Friday, April 19, 2013

Have we gone crazy? Should a minor terrorist act (3 dead vs 3000 on 9/11) spark this kind of reaction? It looks like we're searching for a division of Taliban.
Boston on Lockdown as Residents Are Ordered to 'Shelter In Place' While Cops Sweep Watertown
In an unprecedented move, the city of Boston, in its entirety, is being asked to shelter-in-place, with schools and mass transit closed. Nearby Watertown, where police and federal authorities are searching for the Boston Marathon bomber who is still at large, is in lockdown as Friday's manhunt continues.
At this moment, heavily armed members of the military, assisted by local law enforcement, are going door-to-door in Watertown, searching every house, garage, and shed for bombing suspect Dzhokhar Tsarnaev. CNN indicates that 9,000 members of law enforcement are involved in the effort.
In light of that, town authorities have apparently asked businesses to remain closed. According to the Boston Globe, all vehicle traffic is banned in that city.
… For many, there's nowhere to go, anyway. Taxi service has been suspended. The regional mass transit has been closed; in part, apparently, because authorities don't want crowds of people gathering together.

(Related) Rush to sensationalize. (No need for judgement) We'd rather have “news” than facts. Anything to “scoop” the other guys...
Boston Marathon spectator Salah Barhoum, who was interviewed by authorities following the bombings, swears he 'didn't do it'
… Teenager Salah Barhoum’s face was plastered on the front page of the New York Post Thursday, labeling him and a friend “Bag Men” being sought by authorities investigating the Boston Marathon bombings.
But the FBI later released surveillance of the actual suspects — neither of whom resembled the bag-toting Barhoum and his friend on the tabloid’s cover.
… At 1:30 a.m. Thursday he turned himself in to cops, who spoke to him for about 20 minutes and let him go.
Their only advice: “They said I should delete my Facebook,” Barhoum said.
Nevertheless, The Post reported splashed their faces on its pages and suggested they were suspects.
Even after the FBI cleared the pair, Post Editor-in-Chief Col Allan said, “We stand by our story.”


So who is responsible for Security?
Brian Krebs reports on a lawsuit where Park Sterling Bank (PSB) in Charlotte, North Carolina is suing a former client, Wallace & Pittman PLLC , after the latter was the victim of a fraudulent wire transfer. The breach occurred after a key logger was installed on its system via a phishing attempt and criminals obtained the firm’s login and authorization credentials.
The bank claims it did not reverse the loss, but only temporarily credited the account. The law firm did not repay the bank for the credited amount, and had at one point sued them for not having commercially reasonable security in place. That complaint was later dismissed, and the bank turned around and sued the law firm.
Read his coverage on KrebsonSecurity.com.


What are they thinking? “People hated this last year, but maybe they forgot?” Actions that put government before individuals is a very liberal (Democrat) thing to do, how did this get through a Republican controlled House?
Dave Maass and Mark M. Jaycox of EFF write:
Today, Internet freedom advocates everywhere turned their eyes to the U.S. House of Representatives as that legislative body considered the Cyber Intelligence Sharing and Protection Act.
For the second year in a row, the House voted to approve CISPA, a bill that would allow companies to bypass all existing privacy law to spy on communications and pass sensitive user data to the government. EFF condemns the vote in the House and vows to continue the fight in the Senate.
“CISPA is a poorly drafted bill that would provide a gaping exception to bedrock privacy law,” EFF Senior Staff Attorney Kurt Opsahl said. “While we all agree that our nation needs to address pressing Internet security issues, this bill sacrifices online privacy while failing to take common-sense steps to improve security.”
The legislation passed 288-127, despite a veto threat from Pres. Barack Obama, who expressed serious concerns about the danger CISPA poses to civil liberties.
Read more on EFF.
Not mentioned in their post is the fact that the bill passed by an even wider margin than last year, when it passed 248-168.
Things are going in a very wrong direction.
Very wrong.


“We'll get all the data, then we'll find some use for it.”
Carter Dougherty of Bloomberg reports:
The new US consumer finance watchdog is gearing up to monitor how millions of Americans use credit cards, take out mortgages, and overdraw their checking accounts. Their bankers aren’t happy about it.
The Consumer Financial Protection Bureau is demanding records from the banks and is buying anonymous information about at least 10 million consumers from companies including Experian.
While the goal is to sharpen enforcement and rule-making, banking executives question why the bureau is collecting so much without being more specific about the benefits. [Simple: we can, therefore we must! Bob]
Read more on Boston Globe.


What can the government do?
April 18, 2013
CRS - Cybersecurity: Selected Legal Issues
  • "The federal government’s role in protecting U.S. citizens and critical infrastructure from cyber attacks has been the subject of recent congressional interest. Critical infrastructure commonly refers to those entities that are so vital that their incapacitation or destruction would have a debilitating impact on national security, economic security, or the public health and safety. This report discusses selected legal issues that frequently arise in the context of recent legislation to address vulnerabilities of critical infrastructure to cyber threats, efforts to protect government networks from cyber threats, and proposals to facilitate and encourage sharing of cyber threat information among private sector and government entities. This report also discusses the degree to which federal law may preempt state law. It has been argued that, in order to ensure the continuity of critical infrastructure and the larger economy, a regulatory framework for selected critical infrastructure should be created to require a minimum level of security from cyber threats. On the other hand, others have argued that such regulatory schemes would not improve cybersecurity while increasing the costs to businesses, expose businesses to additional liability if they fail to meet the imposed cybersecurity standards, and increase the risk that proprietary or confidential business information may be inappropriately disclosed."


As I read it, the answer is a definate “Maybe”
April 18, 2013
Submission of Mental Health Records to NICS and the HIPAA Privacy Rule
  • "Questions about the scope and efficacy of the background checks required during certain firearm purchases have gained prominence following recent mass shootings. These background checks are intended to identify whether potential purchasers are prohibited from purchasing or possessing firearms due to one or more “prohibiting factors,” such as a prior felony conviction or a prior involuntary commitment for mental health reasons. Operationally, such background checks primarily use information contained within the National Instant Criminal Background Check System (NICS) and a particular focus of the debate in Congress has been whether federal privacy standards promulgated under the Health Insurance Portability and Accountability Act (i.e., the HIPAA privacy rule) or state privacy laws are an obstacle to the submission of mental health records to NICS."

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)