David Kirkpatrick

April 23, 2012

Is your computer a zombie?

Filed under: Technology — Tags: , , , , — David Kirkpatrick @ 9:21 am

Find out here.

From the PhysOrg link:

For computer users, a few mouse clicks could mean the difference between staying online and losing Internet connections this summer.

Unknown to most of them, their problem began when international hackers ran an online advertising scam to take control of infected computers around the world. In a highly unusual response, the  set up a safety net months ago using government computers to prevent Internet disruptions for those infected users. But that system is to be shut down.

The FBI is encouraging users to visit a website run by its security partner,http://www.dcwg.org , that will inform them whether they’re infected and explain how to fix the problem. After July 9, infected users won’t be able to connect to the Internet.

July 31, 2010

Food for online privacy thought

Three recent articles to ponder about how much — or really, how little — your online privacy is protected.

First up, from the Wall Street Journal, your data is money. I’m pretty sure just about anyone who’s been using the web for any amount of time knows all about tracking cookies, data mining and all that. This article goes into detail on just how much, and how detailed, information top visited websites collect on visitors.

From the link:

Hidden inside Ashley Hayes-Beaty’s computer, a tiny file helps gather personal details about her, all to be put up for sale for a tenth of a penny.

The file consists of a single code— 4c812db292272995e5416a323e79bd37—that secretly identifies her as a 26-year-old female in Nashville, Tenn.

The code knows that her favorite movies include “The Princess Bride,” “50 First Dates” and “10 Things I Hate About You.” It knows she enjoys the “Sex and the City” series. It knows she browses entertainment news and likes to take quizzes.

“Well, I like to think I have some mystery left to me, but apparently not!” Ms. Hayes-Beaty said when told what that snippet of code reveals about her. “The profile is eerily correct.”

Ms. Hayes-Beaty is being monitored by Lotame Solutions Inc., a New York company that uses sophisticated software called a “beacon” to capture what people are typing on a website—their comments on movies, say, or their interest in parenting and pregnancy. Lotame packages that data into profiles about individuals, without determining a person’s name, and sells the profiles to companies seeking customers. Ms. Hayes-Beaty’s tastes can be sold wholesale (a batch of movie lovers is $1 per thousand) or customized (26-year-old Southern fans of “50 First Dates”).

“We can segment it all the way down to one person,” says Eric Porres, Lotame’s chief marketing officer.

Also from the WSJ in the same series is an article with more on the same as above with an emphasis on consumer-tracking technology used by the top 50 sites.

From the link:

The tracking files represent the leading edge of a lightly regulated, emerging industry of data-gatherers who are in effect establishing a new business model for the Internet: one based on intensive surveillance of people to sell data about, and predictions of, their interests and activities, in real time.

The Journal’s study shows the extent to which Web users are in effect exchanging personal data for the broad access to information and services that is a defining feature of the Internet.

In an effort to quantify the reach and sophistication of the tracking industry, the Journal examined the 50 most popular websites in the U.S. to measure the quantity and capabilities of the “cookies,” “beacons” and other trackers installed on a visitor’s computer by each site. Together, the 50 sites account for roughly 40% of U.S. page-views.

The 50 sites installed a total of 3,180 tracking files on a test computer used to conduct the study. Only one site, the encyclopedia Wikipedia.org, installed none. Twelve sites, including IAC/InterActive Corp.’s Dictionary.com, Comcast Corp.’s Comcast.net and Microsoft Corp.’s MSN.com, installed more than 100 tracking tools apiece in the course of the Journal’s test.

And not to leave the government out of the online privacy picture, this PhysOrg story on the access the Federal Bureau of Investigation has to your online data, including email, really adds to online privacy concerns. Or at least it should.

From the final link:

Federal law requires communications providers to produce records in counterintelligence investigations to the FBI, which doesn’t need a judge’s approval and court order to get them.

