Hence, smaller breaches are not included in these statistics.

In response to a request, NC provided a summary log of all incidents, which I have uploaded to this site, here (.xls). Inspection of their summary indicates a number of breaches that had not been reported in the media.

The Open Security Foundation has requested the underlying documents for the breaches reported in the log and will be uploading the documents to their Primary Sources files.



I know these tend to run together, but didn't I point to this about two weeks ago?

http://www.identitytheftblog.info/identity-theft/data-breach-organized-crime/1366

Rise in Data Breaches, Organized Crime Involved

April 15th, 2009 Rob Douglas

… Today, Verizon has released this year’s edition of the report - the 2009 Verizon Business Data Breach Investigations Report examining data breaches that occured in 2008.

[The Report: http://www.verizonbusiness.com/resources/security/reports/2009_databreach_rp.pdf



I wonder if some law school students and my tech students could write an article answering this question? Perhaps a series of similar questions: Technology for the Non-Technical Professional? (Note that the comments include many suggestions for storing lawyers...)

http://ask.slashdot.org/article.pl?sid=09/04/15/1743215&from=rss

Online Storage For Lawyers?

Posted by timothy on Wednesday April 15, @02:19PM from the due-diligence-best-practices dept. Data Storage Privacy The Courts

alharaka writes

"I have a relative that has been a lawyer for over two decades. In passing conversation, he revealed to me that he has a great deal of his data stored on floppies. Naturally, as an IT guy, I lost it on him, telling him that a one-dimensional storage strategy of floppies was unacceptable. If he lost those files, his clients would be enraged. Since I do not know much about online data storage for lawyers, I read a few articles I found on Google. A lot of people appear to recommend CoreVault, since a few bar associations, including Oklahoma, officially endorsed them. That is not enough for me. Do any Slashdotters have info on this topic? Do you have any companies you would recommend for online data storage specifically for lawyers? As a lawyer with recognition in NJ, NY, CA, and DC, are there any rules and regulations you know of regarding such online storage he must comply with? I know IT and not law. I am aware this is not a forum for legal advice, but do any IT professionals who work for law firms know about such rules and regulations?"



How to win friends (and new customers) and influence people (wait... are politicians people?)

http://www.pogowasright.org/article.php?story=20090416052030434

Se: ISP sabotages file sharing law

Thursday, April 16 2009 @ 05:20 AM EDT Contributed by: PrivacyNews

Broadband operator Bahnhof has begun destroying the IP address details of its customers in an open and fully legal bid to undermine Sweden's new anti-file sharing laws.

Source - The Local (Sweden)

[From the article:

The new file sharing law is based on the European Union's Intellectual Property Rights Enforcement Directive (IPRED) and allows courts to order internet operators to hand over details that identify suspected illegal file sharers.

As such, the law enables Internet Service Providers (ISPs) to retain the IP addresses of file sharers. But ISPs also remain at liberty to destroy information about their users if they so wish.


How to lose friends and (negatively) influence people.

http://www.pogowasright.org/article.php?story=20090415080553682

UK: Britons lose confidence in insurance company data protection

Wednesday, April 15 2009 @ 08:05 AM EDT Contributed by: PrivacyNews

Recent research undertaken by DQM Group indicates that public confidence in the ability of insurance companies to keep personal data secure has fallen away in the past year. According to the study, only 32.6% of respondents claimed they trusted the insurance industry to look after their personal data. This compares to 62% in 2008 and represents a move from above average to below average, when compared with all sectors.

Source - Insurance Daily



“Surprise, surprise, surprise!” G. Pyle

http://www.pogowasright.org/article.php?story=20090416051600660

N.S.A.’s Intercepts Exceed Limits Set by Congress

Thursday, April 16 2009 @ 05:16 AM EDT Contributed by: PrivacyNews

The National Security Agency intercepted private e-mail messages and phone calls of Americans in recent months on a scale that went beyond the broad legal limits established by Congress last year, government officials said in recent interviews.

Source - NY Times



Wouldn't this fit precisely into the “newspapers are dying” school?

http://www.bespacific.com/mt/archives/021123.html

April 15, 2009

Pew Report - The Internet's Role in Campaign 2008

"Some 74% of internet users--representing 55% of the entire adult population--went online in 2008 to get involved in the political process or to get news and information about the election. This marks the first time that a Pew Internet & American Life Project survey has found that more than half of the voting-age population used the internet to get involved in the political process during an election year. Several online activities rose to prominence in 2008. In particular, Americans were eager to share their views on the race with others and to take part in the online debate on social media sites such as blogs and social networking sites."



For my Computer Security students

http://www.bespacific.com/mt/archives/021116.html

April 15, 2009

Symantec Internet Security Threat Report Volume XIV: April, 2009

"The Symantec Internet Security Threat Report offers analysis and discussion of threat activity over a one-year period. It covers Internet threat activities, vulnerabilities, malicious code, phishing, spam and security risks as well as future trends. The fourteenth version of the report, released April 14, 2009, is now available."



Geeky stuff.

http://books.slashdot.org/article.pl?sid=09/04/15/1327247&from=rss

The Rootkit Arsenal

Posted by samzenpus on Wednesday April 15, @01:53PM from the protect-ya-neck dept. thumbnail

Nicola Hahn writes

"One of the first things I noticed while flipping through this hefty book is the sheer number of topics covered. Perhaps this is a necessity. As the author puts it, rootkits lie "at the intersection of several related disciplines: computer security, forensics, reverse-engineering, system internals, and device drivers." Upon closer inspection, it becomes clear that great pains have been taken to cover each subject in sufficient depth and to present ideas in a manner that's both articulate and well organized. This accounts for the book's girth; it weighs in at roughly 900 pages."

Wednesday, April 15, 2009

Another mystery breach? Why would pharmaceutical companies operate point of sale terminals? Do they mean drugstores? Perhaps something was lost in translation?

http://www.databreaches.net/?p=3066

Five Romanians arrested for hacking into U.S. pharmaceutical companies

April 14, 2009 by admin Filed under: Hack, Healthcare Sector, ID Theft, Malware, U.S.

Dan Kaplan of SC Magazine reports that five people have been arrested for illegally accessing computer systems belonging to unnamed U.S. pharmaceutical companies.

The hackers allegedly installed keylogger software to steal card data on point-of-sales systems.

Lucian Constantin reports that according to a DIICOT press release (in Romanian), the remote administration system used by the companies was the entry point for the hackers. The hacks reportedly began in November 2007. Constantin also reports:

Two of the suspects have received temporary 29-day arrest terms, while the rest have been released after 24 hours. All of them will face charges of unauthorized access to a computer system and intercepting electronic data, performing fraudulent financial operations by utilizing electronic payment methods, as well as money laundering, under Romanian law.

So…. does anyone remember seeing any U.S. pharmaceutical company report a hack/keylogger breach, because I don’t.



Evderyone wants to be Big Brother

http://yro.slashdot.org/article.pl?sid=09/04/15/0055241&from=rss

Mexican Government To Document Cell Phone Use

Posted by Soulskill on Tuesday April 14, @11:36PM from the i'm-sure-criminals-will-oblige dept. Cellphones Government

Alyssey writes

"The Mexican government wants to have a database to track every cellphone number in the country (in Spanish, Google translation) and whom it belongs to. They want to tie in the CURP (Unique Registration Population Code in Spanish, like the Social Security Number in the US) with cellphone numbers. If Mexicans don't send in their number and CURP via SMS before April 10, 2010, their cellphone number will be blocked. The new law was published back in February and is going into effect now."



Which way would you argue?

http://www.pogowasright.org/article.php?story=20090414121136619

Why a national data breach notification law makes sense (commentary)

Tuesday, April 14 2009 @ 12:11 PM EDT Contributed by: PrivacyNews

As we await the 60-day federal cybersecurity review from Melissa Hathaway, acting senior director for cyberspace for the National Security and Homeland Security Councils , there is something else that could be done. It seems to me that the federal government could take another related action to help protect the private information of U.S. citizens while reducing the cost of doing so. In my humble opinion, it is time to create a single federal data breach disclosure law.

Source - Jon Oltsik, on cnet



Perhaps we need to update more than the PCI standard?

http://blog.wired.com/27bstroke6/2009/04/pins.html

PIN Crackers Nab Holy Grail of Bank Card Security

By Kim Zetter April 14, 2009 10:55:00 PM

Hackers have crossed into new frontiers by devising sophisticated ways to steal large amounts of personal identification numbers, or PINs, protecting credit and debit cards, says an investigator. The attacks involve both unencrypted PINs and encrypted PINs that attackers have found a way to crack, according to the investigator behind a new report looking at the data breaches.

… "We're seeing entirely new attacks that a year ago were thought to be only academically possible," says Sartin.

… The revelation is an indictment of one of the backbone security measures of U.S. consumer banking: PIN codes. In years past, attackers were forced to obtain PINs piecemeal through phishing attacks, or the use of skimmers and cameras installed on ATM and gas station card readers. Barring these techniques, it was believed that once a PIN was typed on a keypad and encrypted, it would traverse bank processing networks with complete safety, until it was decrypted and authenticated by a financial institution on the other side.

