Wednesday, March 14, 2007

Honoring Sunshine Week. The Total Information Awareness project FOIA saga. Honoring Sunshine Week. 27B tells the sad tale of requesting open records on the government's Total Information Awareness project. 44 months later, still no word. In 27B Stroke 6. [Wired News: Top Stories] 4:29:39 PM

FBI Slips Demand Patriot Act Cuts. FBI Slips Demand Patriot Act Cuts. A probe finds the bureau abused its expanded powers to obtain Americans' private records. Time to put the G-men on a shorter leash. Commentary by Jennifer Granick. [Wired News: Top Stories] 4:25:02 PM

Swap your stuff using the latest peer-to-peer network Downloading by Mail. Swap your stuff using the latest peer-to-peer network -- the U.S. Postal Service. By Jeff Howe from Wired magazine. [Wired News: Top Stories] 4:22:33 PM

Citizen Journalism Wants You! Citizen Journalism Wants You!  Wired News, Wired magazine and NewAssignment.Net invite you to join an open-ended experiment in distributed journalism. Project leader Jay Rosen explains all.Plus: Wired Meets Assignment Zero. [Wired News: Top Stories] 4:19:01 PM

Sun CSO: Endless Internet Growth Keeps Security on Back Burner. Sun CSO: Endless Internet Growth Keeps Security on Back Burner. Q&A: Whitfield Diffie, chief security officer at Sun and co-inventor of public-key cryptography, talks about the state of computer security and Microsoft[base ']s role in it. [Computerworld Privacy News] 4:07:25 PM

Four Colorado Counties Placed on Election Watch List. Four Colorado Counties Placed on Election Watch List. Errors with voting machines, delays in voting, inadequate security cited. [GT: Security and Privacy] 4:04:05 PM

ID Fraud Manufacturing Ring Uncovered in Arizona. ID Fraud Manufacturing Ring Uncovered in Arizona. Three month investigation of Arizona Homeland Security Fraudulent Identification Task Force (AFIT) uncovers one of the largest manufacturers of fraudulent identification in Southern Arizona. [GT: Security and Privacy] 4:00:48 PM

Latest ID-Theft Worry? Copiers. Latest ID-Theft Worry? Copiers. Digital photocopiers use hard drives to store data. If not properly secured, they can be vulnerable to data thieves. By the Associated Press. [Wired News: Security Blanket] 3:55:53 PM

FCW.com News - Bill would protect information about students from recruiters An amendment to the No Child Left Behind (NCLB) Act seeks to keep military recruiters from accessing secondary students' personal data by requiring parents to choose to share that information rather than having to opt out of sharing it. Rep. Mike Honda (D-Calif.) introduced the legislation March 6. The Student Privacy Protection Act would require local school systems to obtain written consent before releasing information on secondary school students to military recruiters or their agents. The measure will next be referred to the House Education and Labor Committee sometime during this session, said a spokesperson for Honda. That committee's chairman, Rep. George Miller (D-Calif.), is a co-sponsor of the bill. Because of a provision in the NCLB, school districts are directed to give information about students to military recruiters unless parents explicitly request that their children's data remains private. Since the enacting of NCLB, secondary schools have been supplying the names, addresses and telephone numbers of students to recruiters sponsored by the military services. However, schools often failed to make parents aware of the option to keep that information private, Honda said. 3:54:06 PM

SignOnSanDiego.com > Technology -- Official: Yahoo didn't violate laws in case of jailed journalist HONG KONG - Investigators said Wednesday there was not enough evidence to show that Yahoo Inc.'s Hong Kong branch provided private information that helped convict a Chinese reporter accused of leaking state secrets. The case raised questions about whether Internet companies should cooperate with governments that deny freedom of speech and frequently crack down on journalists. Yahoo! Hong Kong Limited was accused of helping Chinese authorities by Hong Kong lawmaker Albert Ho, who filed a complaint last year with the city's privacy commissioner. Ho alleged the Internet company provided information that helped convict journalist Shi Tao, sentenced to 10 years in jail in 2005 on mainland China. 3:43:01 PM

DMCA Abuser Apologizes for Takedown Campaign. DMCA Abuser Apologizes for Takedown Campaign. Michael Crook Agrees to Stop Attacks on Free Speech San Francisco - Michael Crook, the man behind a string of meritless online copyright complaints, has agreed to withdraw those complaints, take a copyright law course, and apologize for interfering with the free speech rights of his targets. The agreement settles a lawsuit against Crook filed by the Electronic Frontier Foundation (EFF) on behalf of Jeff Diehl, the editor of the Internet magazine 10 Zen Monkeys. Diehl was forced to modify an article posted about Crook's behavior in a fake sex-ad scheme after Crook sent baseless Digital Millennium Copyright Act (DMCA) takedown notices, claiming to be the copyright holder of an image used in the story. In fact, the image was from a Fox News program and legally used as part of commentary on Crook. But Crook repeated his claims and then attempted to use the same process to get the image removed from other websites reporting on his takedown campaign. "Crook's legal threats interfered with legitimate debate about his controversial online behavior," said EFF Staff Attorney Jason Schultz. "Public figures must not be allowed to use bogus copyright claims to squelch speech." In addition to withdrawing current complaints against Diehl and every other target of his takedown campaign and taking a copyright law course, Crook has also agreed to limit any future DMCA notices to works authored or photographed by himself or his wife, or where the copyright was specifically assigned to him. All future notices must also include a link to EFF information on his case, as well as the settlement agreement. Crook has also recorded a video statement to apologize and publicize the dangers of abusing copyright law. "We're pleased that Crook has taken responsibility for his egregious behavior," said EFF Staff Attorney Corynne McSherry. "Hopefully, this will set a precedent to prevent future abuse of the law by those who dislike online news-reporting and criticism." The settlement with Michael Crook is part of EFF's ongoing campaign to protect online free speech from the chilling effects of bogus intellectual property claims. EFF recently filed suit against the man who claims to have created the popular line dance "The Electric Slide" for misusing copyright law to remove an online documentary video that included footage of people trying to do the dance. For the video statement from Michael Crook: http://blip.tv/file/169553 For more on Diehl v. Crook: http://www.eff.org/legal/cases/diehl_v_crook/ Contacts: Corynne McSherry Staff Attorney Electronic Frontier Foundation corynne@eff.org Jason Schultz Staff Attorney Electronic Frontier Foundation jason@eff.org [EFF: Breaking News] 3:33:48 PM

OpenCongress OpenCongress brings together official government data with news and blog coverage to give you the real story behind each bill. 3:30:38 PM

Tracking the Password Thieves. Tracking the Password Thieves. The Washington Post today ran a story I wrote about an epidemic of data theft being fueled by password-stealing viruses and phishing attacks. In some ways, the story behind the reporting that went into the piece is just as interesting, so I'd like to share a few of those details. I based the story in part on a cache of stolen data I found online (more on how I obtained it in a bit). The data was being compiled by a password-stealing virus that had infected many thousands of computers worldwide; the particular text file that I found included personal information on 3,221 victims scattered across all 50 U.S. states. Using a custom-built application that makes use of the Google Maps API, I was able to chart the approximate locations of the victims. This was possible because at the beginning of each record was the virus's best guess of the longitude and latitude of the infected computer's Internet address. This so-called "geo-IP" process is far from perfect: Sometimes these automated guesses are disturbingly accurate, and other times they are miles wide or completely wrong. The approximate location of the 3,221 U.S. residents victimized by this virus (Data gathered by washingtonpost.com; image courtesy Secure Science Corp. and Google). Scammers collect information about the location of their victims because it becomes useful when they want to conduct fraud with a hijacked credit or debit card account. The idea here is to evade a key component of fraud detection in the financial industry -- transaction location tracking. If Joe in Georgia starts suddenly withdrawing money or making purchases in Nigeria or Europe when his last transaction was an hour earlier in Atlanta, Joe's bank is going to flag the transactions as fraudulent and in all likelihood cancel the card. [Security Fix] 11:30:56 AM

© Copyright 2007 Paul Hardwick. Last update: 3/18/07; 6:44:30 PM.