Gaming
the gamers...
"Anonymous has claimed
a new attack on Sony PlayStation Network and this time around it
seems that it has managed to hack nearly 10
million user accounts and and as a proof of the
hack dumped more than 3000
credentials online in the form of a pastebin post. The notorious
hacktivist group is claiming that the entire set of hacked
credentials contains over 10 million PSN accounts and that the file
is of around 50GB."
Some still in it for the money...
… According to press reports from
Australia, an Eastern European criminal syndicate targeted a small
Australian business enterprise and hacked their way to details of
half a million credit cards from the company’s network.
Losses from fraudulent purchases made
with the stolen credit card details could total up to $25 million.
To pre-empt the use of these credit cards, Australian banks have
placed the cards on a high-alert watch list.
States can sponsor some serious hacking
for “chump change” Is that what's happening here?
Reuters
hacked (again) with fake story of Saudi minister's death
Someone must have it out for Reuters.
For the second time in two weeks, the blogging platform for the news
source's Web site has been hacked into and false stories have been
illicitly published.
Today's sham article reported that
Saudi Arabia's Foreign Minister Prince Saud al-Faisal had died,
according to Reuters.
The first
bogus story, posted earlier this month, was about the rebel Free
Syrian Army suffering setbacks in their battle against Syrian
President Bashar al-Assad's regime.
"Reuters did not report the false
story and the post was immediately deleted," Reuters News'
director of global communications Barb Burg said in a statement. "We
are working to address the problem."
In addition to the Web site's blogging
platform, Reuters'
Twitter account was also hacked in the past two weeks. Hackers
got into the Reuters Tech account, renaming it TechMe, and false
tweets were posted about the Syrian rebels being defeated in a major
battle.
It's still unclear who is behind these
news hacks. But Reuters hints that it may have been
pro-government forces in Syria. In its article
today it writes, "Saudi Arabia has emerged as a staunch opponent
of Assad."
(Related) Hacking as CyberWar?
Syrian
dissidents besieged by malware attacks
As the Syrian civil war continues to
escalate, pro-government forces are allegedly carrying out a cyberwar
against local dissidents.
Syrian activists, journalists, and
government opposition groups are under a barrage of targeted malware
attacks, according to the watchdog group Electronic
Frontier Foundation. What this malware does is deceptively
install surveillance software into a computer under the guise of
protecting the computer from viruses. Its name is AntiHacker.
Think they'll be available in Walmart
soon?
"Today, tens of thousands of
license plate readers (LPRs) are being used by law enforcement
agencies all over the country—practically every week, local media
around the country report on some LPR
expansion. But the system's unchecked and largely unmonitored
use raises significant privacy concerns. License plates, dates,
times, and locations of all cars seen are kept in law enforcement
databases for months or even years at a time. In the worst case, the
New York State Police keeps all of its LPR data indefinitely. No
universal standard governs how long data can or should be retained."
Is
Facebook making its own global law? (Might be an interesting title
for a research paper)
Germans
reopen Facebook privacy inquiry, but what can they really do?
August 15, 2012 by Dissent
Kevin J. O’Brien reports:
Data protection
officials in Germany reopened an investigation into Facebook’s
facial recognition technology Wednesday, saying the
social networking giant was illegally compiling a vast photo database
of users without their consent.
The data
protection commissioner in Hamburg, Johannes Caspar, said he had
reopened his investigation, which he had suspended in June, after
repeated attempts to persuade Facebook to change its
policies had failed.
Read more on NY
Times, where O’Brien discusses the possible outcomes or
consequences. Overall, this case illustrates how
difficult it may be for countries to compel compliance with EU
privacy laws when the company is headquartered in the U.S.
In this case, Facebook also has a headquarters in Ireland, but the
Irish Data Protection Commissioner had previously concluded that
notice, not consent, was required. The Irish DPC came under pressure
when the EU privacy panel indicated that consent – and not just
notice – was required.
During the comment period for the FTC’s
proposed settlement with Facebook, EPIC
wrote to the FTC about the issue of photo tagging and compilation
of biometric data. The FTC responded:
(2) You urge the
Commission to prohibit Facebook from creating facial recognition
profiles without users’ express consent.