But the new PIN-hacking techniques belie this theory, and threaten to destabilize the banking-system transaction process.

Information about the theft of encrypted PINs first surfaced in an indictment last year against 11 alleged hackers accused of stealing some 40 million debit and credit card details from TJ Maxx and other U.S. retail networks. The affidavit, which accused Albert "Cumbajohnny" Gonzalez of leading the carding ring, indicated that the thieves had stolen "PIN blocks associated with millions of debit cards" and obtained "technical assistance from criminal associates in decrypting encrypted PIN numbers."

But until now, no one had confirmed that thieves were actively cracking PIN encryption.

… PIN hacks hit consumers particularly hard, because they allow thieves to withdraw cash directly from the consumer's checking, savings or brokerage account, Sartin says. Unlike fraudulent credit card charges, which generally carry zero liability for the consumer, fraudulent cash withdrawals that involve a customer's PIN can be more difficult to resolve since, in the absence of evidence of a breach, the burden is placed on the customer to prove that he or she didn't make the withdrawal.



This will be interesting as hackers force users to proxy... But then ignorance of the technology is no excuse.

http://yro.slashdot.org/article.pl?sid=09/04/14/2234253&from=rss

Using Net Proxies Will Lead To Harsher Sentences

Posted by Soulskill on Tuesday April 14, @07:37PM from the no-word-on-mask-and-cape-penalties dept. Privacy

Afforess writes

"'Proxy servers are an everyday part of Internet surfing. But using one in a crime could soon lead to more time in the clink,' reports the Associated Press. The new federal rules would make the use of proxy servers count as 'sophistication' in a crime, leading to 25% longer jail sentences. Privacy advocates complain this will disincentivize privacy and anonymity online. '[The government is telling people] ... if you take normal steps to protect your privacy, we're going to view you as a more sophisticated criminal,' writes the Center for Democracy and Technology. Others fear this may lead to 'cruel and unusual punishments' as Internet and cell phone providers often use proxies without users' knowledge to reroute Internet traffic. This may also ultimately harm corporations when employees abuse VPN's, as they too are counted as a 'proxy' in the new legislation. TOR, a common Internet anonymizer, is also targeted in the new legislation. Some analysts believe this legislation is an effort to stop leaked US Government information from reaching outside sources, such as Wikileaks. The legislation (PDF, the proposed amendment is on pages 5-15) will be voted on by the United States Sentencing Commission on April 15, and is set to take effect on November 1st. The EFF has already urged the Commission to reject the amendment."



Is this gathering information or just filtering out stuff I don't need? Does the birth of an industry cause the death of another or does the death of an industry cause the birth of another? In either case, shouldn't I know this type of information?

http://www.nytimes.com/2009/04/13/technology/start-ups/13hyperlocal.html?adxnnl=1&adxnnlx=1239796846-VhHKiTLTtmoWRXBJJYSmEQ

Hyperlocal’ Web Sites Deliver News Without Newspapers

By CLAIRE CAIN MILLER and BRAD STONE

Published: April 12, 2009

If your local newspaper shuts down, what will take the place of its coverage? Perhaps a package of information about your neighborhood, or even your block, assembled by a computer.

A number of Web start-up companies are creating so-called hyperlocal news sites that let people zoom in on what is happening closest to them, often without involving traditional journalists.

The sites, like EveryBlock, Outside.in, Placeblogger and Patch, collect links to articles and blogs and often supplement them with data from local governments and other sources. They might let a visitor know about an arrest a block away, the sale of a home down the street and reviews of nearby restaurants.

… Still, said Peter Krasilovsky, a program director at the Kelsey Group, which studies local media, many small businesses have never advertised outside the local Yellow Pages and are an untapped online ad market whose worth his firm expects to double to $32 billion by 2013.



What about the middle-of-the-road extremists?

http://www.bespacific.com/mt/archives/021106.html

April 14, 2009

DHS Reports on Rightwing and Leftwing Extremists



I have strong evidence that this isn't as bad as it sounds. The porn industry hasn't adopted it yet.

http://www.bespacific.com/mt/archives/021105.html

April 14, 2009

EPIC Demands Disclosure of Documents Detailing "Virtual Strip Search" Airport Scanners

"Today, EPIC filed a Freedom of Information Act request demanding disclosure of records detailing airport scanners that take naked pictures of American travelers. Security experts describe the "whole body imaging" scanners as virtual strip searches. The Transportation Security Administration plans to make the scans mandatory at all airport security checkpoints, despite prior assurances that whole body imaging would be optional. EPIC's request seeks documents concerning the agency's ability to store and transmit detailed images of naked U.S. citizens. For more information, see EPIC's Whole Body Imaging page and EPIC's FOIA Litigation Manual."



