For my Ethical Hackers. An “excerpt”
timed to help promote his book? Something to consider in light of “A
Just CyberWar”
Obama
Order Sped Up Wave of Cyberattacks Against Iran
… Mr. Obama decided to accelerate
the attacks — begun in the Bush administration and code-named
Olympic Games — even after an element of the program accidentally
became public in the summer of 2010 because of a programming error
that allowed it to escape Iran’s Natanz plant and sent it around
the world on the Internet. Computer security experts who began
studying the worm, which had been developed by the United States and
Israel, gave it a name: Stuxnet.
Did the breach occur at all four
locations simultaneously, or at some third-party processor? Will the
state even bother to follow up and find out?
A
Six-Figure Credit Breach at Five Guys
June 1, 2012 by admin
I hate it when we only find out about
data breaches from lawsuits, but at least we find out. Marlene
Kennedy of Courthouse News reports:
Five Guys burger
joints failed to safeguard their data, giving hackers access to the
accounts of debit-card-paying customers, a bank claims in court.
Trustco Bank says
the hackers racked up more than $89,800 in charges on the accounts of
clients who visited Five Guys restaurants in Albany, Schenectady,
Warren and Saratoga counties.
The defendants in
the complaint, filed in Schenectady County Supreme Court, are RSVT
Glenmont LLC, RSVT Niskayuna LLC, RSVT Queensbury LLC and RSVT
Saratoga Springs LLC. Each operates a Five Guys restaurant in the
communities listed in their names.
[...]
The unauthorized
transactions – Trustco counted 376 – occurred in November and
December 2011, according to the complaint.
Read more on Courthouse
News. Kennedy reports that according to the
complaint, the affected restaurants “never provided notification to
… customers of the security breach,” as required by New York law.
So what will NYS do, if it even knows
about this lawsuit?
“It's not that we dislike “public
debate,” we just don't see any reason to help it along.”
"The House Appropriations
Committee is considering a draft report that would forbid the Library
of Congress to
allow bulk downloads of bills pending before Congress. The
Library of Congress currently has an online database called THOMAS
(for Thomas Jefferson) that allows people to look up bills pending
before Congress. The problem is that THOMAS is somewhat clunky and
it is difficult to extract data from it. This draft report would
forbid the Library of Congress from modernizing THOMAS until
a task force reports back. I am pretty sure that the majority of
people on slashdot agree that being able to better understand how the
various bills being considered by Congress interact would be good for
this country."
“We don't want them screwing up the
Internet, that's our job!”
"In a rare show of bipartisan
agreement, lawmakers from both sides of the aisle warned
this morning that a United Nations summit in December will lead
to a virtual takeover of the Internet if proposals from China,
Russia, Iran, and Saudi Arabia are adopted. Called the World
Conference on International Telecommunications, the summit would
consider proposals including '[using] international mandates to
charge certain Web destinations on a "per-click" basis to
fund the build-out of broadband infrastructure across the globe' and
allowing 'governments to monitor and restrict content or impose
economic costs upon international data flows.' Concerns regarding
the possible proposals were both aired at a congressional hearing
this morning and drafted in a congressional
resolution (PDF)."
What does it take to convince Congress?
(Nothing. Their mind are already made up.)
May 31, 2012
EFF
- Review House Hearing on Warrantless Wiretapping and the FISA
Amendments Act
News
release: "This morning, the House Judiciary Committee held
an important hearing
on the FISA Amendments Act (FAA) and the scope of the NSA’s
warrantless wiretapping program. The FAA, which gutted privacy
protections governing the interception international phone calls and
e-mail to and from the United States, is set to expire at the end of
the year, and Attorney General Eric Holder says
it is his “top priority” to see it renewed."
This does not extend to inconsequential
Blogs... Also, Just because they are in the minority makes no
difference?
Judge
says authors can sue Google
A judge filed
a ruling today that gives authors, photographers, and
illustrators the green light to sue Google.
The ruling allows the drawn-out
court case -- over Google Books' practice of scanning book out of
print and copyrighted content for Web searches -- to move forward.
The suit will now determine if Google's argument that
it has a fair-use defense has any merit.
… Google had tried to argue that
the Authors Guild and an illustrators and photographers' group should
be taken off the suit. According to the suit, Google said a class
action suit is not justified because many authors wanted their books
scanned. The company points to a survey in which over 500 authors,
or 58 percent of those surveyed, "approve"
of Google scanning their work for search purposes.
"Google's argument is without
merit," Chin wrote. "The lead plaintiffs are adequate
representatives of the class."
