Saturday, August 08, 2009

Strategy is as strategy does. Or in this case, ask yourself WWBBD? (What Would Big Brother Do?)

http://www.pogowasright.org/?p=2634

Police told to ignore human rights ruling over DNA database

August 7, 2009 by Dissent Filed under Featured Headlines, Govt, Non-U.S., Surveillance

Chief constables across England and Wales have been told to ignore a landmark ruling by the European court of human rights and carry on adding the DNA profiles of tens of thousands of innocent people to a national DNA database.

Senior police officers have also been “strongly advised” that it is “vitally important” that they resist individual requests based on the Strasbourg ruling to remove DNA profiles from the national database in cases such as wrongful arrest, mistaken identity, or where no crime has been committed.

Read more in The Guardian.

It’s not clear how the letter described in the news story from ACPO is consistent with a June 21 story on how the incoming ACPO chief, Sir Hugh Orde, wants more emphasis on human rights.



How serious is this, really? Is it worthy of Secret Service notice? (Does it return a big “Knock it off, Republican Dog! The Feds are watching and are calling your Mother right now!)

http://www.pogowasright.org/?p=2646

Philly cop accused of running criminal background check on Obama

August 8, 2009 by Dissent Filed under Breaches, Govt, U.S.

Philadelphia’s police department is investigating why an officer used his police car’s computer to run a criminal background check on President Barack Obama.

Police Commissioner Charles Ramsey said Friday the officer could face discipline for performing the check Wednesday morning. The Secret Service alerted the department after it learned about the incident from National Crime Information Center.

Read more on Huffington Post.

In July, two Georgia police officers were put on paid administrative leave after it was found that they had run an unauthorized background check on the President.


(Related?) Some folks (politicians) got more rights than others?

http://www.pogowasright.org/?p=2649

2nd Circuit rebuffs attempt to obtain Spitzer wiretap data

August 8, 2009 by Dissent Filed under Court, Surveillance, U.S.

The New York Times has lost its bid to obtain wiretap information related to former New York Gov. Eliot Spitzer’s involvement in a prostitution ring.

The federal law that permits disclosure of wiretap information on a showing of good cause does not allow disclosure based solely on the news media’s interest in publishing the information, the 2nd U.S. Circuit Court of Appeals ruled on Friday.

Read more on Law.com.

[From the article:

Four people who either ran or worked for the prostitution ring were charged in the case in March 2008. Once Spitzer was revealed as a client of the ring, he quickly resigned from office, although he was not charged in the case.

… Rakoff, in In re New York Times Co., 600 F.Supp. 2d 504 (S.D.N.Y. 2009), granted the paper's request on Feb. 19, 2009, finding the wiretap applications were "judicial records," and that the press enjoyed a right of access to those records under both common law and the First Amendment that amounted to a "presumption in favor of disclosure."

He found that the presumption was not outweighed by the government's concern about confidentiality because the investigation had been concluded, and that any privacy concerns could be addressed by the redactions.

Finally, the judge said that "there's no reason to believe that Congress intended 'good cause' to be anything other than a synonym for the balancing dictated by the aforementioned constitutional and common law principles."



All Kindle users??? It never hurts to ask, but does he believe his newspapers are important enough to Amazon to demand? If Amazon says no, where will he go? This, coupled with his decision to charge for content, should make for an interesting test case.

http://news.slashdot.org/story/09/08/07/168255/Murdoch-Demands-Kindle-Users-Info?from=rss

Murdoch Demands Kindle Users' Info

Posted by ScuttleMonkey on Friday August 07, @03:45PM from the another-in-a-long-line-of-bad-decisions dept.

In yet another move to display how antiquated and completely ignorant of digital culture he is, Rupert Murdoch has started demanding that Amazon hand over user info for all Kindle users. This demand comes right after Murdoch just finished negotiating a larger share of revenue from Amazon sales. At least Amazon hasn't decided to comply with this request yet.

"'As I've said before, the traditional business model has to change rapidly to ensure that our journalistic businesses can return to their old margins of profitability,' Murdoch said. 'Quality journalism is not cheap, and an industry that gives away its content is simply cannibalizing its ability to produce good reporting.'"

[From the article:

"Kindle treats them as their subscribers, not as ours, and I think that will eventually cause a break with us."



Boy, you thought Texting made for dangerous driving...

http://newteevee.com/2009/08/07/apple-to-stream-first-live-concert-to-the-iphone-tonight/

Apple to Stream First Live Concert to the iPhone Tonight

Tonight Apple will produce its first-ever live event streamed to the iPhone: a concert by the electronica band Underworld. Apple has apparently kept the event quiet as it doesn’t want to overwhelm the AT&T network, but if you have an iPhone you can queue it up yourself at iphone.akamai.com or underworldlive.com. The show starts at 9 p.m. PT and the stream is free.



Is there a use for this? Isn't PowerPoint bad enough?

http://www.makeuseof.com/tag/use-powerpoint-video-converter-to-convert-powerpoint-presentations-to-a-video/

Use PowerPoint Video Converter to Convert PowerPoint Presentations to a Video

Aug. 7th, 2009 By Karl L. Gechlik

There are times that you want to show your PowerPoint presentation to someone quickly and easily. The best way to achieve this is to convert your Powerpoint file into a video file.

