Yesterday, I told you about an error at Sony Electronics that resulted in the inadvertent release of personal information on about 1,400 customers. Other companies also have experienced security lapses:

• Eli Lilly disclosed the identities of 600 people who were taking the antidepressant Prozac in an E-mail it sent to other patients.
• Home furnishings retailer Ikea made the personal information of tens of thousands of customers available online.
• A security hole on Buy.com's Web site exposed the personal information of customers who returned products to the company.
• A programming flaw at E-Trade compromised customer data at the Internet stock brokerage.
• Missingmoney.com, a state-sponsored database of lost bank accounts and forgotten funds, experienced a glitch that resulted in a woman's personal financial data being flashed to anyone logging onto the site.
• Outpost.com, an electronics E-tailer, unwittingly revealed customers' detailed transaction summaries, including E-mail, billing and shipping addresses, type of credit card used and order histories.

Slashdot | Book Review - The Art of Deception.

MasterSLATE writes "One of the weakest links to the most secured computer systems are the humans that operate them. No matter how well secured a computer, network or information may be, there are always people that will have contact with them from the inside. This is what the social engineer exploits in order to gain access. In The Art of Deception, Kevin Mitnick writes about the human element and how it can be manipulated and exploited to gain access to computer systems or 'secure' information." --- Read on for the rest of Masterslate's review.

Slashdot | Transmeta to Incorporate DRM in TM5800 Processor.

smiff writes "Silicon Valley is reporting that Transmeta will embed 'security' features in its TM5800 Crusoe processor. 'Transmeta said its Crusoe processors...would be slightly altered to tackle security and address requirements for securing sensitive data and intellectual property.' With everyone looking out for security, why don't I feel all warm and fuzzy inside?"

eMarketer - Personal Information: The Push-Pull Between Companies & Consumers.

As long as a market for a product or service exists, a company will need information about the customers. This need can translate into a tricky relationship between company and consumer -- especially online

[ ... ]

Regardless of consumer concerns about privacy, US companies will continue to gather data about their customers. Used as a marketing tool, websites are a perfect locale for collecting personal identifying information--such as name and e-mail address--which 90% of US websites do, according to the Progress & Freedom Foundation. Additionally, 74% of sites collect personal identifying information other than e-mail, which includes elements such as interests and purchase intent.

TechNews.com part of the Washington Post - Phone Zap Says 'Take That, Telemarketers'.

The telemarketing industry treated Steven Edelen pretty well for most of his career. He was a direct-marketing executive with a stable income and a long list of respectable clients. In the past few years, however, his successes had been tempered by gnawing doubts about the nature of the business.

"It's a difficult business to be in if you have any kind of respect for the customer," Edelen said. "A few bad actors have made the telemarketing industry challenging for consumers. . . . They've given a bad name to the industry."

[ ... ]

Phone Zap's technology derails all calls that come in to a customer and immediately plays a message telling telemarketers their call is not welcome and to place the person's number on a "do not call" list. Other callers push a number to identify themselves as non-telemarketers, and their call rings through to the customer's phone. Once an incoming phone number is identified and put on a person's list of friendly callers, those callers bypass the message automatically.

Privacy News from Wired News - Resort Town: Any Familiar Faces?

Police in Virginia Beach, a popular tourist spot, say their video surveillance and face recognition system is intended solely to spot wanted criminals and missing persons. Privacy rights groups aren't so sure.

[ ... ]

Virginia Beach has had video surveillance cameras watching over its beachfront area since 1993. Three of the city's 13 cameras are linked full time to the face recognition system, though the others can be activated as needed. The database of wanted people is updated every day.

So far, the system has failed to produce a single arrest, though it has generated a few false alarms. In September, it was sending some 8,000 images a day to the computer at police headquarters. Each camera has the capacity to generate six pictures a minute.

[ ... ]

Video surveillance has mushroomed across industrialized nations in recent years. Britain leads the world: The average Londoner is estimated to have his or her picture recorded more than 300 times a day. New York is not far behind, but its cameras are not linked to face recognition technology.

Studies have found that any reduction in crime after surveillance cameras go in may wear off over time. But Mullen said the cameras in Virginia Beach had provided evidence at trials, allowed police to arrive at crime scenes much more quickly and track criminals as they made their escape. They have also helped police disperse crowds before they became rowdy, and freed up officers for other tasks.

[ ... ]

Nor does such criticism come exclusively from the political left. Lawyer John Whitehead, founder of the conservative Rutherford Institute, wrote in an editorial that the technology threatened the right of each U.S. citizen to participate in society without the express or implied threat of coercion.

"After all, that is exactly what constant surveillance is -- the ultimate implied threat of coercion," he wrote.

CNET NEWS.COM - Transmeta to embed security in chip.

Transmeta on Tuesday announced plans to offer a processor with embedded security features, as the semiconductor design company races against its much-larger rival Intel in the market for chips custom-made for mobile computing.

A new version of Transmeta's Crusoe TM5800 processor with the built-in security features will be available in the second half of the year, said Walter Sun, a senior product manager at Transmeta.

In September, Intel announced plans to offer security technology built into its microprocessors, code-named LaGrande, within the next few years.

Slashdot | RFID: The New Big Brother ?

Makarand writes "The possibility that we could be tracked not because we have a microchip implant but merely because we wear clothes, eat and carry objects around is real according to this article on C|net news. A technology called RFID (radio frequency identification) consisting of miniscule microchips the size of a single grain of sand that listen to a radio query and respond by transmitting their unique ID can make this possible. Most RFID tags use the power from the initial radio signal to transmit their response and hence can be placed anywhere imaginable. Retailers are adoring this concept and soon everything more expensive than a Snickers bar will sport RFID tags making tracking possible through our own personal possessions. The privacy threat comes when RFID tags remain active once you leave a store and currently the RFID industry seems to be giving 'mixed' signals about whether the tags will be disabled or left enabled by default."