Friday, October 14, 2011


Clear your calendar! I notice that the http://www.privacyfoundation.org/ has scheduled the next Privacy Seminar (and lunch) for Friday, November 4th. Topic to be: Privacy Damage Theories


This is a first! “Stop using “papyrus era” technology!”
By Dissent, October 13, 2011
In the aftermath of a breach:
The province’s privacy watchdog is ordering Cancer Care Ontario to stop sending screening reports to doctors in paper format.
Information and Privacy Commissioner Ann Cavoukian says the agency must find a more secure method to transfer the results, which contain personal health information.
She says the agency has decided to develop its own web portal for the delivery of the reports, but will have to report back to her office to ensure it’s secure.
Read more from The Canadian Press on CTV.ca


Unlikely we will ever get a straight story. Imagine “credential stealing” software that is intended to gather the data, then do nothing with it... Who designed it, government contractors?
"Air Force officials have revealed more details about a malware infection that impacted systems used to manage a fleet of drones at the Creech Air Force Base in Nevada as reported last week. The 24th Air Force first detected the malware – which they characterized as a 'credential stealer' as opposed to a keylogger as originally reported — and notified Creech Air Force Base officials Sept. 15 that malware was found on portable hard drives approved for transferring information between systems. The infected computers were part of the ground control system that supports remotely-piloted aircraft (RPA) operations. The malware is not designed to transmit data or video or corrupt any files, programs or data, according to the Air Force. The ground system is separate from the flight control system used by RPA pilots to fly the aircrafts."


Now this has potential! All of my students can take pictures of license plates. My Ethical Hackers can get names and addresses from DMV, then email addresses.  Launder the money through Luxembourg and sell the Credit Card information to the Rumanian Mob. What (profitable) fun!
Fake Speeding Tickets Harass New Yorkers Via Email [News]
… Once the email has earned your trust, it directs you to open an attachment which is supposedly a form that can be filled out in response to the ticket. Instead, it’s a typical Trojan Horse virus.


I don't like the suggestion that the Police should Photoshop some of their photos. I do like the idea of using all the free software.
Stop, Or I’ll Tweet! Cops Struggle With Social Media
A nightstick, a revolver, and a smartphone to check in on Foursquare.
That’s the necessary gear of the future beat cop, as envisioned at the SMILE Conference — aka Social Media, the Internet, and Law Enforcement — held over three scorching September days in downtown Dallas.


Does this suggest how future regulations will look?
SEC guidance about coming clean about data breaches
October 14, 2011 by admin
Emma Woollacott reports:
The Securities and Exchange Commission (SEC) has ordered companies to disclose security breaches, following a year in which several organizations have been criticized for revealing details late, if at all.
“Cyber incidents may result in losses from asserted and unasserted claims, including those related to warranties, breach of contract, product recall and replacement, and indemnification of counterparty losses from their remediation efforts,” says the SEC in its new guidance notes.
“Cyber incidents may also result in diminished future cash flows, thereby requiring consideration of impairment of certain assets including goodwill, customer-related intangible assets, trademarks, patents, capitalized software or other long-lived assets associated with hardware or software, and inventory.”
Read more on TG Daily. If you read the guidance, you’ll see it’s not really an order….


Not sure I agree with the ranking, but it's a start...


So much for “We're doing it for the customers!” More importantly, this suggests the money invested might be a waste.
Majority of Consumers See No Benefit in Sharing Personal Data
October 14, 2011 by Dissent
Congress held a hearing yesterday on consumer attitude about privacy. Here’s yet another survey on consumer attitude:
Seventy-four percent of American and Canadian consumers said they don’t feel they’re receiving a benefit from sharing personal information with marketers, according to the latest survey research from LoyaltyOne. Just 52% said they somewhat or strongly agree with the statement that companies use their personal data “so they can better serve me.” Breaking down the somewhat and strongly agree responders, only 9% said they strongly agree that companies use their information to serve them better.
Read more on Hospitality Technology.

(Related) The technology exists and (apparently) it is easy to sell the data.
"Australian shopping centers will monitor customers' mobile phones to track how often they visit, which stores they like and how long they stay. One unnamed Queensland shopping center is next month due to become the first in the nation to install receivers that detect unique mobile phone radio frequency codes to pinpoint location within two meters."

(Related) As long as someone buys it, they'll collect it.
Under Verizon's new privacy policy, as noticed by Computerworld, the carrier will collect data on the websites customers are visiting, the apps they're using and the location of their phones. Verizon will then use the aggregate data for "business and marketing reports" and to sell relevant advertising.


Perhaps if it was titled: “How to avoid lawsuits...” it would be read. In any case, a US version would be worthwhile. (Hint, hint!)
Privacy commissioner of British Columbia issues guidelines on using social media for background checks
October 14, 2011 by Dissent
The Information and Privacy Commissioner of British Columbia has issued guidelines to assist organizations and public bodies using social media sites to conduct background checks of prospective employees, volunteers and candidates.
Commissioner Elizabeth Denham cautioned that using social media to conduct background checks presents legal and other challenges.
“We enter a new era with the application of privacy laws to social media background checks,” the Commissioner stated, adding, “the guidelines my Office is issuing today are designed to provide guidance and practical steps to assist organizations and public bodies in complying with the law.”
The guidelines highlight some of the risks associated with performing a social media background check, such as collecting inaccurate information and collecting too much personal information. Commissioner Denham stated that she expected organizations and public bodies to review and adopt the guidelines so that their practices concerning social media background checks comply with privacy obligations.
The use of social media background checks received attention earlier this year when a political party requested the passwords of its potential leadership candidates to permit an examination of their social media sites.