When you need coordinates for your armed drones...

http://singlefunction.com/tinygeocoder/

TinyGeocoder

TinyGeocoder is a nifty service that translates an address to latitude and longitude coordinates, better known as Geo-coding.



The history of the world according to geeks

http://www.maximumpc.com/article/features/cpu_retrospective_the_life_and_times_x86

A Brief History of CPUs: 31 Awesome Years of x86

Posted 04/14/09 at 12:00:00 PM | by Paul Lilly

Tuesday, April 14, 2009

The fun never stops! (If the banks took no action, can you still blame Heartland?)

http://www.databreaches.net/?p=3047

New fraud reports attributed to Heartland Payment Systems breach

April 14, 2009 by admin Filed under: Financial Sector, Hack, ID Theft, Malware, U.S.

A few weeks ago, Clearstar Financial Credit Union reported that a few dozen of their members had detected fraudulent charges on their cards that began on March 25. Given that lists of possibly compromised card numbers from the Heartland Payment Systems breach had been sent out in January and thereafter, some of us wondered whether the Clearstar report was related to Heartland’s breach or indicated a separate problem. Representatives of Clearstar, when contacted, were unable to determine whether the problem was Heartland-related or not.

But now more credit unions are filing similar reports, and they are being attributed to the Heartland breach, suggesting that either card issuers had not identified all of the compromised numbers when they sent out their alerts, or banks and credit unions may have erred by not cancelling cards. Today, Deneen Smiths of the Kenosha News in Wisconsin reports that 78 customers at Southport Bank in Kenosha started noticing fraudulent debit card charges beginning on April 8 and that other local banks, including the Bank of Kenosha, have also been affected. As in other cases, the card numbers are being used at a variety of locations around the country.

The Bank of Kenosha spokesperson did not indicate whether the fraudulent charges only began in the past few weeks, but the Southport Bank report suggests that we have not heard the last of new fraud reports stemming from the Heartland breach. To date, over 625 banks and credit unions have been identified as having been affected by the breach.



It's amazing how ignorant some people can be. “We don't know...” is as far from a “Best Practice” as you can get.

http://www.thisisleicestershire.co.uk/news/Second-data-blunder-fear/article-899051-detail/article.html

UK: Second data blunder fear

April 14, 2009 by admin Filed under: Government Sector, Insider, Lost or Missing, Non-U.S., Theft

It’s amazing what you don’t find when you finally get around to looking for it. In this story out of the UK, a local council brought in consultants after one data breach, only to discover that their potential problem was bigger than they thought:

…. Charnwood Borough Council admitted it could not find nine missing computers that could contain personal and sensitive information about residents.

It comes after the authority discovered, in August, that a hard drive, holding financial details of thousands of taxpayers, had been stolen by an employee and sold on an internet auction site. [earlier coverage]

Information technology consultants, bought in to beef up the council’s computer security following the theft, believe the missing computers could lead to further data security losses.

The council has said it does not know what information is stored on them.

Read more in the Leicester Mercury.



The solution is simple: The Feds will pass a law making all state privacy laws moot.

http://www.pogowasright.org/article.php?story=20090414051214339

State privacy laws may undercut electronic medical records

Tuesday, April 14 2009 @ 05:12 AM EDT Contributed by: PrivacyNews

A study looks at correlations between stated medical privacy laws and the adoption of electronic record keeping by the hospitals within a state, and finds that an emphasis on privacy may decrease the rate of adoption of electronic systems.

Source - Ars Technica



Finally got everything working the way you want? Don't worry, we can change that!

http://www.tgdaily.com/html_tmp/content-view-42024-140.html

Microsoft preps auto IE8 update amidst dramatic usage share decline

Software By Wolfgang Gruener Monday, April 13, 2009 16:37

Redmond (WA) – As IE8’s adoption rates lag far behind initial expectations, Microsoft prepares its most powerful tool to push the browser out to user computers. The company said that it is preparing an Automatic Update/Windows Update targeting IE6 and IE7 users, which make currently make up about 93% of the IE user base. The update will be published in the third week of April. And we wonder: Can it slow the rapid decline of IE market share?



Another risk of “failure to keep up with technology?”

http://www.pogowasright.org/article.php?story=20090413155347229

The mobile phone as self-inflicted surveillance

Monday, April 13 2009 @ 03:53 PM EDT Contributed by: PrivacyNews

.... This is cogent analysis. Mobile phones and email are used by everyone, including terrorists and other criminals. The data can be instrumental in tracking down criminals, with the caveat that having a bigger haystack does not make it easier to find a needle. But it misses one perverse effect - those who will be stigmatised in the future are those who don't have traffic data retained.

Source - The Register Thanks to Brian Honan for this link.

[From the article:

Mobile phone penetration in Europe reached an average of 111.26 per cent in 2007 according to ITU estimates, while in the UK it was 118.47 per cent.

… Lack of traffic data is what becomes suspicious. There are already two documented cases in Europe where not carrying a mobile phone was considered one of the grounds for arrest.

… Earlier this year, Sir David Omand, a former Cabinet Office security and intelligence coordinator, gave a clear indication of what some in Whitehall have on their wish-list:

[A]pplication of modern data mining and processing techniques does involve examination of the innocent as well as the suspect to identify patterns of interest for further investigation.[...] Finding out other people's secrets is going to involve breaking everyday moral rules. So public trust in the essential reasonableness of UK police, security and intelligence agency activity will continue to be essential.



Another overreach?

http://www.pogowasright.org/article.php?story=20090413132308649

Computer Science Student Targeted for Criminal Investigation for Allegedly Sending Email

Monday, April 13 2009 @ 01:23 PM EDT Contributed by: PrivacyNews

A Boston College computer science student has asked a Massachusetts court to quash an invalid search warrant for his dorm room that resulted in campus police illegally seizing several computers, an iPod, a cell phone, and other technology.

The Electronic Frontier Foundation (EFF) is representing the student, who has petitioned the court for the immediate return of his property and is demanding that investigators be prohibited from any further searches or analysis of his digital data. Massachusetts State Police participated in the search and are overseeing the forensic analysis of the seized property.

"This search warrant is invalid, as there is no probable cause that a crime was committed at all," said EFF Civil Liberties Director Jennifer Granick. "Every day this student's private information is in the hands of the police department, he suffers harm to his property interests and his constitutional rights."

The dorm room search stemmed from an investigation into who sent an email to a Boston College mailing list alleging that another student was gay. [Is this a crime in Massachusetts? Bob] Police say they know who sent the email and that the sender committed the crimes of "obtaining computer services by fraud or misrepresentation" and obtaining "unauthorized access to a computer system." However, nothing presented by the investigating officer to obtain the warrant, including the allegation that the student sent the email to the mailing list, could constitute the cited criminal offenses.

Some of the supposedly suspicious activities listed in support of the search warrant application include: the student being seen with "unknown laptop computers," which he "says" he was fixing for other students; the student uses multiple names to log on to his computer; and the student uses two different operating systems, [Bill Gates made that a crime? Bob] including one that is not the "regular B.C. operating system" but instead has "a black screen with white font which he uses prompt commands on."

"The police used inapplicable criminal laws as a basis for a fishing expedition to determine the author of an anonymous email," said EFF Senior Staff Attorney Matt Zimmerman. "Now, this student has been suspended from his job, and he is without a laptop and other devices he needs to do his schoolwork. His private communications and papers are in the hands of police who are searching for evidence without just cause. Even his cell phone and iPod were taken, clearly an overreach if the goal is tracking the source of an email."

The motion to quash the search warrant was filed with assistance from Fish & Richardson attorneys Adam Kessel, Lawrence Kolodney, and Tom Brown. No court date has been set yet to hear the motion.

For the full motion for emergency relief:
http://www.eff.org/files/filenode/inresearchBC/CalixteMotEmergencyRelief.pdf

For more on this case: http://www.eff.org/cases/re-matter-search-warrant-boston-college

Source - EFF Press Release



Privacy is not an asset, therefore privacy has no value Privacy can not be damaged, so even if it had value, that value could not be reduced.

http://www.pogowasright.org/article.php?story=20090413115820305

Ruiz v. Gap: Increased Risk of ID Theft Not Damages

Monday, April 13 2009 @ 11:58 AM EDT Contributed by: PrivacyNews

In a previous post this blog noted that a California Federal District Court denied a motion to dismiss a data breach negligence claim based on a lack of “damages.” Despite the partial “victory,” the Court had also suggested that the damages issue might not survive a motion for summary judgment. Well, the Court made its own prediction come true in a recent ruling.

On April 4, 2009, the court issued a decision indicating that an increased risk of identity theft did not rise to the level of harm necessary to maintain a negligence claim.

Source - InfoSec Compliance


Related? Perhaps privacy creates a barrier (of rights?) you should not breach?

http://www.pogowasright.org/article.php?story=20090413120312965

CO: Judge says Weld County went too far in seizing tax documents

Monday, April 13 2009 @ 12:03 PM EDT Contributed by: PrivacyNews

A Colorado judge ruled today that Weld County officials went too far in their investigation of ID theft by illegal immigrants when they seized federal income tax documents as part of their investigation. The ACLU had gotten involved in this case because of the seizure of tax return records from Amalia's Translation and Tax Services in Greeley.

