Something is seriously wrong when the New York Times has an article “I.R.S. Finds Sharp Increase in Illegal Political Activity,” and fails to mention the free speech issues associated with the claptrap coming out of Congress: While pointing out the extent of the problem, the agency published more guidance for nonprofit organizations, including examples of…Read More "Illegal Political Activity"
The title is of course stolen from Dan Geer. By now, many readers of these words will be familiar with the recent finding in Guin v. Brazos Higher Education Services [pdf] that a financial Institution has no duty to encrypt a customer database. In dismissing the case with prejudice, the court took note of an…Read More The future belongs to the quants
In a trenchant comment on “Secretly Admiring,” Victor Lighthill writes: Not to disrespect Ron Rivest or Credentica’s Stefan Brands, but patenting your ideas in crypto is, historically, a great way to ensure that it takes them 15 years to go from concept to use. While there may be important grains of truth in this, and…Read More New Products, Emerging From Chaos
You know breaches are reaching the public consciousness when spammers use them to make money. I got this in email yesterday, along with a URL that I don’t feel like linking. Banks would do really well to send less email with the words “click here,” and more saying “visit our site using a bookmark.” Good…Read More Subject: Attention! Several VISA Credit Card bases have been LOST!
UAE running our ports? CFIUS is cool with that. Israeli ownership of an IDS company? Now hold on there, pardner. Hat tip to Richard Bejtlich.Read More More CFIUS fun
Via news.com.au: BANK statements, including customers’ private details, were left on the side of a busy Sydney road after the documents fell off the back of a truck. The confidential account information and credit card statements of thousands of Commonwealth Bank customers were left lying on the Hume Highway at Warwick Farm, in Sydney’s south-west,…Read More "It fell off the truck. No, really."
As reported in The Australian, a group of co-ordinated criminals stole over 40 millions pounds in cash from a processing center. They did so, by the expedient process of dressing up as police officers and kidnapping the wife and child of one of the center’s managers. They then were escorted on site where they subdued…Read More 40 Million Pounds Sterling Stolen from British Bank
In the largest known compromise of financial data to date, CardSystems Solutions, Inc. and its successor, Solidus Networks, Inc., doing business as Pay By Touch Solutions, have agreed to settle Federal Trade Commission charges that CardSystems’ failure to take appropriate security measures to protect the sensitive information of tens of millions of consumers was an…Read More In The Future, Everyone Will be Audited for 20 Years (CardSystems Analysis)
By now, most have heard about Dubai Ports World, a foreign entity, assuming control of operations at various U.S. ports. The arguments around this transaction are predictable and uninteresting. One thing that is clear is that the Committee on Foreign Investment in the United States (CFIUS) is legally mandated to consider such deals. In fact,…Read More Ephemeral port security
Nothing we ever create, especially software, is ever perfect. One of the banes of professional systems administrators is the software update process, and the risk trade-offs it entails. Patch with a bad patch and you can crash a system; fail to patch soon enough, and you may fall to a known attack vector. The mobile…Read More Updating Windows Mobile Phones