Shostack + Friends Blog Archive

 
 
 

"Contrasts in presentation style"

“Contrasts in presentation style: Yoda vs. Darth Vader” is brilliant! How can I not love a mash-up of what you do and Star Wars?

 

TSA Records

Back in August, (“Demand Your records“) I mentioned the effort to request, under the Freedom of Information Act, records relating to the TSA’s illegal data grab on Americans. In December, I got a response, and share a redacted copy here. All redactions are mine. (The whole process of redaction is remarkably difficult, but that’s a […]

 

Workshop on the Economics of Securing the Information Infrastructure

Workshop on the Economics of Securing the Information Infrastructure October 23-24, 2006 Arlington, VA Submissions Due: August 6, 2006 (11:59PM PST) Has just been announced. There’s a great topics list, and a great list for the program committee. It should be quite the workshop.

 

New Passports More Secure than Wet Paper Bags (Barely)

Remember the US Government plan to put a radio chip in your passport? The one whose security has never been seriously studied, whose justification seemed to boil down to a hope that it would speed processing, but even that was wrong? The one whose security gets worse every time anyone competent looks at it? Well, […]

 

On Disclosure

In comments on “Bank of America Customers Under Attack,” Options Scalper writes: I’m uncertain of the “mandatory disclosure” that you discuss here. If by this you mean of data lost in transactions similar to what you mention above, I agree. But if you mean data from the call center to determine the level of theft/fraud […]

 

Musings on The Future of the State

I love the little corners of the law that is ancient rights and privileges. They illustrate ways in which our institutions have evolved, and from where they came, we can learn much about where they may go. That’s why I was delighted to read “Russian-Israeli who Left Newfoundland and Labrador Church Sanctuary Is Deported.” Church […]

 

Newspeak Alert

Dear San Jose Mercury News, In re your article, “Date set for hearing on Google data-sharing.” It’s not sharing when you’re holding a court hearing. It’s a demand. I share my toys with my friends. The man with a gun demanded my wallet. Please make a note of it. PS: If you didn’t promulgate the […]

 

Langley, British Columbia, Canada, 1,000 medical records, courier firm

There are calls for tougher guidelines in the handling of private information after 1,000 medical files went missing when a courier car was stolen in Langley on Thursday. The courier company says the driver left the car running for less than a minute. When the car was stolen, so was a box of health records […]

 

State of Rhode Island, 4,118 or 53,000 CC, Hacker

Thousands of credit card numbers were stolen from a state government Web site that allows residents to register their cars and buy state permits, authorities said Friday. The private company that runs http://www.ri.gov said that 4,118 credit card numbers had probably been taken, a state official said. All online transactions were suspended Friday until any […]

 

Octopus vs. Submarine

Rare video footage shows a giant octopus attacking a small submarine off the west coast of Vancouver Island. Salmon researchers working on the Brooks Peninsula were shocked last November when an octopus attacked their expensive and sensitive equipment. The giant Pacific octopus weighs about 45 kilograms, powerful enough to damage Mike Wood’s remote-controlled submarine. From […]

 

Providence Home Services, 365,000 medical records, Car Thief

About 365,000 hospice and home health care patients in Oregon and Washington are being notified about the theft of computer backup data disks and tapes late last month that included personal information and confidential medical records…In an announcement yesterday, Providence Home Services, a division of Seattle-based Providence Health Systems, said the records and other data […]

 

Providence Home Services, 365, 000 people, health records, theft from employee vehicle

From Computerworld (via Slashdot) we learn that a home health care business deliberately sent patient info home with an employee as part of their disaster recovery plan. I’m serious. Now, unless this guy lives under Cheyenne Mountain, I’m saying that’s a dumb plan. Anyhoo, some of the information was encrypted, but much of it was […]

 

Choicepoint to Pay $15M Fine

Atlanta-based data aggregator ChoicePoint today agreed to pay $15 million to settle charges that it violated federal consumer protection laws when it allowed criminals to purchase sensitive financial and personal data on at least 163,000 Americans. The settlement addresses a pair of lawsuits filed against ChoicePoint by the Federal Trade Commission and represents the largest […]

 

Ameriprise, 230,000 SSNs, Stolen Laptop

On Wednesday, Ameriprise Financial, an investment advisor firm, said that a company laptop stolen from an employee’s parked car in December contained the personal information of some 230,000 customers and company advisors, The New York Times reports. The sensitive information contained in the laptop included the names and Social Security numbers of roughly 70,000 current […]

 

Introducing Debix

I’m at Black Hat Federal this week, helping introduce Debix. Of all the systems that I’ve heard about to combat identity theft, Debix’s stands far above the crowd, which is why I’ve joined their advisory board: In the physical world, we have the ability to place locks on everything from cars to safety deposit boxes […]

 

UDel breach twofer

The University of Delaware “UDaily” reports on two breaches: [A] computer in the School of Urban Affairs and Public Policy was attacked sometime between Nov. 22-26 by an unknown hacker, and it contained a portion of a database that included Social Security numbers for 159 graduate students. […] A back-up hard drive was stolen from […]

 
 

From the Do As We Say Dept.

Everyone knows that the Motion Picture Association of America is very much against unauthorized copying of movies. Then why is the MPAA admitting that it copied a movie, when it was specifically told not to by the copyright owner. The movie in question is Kirby Dick’s This Film Is Not Yet Rated. According to the […]

 

Various Oregon credit unions, debit cards, organized fraud ring?

This one seems to have slipped below the radar. From the January 25 Corvallis, Oregon Gazette-Times: Fair Isaac Corp., a Minnesota-based data security provider, late last week alerted the OSU Federal Credit Union, Citizens Bank, Benton County Schools Credit Union and Central Willamette Community Credit Union that customer debit cards bearing the Visa imprint may […]

 

NSA Wiretaps: General Hayden Speaks

In “Hayden Delivers Impassioned Defense of NSA,” Powerline excerpts Hayden’s Speech to the National Press Club (PDF). One section that jumped out at me was: GEN. HAYDEN: You know, we’ve had this question asked several times. Public discussion of how we determine al Qaeda intentions, I just — I can’t see how that can do […]

 

Two On Vulnerability Disclosure

Ed Moyle has a very good post, “Inside Oracle’s Patch Kimono,” in which he compares Oracle’s process for working with vulnerability researchers with that of Microsoft. I’d like to add two really small bits: First, I’d have compared to the (MS-dominated) Organization for Internet Safety, and second, all of these put insufficient value on secondary […]

 

Notre Dame, SSNs+CC#s+Check Images,hacker

Not much detail on this one, but it looks like a box used for fundraising purposes got 0wned. The intrusion was detected by “security software” on January 13, but the intrusion itself is said to have occurred between November 22 and January 12. [I guess they run Tripwire monthly ;^)]. Information potentially obtained by the […]

 

Lockpick Business Card

A hacker, entrepreneur, and all around mischief maker, Melvin wanted something he could give to peers and prospective clients that spoke of this nature. Talk about a card that opens doors! Via Boingboing.

 

Investing in Identity Theft: The Job Fair

For Aisha Shahid and dozens of others who went to an advertised job fair in Chattanooga and got offers of nightclub work in Atlanta, Memphis and Miami, the “dream jobs” turned out to be an identity theft scam. A man who identified himself as record company and music group president William Devon took applications and […]

 

University of Kansas, 9,200 SSNs, IT Department

[Update: Fixed headline, thanks to to anonymous.] Students who applied via the online application put out by the Department of Student Housing were alerted through either an e-mail or a letter that their private information might have been exposed. According to a University Relations news release, a computer file with names, addresses, birth dates, phone […]

 

CodeCon 2006

The program for CodeCon 2006 has been announced. CodeCon is the premier showcase of innovative software projects. It is a workshop for developers of real-world applications with working code and active development projects. All presentations will given by one of the lead developers, and accompanied by a functional demo. Early registration ends Jan 31.

 

The Trouble With Illicit

[Update: I meant to tie this more closely to “Illicit” book review, because I think this illustrates those hard choices.] There’s some fascinating competing legal goals on display in the Washington Post story “Area Police Try to Combat a Proliferation of Brothels:” “Sometimes it takes five or six interviews to break these girls [sic], to […]

 

Bank of America Customers Under Attack

The Seattle Post Intelligencer asa story, “B of A Customers Hit By Thefts,” about cash withdrawals being made overseas: According to customer service representatives at Bank of America, there have been numerous reports of checking account fraud in Seattle, but many more incidents being reported from other states. The increases in fraud reports are generally […]

 

Pro-User Zealot!

Get the bumper sticker! The background is that a Canadian MP, Sam Bulte, referred to people other than her film and music business corporate backers as “pro-user zealots” at an all candidates meeting. (Michael Geist has a good summary in “The Bulte Video, Boingboing has covered it extensively, and Technorati can help you find lots […]

 

Happy Birthday, CVE!

The sixth presentation was based on a paper titled “Towards a Common Enumeration of Vulnerabilities” by David E. Mann and Steven M. Christey from the MITRE Corporation. This presentation also generated considerable interest from the audience. They tackled the problem of dealing with several heterogeneous vulnerability databases and presented the Common Vulnerability Enumeration (CVE) mechanism […]

 

What Software Do I Like?

In a comment on “Software Usability Thoughts: Some Advice For Movable Type,” Beau Smith asks “What Mac software do you like?” That’s a tough question for three reasons: First, there’s enough decent software (consistent, attractive, discoverable) that the bad stuff can generally be avoided. Secondly, I’d like to choose examples which are either free or […]

 

UK various breaches

Deptarment of Work and Pensions, 8,800 identities Her Majesty’s Revenue and Customs (HMRC) was forced to close down the tax credits website at the start of December last year, after a spate of fraudulent claims came to light which exploited the stolen identities of Department for Work and Pensions staff. Network Rail, 4,000 identities Primarolo […]

 

Do no evil

As readers of this blog probably are already aware, Google has been subpoenaed. The United States government is demanding, in part, that they provide a list of all URLs they index. This is something I’d expect them, or any other search firm, to want to keep secret. Imagine my surprise when I read this in […]

 
 

Reacting to Web Pages

Researchers led by Dr. Gitte Lindgaard at Carleton University in Ontario wanted to find out how fast people formed first impressions. They tested users by flashing web pages for 500 msec and 50 msec onto the screen, and had participants rate the pages on various scales. The results at both time intervals were consistent between […]

 

More on "A Ping" Privacy Invasion

Before I’d had much in the way of coffee, I thought that the “Firefox Ping URLs” might offer a way to scan the web for sites to avoid. It would be simple. For each site mentioned in a ping URL, add it to a blacklist. The trouble with this is that the same set of […]

 

Firefox Ping URLs

It’s all over the internet that Mozilla has added a “ping” attribute to URLs: I’ve been meaning to blog about a new web platform feature that we’ve added to trunk builds of Firefox. It is now possible to define a ping attribute on anchor and area tags. When a user follows a link via one […]

 

Known unknowns?

Oracle has just released fixes for 82 vulnerabilities. After taking several paragraphs to say “Many experts external to Oracle feel that patches for critical vulnerabilities are too slow in coming from the esteemed database giant, and have criticized the company for its slowness in responding to reports originating with outsiders”, Brian Krebs notes that security […]

 

BSD Kernel Stack Overflow

An integer overflow in the handling of corrupt IEEE 802.11 beacon or probe response frames when scanning for existing wireless networks can result in the frame overflowing a buffer. From the FreeBSD Advisory. Researcher advisory is at Signedness.org. No word yet on if Macs are vulnerable. I think Richard at TaoSecurity sums it up well: […]

 

Brokerage account zero liability

E*Trade is implementing a program under which it will reimburse on-line fraud victims for their losses, according to a New York Times report This is an interesting step. Now the question is whether investors who prefer to use their pet’s name as a password will shift their accounts to E*Trade :^)

 

On the NSA Wiretaps

One of the noteworthy aspects to the ‘NSA Wiretap’ revelations is how it has galvanized a broad swath of people, far beyond the “usual suspects” to state that the program was a mistake, and we need to function within the rule of law. For example, Suzanne Spaulding, former assistant general counsel at the CIA: Before […]

 

Dear Recruiter

Hi, My name is () and I am a recruiter for (). I came across your name on an internet search and wanted to tell you about our opportunities available within our NYC and Houston locations. (), a key component of the firm’s () practice, provides the building blocks for a secure and protected business […]

 

Roll Clouds

These rare long clouds may form near advancing cold fronts. In particular, a downdraft from an advancing storm front can cause moist warm air to rise, cool below its dew point, and so form a cloud. When this happens uniformly along an extended front, a roll cloud may form. Image and text from “Astronomy Picture […]

 

Russell Tice and NSA Wiretaps

Democracy Now has a radio interview, downloadable in several formats, and a transcript at “National Security Agency Whistleblower Warns Domestic Spying Program Is Sign the U.S. is Decaying Into a “Police State.” Reason’s Julian Sanchez has an interview “Inside The Puzzle Palace:” REASON: You’re referring to what James Risen calls “The Program,” the NSA wiretaps […]

 

The Remittor and the Money Launderer

Ethan Zuckerman has a great post about the practicalities of international workers sending money ‘home,’ “Remittance – the big business of sending money home:” It’s difficult to overstate the importance of remittance income to most African nations and many developing nations. Nworah cites a figure of $300 billion dollars sent from diasporas to developing nations […]

 

Hotel Room Keys

For example, last fall, an IT director at a travel club in Wyomissing, Pa., told Computerworld that he had found personal information on magnetic hotel key cards when visiting three major hotel chains. The IT professional said he read the cards using a commonly available ISO-standard swipe-card reader that plugs into any USB port. At […]

 

Liberty Breeds Security

Another method, says Princeton University economist Alan B. Krueger, is to increase the civil liberties of the countries that breed terrorist groups. In an analysis of State Department data on terrorism, Krueger discovered that “countries like Saudi Arabia and Bahrain, which have spawned relatively many terrorists, are economically well off yet lacking in civil liberties. […]

 

Illinois Department of Human Services, client names and SSNs, misconfigured voicemail

“To leave a message, press ‘1234’ and listen to confidential client voicemail containing SSNs and other identifying information”. The compromised information dated back to mid-November 2005. Additional details at the Belleville News-Democrat, which notes that this is a repeat offender — the same office left unshredded confidential documents in a trash bin until the paper […]

 

Real ID Even More Expensive Than Predicted

Bruce Schneier links to an AP article about the hideous costs of the RealID Act. Early estimates were for $120 million, current estimates are for $300 million for the first year alone, and that’s just for three states, Pennsylvania, Virginia and Washington state. So we can safely say that nationally we’re looking at billions of […]

 

Quicktime WMF like Vulns on OSX and Windows

The folks at eEye and Fortinet have identified a variety of image based heap overflows that allow for arbitrary code execution on both OSX and on Windows. Also an article on news.com.com claims that the patch initially caused some issues for some users on both platforms, that have been addressed now. Seems that poor implementation […]

 

Steve Jobs and Presentations

Public speaking is an art, but like every art it depends not only on innate talent, but also on mastery of a set of technical skills which empower the artist to share their vision with an audience in a compelling way. Presentations by Steve Jobs are unique, not within the computer industry, but across business. […]

 

More Victims of Money Laundering Regulations

In a comment on “Atlantis Resort (Bahamas) 50,000, Hacker,” Ian Grigg explains that the reason Bahamas Casinos collected 55,000 SSNs is that the various and sundry “anti-money laundering” regulations force them to, or be labeled “naughty.” Err, ‘non-compliant.’ How’s that for NewSpeak? There’s a pretty large steamroller behind such rules and regulations, and the push […]

 

People's Bank of Connecticut, 90,000 SSNs, UPS & TransUnion

A computer tape from a Connecticut bank containing personal data on 90,000 customers was lost in transit recently, the bank reported today. People’s Bank, based in Bridgeport, Connecticut, is sending letters to the affected customers, it said in a statement. The tape contains information such as names, addresses, Social Security numbers and checking account numbers. […]

 

Friendster this ain't!

When you’re facing hard time, and the chips are down, you need to hunker down and dig up all the dirt you can on the stool pigeon who fingered you. That’s where whosarat.com comes in: Who’s A Rat is a database driven website designed to assist attorneys and criminal defendants with few resources. The purpose […]

 

ToggleBth

At the Windows Mobile team blog, Mike Calligaro releases a bunch of cool freeware, including a simple Bluetooth toggler. This will make demo’ing the Smurf Bluetooth logger sooo much easier. Thanks Mike!

 

Bug Scrubs and Learning From Mistakes

There’s a story at CNet, “Microsoft to hunt for new species of Windows bug:” Microsoft plans to scour its code to look for flaws similar to a recent serious Windows bug and to update its development practices to prevent similar problems in future products. Now, its’s easy to kick Microsoft for not having perfect code, […]

 

Adam's Email Troubles

This morning I got two different emails saying something like “I need an answer to that question.” Trouble is, I hadn’t seen the original emails. If you’ve sent me email lately, and not heard back, please resend it. I’m trying to respond to every email within 24 hours so I can get a clean inbox. […]

 
 

Atlantis Resort (Bahamas) 50,000, Hacker

Customers of the Atlantis resort in the Bahamas have reason to worry this week, as over 50,000 identities have been taken from the hotel’s database. The information was revealed in a document submitted to the Bahamas Securities and Exchange Commission. The information includes typical information such as names, addresses and credit card details, but also […]

 

Winnebago County (IL), Several SSNs, Winnebago County Clerk

ROCKFORD, Ill. – The Winnebago County Clerk is apologizing for releasing a list of election officials that included Social Security numbers. County Clerk Dave Johnson said an employee forgot to blacken out the numbers before giving the list of Democratic election judges to county clerk candidate Jeff Polsean. The Illinois Freedom of Information Act exempts […]

 

Brain fingerprint clears prisoner

Wow. An innocent man has been freed based upon his “brain fingerprint”. This happened over a year ago, but hey, I’ve been busy. The murder conviction of an Iowa man was overturned last year by that state’s highest court on the basis of a new technique called “brain fingerprinting”. Terry Harrington had served more than […]

 

SubDomain GPL'd

AppArmor, the security tool formerly known as SubDomain, has been released under the GPL by Novell. See the Apparmor FAQ or the CNET story, “Novell delivers security shield for Linux computers.” If you need another layer of resilience for your Linux systems, take a look.

 

Device ID and Privacy

Unique, hardcoded device IDs are bad for privacy. We hate them. Our friends hate them. So its nice to see that Microsoft is making it harder to get to them: GetDeviceUniqueID attempts to address these issues and to reduce applications dependency on the precious device id. Firstly GetDeviceUniqueID can be called from the trusted or […]

 

RFID Zapper

I’ve been mulling over John Robb’s description of the (very cool) RFID zapper the Chaos Computer Club demoed at their conference. He calls them “the German branch (privacy activists) of the global guerrilla innovation network.” He also states that “In order to correctly route and track items from inception to purchase, these chips are attached […]

 

Anonymous Blogging Wiki!

The Blog Safer Wiki was announced by the Spirit of America’s Anonymous Blogging project. There’s a lot of technology know how, and a lot of cultural issues that go into this, and Curt is doing a great job at bringing the technical knowledge to those who need it, and helping them help each other: Spirit […]

 

Google's Video "Store"

Justin Mason has some thoughts in “Google DRM and WON Authentication:” That’s interesting. In my opinion, given that quote, I’ll bet Google’s DRM is something similar to the copy-protection systems used for many games since about id’s Quake 3 and Valve’s Half-Life; an online “key server” which validates codes, tracks player IDs, and who’s viewing […]

 

"High Assurance" Certificates

Following up on previous posts on the concept of high assurance certificates (“Web Certificate Economics“), I’d like to draw attention to a CSOOnline blog post, “Phishers Now Targetting SSL:” The spoofing has taken a number of forms, which appear to be becoming highly sophisticated. They vary from exploiting browser flaws, to hacking legitimate sites or […]

 
 

Mobile Phones, Modernity, and Stress

The study, which followed more than 1,300 adults over 2 years, found that those who consistently used a mobile phone or pager throughout the study period were more likely to report negative “spillover” between work and home life — and, in turn, less satisfaction with their family life. From “Cell phones tied to family tension,” […]

 

On Grammar

I have friends who believe that grammar is handed down from on high, either by Safire, or Strunk and White, or some are strange adherents of something they call ‘Chicago.’ One of them even argues that the rules of grammar are no subject to evolution. Which is odd, given that we’re speaking really bad French, […]

 

EPIC West

I realized today that Chris Hoofnagle’s blog at EPIC West wasn’t on my blogroll. He’s had lots of important posts up lately, from the informational (“ CA OPP: 13 New Privacy Laws in Effect“) to the amusingly disgusting (“Pretexting Isn’t Lying, According to Bestpeoplesearch.com“) California’s Office of Privacy Protection just released an announcement that 13 […]

 

How to Blog for Your Company

Here at SiteAdvisor, we strongly believe in the importance of this feature. But we admit that so far we’ve done a mediocre job explaining our motivation and our initial implementation. So writes Chris Dixon in “The Role of Affiliates in Spyware, Adware, and Spam.” Chris is using the Siteadvisor blog as an extended discussion of […]

 

Beautiful Evidence, by Edward Tufte

After 9 years, I have completed Beautiful Evidence, except for the index and a few loose ends. We are currently proofing some difficult images on press, negotiating with printers, planning the order for paper and binding, and working through other production issues. Probably the major threats to breaking the schedule will be in color-correcting images […]

 

Privacy Competition in Politics

Two leading governor candidates are trying to outdo each other in protecting Minnesotans’ privacy…The candidates’ dueling news conferences produced more politics than policy, with each charging the other with not doing enough to protect citizens’ privacy. From “Governor is seeking privacy law changes.” I don’t like some of the proposals. It seems to me that […]

 

Brilliant Evil Redux

Following up with further conspiracy theory on Adam’s post, I also have to wonder just how accidental it was that a properly cryptographically signed version of the patch for WinXP was “posted to a community site” yesterday. Given the pressure to quickly product a patch combined with the one produced by Ilfak Guilfanov, it wouldn’t […]

 

WMF Patch Timing: Brilliantly Evil?

If you’ve followed the “WMF Vulnerability” that’s been all over the security blogosphere, with leaks into the mainstream media, then you know that today Microsoft released a patch. (If you don’t know this, please just go run Windows update.) I haven’t talked about it because I haven’t had much to add, but today’s release of […]

 

Microsoft, China, and Cultural Imperialism

Rebecca MacKinnon has a post on Microsoft’s removal of a blog, run by Michael Anti from their MSN Spaces blog site. (“Why Microsoft censorship in China matters to everybody.”) I’m finding the justifications and responses (both official and unofficial) to be fascinating and ultimately confusing. Matt Marshall at SiliconBeat has “Microsoft and Bokee mired in […]

 

Two Quick Notes

I’d like to remind everyone that Emergent Chaos now has three people posting, not just Adam. I see comments and links that assume I’m writing everything here, which is a little demeaning to Chris and Arthur. Also, I’d like to remind people that I maintain del.icio.us bookmarks of things I find interesting, but don’t have […]

 

The Machinery of Repression

The New York Times reports on the completion of the first phase of the treat-visitors-like-criminals US-Visit system. The article is informative, and tells us: The fingerprint check at the borders has turned up just 970 hits of visa violators or criminal suspects. The total rises to about 15,000 with inclusion of the cases identified overseas […]

 

Thoughts on Farris Hassan, the 'Iraq Teenager'

If you haven’t read about Farris Hassan and his trip, take a minute to do so. He flew to Iraq to learn what was going on. I’d like to start by congratulating the teachers at Pine Crest School. How often, today, are teachers so inspiring? The goal of school should be to develop both a […]

 

Security Stickers

Today I received a great add for a newish security company, Devicewall. They are yet another company providing a solution for prevention of intellectual property theft. They sent me a stack of humorous stickers saying things like: “This Computer is Protected by BRSD Technology. Big Red Sticker of Doom technology leverages our natural fear of […]

 

Illicit

Illicit, by Mosés Naím is a tragic book. It is considered, insightful, wide-ranging, deep, and so close to amazing. Had Naím gone just a little further, it could have been brilliant, and the tragedy is that he didn’t. Perhaps I should back up, and explain. Naím is the editor of Foreign Policy. He has written […]

 

H&R Block, Unknown # of SSNs, Mailing Labels

Stories like this one make me scratch my head and wonder, what is a breach? What should this category cover? Why do I blog these things? Why are we here? Why are you here? And what are those clowns doing over there? However, since we sent you this CD, we have become aware of a […]

 

University of San Diego, 7800 people, W-2 information, "hackers"

One that I missed. The executive summary is that somebody, somehow, got into the machine that prints W-2s for the university. The University sent out an undated disclosure letter which was very sparsely detailed — “one of the worst” seen by Beth Givens of privacyrights.org, who’s seen plenty of ’em. Story is at the San […]

 

Iowa State (again!), 3000 SSNs+2500 encrypted CC#s, "hacker"

The Des Moines Register reports on a December, 2005 breach at Iowa State: [3,000 ISU employees’] personal data might have been viewed by hackers who infiltrated two computers earlier this month. One held about 2,500 encrypted credit card numbers of athletic department donors. The second computer contained Social Security numbers for more than 3,000 ISU […]

 

Identity Theft Poster Girl

..may just have been found! The Associated Press reports that Fashion model Beverly Peele was arrested on identity theft charges for allegedly buying around $10,000 worth of housewares, appliances and furniture by using credit card numbers without permission, authorities said Friday. […] The complaint filed against the 30-year-old alleges she charged furniture, a refrigerator, a […]

 

Slipping through the analog hole

I have a number of LPs which gradually I am ripping to disc, using The Analogue Ripper (which is adequate but I’m not raving). At the moment, I’m recording an old blues album I haven’t listened to in probably ten years. Naturally, then, I thought of “The UPS Song“, which you can even listen to. […]