Search
Homer Simpson and the Kimya Botnet - Via Slashdot:
An anonymous reader writes "As all hardcore Simpsons fans know, Chunkylover53@aol.com was revealed to be Homer Simpsons' email address in one particular episode, registered by one of the shows writers, who would reply to fans as Homer himself. After a flood of messages, 'Homer' signed off — seemingly forever. Well in the last few days, security company Facetime Communications reports that anyone who had Homer on their AIM buddy list would have noticed his sudden reappearance. Unfortunately for all, he appears to have been hacked and pushing malware links which deposit those unlucky enough to run the file into a Turkish Botnet. The message claims the file is a 'web exclusive' episode of the TV show — an interesting way of targeting a specific group of fans who would assume Homers return would only coincide with something special like (say) a TV episode just for them. What I want to know is, is Homer smart enough to run an AV scan?"
(Read Original Article - Via Slashdot.)
Judge Says First-Ever RIAA Piracy Trial May Need a Do-Over - Via Threat Level:
The federal judge who oversaw the Recording Industry Association of America's lawsuit against Jammie Thomas said Thursday he might have erred with one of his instructions to the jury, and is considering granting a new trial.
In response, an RIAA spokeswoman said, "if we have to re-try the case, we will do so without hesitation."
U.S. District Court Judge Michael Davis, who presided over the nation's only file sharing case to go to a jury, noted in a brief order (.pdf) Thursday that, under federal case law, infringing a copyright likely requires actual dissemination of the pirated content, not merely making copyrighted works available. read more »
Bloggers Respond to WSJ's NSA Surveillance Article - Via EFF: Deep Links:
Bloggers have already begun tackling the Wall Street Journal's "omnibus" article about expansive domestic surveillance by the National Security Agency (NSA). While many posts are providing large excerpts thanks to the Wall Street Journal's onerous paywall (which actually seems to be disabled for the story at the time of this writing), bloggers are reaching similar conclusions: read more »
Facebook Wants Founder's Privacy Back, THREAT LEVEL to Blame? - Via Threat Level:
There's much online ado about the independent Harvard magazine 02138 posting documents from the court case accusing Facebook founder Mark Zuckerberg of stealing the idea for the social networking site from some classmates, mainly because the documents include Zuckerberg's Harvard application with his full Social Security Number. (The sensitive info has since been redacted).
THREAT LEVEL read some of the transcripts from Zuckerberg's deposition where his arrogance is clear, but I mostly ignored the story until Facebook lawyers started stamping their feet, ironically complaining about privacy violations and crying that the documents should never have been released by the court. read more »
Slashdot | NJ Spammer Gets Two Years Jail for AOL Spam Scam: "Tech.Luver writes 'A man from New Jersey has been sentenced to more than two years in prison for sending more than a million spam messages to AOL users. read more »
Who Loves Real ID? AOL, Microsoft and Yahoo Do.: "The federal Real ID Act doesn’t have many friends these days. Eighteen states have passed legislation rejecting the law, Congress has refused to put any money into implementing it, and just this week New York Gov. Elliot Spitzer announced he, not the Feds, would determine New York’s drivers license policy, with officials in his administration indicating the state might opt out of the Real ID program altogether.
The few remaining cheerleaders for this national ID system, which promises to be a nightmare for privacy and identity security, have resorted to classic doublespeak to try to salvage Real ID’s reputation. On the Department of Homeland Security blog Wednesday, Secretary Michael Chertoff claims Real ID would actually protect privacy. (‘War is Peace’ and ‘Freedom is Slavery’ will be the subjects of future blogs.) read more »
AOL Instant Messaging Client Vulnerable to Exploitation, Uninstall It Now:
AOL's Instant Messaging software, both old and the new beta, contains a security hole that lets anyone who sends you a message to run arbitrary commands and exploit Internet Explorer without the user having to do anything, according to Ryan Naraine at Zero Day.
The hole, first reported to AOL more than a month ago, will not be fixed until the middle of October for the millions of people using AOL's AIM client. read more »
Privacy commissioner says mining info from used-goods sellers a slippery slope | CFRB: TORONTO (CP) - Ontario's privacy commissioner has ordered the city of Ottawa and its police force to stop mining "extensive" information from people selling goods to second-hand stores, cautioning the practice is a slippery slope toward an Orwellian society where authorities could misuse private data.
