Thursday, March 23, 2006

News Item 5588 Probes Scrutinize Caller ID Hacks.

Probes Scrutinize Caller ID Hacks. Spoofing sites let users control the phone number that flashes on Caller ID displays. They're primarily used for completely lawful purposes, providers say, but now Florida's attorney general is targeting the cottage industry, and an FCC probe is gaining steam. By Kevin Poulsen. [Wired News: Security Blanket]
1:41:41 PM  PermaLink   / trackback []  

News Item 5587 Schneier on Security: DHS Privacy and Integrity Report

Last year, the Department of Homeland Security finally got around to appointing its DHS Data Privacy and Integrity Advisory Committee. It was mostly made up of industry insiders instead of anyone with any real privacy experience. (Lance Hoffman from George Washington University was the most notable exception.)

And now, we have something from that committee. On March 7th they published their "Framework for Privacy Analysis of Programs, Technologies, and Applications."


1:40:17 PM  PermaLink   / trackback []  

News Item 5586 InfoSecDaily / Blogs: Privacy issues related to mobile and wireless Internet access

I just came across a research worth checking out by all the wardrivers and mobile/wireless Internet users out there. While it's written in 2004, "Privacy, Control and Internet Mobility", provides relevant info on an important topic - what kind of information is leaking and how can this be reduced. The abstract describes it as :

"This position paper explores privacy issues created by mo-
bile and wireless Internet access. We consider the information about the users identity, location, and the serviced accessed that is necessarily or unnecessarily revealed observers, including the access network, interme- diaries within the Internet, and the peer endpoints. In particular, we are interested in data that can be collected from packet headers and signaling messages and exploited to control the users access to communications resources and online services. We also suggest some solutions to reduce the amount of information that is leaked."

A more in-depth overview on the topic can also be found in "A Framework for Location Privacy in Wireless Networks"  ...

1:37:50 PM  PermaLink   / trackback []  

News Item 5585 p2pnet.net - the original daily p2p and digital media news site

p2p news / p2pnet: Claria [read Gator], one of the Net's most repulsive spyware and pop-up purveyors, says it's had a gut-full.

It will exit the adware business by June, "following persistent criticism from online publishers, consumer groups and privacy advocates," says the Associated Press.

Last July, Gator (oops,Claria) dumped another spyware app, Sharman Networks' p2p Kazaa, which has itself just had a major spyware related bollocking from the new StopBadware.org group.

"In a statement, Claria said it will require any buyer of its adware assets to agree to abide by a set of standards outlined by Truste and other privacy watchdog groups," says AP with a straight face.


1:35:18 PM  PermaLink   / trackback []  

News Item 5584 Sale of Data by Tax Preparers Draws Protests

Consumer groups and privacy advocates are attacking proposed Internal Revenue Service rules that would spell out how tax-return preparers may legally sell financial information and other data from their clients' returns.

It has long been a principle of tax administration that no unauthorized person can get such information and that this assurance encourages taxpayers to file honest and complete returns. That notion is still a "fundamental underpinning" of IRS practice, Commissioner Mark W. Everson said yesterday in an interview.

The proposal, issued in December, was billed by the IRS as improving privacy protections for taxpayers, detailing the steps for getting permission to use the information. But it has focused attention on a little-known fact: Although law forbids the unauthorized disclosure of taxpayer information, return-preparers have long been allowed to disclose it, even sell it, if they obtain their clients' permission. Once the information goes out the door, taxpayers have little control over what happens to it.

The problem, said Evan Hendricks, publisher of the Privacy Times newsletter and other publications on privacy, is that "information about you is valuable in general, and the more detailed . . . it is, the more valuable it is."

"The real danger here is that there's going to be lot of incentive" for preparers to obtain the permission surreptitiously, such as by spreading a lot of papers in front of clients and asking them to sign them all, Hendricks said.

Jean Ann Fox of the Consumer Federation of America said that under the new rules, taxpayers could be duped into releasing their information and run the "risk of having that information in a database somewhere." That is "dangerous," she said, and "essentially turns tax-return information into a commodity for the highest bidder.
1:32:18 PM  PermaLink   / trackback []  

News Item 5583 Circumventing Competition: The Perverse Consequences of the Digital Millennium Copyright Act

The courts have a proven track record of fashioning balanced remedies for the copyright challenges created by new technologies. But when Congress passed the Digital Millennium Copyright Act in 1998, it cut the courts out of this role and instead banned any devices that "circumvent" digital rights management (DRM) technologies, which control access to copyrighted content.

The result has been a legal regime that reduces options and competition in how consumers enjoy media and entertainment. Today, the copyright industry is exerting increasing control over playback devices, cable media offerings, and even Internet streaming. Some firms have used the DMCA to thwart competition by preventing research and reverse engineering. Others have brought the weight of criminal sanctions to bear against critics, competitors, and researchers.

The DMCA is anti-competitive. It gives copyright holders--and the technology companies that distribute their content--the legal power to create closed technology platforms and exclude competitors from interoperating with them. Worst of all, DRM technologies are clumsy and ineffective; they inconvenience legitimate users but do little to stop pirates.

Fortunately, repeal of the DMCA would not lead to intellectual property anarchy. Prior to the DMCA's enactment, the courts had already been developing a body of law that strikes a sensible balance between innovation and the protection of intellectual property. That body of law protected competition, consumer choice, and the important principle of fair use without sacrificing the rights of copyright holders. And because it focused on the actions of people rather than on the design of technologies, it gave the courts the flexibility they needed to adapt to rapid technological change.


1:27:34 PM  PermaLink   / trackback []  

News Item 5582 CATO Institute Releases Paper Criticizing DMCA.

CATO Institute Releases Paper Criticizing DMCA. flanksteak writes "The CATO institute has published a paper criticizing the DMCA entitled 'The Perverse Consequences of the Digital Millennium Copyright Act.' From the article: 'The DMCA is anti-competitive. It gives copyright holders--and the technology companies that distribute their content--the legal power to create closed technology platforms and exclude competitors from interoperating with them. Worst of all, DRM technologies are clumsy and ineffective; they inconvenience legitimate users but do little to stop pirates.'" A report worth taking a look at that puts into words what most of us know already. [Slashdot: Your Rights Online]
1:24:37 PM  PermaLink   / trackback []  

News Item 5581 Networking Pipeline | Blog | FCC Chief: AT&T Can Limit Net Bandwidth

FCC Chief Kevin Martin yesterday gave his support to AT&T and other telcos who want to be able to limit bandwidth to sites like Google, unless those sites pay extortion fees. Martin made it clear in a speech yesterday that he supports such a a "tiered" Internet.

Martin told attendees at the TelecomNext show that telcos should be allowed to charge web sites whatever they want if those sites want adequate bandwidth.

He threw in his lot with AT&T, Verizon, and the other telcos, who are no doubt salivating at the prospect at charging whatever the market can bear.

He did throw a bone to those who favor so-called "net neutrality" -- the idea that telcos and other ISPs should not be allowed to limit services or bandwidth, or charge sites extra fees. He said that the FCC "has the authority necessary" to enforce network neutrality violations. He added that it had done so already, when it stepped in to stop an ISP from blocking Vonage VoIP service.

But Martin's interpretation of "net neutrality" is far too narrow, and almost besides the point. By siding with telcos who want to be able to offer adequate bandwidth to sites that pay up, and to limit bandwidth to sites that don't, he'll help kill off new sites that can't afford to fork over the money.

That could help end Internet and network innovation, and we simply can't afford that.


1:22:11 PM  PermaLink   / trackback []  

News Item 5580 FCC Backs a Tiered Internet.

FCC Backs a Tiered Internet. Going to be extorted writes ""FCC Chief Kevin Martin yesterday gave his support to AT&T and other telcos who want to be able to limit bandwidth to sites like Google, unless those sites pay extortion fees. Martin made it clear in a speech yesterday that he supports such a a "tiered" Internet." Could this be the end of internet innovation?" [Slashdot: Your Rights Online]
1:19:18 PM  PermaLink   / trackback []  

News Item 5579 Digital Forensics Wiki.

Digital Forensics Wiki. This is the Forensics Wiki, devoted to information about digital forensics. We are just getting started, but still encourage you to browse the site and contribute whatever information you have... [LinuxSecurity.com]
1:15:10 PM  PermaLink   / trackback []  

News Item 5578 Philadelphia Inquirer | 03/21/2006 | IRS plans to allow preparers to sell data

The IRS is quietly moving to loosen the once-inviolable privacy of federal income-tax returns. If it succeeds, accountants and other tax-return preparers will be able to sell information from individual returns - or even entire returns - to marketers and data brokers.

The change is raising alarm among consumer and privacy-rights advocates. It was included in a set of proposed rules that the Treasury Department and the IRS published in the Dec. 8 Federal Register, where the official notice labeled them "not a significant regulatory action."

IRS officials portray the changes as housecleaning to update outmoded regulations adopted before it began accepting returns electronically. The proposed rules, which would become effective 30 days after a final version is published, would require a tax preparer to obtain written consent before selling tax information.

Critics call the changes a dangerous breach in personal and financial privacy. They say the requirement for signed consent would prove meaningless for many taxpayers, especially those hurriedly reviewing stacks of documents before a filing deadline.

"The normal interaction is that the taxpayer just signs what the tax preparer puts in front of them," said Jean Ann Fox of the Consumer Federation of America, one of several groups fighting the changes. "They think, 'This person is a tax professional, and I'm going to rely on them.' "

Criticism also came from U.S. Sen. Barack Obama (D., Ill.). In a letter last Tuesday to IRS Commissioner Mark Everson, Obama warned that once in the hands of third parties, tax information could be resold and handled under even looser rules than the IRS sets, increasing consumers' vulnerability to identity theft and other risks.

"There is no more sensitive information than a taxpayer's return, and the IRS's proposal to allow these returns to be sold to third-party marketers and database brokers is deeply troubling," Obama wrote.

The IRS first announced the proposal in a news release the day before the official notice was published, headlined: "IRS Issues Proposed Regulations to Safeguard Taxpayer Information."


1:07:30 PM  PermaLink   / trackback []  

News Item 5577 IE Worries Continue With Additional Critical Bug.

IE Worries Continue With Additional Critical Bug. Third major flaw found in Microsoft browser this week. [PCWorld.com - Latest News Stories]
1:03:41 PM  PermaLink   / trackback []  

News Item 5576 MPs pick at ID threads.

MPs pick at ID threads.

Will industry lead gov by biometric nose?

A Commons committee has expressed doubts that existing technology can handle the government's national identity card scheme

[The Register - Internet and Law: Digital Rights/Digital Wrongs]
1:01:54 PM  PermaLink   / trackback []  

News Item 5575 Detecting Botnets Using a Low Interaction Honeypot.

Detecting Botnets Using a Low Interaction Honeypot. Jamie Riden describes a simple honeypot using PHP and emulating several vulnerabilities in Mambo and Awstats. By Jamie Riden. [Infosec Writers Latest Security Papers]
1:00:25 PM  PermaLink   / trackback []  


© Copyright 1997- 2006 Paul Hardwick, with Web Hosting provided by MacRonin.com .
Last update: 4/7/06; 12:30:29 AM .

Click here to visit the Radio UserLand website. Valid CSS! Subscribe to "Privacy Digest: Privacy News (Civil Rights, Encryption, Free Speech, Cryptography)" in Radio UserLand. Click to see the XML version of this web page. Click here to send an email to the editor of this weblog.