March 2005

Alacrablog discusses a Morgan Stanley research report: Certainly manageable numbers, but I think the report underplays both the potential growth in these markets prior to these incidents and the rising costs due to increasing regulation of the data brokers. There’s also an interesting post rounding up the SIA Anti-Money Laundering conference. The Atlanta Business Journal…

Read More Choicepoint, March 29-31

With the announcement yesterday of a stolen laptop with 30 years of alumni social security numbers on it, and the October break-in that led to 1.4 million people being exposed, how long until California forbids the University from holding such numbers? Clearly, they’re not to be trusted; students have no choice but to provide that…

Read More Three Times is Enemy Action

The other day, Samablog and I did some P2P mining, after Michelle Malkin blogged about it. She links to P2P Provides Safe Haven For Pedophiles. There, Rick shows screen captures of extremely disgusting file names (“2 yo getting raped during diaper change”). He doesn’t download any files, but takes this as evidence for his title.…

Read More P2P, Filenames

EPIC has obtained documents which… … reveal that Choicepoint proposed the sale of detailed personal information to the Bureau for law enforcement purposes. The documents show an extraordinary range of data sources, including e-mail registration, cookies, spyware, employment screening reports, motor vehicle records, drug screening results, professional licensing, Social Security Numbers, wireless phones records, and…

Read More Choicepoint, March 27-28

The US Government is pushing a plan to add radios to every passport in the world. These radios will broadcast all the information in your passport to any immigration officer, id thief, or terrorist who wants it. Want to see if there are more Americans on the right or left side of the plaza? No…

Read More RFID Kills

Michael Howard mentions that Microsoft has published their Software Development Lifecycle for security. Slag all you want, but I don’t see a lot of other vendors doing this. And now, if you need leverage to get buy in, you can either say, “We should emulate Microsoft…” or “Even Microsoft does…” It’s a win. Thanks for…

Read More Microsoft Security Lifecycle