This is typical. Most holders of data do not know where all of it resides. Some don't know where any of it resides. At least the article states that (some of) the files were encrypted.
http://www.databreaches.net/?p=16469
UK: Police apologize over data loss incidents but need crystal ball at this point
January 21, 2011 by admin
This is somewhat painful to read. Maybe Jack Nicholson’s available to do a movie we could call, “As Bad as It Gets?” James Burke reports:
Police in Gloucestershire have admitted to a data loss incident involving confidential details, although the force also confesses it has no idea what information was lost.
An investigation by the Echo found that USB security, laptops and 999 call recordings have been compromised in the last three years, This Is Gloucestershire reports.
However, the force’s Information Security Register has no details about how or where the incidents occurred.
More on Cryptzone.
Oops!
http://www.phiprivacy.net/?p=5658
UK: Organ donation preferences of over 400,000 people recorded inaccurately
By Dissent, January 21, 2011
From the Information Commissioner’s Office:
The organ donation preferences of 444,031 people were recorded inaccurately on the Organ Donation Register (ODR) due to a software error, [Sure, blame the computer. Aren't managers supposed to make sure the computer works correctly? Bob] the Information Commissioner’s Office (ICO) said today.
In March 2010 NHS Blood and Transplant (NHSBT), who manage the Register, discovered irregularities between the organ donation information stated on Driver and Vehicle Licensing Agency (DVLA) application forms and the information recorded on the ODR. Further investigation revealed that an ODR software error dating back to 1999 had affected the recording of specific organ preferences from the DVLA.
Whilst the vast majority of the data remained accurate, it was discovered that the details of over 400,000 people required correcting, while a number of other patients had to be contacted directly in order to ensure that their original preferences remained intact.
Mick Gorrill, Head of Enforcement, said:
“I welcome the NHSBT’s commitment to correcting the inaccurate data and their willingness to make sure this type of incident does not happen again by introducing a variety of new security measures.” [Not “security,” “Management!” Bob]
Alan McDermott, Senior Information Risk Officer at the NHSBT, has signed an undertaking which commits the organisation to being more robust in checking information is accurate. This includes systematic sampling and checking of data for accuracy against source documents, routine cross-referencing, as well as making sure all forms for the collection of data are uniform.
Kind of a strange story. If it is Wikileaks, this is a major escalation. Who else might want to track Iceland's parliament?
http://it.slashdot.org/story/11/01/21/0035221/Espionage-In-Icelandic-Parliament?from=rss
Espionage In Icelandic Parliament
"An unauthorised computer, apparently running encrypted software, was found hidden inside an unoccupied office in the Icelandic Parliament, Althingi, connected to the internal network. According to the Reykjavik Grapevine article, serial numbers had been removed and no fingerprints were found. The office had been used by substitute MPs from the Independence Party and The Movement, the Parliamentary group of Birgitta Jonsdottir, whose Twiiter account was recently subpoenaed by US authorities. The Icelandic daily Morgunbladid, under the editorship of Mr David Oddsson, former Prime Minister and Central Bank chief, has suggested that this might be an operation run by Wikileaks. The reporter for the Reykjavik Grapevine, Mr Paul Nikolov is a former substitute MP, having taken seat in Parliament in 2007 and 2008."
The PDF is huge. To make the text readable, you would need to print a wall sized copy. Grab the spreadsheet, where you can hide rows or columns to make reading this easier...
http://www.pogowasright.org/?p=19689
Social Media and Law Enforcement: Who Gets What Data and When?
January 21, 2011 by Dissent
Jennifer Lynch of EFF writes:
This month, we were reminded how important it is that social media companies do what they can to protect the sensitive data they hold from the prying eyes of the government. As many news outlets have reported, the US Department of Justice recently obtained a court order for records from Twitter on several of its users related to the WikiLeaks disclosures. Instead of just turning over this information, Twitter “beta-tested a spine” and notified its users of the court order, thus giving them the opportunity to challenge it in court.
We have been investigating how the government seeks information from social networking sites such as Twitter and how the sites respond to these requests in our ongoing social networking Freedom of Information Act (FOIA) request, filed with the help of UC Berkeley’s Samuelson Law, Technology & Public Policy Clinic. As part of our request to the Department of Justice and other federal agencies, we asked for copies of the guides the sites themselves send out to law enforcement explaining how agents can obtain information about a site’s users and what kinds of information are available. The information we got back enabled us to make an unprecedented comparison of these critical documents, as most of the information was not available publicly before now.
Read more and see the comparison spreadsheet ((in .xls and .pdf) on EFF.
Schools are increasingly a world unto themselves...
Friday, January 21, 2011
Fines for Disruptive Behavior - A Discussion Prompt
Today's episode of CNN Student News ends [at about 7:50 Bob] with a quick story about some schools in Texas issuing fines of up to 500 dollars for poor conduct in school. As you might guess, some parents and students are not happy about this at all. The video is embedded below.
Cloning, hacker style...
http://www.makeuseof.com/tag/move-full-operating-system-pc/
How To Move A Full Operating System From An Old PC To A New One
Keeping up with the language...
Jargon Watch: Quote Stuffing, Bombiles, Privacy Zuckering
Privacy Zuckering v.
Creating intentionally confusing privacy policies —à la Mark Zuckerberg—to sucker users of social networking sites like Facebook into exposing valuable personal information.
Until http://www.janes.com/ comes out with “All the World's Hacking Tools” we get this information piecemeal... I wonder if it includes Stuxnet?
New Navy Jammer Could Invade Networks, Nuke Sites
When China’s stealth-fighter prototype took to the air two weeks ago, it intensified what was already a heated debate in Washington over which, and how many, new fighter planes to buy.
Lost in all this noise was the U.S. Navy’s real plan for winning any future air war with China or another big baddie. Rather than going toe-to-toe with J-20s and other enemy jets, the Navy is planning to attack its rivals where they’re most vulnerable: in the electromagnetic spectrum.
The frontline weapon for this electronic war is a new airborne jamming system currently in development. The Next Generation Jammer should allow the Navy to blind the enemy’s radars, disrupt its communications and slip malicious code into computer networks.
Technology continues to change...
http://www.deloitte.com/us/techpredictions2011
Deloitte Predictions for the Technology, Media and Telecommunications Sector, 2011
Highlights of the 2011 Technology Predictions:
• More than half of all computers aren’t computers anymore
• Tablets in the enterprise: more than just a toy
• Operating system diversity: no standard emerges on the smartphone or tablet
• Online regulation ratchets up, but cookies live on
This is a TED talk on medical imaging. I include it as an illustration of the volumes of data (not just medical data) we can expect in the near future. One cat scan generates the equivalent of 800,000 telephone books. (6 kilometers of books)
Anders Ynnerman: Visualizing the medical data explosion
Humor – a follow-up to an earlier story. Watch the video if you haven't already.
Texting fountain lady's problems bigger than YouTube fame
No comments:
Post a Comment