Global Security Watch: July 2005 Archives

Global Security Watch > July 14, 2005

Getting started protecting PII, Part 1

[Not Bad For a Cubicle] Around the office, recent events have also created increased interest in identifying and securing Personally Identifying Information (PII) has come back into the spotlight, too, which is good for obvious reasons, but also bad because it really makes you realize how much work it is to securely keep and handle PII.

World’s Biggest On-Star

[district 30] Good data used right benefits all. Traffic engineers are often frustrated because the best way to prevent congestion is to give drivers good information, but good information is not often readily available.

Posted at 10:11 AM

July 14, 2005

Getting started protecting PII, Part 1

Posted at 10:13 AM

World’s Biggest On-Star

Posted at 10:11 AM

Keeping email under lock and (public) key

[InfoSec News Blog] This article from NewsForge makes me wonder when Microsoft and PGP will get together to create individually PGP encrypted mailboxes. With governments and law enforcement organizations pushing for increasingly intrusive monitoring and logging of business email messages, network administrators are put in an uncomfortable situation.

Posted at 10:06 AM

Plug Those PowerBook Ports with Portectorz

[The Unofficial Apple Weblog (TUAW)] Think of Portectorz as the little Dutch boy's thumb to the dike that is your PowerBook's open ports. From the product page: "Portectorz are molded to exacting specifications to ensure a perfectly sealed and secure fit - sensible insurance for potentially costly component damage.

Posted at 10:05 AM

The Impact Of Podcasting On Paid-for Content

[Synesthesia] The Impact Of Podcasting On Paid-for Content Filed under: Intellectual Property Media Strategy 12-07-2005 A podcast and related blog post from Dave Winer makes some important points about the true impact of DRM on the media industry, and led me to start thinking about the strategic forces at play in the current “Internet will eat the Media” debate. In this post I summarise his key points, and then build on them to produce a value net analysis of the media industry from the perspective of the current incumbents. In later posts I will look at the analysis from the perspective of the people who create the content and devlop some thinking on the strategies open to both parties. The Dave Winer view In the podcast Dave draws strong parallels between the current rush of music, audiobook and video producers to adopt various strong forms of DRM to the practices of the software industry in the 80’s when copy-protection of software was common. What was once the industry...

Posted at 10:04 AM

July 11, 2005

Small Bits on Privacy

[Emergent Chaos: Musings from Adam Shostack on security, privacy, and economics] Larry Ponemon has a good article in Computerworld, "After a privacy breach, how should you break the news?:" We learned that about one-third of...

Posted at 12:25 PM

Wireless 411 Privacy Act

[FreedomSight] "The legislation would require wireless carriers to have a clear pre-authorization before listing a subscriber's name and number in a directory. The bill also prevents call forwarding services from connecting callers without giving subscribers the option to accept or reject the call.

Posted at 12:18 PM

Information security best practices

[IO ERROR] Information security best practices Posted by IO ERROR under Linux , Windows , Internet , Privacy 1 Comment Security is not a program, it’s a...

Posted at 12:16 PM

Microsoft, HP Collaborate on Orwellian National ID Program

[ 8 Ways to Sunday] It appears from HP’s press release that NIS can be made to work with either biometric data such as fingerprints, or more traditional tracking mechanisms like bar codes. No doubt support for RFID, everyone’s favorite nascent Orwellian technology, can’t be far behind.

Posted at 12:15 PM

On the importance of privacy

[ Arik’s blog] The other day I was having lunch with a friend and his wife. Somehow the discussion reached the subject of privacy, and I have yet again met with the ubiquitous claim:

Posted at 12:11 PM

July 09, 2005

[IMG]

[PrivacyClueRay Everett-Church on Privacy, Politics Culture] This is not the first time I’ve written about government agencies using private companies to do what the agency is prohibited from doing. Back in March, I was even quoted in a News.com piece about the embattled data brokerage firm ChoicePoint pitching itself to the FBI as being able to do what the agency was prohibited from doing.

Read related posts for „[IMG]“.

Posted at 01:08 PM

Mike Ferguson Doesn't Support Your Medical Privacy

[Dump Mike -- Getting the Facts About NJ Congressman Mike Ferguson] This amendment would secure the personal information of millions of disabled, widowed and elderly Americans - including home addresses, phone numbers and the fact that you are receiving Medicare benefits - who receive prescription drug benefits from being handed out to anyone who starts a company marketing a prescription drug card under the 2002 prescription drug benefit.

