Canadian Parliament May Force Banks to Reveal Electronic Security Lapses
Personally, I'd like to see this type of enforcement globally, or else the confidence in banking and online commerce will force folks to start putting their cash in their mattresses (again).
Carly Weeks writes for CanWest News Service (via Canada.com):
A House of Commons committee is expected to propose new rules that would force banks and other institutions to publicly disclose when they lose customers’ personal information.
But the country’s major banks are fighting the idea, saying it would have a “significant negative impact” on consumers.
The issue is about to reach a boiling point in Parliament, where the House ethics committee is in the process of reviewing the Personal Information Protection and Electronic Documents Act, designed to protect personal information that is used by businesses, the government, as well as health information.
More
here.
(
Props, Flying Hamster.)
UK: Phishing Education 'Doesn't Work'
Michael Crawford writes on PC Advisor:
The failure of customers to secure their own money during internet transactions could potentially lead banks to pass off the responsibility of financial losses back to the customer.
User education for online banking customers on how to avoid phishing scams has failed, according to Paul Henry, senior vice president of Secure Computing. This form of commonsense defence has failed to work time and time again, he added.
More
here.
Caught in the (Tor) Network
Paul Cesarini writes in The Chronicle of Higher Education:
At 9:15 one Thursday morning, there came a polite knock on my mostly closed office door. I was expecting the knock. A student was coming to talk to me about getting into one of my courses, which he needed to graduate.
So when I heard the knock, I said, "C'mon in, Kyle." Someone said, "Hello?" and came in, along with two smartly dressed men extending business cards to me.
I recognized the speaker as a network-security technician in my university's office of information-technology services. The other men were not familiar, but a quick glance at their cards told me they were detectives on our campus police force. They closed my office door behind them, sat down, took out notepads and pens, and asked if I had a few minutes to speak with them about Tor.
... and asked him to stop using it.
More
here.
Dot-XXX and Tiered/Differential Pricing: Permitted?
George Kirikos writes on CircleID:
As folks will recall, there was a big debate about tiered/differential pricing in the .biz/info/org contracts. Eventually those contracts were amended to prevent that.
However, if folks read the .XXX proposed contract, Appendix S, Part 2, under “delegated authority”, appears to give the Registry Operator total control to make policy regarding pricing. Thus, it would appear they are in a position to re-price domains that later become successful under .xxx.
More
here.
In Remembrance: Anna Nicole Smith
Microsoft Patch Tuesday Alert: February 2007 Advance Notification
Via The Microsoft Security Response Center Blog.
Next Tuesday, on February 13, 2007 at approximately 10:00 am PT we are slated to release:
- Five Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer. Some of these updates will require a restart.
- Two Microsoft Security Bulletins affecting Microsoft Office. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer. These updates may require a restart.
- One Microsoft Security Bulletin affecting Microsoft Windows and Microsoft Visual Studio. The highest Maximum Severity rating for this is Important. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. These updates will require a restart.
- One Microsoft Security Bulletin affecting Microsoft Windows and Microsoft Office. The highest Maximum Severity rating for this is Important. These updates will be detectable using the Microsoft Baseline Security Analyzer. These updates may require a restart.
- One Microsoft Security Bulletin affecting Step-by-Step Interactive Training. The highest Maximum Severity rating for this is Important. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. These updates may require a restart.
- One Microsoft Security Bulletin affecting Microsoft Data Access Components. The highest Maximum Severity rating for this is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. These updates may require a restart.
- One Microsoft Security Bulletin affecting Windows Live OneCare, Microsoft Antigen, Microsoft Windows Defender, and Microsoft ForeFront. The highest Maximum Severity rating for these is Critical. These products provide built-in mechanisms for automatic detection and deployment of updates. Some of these updates may require a restart.
We will also be making our regular monthly update to the Microsoft Windows Malicious Software Removal Tool.
More
here.
