Now this is chutzpah:
Although our reporter was not the winning bidder, the seller contacted us and claimed the winner had failed to pay. She then quoted a price of £2,400 and said she would post the tickets to our reporter.
But we had already contacted the winning bidder via Ebay; he told us that he had already transferred £2,414 to the seller’s bank account.
Fraudsters hijack Led Zeppelin concert,
Promotor blames Ebay for failing to take down auctions for non-existent tickets,Dinah Greek, Computeract!ve, 30 Oct 2007
Not only are these invalid tickets, but the seller was selling them twice!
Paul Kedrosky posted
this picture of new house construction seen through
the branches of a tree blackened by the 2003 California wildfires.
I can’t top that for a picture of denial.
He says he got it from the NY Times, but there’s no link, so I can’t
attribute it further.
Gunnnar notes the formation of a software vendor security best practices
consortium and asks:
Why not bootstrap a Fortune 500 Secure Coding Initiative to drive
better products, services and share best practices in the software
Secure Coding Advocacy Group,
23 October 2007
Yes, if the customers demanded it, that might make some difference,
and the vendors do pay the most attention to the biggest customers.
Of course the biggest customer is the U.S. government,
they seem more interested in CYA than in actual security
And I’m a bit jaded on “best practices” due to reading Black Swans.
But regardless of the specific form of better such a group demanded,
demanding better security might make some difference.
Maybe they could also demand risk management, which would
including having watchers watching ipsos custodes.
Not just in the circular never-ending hamster wheel of death
style, but for actual improvemment.
Not all that glitters is gold:
“Fingerprints, before DNA, were always considered the gold standard
of forensic science, and it’s turning out that there’s a lot more
tin in that field than gold,” he said. “The public needs to understand
that. This judge is declaring, not to mix my metaphors, that the emperor
has no clothes.”
Judge bars use of partial prints in murder trial,
By Jennifer McMenamin, Sun Reporter,
October 23, 2007
The judge did this because of the partial fingerprint false positive
linking an Oregon lawyer to the Madrid bombings.
Apparently that was only one of twenty false matches in that case.
So the judge in this homicide case has ruled that partial fingerprint
matches can’t be used as evidence.
At a pretrial hearing in May, prosecutors argued that fingerprint
evidence has been accepted by the courts and relied upon for nearly 100
years. Defense attorneys countered that there is no similar history of
subjecting the evidence to scientific review.
“The state is correct that fingerprint evidence has been used in
criminal cases for almost a century,” Souder, the judge, wrote in her
decision. “While that fact is worthy of consideration, it does not prove
reliability. For many centuries, perhaps for millennia, humans thought
that the earth was flat.”
So if a hundred year old “gold” standard of evidence turns out to be tin,
what about all the wide-scan wiretap dragnet evidence that certain
governments seem intent on compiling these days?
PS: Seen on Bruce Schneier’s blog.
In addition to the Chinese national firewall being used as a
Panopticon that encourages self-censorship
other uses are now emerging:
Further to our earlier story on visitors to Google Blogsearch being
redirected to Baidu in China, new reports have surfaced that would
indicate that China has unilaterally blocked all three major search
engines in China and is redirecting all requests to Baidu.
Cyberwar: China Declares War On Western Search Sites,
by Duncan Riley,
18 October 2007
Sort of an involuntary proxy, going somewhere other than where you thought.
Note the distinction between censorship and this new action:
…the redirect to Baidu would indicate an economic motive; if the Chinese
Government were serious about censorship alone we would have reports of
page not found/ blocked messages, not redirects to Baidu. The Chinese
Government is clearly using its censorship regime to the economic benefit
of a Chinese owned (but NASDAQ listed) company.
And also remember that there are U.S. government sponsored web panopticon
Research so far, or so far as we know.
PS: Seen on
Dancho Danchev‘s blog.
APWG eCrime Researchers Summit
has released its papers by linking them to its agenda.
Lots of interesting stuff there about phishing and website takedown,
capture and recapture, password reuse, behavorial reaction, etc.
There were also sessions on getting technology solutions adopted
and user education, but those appeared to be panels, and don’t
have papers posted.
In addition to the possibility of
(the Long Island Express also went through Massachusetts)
does Massachusetts also need to worry about earthquakes interrupting
For the second time this month an earthquake has hit Massachusetts.
NewsCenter 5 received numerous calls from people in the Groton, Westford and Littleton area. Residents said that they heard what sounded like a loud boom or explosion. Some said that they felt their homes shake.
The U.S. Geological Survey confirmed that an earthquake measuring 2.5 hit the region at about 1:30 a.m. Residents in Westford and Littleton also said that they heard rumblings at about 6:05 a.m.
Earthquake Shakes Bay State,
Residents In Route 2 Area Report Loud Boom,
19 Oct 2007
Like hurricanes and tornadoes,
it has happened before:
….a quake that shook Newburyport on Oct. 29, 1727. That was a 5.5 magnitude earthquake that was felt from Maine to Philadelphia.
Bay State Residents Jolted By Ancient Earthquake,
Quake Measured 1.8 On Richter Scale,
10 Oct 2007
Are earthquakes as likely as tornadoes or hurricanes to cause damage
There’s been a problem with RSS feeds.
This posting is just to see if the problem is fixed.
having an unexpected tornado literally in your back yard
can make you sensitive to how
even a hurricane could happen here.
Making Light, based in Brooklyn, has picked up
find of an
NYC Post-Disaster Competition
and run with it.
The competition pages themselves are a wealth of information,
for example storm paths and damage estimates for the hurricanes
of 1893, 1938 (Long Island Express), 1954 (Carol), 1960 (Donna), 1985 (Gloria),
1991 (Bob), and 1999 (Tropical Storm Floyd).
Funny how when you start paying attention, it only could happen here,
it has, repeatedly, and could again much worse.
Making Light extends on that with numerous bits of information
and comments from interested parties, perhaps because
Cripes, I almost feel like I live there.
What if New York City gets socked by a category-3 hurricane?
by Patrick Nielsen Hayden,
12 October 2007
Echoes of New Orleans are not hard to find:
On the other hand, it takes something on the order of dynamite to get us out of spaces where we’ve resided a long time. My guess is that a lot of people who should leave won’t, but they’ll be very helpful and cooperative about it.
Maybe we all do live there.
RIAA demonstrates how not only to alienate customers by suing them,
but to lose money while doing so:
During an occasionally testy cross examination,
a Sony executive said what many observers have suspected for a long
time. The RIAA’s four-year-old lawsuit campaign is costing the music
industry millions of dollars and is a big money-loser for the record
labels. The revelation came during the first day of Capitol Records
v. Jammie Thomas, the first file-sharing case to go to trial (it was
formerly known as Virgin v. Thomas, but the sole Virgin Records track was
stricken from the complaint, making Capitol Records the lead plaintiff).
RIAA anti-P2P campaign a real money pit, according to testimony,
By Eric Bangeman,
October 02, 2007 – 11:40PM CT
I don’t quite understand how this is good for anybody,
except maybe iTunes.
As risk management goes, it’s about as negative as it gets.