An anonymous reader writes "BBC News has a story about MIT grads buying old hard discs from eBay and elsewhere, and finding credit card numbers, ATM transactions, porn and emails all accessible on them. Comments? What's the strangest thing readers have found, or left, on a hard drive?"

Personally the strangest thing I found on a hard drive was back in the old days of the dinosaur. They were a bank of leased drives for a mainframe and I found what appeared to be the entire (or at least a big chunk) of the database from a Savings bank. It contained names, addresses, account numbers, social security numbers, balances and more. Lucky for them I was/am an honest guy with a strong belief in privacy. My first action after discovery was to reformat and do a defect analysis (write lots of data patterns over the entire disk) before anyone else decided to back their own copy.

Slashdot | Your Rights Online - "DVD-Jon" Faces Retrial.

An anonymous reader submits: "Norway's special division for white-collar crimes, Økokrim, has decided to appeal the acquittal of 19-year-old Jon Lech Johansen, accused of copyright violation for helping bypass DVD code protection, web site Nettavisen reports."

InfoWorld - Will new filters save us from spam?

The roughly 500 programmers, researchers, hackers and IT administrators gathered in a chilly classroom on the campus of the Massachusetts Institute of Technology (MIT) Friday aren't just looking to slow the relentless onslaught of spam -- they want to completely destroy its business model.

Their aim is to find a spam filter so effective, that spammers would receive few, if any, responses, making sending unsolicited bulk e-mail a financially prohibitive task.

"Spamming is a business, and the theft efficiency ratio is the same as stealing hubcaps," said programmer William Yerazunis, speaking at what is thought to be the first Spam Conference ever focused on spam filters.

But the high payoff for sending spam could change if an e-mail filter like the one Yerazunis pioneered becomes widely adopted by large Internet service providers

[ ... ]

"Spam messages are starting to look more and more like non-spam messages," Judge said, adding that analysis is becoming even more important.

While CipherTrust is building its spam archive, Chicago-based programmer Philip Tom was at the conference, handing out we he called "a day of spam" - a disk containing 250,000 spam e-mails.

Tom said that he has an archive of over 50 million spam messages, and receives 250,000 a day from an undisclosed source.

Remember a webcast of the conference is available in RealPlayer format

Computerworld - Government data mining raises privacy concerns.

Lawmakers, privacy groups and national security experts are questioning the soundness of several high-tech homeland security projects, based on serious concerns about the impact the projects could have on fundamental civil liberties.

All of the projects in question stem directly from efforts to improve domestic intelligence collection and the analysis of terrorist threats within the U.S. Several that involve the use of sophisticated data mining tools raise the potential for electronic tracking of the daily activities of law-abiding citizens.

In a letter sent to U.S. Attorney General John Ashcroft last week, Sen. Patrick Leahy (D-Vt.), the ranking Democrat on the Senate Judiciary Committee, asked the Department of Justice to explain the extent to which data mining tools are being used to fight the war on terrorism at home. Specifically, Leahy expressed concern about the mining of commercial transaction data.

"These concerns include the specter of excessive government surveillance that may intrude on important privacy interests and chill the exercise of First Amendment-protected speech and associated rights," Leahy said in the letter, which was also signed by Sens. Russell Feingold (D-Wis.) and Maria Cantwell (D-Wash.). In addition, the senators argued that while data mining errors in business may result in misdirected marketing efforts, mistakes in the use of data mining to track suspected terrorists could mean "devastating consequences for mistakenly targeted Americans."

Mad.co.uk - Why we need to view customer data in a more thoughtful manner This link is an indirect one via Moreover.com - Paid subscription required and I don't have a subscription so I can't provide any interesting pull quotes from the article. Qualified publications are: Marketing Week, Design Week, Precision Marketing, In-Store Marketing, Televisual, Creative Review or Brand Strategy

eWeek - Commentary > eLABorations > What's Wrong With Government Data Collection.

Unbridled government collection of personal information, as outlined in the Information Awareness Office is a bad idea for a lot of reasons, not least of which is the broad notion that the right to privacy is granted in the Constitution. It is an even worse idea because we know almost nothing about what the government is doing with this information. And the recent theft of information collected under a government mandate portends events to come.

The new internal spy network has far more potential for mischief, misuse and abuse. COINTELPRO, the program of domestic spying under the direction of the infamous FBI director J. Edgar Hoover, should serve as ample warning about why the government should not go down this road again. And if this history lesson is too far removed, maybe people will remember convicted FBI spy Robert Hanssen.

And these are just the cases that we hear about.