They can be obtained merely with the signature of a special agent in charge of any FBI field office and there is no need even for a suspicion of wrongdoing, merely that the records would be relevant in a counterintelligence or counterterrorism investigation. The person whose records the government wants doesn’t even need to be a suspect.

The bureau’s use of these so-called national security letters to gather information has a checkered history.

The bureau engaged in widespread and serious misuse of its authority to issue the letters, illegally collecting data from Americans and foreigners, the Justice Department’s inspector general concluded in 2007. The bureau issued 192,499 national security letter requests from 2003 to 2006.

In this June 28, 2010, file photo, Senate Judiciary Committee Chairman Sen. Patrick Leahy, D-Vt., gestures on Capitol Hill in Washington. Invasion of privacy in the Internet age. The administration’s proposal to change the Electronic Communications Privacy Act “raises serious privacy and civil liberties concerns,” Leahy said Thursday, July 29, 2010, in a statement. Expanding the reach of law enforcement to snoop on e-mail traffic or on Web surfing. Those are among the criticisms being aimed at the FBI as it tries to update a key surveillance law.

(AP Photo/Susan Walsh)

December 29, 2009

Out of this list of security predictions for 2010 …

… from PC World, here’s three I’d like to see come to pass:

* The FBI issues tens of thousands of security letters to get records on individuals without warrants. Congress investigates and is appalled at the FBI’s “underreporting”. The FBI promises to do better (see 2009, and 2008 and 2007….). The 4th amendment continues to erode into meaninglessness.

* Real ID dies a deserved death and is abandoned in 2010. The brain dead idea of better-security-via-universal-ID unfortunately persists despite the enormous number of identity theft victims created by over-reliance on SSN.

* The Transportation Security Administration stops wasting billions of dollars in traveller delays by confiscating water bottles and removing shoes. Instead it focuses on real threats based on rational risk assessment, not security theater based on movie-plots (hat-tip Bruce Schneier). OK, unlikely, but I can dream, can’t I?

(Obviously that last one went out the window with the terrorism attempt over Christmas.)

April 24, 2009

Search and seizure and data centers

Filed under: Business, Politics, Technology — Tags: , , , — David Kirkpatrick @ 12:34 pm

This ought to be troubling for anyone storing data anywhere other than a drive in their possession. Hopefully you’d at least be backed-up somewhere in your possession, but the idea your data could be indefinitely seized and pored over by the authorities should be very chilling. And as the article mentions, should be a significant aspect of the the cloud computing argument.

From the link:

The FBI’s target in the data center raid—one of five seizures conducted that day—is simply listed as Cabinet 24.02.900 in the affidavit and search warrant.

Cabinet 24.02.900 allegedly held the computers and data used to serve voice-over-IP clients for the companies at the center of the case. Yet, it was also home to the digital presence of dozens of other businesses, according to press reports. To LiquidMotors, a company that provides inventory management to car dealers, the servers held its client data and hosted its managed inventory services. The FBI seizure of the servers in the data center rack effectively shut down the company, which filed a lawsuit against the FBI the same day to get the data back.

“Although the search warrant was not issued for the purpose of seizing property belonging to Liquid Motors, the FBI seized all of the servers and backup tapes belonging to Liquid Motors, Inc.,” the company stated in its court filing. “Since the FBI seized its computer equipment earlier today, Liquid Motors has been unable to operate its business.”

The court denied the company’s attempt to get its data back, but the FBI offered to copy the data to blank tapes to help the company restart its services, according to a report in Wired.

The incident has worried IT managers, especially those with a stake in cloud computing, where a company’s data could be co-mingled with other businesses’ data on a collection of servers.

“The issue, I think, is one of how search and seizure laws are being interpreted for assets hosted in third-party facilities,” James Urquhart, manager of Cisco Systems’ Data Center 3.0 strategy, said in a recent blog post. “If the court upholds that servers can be seized despite no direct warrants being served on the owners of those servers—or the owners of the software and data housed on those servers—then imagine what that means for hosting your business in a cloud shared by thousands or millions of other users.”