The comprehensive
privacy program described above will require Facebook to implement
practices that are appropriate to the sensitivity of the “covered
information” in question, which is very broadly defined in the
order and would include biometric data. Moreover, the biennial
audits of its privacy practices will help ensure that Facebook lives
up to these obligations. Although the order does not specifically
require that Facebook obtain a user’s consent for the creation of
facial recognition data, the order’s broad prohibition on deception
is designed to ensure that Facebook will be truthful with users about
such practices. Likewise, the affirmative express consent
requirement, described above, is designed to ensure that Facebook
upholds privacy settings that it offers to users to protect such
information.
So there’s no help there in closing
the gap between EU privacy and U.S. privacy law.
This
sounds interesting...
August 15, 2012
Paper
- A Technology-Centered Approach to Quantitative Privacy
Gray, David C. and Citron, Danielle
Keats, A Technology-Centered Approach to Quantitative Privacy (August
14, 2012). Available at
SSRN
- "Our analysis and proposal draw upon insights from information privacy law. Although information privacy law and Fourth Amendment jurisprudence share a fundamental interest in protecting privacy interests, these conversations have been treated as theoretically and practically discrete. This Article ends that isolation and the mutual exceptionalism that it implies. As information privacy scholarship suggests, technology can permit government to know us in unprecedented and totalizing ways at great cost to personal development and democratic institutions. We argue that these concerns about panoptic surveillance lie at the heart of the Fourth Amendment as well. We therefore propose a technology-centered approach to measuring and protecting Fourth Amendment interests in quantitative privacy. As opposed to proposals for case-by-case assessments of information “mosaics,” which have so far dominated the debate, we argue that government access to technologies capable of facilitating broad programs of continuous and indiscriminate monitoring should be subject to the same Fourth Amendment limitations applied to physical searches."
What's
to hide? We know what the technology can do, so it must be a legal
maneuver?
ACLU
Sues FBI to Get GPS-Tracking Memos
In the wake of the Supreme Court’s
decision earlier this year striking down the use of a GPS tracker on
a suspect’s car without a warrant, the FBI issued two memos to
agents with new guidelines for the use of the surveillance
technology.
But the agency is withholding those
memos from the public and has failed to respond to a records request
submitted by the American Civil Liberties Union in July to obtain the
documents.
On Tuesday, the ACLU filed
a lawsuit against the FBI (.pdf), seeking the immediate release
of the documents on the grounds that the public has a strong interest
in knowing how the FBI is complying with the ruling.
“If
you want to work for me, you must love me.” How Victorian.
Virginia
deputy fights his firing over a Facebook 'like'
A Virginia sheriff's deputy has been
fired for liking his boss's political opponent -- on Facebook.
Now Daniel Ray Carter Jr. is fighting
back in court, arguing that a "like" should be protected by
his First Amendment right to free speech. It's a case that could
settle a significant question at a time when hundreds of millions of
people express themselves on Facebook, sometimes merging their
personal, professional and political lives in the process.
According to court documents, the case
began when Sheriff B.J. Roberts of Hampton, Virginia, fired Carter
and five other employees for supporting his rival in a 2009 election.
Possibly
related?
August 15, 2012
The
State of the First Amendment: 2012
"The First Amendment Center has
supported an annual national survey of American attitudes about the
First Amendment since 1997. The
State of the First Amendment: 2012 is the 16th survey in this
series. This year’s annual survey repeats some of the questions
that have been administered since 1997 and includes new questions on
the role of religion in the presidential election, attitudes about
government’s control of the Internet, and opinions about the use of
copyrighted material on the Internet. This report summarizes the
findings from the 2012 survey, and where appropriate, depicts how
attitudes have changed over time. The first section of this report
presents the survey methodology used to conduct the State of the
First Amendment research. The second section highlights the key
findings from the 2012 project. The final section presents the
complete survey results including question wording and trend data."
What do you bet that schools won't read
this...