From a technical point of view, I'm also concerned about collecting so much valuable and very personal information in one place. For one thing, I've seen the best the computer industry offers for security, authentication, encrypting and authorizing data--and despite the hype, it still doesn't work that well. It works well enough in most commercial settings because the information collected is not sufficiently valuable to warrant the programming time it would take to put together a successful hack. But that is not the case with the treasure trove the U.S. government is talking about putting together

[ ... ]

But even more fundamentally, just because it is possible to collect this information--whether for the so-called war on terrorism or to put together ever more intrusive marketing efforts--it is wrong to know so much about people.

[ ... ]

What I've seen from just about every security and monitoring tool that has come through eWEEK Labs tells me that the old rule "What's good for the goose is good for the gander" doesn't apply to data collection. Internet traffic monitors always come with the ability to create policies that allow senior executives (and usually IT staff members) to avoid having their Web surfing tracked. Government officials will want exceptions "in the name of national security" that allow them and their families to be immune from data collection that ordinary people will face on a daily basis.

eWeek - Commentary > eLABorations > IT Has a Vital Role to Play in the Assault on Privacy.

From 1946 to 1960, the FBI operated 3,000 wiretaps and 800 bugs on the NAACP (National Association for the Advancement of Colored People). Agents spied on Dr. Martin Luther King Jr. as part of a concerted effort to thwart his organizing efforts in the civil rights movement.

The USA PATRIOT (Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism) Act grants even more wrong and intrusive search techniques than those used in the 1950s. As observed by the Electronic Frontier Foundation, this act enables surveillance of the Web surfing of any individual, even one who is not suspected of any crime, merely based on "relevance" to an ongoing criminal investigation. It also expands government powers to compel ISPs to release user activity information with only a subpoena, and allows ISPs to release a lot of information without even this level of due process. In addition, the act broadens the range of other laws by extending the scope of the legal definition of "terrorist" acts. The 342-page law modifies more than 15 other laws, making it impossible to assess its provisions completely without reading the entire affected body of legislation.

The most intrusive provisions of the bill depend on IT systems and products that must be newly built or integrated from existing offerings, giving IT developers and service providers a special role to play in the defense of privacy. The IT community should refuse to cooperate beyond the strict letter of the law, and should take the government's abusive course as a signal that private-sector practices should be designed to minimize the value of intrusive, unfounded inquiries.

As the tools of warfare generally outstrip the ability of medical technology, so, too, has our ability to destroy privacy exceeded the protections offered by the Constitution and the political short-sightedness of Congress. As I mentioned in an earlier eLaboration, J. Edgar Hoover, the infamous director of the FBI, started the domestic spy operation COINTELPRO in 1956 in the heat of the cold war. Hot on the heels of the U.S. Government's shameful internment of 120,000 Japanese-Americans, including 80,000 U.S. citizens, Hoover spread a wide net for people he thought hostile to the current way of thinking--and in the process made a mockery of personal freedom and dramatically extended the power of law enforcement.

Then Hoover turned his attention to attacking the blossoming civil rights movement.

Today, not quite 50 years later, the USA PATRIOT Act has started us down the same, wrong road. And it is in the power, and is therefore the ethical responsibility, of the IT community to slow or even stop some of the worst excesses planned by Attorney General John Ashcroft.

Techzonez - Microsoft's privacy officer resigns.

Microsoft announced Friday that its corporate privacy officer, Richard Purcell, has resigned and that the company will be moving security strategist Scott Charney to head the day-to-day management of its Trustworthy Computing initiative.

After 10 years at the company, where he started in the database group, Purcell will leave at the end of March "to explore new challenges," said the company in a statement.

Article was originally carried by: CNET NEWS.COM - Microsoft's privacy officer resigns.

novinite.com - Interior Ministry Awarded Big Brother Award over Wire-Tap Scandal.

Interior Minister Petkanov and his administration got the anti-award Big Brother for the wire-tap scandal that raged in Bulgaria after revelations that special services have wire-tapped politicians and prominent journalists.

Bulgarian Big Brother Awards became a part of the worldwide network for "awarding" the biggest achievements in violating people's privacy in 2002. Annually, the organisation Privacy International and mounting number of privacy groups present their Big Brother Awards to governmental structures, private-owned companies and personalities who have "excelled" as human rights and privacy breakers.

Bulgarian Big Brother ceremony on January 18 was organised by Internet Society - Bulgaria and the Association for Development of Informational Technologies after Simon Davis, chair of Privacy International, have officially warranted the project.

CNET NEWS.COM - Week in review: Security blame game.

Though much of the finger-pointing for software vulnerabilities falls on hackers, virus writers and software developers, it may be time to take a closer look at how the PC user also contributes.

Slashdot | Your Rights Online - Competition To Find Aussie PM's Email Address.

Internet Ninja writes "While we can all send anti-war emails to 'president' of the USA and even the Australian opposition, nobody can email the Prime Minister of Australia. So the opposition party started a competition to track it down as reported in Australias Sydney Morning Herald."