Saturday, March 17, 2007

Google's Blog Software Hijacked by Scammers. Google's Blog Software Hijacked by Scammers. Google's blogger.com is being hijacked to spread malware through fake blogs, a security vendor warns. [PC World: Latest Technology News] 10:58:36 PM  PermaLink   / trackback []

Firefox Takes New Tack on Testing Security Bug Fixes. Firefox Takes New Tack on Testing Bug Fixes. Mozilla decides there will be more beta testing before it publishes security fixes for the Firefox browser. [PC World: Latest Technology News] 10:00:17 PM  PermaLink   / trackback []

Hackers Promise Month of MySpace Bugs. Hackers Promise Month of MySpace Bugs. They won't divulge their real names, they call their project a "whiny, attention-seeking ploy," and they appear to take their fashion cues from Beastie Boys music videos. [PC World: Latest Technology News] 9:58:02 PM  PermaLink   / trackback []

Administrivia: Possible unscheduled upgrade of Privacy Digest Administrivia: Possible unscheduled upgrade of Privacy Digest. I might be implementing an unscheduled upgrade of the site due to some problems with the software I am currently using to run the site. I had been working on upgrading the software to implement some new features but may have to implement sooner than originally planned. If you would like to take a peek at the planned software take a visit to http://www.PrivacyDigest.com/index.php Yes the full URL will have to be entered until I have completed the switch over. There may be some hiccups during the process as the XML/RSS location will change along with access to the sub-topics. I plan to create mod-rewrite rules to take of this but they may not all be ready on day one. Please let me know what you think. 9:39:04 PM  PermaLink   / trackback []

HP Case Wraps Up but Pretexting Problems Remains. HP Case Wraps Up but Pretexting Problems Remains. Although a new federal law makes pretexting illegal, it will likely remain a problem for phone companies and other potential victims of the practice. [PC World: Latest Technology News] 9:26:39 PM  PermaLink   / trackback []

U.S. Lawmakers Introduce New Spyware Bill. U.S. Lawmakers Introduce New Spyware Bill. Two U.S. lawmakers reintroduce a bill that would impose penalties of up to five years of prison time and fines for spyware activities. [PC World: Latest Technology News] 9:21:55 PM  PermaLink   / trackback []

CEBIT : IBM researchers take on video surveillance privacy. CEBIT : IBM researchers take on video surveillance privacy. IBM researchers are looking to tackle one of the thornier problems with video surveillance systems: How do you secure the privacy of innocent bystanders? [Computerworld Data Mining News] 9:17:36 PM  PermaLink   / trackback []

Your Clickstream Data: 40 cents; Losing Your Privacy: Priceless. Your Clickstream Data: 40 cents; Losing Your Privacy: Priceless. Adam Fields points to this disturbing revelation that ISPs are apparently selling their customer[base ']s clickstream data. The guilty ISPs apparently took the same [base "]anonymization[per thou] seminar as AOL, merely replacing user names with User 1, User 2, etc. And what kind of price are they charging for such a violation of user[base ']s privacy? About 40 cents a month per user. Unbelievable. [michaelzimmer.org] 9:15:54 PM  PermaLink   / trackback []

Line Noise's Time in the Sunshine. Line Noise's Time in the Sunshine. Line Noise, EFF's occasional podcast, is back with a new edition for Sunshine Week. David Sobel, EFF Senior Attorney and director of our FLAG project, talks about uncovering the secrets behind National Security Letters, government datamining, and exactly how big the FBI's file on the CIA is. You can download this edition of Line Noise directly in player-friendly MP3 or patent-friendly Ogg Vorbis formats. Alternatively, cut and paste these links into your podcast aggregator to download new Line Noise programs as they appear: MP3 version (for most portable player users) Ogg version   [EFF: Deep Links] 9:12:17 PM  PermaLink   / trackback []

FOIA Reforms Plow Forward in Congress. FOIA Reforms Plow Forward in Congress. The House of Representatives has passed a bill that will make much-needed updates to the Freedom of Information Act (FOIA), and strengthen the public's right to get records from the federal government. H.R. 1309, the Freedom of Information Act Amendments of 2007, was approved yesterday by a considerable 308-117 margin. But the White House lashed out against the legislation, calling FOIA improvements "premature and counterproductive" in light of an 2005 presidential order requiring agencies to streamline their FOIA processes. Just this week the National Security Archive released a report showing how necessary FOIA improvements are. The non-profit research group found that most federal agencies have failed to improve online access to public information in spite of a decade-old FOIA change requiring that they do so. In related news, a bipartisan bill similar to H.R. 1309 was introduced earlier this week in the Senate. Like the House bill, S. 849, the Openness Promotes Effectiveness in our National Government Act of 2007, will improve the public's right to access government information through the FOIA and penalize agencies that don't comply with the law. Learn more about the FOIA and EFF's Flag Project here. [EFF: Deep Links] 8:58:34 PM  PermaLink   / trackback []

GoDaddy, Get a Backbone and Protect Your Users' Rights. GoDaddy, Get a Backbone and Protect Your Users' Rights. A few weeks back, we wrote about how domain name registrar GoDaddy took offline Seclists.org based merely on an informal request and without providing any meaningful notice to the site's operator. Unfortunately, this isn't the only instance in which GoDaddy has carelessly ignored its users' rights. In February, EFF was contacted by an anonymous owner of a parody and criticism website forum that allegedly exposes the financial corruption and domestic scandal of a local politician in Birmingham, Alabama. As part of a civil case in family court, an attorney representing the politician's girlfriend issued a subpoena to GoDaddy seeking the identity of the website owner, who was not a party to the lawsuit. With the website owner's right to anonymous speech on the line, what did GoDaddy do? It caved without any apparent hesitation, providing its customer with a mere three days to find a lawyer and decide whether to file a challenge. GoDaddy also refused to provide a copy of the subpoena, which included essential information to determine whether and how to respond. GoDaddy promises in its privacy policy to turn over customers' information only if required by law, but its lawyers didn't give this subpoena even a shred of scrutiny. Had they done so, they could have seen it was clearly invalid -- GoDaddy is located in Arizona and Alabama state law doesn't permit a subpoena to be issued on someone out of state. That was the ultimate conclusion of the state judge who eventually quashed the subpoena, no thanks to GoDaddy. Even putting aside this aspect of GoDaddy's casual disregard for its customer's interests, the company's behavior is shameful. The First Amendment limits the ability of litigants to pierce a speaker's anonymity, particularly when that person isn't even being sued. GoDaddy owes its customers meaningful notice, time, and information so that they can fight back and protect their rights. With the help of lawyer Lewis Page, the anonymous website operator did manage to move to quash before it was too late. But GoDaddy's sloppy practices still put an unfair burden on this user and continue to threaten all of its customers' rights. For what online service providers ought to do to protect their users, check out our best practice guide. [EFF: Deep Links] 8:50:31 PM  PermaLink   / trackback []