Techzonez - British Workers Email at Home to Avoid Snooping - Poll.

More British workers are surfing the internet from home as bosses clamp down on personal computer use at work, according to a poll published Thursday.

The survey for British electronics group Amstrad Plc found 26 percent of those polled had installed internet access at home to avoid being monitored by managers.

"Bosses are beginning to realize how much time their employees are spending on personal emails and are really cracking down," Amstrad's commercial director Simon Sugar said in a statement.

Nearly a third of those polled claimed to know their bosses read their emails, while 39 percent said they would be disciplined if caught surfing the net outside their lunch hour.

Accountancy Age (UK) - Delays hit email 'snooping' code.

Further delays have hit the publication of the long-awaited staff email monitoring code, with newly appointed information commissioner Richard Thomas expressing concern at its composition.

South China Morning Post - Banks to share more customer data This link is an indirect one via Moreover.com - Paid subscription required and I don't have a subscription so I can't provide any interesting pull quotes from the article.

The Seattle Times: Nation & World: Some object as FBI taps campus police for anti-terror drive .

Federal authorities have begun enlisting campus police officers in the domestic war on terror, renewing fears among some faculty and student groups of overzealous FBI spying at colleges and universities that led to past scandals.

Since the Sept. 11, 2001, attacks on the Pentagon and the World Trade Center, the FBI has strengthened or established working relationships with hundreds of campus police departments, in part to gain better access to insular communities of Middle Eastern students, government officials said.

On at least 12 campuses, the FBI has included collegiate police officers as members of local Joint Terrorism Task Forces, the regional entities that oversee counterterrorism investigations.

Some officers have been given federal security clearance, allowing access to classified information. Supervisors often do not know which cases these officers are working on, officials said.

[ ... ]

"This type of cooperation is perfectly valid if it's based on criminal activity, but the danger with the FBI is that it doesn't always limit itself to that," said Sarah Eltantawi, spokeswoman for the Muslim Public Affairs Council.

Distrust of the FBI runs high among some faculty members who remember the counterculture demonstrations of the 1960s. Under J. Edgar Hoover's 15-year COINTELPRO program, the bureau engaged in broad, questionable tactics aimed at monitoring and disrupting student-activist groups.

FBI agents infiltrated leftist anti-war and civil-rights groups with informants, tapped into radio frequencies to disrupt protest plans, stole membership rolls and compiled dossiers on student political leaders. The FBI also produced bogus student newspapers to spread inaccurate information and sow dissension among student groups. The program was halted in 1971.

Australian IT - Privacy complaints deluge (Ka....

A five-fold increase in complaints about how businesses deal with personal data has left the Office of the Federal Privacy Commissioner short of cash as it prepares to mount its first enforcement test cases.

"We were funded, roughly, to double our inquiries and complaints load, and we geared up for that," Federal Privacy Commissioner Malcolm Crompton said.

"In fact the number of inquiries has gone from 8000 to 23,000, while complaints have risen from a fairly static level of around 200 a year to 1000 in the first full year the Privacy Act has applied to the private sector.

"There is a backlog and people are waiting six months before we even open the file."

The office had been overwhelmed and forced to "massively redeploy resources", leaving other important work largely on the backburner.

Australian IT - Privacy cop on warpath (Karen....

Rogue residential tenancy database operators face a shake-up as the Privacy Act's extension to small businesses exposes them to the privacy watchdog for the first time.

"Most tenancy database operations are under the small business limit of $3 million, so they weren't actually within our jurisdiction," Federal Privacy Commissioner Malcolm Crompton said.

"They are now."

Just before Christmas, private sector privacy laws introduced in December 2001 were extended to cover all small businesses trading in personal information.

Consumer and privacy groups have long complained that tenancy databases often contained inaccurate information, and were open to abuse by landlords.

Pocket PC Thoughts - Keep your private data private.

It amazes me that approximately 10% of people with PDA's would have confidential banking information on their device unprotected. I guess these are the same people who write their PIN number on their ATM card so they don't forget it. Or the 25% of those who store passwords and PIN's on their PDA and don't bother password protecting that data. Even worse, of the 6% of people that have lost their PDA's with sensitive information on it, about 33% of those do the same thing when they get a new PDA - store sensitive data unprotected!

