The recent massive Heartland Payment Systems data attack...
Area banks are issuing new credit and debit cards after a data breach at a New Jersey company that processes payments.
Gate City Bank sent letters this week to about 25 percent of its cardholders, telling them they will get new ATM and check cards... Alerus Financial also has sent letters saying it is issuing new cards. (more) (notification costs, lost good will, reissue costs, etc.)
Did you know...
A study by the Ponemon Institute found the average cost of data breaches - from detection to notification to lost business - is rising. The No. 1 cost to companies is lost business, which now accounts for 69 percent of total costs. (more) According to a report released Monday by the Ponemon Institute and funded by encryption firm PGP, the cost of a data breach for companies has risen to $202 per lost record, up from $197 in the institute's 2007 study. For the 47 companies audited in the study, those costs added up to $6.6 million per incident. (more)
From the Deutsche Bahn spying scandal...
Deutsche Bahn Chief Executive Hartmut Mehdorn is battling to save his job over a staff snooping scandal, and keep alive his dream of a partial privatisation of the railway operator...
Now, some left-wing leaders of the ruling Social Democrats, who oppose the IPO, and opposition parties have called on Mehdorn to step down over the scandal. Mehdorn apologised on Tuesday for the spying on staff. (more) (loss of employment, probable loss of IPO and investments in getting the IPO ready, lost good will, legal costs, etc.)
From Microsoft...
Microsoft begins lawsuit over ex-employee spying... (more) (legal costs, PR costs, lost good will, etc.)
From Lebanon...
Ministerial-level security talks will be held on Monday to address the issue of wiretapping which has threatened to increase political turmoil in a divided nation where tensions between rival political camps often turned bloody. (more) (loss of life)
Wednesday, February 4, 2009
NOVA's "Spy Factory"
NOVA's documentary about the NSA, "Spy Factory", aired last night. The production quality lived up to NOVA's usual excellence. Surprising, because they didn't have much first-hand information. It will no doubt be rerun and turned into a DVD if you missed it.
I did, however, walk away thinking this was a bit misleading. A true documentary about the NSA would have focused on history, organizational structure, people and explaining specific jobs. It would also have presented a balanced historical assessment of successes and failures.
This documentary left me feeling like I was watching a caged animal being teased. Lots of finger pointing and poking at something that was not allowed to defend itself, yet it continues to defend its pokers.
The focus was narrow; NSA's 9/11 role. The main criticism; NSA did not share information it gleaned; thus 9/11 was somehow their fault.
While building their point, NOVA conveniently glossed over some pieces of foundation information:
• The laws which limited NSA's scope and ability to share, in 2001.
• The inane turf protectionist mentality which permeated the entire Intelligence Community, in 2001. (There was very little inter-agency sharing of anything back then.)
• Osama bin Laden was not exactly an NSA pre-9/11 secret. The U.S. indited him in 1998.
Heck, you even read about him here in Kevin's Security Scrapbook in January 2001...
SPECIAL SECTION -- Osama bin Laden
He's famous; his days are numbered, and you still don't know him. Sound really smart on capture day. Stoke your sound bite file now... CIA Biography - Osama bin Laden - "the cave-dwelling lunatic suspected of ordering the August bombings of U.S. embassies in Kenya and Tanzania..." (and USS Cole)
(more)
Meanwhile... on an Arab satellite channel...
Osama bin Laden appeared happy and smiling at his son's wedding...
(more)
But... nobody likes mingy...
"...a Saudi millionaire ... is tight with cash... says a former employee..."
(more)
I did, however, walk away thinking this was a bit misleading. A true documentary about the NSA would have focused on history, organizational structure, people and explaining specific jobs. It would also have presented a balanced historical assessment of successes and failures.
This documentary left me feeling like I was watching a caged animal being teased. Lots of finger pointing and poking at something that was not allowed to defend itself, yet it continues to defend its pokers.
The focus was narrow; NSA's 9/11 role. The main criticism; NSA did not share information it gleaned; thus 9/11 was somehow their fault.
While building their point, NOVA conveniently glossed over some pieces of foundation information:
• The laws which limited NSA's scope and ability to share, in 2001.
• The inane turf protectionist mentality which permeated the entire Intelligence Community, in 2001. (There was very little inter-agency sharing of anything back then.)
• Osama bin Laden was not exactly an NSA pre-9/11 secret. The U.S. indited him in 1998.
Heck, you even read about him here in Kevin's Security Scrapbook in January 2001...
SPECIAL SECTION -- Osama bin Laden
He's famous; his days are numbered, and you still don't know him. Sound really smart on capture day. Stoke your sound bite file now... CIA Biography - Osama bin Laden - "the cave-dwelling lunatic suspected of ordering the August bombings of U.S. embassies in Kenya and Tanzania..." (and USS Cole)
(more)
Meanwhile... on an Arab satellite channel...