With that video file you can post it to YouTube, send it along to another user via email or post it on your blog as a tutorial.

What ever you are going to do with the finished product this free 6.6mb application will make your life MUCH MUCH easier!

To start you need to download and install this application from here.



Amusing (I'll probably waste too much time with this...)

http://www.makeuseof.com/dir/marinetraffic-cargo-ship-tracking/

MarineTraffic: Real Time Yacht, Cruise & Cargo Ship Tracking

MarineTraffic is a cool Google Map mash up that provides you with real time ship tracking. It shows live information about ship movements throughout the world. You can search by ship name or zoom into map to view ships in particular area.

www.marinetraffic.com

Similar: www.sailwx.info

Friday, August 07, 2009

This summary is not available. Please click here to view the post.

Thursday, August 06, 2009

Seems like they don't pay on a 'per victim' basis. Shouldn't they?

http://www.databreaches.net/?p=6577

Heartland says breach has cost $32 million so far

August 6, 2009 by admin Filed under Financial Sector, Of Note

Heartland Payment Systems on Tuesday (Aug. 4) said it spent $32 million this year paying for costs related to the major data breach it disclosed in January, including $22.1 million to cover fines from key payment card brands and a settlement offer. Heartland did not say how the $22.1 million was split between the fines and the settlement offer, but it did provide clues.

For example, the breach costs of just the second quarter came to $19.4 million and it said that the “majority” of those costs was for the settlement offer, suggesting that the settlement was more than $9.7 million. Legal fees make that precise calculation tricky as well as the lack of a percentage of that majority. “The remainder of the expenses and accruals related to the Processing System Intrusion recorded in the three and six months ended June 30, 2009 were primarily for legal fees and costs the Company incurred for investigations, remedial actions and crisis management services,” Heartland said.

Read more on StorefrontBacktalk.



It's not Identity Theft. It's Inappropriate Branding (in the cattle rustler sense) No doubt a number of scams will arise from this. “We can clear your pedophile record for $29.95!” “We can help you get even with that neighbor you don't like!”

You can trust us to protect your personally identifiable information. Act I

http://www.pogowasright.org/?p=2578

Paedophile database ‘will catch people unnecessarily’

August 6, 2009 by Dissent Filed under Breaches, Govt, Non-U.S., Surveillance, Workplace

The Government’s new database of paedophiles must be reviewed because some people will be caught up in it unnecessarily, according to Sir Michael Bichard.

[...]

His comments come as it was disclosed that the controversial database has suffered a security breach even before its official launch.

A message containing confidential data was sent to the wrong email address by a worker at the Independent Safeguarding Authority.

Its annual report also discloses that “information risks” and “weaknesses” have been discovered in the organisation, which is being set up to check the backgrounds of more than 11million people who want to work with children and vulnerable adults.

It comes just days after The Daily Telegraph disclosed that the Criminal Records Bureau, from which the ISA will take most of its data, had made 1,570 errors over the past year, in many cases wrongly branding innocent people as criminals. [Statistically, a small error rate time a large volume equals “a whole bunch of errors” (statistical term) Bob]

Read more in The Telegraph.

[From the article:

In an interview with The Independent, Sir Michael said the idea that people like actors, authors or entertainers, who only occasionally visit a school, should register with the scheme should be reconsidered. [Offer your services, get entered in the database? Bob]

… "The ISA is founded on a suspicion of absolutely everyone, and a blind faith in bureaucrats: these errors show that this faith is misplaced."


(Related) You can trust us to protect your personally identifiable information. Act II (and you can write anything you want on the cloned card...)

http://www.pogowasright.org/?p=2590

UK national ID card cloned in 12 minutes

August 6, 2009 by Dissent Filed under Breaches, Featured Headlines, Non-U.S., Surveillance

The prospective national ID card was broken and cloned in 12 minutes, the Daily Mail revealed this morning.

The newspaper hired computer expert Adam Laurie to test the security that protects the information embedded in the chip on the card.

Using a Nokia mobile phone and a laptop computer, Laurie was able to copy the data on a card that is being issued to foreign nationals in minutes.

Read more in Computer Weekly.

[From the article:

According to the paper, Home Office officials said the foreign nationals card uses the same technology as the UK citizens card that will be issued from 2012.

Guy Herbert, general secretary of privacy lobby group NO2ID, said it was a mistake to assume that the Home Office cared about the card, or identity theft or citizens' benefit.

He said the Home Office wanted the central database to record citizens' personal details in one place for official convenience.


(Related) You can trust us to protect your personally identifiable information. Act III

http://www.pogowasright.org/?p=2599

Passwords stolen for tax returns

August 6, 2009 by Dissent Filed under Breaches, Non-U.S.

Gangs are stealing taxpayers’ passwords and submitting claims for tax refunds to be paid to them, HM Revenue and Customs has warned.

A series of attempted fraudulent claims through the self-assessment repayments system has been discovered.

No figures have been released outlining the extent of the fraud, but a HMRC spokesman said this was a new method of trying to extract money.

Read more on BBC. Thanks to Brian Honan for this link.

[From the article:

When people apply to use the system they are sent a password through the mail which is then used when the taxpayer logs onto the HMRC website over the following 30 days.