Defense Tech: Booz Allen’s SBI-Net Role Draws Scrutiny
Alice Lipowicz writes on Washington Technology:
Rep. Henry Waxman (D-Calif.) today suggested that consulting firm Booz Allen Hamilton Inc. may have a significant conflict of interest in its role as a contractor hired to help oversee the Homeland Security Department’s $8 billion Secure Border Initiative Network surveillance system.
Waxman, chairman of the House Committee on Oversight and Government Reform, drew attention at a hearing for the DHS’ heavy reliance on outside contractors in planning, managing, administering and overseeing the ambitious SBI-Net program.
More
here.
Note: This is
not the first time that BAH's credibility has been called into question.
Hacker Breaks into Website of Canadian Nuclear Agency
Ian MacLeod writes in The Ottawa Citizen:
A brazen hacker attacked the Canadian Nuclear Safety Commission website yesterday, littering it with dozens of photographs of a nuclear explosion and raising concerns about the security of information held by the nation's nuclear watchdog.
The incident was discovered about 3 p.m. by a Citizen reporter. All of the commission's current and archived news releases, dating back to 1998, were renamed as "security breaches" and, when opened, a colour photograph of a fiery mushroom cloud appeared under the heading "For Immediate Release."
An accompanying caption read: "Please dont (sic) put me in jail......oops, I divided by zero."
The pages were disabled minutes after the newspaper contacted the agency.
More
here.
(
Props, p2pnet.)
Cybercrime Blame Game At RSA Conference
Thomas Claburn writes on InformationWeek:
"Despite progress, greater efforts are needed in the fight against cybercrime." That's how the Business Software Alliance summarized a town meeting that the software industry interest group hosted today at the 2007 RSA Security Conference in San Francisco.
It's a fair statement that deftly avoids disconnect that could been seen between federal officials and the security experts on the discussion panel. Greater efforts are needed, but from whom?
Clearly, something needs to be done. The Federal Trade Commission on Wednesday released its list of the top consumer complaints for 2006. For the seventh year in a row, identity theft led the list with 36% of the complaints, at least five times more than the next complaint-generating categories: shop-at-home/catalog sales; prizes, sweepstakes, and lotteries; Internet services and computer complaints; and Internet auction fraud.
More
here.
U.S. Cyber Counter Attack: Bomb 'Em One Way or The Other
The operative word in the second paragraph below is "known"...
Ellen Messmer writes on NetworkWorld:
If the United States found itself under a major cyberattack aimed at undermining the nation’s critical information infrastructure, the Department of Defense is prepared, based on the authority of the president, to launch a cyber counterattack or an actual bombing of an attack source.
The primary group responsible for analyzing the need for any cyber counterstrike is the National Cyber Response Coordination Group (NCRCG). The three key members of the NCRCG, who hail from the US-CERT computer-readiness team, the Department of Justice and the Defense Department, this week described how they would seek to coordinate a national response in the event of a major cyber-event from a known attacker.
More
here.
Cisco's Top Router Executive, Mike Volpi, Resigns
A Reuters newswire article, via CNN/Money, reports that:
Cisco Systems Inc. said senior executive Mike Volpi resigned Thursday, a move that appears to clear the way for Chief Development Officer Charles Giancarlo eventually to head the network equipment maker.
Volpi, head of Cisco's top-selling routers group, told reporters he resigned for personal reasons, effective immediately.
Giancarlo remains in his post, but will oversee more senior executives as part of a management reshuffle that Cisco announced along with Volpi's departure.
Volpi, 40, had reported to Giancarlo, 49, but both were widely viewed by analysts as the top candidates to succeed Chairman and Chief Executive John Chambers. Both have worked at Cisco for 13 years.
More
here.
Cisco Going Open Source With NAC Client
Paul F. Roberts writes on InfoWorld:
As it develops the next generation of network security infrastructure, Cisco Systems Inc. is planning to cease development on its network admission control (NAC) client, the Cisco Trust Agent (CTA), and submit the source code for the software client to the open source community, Bob Gleichauf, CTO of Cisco's Security Technology Group, told InfoWorld.