Posted at 01:04 PM

Backup Tapes?

[Emergent Chaos: Musings from Adam Shostack on security, privacy, and economics] (Lauren W) Ironically, it's true that the probability of lost backup tapesbeing used opportunistically for ID theft is probably fairly low,at least in comparison to all the "ID theft supermarkets" that areout there -- crooked commercial and government employees willing tosell access to their files, Internet-based ID theft rings, and so on.

Read related posts for „Backup Tapes?“.

Posted at 01:03 PM

Device Offers Voice Privacy

[HowToWeb.com: Computer and Technology Blog and Resource] Permalink | Blogs linking to this post: BlogPulse | Technorati New Goggles Help Swimmers Count Laps The BBC reports on clever new googles...

Posted at 01:02 PM

Privacy.li not to be trusted

[IO ERROR] We won’t tell you who you are, but we’re going to protect your privacy. Trust us! That’s the premise of privacy.li. It offers a range of...

Posted at 01:00 PM

July 08, 2005

Labor law: EFF updates Legal Guide for Bloggers

[IO ERROR] Labor law: EFF updates Legal Guide for Bloggers Posted by IO ERROR under Politics , WordPress , Internet , Privacy Leave a Comment

Posted at 03:29 PM

FTC Chair’s Credit Card Data Stolen

[PrivacyClueRay Everett-Church on Privacy, Politics Culture] The irony, of course, is that the FTC is the federal government agency responsible for policing many of the issues related to identity theft and fraud. This is not the first instance in which FTC commissioners have gotten first-hand experience in coping with problems under the FTC’s jurisdiction.

Posted at 03:25 PM

'Dog Poop Girl' story hits the fan

[Citizen Paine | Citizen Journalism] The "Dog Poop Girl" story, the talk of blogs for several weeks as an example of how citizen journalists and the internet are changing the rules on privacy, hit the Washington Post on Thursday with a piece titled "Subway Fracas Escalates Into Test Of the Internet's Power to Shame."

Posted at 03:24 PM

Seagate's Drive Plans Include 500 GBs, Encryption

[InfoSec News Blog] Seagate plans to enhance its Momentus lineup further with the Momentus FDE, a 2.5-inch drive with the capability to encrypt is data. Encrypting the information will make a stolen notebook less valuable to thieves, as well as preventing identity theft and the loss of sensitive corporate data, Pait said.

Posted at 03:23 PM

Unprotected Wi-Fi Could Lead To Identity Theft

[Identity Theft Blog] Millions of people use the Internet every day, and with your business or your personal life growing more dependent on Internet communication, many people might be ready to take the next step and get a device that allows you to access the Internet on the go.

Posted at 03:22 PM

July 07, 2005

Citigroup's Data Snafu

[Cynthia L. Webb] An excerpt from the article: "Companies that purchase technology services expect to increase the amount of work they outsource in the year ahead despite declining satisfaction with offshore providers and a surge in prematurely terminated contracts, according to a broad survey of executives to be released today," the paper said of the survey of 250 execs from consulting firm DiamondCluster International.

Posted at 12:25 PM

Spyware & Viruses Changing Consumers’ Online Habits

[HTNet] Finally, after years of getting infected with spyware and viruses, consumers’ online behaviour are beginning to change. People are more cautious...

Posted at 12:17 PM

Libertarian Party tries something new: politics

[IO ERROR] Libertarian Party tries something new: politics Posted by IO ERROR under Politics Leave a Comment The Libertarian Party, which ran its first...

Posted at 12:13 PM

More MD5 Collisions

[InfoSec News Blog] Two researchers from the Institute for Cryptology and IT-Security have generated PostScript files with identical MD5-sums but entirely different (but meaningful!) content.

Posted at 12:09 PM

Consumers Can Purchase Insurance For ID Theft Protection

[Identity Theft Blog] On Wednesday, identity theft crook Jerome Moonie was sentenced to two years for his crime, but he’ll be out of prison before most victims are able to fix their credit.

Posted at 12:04 PM

July 05, 2005

Microsoft warns of 'highly critical' IE flaw

[Blog Bloke: Blogging Resource, Online Communications, Technology] Please be patient. It takes awhile to load (lots of graphics ;-)">Headline NewsYour browser does not support JavaScript.

Posted at 05:01 PM

Government employees can’t write

[IO ERROR] Rise of the culture of fear Posted by IO ERROR under Homeland Stupidity , Privacy Leave a Comment These little incidents seem to accumulate...

Posted at 05:00 PM

IBM Forms Data Governance Council

[Payments News] "The Council's ultimate goal is to transform data governance and compliance from yearly audits to real-time, change-driven, on demand business processes that continually assess risks, update policies and manage resources across the enterprise."Other companies who have joined with IBM in this effort include ABN Amro, ActivCard, Airmagnet, American Express, Bank of Montreal, Bell Canada, Blueworld, Cadence Design, Centerprise, City of New York FISA and DoE, Consultrex, Corticon Technologies, Danske Bank, Deutsche Bank, Fidelis Security, Great American Insurance, Huntington Bank, Key Bank, Merrill Lynch, Mitratech, Navigant Consulting, Novartis, Government of Nassau County, Ping Identity, TIAA-CREF, TeliaSonara, North Carolina State University, Northwestern Mutual, Nova Southeastern University, the United Nations Development Program, SPS and the World Bank.

Posted at 04:58 PM

New hack cracks 'secure' Bluetooth devices

[InfoSec News Blog] Whitehouse showed in 2004 that a hacker could arrive at this link key without knowing the PIN using a piece of equipment called a Bluetooth sniffer. This can record the exchanged messages being used to derive the link key and feed the recordings to software that knows the Bluetooth algorithms and can cycle through all 10,000 possibilities of the PIN.

Posted at 04:53 PM

Progress cited in thwarting ID theft

[Identity Theft Blog] Executives from the data broker industry told a Senate panel yesterday they are making progress in stopping identity theft, a crime affecting about 10 million consumers a year at a cost of more than $50 billion.

Posted at 04:48 PM

July 04, 2005

Insider Jobs Pose Real Threat For Nation's Banking Giants

[Payments News] "About 70 [percent] to 80 percent of the risk is from insiders, although not all of them are as malicious as the case in New Jersey," said Steve Roop, vice president of marketing at San Francisco-based Vontu, a firm specializing in data-loss prevention.

Posted at 12:55 PM

Justice Department begins USA PATRIOT Act disinformation campaign

[IO ERROR] Justice Department begins USA PATRIOT Act disinformation campaign Posted by IO ERROR under Politics , Homeland Stupidity , Internet , Privacy

Posted at 12:51 PM

Encrypt Data or Invite Disaster

[InfoSec News Blog] This is not to say that encryption is a silver-bullet, but it goes a long way to securing your data. If Citigroup encrypted their data, 4 million consumer records, stored on magnetic computer tapes, would have been protected.

Posted at 12:46 PM

Global Security Watch > July 14, 2005

Getting started protecting PII, Part 1

World’s Biggest On-Star

July 14, 2005

Getting started protecting PII, Part 1

World’s Biggest On-Star

Keeping email under lock and (public) key

Plug Those PowerBook Ports with Portectorz

The Impact Of Podcasting On Paid-for Content

July 11, 2005

Small Bits on Privacy

Wireless 411 Privacy Act

Information security best practices

Microsoft, HP Collaborate on Orwellian National ID Program

On the importance of privacy

July 09, 2005

[IMG]

Mike Ferguson Doesn't Support Your Medical Privacy

Backup Tapes?

Device Offers Voice Privacy

Privacy.li not to be trusted

July 08, 2005

Labor law: EFF updates Legal Guide for Bloggers

FTC Chair’s Credit Card Data Stolen

'Dog Poop Girl' story hits the fan

Seagate's Drive Plans Include 500 GBs, Encryption

Unprotected Wi-Fi Could Lead To Identity Theft

July 07, 2005

Citigroup's Data Snafu

Spyware & Viruses Changing Consumers’ Online Habits

Libertarian Party tries something new: politics

More MD5 Collisions

Consumers Can Purchase Insurance For ID Theft Protection

July 05, 2005

Microsoft warns of 'highly critical' IE flaw

Government employees can’t write

IBM Forms Data Governance Council

New hack cracks 'secure' Bluetooth devices

Progress cited in thwarting ID theft

July 04, 2005

Insider Jobs Pose Real Threat For Nation's Banking Giants

Justice Department begins USA PATRIOT Act disinformation campaign

Encrypt Data or Invite Disaster

Categories

Blogroll

Reference Links

Archives

Global Security Watch

Blogging about the triangle of Privacy, Encryption and Security