The Associated Press has more here.



Blogging is not always good for your health.

http://yro.slashdot.org/article.pl?sid=09/04/14/0216237&from=rss

South Korean Financial Blogger Faces 18 Months of Prison

Posted by Soulskill on Tuesday April 14, @02:14AM from the how-much-prison-time-for-a-tweet dept. Government

eldavojohn writes

"A South Korean blogger named Park Dae-sung has been arrested and charged with destabilizing foreign markets by blogging about declining companies. This is the same blogger who predicted the economic downturn that has been experienced the world over. The Korean Times offers more information on the community college graduate and the accusations levied against him."

Several readers have also sent in news that Omidreza Mirsayafi, an Iranian blogger arrested and imprisoned for his writings earlier this year, has now died in custody.



This is slick. (Sorry about the lawyer joke... NOT!)

http://www.bespacific.com/mt/archives/021094.html

April 13, 2009

Patient’s Guide to HIPAA: How to Use the Law to Guard your Health Privacy

"The Patient's Guide to HIPAA is the first comprehensive guide to medical privacy written expressly for patients with a practical eye as to how to use the law to protect privacy. It is a major privacy resource for patients, written directly and without legalese. The Patient's Guide to HIPAA is easy to navigate and digest; the guide is in the form of Frequently Asked Questions & Answers. All of the key points in HIPAA are included, from the 7 basic patient rights to how and when to get copies of health care records. Difficult situations that patients often encounter are included in the guide. The Patient's Guide to HIPAA was written by Robert Gellman, with assistance from Pam Dixon, John Fanning, and Dr. Lewis Lorton."

[From the guide:

Why Are the Notices Long and Boring?

One answer is that the rule is long and complicated. Another answer is that lawyers write many of the notices. Often, lawyers write like...lawyers, and the results are sometimes complete, precise, and in the end, incomprehensible.



For my Data Mining students

http://www.bespacific.com/mt/archives/021102.html

April 13, 2009

Center for Responsive Politics now provides 20 years of downloadable money-in-politics data--for free

News release: "Today the nonpartisan Center for Responsive Politics is putting 200 million data records from the watchdog group's archive directly into the hands of citizens, activists, journalists and anyone else interested in following the money in U.S. politics. For the first time in CRP's 26-year history, the nonprofit research group's most popular data archives are fully and freely downloadable for non-commercial purposes from the Center's website, OpenSecrets.org--a four-time Webby winner for best politics site online. OpenSecrets.org will remain the go-to independent source for most users interested in tracking money's political influence and, in fact, the site has some new general-interest features as of today. With today's announcement, skilled data-divers can explore the information that's already aggregated on OpenSecrets.org to its full depth. Web developers and database experts can grab federal money-in-politics data that CRP's researchers have standardized and coded, and mash it up with other data sets. Timelines, charts, maps, other graphics and mobile applications are just some of the projects that could result--all powered by CRP's unparalleled data."



For my stone-age readers?

http://tech.msn.com/products/article.aspx?cp-documentid=18764894

Getting Face-to-Face with Facebook

By Ian Cooley, State Street

… If you haven’t yet had a chance to catch up with the Facebook phenomenon, this Facebook primer is for you.



For gosh sake, don't tell Al Gore! He'll need to revise his PowerPoints!

http://www.tgdaily.com/content/view/42006/181/

Harvard astrophysicist: Sunspot activity correlates to global climate change

General Sciences By Rick C. Hodgin Friday, April 10, 2009 13:12

Monday, April 13, 2009

It's only the first of many amendments we'll eventually ignore.

http://www.pogowasright.org/article.php?story=20090412064427972

FL: FBC blogger feels privacy was violated

Sunday, April 12 2009 @ 06:44 AM EDT Contributed by: PrivacyNews

A formerly anonymous blogger says his First Amendment and privacy rights may have been violated when authorities revealed his identity to First Baptist Church in Jacksonville.

Police, the State Attorney's Office and a state law enforcement expert disagree.

But experts on criminal investigations, electronic privacy rights and constitutional law say the First Baptist case at the very least raises valid free speech and privacy questions.

Source - Jacksonville.com

[From the article:

Also disputed is whether the detective who identified and outed the blogger acted unethically because he belongs to the downtown megachurch and the security detail of its pastor, the Rev. Mac Brunson.


