Saturday, October 17, 2009

Part of our continuing examination of cyber-crime and its increasing sophistication.

http://www.databreaches.net/?p=7837

Computer Hacker Fugitive Extradited for Cybercrimes Relating to VOIP Telephone Services

October 16, 2009 by admin Filed under Breach Incidents, Business Sector, Hack, U.S.

… A 20-count Indictment charges Pena with conspiracy to secretly hack into the computer networks of unsuspecting Voice Over Internet Protocol (VOIP) phone service providers; conspiracy to commit wire fraud by transmitting telephone calls over the victim’s networks; and individual hacking and wire fraud counts.

… Pena was first charged on June 6, 2006, in the District of New Jersey in a criminal Complaint that set forth the scheme described in the subsequent indictment. He was arrested on that Complaint on June 7, 2006, and released the next day on $100,000 bail set by a federal magistrate judge in Florida. Pena appeared in Court in New Jersey on June 29, 2006, and on approximately Aug. 12, 2006, Pena allegedly fled the country to avoid prosecution.

Pena was indicted on fraud and computer hacking charges for his role in a scheme to defraud Voice Over Internet Protocol (VoIP) telephone service providers. Pena, who purported to be a legitimate wholesaler of these Internet-based phone services, allegedly sold discounted service plans to his unsuspecting customers. The Indictment alleges that Pena was able to offer such low prices because he would secretly hack into the computer networks of unsuspecting VoIP providers, including one Newark-based company, to route his customers’ calls.

Through this scheme, Pena is alleged to have sold more than 10 million minutes of Internet phone service to telecom businesses at deeply discounted rates, causing a loss of more than $1.4 million in less than a year. The victimized Newark-based company, which transmits VoIP services for other telecom businesses, was billed for more than 500,000 unauthorized telephone calls routed through its calling network that were “sold” to the defendant’s unwitting customers at those deeply discounted rates, according to the Indictment.

The case is being prosecuted by Assistant U.S. Attorney Erez Liebermann in the U.S. Attorney’s Office Computer Hacking and Intellectual Property group, within the Commercial Crimes Unit.



Local Probably a small breach, but some examples of good and bad things to say to the press.

http://www.databreaches.net/?p=7850

Debit card breach is traced to Cheers Liquor Mart

October 16, 2009 by admin Filed under Breach Incidents, Business Sector, Hack, U.S.

Wayne Heilman reports:

A debit card breach affecting thousands of Colorado Springs area cardholders resulted from outside hackers gaining access to Cheers Liquor Mart’s computer system sometime last month, owners of the Springs-based retailer said Friday.

Cheers hired Cyopsis LLC, a Denver-based information technology forensics and investigations firm, to determine the source of the breach and prevent further breeches, said Jeff Robinson, one of four owners of one of the city’s largest liquor retailers. Cyopsis is working with Colorado Springs Police to determine who was responsible for the alleged theft of the store’s customer information, which appears to have been done by “an organized group,” he said.

Read more in The Gazette.

[From the article:

We don’t believe we are any more at risk now than any other merchant. I would use my own card there now,” Robinson said. [Best assurance that the breach has been patched I've read in many a year... Bob]

… Police spokesman Lt. David Whitlock said Friday no new information on the investigation is available. He said Thursday that “thousands” of customers from five financial institutions operating in the Springs area had their numbers stolen from an unidentified local merchant. He declined to identify either the merchant or the financial institutions. [The fact that only one merchant is involved kinda makes his “declining to identify” rather moot. Bob]

Ent Federal Credit Union, Security Service Federal Credit Union and Air Academy Federal Credit Union all began notifying affected cardholders of the breech last weekend after detecting suspicious transactions on their cards. [...and there are three of your five financial institutions. Bob]



I'll take a screen-shot of the pop-up message I got this morning so I'm ready to join the Class Action lawsuit. (There is more than one way to protect your browser monopoly.)

http://it.slashdot.org/story/09/10/16/189243/Sneaky-Microsoft-Add-On-Put-Firefox-Users-At-Risk?from=rss

Sneaky Microsoft Add-On Put Firefox Users At Risk

Posted by ScuttleMonkey on Friday October 16, @04:14PM from the bad-microsoft-no-donut dept.

CWmike writes to mention that the "Windows Presentation Foundation" plugin that Microsoft slipped into Firefox last February apparently left the popular browser open to attack. This was among the many things recently addressed in the massive Tuesday patch.

"What was particularly galling to users was that once installed, the .NET add-on was virtually impossible to remove from Firefox. The usual 'Disable' and 'Uninstall' buttons in Firefox's add-on list were grayed out on all versions of Windows except Windows 7, [I'll have to buy Windows7 when it's released in order to remove the malware the author of Windows7 installed on my machine? Bob] leaving most users no alternative other than to root through the Windows registry, a potentially dangerous chore, since a misstep could cripple the PC. Several sites posted complicated directions on how to scrub the .NET add-on from Firefox, including Annoyances.org."


(Related) Looks like Microsoft is trying to level the playing field the old fashioned way.

http://thenextweb.com/europe/2009/10/16/microsft-lets-safari-beat-firefox-europe/

Microsoft Lets Safari Beat FireFox in Europe, FireFox Furious

By Alex Wilhelm on October 16, 2009

… Given the long term discomfort of the EU about the inclusion of Internet Explorer, notwithstanding their silence of the imperialism of Notepad, Microsoft has offered to include at the launch of Windows to provide options. When a user first fires up Windows, they will get to select a browser to install.

Here comes the problem, the browsers will be listed alphabetically. When you test the user selections, the votes come in: IE, Safari, Chrome, Firefox, and then Opera. This is a horror show for Firefox, a great bump for Chrome and Safari, and a free boost for the oft ignored Opera.

[I think that should read: Apple Safari, Google Chrome, Microsoft IE, Mozilla Firefox, and Opera Software's Opera Bob]



Bob's short and twisted course on Copyright Law: First, you don't get to express your opinion on Copyright Law, you aren't a lobbyist and therefore can't pay large bribes.

http://yro.slashdot.org/story/09/10/16/165256/Secret-ACTA-Treaty-May-Sport-Internet-Enforcement-Procedures-After-All?from=rss

Secret ACTA Treaty May Sport "Internet Enforcement" Procedures After All

Posted by ScuttleMonkey on Friday October 16, @01:11PM

Andorin writes

"Ars Technica writes about the recent work on the Anti-Counterfeiting Trade Agreement, and reveals that while the public does not have access to the text of the agreement, a handful of lawyers representing Big Content and numerous companies and organizations do. 'Turns out that... ACTA will include a section on Internet "enforcement procedures" after all. And how many people have had input on these procedures? Forty-two. ... Knowledge Ecology International (KEI) found out in September that the US Trade Representative's office had actually been secretly canvassing opinions on the Internet section of the agreement from 42 people, all of whom had signed a nondisclosure agreement before being shown the ACTA draft text.'"


Second, If the publishing industry in another country has a good idea, steal it! (Also, steal from authors like George Orwell and Aldous Huxley – they knew how to keep the sheep in line.)

http://yro.slashdot.org/story/09/10/17/022239/Canadian-Copyright-Lobby-Fights-Anti-Spyware-Legislation?from=rss

Canadian Copyright Lobby Fights Anti-Spyware Legislation

Posted by Soulskill on Saturday October 17, @12:09AM from the stop-being-jerks dept.

An anonymous reader writes

"New Canadian anti-spam and anti-spyware legislation is scheduled for a key vote on Monday. Michael Geist reports that the copyright lobby has been pushing to remove parts of the bill that would take away exceptions which currently allow spyware to be installed without authorization. 'The copyright lobby is deeply concerned that this change will block attempts to track possible infringement through electronic means.' There have also been proposals to extend the exemptions granted to telecom providers to include the installation of programs without the user's express consent, which Geist says will 'leave the door open to private, surreptitious surveillance.'"