Read the entire ruling, posted by the
Public Index, here.
The problem with “We don't like you”
lawsuits...
Judge
Frees Google’s Android From Oracle Copyrights
The federal judge refereeing the
billion-dollar fight between Oracle and Google over the Android
operating system has dismissed Oracle’s claim that the Java APIs
used by Android are subject to copyright.
The APIs are application program
interfaces, code that lets one piece of software talk to another.
The general assumption has long been that APIs aren’t subject to
copyright. But in suing Google over Android, Oracle insisted that
they were, and after a six-week trial, the company’s efforts to win
serious damages from Google came down to this single point.
But on Thursday, Judge William Alsup
ruled that Oracle does not have the exclusive rights to the
structure, sequence, and organization the 37 Java APIS in question.
“To accept Oracle’s
claim would be to allow anyone to copyright one version of code to
carry out a system of commands and thereby bar all others from
writing their own different versions to carry out all or part of the
same commands,” read
the ruling from Alsup. “No holding has ever endorsed such a
sweeping proposition.”
(Related) Watch out when a judge does
his homework! (I just love these little 'smack downs.')
Judge
William Alsup: Master of the court and Java
… Alsup acknowledged during the
trial that he had learned about Java coding to better prepare for the
case, and it showed. On a daily basis, he would deftly query the
lawyers and expert witnesses on the structure, sequence, and
organizations of APIs to assist the jury in understanding the key
facets of the copyright phase of the trial.
In one episode, Oracle's star lawyer,
David Boies, who bested Bill Gates in U.S. v. Microsoft case and
represented Vice President Al Gore in Bush v. Gore in front of the
Supreme Court, was arguing that Google copied the nine lines of
rangeCheck code to accelerate development to gain faster entry into
the mobile phone market.
Alsup told Boies, "I have done,
and still do, a significant amount of programming in other languages.
I've written blocks of code like rangeCheck a hundred times before.
I could do it, you could do it. The idea that someone would copy
that when they could do it themselves just as fast, it was an
accident. There's no way you could say that was speeding them along
to the marketplace. You're one of the best lawyers in America --how
could you even make that kind of argument?"
Oracle plans to appeal Alsup's
ruling. The company faces an uphill battle given the judge's
ruling is rich in context, with detailed deconstructions of the Java
language and APIs, as well as the expected legal citations and
examples. It will likely serve as a textbook for
future cases involving intellectual property rights and computer
programming languages.
Something like the Nature Conservancy
for music?
"Following Tuesday's story
about MuseScore
releasing its open source recording of the Goldberg Variations,
the Musopen project
has released
ProTools files from its open source recording project. The final
edited recordings are still being worked on but it seems we're living
in very interesting times regarding open source classical music."
[From Kickstarter:
Musopen is a non-profit dedicated to
providing copyright free music content: music recordings, sheet music
and a music textbook. This project will use your donations to
purchase and release music to the public domain. Right now, if you
were to buy a CD of Beethoven's 9th symphony, you would not be
legally allowed to do anything but listen to it. You wouldn't be
able to share it, upload it, or use it as a soundtrack to your indie
film- yet Beethoven has been dead for 183 years and his music is no
longer copyrighted. There is a lifetime of music out there, legally
in the public domain, but it has yet to be recorded and released to
the public.
For my Ethical Hackers...
"Apple has released a detailed
security guide for its iOS operating system, an unprecedented
move for a company known for not discussing the technical details of
its products, let alone the security architecture. The document lays
out the system architecture, data protection capabilities and network
security features in iOS, most of which had been known before but
hadn't been publicly discussed by Apple. The iOS
Security guide (PDF), released within the last week, represents
Apple's first real public documentation of the security architecture
and feature set in iOS, the operating system that runs on iPhones,
iPads and iPod Touch devices. Security researchers have been doing
their best to reverse engineer the operating system for several years
and much of what's in the new Apple guide has been discussed in
presentations and talks by researchers. 'Apple doesn't really talk
about their security mechanisms in detail. When they introduced
ASLR, they didn't tell anybody. They didn't ever explain how
codesigning worked,' security researcher Charlie Miller said."
Might be just what I need to have my
computer up and running each morning when I start my Blogging...
(How's your German?)
Sleep Timer … allows you to have your
computer turn off, restart or go to sleep whenever you need it to.
The program is super easy to use, and
it takes up almost no memory. The application requires no
installation, so you can run it from a flash drive and take it with
you. You can set it to make your computer restart, go into
hibernation mode or shut down completely, and they are all easy to
set up.
No comments:
Post a Comment