Cloud Computing: Yahoo, Gmail, Facebook, Flickr, Linkedin and similar business-oriented social networking sites. By some definitions, very useful. By other definitions, "using some service that is out of your control, and storing your information there."
Think, before you jump on a cloud. Do you really want all your information out there, under someone else's control? A little here, a little there, combined it may be your dossier.
Did you know...
Facebook's Terms of Use agreement states: "... The Company may, but is not obligated to, review the Site and may delete or remove (without notice) any Site Content or User Content in its sole discretion, for any reason or no reason, including User Content…"
Yes, Personal Cloud Computing is different than Business Cloud Computing. If Flickr flickers you may loose all the personal photos you stored there. No big deal, you have back-ups. You did back-up didn't you?
Linkedin's User's Agreement states: "...you actually grant by concluding the Agreement, a non-exclusive, irrevocable, worldwide, perpetual, unlimited, assignable, sublicenseable, fully paid up and royalty-free right to us to copy, prepare derivative works of, improve, distribute, publish, remove, retain, add, and use and commercialize, in any way now known or in the future discovered, anything that you submit to us, without any further consent, notice and/or compensation to you or any third parties." Yikes! Read that again! Is this the wording of a benign B2B service, or are these folks thinking way ahead of you?
Business Cloud Computing?
What information are you putting out there: sales, contact, purchasing, email, medical, financial?
Can you afford to have that co-opted, lost or re-sold?
And, what are the legal ramifications?
What laws have you broken (HIPPA, SOX, etc.)?
What lawsuits might rain on you?
Think, before you jump on a cloud. (more)
~ Kevin
Monday, September 1, 2008
Friday, August 29, 2008
Pellicano & Christensen convicted of wiretap plot
Private investigator Anthony Pellicano and attorney Terry Christensen were convicted today of conspiring to illegally wiretap the ex-wife of billionaire Kirk Kerkorian.
Christensen, who was an attorney for investor and casino mogul Kerkorian, was accused of hiring Pellicano to listen in on the phone conversations of Lisa Bonder Kerkorian during a bitterly fought child support case. The lawyer and investigator were each charged with two felony counts relating to the alleged wiretap. The federal jury verdicts give a green light to a slew of pending civil lawsuits. (more)
Christensen, who was an attorney for investor and casino mogul Kerkorian, was accused of hiring Pellicano to listen in on the phone conversations of Lisa Bonder Kerkorian during a bitterly fought child support case. The lawyer and investigator were each charged with two felony counts relating to the alleged wiretap. The federal jury verdicts give a green light to a slew of pending civil lawsuits. (more)
Cell Phone Security Issues on the Rise
More small companies are allowing employees to use their personal smart phones for work. But that move could lead to big trouble, thanks to a new breed of hackers who are starting to target mobile phones.
Hackers can use spyware to keep an eye on what you type and what messages you receive, possibly gleaning company secrets. They can even can track your device's location, potentially allowing them to figure out your clients or plans by looking at where you go...
Mobile spyware, according to experts, is readily available. Many point to FlexiSPY, a program sold by Thai software company Vervata Co. The company promotes the product as a way for husbands and wives to catch their cheating spouses. Once installed on a person's phone, FlexiSPY tracks the device's whereabouts and monitors incoming and outgoing calls, text messages and emails. The information is then uploaded to a central server and can be viewed by the person who originally installed the software.
Nobody is accusing Vervata of stealing information, but some security experts argue that the software is ripe for abuse. It can be used by anyone to steal personal information and company secrets, they argue. A business might install the software on a rival's phone, for instance, to steal a contact list or monitor email traffic.
Phones that use the Symbian operating system, meanwhile, are vulnerable to a program that can capture the keystrokes of the device...
BlackBerrys may also be vulnerable to attack. ...Research In Motion Ltd. says that security policies built into the BlackBerry Enterprise Server software can guard against such spyware. Many small businesses, however, can't afford the BlackBerry server.
Even Apple Inc.'s iPhone may be vulnerable... While the iPhone offers password protection, it lacks other capabilities such as data encryption... The iPhone does offer the ability to create a secure virtual-private-network connection to company headquarters... But small businesses often lack VPN capabilities. (more)
One Solution for You...
Secure Mobile Systems (SMobile), designs security applications for mobile devices. They offer a comprehensive product suite that protects users of mobile devices from viruses, data compromise, the effects of device theft, and unauthorized data access.
Hackers can use spyware to keep an eye on what you type and what messages you receive, possibly gleaning company secrets. They can even can track your device's location, potentially allowing them to figure out your clients or plans by looking at where you go...
Mobile spyware, according to experts, is readily available. Many point to FlexiSPY, a program sold by Thai software company Vervata Co. The company promotes the product as a way for husbands and wives to catch their cheating spouses. Once installed on a person's phone, FlexiSPY tracks the device's whereabouts and monitors incoming and outgoing calls, text messages and emails. The information is then uploaded to a central server and can be viewed by the person who originally installed the software.
Nobody is accusing Vervata of stealing information, but some security experts argue that the software is ripe for abuse. It can be used by anyone to steal personal information and company secrets, they argue. A business might install the software on a rival's phone, for instance, to steal a contact list or monitor email traffic.
Phones that use the Symbian operating system, meanwhile, are vulnerable to a program that can capture the keystrokes of the device...
BlackBerrys may also be vulnerable to attack. ...Research In Motion Ltd. says that security policies built into the BlackBerry Enterprise Server software can guard against such spyware. Many small businesses, however, can't afford the BlackBerry server.
Even Apple Inc.'s iPhone may be vulnerable... While the iPhone offers password protection, it lacks other capabilities such as data encryption... The iPhone does offer the ability to create a secure virtual-private-network connection to company headquarters... But small businesses often lack VPN capabilities. (more)
One Solution for You...
Secure Mobile Systems (SMobile), designs security applications for mobile devices. They offer a comprehensive product suite that protects users of mobile devices from viruses, data compromise, the effects of device theft, and unauthorized data access.
Thursday, August 28, 2008
R ur kiz speken nkod? Du u fee eel <- awt?
Lingo2word is devoted to demistifying the new Internet shorthand language of Text messages, Chat rooms and Emails.
• Online Searchable Shorthand Dictionary.
• Translate to txtmsg lingo.
• Translate from Lingo to plain English.
• Emoticons.
• Txting words.
• Acronyms.
• And a searchable Text Message collection.
• Online Searchable Shorthand Dictionary.
• Translate to txtmsg lingo.
• Translate from Lingo to plain English.
• Emoticons.
• Txting words.
• Acronyms.
• And a searchable Text Message collection.
Interesting cellular surveillance product...
from the seller's web site...
"RADAR safeguards your child while using cell phones and immediately alerts you if he or she receives unapproved email, text messages or phone calls.
RADAR provides you complete text messages (sent and received from your child's phone) along with corresponding phone numbers and records them on the website where you can review them at home and print reports for authorities.
RADAR is not spyware...
RADAR notifies the user that they are being monitored, making it impossible to track their usage secretly." (more)
So... how soon will this come with company-supplied cell phones, or be made a requirement of parole?
"RADAR safeguards your child while using cell phones and immediately alerts you if he or she receives unapproved email, text messages or phone calls.
RADAR provides you complete text messages (sent and received from your child's phone) along with corresponding phone numbers and records them on the website where you can review them at home and print reports for authorities.
RADAR is not spyware...
RADAR notifies the user that they are being monitored, making it impossible to track their usage secretly." (more)
So... how soon will this come with company-supplied cell phones, or be made a requirement of parole?
Declare + "A War On..." = Business Opportunity
reprinted from CRYPTO-GRAM by Bruce Schneier
Homeland Security Cost-Benefit Analysis
"In an excellent paper by Ohio State political science professor John Mueller, "The Quixotic Quest for Invulnerability: Assessing the Costs, Benefits, and Probabilities of Protecting the Homeland," there are some common sense premises and policy implications."
The premises:
1. The number of potential terrorist targets is essentially infinite.
2. The probability that any individual target will be attacked is essentially zero.
3. If one potential target happens to enjoy a degree of protection, the agile terrorist usually can readily move on to another one.
4. Most targets are 'vulnerable' in that it is not very difficult to damage them, but invulnerable in that they can be rebuilt in fairly short order and at tolerable expense.
5. It is essentially impossible to make a very wide variety of potential terrorist targets invulnerable except by completely closing them down."
The policy implications:
1. Any protective policy should be compared to a "null case": do nothing, and use the money saved to rebuild and to compensate any victims.
2. Abandon any effort to imagine a terrorist target list.
3. Consider negative effects of protection measures: not only direct cost, but inconvenience, enhancement of fear, negative economic impacts, reduction of liberties.
4. Consider the opportunity costs, the tradeoffs, of protection measures."
Meanwhile... "The nation's terrorist watch list has hit one million names, according to a tally maintained by the American Civil Liberties Union based upon the government's own reported numbers for the size of the list." (more)
Homeland Security Cost-Benefit Analysis
"In an excellent paper by Ohio State political science professor John Mueller, "The Quixotic Quest for Invulnerability: Assessing the Costs, Benefits, and Probabilities of Protecting the Homeland," there are some common sense premises and policy implications."
The premises:
1. The number of potential terrorist targets is essentially infinite.
2. The probability that any individual target will be attacked is essentially zero.
3. If one potential target happens to enjoy a degree of protection, the agile terrorist usually can readily move on to another one.
4. Most targets are 'vulnerable' in that it is not very difficult to damage them, but invulnerable in that they can be rebuilt in fairly short order and at tolerable expense.
5. It is essentially impossible to make a very wide variety of potential terrorist targets invulnerable except by completely closing them down."
The policy implications:
1. Any protective policy should be compared to a "null case": do nothing, and use the money saved to rebuild and to compensate any victims.
2. Abandon any effort to imagine a terrorist target list.
3. Consider negative effects of protection measures: not only direct cost, but inconvenience, enhancement of fear, negative economic impacts, reduction of liberties.
4. Consider the opportunity costs, the tradeoffs, of protection measures."
Meanwhile... "The nation's terrorist watch list has hit one million names, according to a tally maintained by the American Civil Liberties Union based upon the government's own reported numbers for the size of the list." (more)
Update - The Case of the Blue Mocking Bird
CA - Undersheriff Steve Bolts told County Human Resources officials that he and Sheriff Pat Hedges eavesdropped on former Chief Deputy Gary Hoving because of concerns Hoving was “making fun of” Hedges behind his back and was disloyal, not because of any ongoing criminal investigation.
Eavesdropping is considered illegal except in limited circumstances, such as a police officer conducting an investigation. That’s how Hedges has publicly described what he was doing, saying that he was investigating allegations evidence was mishandled in a narcotics division. The transcripts, however, give a different account. (more)
Eavesdropping is considered illegal except in limited circumstances, such as a police officer conducting an investigation. That’s how Hedges has publicly described what he was doing, saying that he was investigating allegations evidence was mishandled in a narcotics division. The transcripts, however, give a different account. (more)
007's in "License to Bill"
Private contractors account for more than one-quarter of the core workforce at U.S. intelligence agencies, according to newly released government figures that underscore how much of the nation's spying work has been outsourced since the Sept. 11 attacks.
The CIA and other spy agencies employ about 36,000 contractors in espionage-related jobs, in addition to approximately 100,000 full-time government workers, said Ronald Sanders, head of personnel for the U.S. intelligence community...
The total budget for the nation's spy agencies is roughly $43 billion. (more)
The CIA and other spy agencies employ about 36,000 contractors in espionage-related jobs, in addition to approximately 100,000 full-time government workers, said Ronald Sanders, head of personnel for the U.S. intelligence community...
The total budget for the nation's spy agencies is roughly $43 billion. (more)
But, you can still take notes. Odd logic. Tough law.
PA - Five months ago, Linda Majer-Davis portrayed herself as a crusading public employee to the Bethlehem Area School Board. She told directors she had secretly recorded a department meeting with the superintendent because she was concerned about waste and mismanagement.
On Wednesday, police called her a criminal.
Pennsylvania's wiretap law prohibits recording a meeting or interview without the permission of all parties. The charge, intercept communications, is a third-degree felony. If convicted, Majer-Davis could face one to seven years in prison. (more)
Interesting...
"she used her laptop to record the meeting"
"...Majer-Davis is still employed by the district as a computer technician"
Observation...
People use the electronic surveillance tools they have handy and know best.
On Wednesday, police called her a criminal.
Pennsylvania's wiretap law prohibits recording a meeting or interview without the permission of all parties. The charge, intercept communications, is a third-degree felony. If convicted, Majer-Davis could face one to seven years in prison. (more)
Interesting...
"she used her laptop to record the meeting"
"...Majer-Davis is still employed by the district as a computer technician"
Observation...
People use the electronic surveillance tools they have handy and know best.
Wednesday, August 27, 2008
Internet Privacy - It's all over but the shouting.
Two security researchers have demonstrated a new technique to stealthily intercept internet traffic on a scale previously presumed to be unavailable to anyone outside of intelligence agencies like the National Security Agency.
The tactic exploits the internet routing protocol BGP (Border Gateway Protocol) to let an attacker surreptitiously monitor unencrypted internet traffic anywhere in the world, and even modify it before it reaches its destination.
"It's a huge issue. It's at least as big an issue as the DNS issue, if not bigger," said Peiter "Mudge" Zatko, noted computer security expert and former member of the L0pht hacking group, who testified to Congress in 1998 that he could bring down the internet in 30 minutes using a similar BGP attack, and disclosed privately to government agents how BGP could also be exploited to eavesdrop. "I went around screaming my head about this about ten or twelve years ago.... We described this to intelligence agencies and to the National Security Council, in detail." (more)
Comeon, Shout, Shout, knock yourself out
Comeon, yell, yell, loud and swell
You gotta Scream, scream, you know what I mean,
Put another dime in the spying machine... (sing-a-long)
The tactic exploits the internet routing protocol BGP (Border Gateway Protocol) to let an attacker surreptitiously monitor unencrypted internet traffic anywhere in the world, and even modify it before it reaches its destination.
"It's a huge issue. It's at least as big an issue as the DNS issue, if not bigger," said Peiter "Mudge" Zatko, noted computer security expert and former member of the L0pht hacking group, who testified to Congress in 1998 that he could bring down the internet in 30 minutes using a similar BGP attack, and disclosed privately to government agents how BGP could also be exploited to eavesdrop. "I went around screaming my head about this about ten or twelve years ago.... We described this to intelligence agencies and to the National Security Council, in detail." (more)
Comeon, Shout, Shout, knock yourself out
Comeon, yell, yell, loud and swell
You gotta Scream, scream, you know what I mean,
Put another dime in the spying machine... (sing-a-long)
Labels:
computer,
espionage,
FutureWatch,
government,
Hack,
historical,
NSA,
privacy,
wiretapping
...thus, giving the word "secret" a new definition.
UK - RAF top brass have secretly bought two spy-in-the-sky planes to snoop on terrorists worldwide — from three miles up. Security officials said the Twin Star aircraft will be a global asset as they can fly for 18 hours a time.
An RAF source said: “With the right sensor array, they can see if a suspected terrorist is at home, listen in to and record his mobile calls and tell you if his car engine is hot, warm or cold. “They can also help others put a surprise package through his window.” (more)
An RAF source said: “With the right sensor array, they can see if a suspected terrorist is at home, listen in to and record his mobile calls and tell you if his car engine is hot, warm or cold. “They can also help others put a surprise package through his window.” (more)
Steganography for the Masses!
...from their website...
The SpyMessage is easy-to-use, reliable and powerful tool for protecting important information that you don't want others to see.
With SpyMessage you can encrypt and hide your text message into image without any changes in its resolution or size.
• You can view the image with any conventional image viewer program
• Exchange messages without any fear from others spying on you.
• No one can know if your image contain messages or not.
• SpyMessage uses two encryption algorithms to protect your data.
• No un-encrypted temporary files are ever created.
• No password saved within your file
• Set a special Password to retrieve your encrypted data.
Just remember, "there is no free lunch."
You don't know what else this "free" software might do.
Download at your own risk.
The SpyMessage is easy-to-use, reliable and powerful tool for protecting important information that you don't want others to see.