However, fraudsters have been getting hold of these passwords and other personal details. This could have been by stealing the mail, tricking people out of the details or even finding the letters discarded in bins.



How would you do it?

http://www.pogowasright.org/?p=2585

Regulators rethink approach to online privacy

August 6, 2009 by Dissent Filed under Govt, Internet

Regulators are rethinking their approach to online privacy and security, asking academics, public interest groups and industry to suggest ways to overhaul rules to better protect consumers.

As part of the review, David Vladeck, the Federal Trade Commission’s new head of consumer protection, is considering whether to throw out current privacy protections that revolve around lengthy disclosure statements that consumers rarely read. What’s unclear is what the FTC would propose instead.

Read more in The Wall Street Journal.

[From the article:

Beginning next year, participating Web sites will have a clickable icon that will show what data are being collected about a consumer, and who will be allowed to use that data, according to the new guidelines.

Participating Web sites will also be required to provide consumers with the choice of opting out of having their information collected and used for "behavioral targeting," or steering specific ads toward individual consumers.


(Related) Privacy is becoming visible?

http://www.pogowasright.org/?p=2574

YouTube clarifies ban on privacy invasions

August 6, 2009 by Dissent Filed under Businesses, Internet

YouTube has … increased the range of activities that are barred to include, amongst other things, invasions of privacy.

“If a video you’ve recorded features people who are readily identifiable and who haven’t consented to being filmed, there’s a chance they’ll file a privacy complaint seeking its removal,” say its new guidelines. “Don’t post other people’s personal information, including phone numbers, addresses, credit card numbers, and government IDs. We’re serious about keeping our users safe and suspend accounts that violate people’s privacy.”

Read more on Out-Law.com

[From the article:

Those guidelines banned videos containing sex or nudity; hate speech; shocking or disgusting content; dangerous or illegal acts; copyright violations or inappropriate material involving children.

The company has now increased the range of activities that are barred to include, amongst other things, invasions of privacy. [Privacy is never the first thing provider think of. Is that because other areas make for easier lawsuits? Bob]

See: The guidelines (viewable when user setting is set to 'worldwide')



Interesting statistical

http://www.techcrunch.com/2009/08/05/ec-13-of-europeans-have-never-used-the-web/

EC: 1/3 Of Europeans Have Never Used The Web

by Robin Wauters on August 5, 2009

Close to half of Europeans use the internet every day but one third have never used the web, according to a new report (PDF) published by the European Commission.

… Half of all households and more than 80 percent of businesses had a broadband connection last year and with 114 million subscribers the EU is in fact the largest world market for fixed broadband access.



A quick reference for my forensic students

http://www.pogowasright.org/?p=2565

CDT report on privacy controls for browsers

August 5, 2009 by Dissent Filed under Internet

From CDT.org:

CDT today released an update to the browser report it issued in October of 2008. The report includes updated information about privacy tools available in five Web Browsers: Firefox 3.5, Internet Explorer 8, Google Chrome, Safari 4, and Opera 10. The report compares browser offerings in three key areas: privacy mode, cookie controls and object controls. Each of those, when used correctly, can greatly reduce the amount of personal information users transmit online.

Browser Privacy Features Report, Version 2.0 [PDF], August 05, 2009:

http://www.cdt.org/privacy/20090804_browser_rpt_update.pdf


(Related) For my Security students it's “know and avoid” for my Forensic students it's “a roadmap”

http://www.pogowasright.org/?p=2570

Who knows where you are, and why?

August 5, 2009 by Dissent Filed under Featured Headlines, Surveillance

In a report released today, the Electronic Frontier Foundation (EFF) documents how your location information is collected by various popular electronic devices and services, and argues for concrete technological solutions that would allow you to enjoy these systems’ benefits without sacrificing your privacy in your everyday life.

“There are nifty new location-based technologies like electronic road-toll tags and cell-phone apps that alert you when your friends are nearby — but these systems often create and store records of your movements,” said EFF Staff Technologist Peter Eckersley, one of the co-writers of the white paper. “This could make it possible for others to know when you visited a health clinic, what church or bar you spend time in, or who you go to lunch with. It is essential that privacy-protecting algorithms are built into these devices and services, so we can enjoy their convenience without making our private lives into open books.”

For the full white paper “On Locational Privacy, and How to Avoid Losing it Forever”:

http://www.eff.org/wp/locational-privacy

To read EFF’s full press release: http://www.eff.org/press/archives/2009/08/05



Think of the SCO saga as a guidebook for delaying the inevitable.

http://yro.slashdot.org/story/09/08/05/2229245/Chapter-11-Trustee-Appointed-For-SCO?from=rss

Chapter 11 Trustee Appointed For SCO

Posted by timothy on Wednesday August 05, @06:46PM from the why-not-a-trusty-instead dept. court caldera

I Don't Believe in Imaginary Property writes

"The judge overseeing the SCO Chapter 11 bankruptcy case has issued an order appointing a chapter 11 trustee to oversee SCO's operations. However, the judge's reasoning is far from clear. While the judge believes that SCO has 'abandoned rehabilitation' to bet its future on litigation, he doesn't think it appropriate to convert their case to Chapter 7 liquidation. So SCO's management hasn't been fired yet, but they're no longer fully in charge either. It's not clear why the bankruptcy judge opted for this solution, when even the US Trustee was pushing to fire SCO's management and convert the case to Chapter 7. In short, SCO is still only mostly dead, rather than all dead, and in desperate search of a miracle worker."