Information and Privacy Commissioner Ann Cavoukian has also ordered the destruction of all personal information already collected, marking the first time she has used a special cease-and-destroy provision in the province's privacy laws.
"It seems to me that this is a solution in search of a problem," read more »
Class Action Initiated Against RIAA: NewYorkCountryLawyer writes "Ever since the RIAA's litigation campaign began in 2003, many people have been suggesting a class action against the RIAA. Tanya Andersen, in Oregon, has taken them up on it. The RIAA's case against this disabled single mother, Atlantic v. Andersen, has received attention in the past, for her counterclaims against the RIAA including claims under Oregon's RICO statute, the RIAA's hounding of her young daughter for a face-to-face deposition, the RIAA's eventual dropping of the case 'with prejudice,' and her lawsuit against the RIAA for malicious prosecution, captioned Andersen v. Atlantic. Now she's turned that lawsuit into a class action. read more »
Contracts can't be changed online without notice, court rules A federal appeals court has ruled that companies can't change their contracts and post those revisions online without notifying customers first.
The ruling (download PDF) by the U.S. Court of Appeals for the Ninth Circuit paves the way for Joe Douglas, a customer of telephone company Talk America Holdings Inc., to file a class-action suit against the company. Talk America has since merged with Cavalier Telephone LLC in Richmond, Va. Cavalier could not be reached for comment.
Privacy experts and others have been grappling with the issue of how companies service customers online, as well as how they use their personal information after mergers or acquisitions, since the emergence of e-commerce in the 1990s.
"It seems as if this was born of someone trying to get something out of someone," said Sucharita Mulpuru, an analyst at Forrester Research Inc. in Cambridge, Mass.
Mulpuru said companies should always notify customers before making any changes to their policies.
"How hard is it to send out an e-mail letting people know about [any changes]?" she said. read more »
Courts Reject Tech Corporation Bans on Class Action Suits: "Frosty Piss writes 'Class action waivers included in cell phone companies' contracts with customers are invalid in Washington State because they violate the state's Consumer Protection Act, the state Supreme Court ruled Thursday. Five plaintiffs accused Cingular of read more »
Experian rejects ID theft notification proposal | Channel Register: Credit rating giant Experian has rejected the notion of automatically informing UK citizens when their ID details may have been hijacked.
Experian's hardline stance came at a conference on 'Big Brother Britain' in London today, where a number of speakers said that more severe penalties and obligations should be imposed on companies to ensure data individuals' privacy concerns are taken seriously.
Anna Fielder, policy consultant at the National Consumer Council, said the UK should follow the example of California, where companies who expose individuals' data have to contact and notify the individuals concerned. read more »
Encryption vendor claims AACS infringes its patents, sues Sony:Canadian encryption vendor Certicom yesterday filed a wide-ranging lawsuit against Sony, claiming that many of the products offered by the electronics giant infringe on two Certicom patents. This might sound like business as usual until you realize what's being targeted: AACS and (by extension) the PlayStation 3.
Certicom has done extensive work in elliptic curve cryptography (ECC), and the patents in question build on this work. The patents have already been licensed by groups like the US National Security Agency, which paid $25 million back in 2003 for the right to use 26 Certicom patents, including the two in the Sony case. read more »
NY teen hacks AOL, infects systems - Network World: "A New York teenager broke into AOL LLC networks and databases containing customer information and infected servers with a malicious program to transfer confidential data to his computer, AOL and the Manhattan District Attorney's Office allege.
In a complaint filed in Criminal Court of the City of New York, the DA's office alleges that, between December 24, 2006 and April 7, 2007, 17-year old Mike Nieves committed offenses like computer tampering, computer trespass and criminal possession of computer material. read more »
What MSN, Google, Yahoo and AOL Know About You: "hotgist writes 'America's top four Internet companies, Google, Yahoo, AOL and Microsoft's MSN, promise they will protect the personal information of people who use their online services to search, shop and socialize. But a close read of their privacy policies reveals as much exposure as protection. read more »
Delicious
Digg
Reddit
Google
Yahoo
Technorati