Wednesday, April 28, 2010

I should probably whip up a spreadsheet to show how much you should budget for security based on the cost of a potential breach. Oh wait, I already have my students do that in the Risk Management class.

http://www.databreaches.net/?p=11421

First-Ever Global Cost of a Data Breach Study Shows Organisations Paid USD3.43 million per Breach in 2009

April 28, 2010 by admin

Privacy and information management research firm Ponemon Institute, together with PGP Corporation, a global leader in trusted data protection, today announced the results of the first-ever global study into the costs incurred by organisations after experiencing a data breach. The 2009 Annual Study: Global Cost of a Data Breach report, compiled by The Ponemon Institute and sponsored by PGP Corporation, assesses the actual cost of activities resulting from more than one hundred real life breach incidents, affecting organisations from 18 different industry sectors.

The research shows that the average cost of a data breach globally stood at USD3.43 million last year, the equivalent of USD142 per compromised customer record. However, costs varied dramatically between regions, from USD204 per lost record in the U.S., down to USD98 per record in the UK. A total of 133 organisations, located in five countries – Australia, France, Germany, UK and U.S. – participated in the research, which was undertaken during 2009. The average costs of a data breach in all five countries were as follows….

See the full press release on PGP.

Andy Greenberg has some commentary on the study over on Forbes.



The overly protective(?) network admin who held San Francisco hostage.

http://yro.slashdot.org/story/10/04/27/2245223/Terry-Childs-Found-Guilty?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Terry Childs Found Guilty

Posted by kdawson on Tuesday April 27, @06:56PM

A jury in San Francisco found Terry Childs guilty of one felony count of computer tampering. The trial lasted four months. Childs now faces a maximum sentence of five years in prison.



http://www.pogowasright.org/?p=9492

Free at What Cost?: Cloud Computing Privacy Under the Stored Communications Act

April 27, 2010 by Dissent

William Jeremy Robison has a Note in the April issue of the Georgetown Law Journal, “Free at What Cost?: Cloud Computing Privacy Under the Stored Communications Act.” From the Introduction:

Scott McNealy, the Chairman and former CEO of Sun Microsystems, caused an uproar in 1999 when he dismissed online privacy concerns and proclaimed, “You have zero privacy anyway. Get over it.” Was he right? Within the realm of cloud computing, he may have been uncomfortably close to the truth.

The Stored Communications Act (SCA), a component of the broader Electronic Communications Privacy Act (ECPA), is the primary federal source of online privacy protections, but it is more than twenty years old. Despite the rapid evolution of computer and networking technology since the SCA’s adoption, its language has remained surprisingly static. The resulting task of adapting the Act’s language to modern technology has fallen largely upon the courts. In coming years, however, the courts will face their most difficult task yet in determining how cloud computing fits within the SCA’s complex framework.

This Note ultimately concludes that the advertising supported business model embraced by many cloud computing providers will not qualify for the SCA’s privacy protections. In exchange for “free” cloud computing services, customers are authorizing service providers to access their data to tailor contextual and targeted advertising. This quid pro quo violates the SCA’s requirements and many customers will find that their expectations of privacy were illusory.



For my Ethical Hacking students. This happens when you skip thinking about security...

http://news.cnet.com/8301-27080_3-20003455-245.html?part=rss&subj=news&tag=2547-1_3-0-20

On iPhone, beware of that AT&T Wi-Fi hot spot

by Elinor Mills April 27, 2010 1:33 PM PDT

A security researcher has discovered that any wireless network can pretend to be an AT&T Wi-Fi hot spot and thus lure unsuspecting iPhone users to an untrusted network connection.

Samy Kamkar, [ … ] said in an interview this week that he can hijack any iPhone within Wi-Fi range in what is often dubbed a "man-in-the-middle" attack because of the way the devices are configured to recognize AT&T Wi-Fi connections merely by the name "attwifi."



Legal hacking? Will other ISPs follow?

http://yro.slashdot.org/story/10/04/28/0029205/UK-ISP-Spots-a-File-Sharing-Loophole-Implements-It?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

UK ISP Spots a File-Sharing Loophole, Implements It

Posted by kdawson on Wednesday April 28, @05:03AM

An anonymous reader writes

"As well as taking an active part in OFCOM's code of obligations in regards to the ill-conceived Digital Economy Act (the UK three-strikes law for filesharers), niche ISP Andrews & Arnold have identified various loopholes in the law, the main one being that a customer can be classified as a communications provider. They have now implemented measures so in your control panel you may register your legal status and be classed as such."