January 20, 2009

Missing hedge fund manager

Filed under: Business — Tags: , , , , , , — David Kirkpatrick @ 6:38 pm

I have a feeling this type of story, and reports of suicide, will continue for a while as rotten apples drop of the financial world’s trees.

From the link:

The F.B.I. and securities regulators have joined the investigation of Arthur Nadel, a Florida hedge fund manager who disappeared four days ago, leaving clients concerned that they might have lost as much as $350 million.

The Federal Bureau of Investigation and the Securities and Exchange Commission are helping on the case, police Lt. Stanley Beishline of Sarasota, Fla., said in a telephone interview.

 

One of Mr. Nadel’s business partners, Neil Moody, said Mr. Nadel had spoken to his wife, Peg, since he was reported missing. Mr. Nadel, 76, is president of Scoop Management in Sarasota, which oversees funds that include Valhalla Investment Partners. Mr. Moody holds no position in Scoop Management and was a partner with Mr. Nadel only on the Vahalla fund and two Viking funds.

Scoop’s claim to have managed as much as $350 million ”may be high because performance results were exaggerated,” Mr. Moody said in an interview. Mr. Moody said he did not know anything was wrong until Mr. Nadel was reported missing.

Mr. Nadel was last seen by his wife at 8:45 a.m. on Wednesday when he left for work, said Lt. Chuck Lesaltato of the Sarasota County sheriff’s office.

December 30, 2008

From the department of dumb criminals …

Filed under: et.al., Media — Tags: , , , — David Kirkpatrick @ 5:34 pm

… a late entrant for this year, but certainly a contender.

From the link:

The robber’s threatening note made a Chicago bank job easy to solve: The FBI says the suspect wrote it on his pay stub.

An FBI affidavit says the man walked into a Fifth Third Bank on Friday and handed a teller a note that read “Be Quick Be Quit (sic). Give your cash or I’ll shoot.” The robber got about $400 but left half of his note.

Investigators found the other half outside the bank’s front doors.

Authorities say that part of the man’s October pay stub had his name and address.

December 9, 2008

Blago post number two

Filed under: Politics — Tags: , , , , — David Kirkpatrick @ 6:08 pm

The first one is here. I just wanted to get some raw content from the official arrest release.

From the second link:

CHICAGO – Illinois Gov.

Rod R. Blagojevich and his Chief of Staff, John Harris, were arrested today by FBI agents on federal corruption charges alleging that they and others are engaging in ongoing criminal activity: conspiring to obtain personal financial benefits for Blagojevich by leveraging his sole authority to appoint a United States Senator; threatening to withhold substantial state assistance to the Tribune Company in connection with the sale of Wrigley Field to induce the firing of Chicago Tribune editorial board members sharply critical of Blagojevich; and to obtain campaign contributions in exchange for official actions – both historically and now in a push before a new state ethics law takes effect January 1, 2009.

And here’s a little laundry list from page two of the twelve page PDF:

A 76-page FBI affidavit alleges that Blagojevich was intercepted on court-authorized wiretaps during the last month conspiring to sell or trade Illinois’ U.S. Senate seat vacated by President-elect Barack Obama for financial and other personal benefits for himself and his wife. At various times, in exchange for the Senate appointment, Blagojevich discussed obtaining:

 

<

 

a substantial salary for himself at a either a non-profit foundation or an organization affiliated with labor unions;

 

<

 

placing his wife on paid corporate boards where he speculated she might garner as much as $150,000 a year;

 

<

 

promises of campaign funds – including cash up front; and

 

<

 

a cabinet post or ambassadorship for himself.

 

Everyone is commenting it’s a slow news day so Blago’s really getting it, but man, it’s deserved.

The Silver is the New Black Theme Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 26 other followers