Third: Never listen to the content creators. They are artistes, and therefore have no concept of business. (And whatever you do, ignore publishers like Baen Books, who found that giving away their e-books increased sales every time. Just pretend this is a statistical anomaly.)

http://news.slashdot.org/story/09/10/16/1730246/Author-Encourages-Users-to-Pirate-His-Book?from=rss

Author Encourages Users to Pirate His Book

Posted by ScuttleMonkey on Friday October 16, @03:28PM from the listen-to-the-content-creator dept.

mariushm writes

"Peter Cooper, the author of Beginning Ruby, breaks down how he gets paid for the book, including the advance and royalties, giving a nice clean explanation of how authors get paid for their books. He also describes the negotiations over the second edition of the book, in which he begged his publisher, Apress, to offer the ebook version for free, believing (strongly) that it would promote sales of the paper book. He even notes that the original version's ebook barely had noteworthy sales, so it seemed reasonable to offer up the ebook for free to drive more attention. No dice. Even though Apress has done that with other similar titles, it wouldn't agree. As he retains the copyright for the actual text, he encourages people to buy the book and create an online version of it without covers, contents table and indexes, promising not to enforce his copyright over the new work."



Interesting stats, including: 40% of those surveyed blocked social networks.

http://www.bespacific.com/mt/archives/022581.html

October 16, 2009

Fulbright’s 6th Annual Litigation Trends Survey Report

News release: "Companies are seeing a litigation wave that corporate counsel expect to swell in the coming year, according to respondents of Fulbright’s 6th Annual Litigation Trends Survey Report. Corporate counsel say they are steeling themselves for a big year of litigation with 42% of U.S. respondents anticipating an increase in legal disputes their companies will face in the next 12 months. That is up from 34% of last year’s respondents. The expectation comes during a year when 83% of U.S. respondents reported that new litigation has been commenced against their companies in the past year, up from 79% last year... More than one-third of companies say the economic downturn has resulted not only in an increase in their litigation caseloads, but also their use of alternative fees. Tighter cost control, more than anything else, is the most important way in which the economic crisis has affected litigation management, respondents say."



I expected their costs to be low, but I hadn't actually calculated how low.

http://www.wired.com/epicenter/2009/10/youtube-bandwidth/

YouTube’s Bandwidth Bill Is Zero. Welcome to the New Net

By Ryan Singel October 16, 2009 2:10 pm



Is this really a good idea? Should we allow manufacturers to bid for the supply contracts? Can schools compare Apples to non-Apples?

http://news.bbc.co.uk/2/hi/technology/8309583.stm

Laptop for every pupil in Uruguay

By Verónica Psetizki Montevideo, Uruguay

… Uruguay is part of the One Laptop Per Child scheme, an organisation set up by internet pioneer Nicholas Negroponte. His original vision was to provide laptops at $100 (£61) but they proved more expensive.

The Uruguay programme has cost the state $260 (£159) per child, including maintenance costs, equipment repairs, training for the teachers and internet connection.



I'm sure I'll find a use for these. My sense of humor is that strange.

http://www.audiencesounds.com/index.html

Friday, October 16, 2009

Multiple breaches must make the sales department's job more difficult.

http://www.databreaches.net/?p=7835

PayChoice Suffers Another Data Breach

October 16, 2009 by admin Filed under Breach Incidents, Financial Sector, Hack, U.S.

Brian Krebs reports:

Payroll services provider PayChoice took its Web-based service offline for the second time in a month on Wednesday in response to yet another data breach caused by hackers.

Moorestown, N.J. based PayChoice, provides direct payroll processing services and licenses its online employee payroll management product to at least 240 other payroll processing firms, serving 125,000 organizations. On Thursday morning, the company sent a notice to its customers saying it had once again closed onlineemployer.com – the portal for PayChoice’s online payroll service — this time after some clients began noticing bogus employees being added to their payroll.

Read more on Security Fix.



Detailing some of the complexity. The computer stuff is easy, but conversion (getting the cash) seems to still trip these guys up.

http://www.databreaches.net/?p=7833

London cyber criminals face jail over Natwest fraud

October 15, 2009 by admin Filed under Breach Incidents, Financial Sector, ID Theft, Malware, Non-U.S.

Asavin Wattanajantra reports:

London-based cyber criminals face jail after siphoning off £600,000 from bank customers with a trojan virus.

According to a report in the West Sussex County Times, the criminals used a trojan to infected computers, which waited until a user logged onto an account and then slithered its way into online cash transfer procedures.

Shown a page with a faked Natwest logo and a message that it was an additional security measure, victims would be persuaded to type in passwords, PIN numbers and telephone numbers.

The virus would allow users to continue normally, but was secretly creating new payee details to siphon the cash into mule accounts, and then to Eastern Europe.

According to the report, 138 customers were affected with £600,000 transferred. Natwest managed to recoup £140,000 after the scam was uncovered.

Read more on IT Pro. Thanks to Brian Honan for this link.


(Related) Long article on virus trends.

http://www.sbpost.ie/technology/the-virus-evolution-44744.html

The virus evolution

04 October 2009



Big Brother is kinky? If it doesn't create a true image, why the fuss? Are we falling afoul of the “cartoon animal” section of the law again?

http://www.pogowasright.org/?p=4565

Manchester Airport rethinks strip-scanner for kids

October 15, 2009 by Dissent Filed under Non-U.S., Surveillance, Youth

John Ozimek reports:

Manchester Airport will be taking legal advice on proposals to send children through its new X-ray scanners.

This is a change from its position, reported in The Register yesterday, that they did not believe the images created by the new scanning technology (the slightly unfortunately named Rapiscan) would fall foul of child pornography laws, because they use X-rays and therefore “they do not make an image”.

Read more on The Register.

Thanks to Brian Honan for this link.



Cyber-war Evidence of the capabilities of government sponsored hackers.

http://yro.slashdot.org/story/09/10/15/1910229/China-Strangles-Tor-Ahead-of-National-Day?from=rss

China Strangles Tor Ahead of National Day

Posted by timothy on Thursday October 15, @03:41PM from the not-so-much-into-liberty-y'see dept.

TechReviewAl writes

"Technology Review reports that the Chinese government has for the first time targeted the Tor anonymity network. In the run-up to China's National Day celebrations, the government started targeting the sites used to distribute Tor addresses and the number of users inside China dropped from tens of thousands to near zero. The move is part of a broader trend that involves governments launching censorship crackdowns around key dates. The good news is that many Tor users quickly found a way around the attack, distributing 'bridge' addresses via IM and Twitter."



Tools & Techniques What can computer forensics tell us?

http://www.newscientist.com/article/mg20427301.100-the-pocket-spy-will-your-smartphone-rat-you-out.html

The pocket spy: Will your smartphone rat you out?

14 October 2009 by Linda Geddes



How much is a reputation worth? Stay tuned!

http://hardware.slashdot.org/story/09/10/15/1855200/MS-Says-All-Sidekick-Data-Recovered-But-Damage-Done?from=rss

MS Says All Sidekick Data Recovered, But Damage Done

Posted by timothy on Thursday October 15, @02:58PM from the small-favors dept.

nandemoari writes

"T-Mobile is taking a huge financial hit in the fallout over the Sidekick data loss. But Microsoft, which bears at least part of the responsibility for the mistake, is paying the price with its reputation. As reported earlier this week, the phone network had to admit that some users' data had been permanently lost due to a problem with a server run by Microsoft-owned company Danger. The handset works by storing data such as contacts and appointments on a remote computer rather than on the phone itself. [Cloud computing Bob] BBC news reports today that Microsoft has in fact recovered all data, but a minority are still affected (out of 1 million subscribers). Amidst this, Microsoft appears not to have suffered any financial damage. However, it seems certain that its relationship with T-Mobile will have taken a major knock. The software giant is also the target of some very bad publicity as critics question how on earth it failed to put in place adequate back-ups of the data. That could seriously damage the potential success of the firm's other 'cloud computing' plans, such as web-only editions of Office."



Looks like Toyota is taking a lesson from Sony: When in trouble, dig yourself deeper!

http://yro.slashdot.org/story/09/10/15/2027250/Toyota-Claims-Woman-Opted-In-To-Faux-Email-Stalking?from=rss

Toyota Claims Woman "Opted In" To Faux Email Stalking

Posted by timothy on Thursday October 15, @04:37PM from the give-marketing-new-prescriptions dept.

An anonymous reader writes

"ABC News is reporting that a California woman is suing Toyota for $10 million for sending her email that appeared to be from a criminal stalker. The woman claims the emails terrified her to the point that she suffered sleeplessness, poor work performance, etc. Toyota says the ruse was part of a marketing campaign for the Toyota Matrix. A Toyota spokesman says they are not liable for the woman's distress, because 'The person who made this claim specifically opted in, granting her permission to receive campaign emails and other communications from Toyota.'" [Do emails with no indication they are ads from Toyota count? Bob]



A raw (not annotated) database of law. Lexis and Westlaw would just point to the actual text of the law rather than keep their own copies. Business opportunity: create a shell that allows subject experts to comment/annotate/interpret their areas of expertise.

http://www.bespacific.com/mt/archives/022580.html

October 15, 2009

Law.Gov: America's Operating System, Open Source

Law.Gov: America's Operating System, Open Source - by Carl Malamud

  • "Public.Resource.Org is very pleased to announce that we're going to be working with a distinguished group of colleagues from across the country to create a solid business plan, technical specs, and enabling legislation for the federal government to create Law.Gov. We envision Law.Gov as a distributed, open source, authenticated registry and repository of all primary legal materials in the United States. More details on the effort are available on our Law.Gov page."



Perhaps the Old School can learn something from the Internet generation?

http://www.bespacific.com/mt/archives/022578.html

October 15, 2009

WSJ Claims Title to Number 1 U.S. Newspaper in Circulation

AP: The Wall Street Journal surpasses USA Today as top-selling US daily



This has potential!

http://homeworkday.wolframalpha.com/

Wolfram|Alpha Homework Day announced‏

Wolfram|Alpha Homework Day, a live interactive web event starting at noon CDT on Wednesday, October 21, 2009.

We are proud to announce today some of the highlights we have planned for Homework Day, including:

* Several interactive segments where Stephen Wolfram and the Wolfram|Alpha Team help you tackle tough homework problems

* Step-by-step tutorials for educators by educators demonstrating how to integrate Wolfram|Alpha into the classroom

* Vibrant panel discussions about Wolfram|Alpha and the future of education

More details about Homework Day and how you can participate are available on the Wolfram|Alpha Homework Day home page: http://homeworkday.com



One to evaluate later. If one “Pipe” isn't providing enough bandwidth, how can you us many pipes as if they were one? The responses are quite interesting. (Also provides communications redundancy!)

http://ask.slashdot.org/story/09/10/15/2220228/Affordably-Aggregating-ISP-Connections?from=rss

Affordably Aggregating ISP Connections?

Posted by timothy on Thursday October 15, @07:01PM from the glob-glob-glob dept.

An anonymous reader writes

"Has anyone setup a system to aggregate multiple ISP connections to form a high bandwidth site-to-site link? Load Sharing SCTP looked interesting, but it doesn't look like it has been widely adopted. Multi-Link PPP appears to be more widely supported for clients, but I can't find any good guides for setting up both sides of the connection for a site-to-site link. The hardware solutions I've found are expensive for a small business. Does anyone have experience using hardware solutions from Mushroom Networks (Virtual Leased Line, p2 of this document), Ecessa (site-to-Site Channel Bonding), or others?"



Perhaps I'll require my website students to do this...

http://www.makeuseof.com/tag/create-a-picture-slideshow-movie-with-photofilmstrip/

Turn Your Pictures Into A Movie With PhotoFilmStrip

Oct. 16th, 2009 By Karl L. Gechlik

… You can start by either dragging and dropping your pictures onto the top left portion of the screen which you can see in the screenshot below:

… After starting the process you will see your options for creating your video. Among them are the quality of the video profile. There is VCD all the way up to HD video. Obviously the better the quality the longer it will take to render and the larger the final output file will be.

You can set the length of the video and if you are going that route you can set up an audio file to play along with the video.

PhotoFilmStrip



In Colorado, we use small children rather than digital cameras. Maybe he didn't have a younger brother...

http://science.slashdot.org/story/09/10/16/0224256/Australian-Student-Balloon-Rises-100000-Feet-With-a-Digital-Camera?from=rss

Australian Student Balloon Rises 100,000 Feet, With a Digital Camera

Posted by timothy on Thursday October 15, @11:11PM from the shame-about-the-iso-setting dept.

hype7 writes

"An Australian student at Deakin University had a fascinating idea for a final project — to send a balloon up 100,000ft (~30,000 metres) into the stratosphere with a digital camera attached. The university was supportive, and the project took shape. Although there were some serious hitches along the way, the project was successful, and he managed to retrieve the balloon — with the pictures. What's really amazing is that the total cost was so low; the most expensive part was buying the helium gas for approximately AUD$250 (~USD$200)."

Thursday, October 15, 2009

This could be another record setter! Inevitable, I suppose. Why bother with the TJX's of the world, when you can go directly to the source.

http://www.databreaches.net/?p=7811

Card firm hacking hits thousands of Swedes

October 14, 2009 by admin Filed under Financial Sector, Non-U.S., Of Note

David Landes reports:

Debit card information for tens of thousands of Swedish banking customers may have fallen into the wrong hands following a security breach at card manufacturers MasterCard and Visa.

Computer systems at both card makers were breached recently, allowing hackers to get away with data on thousands of banking cards, the Aftonbladet newspaper reports.

The hacking at Visa took place in Spain and the company won’t say exactly how many cardholders may have been affected.

Nevertheless, a number of Swedish banks have begun notifying customers about the incident.

“Where there is a risk that the cards may be misused, we contact customers and ask them to block their cards so that we can exchange them,” said SEB spokesperson Kerstin Ottosson to the TT news agency.

“For us, there are about 28,000 cards which have been affected, but I can’t say how many of them will need to be exchanged.”

Swedbank spokesperson Jenny Clevström said the bank was aware of the breach, but that no Swedbank customers were affected.

But we’re going to exchange a few cards as a precautionary measure,” she told TT. [That sounds illogical Bob]

Helena Östman of Nordea said the bank had been notified by both MasterCard and Visa about the problem.

A customer with ICA Bank told Aftonbladet that he had been informed by the bank that his card had been blocked due to a breach at MasterCard somewhere in Europe.

[...]

Read more in The Local (Sweden)

Maybe this explains the Bank of Bermuda story I posted yesterday?



Even a small breach like this one can become costly if not handled properly.

http://www.databreaches.net/?p=7820

Lawsuit: 29,000 say Kaiser hid security breach

October 15, 2009 by admin Filed under Healthcare Sector, ID Theft, Of Note, Theft, U.S.

Maria Dinzeo reports on a class action lawsuit stemming from a 2007 breach that was first reported earlier this year:

Twenty-nine thousand Kaiser employees say the company did not inform them for more than a year about a security breach that left their personal information vulnerable to thieves. One employee says a woman stole her identity and used it to run up credit-card charges and “commit crimes across the country.”