Another of the loopholes this inventive ISP sussed out: "Operating more than one retail arm selling to customers and allowing customers to migrate freely with no change to service between those retail arms, thus bypassing copyright notice counting and any blocking orders."


(Related) Bad strategy. Now the RIAA will quote that as “dollars lost”

http://yro.slashdot.org/story/10/04/28/0011225/Fair-Use-Generates-47-Trillion-For-US-Economy?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Fair Use Generates $4.7 Trillion For US Economy

Posted by kdawson on Wednesday April 28, @08:06AM

Hugh Pickens writes

"The Hill spotlights a study released by the Computer & Communications Industry Association, which concludes that companies relying on fair use generate $4.7 trillion in revenue to the US economy every year. The report claims that fair use — an exception to the copyright law that allows limited use of copyrighted materials — is crucial to innovation. It adds that employment in fair use industries grew from 16.9 million in 2002 to 17.5 million in 2007 and one out of eight US workers is employed by a company benefiting from protections provided by fair use (PDF). Rep. Zoe Lofgren (D-CA) says the reasonable fair use of content needs to be preserved; otherwise, content owners will control access to movies, music and art that will no longer be available for schools, research, or web browsing. Lofgren tied the copyright issue with the question of net neutrality. Without net neutrality 'content owners will completely control and lock down content. We're going to be sorry characters when we actually don't see fair use rights on the Web,' says Lofgren. 'If we allow our freedom to be taken for commercial purposes, we will have some explaining to do to our founding fathers and those who died for our freedom.'"



Interesting statistics. Much higher numbers than I would have expected.

http://www.bespacific.com/mt/archives/024128.html

April 27, 2010

Pew Report: Government Online

Government Online - The internet gives citizens new paths to government services and information. Aaron Smith, Research Specialist, April 27, 2010

  • Government agencies have begun to open up their data to the public, and a surprisingly large number of citizens are showing interest. Some 40% of adult internet users have gone online for raw data about government spending and activities. This includes anyone who has done at least one of the following: look online to see how federal stimulus money is being spent (23% of internet users have done this); read or download the text of legislation (22%); visit a site such as data.gov that provides access to government data (16%); or look online to see who is contributing to the campaigns of their elected officials (14%). The report also finds that 31% of online adults have used social tools such as blogs, social networking sites, and online video as well as email and text alerts to keep informed about government activities. Moreover, these new tools show particular appeal to groups that have historically lagged in their use of other online government offerings—in particular, minority Americans. Latinos and African Americans are just as likely as whites to use these tools to keep up with government, and are much more likely to agree that government outreach using these channels makes government more accessible and helps people be more informed about what government agencies are doing."


(Related) Automating this process might be amusing...

http://www.bespacific.com/mt/archives/024133.html

April 27, 2010

Site provide citizens withsingle destination to explore all the information from Data.gov

"Our long-term vision for ThisWeKnow is to model the entire data.gov catalog and make it available to the public using Semantic Web standards as a large-scale online database. ThisWeKnow will provide citizens with a single destination where they can search and browse all the information the government collects. It will also provide other application developers with a powerful standards-based API for accessing the data. Loading governmental databases into a single, flexible data store breaks down silos of information and facilitates inferences across multiple data stores. For example, inferences can be made by combining census demographic data from the Agency of Commerce, factory information from the Environmental Protection Agency, information about employment from the Department of Labor, and so on. We can't even begin to imagine the discoveries that will become possible after all these data are loaded into an integrated repository."



A website to visualize Chemistry? Not complete yet, but interesting...

http://www.freetech4teachers.com/2010/04/canvas-mol-3d-models-of-molecules.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+freetech4teachers%2FcGEY+%28Free+Technology+for+Teachers%29

Tuesday, April 27, 2010

Canvas Mol - 3D Models of Molecules

Canvas Mol is a website that provides 3D, interactive, rotating models of simple and complex molecules. There are 46 models of relatively common molecules like glucose, fructose, and morphine. Each model can be altered to show or not show bonds, to show or not show individual atoms, and to rotate on the X,Y, or Z axis. Canvas Mol works best in Chrome or Opera, but can also be used in Firefox and Safari.



You might find these useful for insurance purposes... Includes movie and music databases and room furtiture arrangers.

http://www.makeuseof.com/tag/top-10-downloaded-home-inventory-applications-movers-shakers/

10 Most Downloaded Home Inventory Apps



Another free screen capture video tool.

http://download.cnet.com/TipCam/3000-13633_4-10796452.html?tag=contentMain;compare

TipCam 2.2

You'll be able to start, pause, delete, and preview your screencasts from the small recording controls window, even draw on annotations while you record.

No comments: