Saturday, March 18, 2006

Resident ID Cards Seen Driving China's RFID Market. Resident ID Cards Seen Driving China's RFID Market. China's resident identification card program is expected to be a major driver behind its soaring use of electronic tags. [Security Pipeline] 4:05:15 PM  PermaLink   / trackback []

Fujitsu Shows Palm Vein Authentication Sensor . Fujitsu Shows Palm Vein Authentication Sensor . PalmSecure biometric authentication device claims verification of a user's palm in less than two seconds. [Security Pipeline] 3:59:29 PM  PermaLink   / trackback []

Government ID Card claims deflated. Government ID Card claims deflated. Biometric data open to abuse, says EU data supervisor Biometric data employed for identification purposes could be misused and lead to "function creep", the European Data Protection Supervisor has warned. [The Register - Security] 3:29:00 PM  PermaLink   / trackback []

Lost Ernst & Young laptop exposes IBM staff. Lost Ernst & Young laptop exposes IBM staff. Oops, we did it again Exclusive Ernst & Young has lost another laptop containing the social security numbers and other personal information of its clients' employees. This time, the incident puts thousands of IBM workers at risk. [The Register - Security] 3:27:05 PM  PermaLink   / trackback []

Say Hi to the mouse click capturing Trojan. Say Hi to the mouse click capturing Trojan. Sting in the tail Security researchers have discovered a keylogging Trojan that captures mouse clicks as well as key strokes. PWSteal-Bancos-Q targets customers of online banking and financial institutions primarily in Brazil. However Australian anti-virus firm PC Tools warns that variants could be created to affect additional online financial sites worldwide. [The Register - Security] 3:25:46 PM  PermaLink   / trackback []

US bank approves ripped-up credit card application. US bank approves ripped-up credit card application. Follow the money A US man who sent in a torn up, and taped back together, credit card application as an experiment to see whether he needed to shred his applications has received a credit card. Rob Cockerham used his father's address and his mobile (as opposed to land line number) when making an application for a JP Morgan Chase credit card. [The Register - Security] 3:24:04 PM  PermaLink   / trackback []

New Trojan encrypts data, demands ransom. New Trojan encrypts data, demands ransom. A virus that encrypts documents and demands a ransom to get them back is circulating on the Internet, but at least one security company has released the password needed to recover the files. [Virus and worm news from Network World Fusion] 3:22:05 PM  PermaLink   / trackback []

Quiz Reveals Spyware Chicanery. Quiz Reveals Spyware Chicanery. Spyware and adware, how much to you know? Which sites are safe? How you can tell. An online quiz tests your ability to spot sites hosting the malicious stuff. [Security Pipeline] 3:20:15 PM  PermaLink   / trackback []

Visa Debuts RFID-Enabled Payment Card. Visa Debuts RFID-Enabled Payment Card. Use of "contactless" devices for retail has been slower to catch on in the United States than elsewhere around the world. [Security Pipeline] 3:18:35 PM  PermaLink   / trackback []

Lawmakers Give Bureaucrats Low Mark (Investor's Business Daily). Lawmakers Give Bureaucrats Low Mark (Investor's Business Daily). Investor's Business Daily - The government gave itself a D+ overall for computer security for 2005, in grades released Thursday by the House Committee on Government Reform. [Yahoo! News: Computer Security & Viruses] 3:16:19 PM  PermaLink   / trackback []

Keylogger Trojan hits Brazilian banking sites. Keylogger Trojan hits Brazilian banking sites. A new, advanced keylogging Trojan horse targeting users of financial Web sites can record mouse clicks as well as keystrokes, warns PC Tools. [Computerworld Cybercrime News] 3:05:29 PM  PermaLink   / trackback []

VM Rootkits: The Next Big Threat? (PC Magazine). VM Rootkits: The Next Big Threat? (PC Magazine). PC Magazine - SubVirt, a proof-of-concept virtual machine rootkit created by MS Research and the University of Michigan, pushes the envelope for hiding malware. Will this new threat strike from below? [Yahoo! News: Computer Security & Viruses] 3:03:40 PM  PermaLink   / trackback []

Web Application Penetration Testing and More. Web Application Penetration Testing and More. This eWEEK Labs TestRun podcast with Peter Coffee and Jim Rapoza looks at recent reviews of Web security products. [eWEEK Security] 2:58:53 PM  PermaLink   / trackback []

RFID World Still Reacting Strongly To Virus Research (TechWeb). RFID World Still Reacting Strongly To Virus Research (TechWeb). TechWeb - A researcher who suggests that computer viruses could be spread by RFID technology sets off a firestorm of debate. Industry sources weigh in. [Yahoo! News: Computer Security & Viruses] 2:54:47 PM  PermaLink   / trackback []

Michael Geist - CRIA's Own Study Counters P2P Claims While CRIA regularly trumpets commissioned studies as evidence for the problems posed by P2P, this week it released a major study without any fanfare whatsoever.  Conducted by Pollara last month, the study serves as part of CRIA's submission to the CRTC's Commercial Radio Review.  What makes this particular study interesting (aside from the fact that it finally includes full details on responses and the actual questions posed), is that much of the data challenges many familiar CRIA claims. 2:26:01 PM  PermaLink   / trackback []

Canadian Record Industry Disputes Own P2P Claims. Canadian Record Industry Disputes Own P2P Claims. CRIAWatch writes "The Canadian Recording Industry Association has quietly issued a new study that contradicts many of its own claims about the impact of P2P usage on the music industry. Michael Geist summarizes the 144 page study by noting that the research 'concludes that P2P downloading constitutes less than one-third of the music on downloaders' computers, that P2P users frequently try music on P2P services before they buy, that the largest P2P downloader demographic is also the largest music buying demographic, and that reduced purchasing has little to do with the availability of music on P2P services.'" [Slashdot] 2:22:18 PM  PermaLink   / trackback []

Californians' Privacy Not For Sale - Government Technology Attorney General Bill Lockyer, in the first enforcement action resulting from his ongoing investigation into the sale of cell phone records,this week filed a $10 million-plus lawsuit against Data Trace USA Inc. (Data Trace) that alleges the firm unlawfully obtained and sold wireless customers' confidential monthly call records. "Data Trace has used fraudulent means to commit outrageous invasions of privacy against California cell phone users," said Lockyer. "Unfortunately, this company is not alone. These shady operators are increasing in number. Californians' privacy is not for sale. They have a right to expect that their confidential cell phone call records remain just that -- confidential. Our investigation of this industry will continue. I'm committed to vigorously fighting this growing threat to privacy." The complaint alleges Data Trace and its director of operations, Ilia S. Nicholas, posed as cell phone customers, or agents of customers, to fraudulently obtain consumers' monthly call records from wireless carriers. They then sold access to those records, and advertised their services on their web site, www.datatraceusa.com, according to the complaint. Nicholas has several aliases, and addresses in New York and Florida. The defendants violated state laws that prohibit unfair business practices, and false or deceptive advertising, the complaint alleges. Specifically, the defendants misrepresented themselves to obtain the records, according to the complaint, and held out their services as legal, when in fact they were unlawful. Additionally, the complaint notes, the state Public Utilities Code and the federal Telecommunications Act of 1996 protect the confidentiality of phone users' call records. 2:17:38 PM  PermaLink   / trackback []

CERIAS Weblogs - Useful Firefox Security Extensions Mozilla's Firefox browser claims to provide a safer browsing experience out of the box, but some of the best security features of Firefox are only available as extensions. Hereâo[dot accent]s a roundup of some of the more useful ones Iâo[dot accent]ve found. 2:12:04 PM  PermaLink   / trackback []