http://www.databreaches.net/?p=9607
Informing victims of identity theft (Resource)
January 25, 2010 by admin Filed under Breach Laws
M. E. Kabay reviews a resource previously mentioned on this site:
Until recently, information assurance (IA) personnel and attorneys specializing in this area of the law have had to search for the appropriate governing laws for each jurisdiction. In this column, I review a valuable resource for locating the laws that apply to disclosure of personally identifiable information (PII) in each state in the United States and internationally.
[...]
The National Conference of State Legislatures (NCSL) has prepared a list (updated Dec 9, 2009 as of this writing) of all of the laws with links to all of them. The table adds, “States with no security breach law: Alabama, Kentucky, Mississippi, New Mexico and South Dakota.”
The law firms of Foley & Lardner LLP and Eversheds LLP have gone far beyond the simple list from the NCSL.
…[T]he International Association of Privacy Professionals (IAPP) revealed the “International Security Breach Notification Survey” at its Data Protection and Privacy Workshop in Madrid, Spain [in November 2009]. The survey was developed through a collaborative effort between Foley [& Lardner LLP] and the international law firm Eversheds LLP.
Considered to be the most comprehensive summary to date, the survey provides in-depth coverage of all major aspects of U.S. and international security breach laws. Organized by region, the survey indicates where laws and standards have been established as they relate to particular categories. These categories include: notice requirements; timing of disclosure; form of disclosure; entities that maintain data; existing policies; exemptions from disclosure; damages/enforcement; and preemption.
The authors have kindly allowed me to post a copy of their [158 pages Bob] report for free download on my Web site.
Read more on Network World.
Statistics, for those of us interested in such things.
http://news.cnet.com/8301-27080_3-10440220-245.html?part=rss&subj=news&tag=2547-1_3-0-20
Survey: Data breaches from malicious attacks doubled last year
by Elinor Mills January 25, 2010 12:01 AM PST
Data breaches at U.S. companies attributed to malicious attacks and botnets doubled from 2008 to 2009 and cost substantially more than breaches caused by human negligence or system glitches, according to a new Ponemon survey to be released on Monday.
… The cost per compromised record involving a criminal act averaged $215, about 40 percent higher than breaches from negligence and 30 percent higher than those from glitches, the survey found.
For the first time, companies reported in the survey that data-stealing malware caused their breaches.
The average organizational cost of a data breach increased nearly 2 percent to $6.75 million in 2009, while the average cost per compromised record per breach rose only $2 to $204. The most expensive breach in the survey was nearly $31 million and the least expensive was $750,000.
The plot sickens! Will this become the next “Never-ending Story?”
http://www.pogowasright.org/?p=7283
U.S. enables Chinese hacking of Google
January 25, 2010 by Dissent Filed under Breaches, Internet, Surveillance
Bruce Schneier writes:
Google made headlines when it went public with the fact that Chinese hackers had penetrated some of its services, such as Gmail, in a politically motivated attempt at intelligence gathering. The news here isn’t that Chinese hackers engage in these activities or that their attempts are technically sophisticated — we knew that already — it’s that the U.S. government inadvertently aided the hackers.
In order to comply with government search warrants on user data, Google created a backdoor access system into Gmail accounts. This feature is what the Chinese hackers exploited to gain access.
Read more on CNN.
[Bruce's original article: http://www.schneier.com/blog/archives/2010/01/google_vs_china.html
It's no longer “Tisk, tisk!” now it's “Tweet, tweet!”
http://mashable.com/2010/01/23/napping-ttc-twitpic/
TwitPic of Napping Transit Worker Sparks Media Controversy
… On Friday, January 21st, TwitterTwitterTwitter user @OGLE_Toronto snapped a photo of a sleeping TTC ticket collector and posted it on TwitPicTwitpicTwitpic and his Twitter account. The result has been a media firestorm, bringing the TTC back into the line of fire. The comments under the TwitPic, which now has over 18,000 views, reflect that.
