Full Appeals court hearing sought in border laptop search case
A three-judge panel already sided with U.S. Customs officials
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9093018&taxonomyId=17&intsrc=kc_top
June 3, 2008 (Computerworld) A man facing child pornography charges based on evidence gathered during a search of his laptop by airport customs officials is asking for an en banc review of his case by the full U.S. Court of Appeals for the Ninth Circuit.
The petition by Michael Arnold follows a ruling in April by a three-judge panel of the court that found customs officials needed no reasonable suspicion to search the contents of any individual's laptop at U.S. borders. Arnold contends the search was unreasonable.
In an en banc hearing, typically all the judges in a court reconsider a decision made by a smaller panel of the court. The decision to grant such a hearing depends on the court's view of the public importance of the case under review.
Arnold's case is being closely watched by privacy and civil rights advocates who are concerned that the Ninth Circuit's ruling will increase the number of suspicionless searches of laptops and other electronic devices at U.S. borders. Arnold was returning home from a three-week vacation in the Philippines in July 2005, when he was pulled aside for secondary customs screening at Los Angeles International Airport. A customs officer who was inspecting Arnold's luggage asked him to start his computer and had it examined by colleagues who found several images of what they believed were child pornography on the computer and in several storage devices Arnold was carrying with him.
After a grand jury charged Arnold with knowingly transporting child pornography in interstate and foreign commerce, he filed a motion with the U.S. District Court for the Central District of California asking for the evidence against him to be suppressed. In his motion, Arnold argued that the search of his computer and storage devices by Customs officers was unreasonable and unwarranted.
http://blogs.adobe.com/psirt/
- This is not a zero-day exploit. Despite various reports that have been circulating, the Flash Player Standalone 9.0.124.0 and Linux Player 9.0.124.0 are NOT vulnerable to the exploits discussed in conjunction with the previously disclosed vulnerability Symantec posted on 5/27/08. Symantec originally believed this to be a zero-day, unpatched vulnerability, but as their latest update on their Threatcon page indicates, they have now confirmed this issue does not affect any versions of Flash Player 9.0.124.0.
McAfee: Beware the .hk domain, among others
Security company's new report ranks riskiest and safest domains on the Internet. Damage from risky sites runs from the "apocalyptic to the annoying."
Tue, Jun 03 21:01:00 PDT 2008 Read full story
Gartner Details Real-Time 'Adaptive' Security InfrastructureFuture security model addresses arrival of multiple perimeters, mobile users
Army Hospital Breach May Be Result of P2P LeakData loss at Walter Reed exposed personal information on 1,000 soldiers
Gartner: Security Budgets Growing SlowlyDemand for security services drives security market
APPLE.COM Apple Releases Mac OS Leopard Security Guide
CYBERINSECURITY Multiple Cross-Site Scripting Vulnerabilities on EA Sites
Hacking Network Computers Explained In Detail By Grey McKenzie Yesterday
House of Hackers Web Portal For The Hacker Community By Grey McKenzie Yesterday
EU sees security threats lurking in printers AP - Tue Jun 3, 11:48 AM ET
BRUSSELS, Belgium - Printers and copiers could be the weak link in many corporate cyber defenses, the European Union's information security agency warned Tuesday.
New report identifies dangerous Web domainsAP - Wed Jun 4, 7:09 AM ET
SAN JOSE, Calif. - When surfing the Internet for safe Web sites, not all domains are equal.
"Of all ".hk" sites McAfee tested, it flagged 19.2 percent as dangerous or potentially dangerous to visitors; it flagged 11.8 percent of ".cn" sites and 11.7 percent of ".info" sites that way."
Exploiting Security Holes Automatically
By Erica NaoneTuesday, June 03, 2008
Researchers call for changes in how software patches are distributed.
Does Future Hold Malpractice Liability for Psychics?
http://www.onpointnews.com/
"“Defendants knew or should have known that the services they offered to plaintiff were of no value while they fraudulently represented that they could and would assist plaintiff with her personal problem,” she alleges in a complaint filed last week."
AT&T management staff data on stolen laptop
Dan Kaplan June 04, 2008
An undisclosed number of management-level workers at AT&T have been notified that their personal information was stored unencrypted on a stolen laptop.
Google chief exec targeted over privacy policy
Richard Thurston June 04, 2008
Fourteen U.S. privacy groups have written to Eric Schmidt arguing that Google is breaking Californian law by not including a link to its privacy policy on its homepage.
Walter Reed suffers peer-to-peer data breach
Sue Marquette Poremba June 03, 2008
Unauthorized file-sharing is to blame for a data breach at Walter Reed Army Medical Center that exposed the personal information of nearly 1,000 patients.
Spammers use hosted services to send unwanted mail
Dan Kaplan June 03, 2008
Spammers are increasingly turning to hosted services to ship out their junk mail, the latest threat report from MessageLabs revealed.
Patent Battles Continue Over Wireless Email
from the make-it-stop dept
While RIM is often portrayed as a victim for having to pay out $612.5 million in the patent infringement lawsuit filed by patent holding firm NTP, what gets less attention is that part of what kicked off NTP's lawsuit was the fact that RIM itself was going around suing pretty much everyone for patent infringement itself. And, of course, that kicked off all sorts of copycats, such as Visto -- a company that clearly learned the art of wielding patents against more successful companies from NTP. Visto and RIM ended up in quite the patent battle, with Visto even claiming that RIM should be shut down.
But, in the end, rather than the other way around, it turned out that it was Visto that was found to be infringing on RIM's patents. At this point, though, hasn't anyone realized how ridiculous it is that there are so many companies claiming to hold patents on some aspect of "wireless email" that no one can enter the space without having a bunch of infringement lawsuits waiting for them? This is not what the patent system was designed for.
4 Comments Leave a Comment..
CVE ALERT DETAIL : CVE-2008-2528
PRIMARYSOURCE
Source: cve
Description:
Unspecified vulnerability in Citrix Access Gateway Standard Edition 4.5.7 and earlier and Advanced Edition 4.5 HF2 and earlier allows attackers to bypass authentication and gain "access to network resources" via unspecified vectors.
Metasploit Project's site hijacked through ARP poisoning
Online brand-jacking increasing
Phoenix Mars Lander's mission site hacked
Another bogus malware study
Ed Bott: Here we go again, with yet another round of bogus reporting about the extent of malware infections in the United States--this time it's one in four. But we've got the real story.
40GB for $55 per month: Time Warner bandwidth caps arrive
We might want to alert our home VPN users abo9ut these rate caps...
FiReaNGeL notes research presented this morning at Penn State on the discovery of a new, ultra-small species of bacteria that has survived for more than 120,000 years within the ice of a Greenland glacier at a depth of nearly two miles. From the psu.edu announcement:
"The microorganism's ability to persist in this low-temperature, high-pressure, reduced-oxygen, and nutrient-poor habitat makes it particularly useful for studying how life, in general, can survive in a variety of extreme environments on Earth and possibly elsewhere in the solar system. This new species is among the ubiquitous, yet mysterious, ultra-small bacteria, which are so tiny that they are able to pass through microbiological filters. Called Chryseobacterium greenlandensis, the species is related genetically to certain bacteria found in fish, marine mud, and the roots of some plants."
"The GPL version 3 is getting some attention in legal circles, especially as it relates to its interaction with proprietary software and patents. Edmund J. Walsh penned an article for Law.com discussing the GPLv3 and the risks it poses for hardware and software companies."
Beware of Error Messages At Bank Sites
http://blogs.washingtonpost.com/securityfix/
If you own or work at a small to mid-sized business, and are presented with an error message about data synchronization or site maintenance when trying to access your company's bank account online, you might want to give the bank a call: A criminal group that specializes in deploying malicious software to steal banking data is presenting victims with fake maintenance pages and error messages as a means of getting around anti-fraud safeguards erected by many banks.
From http://www.schneier.com/blog/
Fax Signatures
Aren't fax signatures the weirdest thing? It's trivial to cut and paste -- with real scissors and glue -- anyone's signature onto a document so that it'll look real when faxed. There is so little security in fax signatures that it's mind-boggling that anyone accepts them.
Yet people do, all the time. I've signed book contracts, credit card authorizations, nondisclosure agreements and all sorts of financial documents -- all by fax. I even have a scanned file of my signature on my computer, so I can virtually cut and paste it into documents and fax them directly from my computer without ever having to print them out. What in the world is going on here?
And, more importantly, why are fax signatures still being used after years of experience? Why aren't there many stories of signatures forged through the use of fax machines?
Medical ID Theft Threatens Finances and Lives
Medical identity theft adds a new twist to identity theft by potentially creating not only financial problems, but health risks. The theft of health insurance benefits to obtain health care can add erroneous information to the health records of victims. These changes to health records may go unnoticed, if ever detected, for years before they are caught.
Medical ID Theft can injure finances, endanger lives,
Dallas Morning News, June 2, 2008
Posted by EPIC on June 3, 2008.Permanent link to this item.
At Gartner Summit, Experts Question Security's Future - 6/2/2008 1:30:00 PM Analysts, sci-fi authors challenge security pros to rethink the status quo
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment