Internet advocacy group InternetNZ and the NZ Consumers’ Institute have both come out swinging over the New Zealand Bankers Association’s (NZBA) decision to allow victims of Internet banking fraud to be potentially held liable for losses.Hm, maybe passing the buck isn’t the best way for banks to do this.— New Zealand: Consumer Advocates to Fight Banking Online Fraud Liability Code, Paul Ferguson, Fergie’s Tech Blog, Tuesday, July 24, 2007, quoting Brett Winterford on ZDNet Australia.
-jsq
I suppose we shouldn’t be surprised that the U.S. military
doesn’t seem to be any better about information security
than
companies or
other parts of government:
Detailed schematics of a military detainee holding facility in southern Iraq. Geographical surveys and aerial photographs of two military airfields outside Baghdad. Plans for a new fuel farm at Bagram Air Base in Afghanistan.Surely they know better than this? Continue readingThe military calls it “need-to-know” information that would pose a direct threat to U.S. troops if it were to fall into the hands of terrorists. It’s material so sensitive that officials refused to release the documents when asked.
But it’s already out there, posted carelessly to file servers by government agencies and contractors, accessible to anyone with an Internet connection.
— Military files left unprotected online, By Mike Baker, Associated Press Writer, Thu Jul 12, 8:03 AM ET
Banks, shops and government departments have exposed thousands in Britain to the risk of fraud through “horrifying” breaches of data protection laws, a watchdog said on Wednesday.He’s not talking terrorism, so we can hope this is not just more FUD. Continue readingIn his annual report, Information Commissioner Richard Thomas, whose office enforces the Data Protection Act, said firms must do more to secure people’s private details.
“The roll-call of banks, retailers, government departments, public bodies and other organisations which have admitted serious security lapses is frankly horrifying,” he said in the report.
— Privacy watchdog warns of “horrifying” breaches, The Scotsman, Reuters, 11 July 2007
Congress is investigating Homeland Security’s internal insecurity:
…hearing, the GAO witnesses will also describe an investigation they conducted on a specific DHS network that is "riddled with significant information security control weaknesses that place sensitive and personally identifiable information at increased risk of unauthorized disclosure."
The subcommittee also plans to air some of its concerns with the DHS OneNet project, which is aimed at consolidating all of the agency’s information networks under one roof, and to question a perceived lack of IT security funding by Charbo.
— Homeland Security to detail IT attacks Hearing will reveal findings of agency’s internal investigation into risk of system attacks and other online threats, By Matt Hines InfoWorld, June 15, 2007
Who could have predicted that putting all information networks under one roof would make them vulnerable to attack? That would have been like predicting that making all DHS and DoD computers run one operating system would make them vulnerable to attack.
-jsq
PS: Seen via Fergie’s Tech Blog
If people know about security breaches, maybe there’s incentive for
the companies whose customers they are or the governments whose
constituents they are to do something about them,
so this is good news:
New Hampshire, one of a handful of U.S. states that require breaches involving personal information to be reported to the state as well as to affected individuals, has made at least some breach notices it has received available on the net.
— New Hampshire gets it, Chris Walsh, Emergent Chaos, 13 June 2007
Or at least if we know what’s really going on, maybe unfounded scare
Continue reading
Sometimes a politician says something so sensible you wonder why everbody
doesn’t say it:
There are lots of threats to you in the world. There’s the threat of a heart attack for genetic reasons. You can’t sit there and worry about everything. Get a life.
You have a much greater danger of being hit by lightning than being struck by a terrorist.
In terms of what you as individual on the streets should worry about is not whether the person sitting next to you on the subway is a terrorist. The likelihood of that is so small it is not something you should worry about.
—Buzz Over Mayor’s ‘Get a Life’ Remark, By Sewell Chan, Empire Zone, June 6, 2007, 9:46 am
The outlet that originally quoted Bloomberg, wcbstv.com, quotes several people as saying terrorism is a big threat. However, it also points out that New York City is the safest city in America, with violent crime in general low and decreasing. Maybe if that TV station and others reported that more often, instead of constant, irrational fear, more people would understand what Bloomberg is saying.