If you know what I earn and have already calculated what I owe, isn't the next step to just skip all the paperwork and have the IRS computers take it directly from my bank account? But then, what would all those IRS employees (and tax lawyers) do?
Why the IRS Should Automatically Fill In Returns With What It Knows
Posted by Soulskill on Sunday January 24, @12:25PM from the because-addition-is-mentally-taxing dept.
theodp writes
"An article in the NY Times begins, 'In the digital age, filing income tax returns should be a snap. Important data from employers and financial institutions has already been sent to government computers. Yet taxpayers are still required to perform the chore of preparing a return from scratch, in many cases paying a software company for the privilege.' Why, if your needs are simple, can't you just download forms pre-filled with whatever data the IRS has received about you, make any necessary adjustments, and automatically get the IRS calculation of your taxes? Sounds reasonable, but the IRS rejected the President's proposal to give taxpayers the option to do so as 'not feasible at this time' due to delays in the receipt of W-2 and 1099 data. However, California managed to offer a pre-filled state tax return, which cost only 34 cents to process compared to $2.59 to process a traditional paper return. Despite the success of the pilot, meager funds have been allotted for the program due to the strength of its political opponents — 'principally, Intuit' — according to the state controller. Intuit argues it would be a 'conflict of interest for government to be both tax collector and tax preparer.'"
Another reason to use RSS or other news aggregator.
http://www.siliconvalleywatcher.com/mt/archives/2010/01/a_massive_hole.php
A Massive Hole in New York Times' Paywall Plan - Here's A Better Plan...
By Tom Foremski - January 23, 2010
Jay Rosen, a journalism teacher at NYU, points out an interesting aspect of the New York Times' future paywall. Access to NYTimes articles will be free and unmetered if readers follow a link to that article found on another web site.
Worong headed but interesting. (Since “Avatar,” everyone is trying to prove they always knew Science Fiction was serious literature.)
A Case For the Necessity of Science Fiction
Posted by Soulskill on Sunday January 24, @01:31PM from the where-else-will-we-find-green-women dept.
unc0nn3ct3d writes
"This article makes an interesting point about the necessity of science fiction — or, more specifically, speculative fiction as a tool to aid in the long-term survival of the human species. 'We live in a world that is incredibly frightening for a growing portion of the population because of the exponential rate of change we are experiencing. Our world is changing so fast now that we often don't have time to contemplate the full ramifications that come with the increasingly rapid adoption of new technologies and social changes. Most often this is simply because these changes are being introduced almost one after another after another, without any time to breathe. Speculative fiction, however, if widely adopted, makes it almost instinctive that we think about these situations and possible outcomes before they even arise.'"
[Au contraire mon frere. Imagine the shock experienced by my (many times) Great-grandfather Uggh, who said: “First fire, now this wheel thing. What's the world coming to?” Bob]
Holy Mackerel! I'm on a mission from God!
Pope Urges Priests To Go Forth and Blog
Here's a company that produces software that's used in the vast majority of the Fortune 500, and you can't find a class in any University in Denver. What does that say about education?
SAS Named Best Company To Work For In 2010
Posted by kdawson on Sunday January 24, @10:29PM from the must-like-north-carolina dept.
theodp writes
"If you're in the market for a new job, Fortune has just published its list of 100 Best Companies to Work For in 2010. Topping the list this year is SAS (jobs ist), the largest privately held software company, which Fortune notes is populated with more statisticians than engineers or MBAs, and led by a Ph.D. founder whose first love is programming. Google (jobs), which once viewed SAS as model for employee perks, took the #4 spot, and Microsoft (jobs) checked in at #51."
I'm looking for free school admin software, so I'll need to check this out.
NZ School Goes Open Source Amid Microsoft Mandate
Posted by kdawson on Monday January 25, @01:43AM from the kiwis-and-penguins-sittin'-in-a-tree dept.
