Monday, September 15, 2008

Security News Feed Monday 9/15/08

Do ISPs pose a bigger online privacy threat than Google? A research paper published by a university professor claims that ISPs could pose a bigger threat to online privacy than Google and other online advertisers do. Read more...





Google Bends to Privacy Critics on Chrome Tool
Reacting to criticism that its new Chrome browser was essentially acting as a keylogger, Google Inc. last week said it would render data anonymous within 24 hours of collecting information from the browser.





Microsoft defends IE8 'phone home' feature, clarifies privacy policy
Microsoft Corp. today defended the Internet Explorer 8 (IE8) tool that suggests sites based on the URLs typed into its address bar, saying that the browser "phones home" only a limited amount of information to Microsoft and that the company discards all user IP addresses almost immediately.





Social Security Numbers Exposed on Iowa Web Site
In yet another example of a data privacy controversy affecting county governments across the U.S., documents containing the Social Security numbers of Iowa residents have been posted since January 2005 on a Web site maintained by the Iowa County Recorders Association (ICRA).





Tab for Lockup of City's WAN May Reach $1M
Related stories:
Terry Childs: One risky point
How to protect your network from rogue IT employees
Why San Francisco's network admin went rogue
Photo essay: Terry Childs appears in court






Court overturns Virginia spam law, conviction
The Virginia Supreme Court has overturned a state antispam law and the 2004 conviction of long-time spammer Jeremy Jaynes, saying the law is an overly broad prohibition on anonymous free speech.

The Supreme Court, in a decision released Friday, said the 2003 Virginia spam law didn't distinguish between commercial e-mails and those with political messages, and thus was an overly broad prohibition on free speech protected by the First Amendment of the U.S. Constitution.





Cloud computing could prompt government action
Cloud computing will soon become a hot topic in Washington, with policy makers debating issues such as the privacy and security of data in the cloud, a panel of technology experts said Friday.

There are "huge challenges" facing policy makers in the next year or two as cloud computing becomes increasingly popular, said Mike Nelson, visiting professor for the Center for Communication, Culture and Technology at Georgetown University and a former technology policy adviser to President Bill Clinton.

The major policy questions to be worked out include: Who owns the data that consumers store on the network? Should law enforcement agencies have easier access to personal information in the cloud than data on a personal computer? Do government procurement regulations need to change to allow agencies to embrace cloud computing?






Scammers Making Smart Use of the PR Machine?
CSO blogger Dan Lohrmann is convinced the bad guys are using PR firms to help them decide what kinds of mayhem to launch next.
Read more





iPhone: Big trouble in the App Store
apple20.blogs.fortune.cnn.com — Last month, Apple triggered a minor rebellion among iPhone developers when it was revealed that the company was rejecting submissions to its App Store retail outlet without explaining why.More…





Posted at 07:00 AM ET, 09/13/2008
iPhone Update Plugs Eight Security Holes
http://blogs.washingtonpost.com/securityfix/
Apple on Friday issued an update for the iPhone that includes a bundle of at least eight security fixes.

The update is only available through iTunes, and will not appear in your computer's Software Update application, or in the Apple Downloads site.

Details about the security holes plugged by this release, version 2.1, are available here.






Sep 14, 1:10 pmCybercrime 'Major Business Risk'
Data theft outpaces concern about downtime from malware, IT managers report.





Sep 13, 11:04 amJapan Jumps to Lead in Cyberattacks
One-third of all Internet attacks came from Japan in the second quarter of the year, surpassing the U.S. and China.





Sep 13, 6:00 amGuilty Plea Entered in TJX Data Theft
Sentencing is due in December for one of the hackers charged in a data breach case involving several major retailers.






"The website of popular magazine BusinessWeek has been attacked via SQL injection in an attempt to infect its readership with malware. Hundreds of pages in a section of BusinessWeek's website which offers information about where MBA students might find future employers have been affected."






"Popsci.com has a writeup on 3M's new pocket projector, the 3M MPro 110, set to launch on September 30. 'In a dark room, it could project a big enough image to be the ultimate cheap-o home theater. The projector will sell for a mere $359. It doesn't have a speaker, so you'll have to get that separately. But really, how good could a microscopic speaker jammed into this thing sound, anyway?'"






Perpetrator of biggest data heist in history pleads guilty
Damon Patrick Toey, a hacker accused of participating in the theft of over 40 million credit card numbers from TJX, has entered a guilty plea and agreed to cooperate with authorities.
September 15, 2008 - 08:24AM CT - by Ryan Paul






AT&T will "temporarily reduce" speeds for U-verse customers
"High bandwidth" U-verse users should prepare for "temporary reductions" in throughput speeds, AT&T tells the FCC.
September 15, 2008 - 05:45AM CT - by Matthew Lasar






Best Buy acquires Napster; Eyes digital music distribution






Google wants your Hotmail, Yahoo and AOL contacts






UN Agency Working On Tech Standards To Get Rid Of Anonymity






CTO defends researcher's decision to reveal SCADA exploit
Dan Kaplan September 12, 2008
One technologist wants the public to understand why releasing exploit code for a dangerous vulnerability is sometimes the right thing to do.






Turkish Police Arrest Alleged ATM Hacker-Kidnapper





Yahoo opens its doors to hackersAFP - 2 hours, 56 minutes ago
SUNNYVALE, California (AFP) - Hackers armed with laptop computers, camping tents and dreams of software glory invaded Yahoo during the weekend as the Internet pioneer opened its strategy and its doors to outside developers.






Cyber Criminal Toolkit - Beware of Emails Inviting You To View Movie Clips By Grey McKenzie 09/12/2008

No comments: