Archive for 2010/07/30

Content filter enables longer clips on YouTube

Posted: 2010/07/30 in Copyright, Education / Awareness, Filtering, Google, New Business Models, Tech Evolution

YouTube discusses copyright infringement, video identification, clearing rights

http://futureofcopyright.com/index.php?page=news&id=1175

Comcast exec: NBCU deal will accelerate ‘anytime, anywhere television’

Posted: 2010/07/30 in New Business Models, Tech Evolution

http://www.zdnet.com/blog/btl/comcast-exec-nbcu-deal-will-accelerate-anytime-anywhere-television/37419

U.S. military cyberwar: What’s off-limits?

Posted: 2010/07/30 in Cybercrime, Education / Awareness, Network Security, Privacy / Data Protection, Public Policy

The United States should decide on rules for attacking other nations’ networks in advance of an actual cyberwar, which could include an international agreement not to disable banks and electrical grids, the former head of the CIA and National Security Agency said Thursday.

Hayden used the opportunity to challenge attendees of Black Hat–thousands of programmers, analysts, and security researchers–to devise ways to reshape the Internet’s security architecture.

“You guys made the cyberworld look like the north German plain–and then you bitch and moan because you get invaded,” he said. “We made it flat. We gave all advantages to the offense. The inherent geography in this domain plays to the offense. There’s almost nothing inherent in the domain that plays to the defense.”

http://news.cnet.com/8301-31921_3-20012121-281.html

Comcast’s DVR App Is Coming to Android and BlackBerry

Posted: 2010/07/30 in New Business Models, Tech Evolution

You can already manage your Comcast DVR from your iPhone, but soon you’ll be able to do the same with BlackBerry and Android as well. No date announced, but it’s coming.

http://gizmodo.com/5600091/comcasts-dvr-app-is-coming-to-android-and-blackberry

How To Pirate Vinyl Records

Posted: 2010/07/30 in Education / Awareness

http://gizmodo.com/5600067/how-to-pirate-vinyl-records

Major Corporations Are Downloading Those 100 Million Facebook Profiles off BitTorrent

Posted: 2010/07/30 in Education / Awareness, Privacy / Data Protection

 A couple caveats to these. Just because a company is on the list, doesn’t mean that it’s a sanctioned download by the company itself to grab the user information for some purpose. It could easily just be some dude at the company who wanted to download the torrent himself to check it out

http://gizmodo.com/5599970/major-corporations-are-downloading-those-100-million-facebook-profiles-off-bittorrent

U.S. Copyright Group ‘Steal’ Competitor’s Website

Posted: 2010/07/30 in Copyright, Education / Awareness

http://torrentfreak.com/u-s-copyright-group-steal-competitors-website-100730/

Kristin Hersh Turns An Album Into A Book

Posted: 2010/07/30 in Education / Awareness, New Business Models

http://www.techdirt.com/articles/20100718/22370810258.shtml

An Open iPhone App Market That Doesn’t Require Jailbreaking… And Which Apple Can’t Stop

Posted: 2010/07/30 in Education / Awareness, New Business Models, Tech Evolution

First, it’s good to get more people realizing that HTML is already pretty damn good at creating app-style experiences, without having to create special compiled code and, second, it’s a really clever way to totally route around Apple as a gatekeeper (without requiring a jailbreak), and is a reminder that even on “closed” systems, openness will often find a way.

http://www.techdirt.com/blog/wireless/articles/20100730/00083610420.shtml

White House proposal would ease FBI access to records of Internet activity

Posted: 2010/07/30 in Education / Awareness, Enforcement, Legislation, Public Policy

White House proposal would ease FBI access to records of Internet activity without a court order if agents deem the information relevant to a terrorism or intelligence investigation

http://www.washingtonpost.com/wp-dyn/content/article/2010/07/28/AR2010072806141.html

UK.gov drops £6m on Google

Posted: 2010/07/30 in Google, New Business Models, Public Policy

Four Whitehall departments gave Google and similar search engines more than £6m in two years to encourage web users to do more exercise, emit less CO2 and stop smoking, among other initiatives.