This is what an open debate is all about, isn't it? You will never convince me to change my point of view, but you can convince all of my readers than I'm nuts, stupid, or the devil. (It also pays to carefully listen to your audience – something big chain newspapers seem to have forgotten.)

http://news.slashdot.org/article.pl?sid=09/04/12/1152222&from=rss

In Defense of the Anonymous Commenter

Posted by Soulskill on Sunday April 12, @09:44AM from the seems-familiar dept. The Media The Internet

Hugh Pickens writes

"Doug Feaver has an interesting story in the Washington Post 'in defense of the anonymous, unmoderated, often appallingly inaccurate, sometimes profane, frequently off point and occasionally racist reader comments that washingtonpost.com allows to be published at the end of articles and blogs.' Feaver says that during his seven-year tenure as editor and executive editor of washingtonpost.com he kept un-moderated comments off the site, but now, four years after retiring, he says he has come to think that online comments are a terrific addition to the conversation, and that journalists need to take them seriously. 'The subjects that have generated the most vitriol during my tenure in this role are race and immigration,' writes Feaver. 'But I am heartened by the fact that such comments do not go unchallenged by readers. In fact, comment strings are often self-correcting and provide informative exchanges.' Feaver says that comments are also a pretty good political survey. 'The first day it became clear that a federal bailout of Wall Street was a real prospect, the comments on the main story were almost 100 percent negative. It was a great predictor of how folks feel, well out in front of the polls. We journalists need to pay attention to what our readers say, even if we don't like it. There are things to learn.'"


Related This is a bad area to propagandize poorly. Get it right or you can really tick people off. (and how do you find quotes from the Koran in favor of Gordon Brown?

http://tech.slashdot.org/article.pl?sid=09/04/13/0243229&from=rss

UK To Train Pro-West Islamic Groups To Game Google

Posted by timothy on Monday April 13, @05:53AM from the raisins-not-virgins dept. Google Politics

Hugh Pickens writes

"The British government's Office of Security and Counter-Terrorism (OSCT), a 200-strong Home Office unit created 18 months ago, has said in meetings it wants to 'flood the internet' with 'positive' interpretations of Islam and plans to train government-approved groups in search engine optimization techniques, which it is hoped will boost their profile online and battle radicalization. A Home Office spokesman confirmed search engine optimization training is part of the government's anti-radicalization strategy. 'In order to support mainstream voices, we work with local partners to help develop their communication, representational and leadership skills. This support could include media training, which can help make their voices heard more widely, and support the development of skills which allow communities to be more effective in debate.' However the effectiveness of search engine optimization in reducing traffic to extremist websites has been dismissed by academics. A report produced by the International Centre for the Study of Radicalisation (ICSR) said young Muslims were much more likely to be directed to extremist material online by web forums and offline associates than by Google or other search engines. 'Tweaking the results for supposedly extremist terms would be largely ineffectual, not least because it is unlikely that any but the most callow wannabe terrorist would use a mainstream search engine to find banned material.'"


Related? How would Google ensure that it was me? I always upload using my alter-ego – a mild-mannered law school professor...

http://www.pogowasright.org/article.php?story=20090413060903198

Google disables uploads, comments on YouTube Korea over privacy clampdown

Monday, April 13 2009 @ 06:09 AM EDT Contributed by: PrivacyNews

Google has disabled user uploads and comments on the Korean version of its YouTube video portal in reaction to a new law that requires the real name of a contributor be listed along each contribution they make.

Source - Macworld

[From the article:

In response to the requirements Google has stopped users from uploading via its Korean portal rather than start a new registration system.

"We have a bias in favor of freedom of expression and are committed to openness," said Lucinda Barlow, a spokeswoman for YouTube in Asia. "It's very important that if users want to be anonymous that they have that chance."

But while the move obeys the letter of the law it skirts around the spirit of it by allowing users based in South Korea to continue uploading and commenting on YouTube by switching their preference setting to a country other than Korea.



http://www.thaindian.com/newsportal/tech-news/17-year-old-claims-responsibility-for-twitter-worm_100178605.html

17-year-old claims responsibility for Twitter worm

April 12th, 2009 - 1:46 pm ICT by admin

Brooklyn, NEW YORK (BNO NEWS) — Mikeyy Mooney, the 17-year-old creator of StalkDaily.com from Brooklyn, has admitted responsibility for the Twitter worm that rapidly spread through Twitter on Saturday, stating in an email to BNO News, “I am aware of the attack and yes I am behind this attack.”

Twitter users were infected by simply visiting an infected users Twitter page.

… The code behind the attack was linked to by TechCrunch commenter James Cox: http://gist.github.com/93782. Looking through the code, it doesn’t appear to capture user passwords.


Related

http://twittercism.com/howto-remove-stalkdaily/

HOWTO: Remove StalkDaily.com From Your Infected Twitter Profile (UPDATED)

Saturday, April 11th, 2009 at 1:28 pm

The issue on Twitter has now been rectified but please read and take the steps below if you are infected. For tips on how you can protect yourself in the future from these exploits, go here. For help on removing the Mikeyy worm, go here.