Cisco has a goal of making the CTA open source within "a couple months," allowing the company to free up development resources for other areas of NAC, Gleichauf said. Cisco's decisionis more evidence that Cisco will cede control of the desktop to Microsoft Vista, following a deal in September to use the Microsoft's NAP (Network Access Protection Agent) as the client for both Cisco NAC and NAP.
More
here.
UK Papers Spark Online Ratings War
Alexandra Berzon writes on Red Herring:
What's the top newspaper Web site in the United Kingdom? Why, that depends on who you ask.
Several top papers have recently engaged in a minor spat over which is the top trafficked "quality" newspaper Web site in the country. The Daily Telegraph recently began declaring as much in an advertising campaign. That led Guardian Unlimited executives and journalists to claim the top spot themselves.
The problem? Both claims are, possibly, legitimate. It depends on what measurement company you go to for information.
More
here.
Mobile ESPN to Relaunch Through Verizon Wireless
An AP newswire article, via SiliconValley.com, reports that:
ESPN is relaunching its shuttered cell phone service through Verizon Wireless, this time delivering its flashy feed of sports scores, news and video highlights through a top industry player instead of competing for subscribers with its own full-blown wireless brand.
The multiyear agreement giving Verizon Wireless exclusive U.S. rights to offer the Mobile ESPN application on its V Cast phones was expected to be announced on Thursday, executives at both companies said on condition of anonymity because the deal had not yet been finalized.
More
here.
U.S. Toll in Iraq
Via The Boston Globe (AP).
As of Wednesday, Feb. 7, 2007, at least 3,110 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 2,492 died as a result of hostile action, according to the military's numbers.
The AP count is 11 higher than the Defense Department's tally, last updated Wednesday at 10 a.m. EST.
More
here.
And as always,
cryptome.org keeps a very, very extensive list
here, as does the
Iraq Coalition Casualty Count website
here.
VeriSign to Add Additional TLD DNS Servers
John Markhoff writes in The New York Times:
VeriSign servers, now in 20 regional centers around the world, will be expanded to 70 sites. The effort would not only improve response time, the company said, but would also make it possible to diagnose and contain Internet attacks more quickly.
VeriSign profits indirectly from the growth of Internet traffic from its business managing the .com and .net domains.
In addition to resisting cyber attacks, the enhancement of the root server system is made necessary by the rapid growth in new types of Internet devices, many of which can communicate among themselves without direct human intervention.
More
here.
Telcos May Face New Anti-Pretexting Regulations
Anne Broache writes on C|Net News:
Under a new bill proposed in Congress, telephone companies would be required to alert customers if their private records are improperly accessed.
The Consumer Telephone Records Protection Act, sponsored by Rep. Jay Inslee (D-Wash.) and Rep. Marsha Blackburn (R-Tenn.), would also reiterate that it's unlawful for anyone to obtain confidential information about others through fraudulent means, popularly known as "pretexting."
It's already a crime, punishable by prison time, to buy, sell or obtain personal phone records under a bill signed into law last month by President Bush. An Inslee aide said her boss' bill is also necessary because it would give the Federal Trade Commission explicit authority to investigate and prosecute such incidents.
More
here.
RIAA Fires Back at Apple
An AP newswire article by Alex Veiga, via The Globe and Mail, reports that:
A recording industry group fired back Wednesday at Apple Inc. CEO Steve Jobs, suggesting his company should open up its anti-piracy technology to its rivals instead of urging major record labels to strip copying restrictions from music sold online.
Mitch Bainwol, chairman and chief executive of the Recording Industry Association of America, said the move would eliminate technology hurdles that now prevent fans from playing songs bought at Apple's iTunes Music Store on devices other than the company's iPod.
More
here.
California Awards Statewide Telecommunications Contracts
Via Government Technology.
The California Department of Technology Services and the California Department of General Services today announced the award of four statewide contracts for telecommunications services worth an estimated $350 million annually to AT&T Global Services and Verizon Business.