The class of employees and members of SEIU United Healthcare West, claims that Kaiser provided the union with their names, birthdates, addresses and Social Security numbers “in connection with remittance of union dues,” but failed to encrypt the information, which was exposed when burglars broke into the UHW offices in July 2007 and made off with computer files.

Lead plaintiff Monica Saenz says she found out in October 2008 that her identity had been stolen. Saenz says her credit report showed that someone had withdrawn money from her bank account and had opened and run up charges on 10 credit cards. Saenz claims that a woman was using her identity to “commit crimes across the country.”

The class claims that Kaiser did not notify its 29,000 employees that their records had been stolen until February 2009, and that it delayed for 19 months in order to “shift the burden” for the identity theft.

Read more on Courthouse News.



No self-respecting hacker would waste the time he could be spending playing video games by listening to hundreds of hours of recordings just to steal credit cards. We'd run the calls through a voice-to-text program.

http://www.databreaches.net/?p=7818

Call centre recordings could breach payment card industry security rules

October 15, 2009 by admin Filed under Commentaries and Analyses, Non-U.S.

From Out-Law.com:

More than 95% of call centres were found to store customers’ credit card details in recordings of phone conversations in breach of industry rules, according to a survey conducted by a call recording technology company.

Veritape said that when it talked to 133 call centre managers only 39% of them knew about industry rules against the storing of the information and just 3% of them wiped credit card numbers from recordings of phone calls. Veritape provides call recording services to the call centre industry.

“The routine practice of storing unedited audio recordings of calls is creating a vast reservoir of sensitive data on the servers of call centres across the UK in direct breach of global industry standards drawn up by the Payment Card Industry Data Security Council,” said a Veritape statement.

Read more on Out-Law.com



“Reach out, reach out an print someone!” Drive-by fingerprinting? Point a finger (careful which one) at your computer to logon?

http://yro.slashdot.org/article.pl?sid=09/10/14/1912206

3D Fingerprinting — Touchless, More Accurate, and Faster

Posted by timothy on Wednesday October 14, @04:00PM from the invest-in-print-eradication dept.

kkleiner writes

"For all the glory it gets, the fingerprint has evolved very little in the last 60 years. They’re still two dimensional. The US Department of Homeland Security and the National Institute of Justice are hoping to change that. They've given grants to dozens of companies to perfect touchless 3D fingerprinting. Two universities (University of Kentucky and Carnegie Mellon) and their two respective start-up companies (Flashscan 3D and TBS Holdings) have succeeded. Fingerprints have reached the third dimension and they are faster, more accurate, and touchless."



Here's a money-making scheme that didn't quite work out. I'm gonna bet that no elected officials were in the lead here. “Disciplining” a worker is much better than losing the next election.

http://www.wired.com/threatlevel/2009/10/gis_data/

California County Hoarding Map Data Ordered to Pay $500,000

By Kim Zetter October 14, 2009 6:45 pm

A California county’s three-year battle to prevent a nonprofit group from obtaining public mapping data has ended disastrously for the county after it was ordered by a court to pay the group $500,000 in legal costs.

Last February, Santa Clara County, the heart of California’s Silicon Valley, was ordered to hand over the public records to the California First Amendment Coalition for a minimal duplication fee after initially trying to charge $250,000 for the data and then appealing to the federal government to designate the data a national security secret that couldn’t be released. This week the county paid out to the coalition twice the amount in legal fees that it had once hoped to rake in as profit for the data.



Did someone miss this point in the original trial? Sounds to me like it should never have gone to trial.

http://www.pogowasright.org/?p=4521

Swedish court overturns ruling in audio book piracy case

October 14, 2009 by Dissent Filed under Court, Internet, Non-U.S.

The Local reports:

Swedish broadband provider ePhone is not obligated to hand over customer information to five book publishers, according to a decision by the Svea Court of Appeal which overturns a lower court ruling.

The case, which ePhone initially lost in June in Solna District Court, is significant because it is the first to go to trial since the passage of a law designed to crack down on internet piracy in Sweden.

[...]

ePhone argued that the five audio book publishers who filed the lawsuit had not been able to prove that anyone other than users from Sweden’s Anti-Piracy Bureau (Antipiratbyrån) had accessed a server containing sound files for 27 titles which the publishers claimed had been made available for downloading by the general public.

The appeals court agreed with ePhone, finding that the book publishers failed to show that there was probable cause to believe copyright infringement had occurred.

In overturning the lower court’s ruling, the Svea Court of Appeal argued that the copyright protected material on the server, which was linked to an ePhone customer, had not been made available to the public or even to a select group of people.

Since users were required to log into the server and there had been no investigation to indicate that login information had been widely shared, the court concluded that the publishers had not convincingly shown that the audio books had been available to the public.

Read the full story in The Local. BetaNews also provides some commentary.



Move from theory to reality. The Army makes parachute riggers jump with the chutes they pack, why not slide a doctor through the machine? If he comes out extra crispy, you need to re-calibrate. Insist on that test or any other viable test and I suspect they will find one that works.

http://science.slashdot.org/story/09/10/14/1614245/CT-Scan-Reset-Error-Gives-206-Patients-Radiation-Overdose?from=rss

CT Scan "Reset Error" Gives 206 Patients Radiation Overdose

Posted by Soulskill on Wednesday October 14, @12:41PM from the paging-dr-simpson dept.

jeffb (2.718) writes

"As the LA Times reports, 206 patients receiving CT scans at Cedar Sinai hospital received up to eight times the X-ray exposure doctors intended. (The FDA alert gives details about the doses involved.) A misunderstanding over an 'embedded default setting' appears to have led to the error, which occurred when the hospital 'began using a new protocol for a specialized type of scan used to diagnose strokes. Doctors believed it would provide them more useful data to analyze disruptions in the flow of blood to brain tissue.' Human-computer interaction classes from the late 1980s onward have pounded home the lesson of the Therac-25, the usability issues of which led to multiple deaths. Will we ever learn enough to make these errors truly uncommittable?"


(Related) As is often the case, Dilbert has anticipated these little technological glitches...

http://dilbert.com/strips/comic/2009-10-15/



...and perhaps a few million more to come up with a definition of Cloud Computing that everyone can agree on?

http://science.slashdot.org/story/09/10/14/1843206/What-Kind-of-Cloud-Computing-Project-Costs-32M?from=rss

What Kind of Cloud Computing Project Costs $32M?

Posted by timothy on Wednesday October 14, @02:51PM from the those-investors-should-be-pissed dept.

coondoggie writes

"The US Department of Energy said today it will spend $32 million on a project that will deploy a large cloud computing test bed with thousands of Intel Nehalem CPU cores and explore commercial offerings from Amazon, Microsoft and Google. Ultimately, the project, known as Magellan, will look at cloud computing as a cost-effective and energy-efficient way for scientists to accelerate discoveries in a variety of disciplines, including analysis of scientific data sets in biology, climate change and physics, the DOE stated. Magellan will explore whether cloud computing can help meet the overwhelming demand for scientific computing. Although computation is an increasingly important tool for scientific discovery, and DOE operates some of the world's most powerful supercomputers, not all research applications require such massive computing power. The number of scientists who would benefit from mid-range computing far exceeds the amount of available resources, the DEO stated."



A sense of scale...

http://www.datacenterknowledge.com/archives/2009/10/13/facebook-now-has-30000-servers/

Facebook Now Has 30,000 Servers

October 13th, 2009 : Rich Miller

… Facebook has 30,000 servers supporting its operations. That number comes from Jeff Rothschild, the vice president of technology at Facebook, who discussed the company’s infrastructure in a presentation last week at UC San Diego (link via High Scalability).

