Monday, March 12, 2007

courant.com | Our I.D., Their Trash - Sensitive Records Turn Up In Ohio Papers with sensitive information about Connecticut residents - Social Security numbers, medical records, names, phone numbers, addresses and bank records began blowing from an Ohio landfill onto nearby homeowner Harry Evans' yard months ago. At first he just picked up the litter - dozens of papers in all - and threw it away. But about a week ago, Evans says, he talked with his wife about the personal nature of some of the windblown papers and decided he'd had enough. He called the local media. Soon, newspaper and TV reporters descended on his home in Negley. 4:41:49 PM

TorontoSun.com - Canada - Privacy swipe? New system would check IDs in stores Convenience stores that check ID by swiping driver's licences could be violating privacy law, Government Services Minister Gerry Phillips said Wednesday. The system called "We Expect ID," would see store clerks swipe licences through a lottery terminal to verify a customer's age when purchasing alcohol, cigarettes, adult magazines, lottery tickets or fireworks. The terminal will read age information from the magnetic stripe on the licence and display the person's age on the terminal. 4:38:21 PM

Popular P2P apps could expose sensitive files, report says. Popular P2P apps could expose sensitive files, report says. Five popular peer-to-peer file-sharing applications include features that could allow users to inadverdently share sensitive files on their computers with others, according to the U.S. Patent and Trademark Office. [Computerworld Privacy News] 4:33:43 PM

'Do the Right Thing'. Editorial 'Do the Right Thing'. Editorial: There is no greater hallmark of an IT leader than the courage it takes to do what[base ']s right, says Don Tennant. [Computerworld Privacy News] 4:32:08 PM

Seagate Ships Super-Secure Hard Disk Drive. Seagate Ships Super-Secure Hard Disk Drive. ASI Computer Technologies will use the automatically encrypted Momentus in a laptop. [PC World: Latest Technology News] 4:18:52 PM

Human Error Causes Most Data Loss, Study Says. Human Error Causes Most Data Loss, Study Says. Three-quarters of incidents involving loss of sensitive data are caused by human error, according to researchers. [PC World: Latest Technology News] 4:08:30 PM

QuickTime Security Update Taxes Some Mac Users. QuickTime Security Update Taxes Some Mac Users. Some computer users running Apple Mac OS X are having a bit of a taxing time with the TurboTax software after installing a recent security update for Apple's QuickTime media player. The QuickTime update, released last week, effectively prevents a number of programs from launching. The problem appears to be limited to users of Mac OS X 10.3.9 and earlier versions, but the interference caused by the QuickTime update is not limited to TurboTax. The update is reportedly causing problems with games such as World of Warcraft, Age of Empires III, Full Tilt Poker and Snake, according to numerous threads at the online user forums of both Apple and TurboTax. It looks like TurboTax parent Intuit plans to release an update on Monday to try and work around Apple's patch. The company even posted a link where users can leave their contact information to be alerted when a fix is available. For many users, that response stood in contrast to Apple's, which -- now a week after this "QuickTax" problem was first highlighted -- so far has been non-existent. Michael Molton, a software engineer from Virginia Beach, Va., was less than impressed: "COME ON APPLE," he wrote in a post last Wednesday on Apple's user forum. "You introduced this bug about 48 hours ago, there is zero excuse for not having a fix or at the VERY least some announcement that a fix is coming." A user going by the name MacPatty writes: "Is anyone at Apple actually working on this problem or we all just talking to each other here. Does Apple know that they created a big problem for us?" Apple's silence on security-related problems facing its rapidly expanding user base has been lagging a bit lately. More than four months ago, a computer worm that leveraged a design flaw in QuickTime spread rapidly to users of the social networking site MySpace.com, stealing passwords from more than 100,000 users. The company responded by quietly issuing a patch designed just for MySpace users, which MySpace admins rolled out in a rather clumsy and insecure way. But Apple largely refused to talk to reporters about the whole incident, and it has yet to issue an advisory to let QuickTime users know whether they should be at all concerned about it, and if so what they can do to minimize their chances of being the next victim. OK, so maybe the largest share of QuickTime users are running Microsoft Windows, and the MySpace worm didn't appear to do much more than steal MySpace logins. Still, this is an attack that could be replicated on other sites, with more serious consequences affecting both Mac and Apple users. A question for Apple: Could you create a simple blog that offers suggestions or workarounds for high-profile problems affecting your customers, or at least assure users that you have heard their concerns and are investigating the problem? [Security Fix] 4:03:34 PM

© Copyright 2007 Paul Hardwick. Last update: 3/18/07; 10:57:32 PM.