With SpyMessage you can encrypt and hide your text message into image without any changes in its resolution or size.
• You can view the image with any conventional image viewer program
• Exchange messages without any fear from others spying on you.
• No one can know if your image contain messages or not.
• SpyMessage uses two encryption algorithms to protect your data.
• No un-encrypted temporary files are ever created.
• No password saved within your file
• Set a special Password to retrieve your encrypted data.
Just remember, "there is no free lunch."
You don't know what else this "free" software might do.
Download at your own risk.
Labels:
amateur,
art,
computer,
data,
email,
encryption,
FutureWatch,
Hack,
miscellaneous,
privacy,
product,
software
One in three Aussies spies on text messages
900,000 Australians have admitted to checking their partner's phones according to new research conducted by Virgin Mobile. The research has revealed that Australia is a nation of paranoid text checkers with over one in three young Australians admitting to checking their partner's text messages, and more than 280,000 having been being involved in a text-checking related break-up.
The research reveals:
• 10% of young Australians have been involved in a breakup as a result of text-checking
• 59% of text checkers check their partner's phone when they shower
• Women (38%) are more likely than men (28%) to check their partner's texts
• 76% of text checkers do so in secret
• 73% of text checkers found out things they later wished they hadn't
• 44% of sneaky text checkers have discovered flirtatious or sexual texts, ranging from harmless flirtation (32%) to full blown sexual texts from someone else (19%)
• The most common places text checkers operate is while their partner is showering (59%), in the same room (41%) or on the toilet (35%)
With the aim of squashing the nation's obsession with text checking, Virgin Mobile introduces a new service for those customers concerned about their partner's snoopy tendencies. Customers can simply text the word 'snoop' to 1978 99 99 to have a text from 'SEXY' sent to their phone. When the text message is opened by a paranoid partner, the message will remind the checker to have trust in their loved one.
Author, relationship expert and text-checking guru, Samantha Brett says that text checking is rampant in relationships across the world... (press release)
...and for the very, very paranoid...
TextSpy (the deleted text message reader)
The research reveals:
• 10% of young Australians have been involved in a breakup as a result of text-checking
• 59% of text checkers check their partner's phone when they shower
• Women (38%) are more likely than men (28%) to check their partner's texts
• 76% of text checkers do so in secret
• 73% of text checkers found out things they later wished they hadn't
• 44% of sneaky text checkers have discovered flirtatious or sexual texts, ranging from harmless flirtation (32%) to full blown sexual texts from someone else (19%)
• The most common places text checkers operate is while their partner is showering (59%), in the same room (41%) or on the toilet (35%)
With the aim of squashing the nation's obsession with text checking, Virgin Mobile introduces a new service for those customers concerned about their partner's snoopy tendencies. Customers can simply text the word 'snoop' to 1978 99 99 to have a text from 'SEXY' sent to their phone. When the text message is opened by a paranoid partner, the message will remind the checker to have trust in their loved one.
Author, relationship expert and text-checking guru, Samantha Brett says that text checking is rampant in relationships across the world... (press release)
...and for the very, very paranoid...
TextSpy (the deleted text message reader)
The seemingly endless case of PI Pellicano seems to be ending... we hope.
CA - A federal prosecutor claimed Tuesday that taped phone calls between Hollywood private eye Anthony Pellicano and a high-powered lawyer showed they were conducting illegal wiretaps, even though the alleged wiretapped recordings have never been found.
In his closing argument, Assistant U.S. Attorney Daniel Saunders played a phone conversation for jurors in which Pellicano told attorney Terry Christensen that all the information he would be gathering would be kept between them. Christensen agreed...
While old-fashioned private eyes pounded the pavement for information, Pellicano "sat in his office and listened to wiretaps," Saunders said. (more)
In his closing argument, Assistant U.S. Attorney Daniel Saunders played a phone conversation for jurors in which Pellicano told attorney Terry Christensen that all the information he would be gathering would be kept between them. Christensen agreed...
While old-fashioned private eyes pounded the pavement for information, Pellicano "sat in his office and listened to wiretaps," Saunders said. (more)
Subscribe to:
Posts (Atom)