… That places Facebook among the largest Internet companies that have publicly discussed their server counts, but still well behind hosting providers Rackspace, 1&1 Internet and OVH, which each house more than 50,000 servers in their data centers. See Who Has The Most Web Servers for more date on the largest infrastructures.

… The amount of log data amassed in Facebook’s operations is staggering. Rothschild said Facebook manages more than 25 terabytes of data per day in logging data, which he said was the equivalent of about 1,000 times the volume of mail delivered daily by the U.S. Postal Service.



So it's not a total disaster...

http://news.cnet.com/8301-13860_3-10375688-56.html?part=rss&subj=news&tag=2547-1_3-0-20

Microsoft: We've recovered most Sidekick data

by Ina Fried October 15, 2009 1:00 AM PDT



Very interesting idea, but should we believe them?

http://thenextweb.com/europe/2009/10/15/british-bank-launches-site-highlighting-customers-social-media-thoughts-good-badbut-good/

British bank launches site highlighting customers social media thoughts. Good and bad…but more good. (Updated)

By Zee on October 15, 2009

… In what appears to be a world first, the bank’s head of marketing explains the campaign:

“Our customers are writing about us all over the web and we want to embrace this, so we’re showing customer comments, good and bad, from websites, blogs and forums for everyone to see.

… The microsite, although seemingly well put together, doesn’t seem to give any link back to where these comments have come from. Although they claim the reviews come from “eight million social media sites”, not one appears to stem from Twitter where can verify these are real people. For all we know, HSBC have internal staff writing comments made to look genuine or writing comments on the original sources intending to increase the postive review tally over the negative.

*Update:*

If you needed any more proof this is far from a balanced view on the company’s customer feedback, check out HSBCReviews.com. A site put together for a “bit of fun” by a company called thruSITES.

… This time, you may be surprised to learn the general sentiment is bad with links back to the original profiles to ensure we know these are thoughts are genuine.



Hacker alert! What say we start them all at Midnight?

http://www.wired.com/autopia/2009/10/start-your-car-from-your-iphone/

Start Your Car From Your iPhone

By Keith Barry October 13, 2009 4:27 pm

Wednesday, October 14, 2009

Apparently the “automatic class action lawsuit filing system” was delayed. Perhaps they were based in the same cloud as sidekick?

http://www.pogowasright.org/?p=4514

T-Mobile sued over Sidekick data loss

October 14, 2009 by Dissent

… The Sidekick service disruption occurred last week, and a class action lawsuit (pdf) was filed against T-Mobile USA by Oren Rosenthal in Superior Court in Washington on October 12.



Is this an indication of “Icebergs, dead ahead?” It would be useful if the bank could signal if this was a new “TJX-like” breach or a breach reported earlier (and the crooks are just getting around to using the data)

http://www.databreaches.net/?p=7803

Bank of Bermuda moves to protect customers after security breach

October 13, 2009 by admin Filed under Breach Incidents, Financial Sector, ID Theft, Non-U.S., U.S.

From the your-guess-is-as-good-as-mine dept, Amanda Dale reports:

Several hundred Bank of Bermuda accounts were closed yesterday and cards cancelled as an overseas retailer reported a breach in customer security.

Bank spokeswoman Susan Jackson said: “Bank of Bermuda received notification from Visa and MasterCard that an overseas vendor has been compromised and that a number of Visa and MasterCard accounts may have been affected, including a number of cards issued by the Bank of Bermuda.

Read more on The Royal Gazette.



Interesting to compare with the policies and reactions of other organizations. Lots of questions remain.

http://www.databreaches.net/?p=7805

Audit of DRS data breach completed

October 13, 2009 by admin Filed under Commentaries and Analyses, Government Sector, U.S.

Patricia Daddona reports:

An audit of a 2007 data breach of state taxpayer’s personal information on a stolen laptop shows the state took too long to address the situation but has since made strides to prevent future incidents.

Two years ago, some 106,000 Connecticut taxpayers’ names and Social Security numbers were compromised when an employee, now identified as Jason Purslow of the Department of Revenue Services, the state’s tax-collection agency, left a laptop computer in a parked car on Long Island.

Read more on The Day.

[From the article:

… “DRS botched [probably not the actual wording of the audit report. Bob] its initial response to the theft,” Blumenthal said in a statement. “Inexcusably, our tax agency exposed more than 100,000 taxpayers for nearly a week to possible plundering of personal assets.”

Other lax conditions included the agency not tracking where sensitive data was stored, not securing it with encryption technologies and allowing employees to “casually roam electronic files with little consequence” or reliable record of their visits, he said.

… According to the report, in August of 2007, Purslow was on a family trip when he took the laptop with him to complete critical testing of a new department system due to be activated that Monday. The testing did not involve the taxpayer information, which had been unknowingly transferred to Purslow's laptop. [No indication they disciplined the person responsible for putting taxpayer data on the computer. Probably because they don't know who did it. Bob]

Stolen on Aug. 17 between 5 and 9 p.m., the laptop was reported missing by Purslow the next day. By the following Monday, Purslow had formally reported the theft, but until Aug. 23, the department took no steps to determine whether confidential information was compromised.

In October of 2007, Purslow was suspended 30 days without pay. The laptop has not been recovered.



Using the same logic, McDonald's should be able to access your grocery store purchases to ensure proper nutrition?

http://www.pogowasright.org/?p=4517

AU: Banks to spy on your bills under proposed changes to Privacy Act

October 14, 2009 by Dissent Filed under Govt, Legislation, Non-U.S.

Nick Gardner reports:

Consumers will have black marks lodged on their credit files for missing just one utility bill or credit card repayment under proposed changes to the Privacy Act.

The controversial proposals will give banks carte blanche to view every aspect of our financial affairs, including accounts with other institutions, relationships with utility companies, when accounts are opened and closed, and, crucially, the repayment history of all accounts going back two years.

Read more in The Herald Sun.

Related: Government to re-write Privacy Act (Australian IT)

The full response from the government can be found here (pdf), while the original 2700-page report by the ALRC can be found here.



Strange that this isn't part of the Health Care package... Would we need an amendment?

http://thenextweb.com/europe/2009/10/14/finland-country-world-broadband-legal/

Finland becomes the first country in the world to make broadband a legal right.

By Zee on October 14, 2009

… According to YLE.fi, starting next July, every person in Finland will have the right to a one-megabit broadband connection, says the Ministry of Transport and Communications.

Finland is reportedly the world’s first country to create laws guaranteeing broadband access. The government had already decided to make a 100 Mb broadband connection a legal right by the end of 2015.



Inconsistency is the only constant. (I told you his threats were merely negotiating ploys)

http://thenextweb.com/europe/2009/10/14/murdoch-skynews-streaming-live-website-247for-free/

What’s that Murdoch? SkyNews now streaming live on its website 24/7…for free.

By Zee on October 14, 2009

… There is no log in and no need to have a Sky account, with just one click and anyone in the UK/Republic of Ireland can watch Sky News live from the websites home page.

http://skyplayer.sky.com/vod/page/playLiveTv.do [Silverlight required Bob]



Clear evidence of hacking and a claim that Delta had her emails. Should be a fun case!

http://www.wired.com/threatlevel/2009/10/delta/

Passenger Advocate Sues Delta for Allegedly Hacking Her E-Mail

By Kim Zetter October 13, 2009 3:27 pm

An airline passenger advocate has accused Delta Airlines of hacking her e-mail accounts and computer in order to sabotage her organization’s lobbying efforts to pass federal legislation to help stranded fliers, according to a lawsuit filed in Texas Tuesday.