The competitively bid statewide contracts, better known collectively as CALNET II, will provide telecommunications services to state and local government agencies over the next five years, with an option of two additional one-year extensions, and is expected to provide an overall 10 percent cost savings to CALNET customers.
More
here.
Evil Javascript: Web 2.0 As A Story To Be Destroyed by Hackers
If you read and absorb no other security-related story this week, you'd be well-advised to read and understand this one.
As Ryan mentions in this article, NoScript rocks as a Firefox plug-in.
Ryan Singel writes on 27B Stroke 6:
The best conference presenters have a story to tell, and this morning, Billy Hoffman -- the lead researcher at Web application security company SPI Dynamics, had a great story to tell Wednesday morning at the RSA security conference about how all your favorite new Web 2.0 applications are a boon to criminals.
Tradtional web applications have an input box that lets you send information to a webserver, which then passes the info to a datab ase or application in the background, and your browser waits for a response and then you are taken to a new page. Websites that use AJAX use a powerful combination of JavaScript and continual communication with the server in background, removing the lag associated with page refreshes and letting sites like Google Maps feel more like desktop applications.
The problem -- as many know is that JavaScript is a very powerful language -- and when developers aren't careful it's possible to insert other JavaScript into a website via a link that lets an attacker do bad things, like delete your account if you click on a link or visit an evil page.
More
here.
German Court Decision Re-ignites Online Surveillance Debate
Scott M. Fulton III writes on BetaNews:
A decision Monday by the German Federal High Court (BGH) in Karlsruhe renders it illegal in that country –- for now -– for police and intelligence services to use clandestine tools such as Trojan horse routines, or what would normally be categorized as malware, for use in surveillance on federal suspects.
But the high court ruling did not set a legal precedent, which means that it didn’t actually find a new way for existing law to be interpreted to permanently prohibit the use of remote computer exploits for surveillance purposes.
As a result, it may now be up to the German parliament and the country’s Interior Minister - Wolfgang Schäuble, champion of the country’s new ruling, conservative Christian Democratic Union - to create new legal precedent for a new and separate class of police searches where clandestine logging of suspects’ activities is permitted.
More
here.
U.S. Politicians Call for e-Voting Paper Trails by '08 Election
Anne Broache writes on C|Net News:
A push is under way by congressional Democrats to enact legislation that would require paper trails to accompany all electronic voting machines in time for the 2008 presidential election.
Sen. Dianne Feinstein (D-Calif.) said Wednesday that she expects to introduce a bill within the next week that would revive earlier calls for such a mandate.
More
here.
The Dirty Little Secret About Global Warming
Robert J. Samuelson writes on Newsweek.com:
You could be excused for thinking that we'll soon do something serious about global warming. Last Friday, the Intergovernmental Panel on Climate Change (IPCC)—an international group of scientists—concluded that, to a 90 percent probability, human activity is warming the Earth.
Earlier, Democratic congressional leaders made global warming legislation a top priority; and 10 big U.S. companies (including General Electric and DuPont) endorsed federal regulation. Strong action seems at hand.
Don't be fooled. The dirty secret about global warming is this: We have no solution.
More
here.
Yet Another Disingenuous FCC Broadband Report
Nate Anderson writes on ARS Technica:
The FCC released its most recent report [.pdf] on the US broadband market last week, and it paints a pleasant picture. According to the agency, the number of broadband lines increased by 52 percent over the last 12 months (measured from June 2005 to June 2006) and now totals 64 million connections.
That's remarkable growth, but critics complain that the FCC includes cellular broadband in its numbers, and that the "real" growth rate is only half of what the report claims.
More
here.
Toon of the Day: 2 Million Dollar Man
Click for larger image.
Canada: 35,000 Credit Card Holders Compromised
John Stewart writes in The Mississauga News:
Confidential electronic credit card data for more than 35,000 individuals from all across North America was found by Peel Regional Police fraud investigators yesterday when they executed a search warrant at a Toronto residence.
As a result of the information obtained in the raid, a man who was arrested earlier by police at Pearson International Airport now faces a total of 36 fraud-related charges.
Police arrested a man at Pearson airport on Jan. 25 and charged him with possession of stolen credit cards and stolen identification, possession of counterfeit marks as well as possession of property obtained by crime.
More
here.
(
Props, Pogo Was Right.)
Root Name Server DoS Attacks Spur Exchange Between Government, Private Sector
William Jackson writes on GCN.com:
Tuesday’s denial-of-service attacks against three of the Internet’s root DNS servers did not rise to the level of a major cyberincident, but it did highlight the government’s efforts to coordinate responses with private-sector infrastructure providers.
“There was some minor degradation of service,” but no large impact, said Jerry Dixon, head of the Homeland Security Department’s National Cyber Security Division.
Dixon was joined Wednesday by Chris Painter of the Justice Department and Mark Hall of the Defense Department, his fellow co-chairmen on the National Cyber Response Coordination Group, at the RSA IT security conference. NCRCG is the government’s tool for organizing its response to the most serious cyberattacks, coordinating the efforts of federal departments and agencies with the private sector.
More
here.
NATO, U.S. DoD to Sign Cyber Security Pact
Rutrell Yasin writes on FCW.com:
The Defense Department is on the verge of signing an agreement to share incident information with the North Atlantic Treaty Organization’s Computer Emergency Response Team (CERT), said Mark Hall, director, DOD International Information Assurance Program and co-chair of the National Cyber Response Coordination Group (NCRCG).
The agreement will involve the sharing of incident and threat information, Hall said today. There are 26 NATO countries and the organization’s CERT center is connected to all of those nations’ networks, he also said.
More
here.
Johns Hopkins University Alerts 135,000 Employees, Patients to Data Loss
Tricia Bishop writes in The Baltimore Sun:
Backup computer tapes containing sensitive payroll and personal information on thousands of Johns Hopkins University employees, and basic information for even more hospital patients, have been missing for more than six weeks, officials announced today, causing concerns over identity theft.
Officials stressed that there was no patient medical information on these tapes.
Eight university tapes, routinely sent to a contractor who makes microfiche archives of the data, held Social Security numbers, addresses and direct-deposit bank account information for 52,567 former and current employees. A separate tape from the hospital contained names, dates of birth, sex, race and medical record numbers for 83,000 new hospital patients first seen between July 4 and Dec. 18, 2006, or those who updated their information during that period.
Hopkins officials said an "intensive investigation" by their staff as well as that of the contractor, Anacomp Company Inc., suggests that the tapes were likely misplaced by a courier, collected as trash and incinerated.
More
here.
Defense Tech: Iran May Launch its Own Spy Satellite
Via UPI.
The Israeli debka.com Web site, which maintains a wide circle of sources within Israeli intelligence, has claimed that Tehran may soon launch its own surveillance satellite. The booster vehicle would be a BM25 ballistic missile, "18 of which were purchased from North Korea, notwithstanding Pyongyang's denials of aid to Iran's nuclear program," Debka said in a report published Jan. 28.
Allaeddin Boroujerdi, chairman of the Iranian parliament's national security and foreign policy commission, claimed last month that Iran had already constructed its own surveillance satellite and that it had already "converted a ballistic missile into a space launcher," Debka said.
"If this claim is correct, then Iran has a launcher able to put 300 kilograms (660 pounds) into earth orbit -- and by the same definition, an ICBM that could drop more than 300 kilograms anywhere in the world, including Washington DC," Debka said.
More
here.
Wi-Fi Hacking - With a Handheld PDA
Ryan Naraine writes on the ZDNet "Zero Day" Blog:
The palm-sized PDA tucked away in Justine Aitel's pocketbook just might be the most scary device on display at this year's RSA security conference
Aitel is roaming the hallways here with Silica, a portable hacking device that can search for and join 802.11 (Wi-Fi) access points, scan other connections for open ports, and automatically launch code execution exploits from a built-in exploit platform.
More
here.