Osama bin Laden appeared happy and smiling at his son's wedding...
(more)
But... nobody likes mingy...
"...a Saudi millionaire ... is tight with cash... says a former employee..."
(more)
Tuesday, February 3, 2009
TUNE IN TONIGHT: "Spy Factory"
"Nova" (8 p.m., PBS, check local listings) presents "The Spy Factory," an exposé of the National Security Agency (NSA).
Three times the size of the CIA and many times more secretive, the NSA's own initials have inspired many nervous jokes, such as "No Such Agency" and "Never Say Anything."
"The Spy Factory" looks at two major concerns about the agency. Many worry about its potential to eavesdrop on ordinary Americans' phone calls and Internet activities. But the principal concern addressed in "Spy Factory" is the fact that the agency may be too secretive to be of practical use. (more)
Three times the size of the CIA and many times more secretive, the NSA's own initials have inspired many nervous jokes, such as "No Such Agency" and "Never Say Anything."
"The Spy Factory" looks at two major concerns about the agency. Many worry about its potential to eavesdrop on ordinary Americans' phone calls and Internet activities. But the principal concern addressed in "Spy Factory" is the fact that the agency may be too secretive to be of practical use. (more)
Sunday, February 1, 2009
Eavesdropping Invention is a "Sickness" Detector
via crooze.fm
"If you thought the airport denizens of the TSA were already obnoxious, wait until they get their mitts on a Sick Traveler Detector. It's a software idea by Belgian company Biorics, which can determine if travelers are sick by the sound of their coughs...
The tech involves installing dozens of microphones around an airport security area or any public space, and running all the coughs they pick up through a special software algorithm that can tell the difference between a dry throat-clearing hack and a loogy-dripping, bubbling and wheezing honk, aka a "productive cough."
In their patent application, the privacy-invading chutzpah of the inventors is astonishing, where they even suggest eavesdropping on cell phone conversations to glean their illness detection data." (more) (patent)
"If you thought the airport denizens of the TSA were already obnoxious, wait until they get their mitts on a Sick Traveler Detector. It's a software idea by Belgian company Biorics, which can determine if travelers are sick by the sound of their coughs...
The tech involves installing dozens of microphones around an airport security area or any public space, and running all the coughs they pick up through a special software algorithm that can tell the difference between a dry throat-clearing hack and a loogy-dripping, bubbling and wheezing honk, aka a "productive cough."
In their patent application, the privacy-invading chutzpah of the inventors is astonishing, where they even suggest eavesdropping on cell phone conversations to glean their illness detection data." (more) (patent)
UK's Data Loss... Bad News, Good News, "Oh, no!"
"BAD NEWS."
from Steven J. Klein, via Risks Digest...
Bad news...
A National Health Service employee lost a flash drive containing personal information of up to 6,360 patients.
Good news...
The data on the flash drive was encrypted.
BAD NEWS...
The password was written on a sticky-note attached to the drive.
Paraphrased from the Lancashire Evening Post
from Steven J. Klein, via Risks Digest...
Bad news...
A National Health Service employee lost a flash drive containing personal information of up to 6,360 patients.
Good news...
The data on the flash drive was encrypted.
BAD NEWS...
The password was written on a sticky-note attached to the drive.
Paraphrased from the Lancashire Evening Post
Saturday, January 31, 2009
Q. Would you hire a long-distance baby sitter?
A. Depends on how old the baby is.
From those wonderful folks in Sweden who brought us SpyOn Voice... Now, a morphed and more palatable (ta-daaa) SpyOn Baby.
How could you resist a cute little program that calls itself, "A modern baby alarm that allows you to watch over your baby at home and over the internet." (for less than $10.00)
Besides, "If you are looking for specialists in VOIP (Voice over IP) then you have come to the right place. We are developing a series of applications based upon VOIP technology. If you can not find exactly what you are looking for maybe we can develop it for you."
And, oh, by the way, the company name is Spying Machines.
Why do we mention it?
So you know what your up against.
From those wonderful folks in Sweden who brought us SpyOn Voice... Now, a morphed and more palatable (ta-daaa) SpyOn Baby.
How could you resist a cute little program that calls itself, "A modern baby alarm that allows you to watch over your baby at home and over the internet." (for less than $10.00)
Besides, "If you are looking for specialists in VOIP (Voice over IP) then you have come to the right place. We are developing a series of applications based upon VOIP technology. If you can not find exactly what you are looking for maybe we can develop it for you."
And, oh, by the way, the company name is Spying Machines.
Why do we mention it?
So you know what your up against.
Labels:
amateur,
eavesdropping,
mores,
privacy,
product,
Ra-parents,
spycam,
VoIP
2009 State and Federal Privacy Laws Supplement
The 2009 Supplement to Privacy Journal's Compilation of State and Federal Privacy Laws (0-930072-17-0, 2002) has just been published. The price is $25, plus $4 for shipping. Need the original 2002 book as well? The price for the 2002 book and the current Supplement together is $35 plus $4 for shipping.
