Let’s look at some data
Paul Murphy has made some predictions for 2007. EC readers can judge their value.
Mr. Murphy makes one comment on data breaches that I can’t resist reacting to (after the jump), however.
Paul Murphy has made some predictions for 2007. EC readers can judge their value.
Mr. Murphy makes one comment on data breaches that I can’t resist reacting to (after the jump), however.
(Via Kip Esquire.)
As if Barbie isn’t a bad enough role model, it seems that at least one Bratz doll came complete with actual marijuana as an after-market accessory. The unlucky recipient’s mom quickly called 911 when she found the contraband packaged with the doll she received in the mail, having thought it was an identical doll she […]
In a scary story, the Christian Science Monitor reports “US creates terrorist fingerprint database:” Last year, the Department of Homeland Security (DHS) announced the completion of a database system that collects electronic fingerprints of both the index and middle fingers of every noncitizen entering the US. The system now documents 64 million travelers. The Homeland […]
In the Christmas double issue of The Economist, there is an interesting article about Google’s new domain-level email services and their applicability to business. I’m traveling, so I listened to the podcast version. I’m not going to criticize Google today. I think Gmail is a good service. I have several Gmail accounts. I am personally […]
Here’s the lead story in this week’s CSO magazine. I’m sure glad we no longer have to worry about breaches or compliance and can focus on whether we’re wearing the right things.
The BBC reports that Modern measuring methods proved that Liechtenstein’s borders are 1.9km (1.2 miles) longer than previously thought. The border has been changed in some of the more remote corners of the mainly mountainous state, which has now grown in size by 0.5sq km (123 acres). Black Unicorn tattoo by Monique’s Euro Tattoo and […]
Michael Arrington writes at Techcrunch about a former law firm, all of whose records are going to be opened to the public: Brobeck, Pleger & Harrison LLP was a well known law firm in silicon valley during the first Internet boom. They had thousands of startup and public company clients and handled all aspects of […]
Nick Owen posts his favorite blog posts of the year. I have my favorites, but I’m curious. What are yours? What do you remember? We’d love to know.
In “The Vehicular Thomas Crowne Affair: how to creatively defeat photo radar,” Scrollin On Dubs points out that: I just got my plate from AZ DMV and happily installed it this morning. It can still be read by the keen eye but from one of those crappy photo radar pictures it will be a non-trivial […]
In March of 2005, Alec Muffett predicted “National loyalty cards,” and I mocked him for it. Since then, I’ve decided that all non-trivial privacy fears come true. And since then, Alec’s plan has taken another step. The BBC reports about a new “Blair plan for ‘people’s panels’.” No, I didn’t make that up, Comrade. He […]
Blaugh.com via Canadian Privacy Law blog (who’s had a good series of privacy and liberty cartoons up lately).
Saar Drimer and Steven Murdoch will be getting lumps of coal from the banking industry, and amused laughter from the rest of us: It is important to remember, however, that even perfect tamper resistance only ensures that the terminal will no longer be able to communicate with the bank once opened. It does not prevent […]
James Brown (May 3, 1933 – December 25, 2006)
I’ve made explicit that that email addresses are optional when commenting. I’ve added easy links to Del.icio.us, Digg, Reddit, Furl, YahooMyWeb and NewsVine. If you have a bookmark system you’d like me to add, let me know. [Update: More navel gazing: added dates to post footers, and fixed underlining for links in the […]
The Department of Homeland Security (DHS) Privacy Office conducted a review of the Transportation Security Administration’s (TSA) collection and use of commercial data during initial testing for the Secure Flight program that occurred in the fall 2004 through spring 2005. The Privacy Office review was undertaken following notice by the TSA Privacy Officer of preliminary […]
In “Radical Transparency to improve resilience,” John Robb posts about Chris Anderson’s ‘radical transparency:’ Think about how these tactics can be applied to societal resilience: Show who we are. Show what we are working on. “Process as Content.” Privilege the crowd. Let readers decide what is best (aka: wisdom of the crowd) Wikify (this another […]
If you’re coming here on a holiday weekend, you might be bored. So why not take advantage of this list of online video of 46 of “The 50 Greatest Cartoons?” PS: I can’t believe they put Gertie the Dinosaur above the Rabbit of Seville. Critics.
There’s an article in Wall Street and Technology, “When Risk Managers Cry Wolf.” It opens: Avoiding “reputation risk” is a common justification for increasing security measures, protecting customers’ financial information and reporting security breaches in a timely manner. But now more than 18 months after the big ChoicePoint incident when 163,000 bogus accounts were created […]
Daniel Akaka and John Sununu have introduced a bill to repeal title II of the Real ID Act. From the press release: The Identification Security Enhancement Act (S. 4117) replaces REAL ID with language from the Intelligence Reform and Terrorism Prevention Act of 2004 (P.L. 108-458), which took a more measured approach in mandating tougher […]
In “Stellar Lavarand,” Ben Laurie writes: Some crazy people think they can make a business of this, only using the solar wind, the clouds of Venus, the Northern Lights, Jupiter’s shortwave emissions and other cosmic events as their random source. Just like lavarand, this causes a moment of “oooo, shiny”, rapidly followed by “but why […]
The Wall Street Journal reported yesterday that “Stars Find Privacy Breached In Aspen by Phone Book” (behind paywall, sorry). According to the Journal: When the Yellow Book directory for Aspen, Colo. came out recently, residents of this ultra-chic ski town found it contained more than the usual list of local bars, hair salons and ski […]
Topping the list, Vodaphone has been fined $100M (€76M) for failing to protect 106 mobile accounts. “Greek Scandal Sees Vodaphone fined” at the BBC, via Flying Penguin. On this side of the Atlantic, Choicepoint, Experian and Reed-Elsevier are looking to pay $25 million to settle claims that they invaded the privacy of 200 million drivers […]
Mike Rothman writes: On the Wikid blog, they tackle the mess of incentive plans in this post (h/t to Emergent Chaos). I can see the underlying thought process, but I have a fundamental issue with the idea of capping information security expenses to about 1/3 of the expected loss. Now I haven’t read Gordon & […]
My friend Austin Hill has put up the Million Dollar Blog Post. They, and their sponsors, will donate up to a million dollars to charity, at $1 per comment. I think charity is tremendously important. I’ve been lucky enough to have a set of skills that are well rewarded in today’s world. (I’m reminded of […]
Do share your opinions and suggestions. Personally, I don’t read enough, and I stay within a too-narrow comfort zone of UNIX geek material. Help me, and other EC readers similarly situated. It’d be nice if the techie side of infosec was not the subject (Rich Bejtlich has that covered anyway) I wrote up a review […]
Cryptological in this case meaning those who like thinking about the hidden. Authorized Da Vinci Code Cryptex from The Noble Collection. It’s very nice, made of good, solid brass. It avoids many combination lock issues. I tried some obvious ways you can cheat a letter from such a device and it was well-made enough that […]
In Grant Gross’s IDG article, “VA Security Breach Bill Criticized by Cybersecurity Group,” CyberSecurity Industry Alliance General Counsel Liz Gasster is quoted extensively: The Veterans Benefits, Health Care, and Information Technology Act, largely focused on veterans’ health-care programs, includes a section on information security requiring the VA to report data breaches of any “sensitive” personal […]
The BBC reports that “Prozac ‘found in drinking water’” in Britain, and that: In the decade leading up to 2001, the number of prescriptions for antidepressants went up from nine million per year to 24 million per year, says the paper. They point to a Observer story, “Stay calm everyone, there’s Prozac in the drinking […]
Have a happy one. And thanks to TaranRampersad for the picture.
Someone sent me this picture. I thought I’d share.
In “Threatening Winds Likely to Close Major Bridges,” the Washington State department of transportation declares: WSDOT has never closed Tacoma Narrows Bridge for high winds. I don’t know that I’d be braggin’ about that. Picture from Wikipedia. [Update: They did in fact close the bridge. And I’m fine. Never lost power, no trees fell on […]
Ahmet Ertegun has passed away. Ertegun founded Atlantic Records because he loved music, and at 83, the BBC reports: He suffered a head injury when he fell at a Rolling Stones concert at New York’s Beacon Theatre in October, and died after slipping into a coma. (Emphasis added.) His book “What I’d Say: The Atlantic […]
So there’s been discussion here recently of how to motivate security professionals to do better on security. I think it’s also worthwhile to look at normal people. And conviniently, Bruce Schneier does so in his Wired column this month, “MySpace Passwords Aren’t So Dumb.” He looks at how MySpace users do in their passwords versus […]
hold the RFID. I just got my US passport renewed, and I was pleasantly surprised when it came back Old Skool — no RFID. I’m happy…until 2016 anyway.
Stefan Esser announced earlier this week that he was retiring from security@php.net citing irreconcilable differences with the PHP group on how to respond to security issues within PHP. Of particular interest is that he will be making changes to how he handles security advisories for PHP (emphasis mine): For the ordinary PHP user this means […]
Adam quoted some interesting thinking about infosec incentives. However, I’m not sure it’s that simple. Gordon and Loeb say that you shouldn’t spend more than 37% of an expected loss. However, at last summer’s WEIS (Workshop on the Economics of Information Security), Jan Willemson published a paper, “On the Gordon & Loeb Model for Information […]
Mordaxus is a longtime former cypherpunk with interests in anonymity, security and usability. He’s been involved in some of the biggest brands in security, and has entertaining stories about some of the most interesting events in information security history. He can’t tell those without giving away his secret identity, and so will focus on adding […]
First, assume that you believe, as discussed in Gordon & Loeb’s book Managing Cybersecurity Resources: A Cost-Benefit Analysis and discussed here that an organization should spend no more than 37% of their expected loss on information security. Second, assume that you agree with the Ponemon Institute on the cost of business data breaches: $182 per […]
Apparently it’s Identity Theft Tuesday here on Emergent Chaos. CNN reports that a “Hacker attack at UCLA affects 800,000 people”, which includes current and former faculty, students and staff. The initial break-in was apparently in October of 2005 and access continued to be available until November 21st of this year. I am stunned that it […]
“Protectors, Too, Gather Profits From ID Theft” in today’s New York Times tells the tale of woe of Melody and Steven Millett and her husband who despite a subscription Equifax’s Identity Theft protection service still had Steven’s SSN readily abused. Privacy consultant Robert Gellman summed up one of the problems with these services nicely: Identity […]
There’s a new blog, “Corruption-free Anguilla.” Long time cypherpunks will remember the joys of the Cable and Wireless contract with Anguilla. From the blog’s inaugural post: The need for such a site is based on the perception that there is much discussion in hushed tones about corruption. No one discusses the matter publicly. The press […]
History teaches you that dictators never end up well. Augusto Pinochet, November 25, 1915 – December 10, 2006
Ferran Adria, Heston Blumenthal, Thomas Keller and Harold McGee have issued a statement on the New Cookery: In the past, cooks and their dishes were constrained by many factors: the limited availability of ingredients and ways of transforming them, limited understanding of cooking processes, and the necessarily narrow definitions and expectations embodied in local tradition. […]
So it was a busy week, and I was behind everyone and their brother blogging about the Antikythera machine. Most of the articles only gave a few pictures. The one shown here is from Philip Coppens, who has great background. Also, courtesy of Stefan Geens, here are 3d views, courtesy of HP and Scientific American.
Ben Laurie has some knots from Second Life. Pretty.
There’s a really interesting story in the New York Times last Sunday, “Health Hazard: Computers Spilling Your History.” Money quote: Some patients are so fearful that they make risky decisions about their health. One in eight respondents in a survey last fall by the California HealthCare Foundation said they had tried to hide a medical […]
“Please put your bra in the bin,” at Flyertalk: items used to augment the body for medical or cosmetic reasons such as mastectomy products, prosthetic breasts, bras or shells containing gels, saline solution, or other liquids; and, … 1. Separate these items from the liquids, gels, and aerosols in your quart-size and zip-top bag. 2. […]
Or, “It’s not the crime, it’s the coverup”. It may be one problem airline security officials never envisioned — a passenger lighting matches in flight to mask odors from her flatulence. The woman’s actions resulted in an emergency landing on Monday in Nashville of an American Airlines flight bound for Dallas from Washington, D.C., said […]
Can a rocket powered mini match the distance of an olympic ski jumper? Watch and see. For a full explanation of the results read Popular Science’s breakdown of the experiment.
In “Citadel, Sensitive Data, and Plusfunds’ Bankruptcy” Paul Kedrosky looks at the impact of youthful chattiness on an industry: Apparently hedge fund Citadel is trying to purchase data from bankrupt Plusfunds that would detail trading strategies at some of its major competitors. The latter company had run a hedge fund index underlying which were trading […]
At MSNBC, Bob Sullivan writes about Gift Cards: Why Cash is Still Better: I’ll show you how a $50 bank card will cost you $60 and could easily be worth only $40 to the recipient. We know, it’s the practical tips that keep you coming back day after day. Image by rgluckin.
Two Seattle Seahawks fans are suing the stadium for unreasonable searches: “There’s no specific reason, or identifiable credible threat to Seahawks fans and because the stadium is a public stadium, it is unconstitutional to require these pat-downs,” said Chris Wion, one of the Seattle lawyers representing the plaintiffs. “I think this is the same type […]
Ed Felten points out that “NIST Recommends Decertifying Paperless Voting Machines:” In an important development in e-voting policy, NIST has issued a report recommending that the next-generation federal voting-machine standards be written to prevent (re-)certification of today’s paperless e-voting systems. … The new report is notable for its direct tone and unequivocal recommendation against unverifiable […]
In “Our Tax Dollars at Work,” Phil writes: After half an hour I gave up on figuring out how to do my civic duty, and leveraged Adam for some help. He’s my go-to guy for this kind of thing. He has the kind of readership that provides answers in as little as forty earth minutes, […]
If you’ve ever lived in Cambridge, Mass, you’ve probably seen the sign. I recognized it instantly, seven years after I left Boston. It’s on Cambridge St, in East Cambridge. Boston’s Weekly Dig dug in: It’s one of the more puzzling quirks of the local cultural consciousness that Gould’s shop is almost universally known, yet few […]
There are days when I wish I was Boingboing. No, really. Because if I were Boingboing, I could blog about friggin’ Bacon of the Month Clubs all day long, and have a everybody on the planet clicking on my ads while I sat in my hot tub dictating posts. But we’re not. We have self-respect, […]
Security 2.0 indeed….. Thanks Illiad…. s/WEB/SECURITY/g Happy Saturday
Last night, I blogged about the ridiculous TSA Scores and how hard it is to comment on them. Then I realized that I don’t have a good sample comment. Well, I have lots of comments, but now and then we pretend that this is a family blog, and that anyone under 21 might be interested […]