Security 'Experts' Aren't So Secure At RSA Conference
Sharon Gaudin writes on InformationWeek:
For a group of people who should know better, attendees at the RSA Conference -- one of the biggest security conferences in the world -- are not following the advice they give their customers, co-workers, and friends. As a result, many are not as secure as they think they are.
Analysts at AirDefense Inc., a wireless monitoring company based in Atlanta, ran a scan on wireless devices at the conference Tuesday at the Moscone Center in San Francisco. Of the 347 laptops, smart phones, and hand-held devices they monitored between 9:30 a.m. and 5 p.m., 56% of them were insecure.
Those devices had been set up to link to insecure wireless access points, like those found at hotels and Starbucks cafes. The problem, says Richard Rushing, CSO of AirDefense, is that when they are done using the connection, they don't change the device's policy settings that let it connect to insecure access points. That means when their Blackberry or laptop is on at the conference center, it could easily hook up to a rogue access point set up by a hacker.
Last year at the RSA conference, AirDefense found that 35% of wireless devices were insecure. But not as many people had wireless devices at the show with them. This year, says Rushing, there are more computers at the show with wireless capabilities and more of them are at risk.
More
here.
Nortel to Slash 2,900 Jobs
Dan Jones writes on Light Reading:
Nortel Networks Ltd. said this morning that it plans to cut 2,900 jobs in the next two years as it aims to become a leaner company that focuses on high-growth markets such as next-generation CDMA wireless equipment and cuts back on older GSM cellular technology.
The Canadian networking vendor says it will cut 70 percent of the positions this year and the rest in 2008. The company also plans to move around 1,000 positions to "lower-cost" locations, Toronto-based Nortel said in a statement. The cuts, which represent around 8.5 percent of the workforce, could reduce expenses by as much as $400 million a year, the company said in a statement.
More
here.
U.S. DoJ Asks Maine PUC to Halt Contempt Hearing for Verizon in NSA Spying Case - UPDATE
An AP newswire article by Francis X. Quinn, via Foster's Online (Dover, New Hampshire), reports that:
The Justice Department asked a judge Tuesday to bar the Maine Public Utilities Commission from proceeding with a contempt hearing for Verizon that stems from telephone customer complaints related to allegations about domestic surveillance by the National Security Agency.
A multi-customer complaint filed with the Maine PUC last May effectively seeks to force Verizon to say whether it provided telephone call records to the government without a warrant.
The PUC has challenged the adequacy of Verizon responses to date and set a hearing for Friday.
In a federal court filing Tuesday, the Justice Department said PUC officials had been put on notice months ago that the federal government believes the information being sought about an alleged involvement of Verizon with the NSA ''cannot be disclosed.''
More
here.
(
Props, Pogo Was Right.)
UPDATE: 14:39 PST: Apparently,
Verizon is asking the court to drop the suit, too.
Picture of the Day: RSA Kiosk Computer pwned
Sunbelt's Alex Eckelberry with his pwned machine.Image source: 27B Stroke 6..
My friend and colleague, Alex Eckelberry (Sunbelt Software), demonstrating that you should
never trust an Internet kiosk, even at the RSA conference. :-)
Brian Krebs
writes about this too, this morning over on Security Fix.
Enjoy!
- ferg
U.S. DoD to Allocate its IPv6 Address Space
Jason Miller writes on GCN.com:
The Defense Department has acquired a block of 247 billion IP Version 6 addresses, about equal to 25 percent of the entire IPv4 address space.
Only a tiny percentage of those addresses will be used, however. As with the North American Numbering Plan for telephone numbers, DOD officials said addresses will be assigned to networks in a hierarchical model that will leave many untouched.
More
here.
U.S. Senator to Propose Surveillance of Illegal Images
Declan McCullagh writes on C|Net News:
A forthcoming bill in the U.S. Senate lays the groundwork for a national database of illegal images that Internet service providers would use to automatically flag and report suspicious content to police.
The proposal, which Sen. John McCain is planning to introduce on Wednesday, also would require ISPs and perhaps some Web sites to alert the government of any illegal images of real or "cartoon" minors. Failure to do would be punished by criminal penalties including fines of up to $300,000.