It's not just lawyers who will find these useful.

http://www.bespacific.com/mt/archives/021983.html

August 05, 2009

New on LLRX.com: Law Practice Technology Information Sources and Tools

Law Practice Technology Information Sources and Tools - Ken Strutin identifies core sources to learn about new technologies that apply to legal research and law practice. In addition, he has identified specific tools that will contribute to managing research, communication and information-based tasks.



Tools & Techniques Oh too bad, it's broken. Can I have it?

http://www.makeuseof.com/tag/how-to-make-corrupt-usb-jump-drives-work/

How To Make Corrupt USB Jump Drives Work Again

Aug. 5th, 2009 By Guy McDowell



So my websire students can make their sites reeeeely annoying.

http://www.makeuseof.com/dir/soundbible-wav-sounds-free-to-download/

SoundBible: Collection of Mp3 & Wav sounds, free to download

www.soundbible.com

Similar websites: SoundJay, FindSounds, Soungle and SoundSnap.



Something for my fellow teachers since we probably have the information on our thumb drives anyway. (I don't find many sites for them)

http://www.makeuseof.com/dir/knowledge-genie-publish-your-knowledge-profit-from-what-you-know/

Knowledge Genie: Publish Your Knowledge & Profit From What You Know

Knowledge Genie is an online publishing platform which lets you organize your knowledge of a certain topic into a dedicated learning portal (Genie) and share it with other people. For each different topic you can create a separate Genie. It doesn’t require technical skills and takes care of the process of building and centralizing the information, sharing it online, building user community and charging for access.

… They offer a free account, which lets you create 1 Genie, store up 15 MB of content and unlimited users. Paid account accounts starting from 24$/month let you build more Genies, more storage and Google/PayPal resale options.

www.myknowledgegenie.com

Wednesday, August 05, 2009

New trend? Eliminate internal competition? When you are on company time and using company equipment, sure. But at home on your own computer?

http://news.cnet.com/8301-1023_3-10303457-93.html?part=rss&subj=news&tag=2547-1_3-0-5

Some tweets now of out bounds at ESPN

by Steven Musil August 4, 2009 11:50 PM PDT

… The sports network has apparently banned its workforce from posting any sports-related content on social-networking tools such as Twitter and Facebook without its permission. The news first came to light Tuesday when Ric Bucher, an NBA analyst for ESPN, tweeted that he had just received an network memo regarding tweeting:

The hammer just came down, tweeps: ESPN memo prohibiting tweeting info unless it serves ESPN.

… According to a purported copy of the memo posted on the sports blog The Big Lead, Bucher may just be violating the new policy (one point begins "Avoid discussing internal policies...").

In the memo, ESPN tells employees that is "currently building and testing modules designed to publish Twitter and Facebook entries simultaneously" on ESPN Web sites and mobile platforms, and it plans to roll out the modules this fall.


(Related) Concerns about external competition.

http://news.cnet.com/8301-17852_3-10302980-71.html?part=rss&subj=news&tag=2547-1_3-0-5

Marines, NFL in assault on Twitter, Facebook?

by Chris Matyszczyk August 4, 2009 1:13 PM PDT

… Let's start with the Marines. According to CNN, a Marine Corps order has made the Corps' feelings known with characteristic subtlety: "These Internet sites in general are a proven haven for malicious actors and content and are particularly high risk due to information exposure, user-generated content, and targeting by adversaries."

… Which leads us to the pioneers, at the NFL. The New York Times informs us that certain NFL teams appear to be chop-blocking social networking square in the back of the knees.

At the beginning of training camp, Green Bay Packers players were apparently told that they would be fined $1,701 (the NFL maximum) for texting or tweeting during a team function.



Hey, I went to law school and everything. What's wrong with that judge? Wait, who did his taxes? Is he an illegal alien?

http://www.pogowasright.org/?p=2548

Prosecutor denies violating rights in ID probe

August 4, 2009 by Dissent Filed under Breaches, Court, Govt, U.S.

Colorado authorities say they did not violate anyone’s privacy rights when they seized thousands of tax documents to investigate undocumented immigrants for identity theft.

In a late Monday filing, Weld County District Attorney Ken Buck and Sheriff John Cook also said a judge erred in halting the probe.

Read more from the Associated Press via SunNews.com

[From the article:

Weld County argued in its appeal it was impossible to identify individual suspects in the search warrant because the case centered on identity theft. [So we grabbed everyone's tax return. If you're innocent, you have nothing to worry about. Bob]



The closest pre-Internet parallel would have been a fire/flood/other natural disaster, but it would not have global impact.

http://news.digitaltrends.com/news-article/20563/paypal-suffers-global-outage

PayPal Suffers Global Outage

August 05, 2009 by Christopher Nickson

Online payment service PayPal suffered a global outage on Monday that took it offline for a few hours.

PayPal processes around $2,000 per second in payments, meaning that the outage, which lasted at least two hours, took over $14 million out of the system, at least for a while.



Saving California! In one swell foop, this decision reduces the cost of housing prisoners and stimulates the (underground) economy! They could save even more by letting them all go!

http://www.bespacific.com/mt/archives/021971.html

August 04, 2009

FindLaw: Judges Order California to Reduce State Prisoner Population

Joel Zand, FindLaw: "A panel of three federal judges ordered the State of California to reduce its inmate population because of prison overcrowding, resulting in the release of approximately 43,000 prisoners during the next two years so that the state's prisons can operate at 137.5% of their design capacity. In a 184-page opinion, the panel ordered California to provide an inmate reduction plan within 45 days to carry out the court's directive "in no more than two years."



Interesting. Seems to support the open/free professional journal concept.

http://www.bespacific.com/mt/archives/021970.html

August 04, 2009

Ensuring the Integrity, Accessibility, and Stewardship of Research Data in the Digital Age

Ensuring the Integrity, Accessibility, and Stewardship of Research Data in the Digital Age, Committee on Ensuring the Utility and Integrity of Research Data in a Digital Age; National Academy of Sciences

  • "As digital technologies are expanding the power and reach of research, they are also raising complex issues. These include complications in ensuring the validity of research data; standards that do not keep pace with the high rate of innovation; restrictions on data sharing that reduce the ability of researchers to verify results and build on previous research; and huge increases in the amount of data being generated, creating severe challenges in preserving that data for long-term use. Ensuring the Integrity, Accessibility, and Stewardship of Research Data in the Digital Age examines the consequences of the changes affecting research data with respect to three issues - integrity, accessibility, and stewardship-and finds a need for a new approach to the design and the management of research projects. The report recommends that all researchers receive appropriate training in the management of research data, and calls on researchers to make all research data, methods, and other information underlying results publicly accessible in a timely manner. The book also sees the stewardship of research data as a critical long-term task for the research enterprise and its stakeholders. Individual researchers, research institutions, research sponsors, professional societies, and journals involved in scientific, engineering, and medical research will find this book an essential guide to the principles affecting research data in the digital age.



For my (Canadian?) Computer Security students (Imagine being a hacker with a badge...)

http://www.pogowasright.org/?p=2544

Job opening for tech geek with privacy chops

August 4, 2009 by Dissent Filed under Featured Headlines, Non-U.S.

Must love geese? Here’s a job opening from the Office of the Privacy Commissioner of Canada that could be right up some reader’s alley:

We’re looking for an Information Technology Research Analyst – and the competition is open to the public. You can find a detailed list of requirements at jobs.gc.ca, but we can boil it down to these three basic requirements:

  • a university degree in computer science or information technology (or a suitable combination of education and experience, for all you hacker dropouts)

  • an overwhelming interest in emerging technologies and an impulse to tear them apart

  • an ability to analyze the pieces piled up before you and explain their importance to non-technical people.

It would help if you were obsessive about a technology in particular, like video surveillance, RFID and locational technology, information security, the convergence of surveillance systems and biometrics, or mobile technology, but it’s not mandatory.

The position is based in Ottawa, and it’s full time. Cubicles are involved. We can understand if you bring a moderate amount of cynicism about bureaucratic processes and unnecessary hierarchies to the job – although we think you’ll find our Office less burdensome than most federal or provincial agencies.



Global Warming! Global Warming!

http://www.wired.com/wiredscience/2009/08/newbloom/

Satellite Data Could Overturn Plankton Bloom Hypothesis

By Alexis Madrigal Email Author August 4, 2009 2:01 pm

Every year, the north Atlantic ocean turns green with plankton, and for more than fifty years, scientists thought they knew why. Now, a decade’s worth of satellite measurements suggest they were wrong.

The common-sense idea that in the spring, the sun warms up the water column until it hits a key threshold and suddenly comes alive was formalized in 1953 by Norwegian oceanographer Harald Sverdrup. But the true beginning of the plankton blooms probably begins in the dark of winter.

We found that the north Atlantic bloom was starting much earlier than we thought and it didn’t coincide with an improvement in the growth conditions from the phytoplankton,” Michael Behrenfeld, an phytoplankton ecologist at Oregon State University. “It started in January.”

Plankton blooms are a hot topic in the earth sciences because they are one determinant of how big a carbon reservoir the oceans can be. That’s important for climate science generally, and for would-be geoengineers specifically. A new fundamental understanding of plankton blooms could change the way we model our climate now and long into the future.



Too girly? I suspect this is a gold mine waiting to be exploited. An example for the e-commerce class.

http://www.killerstartups.com/Web-App-Tools/invity-com-create-a-wedding-website-of-your-own

Invity.com - Create A Wedding Website Of Your Own

http://www.invity.com/

An Indian startup, this will let any couple who is about to tie the knot publish an online wedding invitation. Invity, then, is an e-invitation platform that makes for announcing wedding plans and it also enables users to share media as regards the big event itself.

On the site, the couple can include detailed description about the upcoming ceremony and share it with those they want, be it their families or their circle of friends. The site can likewise be employed by the couple to tell the story of how they met, how they are “made for each” other and let everybody know about their conviction that they are going to last forever.