Dan Jones writes
"Kiwis have built an entire school IT system out of open source software, in less than two months, despite a deal between the New Zealand government and Microsoft that effectively mandates the use of Microsoft products in the country's schools. Albany Senior High School in the northern suburbs of Auckland has been running an entirely open source infrastructure since it opened in 2009. It's using a range of applications like OpenOffice, Moodle for education content, Mahara for student portfolios, and Koha for the library catalogue. Ubuntu Linux is on the desktop and Mandriva provides the server. Interestingly, the school will move into new purpose-built premises this year, which include a dedicated server room designed based on standard New Zealand school requirements, including four racks each capable of holding 48 servers for its main systems. The main infrastructure at Albany Senior High only requires four servers, suggesting an almost 50-fold saving on hardware requirements."
For Operating System students
10 scripts to create your own Linux distribution
The best tools to create yourself a custom Linux distro
By Mayank Sharma Sunday at 12:00 GMT
For my website class
http://www.makeuseof.com/dir/spicynodes-visual-navigation/
SpicyNodes: Cool Visual Navigation For Your Website
… SpicyNodes is a website that takes content presentation a step further by offering new ways to build engaging and interactive websites with visual navigation. It lets you organize and arrange information in your website in an animated network of nodes, allowing visitors to visually navigate your content by clicking each node.
To make a SpicyNodes webpage, just signup for an account and proceed to create a nodemap. A nodemap is a collection of connected nodes that your website will be built upon. SpicyNodes lets you choose visual styles of your nodemap and you can also upload a text or an xml file to add content to your nodemap. The tricky part here is how you will arrange the information to show relationships between each node in a way that makes sense.
Free for individual use
This could be slick! Think the “informal” organization chart. Free trial, then $2/month/user?
http://www.killerstartups.com/Web-App-Tools/dekks-com-the-informal-network-in-your-company
Dekks.com - The Informal Network In Your Company
Dekks is a new platform that lets the employers of any company engage in a different kind of collaborative process. This process has questions routed to the relevant source directly, so that they are dealt with forthright. That is, Dekks is an application that learns who knows what, [More correctly, who will share the information. Attention US Intelligence agencies! Bob] and makes queries be directed straight to him or her. Employers don’t even have to implement rules or input complex data. The way it all works means that the knowledge is always accessible and retrievable.
A tool like this will be mandatory when all students have e-readers!
How To Convert Scanned Pages Into eReader eBook Format
Isn't this exactly the technique terrorist use to detonate bombs?
The DIY $10 Prepaid Cellphone Remote Car Starter
Posted by CmdrTaco on Monday January 25, @09:51AM from the now-thats-a-hack dept.
An anonymous reader writes
"Wish you could start your car via your cell phone, but don't feel like ponying up the $40k for a Chevrolet Volt or $499 (plus $29 a year) for an aftermarket system from Viper? This hack relies on a cheap prepaid cellphone that has had its vibration motor surgically removed, replaced by a couple of leads triggering the car's starter. Whenever the phone receives a call it starts up the car — a somewhat dodgy proposition if a telemarketer ever gets hold of your number, but an interesting solution nonetheless. Total cost of the project: $71.03."
New Students: Read this, then don't bother me. Old Students: This is why I flunked you!
6 Top Reference Sites to Write a Winning Research Paper
Humor Attention TSA! Business cards are weapons! (See the video!) Why do you allow people to carry them on airplanes!
http://www.buzzfeed.com/nikoguy1/penny-shooter-business-card-5xy
Penny Shooter Business Card
The Penny Shooter Business Card allows you to load up to ten US pennies and fire them off in rapid succession! I feel like a little kid, get the prototype here.
Humor DO NOT abuse your computer! (Video)
http://www.makeuseof.com/tech-fun/computer-finally-fights-back/
No comments:
Post a Comment