Hoist on their own petard? Remember my plan for a “utilities-to-the-door” organization that would sell providers access on a per customer basis. Avoids all this “I'm the only game in town so I can do whatever I want” thinking.

http://news.slashdot.org/article.pl?sid=09/04/12/2044244&from=rss

Time Warner Transfer Caps May Inspire Fair-Price Legislation

Posted by Soulskill on Sunday April 12, @05:11PM from the what-have-you-got-against-monopolies dept.

Time Warner's recently announced plan to expand their broadband transfer caps to new markets drew heavy criticism, which prompted their attempt to smooth things over with a ridiculously expensive "unlimited" plan. That wasn't enough for New York Representative Eric Massa, who now says he will draft legislation to "curb tiers, particularly in areas where a broadband provider owns a monopoly on service." Massa said, "Time Warner believes they can do this in Rochester, NY; Greensboro, NC; and Austin and San Antonio, Texas, and it's almost certainly just a matter of time before they attempt to overcharge all of their customers," adding, "I believe safeguards must be put in place when a business has a monopoly on a specific region."



Hacking for fun and profit.

http://it.slashdot.org/article.pl?sid=09/04/12/1520205&from=rss

Eavesdropping On Google Voice and Skype

Posted by Soulskill on Sunday April 12, @12:43PM from the can-i-hear-you-now dept.

Simmons writes with news of research that demonstrated vulnerabilities in Skype and Google Voice that would have allowed attackers to eavesdrop on calls or place unauthorized calls of their own.

"The attacks on Google Voice and Skype use different techniques, but essentially they both work because neither service requires a password to access its voicemail system. For the Skype attack to work, the victim would have to be tricked into visiting a malicious Web site within 30 minutes of being logged into Skype. In the Google Voice attack (PDF), the hacker would first need to know the victim's phone number, but Secure Science has devised a way to figure this out using Google Voice's Short Message Service (SMS). Google patched the bugs that enabled Secure Science's attack last week and has now added a password requirement to its voicemail system, the company said in a statement. ... The Skype flaws have not yet been patched, according to James."

Reader EricTheGreen contributes related news that eBay may sell Skype back to its original founders.



Another article for Cindy's “Sex & Power” class. (Didn't this used to be illegal?)

http://news.cnet.com/8301-17852_3-10217694-71.html?part=rss&subj=news&tag=2547-1_3-0-5

The site where sugar daddies find their sweet babies

by Chris Matyszczyk April 12, 2009 10:50 AM PDT

… So perhaps you might be one of the 300,000 who populate Seekingarrangement.com, a site that tries to bring together those who have money (and are, by virtue of the virtues of capitalism, older) and younger things who wish to earn money in exchange for being, in the site's immaculate vernacular, sugar babies.

Seekingarrangement.com is profiled at some glorious length in Sunday's New York Times and one could scarcely think of a more appropriate subject for Easter Sunday. Here we have luminous Hefners in search of, hopefully, bed-hopping bunnies.



Databases for my Data Analysis/e-Discovery students to search.

http://www.bespacific.com/mt/archives/021075.html

April 12, 2009

National Archives to Release Reagan and Bush 41 Presidential Records

News release: "Acting Archivist of the United States Adrienne Thomas announced [April 10, 2009] that 245,763 pages of Ronald Reagan and George H.W. Bush Presidential records will be opened for research on Monday, April 13, 2009, at their respective libraries. These records, which were still pending with the George W. Bush Administration as of January 20, 2009, today cleared the review process established by President Barack Obama under Executive Order 13489.

  • "On Monday, April 13, 2009, the Ronald Reagan library will open 244,966 pages of records processed in response to hundreds of Freedom of Information Act (FOIA) requests. These records include the Presidential Briefing Papers collection, Office of Speechwriting research material, and approximately 13,000 pages of declassified records on numerous foreign policy topics. To date, more than ten million pages of Presidential records have been processed at the Reagan library."

  • On Monday, April 13, 2009, the George H. W. Bush library will open 797 pages of records that deal with Saudi Arabia. To date, more than six million pages of Presidential records have been processed at the Bush library..."



For my Statistics students...

http://news.cnet.com/technically-incorrect/

Facebook messes up your GPA

by Chris Matyszczyk April 12, 2009 11:40 AM PDT

… Yes, researchers at Ohio State University have delved deep into the habit that is Facebook and concluded that those who express their membership regularly do worse in school tests.

In fact, they say, the majority of those who Facebook daily do worse by as much as one whole grade.