Friday, March 16, 2007

Injunction Against Companies Allegedly Engaged in ID Theft. Injunction Against Companies Allegedly Engaged in ID Theft. "Combating identity theft is one of my top priorities in the consumer protection arena." [GT: Security and Privacy] 3:48:47 PM

Visa Chief: Customer Data Theft Neither Random Nor Unavoidable - Software Technology News by InformationWeek Although the use of the Internet to buy and sell online has introduced a slew of security concerns within the payment services industry, Visa USA president and CEO John Philip Coghlan insists that technology is the solution to combating fraud -- not the cause of it. Coghlan also pointed out during Visa's security summit in Washington, D.C., Thursday that data breaches are neither random nor inevitable if proper security measures are taken. The TJX data breach "was a stark reminder to all of us that such events can have vast reach and consequences," Coghlan said. Such breaches create mistrust and can undermine efforts make to build a good brand image. But, he made clear, "the majority of compromises come from storage of prohibited data and using vulnerable systems to process data." TJX, the parent company of retailers T.J. Maxx, Marshalls, HomeGoods, and others, made headlines in February when it revealed an attack on its systems had resulted in the theft of customer information. Just as the headlines were threatening to die down, TJX announced a few weeks later that intrusions into its system actually began as early as July 2005, rather than beginning in May 2006 as the company had originally reported. While the exact nature of the TJX data breach has not yet been revealed, in general, financial information is stolen in a number of ways, including the physical theft of a wallet, checkbook, or credit card; theft of information from one's home from friends, relatives, or in-home employees; phishing messages that trick people into divulging information to fraudsters; hacks, viruses, and spyware on a PC or ATM machine; and a corrupt business employee with access to your records. But data theft is not random. Instead, it's perpetrated against businesses with the weakest security and the most valuable information, Coughlin said Thursday, adding, "More than 80% of all dollars lost come from 20% of fraudulent transactions." 3:39:19 PM

Security Watch - Visa - customer data theft neither random nor unavoidable Very revealing speech last week by John Coughlan, Visa USA's CEO, who insists that the technology is available to prevent cardholder data falling into the wrong hands. In a speech at Visa's security summit in Washington late last week, Coughlan said that cardholder data breaches are neither random nor inevitable if proper security measures are taken. The TJX (TJ Maxx) data hack, he said, "was a stark reminder to all of us that such events can have vast reach and consequences." According to Coughlan, such hacks can create mistrust and undermine efforts to build a positive brand image. But, he said, the majority of system compromises result from the storage of prohibited data and using vulnerable systems to process data. 3:36:34 PM

RIAA Has to Disclose Attorneys Fees In Foster Case. RIAA Has to Disclose Attorneys Fees In Foster Case.   NewYorkCountryLawyer writes  "The RIAA has been ordered to turn over its attorneys' billing records by March 26, 2007, in Capitol v. Foster in Oklahoma. The 4- page decision and order, issued in connection with the determination of the reasonableness of Ms. Foster's attorneys fees, requires the RIAA to produce the attorneys' time sheets, billing statements, billing records, and costs and expense records. The Court reviewed authorities holding that an opponent's attorneys fees are a relevant factor in determining the reasonableness of attorneys fees, quoting a United States Supreme Court case which held that 'a party cannot litigate tenaciously and then be heard to complain about the time necessarily spent by his opponent in response' (footnote 11 to City of Riverside v. Rivera)." [Slashdot: Your Rights Online] 3:02:44 PM

NPR Takes First Step To Fight Internet Royalties. NPR Takes First Step To Fight Internet Royalties. jmcharry sent in an article that opens, "After the Copyright Royalty Board (CRB) decided to drastically increase the royalties paid to musicians and record labels for streaming songs online, National Public Radio (NPR) will begin fighting the decision on Friday, March 16 by filing a petition for reconsideration with the CRB panel." [Slashdot: Your Rights Online] 2:57:50 PM

Groklaw - Transcript of the March 7 Hearing in SCO v IBM Here is the transcript of the March 7th hearing in SCO v IBM, the last of the summary judgment hearings transcripts. Thanks yet again to Chris Brown for arranging to obtain the transcripts. On this day, Kimball was quite busy. He heard several motions, all the ones left over from the first two hearings on March 1 and March 5: IBM's Motion for Summary Judgment on its Claim for Declaratory Judgment of Non-Infringement (Tenth Counterclaim) (PDF) -- asking for a judgment that the Linux kernel does not infringe copyrights owned by SCO IBM's Motion for Summary Judgment on its Claim of Copyright Infringment (Eighth Counterclaim) -- IBM's counterclaim regarding SCO's violation of the GPL and consequent copyright infringment -- (PDF) SCO's cross motion in which it tries to say it never violated the GPL (if you spin the wording their way) (PDF) and SCO's motion for Summary Judgment on IBM's Second, Third, Fourth, and Fifth Counterclaims (PDF) -- SCO's motion trying to get SCO off the hook for all the trash talk in the media. On this day, we learn from IBM's attorney, David Marriott that the "mountain of code" SCO's CEO Darl McBride told the world about from 2003 onward ends up being a measly 326 lines of noncopyrightable code that IBM didn't put in Linux anyway. On the other hand, SCO has infringed all 700,000 lines of IBM's GPL'd code in the Linux kernel. SCO's GPL defense is of the lip-curling variety and quite funny. And it's also quite amusing to watch SCO try to wriggle out of responsibility for all the trash talk its executives treated us to in its PR campaign. 2:55:03 PM

The Score is IBM - 700,000 / SCO - 326. The Score is IBM - 700,000 / SCO - 326.  The Peanut Gallery writes  "After years of litigation to discover what, exactly, SCO was suing about, IBM has finally discovered that SCO's 'mountain of code' is only 326 scattered lines. Worse, most of what is allegedly infringing are comments and simple header files (like errno.h). These probably aren't copyrightable for being unoriginal and dictated by externalities and aren't owned by SCO in any event. Above and beyond that, IBM has at least five separate licenses for these elements, including the GPL, even if SCO actually owned those lines of code. In contrast IBM is able to point out 700,000 lines of code, which they have properly registered copyrights for, which SCO is infringing upon if the Court rules that it repudiated the GPL."  [Slashdot: Your Rights Online] 2:52:31 PM

RIAA to Universities: Help Us Threaten Your Students. RIAA to Universities: Help Us Threaten Your Students. Not content with wasting universities' resources via their usual tactics--i.e., flooding them with machine-generated complaints about file sharing--the major record labels are now demanding that universities help them shake down students. The RIAA has asked universities and colleges to forward "pre-lawsuit" letters to alleged filesharers that promise a "discounted" settlement price if the student agrees to pay up immediately. Forwarding the letters saves the RIAA the trouble and expense of filing a lawsuit to obtain students' contact information--a savings that may be redirected to more lawsuits. To add insult to injury, the letters advise students to contact the RIAA if they have any questions. It's safe to say that the RIAA is unlikely to give students the full picture. For example, will the RIAA tell students that parents are generally not liable for infringements committed by their kids, or that the record labels sometimes sue the wrong people? Probably not. We think students should seek out less biased sources of information--and their institutions should assist in that process. Toward that end, we've put together a short FAQ to help students learn more about their options; we hope colleges and universities that forward the RIAA's threat letter will take the additional step of directing students to this FAQ as well as other neutral information sources. Of course, the RIAA should not be putting universities in this perverse position in the first place. If you'd like to help academic institutions get back to their real mission--educating students, not helping to threaten them--Take action now to help stop the lawsuit campaign. [EFF: Deep Links] 2:43:13 PM

Beeb shuts down Jam education website. Beeb shuts down Jam education website. Internet no place for free stuff, says EC The BBC has suspended its free online education website after complaints from commercial providers. [The Register - Music and Media] 2:40:35 PM

© Copyright 2007 Paul Hardwick. Last update: 3/18/07; 5:04:13 PM.