Retro cute (but a bit pricy) Perhaps we could go Older School and deliver scrolls?

http://www.makeuseof.com/dir/telegramstop-send-telegrams/

TelegramStop: Send Telegrams From The Web

TelegramStop is a unique website which, as the name suggests lets you send telegrams. Yes, telegrams. Remember those good old days when you would walk to the post office just to send a few lines of message. This tool can bring those memories back.

The idea is simple. Enter a few lines of message, preview your telegram, make the payment and they take care of the rest. There is flat fee of $4.70 per telegram irrespective of your location and where you are sending the telegram. You can save on bulk orders though. Payments can be made through Paypal.

http://www.telegramstop.com/Home.mvc.aspx

Tuesday, August 04, 2009

Today's theme seems to be the protection of large, sensitive database information and the creation of a couple of new (to me) legal concepts...



Think of this as a database for potential employees. Fortunately, this would never happen in the US, our security is foolproof!

http://www.databreaches.net/?p=6541

Secret’ Swedish police data sold by criminals

August 4, 2009 by admin Filed under Breach Incidents, Breach Types, Financial Sector, Government Sector, Non-U.S., Of Note

Supposedly secret police lists containing details about Sweden’s most dangerous criminals are up for sale across the country among members of the Swedish underworld. The documents have apparently been leaked from the Stockholm police’s Criminal Investigation Department.

The lists, known as the Alcatraz List and Nova List, contain a wide-range of information about Sweden’s toughest criminals, there associations to one another, as well a details about their relationships with family members, acquaintances, and girlfriends.

[...]

Linderoth confirmed that information from the lists is being sold to criminal across the country. She said that the lists came out as a result of criminal activity and that no police officers are suspected of being invovled. [If true, it must be a master hacker! Bob]

Nor does she believe the disclosure has damaged the police’s work. [Oh? Bob]

“It’s not good, but it’s a living document and now that we know about it can we restructure things,” she told DN.

Read more on The Local (Sweden).


(Related) Of course, there is always a bigger fool...

http://www.databreaches.net/?p=6533

Police files found in dumpster

August 3, 2009 by admin Filed under Breach Incidents, Breach Types, Exposure, Government Sector, Paper

Hundreds, perhaps thousands of personal files from the Scranton Police Department were found unshredded in a dumpster, according to a news story on WNEP.

“One or more files that should have been shred were thrown into the dumpster,” said Scranton Director of Public Safety Ray Hayes. He admitted that a mistake was made.

Newswatch 16 found names, addresses, social security numbers, even what appeared to be an old evidence bag of marijuana; all things that could potentially end up in the wrong hands.

[...]

Director Hayes added that not all of the files in the dumpster were confidential. He said many of those files are already a matter of public record.


(Related) At least one state used inmates to enter personnel data into a computer system.

http://www.databreaches.net/?p=6557

NH inmate had corrections officers’ data

August 4, 2009 by admin Filed under Exposure, Government Sector, Non-U.S., Paper

The Associated Press reports that a New Hampshire State Prison inmate was found in possession of a list containing details — including social security numbers — of Corrections Department workers. Officials believe that the inmate might have obtained the list when he worked at a warehouse, where a copy of the list was waiting to be shredded. [I read this as another case of using inmate labor in highly sensitive areas without adequate supervision. Bob]


(Related) Of course, some states make sensitive data available for sale..

http://www.pogowasright.org/?p=2532

Sale of DMV Data Could Bankrupt Missouri

August 4, 2009 by Dissent Filed under Breaches, Businesses, Court, Featured Headlines, Govt, U.S.

Two related federal class actions have the potential to bankrupt the state. The plaintiffs claim that the Source for Public Data and Chexsystems Collection Agency illegally obtained a database from the Missouri Department of Motor Vehicles, with confidential information about Missouri drivers….. The classes claim the companies violated the Federal Driver’s Privacy Protection Act by selling their personal information and making false representations to get it.

Read more on Courthouse News.

Related: Complaint against Chexsystems Collection Agency (pdf)


(Related) Gary Alexander sent me this one. I seem to remember a Supreme Court nominee's video rental records being examined by the press, perhaps that was enough to make Washington politicians take action?

http://www.networkworld.com/community/node/44055?source=NWWNLE_nlt_daily_am_2009-08-03

Video rental records are afforded more privacy protections than your online data.

Defcon 17 Security Conference By jheary on Sat, 08/01/09 - 1:49am.

Today at Defcon 17 I attended an interesting talk given by the Electronic Frontier Foundation (EFF) where they talked about some of the case law that is shaping our countries IT related laws. One of the interesting tidbits that I picked up was that current laws seem to protect your personal video rental and sales records (i.e. what you rented from the video store) from disclosure in a more effective way than your computer data residing online. I'm no lawyer, and this is not legal advice, but here are some of the details on the subject.



It is one thing to have a policy. Part of management's responsibility is to ensure that procedures are followed. Especially when an employee is terminated for cause.

http://www.databreaches.net/?p=6527

TNCC computer tech says access now cut off

August 3, 2009 by admin Filed under Breach Incidents, Education Sector, Unauthorized Access

It may be a sign of the times that even the risk of a data breach becomes newsworthy. [God, let's hope so! Bob]

Last week, the Daily Press reported that a former part-time computer help desk technician at Thomas Nelson Community College claimed that he had been laid off almost three weeks earlier, but that he still had computer access to the records and Social Security numbers of every student in the Virginia Community College System. The college denied that he had been “laid off,” and stated that school policy is to end access when an employee is terminated.

In a follow-up a few days later, the reported that as soon as they had published the first story, the former tech’s access was promptly terminated. This time, the college claimed that:

“However, we believe his assessment of his access was incorrect; it did not include access to Social Security numbers,” Hayden said. “Security of student and institutional records is a paramount concern for all of Virginia’s Community Colleges, including Thomas Nelson Community College.”

“I’m pretty positive,” Slater said Friday, when asked again if he was sure he had access to Social Security numbers.



I suspect this editorial (rant?) reflects the opinion of many security wonks.

http://www.wired.com/dangerroom/2009/08/white-house-cyber-czar-resigns-good-riddance/

White House ‘Cyber Czar’ Resigns; Let’s Not Replace Her.

By Michael Tanji Email Author August 3, 2009 4:16 pm

The White House’s acting “cyber czar” just resigned, with no permanent replacement in sight. Which is just fine. We can make more progress on the network security front without such a “czar.”

For starters, we’ve had reasonable facsimiles of cyber czars before — to little effect. The studies have been done, the list of tasks complete, yet we continue to fail year after year.

… Despite grandiose claims to the contrary, the government has very little direct impact on how safe national resources are online.



It figures that California requires outrageous behavior...

http://www.ktvu.com/news/20267691/detail.html

Workplace Surveillance Lawsuit Tossed By High Court

Posted: 1:43 pm PDT August 3, 2009

SAN FRANCISCO -- The California Supreme Court Monday rejected a lawsuit filed against a Southern California residential children's center by two clerical workers who learned there was a surveillance camera hidden in their office.

The camera and a related motion detector were set up by officials at the Hillsides Children's Center in Los Angeles County in 2002 in a bid to find out who was looking at pornography late at night on a computer in the office.

The center's director later said he didn't suspect either of the two workers who filed the lawsuit, but wanted to find out whether another center employee was entering their office at night to view pornography online.

Center management said that since the center served abused children, it would be harmful to have such an employee working there.

… The state high court, in a ruling issued in San Francisco, said the two workers had a reasonable expectation of privacy.

But the panel also unanimously said the privacy invasion didn't rise to the level of an "outrageous" action that would have allowed the lawsuit to proceed.

The panel said the action was justified by legitimate business concerns for the welfare of the children and about the center's possible legal liability. The court also said the intrusion was limited because the camera was activated only at night and only three times in a three-week period and the two workers were never caught on film.

Justice Marvin Baxter said in the ruling that misuse of office computers is an increasing problem for employers.



Another “We gotta do something” reaction to 9/11? Probably helps solve crime, but prevent terrorism? (Maybe “sharing” explains how all those police files wind up in the wrong hands?)

http://www.bespacific.com/mt/archives/021960.html

August 03, 2009

Police Chiefs: Intelligence Sharing Has Improved Since 9-11 But More Must Be Done

News release: "A report released today by the International Association of Chief of Police (IACP) finds that in the years since the September 11, 2001, state, local, and tribal law enforcement agencies have made great strides in their ability to share intelligence, which is a critical factor in our continuing effort to prevent terrorist attacks. [Am I missing something? Did any of these organizations have information that would have prevented the attacks? (The Feds had bits & pieces) Bob] However, the full benefits of intelligence sharing has not yet been realized because the process itself remains a mystery to many police officers, and some law enforcement executives consider their agencies too small or too remote to participate in criminal intelligence sharing. These obstacles to full participation could result in alarming gaps in the intelligence that guides our homeland security and crime fighting efforts. These findings, along with recommendations designed to assist law enforcement agencies in overcoming challenges, are contained in the IACP's report: National Summit on Intelligence: Gathering, Sharing, Analysis, and Use after 9-11."


(Related) How secure are those huge databases you ask?

http://www.databreaches.net/?p=6555

Employees sacked for ID card data breach

August 4, 2009 by admin Filed under Breach Incidents, Government Sector, Non-U.S., Unauthorized Access

The database in question holds data on 92 million people in the U.K. About 200,000 people have access to it. If they cannot adequately secure the database from misuse by employees, well…….

Nine local authority workers have been sacked after illegally accessing personal details of the public held on the government’s national identity database.

In total, 34 council workers were found to have illegally accessed the Customer Information System (CIS) database, part of a linked-up network of systems which constitute the government’s planned national identity database.

So how much is acceptable? Is evidence of 34 people misusing the database evidence that the system needs better security, or is it an acceptable level of risk? [Acceptable to whom? Bob]

A DWP spokesman told Computer Weekly: “The small number of incidents shows that the CIS security system is working and is protected by several different audit and monitoring controls, which actively manage [They do not manage. They merely report that an event has occurred. Bob] and report attempts at unauthorised or inappropriate access.”

Read more on politics.co.uk.



Isn't this the IP equivalent of a Quit Claim Deed? If so, can I sell the rights to AP stories the same way? (The AP was probably so amazed that someone actually wanted to pay them that they didn't bother checking who owned the quote.)

http://yro.slashdot.org/story/09/08/03/2125223/AP-Will-Sell-You-a-License-To-Words-It-Doesnt-Own?from=rss

AP Will Sell You a "License" To Words It Doesn't Own

Posted by kdawson on Monday August 03, @07:13PM from the almost-as-ironic-as-disappearing-1984 dept.

James Grimmelmann performed an experiment using the AP's form to request a license to use more than four consecutive words from one of their articles. Except that he didn't paste in words from the (randomly chosen) article, but instead used 26 words written by Thomas Jefferson 196 years ago:

If nature has made any one thing less susceptible than all others of exclusive property, it is the action of the thinking power called an idea.

The AP cheerfully charged him $12 to use Jefferson's 26 words. Both Boing Boing and TechDirt have picked up the story so far. Grimmelmann adds an update to his blog: the AP has rescinded his license to Jefferson's words and issued a refund for his $12. They did not exhibit the grace to admit that their software is brain-dead.



Post Hoc contract modification? Perhaps it was in the shrink wrap... I did warn you that automated updates gave the manufacturers too much control.

http://games.slashdot.org/story/09/08/03/228225/Ads-Retroactively-Added-To-emWipeout-HDem-Soon-Others?from=rss

Ads Retroactively Added To Wipeout HD, Soon Others

Posted by Soulskill on Monday August 03, @10:04PM from the brought-to-you-by-frungy,-the-sport-of-kings dept. playstation games

An anonymous reader writes

"American users of Wipeout HD might have noticed that there's an advertisement showing up all of a sudden during loading, both during online and offline play. This, according to a poster on the well-known gaming forum NeoGAF, is being done covertly. The writer suspects that the display software was installed during update 2.01, and the ad-content is now being snuck in. Gamasutra has a story on the company responsible for the software to deliver these ads, Double Fusion, which said it plans to launch in-game advertising in 'another handful' of PS3 games by the end of the year. So, what's next? Can we look forward to fighting the Kool-Aid Man and zombified Mars bars in Uncharted, or is there anything that can be done to hinder companies from adding advertisements retroactively, without the customer's prior knowledge?"



Another legal milestone!

http://it.slashdot.org/story/09/08/03/1731226/First-Ever-Criminal-Arrest-For-Domain-Name-Theft?from=rss

First Ever Criminal Arrest For Domain Name Theft

Posted by ScuttleMonkey on Monday August 03, @03:11PM from the slowly-catching-up-with-the-times dept. security court internet

Domain Name News writes

"Until recently, there hasn't been a case of a domain theft where the thief was caught and arrested. However, on July 30th, Daniel Goncalves was arrested at his home in Union, New Jersey and charged in a landmark case, the first criminal arrest for domain name theft in the United States. [His mother is so proud! Bob] 'Cases of domain name theft have not typically involved a criminal prosecution because of the complexities, financial restraints and sheer time and energy involved. If a domain name is stolen, the victim of the crime in most cases would need experience with the technical and legal intricacies associated with the domain name system. To move the case forward, they would also need a law enforcement professional who understands the case or is willing to take the time to learn. For example, the Angels told us that in their case they called their local law enforcement in Florida who sent a uniformed officer in a squad car to their home. The first thing you can imagine the officer asked was, "What's a domain?"'"



Think of this as a weapon test/proof of concept. How would you like to control millions of computers at the start of a CyberWar?

http://it.slashdot.org/story/09/08/03/1510243/Has-Conficker-Been-Abandoned-By-Its-Authors?from=rss

Has Conficker Been Abandoned By Its Authors?

Posted by CmdrTaco on Monday August 03, @12:19PM from the don't-leave-me-daddy dept. security worms

darthcamaro writes

"Remember Conficker? April first doom and gloom and all? Well apparently after infecting over five million IP addresses, it's now an autonomous botnet working on its own without any master command and control. Speaking at the Black Hat/Defcon Hat security conference in Las Vegas, Mikko Hypponen, chief research officer at security firm F-Secure, was told not to talk in detail about the Conficker gang — the problem is that not all researchers were under the same gag order. Just ask Roel Schouwenberg, senior anti-virus researcher at security firm Kaspersky, who says 'The Conficker botnet is autonomous; that is very strange in itself that they made Conficker replicate by itself. Now it seems like the authors have abandoned the project, but because it is autonomous, it can do whatever it wants and it keeps on trying to find new hosts to infect.'"



This is important for determining if the rest of the world is as wacko as we are...

http://www.bespacific.com/mt/archives/021964.html

August 03, 2009

Google quadruples number of articles included in News Archive Search

Google News Blog: "We've recently updated our index, quadrupling the number of articles included in News Archive Search. We now include articles from several new publications, including the Halifax Gazette, Sydney Morning Herald, the Milwaukee Journal Sentinel, and the Village Voice. Working with our partners, we've also added new international publications such as the Manila Standard, The Nation from Thailand, and many others...You can explore this historical treasure trove by searching on News Archive Search or by using the timeline feature after searching on Google News."



'cause Apple makes gooder Apps than we does...

http://www.pcworld.com/businesscenter/article/169507/microsoft_details_how_to_port_iphone_apps_to_windows_mobile.html

Microsoft Details How to Port IPhone Apps to Windows Mobile