“I'm shocked! Shocked I tell you!” to discover that anyone thinks that secret deals with campaign contributors are not common.
U.S. Copyright Czar Cozied Up to Content Industry, E-Mails Show
Top-ranking Obama administration officials, including the U.S. copyright czar, played an active role in secret negotiations between Hollywood, the recording industry and ISPs to disrupt internet access for users suspected of violating copyright law, according to internal White House e-mails.
The e-mails, obtained via the Freedom of Information Act, (.pdf) show the administration’s cozy relationship with Hollywood and the music industry’s lobbying arms and its early support for the copyright-violation crackdown system publicly announced in July.
… The e-mails do not entail much detail of the discussions between the administration and industry — as any substantive text in the e-mails (.pdf) was blacked out before being released to Soghoian.
But the communications show that a wide range of officials — from Vice President Joe Biden’s deputy chief of staff Alan Hoffman, the Justice Department’s criminal chief Lanny Breuer to copyright czar Victoria Espinel — were in the loop well ahead of the accord’s unveiling.


Judge Lamberth delights in pointing out the ineptitude of government lawyers, and does so again here. However, I find it difficult to logically separate the real-time and historical information (as the law clearly does) As I read the ruling, you need a warrant to find my current location, but you don't need a warrant to find out where I was a millisecond ago... i.e. Once location is recorded (becomes a record) it is fair game. That happens very rapidly in computer systems.
Judge: No Warrant Needed For Cell Phone Location Data
October 13, 2011 by Dissent
Mike Scarcella writes:
Prosecutors do not need a warrant to compel a cellular phone service provider to turn over data about call location, a federal judge in Washington said in a ruling unsealed Wednesday.
The ruling (PDF) examines the government’s attempt to get data from the undisclosed service provider amid a U.S. Attorney’s Office investigation of an armed robbery of an armored truck.
Read more on The Blog of LegalTimes. The memorandum and order contains an interesting discussion of how historical cell location data is not the equivalent of continuous GPS surveillance, and hence, Maynard does not really apply.


Al Gore has everyone looking for the causes of Global Warming.
"Science News reports on a story which blames a centuries long cooling of Europe on the discovery of the new world. Scientists contend that the native depopulation and deforestation had a chilling effect on world-wide climate. 'Trees that filled in this territory pulled billions of tons of carbon dioxide from the atmosphere, diminishing the heat-trapping capacity of the atmosphere and cooling climate, says Richard Nevle, a geochemist at Stanford University.' The story notes that the pandemics in the Americas were possibly an example of human climate manipulation predating the Industrial Revolution, though isotope measurements used during research have much uncertainty, so 'that evidence isn't conclusive.'" [Somewhere between a hint and a guess? Bob]


Gee, if a Harvard guy says so... But I find that most people have great difficulty communicating with other people, let alone logical hardware...
Apple's Siri Is as Revolutionary as the Mac
… Siri, the new iPhone's voice-control software, is going to have as big an impact as that first iPhone did. It's going to fundamentally change our relationship with computers.
… unnecessary complexity remains. Why does a user care whether a message from a friend is an email or an SMS? Why should they have to concern themselves with opening a browser or a specific app to find out what the weather is going to be tomorrow?
And try as we might to design hardware that is ergonomic, there's no denying the impact this technology has had on our bodies. Repetitive strain injury, degradation of eyesight — these are the result of using existing computer and phone interfaces for hours on end.
Siri is the first serious step in changing all that.
In true Apple fashion, there is little that is technologically novel.


My Math students will like the WolframAlpha access via Siri.
A great week for Google challengers
DuckDuckGo Despite the wacky name, it's a traditional search engine.
… the site has started to grow. In fact, its staff doubled late last month, when Weinberg hired employee #1. And this week, he announced that DDG has done something perfectly normal for a tech startup: It's accepted outside financing from venture-capital firm Union Square Ventures and some other investors.
Wolfram Alpha Wolfram Alpha isn't exactly obscure, but it also isn't the household name it deserves to be. So one of the things that excites me most about Apple's iPhone 4S, which goes on sale today, is that its Siri voice assistant has Wolfram Alpha baked in. Ask Siri questions, and she'll hand some of them off to Wolfram Alpha to get answers.


For my Ethical Hackers. How could you use this tool without violating Privacy? This is the kind of software stalkers (or Lower Merion High School administrators) install...
WebCamImageSave Capture Images from your Webcam Automatically
… This is a handy tool that allows you to capture pictures from your camera regularly after the time you have chosen, and then saves it into image file on your hard disk. In this way you can keep tabs on who has used your PC during any particular period. This awesome tool also adds a label with the date/time that the photo was taken into the image, by using the font, color, and date/time format that you select.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)