Continue reading
Ben Hyde dug up a paper
about
Norms-Based Intellectual Property Systems: The Case of French Chefs,
which discusses the issues involved in the recent
case of the French chefs,
even though it was published before that foofaraw.
This paper makes me wonder if that’s what Apple is doing:
With great power comes great responsibility, and apparently with DRM-free music comes files embedded with identifying information. Such is the situation with Apple’s new DRM-free music: songs sold without DRM still have a user’s full name and account e-mail embedded in them, which means that dropping that new DRM-free song on your favorite P2P network could come back to bite you.The ars technica article goes on to recommend a trivial way to keep the music and ditch the identifiers, and points out that the presence of such an identifier on somebody else’s disk doesn’t necessarily prove copyright infringement. But maybe that’s not what Apple is really after. Maybe it’s so people will know that Apple could know, and other people could know, where you got your music. Like French chefs know where other chefs got certain recipes. Norms-based iTunes?We started examining the files this morning and noticed our names and e-mail addresses in the files, and we’ve found corroboration of the find at TUAW, as well. But there’s more to the story: Apple embeds your account information in all songs sold on the store, not just DRM-free songs. Previously it wasn’t much of a big deal, since no one could imagine users sharing encrypted, DRMed content. But now that DRM-free music from Apple is on the loose, the hidden data is more significant since it could theoretically be used to trace shared tunes back to the original owner. It must also be kept in mind that this kind of information could be spoofed.
— Apple hides account info in DRM-free music, too, By Ken Fisher, ars technica, May 30, 2007 – 01:39PM CT
-jsq
What happens when one famous chef copies another’s recipe?
The place is agog at the effrontery of Vigneron, since they believe he has brazenly ripped off one of chef Wylie Dufresne’s best-known dishes. By the looks of a feature in the current issue of Wired, Vigneron has created a showpiece dish of a “cyber egg,” the yolk of which is made of carrot-cardamom purée, surrounded by a white of hardened coconut milk. Very interesting, given that almost the exact same dish (minus a garnish of foam and carrot) has been served often at wd-50, is featured on the restaurant’s website, and, we are told by members of the staff, has been eaten by Vigneron at least twice. “It’s one thing to be inspired by a dish and to change the flavors to make it your own,” says line cook John Bignelli. “But to just steal everything? How can you do that?” Dufresne, staying above the fray, declined to comment.
— Did Marcel From ‘Top Chef’ Really Just Rip Off Wylie Dufresne? Grub Street, New York Magazine, 15 May 2007
You get a lot of commentary.
Continue reading
Why long tail graphs are usually shown on a log scale:
Unfortunately, the illustration works only as a large graph, because graphed out on small paper gives us only two discernable lines, one on each axis.
— A practical model for analyzing long tails, by Kalevi Kilkki First Monday, volume 12, number 5 (May 2007)
The sports field graph is a clever way of showing how the fat head of a long tail distribution can be extremely higher than the long tail; this is normally not so clear on log scale graphs.
Continue reading
Fergie
notes that apparently all those
complaints to DHS had some effect:
Senate Judiciary Committee Chairman Patrick J. Leahy (D-Vt.), citing concerns about Americans’ privacy, signaled yesterday that he will push to repeal a provision of a 2005 law aimed at creating new government standards for driver’s licenses.
Leahy, who has co-sponsored bipartisan legislation to repeal the provision, spoke out as the debate intensified over the Real ID Act, which requires states to create new tamper-proof driver’s licenses in line with rules recently issued by the Department of Homeland Security. States must begin to comply by May 2008 but can request more time. After 2013, people whose IDs do not meet those standards will not be allowed to board planes or enter federal buildings.
A similar Democrat-backed bill to repeal the provision is pending in the House. At least seven states have passed laws or resolutions opposing implementation of Real ID. Fourteen states have legislation pending. By yesterday, the DHS had received more than 12,000 public comments in response to the rules.
— Leahy, Others Speak Out Against New ID Standards, By Ellen Nakashima, Washington Post Staff Writer, Wednesday, May 9, 2007; Page D03
You may be wondering why you didn’t hear about this law in 2005, when it was passed.
Continue reading