More
here.
Austrian Police Uncover Global Child Porn Ring
Via MSNBC.
Austrian authorities said Wednesday they have uncovered a major international child pornography ring involving more than 2,360 suspects from 77 countries, including hundreds in the United States, who paid to view videos of young children being sexually abused.
The children were under the age of 14 and screams could be heard, said Harald Gremel, an Austrian police expert on Internet crime who headed the investigation.
Interior Minister Guenther Platter said the FBI was investigating about 600 of the suspects in the United States. German authorities were following leads on another 400 people, France was looking into about 100 others, and at least 23 suspects were Austrians, he said.
More
here.
Breaking: Tivo Boxes to Download Amazon Unboxed Videos
Brian Lam writes on Gizmodo:
Amazon and TiVo just made me wet my pants with what could be a killer app in the digital video distribution arms race: TiVo Series 3 and 2 set top boxes will be living room conduits for content from Amazon's Unbox video download service.
This is the first single box solution that intermingles downloadable broadband video and traditional TV in one place. With TiVo's amazing UI, user base (1.5 million), and Amazon's selection (4 out of the big 6 studios) these guys are going to have a serious setup.
More
here.
And given that Comcast and TiVo are also
planning to partner, this could be a
Good Thing (although I would envision Comcast trying to unload their own pay-per-view stuff instead).
Australia: Send for the Search Party, Google Gives a Bum Steer
Heading in the right direction ... Google Maps shows a new way to get from one side of Sussex Street to the other. The marker with the triangle shows 200 Sussex Street. The one with the square shows 201 Sussex Street.Image source: Sydney Morning Herald / Google Maps
Stephen Hutcheon
writes in
The Sydney Morning Herald:
For most people, the journey from the Shelbourne Hotel at 200 Sussex Street to Google's Sydney headquarters across the road at 201 Sussex Street would be a 30-step, 30-second trip.
But according to Google's new mapping service, the recommended route would see you take a 10.4-kilometre scenic detour that involves crossing the Harbour Bridge twice.
More
here.
GOP Revives ISP-Tracking Legislation
Declan McCullagh writes on C|Net News:
All Internet service providers would have to keep track of what their customers are doing online to aid police in future investigations under legislation introduced Tuesday as part of a Republican "law and order agenda."
Employees of any Internet provider who fail to store that information will face fines and prison terms of up to one year, the bill says. The U.S. Justice Department could order the companies to store those records forever.
More
here.
San Francisco: Josh Wolf Supporters Rally at City Hall
Josh WolfNeha Tiwari
writes on
C|Net News:
Dozens of supporters of jailed freelance video blogger Josh Wolf gathered at City Hall here Tuesday to rally for Wolf's release.
Those attending the demonstration held up signs with the words "Free Josh," and speakers were insistent on the unfairness of his imprisonment. Ross Mirkarimi, a San Francisco supervisor, said he was "angry as hell about this" and called for a "serious outcry, and not just only by us." In a statement, California state Assemblyman Mark Leno, who did not attend the rally, called Wolf's plight a "travesty of justice."
The afternoon gathering, which ran about an hour on the steps of City Hall, was organized by the Free Josh Wolf Coalition, with Wolf's friend Julian Davis acting as facilitator. "Basically, if Josh isn't released today, he'll be the longest-held journalist under contempt," Davis said. "We wanted to landmark the date by holding this rally."
Wolf, in fact, did on Tuesday become the longest-serving journalist behind bars in U.S. history for contempt.
More
here.
U.S. Toll in Iraq
Via The Boston Globe (AP).
As of Tuesday, Feb. 6, 2007, at least 3,102 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 2,492 died as a result of hostile action, according to the military's numbers.
The AP count is three higher than the Defense Department's tally, last updated Tuesday at 10 a.m. EST.
More
here.
And as always,
cryptome.org keeps a very, very extensive list
here, as does the
Iraq Coalition Casualty Count website
here.