Contact:
Lee Shoreham, Assistant to the Publisher
PRIVACY JOURNAL
PO Box 28577
Providence RI 02908
Phone: 401/274-7861
Fax: 401/274-4747
orders@privacyjournal.net
Contact:
Lee Shoreham, Assistant to the Publisher
PRIVACY JOURNAL
PO Box 28577
Providence RI 02908
Phone: 401/274-7861
Fax: 401/274-4747
orders@privacyjournal.net
Employer Spying Increases
On Wednesday, the German rail spying scandal went from run-of-the-mill to flabbergasting: 173,000 -- and not 1,000 -- employees were spied on.
Politicians and the public are outraged, and commentators predict that the Deutsche Bahn CEO will take the fall. (more)
Politicians and the public are outraged, and commentators predict that the Deutsche Bahn CEO will take the fall. (more)
Employee Spying Increases
High anxiety about job-cuts in the workplace is fueling inter-office rumors, gossiping and eavesdropping, according to a recent survey by the Society for Human Resource Management.
Of 494 human-resource professionals surveyed, nearly 1/4 reported that they had encountered significantly more cases of eavesdropping in the workplace over the past year...
More than 1/5 of survey respondents reported that workers at their companies had recently been confronted or disciplined by an authority figure for spreading rumors or eavesdropping. (more)
Of 494 human-resource professionals surveyed, nearly 1/4 reported that they had encountered significantly more cases of eavesdropping in the workplace over the past year...
More than 1/5 of survey respondents reported that workers at their companies had recently been confronted or disciplined by an authority figure for spreading rumors or eavesdropping. (more)
Litigant Becomes Miki Mole
The Opposition Pays ...in more ways than one.
Microsoft is suing a former employee for applying for his job under false pretenses and using his role at the company to gain access to confidential data related to patent litigation he is now waging, reports the Seattle Post-Intelligencer.
Miki Mullor was hired by Microsoft in November 2005 after stating in his job application that he was a former employee at Ancora Technologies, a local software development company that he said had gone out of business.
However, Microsoft claims Ancora was still a viable company and that Mullor was still its chief executive — and that while he was at Microsoft, he downloaded confidential documents to his company-issued laptop. (more)
Miki talks... "When I joined Microsoft, I notified them in writing of Ancora and my patent in both my resume and in my employment agreement. In its complaint against me, Microsoft withheld the portions of these key documents that show this." (more)
"The patent case is scheduled for trial in a Los Angeles federal court on Jan. 26, 2010." This is getting interesting, and EXPENSIVE. Let's meet back here in a year and see what happens.
Spybusters Tip # 493
Look for espionage problems pro-actively. Catch them early.
Result... Low cost. Higher success rate.
Need help? Call us.
Microsoft is suing a former employee for applying for his job under false pretenses and using his role at the company to gain access to confidential data related to patent litigation he is now waging, reports the Seattle Post-Intelligencer.
Miki Mullor was hired by Microsoft in November 2005 after stating in his job application that he was a former employee at Ancora Technologies, a local software development company that he said had gone out of business.
However, Microsoft claims Ancora was still a viable company and that Mullor was still its chief executive — and that while he was at Microsoft, he downloaded confidential documents to his company-issued laptop. (more)
Miki talks... "When I joined Microsoft, I notified them in writing of Ancora and my patent in both my resume and in my employment agreement. In its complaint against me, Microsoft withheld the portions of these key documents that show this." (more)
"The patent case is scheduled for trial in a Los Angeles federal court on Jan. 26, 2010." This is getting interesting, and EXPENSIVE. Let's meet back here in a year and see what happens.
Spybusters Tip # 493
Look for espionage problems pro-actively. Catch them early.
Result... Low cost. Higher success rate.
Need help? Call us.
Japan's New Wiretap Law Take Root, Bears Fruit
Japan - The Communication Interception Law, which authorizes wiretapping as part of investigations, took effect in 2000. The Metropolitan Police Department carried out Japan's first wiretap authorized under the law in 2002.
Police across Japan conducted authorized wiretaps in a record 11 cases in 2008, up four from the previous year, that lead to the arrest of 34 people, Justice Minister Eisuke Mori told a Cabinet meeting Friday.
The number of arrests was the same as 2007... "Know-how on authorized wiretapping seems to be steadily taking hold," the Justice Ministry said. (more)
Police across Japan conducted authorized wiretaps in a record 11 cases in 2008, up four from the previous year, that lead to the arrest of 34 people, Justice Minister Eisuke Mori told a Cabinet meeting Friday.