August 15, 2012
FTC
Advises Parents How to Protect Kids' Personal Information at School
News
release: "A new school year usually means filling out
paperwork like registration forms, health forms, and emergency
contact forms, to name a few. The Federal Trade Commission wants
parents to know that many school forms require personal and sensitive
information that, in the wrong hands, could be used to commit fraud
in their child’s name. A criminal can use a child’s Social
Security number to get government benefits, open bank and credit card
accounts, or rent a place to live. Most parents and guardians don’t
expect their child to have a credit file, and rarely order or monitor
a child’s credit report. Child identity theft may go undetected
for years – until the child applies for a job or loan and discovers
problems in a credit report. To help limit the risks of child
identity theft, the Federal Trade Commission offers Protecting
Your Child’s Personal Information at School. It explains how
the federal Family Educational Rights and Privacy Act protects the
privacy of student records and gives parents of school-age children
the right to opt out of sharing contact information with third
parties. It also suggests that parents ask their child’s school
about its directory information policy, learn about privacy policies
of sports or music activities that are not school-sponsored, and find
out what to do if their child’s school experiences a data breach.
The second publication, Safeguarding
Your Child’s Future, offers tips on how to keep your child’s
data safe at home and online, and explains the warning signs of child
identity theft. It also explains how parents and guardians can check
whether their child has a credit report, and what to do if the report
has errors."
How trivial can $340 million be? (It's
good to be a banker!)
Standard
Chartered agrees $340m settlement with US regulator over Iran
Standard
Chartered has fended off threats by a New York regulator to
revoke its banking licence for alleged breaches of US sanctions.
Chief executive Peter Sands is however under intense pressure after
the bank agreed to pay $340m (£220m) despite insisting that it had
committed only minor breaches of the rules.
Barely 24 hours before the bank was due
to attend a hearing with the New York department of financial
services (DFS), the regulator announced
the surprise settlementwhich also includes the installation a
monitor for at least two years to evaluate the bank's risk controls.
Inspectors from the DFS will be installed at the bank's office in New
York and the bank will "permanently install personnel" in
New York solely to ensure that it adheres to money laundering laws.
This should be interesting. (Silly me,
I thought they would have had to do this when they asked for
extradition)
New
Zealand court says FBI must disclose MegaUpload evidence
The lawyers for Kim DotCom and
MegaUpload continue to rack up court victories in New Zealand.
One of the country's courts has ordered
the United States to turn over evidence it says it has that proves
DotCom committed criminal acts of piracy. The U.S. Attorney's office
has accused DotCom, founder of the cloud-storage service, of
operating MegaUpload as a criminal enterprise.
U.S. officials say that MegaUpload
made over $175 million by enabling users to store pirated digital
media, including movies, music and software, on the company's
servers. They accuse him of encouraging the looting and wish to
extradite him to this country to stand trial.
But New Zealand doesn't appear ready to
take the word of the FBI that DotCom and six other MegaUpload
managers committed crimes. They want to see the proof.
For
my Data Mining / Data Analysis students: Drool baby, drool!
Google’s
Dremel Makes Big Data Look Small
… Since the rise of Hadoop, Google
has published three particularly interesting papers on the
infrastructure that underpins its massive web operation. One details
Caffeine, the software
platform that builds
the index for Google’s web search engine. Another shows off
Pregel, a “graph
database” designed to map the relationships between vast amounts of
online information. But the most intriguing paper is the one that
describes a tool called Dremel.
… “You have a SQL-like language
that makes it very easy to formulate ad hoc queries or recurring
queries — and you don’t have to do any programming. You just
type the query into a command line,” says Urs Hölzle, the man who
oversees the Google infrastructure.
The difference is that Dremel can
handle web-sized amounts of data at
blazing fast speed. According to Google’s paper, you
can run queries on multiple petabytes — millions of gigabytes —
in a matter of seconds.
If the US ever gets people to Mars,
we're going to have to rent space... Go India!
neo12 writes in with the news that
India plans on being the 6th country to
launch a mission to mars.
"Making the first formal
announcement on the country's Mars mission, Prime Minister Manmohan
Singh on Wednesday said India
will send a mission to the Red Planet that will mark a huge step
in the area of science and technology. 'Recently, the Cabinet has
approved the Mars Orbiter Mission. Under this Mission, our spaceship
will go near Mars and collect important scientific information,' he
said addressing the nation from the ramparts of the Red Fort on the
occasion of the 66th Independence Day."
For my “Intro” classes. I like a
bit of reiteration with my redundant repetition...
For my Computer Security students
No comments:
Post a Comment