How should I categorize this one? Twits to the rescue? Free speech v. mad judge? How to write about a gag order?

http://yro.slashdot.org/story/09/10/14/0022251/In-the-UK-a-Few-Tweets-Restore-Freedom-of-Speech?from=rss

In the UK, a Few Tweets Restore Freedom of Speech

Posted by kdawson on Wednesday October 14, @05:28AM from the inconvenient-truths dept.

Several readers wrote to us about the situation in the UK that saw the Guardian newspaper forbidden by a judge from reporting a question in UK parliament. The press's freedom to do so has been fought for since at least 1688 and fully acknowledged since the 19th century. At issue was a matter of public record — but the country's libel laws meant that the newspaper could not inform the public of what parliament was up to. The question concerned the oil trading company Trafigura, the toxic waste scandal they are involved in, and their generous use of libel lawyers to silence those who would report on the whole thing. After tweeters and bloggers shouted about Trafigura all over the Internet, the company's lawyers agreed to drop the gag request.

[From the article:

Today's published Commons order papers contain a question to be answered by a minister later this week. The Guardian is prevented from identifying the MP who has asked the question, what the question is, which minister might answer it, or where the question is to be found.

The Guardian is also forbidden from telling its readers why the paper is prevented – for the first time in memory – from reporting parliament. Legal obstacles, which cannot be identified, involve proceedings, which cannot be mentioned, on behalf of a client who must remain secret.

… The editor, Alan Rusbridger, said: "The media laws in this country increasingly place newspapers in a Kafkaesque world in which we cannot tell the public anything about information which is being suppressed, nor the proceedings which suppress it. It is doubly menacing when those restraints include the reporting of parliament itself."


(Related) If they had been a bit faster with this, Miley Cyrus might not have quit! (Let's sue them!)

http://www.makeuseof.com/tag/the-complete-guide-to-twitter-pdf/

Twitter: Best Practices and Tips [PDF Guide]

Oct. 14th, 2009 By Simon Slangen


(Related) Free speech or cyber-bullying? The email is pretty funny and like all humor has a (vague) basis in fact, but probably not is appropriate coming from your boss.

http://www.wired.com/threatlevel/2009/10/obama-email-exhibit-a/

E-Mail Mocking Obama Is ‘Exhibit A’ in Wrongful-Firing Suit

By David Kravets October 13, 2009 3:30 pm

The president of a Midwest office supply company is in court after a salesman claimed the boss’ pre-election e-mail rant against Barack Obama amounted to an edict: Vote for Obama and you’re fired.

… What’s more, it’s an open question of whether Snell and his colleagues were being cyberbullied by president Matthew Brandt’s e-mail – underscoring that office humor in the digital age might get lost in translation — especially when undertaken by the boss.

“It was an ill-advised attempt at humor. Obviously, the better practice is to confine the use of company e-mails for business,” said Bill Tretbar, the company’s attorney, in a telephone interview.



Interesting idea. For the price of a thumb drive (CD's are not pocket=friendly) and some thoughtful structuring of the OS and applications, this might be very effective. Any user could make it worthless with a few simple commands, but would that be so different from today's environment?

http://linux.slashdot.org/story/09/10/13/2344251/Washington-Post-Says-Use-Linux-To-Avoid-Bank-Fraud?from=rss

Washington Post Says Use Linux To Avoid Bank Fraud

Posted by kdawson on Tuesday October 13, @10:27PM from the just-common-sense dept.

christian.einfeldt writes

"Washington Post Security Fix columnist Brian Krebs recommends that banking customers consider using a Linux LiveCD, rather than Microsoft Windows, to access their on-line banking. He tells a story of two businesses that lost $100K and $447K, respectively, when thieves — armed with malware on the company controller's PC — were able to intercept one of the controller's log-in codes, and then delay the controller from logging in. Krebs notes that he is not alone in recommending the use of non-Windows machines for banking; The Financial Services Information Sharing and Analysis Center, an industry group supported by some of the world's largest banks, recently issued guidelines urging businesses to carry out all online banking activities from 'a stand-alone, hardened, and completely locked down computer system from where regular e-mail and Web browsing [are] not possible.' Krebs concludes his article with a link to an earlier column in which he steps readers through the process of booting a Linux LiveCD to do their on-line banking."

Police in Australia offer similar advice, according to an item sent in by reader The Mad Hatterz: "Detective Inspector Bruce van der Graaf from the Computer Crime Investigation Unit told the hearing that he uses two rules to protect himself from cybercriminals when banking online. The first rule, he said, was to never click on hyperlinks to the banking site and the second was to avoid Microsoft Windows."


(Related) I think they assume that once an attack vector is understood and patched, it stay patched forever. That is not my experience. I see it much more as “Those who do not study cyber-history are doomed to repeat it.”

http://www.bespacific.com/mt/archives/022557.html

October 13, 2009

Rand: Cyberdeterrence and cyberwar

Cyberdeterrence and cyberwar, by Martin C. Libicki: "This monograph presents the results of a fiscal year 2008 study, “Defining and Implementing Cyber Command and Cyber Warfare.” It discusses the use and limits of power in cyberspace, which has been likened to a medium of potential conflict, much as the air and space domains are. The study was conducted to help clarify and focus attention on the operational realities behind the phrase “fly and fight in cyberspace.” The basic message is simple: Cyberspace is its own medium with its own rules. Cyberattacks, for instance, are enabled not through the generation of force but by the exploitation of the enemy’s vulnerabilities. Permanent effects are hard to produce. The medium is fraught with ambiguities about who attacked and why, about what they achieved and whether they can do so again. Something that works today may not work tomorrow (indeed, precisely because it did work today). Thus, deterrence and warfighting tenets established in other media do not necessarily translate reliably into cyberspace. Such tenets must be rethought. This monograph is an attempt to start this rethinking."



Is this a variation of Moore's Law? As computers become more capable, users demand more of IT, especially as they see others using “free” applications in the cloud. (I had always assumed the end users operated with at least their heads in the cloud.)

http://news.cnet.com/8301-19413_3-10373490-240.html?part=rss&subj=news&tag=2547-1_3-0-20

Cloud computing and the big rethink: Part 4

by James Urquhart October 13, 2009 1:50 PM PDT

… The answer is simple: the need for cloud-operated infrastructure comes from the need for more efficient application delivery and operations, which in turn comes from the accelerated need for new software functionality driven by end users.

The most obvious place where this is the case is software as a service. Cloud applications and services that fall under this category are targeted at end users; they deliver computing and storage functionality that meet specific business needs (such as customer relationship management (CRM) or application development and testing).


(Related) Users see “Unlimited free storage” and wonder why IT is hesitating.

http://news.cnet.com/8301-13846_3-10374646-62.html?part=rss&subj=news&tag=2547-1_3-0-20

Cloud storage--the consumers best friend?

by Dave Rosenberg October 13, 2009 7:57 PM PDT

Storing files on your hard drive alone is risky since hardware failures can result in losing of all your data. The best way to back up your information is to store it in the cloud--or at least somewhere other than your local system.

… This is a fairly crowded market with companies like Mozy and Box.net offering various services, but Livedrive's offering looks a lot more what we expect to see from the mythical GDrive--Google's supposed online storage system



Tools & Techniques If it's good enough for Google... Actually, if they put thousands of man-hours into developing a tool and then offer me a copy for free, the least I can do is take it for a spin.

http://news.slashdot.org/story/09/10/14/0052231/Google-To-Send-Detailed-Info-About-Hacked-Web-Sites?from=rss

Google To Send Detailed Info About Hacked Web Sites

Posted by kdawson on Wednesday October 14, @12:28AM from the see-yourself-as-others-see-you dept.

alphadogg writes

"In an effort to promote the 'general health of the Web,' Google will send Webmasters snippets of malicious code in the hopes of getting infected Web sites cleaned up faster. The new information will appear as part of Google's Webmaster Tools, a suite of tools that provide data about a Web site, such as site visits. 'We understand the frustration of Webmasters whose sites have been compromised without their knowledge and who discover that their site has been flagged,' wrote Lucas Ballard on Google's online security blog. To Webmasters who are registered with Google, the company will send them an email notifying them of suspicious content along with a list of the affected pages. They'll also be able to see part of the malicious code."