The number of arrests was the same as 2007... "Know-how on authorized wiretapping seems to be steadily taking hold," the Justice Ministry said. (more)
Friday, January 30, 2009
Shades... of Joe Engressia
A legally blind Massachusetts phone hacker admitted this week to federal computer intrusion and witness intimidation charges that could put him away for as long as 13 years.
Matthew Weigman, 18, pleaded guilty to two felonies before U.S. Magistrate Judge Paul D. Stickney in Dallas on Tuesday. Known in the telephone party-line scene as "Li'l Hacker," Weigman is widely considered one of the best phone hackers alive.
In his plea deal with prosecutors, Weigman, who was born blind, admitted to a long criminal resume (.pdf). Among other things, he confessed to conspiring with other telephone hooligans who made hundreds of false calls to police that sent armed SWAT teams bursting into the homes of their party-line enemies.
In a new revelation, Weigman also admitted eavesdropping on customer service calls to Sprint, by dialing into a phone line used by Sprint supervisors to monitor their employees. Weigman parked on the spy line to overhear customers giving out their credit card numbers, which he memorized and passed to accomplices. Weigman and his friends used the numbers to purchase computers and other electronics. (more) (Joe Engressia)
Matthew Weigman, 18, pleaded guilty to two felonies before U.S. Magistrate Judge Paul D. Stickney in Dallas on Tuesday. Known in the telephone party-line scene as "Li'l Hacker," Weigman is widely considered one of the best phone hackers alive.
In his plea deal with prosecutors, Weigman, who was born blind, admitted to a long criminal resume (.pdf). Among other things, he confessed to conspiring with other telephone hooligans who made hundreds of false calls to police that sent armed SWAT teams bursting into the homes of their party-line enemies.
In a new revelation, Weigman also admitted eavesdropping on customer service calls to Sprint, by dialing into a phone line used by Sprint supervisors to monitor their employees. Weigman parked on the spy line to overhear customers giving out their credit card numbers, which he memorized and passed to accomplices. Weigman and his friends used the numbers to purchase computers and other electronics. (more) (Joe Engressia)
Heavy Duty Recording SpyCam, Goes Lighter
Lighter Camera
from the seller's web site...
Date time stamping with 8Gb large memory
Lighter Camera with built in Micro DVR for your home or office surveillance when you are not there. it records everything what you missed while you are away.
Built in Digital Audio Video recorder will give you all the evidence you need to prove in the court in case some one came to your home or office for bad purpose.
You don't have to worry about the battery as it can work up to 6 long hours in a single charge. Micro SD card can record up to 8 hours of Very Fine audio video on 8GB Micro SD Card. (more)
Why do we mention it?
So you know what you are up against.
from the seller's web site...
Date time stamping with 8Gb large memory
Lighter Camera with built in Micro DVR for your home or office surveillance when you are not there. it records everything what you missed while you are away.
Built in Digital Audio Video recorder will give you all the evidence you need to prove in the court in case some one came to your home or office for bad purpose.
You don't have to worry about the battery as it can work up to 6 long hours in a single charge. Micro SD card can record up to 8 hours of Very Fine audio video on 8GB Micro SD Card. (more)
Why do we mention it?
So you know what you are up against.
Thumb Stick in USB = VD for Unies
VD (Viral Data)
Japan - Virus infection of university campus computers via USB thumb drives has become common, according to the results of Yomiuri Shimbun survey that found more than 500 such incidents were reported in 13 universities. (more)
Japan - Virus infection of university campus computers via USB thumb drives has become common, according to the results of Yomiuri Shimbun survey that found more than 500 such incidents were reported in 13 universities. (more)
Wednesday, January 28, 2009
Happy Data Privacy Day... and good luck
January 28, 2009 - the United States, Canada, and 27 European countries celebrate Data Privacy Day for the second time.
Designed to raise awareness and generate discussion about data privacy practices and rights, Data Privacy Day activities in the United States have included privacy professionals, corporations, government officials, and representatives, academics, and students.
One of the primary goals of Data Privacy Day is to promote privacy awareness and education among teens across the United States. Data Privacy Day also serves the important purpose of furthering international collaboration and cooperation around privacy issues. (more)
This week's prelude to Data Privacy Day...
• Heartland May Be the Biggest Data Breach Ever
• Britain's biggest cyber theft case - Monster.co.uk
Designed to raise awareness and generate discussion about data privacy practices and rights, Data Privacy Day activities in the United States have included privacy professionals, corporations, government officials, and representatives, academics, and students.
One of the primary goals of Data Privacy Day is to promote privacy awareness and education among teens across the United States. Data Privacy Day also serves the important purpose of furthering international collaboration and cooperation around privacy issues. (more)
This week's prelude to Data Privacy Day...
• Heartland May Be the Biggest Data Breach Ever
• Britain's biggest cyber theft case - Monster.co.uk
Subscribe to:
Posts (Atom)