There is no question that you can keep confidential information on your Pocket PC, but you must take a few simple precautions to make sure that the data remains confidential and unreachable if your Pocket PC is lost or stolen.

Government Technology - Senate Asks for Privacy Rules.

Following Sen. Patrick Leahy's demand for information on controversial 'data mining' by government agencies, the U.S. Senate Thursday night unanimously voted to end funding for the programs until adequate safeguards are implemented to protect the privacy of the American public.

The amendment targets the controversial Defense Department program known as Total Information Awareness (TIA) and other data-mining activities at the Department of Justice. Without clear authorization from Congress, TIA has been set up to develop data-mining technologies to capture information on anyone surfing the Internet and on anyone with information on medical, financial, credit card or education databases. TIA is a project of the Information Awareness Office (IAO) within the Defense Advanced Research Projects Agency (DARPA) and is headed by former Reagan Administration National Security Adviser John Poindexter.

[ ... ]

"In the cross currents between the Information Age and the war on terrorism, the ways of snooping into Americans' private lives are rapidly expanding," said Leahy. "It has been tempting, and too easy, for the administration to plunge head-long toward Big-Brotherhood without accountability to the public or to the Congress about what government agencies are doing to build and use these databases. There are legitimate ways to use technology to track terrorists, but it's also too easy to abuse these tools to gather information on law-abiding citizens. Our amendment cuts off funding unless and until the government answers basic questions that the American people have a right to know about how the information will be used and what the safeguards are."

BBC NEWS | Technology | MPs urge changes to net snooping laws.

An influential group of MPs has attacked government plans for internet snooping.

Legislation that requires net data to be stored for the use of law enforcers are contradictory and unworkable, the All Party Internet Group (APIG) has concluded.

The controversial plans to force internet service providers to keep records of a customer's e-mail and web browsing has enraged the industry and much of the legislation has yet to be implemented.

It could be time to stand back and rethink the plans, said Liberal Democrat MP Richard Allan, a member of the APIG.

[ ... ]

The police have admitted that the parts of the Anti-Terrorism Crime and Security Act, (ATCS), requiring ISPs to retain customer data for up to six years is not compliant with the Human Rights Act.

CNET NEWS.COM - Worm gets under Microsoft's skin. A collection of articles at this publication

In the largest such incident since 2001, the Slammer worm--also known as Sapphire--causes chaos within many corporate networks. Among the victims: Microsoft, which also failed to protect itself from its own flaw. Meanwhile, security experts try to locate the worm's creator.

CBS News | Smile! It's You-Better-Be-Candid Camera.

MANCHESTER, U.K., Jan. 28, 2003 (CBS) British scientists claim they have invented the world's most sophisticated lie detector.

It's called the "Silent Talker," reports CBS News Correspondent Steve Holt, and it's said to be over 80 percent accurate in ferreting out liars.

That's roughly comparable to the polygraph, but this system doesn't involve wiring subjects up. They just look into a camera connected to a laptop computer, while software analyzes thousands of tiny facial movements.

[ ... ]

The assumption for both polygraphs and the Silent Talker is that lying triggers a sense of conflict and anxiety in the person being questioned. This leads to physiological change, for the polygraph, and facial movements, for the Silent Talker.

But skeptics say the machines only measure the fear of being caught.

I wonder if we can use it on political ads/speeches on TV?

InfoStructure News from Wired News - Microsoft Attacked by Worm, Too.

The Slammer worm that paralyzed worldwide Net activity also hit Microsoft. Security experts say the damage points to problems in the way the software giant keeps customers' software secure.

[ ... ]

Although Microsoft contends its failure to keep up with its own updates did not cause major problems, security experts said it points to a larger issue: Microsoft's process for keeping customers' software secure is hugely flawed.

[ ... ]

He added that Microsoft needs to own up to problems with how it offers security fixes.

"On the one hand, Microsoft's been saying it's the customer's fault for not patching their networks," but the company's own failure to do so "show(s) how unrealistic that expectation is. It's very much like blaming the victim."

Political News from Wired News - U.S. Cybersecurity Czar to Resign.

The White House cybersecurity adviser -- who served as the president's counterterrorism coordinator at the time of the Sept. 11 attacks -- will soon step down, insiders say.

Slashdot | Your Rights Online - Australia May Adopt DMCA-Style Copyright Regime.

beaver1024 writes "Australia, desperate to garner more U.S. trade, has indicated that it is willing to follow a more stringent regime for protecting copyright. This follows attempts by MediaForce to force Australian ISPs to comply with U.S. DMCA provisions. I fear that due to the current Australian government's weak spineless nature, the harsh provisions of the DMCA will soon arrive in the land down under."

NEWS.com.au | US tightens net copyright.

United States trade negotiators are pushing for Australia to sign up to a tough new copyright regime that could hold internet service providers liable for breaches.

The first round of talks in an Australia-US Free Trade Agreement will commence in Australia in March, and the internet industry is flagging that ISP liability for copyright material is "on the table" as far as the US side is concerned.

US Trade Representative Robert Zoellick has raised the issue in a letter to Congress ahead of the talks.

A free trade agreement would probably involve the two nations "harmonising" key legislation on commerce. This could include bringing the Australian Copyright Act into line with US law.

sourceforge.net - Linux Security Auditing Tool (LSAT).

freshmeat.net: Linux Security Auditing Tool 0.6.3 .

Linux Security Auditing Tool (LSAT) is a post install security auditing tool. It is modular in design, so new features can be added quickly. It checks inetd entries and scans for unneeded RPM packages. It is being expanded to work with Linux distributions other than Red Hat, and checks for kernel versions.

CNET NEWS.COM - Microsoft fails Slammer's security test.

Microsoft's policy of relying on software patches to fix major security flaws was questioned Monday after a series of internal e-mails revealed that the software giant's own network wasn't immune from a worm that struck the Internet last weekend.

The messages seen by CNET News.com portray a company struggling with a massive infection by the SQL Slammer worm, which inundated many corporate networks Saturday with steady streams of data that downed Internet connections and clogged bandwidth.

[ ... ]

The messages put Microsoft in an awkward position: The company relies on customers to patch security flaws but the events of last weekend show that even it is vulnerable. In this case, Microsoft urged customers to fix a vulnerability in the SQL Server 2000 software, but it apparently hadn't taken its own advice. Moreover, despite its 1-year-old security push, the software giant still had critical servers vulnerable to Internet attacks.

"This shows that the notion of patching doesn't work," said Bruce Schneier, chief technology officer for network protection firm Counterpane Internet Security. "Publicly, they are saying it's not our fault, because you should have patched. But Microsoft's own actions show that you can't reasonably expect people to be able to keep up with patches."

Slashdot | Slammer Worm Slams Microsofts Own.

MondoMor writes "Microsoft's forgot to patch some of its own servers to protect it from the months-old vulnerability exploited by the Slammer Worm, reports C|Net. Oops. Apparently Redmond's network was hit pretty hard. Just goes to show that no matter who you are, you'd better keep your apps patched."

Slashdot | [H|Cr]acker Insurance.

Spellbinder writes "yahoo has an article on Hacker insurance, also known as "network risk insurance," has been on the market for about three years, but is expected to explode from a $100 million sideshow into a $2.5 billion behemoth by 2005, according to insurance industry projections."

New York Times - free registration required Worm Hits Microsoft, Which Ignored Own Advice.

The disruption was particularly embarrassing for Microsoft, which has been preaching the gospel of secure computing. On Jan. 23, the company's chairman, Bill Gates, sent a memo to customers describing progress in improving its products since he announced a "trustworthy computing" initiative a year ago.

"While we've accomplished a lot in the past year, there is still more to do," he wrote. He cited the hundreds of millions spent to shore up Microsoft's products, and its plans to deliver more secure products in the future. He also listed "things customers can do to help." The first item was "stay up to date on patches."

The paradox was not lost on computer security experts. "Microsoft has been blaming the users, saying they have to keep their patches up to date," said Bruce Schneier, founder and chief technical officer of Counterpane Internet Security Inc., a company that manages security for customers. "On the other hand, their own actions demonstrate how unrealistic that position is."