Another of the new Webmaster Tools is Fetch as Googlebot, which shows you a page as Google's crawler sees it. This should allow Webmasters to see malicious code that bad guys have hidden on their sites via "cloaking," among other benefits.



I keep telling my Disaster Recovery class, it's the little things that get you. (This could be mistaken for a cyber-war attack.)

http://www.networkworld.com/community/node/46115

Missing dot drops Sweden off the Internet

E-mail and almost a million Web sites darkened by error By Paul McNamara on Tue, 10/13/09 - 7:35am.

What was essentially a typo last night resulted in the temporary disappearance from the Internet of almost a million Web sites in Sweden -- every address with a .se top-level down name.



Tools & Techniques Useful now that we're using PDF formatted e-textbooks.

http://www.makeuseof.com/tag/how-to-convert-a-pdf-to-text-with-pdf-text-extractor/

How to Convert A PDF to Text With Text Extractor

Oct. 14th, 2009 By Karl L. Gechlik

Tuesday, October 13, 2009

Today's news seems to be dominated by topics that involve post-Internet technology. Have you been keeping up?



Something for the e-Lawyers? Interesting questions of probable cause as well as new areas covered by a protective order.

http://news.slashdot.org/story/09/10/12/2237246/Facebook-User-Arrested-For-a-Poke?from=rss

Facebook User Arrested For a Poke

Posted by kdawson on Monday October 12, @07:11PM from the criminalizing-the-annoying dept.

nk497 writes

"A woman in Tennessee has been arrested for poking someone over Facebook. Sharon Jackson had been banned by courts from 'telephoning, contacting or otherwise communicating' with the apparent poke recipient, but just couldn't hold back from clicking the 'poke' button. She now faces a sentence of up to a year in prison."

[From the article:

When you poke someone, an alert pops up in the corner of that person's Facebook page notifying them of your poke. [I didn't know that... Bob]

Although Jackson declined to comment, her lawyer, Lawren Lassiter, told ABCNews.com that his client was "extremely shocked" when the police arrested her.

"The only evidence that I'm aware of is a printout of a screen," said Lassiter, adding that the printed screen grab of the victim's Facebook page is what led police to determine that the protective order had been breached. "I'm trying to get my hands on some Facebook documentation so we can better assess the situation."

Information from Facebook could help verify whether the poke came from Jackson's account or an imposter's, he said. It could also help determine whether or not the poke was made from Jackson's computer or if someone broke into her account.

… Although "poking" is a somewhat passive and new form of technology-enabled correspondence, Ryan Calo, a residential fellow at Stanford Law School's Center for Internet & Society, said it is still a form of communication restricted by a protective order.

"A poke is a very deliberate action," he said. "You have to select the person and say, 'this is what I want to do.'"

… In recent months, Calo said, there have been similar instances in which a person's virtual actions on social media sites have had legal ramifications.

In July, a Chicago woman was hit with a $50,000 lawsuit from a local management company after posting a comment on Twitter about her "moldy apartment."



What I find interesting here is that the article does not even hint at the “defamatory statements” Has their speech been chilled?

http://www.pogowasright.org/?p=4497

University’s libel suit highlights growing online dilemma

October 13, 2009 by Dissent Filed under Court, Internet, U.S.

A libel lawsuit filed by Butler University highlights the dangers of certain types of online postings.

The university is suing an anonymous blogger for comments posted last year on a blog that the school contends includes defamatory statements about two high-level administrators.

The blog has since been removed. University officials said they strongly support freedom of speech and academic freedom, “but we cannot tolerate the harassment, intimidation and defamation in which the defendant engaged.”

Read more on TheIndyChannel.



Internet economics are confusing to governments?

http://yro.slashdot.org/article.pl?sid=09/10/12/1814241

Blogger Loses Unemployment Check Because of Ads

Posted by ScuttleMonkey on Monday October 12, @03:56PM from the time-for-an-injection-of-common-sense dept.

Techdirt is reporting that one unfortunate, unemployed New York lawyer recently had her unemployment benefits greatly reduced because of the incredible $1/day she was earning via ads on her blog.

"The whole thing sounds like a bureaucratic nightmare, with NY State asking her to get a form from her new 'employer' who didn't exist. Then NY Department of Labor started giving her all sorts of contradicting information, and eventually an 'investigation' into her 'business' — during which time her unemployment benefits were stopped entirely. She's now pulled the Google AdSense from her blog (total earned over the life of the blog $238.75)."



It's not because of the sex. (Okay, maybe a little bit) But is the fact that the Internet was used enough to change all the rules?

http://www.pogowasright.org/?p=4469

Group sex photos case heads to trial

October 12, 2009 by Dissent Filed under Breaches, Court, U.S.

Defendant took pictures of his ex-girlfriend “engaged in various sex acts with two other people.” Later he emailed some of the photos to his ex-girlfriend’s mother, ex-husband, ex-in laws, boss and co-workers.

The ex-girlfriend sued for intentional infliction of emotional distress and invasion of privacy. Defendant moved for summary judgment.

[...]

Plaintiff claimed two forms of invasion of privacy — intrusion upon seclusion and publication of private facts. The court held she had presented enough facts for the latter but not the former.

The court granted Defendant’s motion for summary judgment as to intrusion upon seclusion because no intrusion occurred. Plaintiff knew Defendant was there taking pictures of the activities. The court rejected Plaintiff’s argument that publication of the no doubt intimate photos constituted intrusion. It held that the disclosure of properly obtained information could not give rise to the claim.

But as to the argument that emailing the photos unlawfully publicized private facts, the court sided with Plaintiff. Defendant had argued that emailing the photos to only a half dozen or so people did not amount to “publication,” which is one of the elements of the tort. He pointed to Comment “a” of the Restatement (Second) of Torts §652D which says that “it is not an invasion of the right of privacy to communicate a fact . . . to a single person, or even to a small group of people.”

In rejecting this argument, the court engaged in what some might characterize as “Internet exceptionalism,” — applying the law in response to a perceived substantial difference between online and offline communication.

Read more on Internet Cases.

The case is Peterson v. Moldofsky, No. 07-2603, 2009 WL 3126229 (D.Kan. September 29, 2009)

Hat-tip, Legal Blog Watch.

[From Internet Cases:

The court observed that “the Internet enables its users to ‘quickly and inexpensively’ surmount the barriers to generating publicity that were inherent in the traditional forms of communication.” Finding this distinction to be significant, the court held that distribution of the photos even to a small group of people through the private means of electronic mail could be considered a “publication” for purposes of the tort of invasion of privacy.



Local (DU Law) Magistrate on e-Discovery

http://ralphlosey.wordpress.com/2009/10/11/judges-craig-shaffer-and-ron-hedges-give-good-advice-to-all-students-of-e-discovery/

Judges Craig Shaffer and Ron Hedges Give Good Advice to All Students of e-Discovery

This week’s blog is an exclusive 15 minute, must-see video by two judges, Ronald J. Hedges and Craig B. Shaffer. Craig Shaffer (shown left) is a United States Magistrate Judge in Colorado. Ron Hedges is a former U.S. Magistrate Judge in New Jersey (1986-2007).