- Department of Health has been the biggest search spender, paying £4.4m to promote websites including on pandemic flu;

- Department for Communities and Local Government spent £758,000 on keywords related to its websites, including information on the scrapped Home Information Pack scheme. It also paid Google to push its “Eco-towns” initiative;

- Department of Energy and Climate Change spent £310,000 in just one year. As The Register reported earlier this year, that included bidding for climate change keywords against one of its own quangos, driving up the price per click;

- Department of Environment Food and Rural Affairs spent £540,000, also partly on CO2 reduction campaigns.

http://www.theregister.co.uk/2010/07/30/gov_google/

SSL Study Shows Most Sites Incorrectly Configured

Posted: 2010/07/30 in Education / Awareness, Network Security, Stats / reports

 Secure Sockets Layer (define) is a standard mechanism websites use to help secure data and transactions, but according to Qualys security researcher Ivan Ristic, most SSL sites are actually misconfigured.

Ristic delivered his study here at the Black Hat security conference as an update to the preliminary data he published last month.

In the final study, Ristic said he examined 867,000 SSL certificates in which the name on the certificate matched the name of the domain. In his preliminary research, Ristic documented that the vast majority — nearly 97 percent — of SSL certificates do not have the proper name on them and don’t match the underlying domain.

http://www.esecurityplanet.com/features/article.php/3895786/SSL-Study-Shows-Most-Sites-Incorrectly-Configured.htm

FBI rings organizers over Defcon contest

Posted: 2010/07/30 in Cybercrime, Education / Awareness, Enforcement, Network Security, Privacy / Data Protection, Public Policy

A Defcon contest that invites contestants to trick employees at U.S. corporations into revealing not-so-sensitive data has rattled some nerves.

http://news.idg.no/cw/art.cfm?id=22E6CA25-1A64-67EA-E4BD952B07F480C8

See also:

The purpose of the contest is to (1) raise awareness on the threat of social engineering, and (2) challenge contestants to come up with creative, legal ways of obtaining information from companies. The contest is structured to be good, clean fun. Our goal is to show how much information companies may inadvertently divulge to individuals making regular, legal inquiries using normal channels of communication. The type of information we will be asking for will be things like the number of restrooms in the building, and the sort of candy that sells out from the vending machines first.

We have been working with attorneys at the Electronic Frontier Foundation to ensure that the rules make clear to contestants that their game play must be lawful:

• Contestants may not ask for or obtain financial data, passwords, or personal identifying information such as social security numbers or bank account numbers;
• Contestants may not attempt to falsify or falsify employment records;
• The list of target organizations will not include any financial, government, educational, or health care organizations;
• Contestants must keep it clean, for example, use of any pornography is banned.

http://www.social-engineer.org/blog/social-engineering/social-engineer-org-ctf-update-awareness-abounds/

and:

Please remember that you are dealing with skilled manipulators.  They will be friendly, professional and polished.  We strongly suggest you remind your staff NEVER to give any personal or proprietary information to anyone via the telephone. EVER!

http://www.social-engineer.org/blog/general-blog/social-engineering-fact-fiction/

Dutch providers outraged regarding legislative proposal

Posted: 2010/07/30 in Cybercrime, Education / Awareness, Enforcement, Legislation, Privacy / Data Protection, Public Policy

In relation to draft legislation described here http://contentprotection.wordpress.com/2010/07/28/handling-stolen-computer-data-to-be-illegal-in-the-netherlands/ several Dutch companies are now coming forward to express their views.

In this Dutch language article: http://webwereld.nl/nieuws/66729/hosters-furieus-over—-censuurplan—-justitie.html the providers say that they are especially concerned about the suggestion to have Public Prosecutors remove content from the internet, when certain conditions are being met.

Criticism has been provided by Arnout Veenman representing trade association ISP Connect, Niels Huijbregts representing XS4ALL, a spokesperson from KPN and Alex de Joode from Leaseweb. Previously, Ot van Daalen representing Bits of Freedom also provided his view.

Barracuda Labs 2010 Midyear Security Report

Posted: 2010/07/30 in Cybercrime, Education / Awareness, Network Security, Privacy / Data Protection, Stats / reports

Why search engine malware? That’s where the money is. Or at least that is where the eyeballs are. Search volumes have reached new highs with 88 billion per month on Google sites, 24 billion per month on Twitter, 9 billion per month on Yahoo sites and 4 billion per month on Microsoft sites. The goals of this work are to analyze trending topics on search engines, understand the scope of the problem and identify the types of topics used by malware.

Methodology:

We created a system that gets the set of popular search terms hourly and searches for those terms. It then pulls the set of search results and retrieves the web sites of the results. The system then analyzes the sites for malicious code.

http://www.barracudalabs.com/downloads/BarracudaLabs2010MidyearSecurityReport.pdf