Defense Tech: NSA Employee Charged With Giving Wife $340,000 Contract
Via WBAL.com (WBAL Radio and The Associated Press).
An NSA employee is accused of giving his wife's company a $340,000 contract for work on a computer security exercise he directed, the U.S. Attorney's office announced Tuesday.
Wayne J. Schepens, 37, of Severna Park is scheduled for an initial appearance Thursday in U.S. District Court on the conflict of interest charge. Schepens faces up to five years in prison and a $250,000 fine, said Marcia Murphy, a spokeswoman for the U.S. Attorney's office.
Schepens co-created the Cyber Defense Exercise in 2000 for the National Security Agency, the secretive Department of Defense spy agency.
The annual competition involved teams from participating military academies who tried to protect their computer networks from attacks by teams of hackers, generally NSA employees and military reservists, according to court documents.
More
here.
Background
here,
here,
here,
here, and
here.
UK: Chinese Suspected of Hacking into Ministry of Defence Networks
James Kirkup writes on The Scotsman:
Ministry of Defence computer networks have been repeatedly penetrated by hackers, raising fears that sensitive military information could have been obtained by foreign powers.
The MoD yesterday confirmed its systems have been hacked into at least nine times since 2002. Five of the successful "attacks" took place last year. Computer-security experts say the real number is likely to be even higher, as some hackers are skilful enough to leave no trace of their activities.
The ministry was unable to say where the attacks originated, but Western security officials are increasingly concerned that China is using hackers to target sensitive information.
More
here.
(
Props, Flying Hamster.)
Canada: Government Documents Suggest Tories Not Nervous About ISPs Interfering With Net
A Canadian Press article by Lee-Anne Goodman, via CBC.ca, reports that:
Internal documents suggest the Tory government is reluctant to impose consumer safeguards for the web because it wants to protect the competitive position of businesses that offer Internet access.
Documents obtained by The Canadian Press indicate that Industry Minister Maxime Bernier, who has previously declared a "consumer first" approach, is carefully heeding the arguments of large telecommunications companies like Videotron and Telus against so-called Net neutrality legislation.
More
here.
Why Does FCC Spending Keep Growing?
Image source: www.techliberation.com
Adam Thierer
writes on
The Technology Liberation Front:
Time for a quick reality check. The Federal Communications Commission regulates older media sectors and communications technologies: broadcast radio, broadcast TV, telephones, satellites, etc.
These sectors and technologies are growing increasingly competitive and face myriad new, unregulated rivals. What, then, is wrong with this picture?
More
here.
Telstra CIO Quits After Just 10 Months on the Job - UPDATE
Munir Kotadia writes on ZDNet.com.au:
Telstra announced to its staff on Tuesday that the company's chief information officer, Fiona Balfour, who only took up her position 10 months ago, had left to pursue "other opportunities".
Balfour, who had just returned to work after a vacation, moved to Telstra last April after spending the previous 14 years at Qantas. The news of her departure comes just six months after Telstra's deputy CIO Vish Padmanabhan also left the firm.
More
here.
UPDATE: 20:44 PST: Renai LeMay has more details
here.
Defense Tech: 'Floodgates of Fraud' at the NRO
David E. Kaplan writes on the U.S. News & World Report "Bad Guys" Blog:
The "floodgates of fraud reporting" have opened at the National Reconnaissance Office, the nation's top-secret builder and operator of spy satellites. This bit of news comes from no less a source than the NRO's inspector general, Eric Feldman. Yet Feldman and other NRO officials are mum about just how big the flood is over there.
This might not be such a big deal were the stakes at hand not so high. The NRO and its many contractors have grown notorious for massive cost overruns and quality control failures so serious they threaten the U.S. edge in high-tech reconnaissance satellites. Whether they're eavesdropping on al Qaeda communications or photographing Iranian nuclear facilities, these are the crown jewels of the U.S. intelligence community. But the current generation of spy satellites is burning out–and replacements are years away.
More
here.