If we have learned anything, it's that we learn nothing.

http://yro.slashdot.org/story/09/10/13/0037246/100-Years-of-Copyright-Hysteria?from=rss

100 Years of Copyright Hysteria

Posted by kdawson on Tuesday October 13, @08:07AM from the frothy-mouths dept.

Nate Anderson pens a fine historical retrospective for Ars Technica: a look at 100 years of Big Content's fearmongering, in their own words. There was John Philip Sousa in 1906 warning that recording technology would destroy the US pastime of gathering around the piano to sing music ("What of the national throat? Will it not weaken? What of the national chest? Will it not shrink?"). There was the photocopier after World War II. There was the VCR in the 1970s, which a movie lobbyist predicted would result in tidal waves, avalanches, and bleeding and hemorrhaging by the music business. He compared the VCR to the Boston Strangler — in this scenario the US public was a woman home alone. Then home taping of music, digital audio tape, MP3 players, and Napster, each of which was predicted to lay waste to entire industries; and so on up to date with DVRs, HD radio, and HDTV. Anderson concludes with a quote from copyright expert William Patry in his book Moral Panics and the Copyright Wars: "I cannot think of a single significant innovation in either the creation or distribution of works of authorship that owes its origins to the copyright industries."



Huge surge in 2009...

http://www.bespacific.com/mt/archives/022548.html

October 12, 2009

ID theft is one of UK's fastest growing crimes

National Identity Theft Prevention Week - UK's Fraud Prevention Service resources:



Let this be a lesson to ya.

http://www.wired.com/threatlevel/2009/10/magistrate-clears-blogger-riaa-of-vexatious-charges/

Judge Refuses to Punish Lawyer for Anti-RIAA Blogging

By David Kravets October 12, 2009 3:53 pm



Think of it as another type of fingerprinting?

http://www.pogowasright.org/?p=4494

Does a cheek swab for DNA require a warrant?

October 13, 2009 by Dissent Filed under Court, Surveillance, U.S.

No, says the Indiana Court of Appeals in Garcia-Torres v. State:

After comparing cheek swabs with other searches requiring only reasonable suspicion, we conclude that the DNA sample collection technique at issue here, although minimally invasive, is also one of those limited searches that requires only reasonable suspicion and may therefore be conducted without a warrant. If anything, the cheek swab involves much less impact on the subject than some other searches that all agree may be conducted based on mere reasonable suspicion. As the United States Supreme Court has observed, “[e]ven a limited search of the outer clothing for weapons constitutes a severe, though brief, intrusion upon cherished personal security, and it must surely be an annoying, frightening, and perhaps humiliating experience.” Terry, 392 U.S. at 24-25. And yet, it is universally understood that such a pat-down may be conducted upon reasonable suspicion.

In contrast, a cheek swab takes even less time than a pat-down or field sobriety tests (”FSTs”) and is painless. Moreover, a swab of the inside of the cheek is very limited in scope, whereas a pat-down will generally involve manual exploration of the entirety of a suspect‘s body, including the genital areas. Finally, a swab does not carry nearly the same potential for opprobrium as pat-downs or FSTs, which will typically occur on public thoroughfares. As such, swabs are even less violative of the “[t]he interests in human dignity and privacy which the Fourth Amendment protects” than pat-downs or FSTs.

Read the rest of Orin Kerr’s post and the ensuing discussion on The Volokh Conspiracy. Criminal defense attorney Scott Greenfield also offers his own commentary on Simple Justice.



Interesting, but not immediately useful. I suspect hackers will use this technique to demonstrate reading RFID tags at much greater distances.

http://yro.slashdot.org/story/09/10/13/0059241/Visualizing-RFID?from=rss

Visualizing RFID

Posted by kdawson on Tuesday October 13, @02:08AM from the tufte-would-be-proud dept

jamie found a video on Warren Ellis's blog introducing a new way to visualize RFID fields. The film is by Timo Arnall and Jack Schulze. The subject is introduced in words on the BERG site (a design consultancy); the tech behind it is explored at Touch, a project that experiments with near-field communications.

"This image is a photographic mapping of the readable volume of a radio field from an RFID reader. The black component in the image is an RFID reader... The camera has been fixed in its position and the reader photographed. Using a tag connected to an LED we paint in the edges of the readable volume with a long exposure and animate them to show the form."



Back in the day, the IBM anti-trust case was typical of huge data volumes, with evidence being delivered in “semi-trailer” sized batches. Now we need to address “Library of Congress” sized batches.

http://science.slashdot.org/story/09/10/13/0114230/Getting-Students-To-Think-At-Internet-Scale?from=rss

Getting Students To Think At Internet Scale

Posted by kdawson on Tuesday October 13, @05:08AM from the peta-here-a-peta-there dept.

Hugh Pickens writes

"The NY Times reports that researchers and workers in fields as diverse as biotechnology, astronomy, and computer science will soon find themselves overwhelmed with information — so the next generation of computer scientists will have to learn think in terms of Internet scale of petabytes of data. For the most part, university students have used rather modest computing systems to support their studies, but these machines fail to churn through enough data to really challenge and train young minds to ponder the mega-scale problems of tomorrow. 'If they imprint on these small systems, that becomes their frame of reference and what they're always thinking about,' said Jim Spohrer, a director at IBM's Almaden Research Center. This year, the National Science Foundation funded 14 universities that want to teach their students how to grapple with big data questions. Students are beginning to work with data sets like the Large Synoptic Survey Telescope, the largest public data set in the world. The telescope takes detailed images of large chunks of the sky and produces about 30 terabytes of data each night. 'Science these days has basically turned into a data-management problem,' says Jimmy Lin, an associate professor at the University of Maryland."

[For size comparisons, see: http://www.jamesshuggins.com/h/tek1/how_big.htm 10 Terabytes: Printed collection of the U. S. Library of Congress



This is interesting to us educator types...

http://theopensourceschool.blogspot.com/

The Open Source School

Following the adventure of putting together an Open Source school: Albany Senior High School in Auckland, New Zealand. Covers pedagogy, learning, software, hardware, learning management systems, libraries and anything else I feel like talking about.



For the Computer Forensics wiki

http://www.makeuseof.com/tag/how-to-trace-deactivate-your-stolen-cell-phone-with-mobiwee/

How To Trace & Deactivate Stolen Cell Phone

Oct. 12th, 2009 By Grant


Ditto

http://www.makeuseof.com/tag/top-8-online-tools-to-identify-the-owner-of-a-phone-number/

Top 8 Online Tools To Identify The Owner Of A Phone Number

Oct. 13th, 2009 By Tina



I'll through these in in case my Disaster Recovery students think the T-Mobile problem I gave them happens too infrequently to be worth considering...

http://www.neowin.net/news/main/09/10/11/major-bug-in-snow-leopard-deletes-all-user-data

Updated: Major bug in Snow Leopard deletes all user data

Owen Williams on 11 October 2009 - 21:25


http://news.cnet.com/8301-13577_3-10373349-36.html?part=rss&subj=news&tag=2547-1_3-0-20

Facebook database outage cut off about 150,000

by Caroline McCarthy


http://www.stuff.co.nz/the-press/lifestyle/travel/2955289/Fyfe-chides-IBM-over-outage

Air New Zealand boss criticises IBM over outage

By RANDAL JACKSON - Computerworld

Last updated 12:10 12/10/2009

… Air NZ's short haul airlines group general manager, Bruce Parton, told Radio New Zealand the fault appeared to have been caused by a power failure, followed by a delay in a back-up generator running.

"Ten thousand-plus customers affected on the last day of holidays, and millions of dollars of revenue not going through our online site, you can be assured we'll be having some very serious discussions with IBM today."