Archive for category Security

Barbara Boxer Triggers Outrage Over Proposal to Deploy National Guard in Public Schools | Alternet

Posted by Michael B. Calyn in Big Brother, Government, Opinion, Perspective, Security on December 27, 2012


Barbara Boxer Triggers Outrage Over Proposal to Deploy National Guard in Public Schools

Critics on the left and right are speaking out.

December 26, 2012 

 

Days after California’s liberal Democratic Senator Barbara Boxer gave an impassioned floor speech saying that big steps must be taken to stop gun violence that is killing 87 people a day across America, she proposed a bill to give governors power to deploy National Guard troops in public schools—or assign them to local police departments, freeing them to put police in schools.

“Is it not part of the national defense to make sure that your children are safe?” Boxer said at a press conference, where she unveiled the Save Our Schools Act. “The slaughter of the innocents must stop….”

“Of all the bad ideas I’ve heard in the aftermath of the Newtown murders, the worst comes from Sen. Barbara Boxer, D-CA, who wants to provide federal funds for states to send the National Guard into schools,” wrote the Chicago Tribune’s Steve Chapman:

“She quotes the Guard as saying it is ‘particularly well suited for domestic law enforcement support missions’ since it is ‘located in over 3,000 local communities.’ Putting Guard troops in each (or many) of them is about as sensible as putting them in every movie theater and shopping mall. It will cost money and divert the Guard from its customary purposes, requiring either an increase in its size or the sacrifice of other needs. Not to mention that school, statistically, is a very safe place for a child to be.”

No shortage of liberal writers noted that there was an armed guard at the Columbine, Colorado, high school where 15 students were killed in 1999.

Chapman’s response is part of a growing stream of criticism from the political left and right in the five days since the idea was introduced. But beyond the almost visceral reactions that sending armed officers into schools is inappropriate, or won’t work against assailants armed with military-level weaponry, or is federal overreach, there is a deeper danger.

Every time progressives have ceded some ground in the gun-control debate, the pro-gun right has used their pronouncements to move the center of the gun-control debate onto their side of the aisle.

A generation ago, liberal scholars looked at the history of the Second Amendment and concluded that the Constitution’s framers wanted an armed citizenry—as did Congress after the Civil War so ex-slaves could protect themselves. That uneasy finding gave the Right new momentum to legally fight and overturn gun laws, according to the very right-wing lawyers who triumphed in federal court.

Fast-forward to today: The NRA’s proposal to train and arm teachers in response to the Newtown grade school massacre has been widely ridiculed, yet on the same day one of the most liberal U.S. senators proposed a remedy not all that different, as it places people with arms in schools.

To be fair, Boxer called for other gun reforms right after the shooting, such as “taking the weapons of war and high-capacity clips off our streets,” ensuring local police are more involved in issuing gun permits, closing the gun-show loophole, and “keeping guns out of the hands of the mentally ill.” Boxer closed by saying, “We need to keep our schools safe by utilizing all of the law enforcement tools at our disposal. We have failed our children and we have to stop worrying about our political skins.”

She then introduced the Save Our Schools Act, which would allow governors to deploy state National Guard troops in communities—whether to augment local police—or directly into public schools.

The reaction across the political spectrum has been varied but equally sharp. On the political right, the libertarian pro-gun crowd has said that Boxer’s proposal is an example of the worst kind of federal overeach, because further militarization of local police is what prompted the framers to write the Second Amendment.

“If you’ve been decrying the militarization of law enforcement, hold onto your hats boys and girls—because crap just got real,” wrote the pro-gun blog, UnitedLiberty.org.

Perhaps the biggest problem with Boxer’s idea is that it lends credibility to the notion that a more widely armed society is more immune to wanton gun violence.

A generation ago, a handful of liberal constitutional laws scholars wrote detailed and compelling analyses of the Second Amendment’s roots. The University of Texas’ Sanford Levinson’s readable history, The Embarassing Second Amendment, and more recent work by Yale Law School’s Akhil Reed Amar, reluctantly conclude that the U.S. Constitution’s framers, Congress and many states since then want “strong” gun rights.

The New York Times’ legal reporter Adam Liptak wrote in 2007 how these scholars and other liberals gave new intellectual ammunition to the pro-gun lobby to legally challenge and overturn local gun-control laws. He quoted pro-gun lawyers as crediting the liberal scholars’ more open-minded assessment with boosting their arguments in federal court.

It may be that Sen. Boxer is well aware of this legal history and knows that any new or overly broad gun-control laws will be struck down: i.e., the Second Amendment clearly empowers citizen militias, which implies having military-level weapons available to the public. And so, against the backdrop of an increasingly armed America, the solution that surfaces is placing deterrent force in public schools.

But by proposing this remedy on the same day the NRA proposed arming teachers, Boxer is lending credence to the NRA perspective that the only solution to gun violence is more guns. Progressives would like to believe that civilization is making forward progress beyond the need to have guns at the ready for every nightmare scenario. After all, it’s conservatives who take a dimmer view of human nature and dwell on evil.

 Barbara Boxer Triggers Outrage Over Proposal to Deploy National Guard in Public Schools | Alternet.

Related articles

 

, , , , , , ,

Leave a Comment

Superintendent: Drawings Of Weapons Led To New Jersey Student’s Arrest « CBS Philly

Posted by Michael B. Calyn in Schools, Security, Social on December 22, 2012


Superintendent: Drawings Of Weapons Led To New Jersey Student’s Arrest

By Jenn Bernstein, Steve Beck

December 19, 2012



GALLOWAY TOWNSHIP, N.J. (CBS) – Every school in America is on edge this week, but behavior by a student at Cedar Creek High School Tuesday had school officials on alert.

The Superintendent of the Greater Egg Harbor Regional High School District said around 2 pm Tuesday, a 16 year old student demonstrated behavior that caused concern.

A teacher noticed drawings of what appeared to be weapons in his notebook. School officials made the decision to contact authorities.

Police removed the 16-year-old boy from Cedar Creek High School in Galloway Township Tuesday afternoon after school officials became concerned about his behavior.

The student was taken to the Galloway Township Police Department.

Police then searched the boy’s home on the 300 block of East Spencer Lane and found several electronic parts and several types of chemicals that when mixed together, could cause an explosion, police say.

The unidentified teen was charged with possession of a weapon an explosive device and the juvenile was placed in Harbor Fields.

The Superintendent, Dr. Steven Ciccariello put a phone message out to parents Wednesday morning.

“This is a perfect example of a teacher implementing her training. She saw drawings that appeared disturbing to her and alerted school officials,” he told Eyewitness News.

The New Jersey Education Association said teachers are now routinely trained to watch for these kinds of warning signs.

“Without the proper training, things can slip through the cracks,” said NJEA Spokesperson Kathy Coulibali, “If somebody feels insecure about whether or not is this really something that should be reported, we don’t want that kind of gray area.”

As a precaution, bomb-sniffing dogs swept the school, but nothing was found. Authorities say that students and teachers at the school were never in any danger nor were any threats made.

The student was placed in Haborfields Juvenile Detention Center.

 Superintendent: Drawings Of Weapons Led To New Jersey Student’s Arrest « CBS Philly.

Related articles

 

, , , , , , ,

Leave a Comment

Man arrested after charging at Romney’s SUV – CNN Political Ticker – CNN.com Blogs

Posted by Michael B. Calyn in Security on November 30, 2012


Man arrested after charging at Romney’s SUV

 

Posted by

CNN Political Unit

 

 

(CNN) - The Secret Service said an unidentified man was arrested Thursday at the White House after running at the vehicle carrying former Republican presidential candidate Mitt Romney to a lunch there.

The man reached into Romney’s open vehicle window as the SUV stopped at a White House gate. He was yelling the candidate’s name when he was hauled away, apparently by a security officer.
“This afternoon an individual interfered with a motorcade,” the Secret Service said in a statement. “He became combative with uniformed Secret Service agents, and was arrested for assault of a police officer and unlawful entrance.”

The individual did not appear to physically contact Romney.

Romney was visiting the White House for a lunch with President Barack Obama. The White House said in a statement the “focus of their discussion was on America’s leadership in the world and the importance of maintaining that leadership position in the future.”

 Man arrested after charging at Romney’s SUV – CNN Political Ticker – CNN.com Blogs.

Related articles

 

, , , , , , , , ,

Leave a Comment

When the Most Personal Secrets Get Outed on Facebook – WSJ.com

Posted by Michael B. Calyn in Facebook, Security on October 15, 2012


When the Most Personal Secrets Get Outed on Facebook

BY GEOFFREY A. FOWLER

AUSTIN, Texas—Bobbi Duncan desperately wanted her father not to know she is lesbian. Facebook told him anyway.

One evening last fall, the president of the Queer Chorus, a choir group she had recently joined, inadvertently exposed Ms. Duncan’s sexuality to her nearly 200 Facebook friends, including her father, by adding her to a Facebook Inc. discussion group. That night, Ms. Duncan’s father left vitriolic messages on her phone, demanding she renounce same-sex relationships, she says, and threatening to sever family ties.

The 22-year-old cried all night on a friend’s couch. “I felt like someone had hit me in the stomach …

 When the Most Personal Secrets Get Outed on Facebook – WSJ.com.

Related articles

 

, , , , , , ,

Leave a Comment

U.S. seeks return to SE Asian bases – The Washington Post

Posted by Michael B. Calyn in China, Defense, Government, Security on June 23, 2012


U.S. eyes return to some Southeast Asia military bases

Jim Watson/AP - U.S. Defense Secretary Leon Panetta, left, receives a photo album of his visit to Vietnam from Gen. Vu Chien Thang upon his departure at Noi Bai International Airport in Hanoi, Vietnam Tuesday, June 5, 2012.

By Craig Whitlock, Published: June 22

As the Obama administration revamps its Asian strategy in response to a rising China, the U.S. military is eyeing a return to some familiar bases from its last conflict in the region — the Vietnam War. 

 

In recent weeks, the Pentagon has intensified discussions with Thailand about creating a regional disaster-relief hub at an American-built airfield that housed B-52 bombers during the 1960s and 1970s. U.S. officials said they are also interested in more naval visits to Thai ports and joint surveillance flights to monitor trade routes and military movements.

146

Bases the U.S. military is seeking to regain access to in the South China Sea.

Bases the U.S. military is seeking to regain access to in the South China Sea.

 

In next-door Vietnam, Defense Secretary Leon E. Panetta this month became the highest-ranking U.S. official to visit the naval and air base at Cam Ranh Bay since the end of the war. Citing the “tremendous potential here,” Panetta enthused about the prospect of U.S. ships again becoming a common sight at the deep-water port.

The Pentagon is also seeking greater accommodations in the Philippines, including at the Subic Bay naval base and the former Clark Air Base, once the largest U.S. military installations in Asia as well as key repair and supply hubs during the Vietnam War.

The U.S. military either abandoned or was evicted from its Southeast Asian bases decades ago. Amid concerns about China’s growing military power and its claims to disputed territories, however, Thailand, Vietnam and the Philippines have cautiously put out the welcome mat for the Americans again.

In response, Pentagon leaders have flocked to the region to speed up negotiations and fortify relations. The rapprochements so far have focused on limited steps, such as port visits and joint exercises, but the administration hopes they will lead to a more extensive and persistent U.S. military presence.

“Symbolically, those places are really attached to a very recent history,” said a senior U.S. defense official, speaking on condition of anonymity to discuss the deliberations. “Part of moving forward with a lot of these nations is making amends with those symbols.”

U.S. officials said they have no desire to re-occupy any of the massive Southeast Asian bases from last century. Nor do they have the money to create new ones. So they’re looking for permission to operate from the old installations as guests, mostly on a temporary basis.

“I don’t carry around a backpack with American flags and run around the world planting them,” Army Gen. Martin E. Dempsey, chairman of the Joint Chiefs of Staff, told reporters after returning from a visit this month to Thailand, the Philippines and Singapore. “We want to be out there partnered with nations and have a rotational presence that would allow us to build up common capabilities for common interests.”

The U.S. armed forces have been allowed, to varying degrees, to visit or conduct training exercises at its old bases for several years. But talks about expanding access have taken on a new urgency since January, when President Obama announced that the United States was making a strategic “pivot” to Asia after a decade in which it was preoccupied with wars in Iraq and Afghanistan.

The administration has denied that its resurgent interest is designed to contain China, which has alarmed many neighbors by making expansive territorial claims in the resource-rich South China and East China seas. U.S. officials said their primary goal in Asia is to maintain stability by ensuring freedom of navigation and free trade with the world’s fastest-growing economies, including China.

But analysts said the U.S. strategic pivot and fresh basing arrangements are necessary to reassure allies that Washington will maintain its Asian security commitments and remain an effective counterweight to China, despite looming defense cutbacks at home.

 “This is a long game and a long-term trend,” said Patrick M. Cronin, senior director of the Asia-Pacific security program at the Center for a New American Security, a Washington think tank with close ties to the administration. “They’re doing the best they can with what they have, and what they have is considerable. The problem is whether it is sustainable, and that’s what everybody in the region is asking.”

After years of paying little attention to Thailand, which was rattled by a coup in 2006, senior Pentagon leaders have rediscovered Bangkok. Dempsey’s visit was the first by a chairman of the Joint Chiefs in more than a decade.

Deputy Defense Secretary Ashton Carter is scheduled to make a trip next month. And Thailand has extended a formal invitation to Panetta, who also met with the Thai minister of defense at a conference in Singapore this month.

The two countries are discussing whether to run a joint military hub for responding to the devastating cyclones, tsunamis and other natural disasters that frequently strike the region. The center would be located at the Royal Thai Navy Air Field at U-Tapao, about 90 miles south of Bangkok.

The U.S. military is well-acquainted with U-Tapao (OOH-ta-pow), where it built the two-mile-long runway — one of the longest in Asia — in the 1960s. The Pentagon relied on the airfield as a major staging and refueling base during the Vietnam War, but withdrew its forces from the country in 1976 at the direction of the Thai government.

In the 1980s, the United States and Thailand resumed gradual military cooperation. The Thai government has allowed the U.S. Air Force to use U-Tapao as a stopover for troop transit flights to the Middle East. The base is also the center for the annual Cobra Gold military exercises, which started out as a U.S.-Thai training program but now involves more than 20 countries.

U.S. officials have been vague in public about how many troops they might send to U-Tapao or what missions they might perform if the disaster-relief center comes to fruition.

The lack of information has bred suspicion in the Thai media and among opposition lawmakers, who have held up a separate project that would allow NASA to operate climate-change surveillance flights from U-Tapao this fall. Chinese officials have also expressed skepticism about an expanded U.S. military presence.

Catharin Dalpino, a former State Department official and Southeast Asia expert, said any new U.S.-Thai military accords were likely to be “modest.” She noted that Thailand has a history of working closely with both superpowers and would be unlikely to sign any agreements that would alienate either Washington or Beijing.

“The Thais have a long relationship with China and a positive relationship with China, but they do not see this as contradictory with maintaining a treaty alliance with the United States and a strong economic relationship with the United States,” she said.

Some U.S. military officials said they also would like to upgrade naval access to Thai ports. The U.S. Navy is preparing to base four of its newest warships — known as Littoral Combat Ships — in Singapore and would like to rotate them periodically to Thailand and other southeast Asian countries.

The Navy is also pursuing options to conduct joint airborne surveillance missions from Thailand, the Philippines and Australia, officials said. Pentagon leaders said one of their highest strategic priorities is to improve their surveillance of shipping traffic and military movements throughout Southeast Asia and the Indian Ocean, home to some of the busiest trade routes in the world.

In 2014, for instance, the Navy is scheduled to begin deploying new P-8A Poseidon reconnaissance and anti-submarine aircraft to the Pacific, replacing the Cold War-era P-3C Orion surveillance planes.

The Navy is preparing to deploy new high-altitude surveillance drones to the Asia-Pacific region around the same time. Under current plans, the drones will be based on Guam, but U.S. officials are also searching for Asian partners willing to host the aircraft.

 U.S. seeks return to SE Asian bases – The Washington Post.

Related articles

, , , , , , ,

Leave a Comment

U.S., Israel developed Flame computer virus to slow Iranian nuclear efforts, officials say – The Washington Post

Posted by Michael B. Calyn in Cyber Security, Security on June 19, 2012


U.S., Israel developed Flame computer virus to slow Iranian nuclear efforts, officials say

By Ellen Nakashima, Greg Miller and Julie Tate, Tuesday, June 19

The United States and Israel jointly developed a sophisticated computer virus nicknamed Flame that collected intelligence in preparation for cyber-sabotage aimed at slowing Iran’s ability to develop a nuclear weapon, according to Western officials with knowledge of the effort. 

 

The massive piece of malware secretly mapped and monitored Iran’s computer networks, sending back a steady stream of intelligence to prepare for a cyberwarfare campaign, according to the officials.

1302

Iran’s quest to possess nuclear technology: Iran said it has made advances in nuclear technology, citing new uranium-enrichment centrifuges and domestically made reactor fuel.

The effort, involving the National Security Agency, the CIA and Israel’s military, has included the use of destructive software such as the Stuxnet virus to cause malfunctions in Iran’s nuclear-enrichment equipment.

The emerging details about Flame provide new clues to what is thought to be the first sustained campaign of cyber-sabotage against an adversary of the United States.

“This is about preparing the battlefield for another type of covert action,” said one former high-ranking U.S. intelligence official, who added that Flame and Stuxnet were elements of a broader assault that continues today. “Cyber-collection against the Iranian program is way further down the road than this.”

Flame came to light last month after Iran detected a series of cyberattacks on its oil industry. The disruption was directed by Israel in a unilateral operation that apparently caught its American partners off guard, according to several U.S. and Western officials, speaking on the condition of anonymity.

There has been speculation that the United States had a role in developing Flame, but the collaboration on the virus between Washington and Israel has not been previously confirmed. Commercial security researchers last week reported that Flame contained some of the same code as Stuxnet. Experts described the overlap as DNA-like evidence that the two sets of malware were parallel projects run by the same entity.

Spokesmen for the CIA, the NSA and the Office of the Director of National Intelligence, as well as the Israeli Embassy in Washington, declined to comment.

The virus is among the most sophisticated and subversive pieces of malware to be exposed to date. Experts said the program was designed to replicate across even highly secure networks, then control everyday computer functions to send secrets back to its creators. The code could activate computer microphones and cameras, log keyboard strokes, take screen shots, extract geolocation data from images, and send and receive commands and data through Bluetooth wireless technology.

Flame was designed to do all this while masquerading as a routine Microsoft software update; it evaded detection for several years by using a sophisticated program to crack an encryption algorithm.

“This is not something that most security researchers have the skills or resources to do,” said Tom Parker, chief technology officer for FusionX, a security firm that specializes in simulating state-sponsored cyberattacks. He said he does not know who was behind the virus. “You’d expect that of only the most advanced cryptomathematicians, such as those working at NSA.”

Flame was developed at least five years ago as part of a classified effort code-named Olympic Games, according to officials familiar with U.S. cyber-operations and experts who have scrutinized its code. The U.S.-Israeli collaboration was intended to slow Iran’s nuclear program, reduce the pressure for a conventional military attack and extend the timetable for diplomacy and sanctions.

The cyberattacks augmented conventional sabotage efforts by both countries, including inserting flawed centrifuge parts and other components into Iran’s nuclear supply chain.

The best-known cyberweapon let loose on Iran was Stuxnet, a name coined by researchers in the antivirus industry who discovered it two years ago. It infected a specific type of industrial controller at Iran’s uranium-enrichment plant in Natanz, causing almost 1,000 centrifuges to spin out of control. The damage occurred gradually, over months, and Iranian officials initially thought it was the result of incompetence.

The scale of the espionage and sabotage effort “is proportionate to the problem that’s trying to be resolved,” the former intelligence official said, referring to the Iranian nuclear program. Although Stuxnet and Flame infections can be countered, “it doesn’t mean that other tools aren’t in play or performing effectively,” he said.

To develop these tools, the United States relies on two of its elite spy agencies. The NSA, known mainly for its electronic eavesdropping and code-breaking capabilities, has extensive expertise in developing malicious code that can be aimed at U.S. adversaries, including Iran. The CIA lacks the NSA’s sophistication in building malware but is deeply involved in the cyber-campaign.

The CIA’s Information Operations Center is second only to the agency’s Counterterrorism Center in size. The IOC, as it is known, performs an array of espionage functions, including extracting data from laptops seized in counterterrorism raids. But the center specializes in computer penetrations that require closer contact with the target, such as using spies or unwitting contractors to spread a contagion via a thumb drive.

Both agencies analyze the intelligence obtained through malware such as Flame and have continued to develop new weapons even as recent attacks have been exposed.

Flame’s discovery shows the importance of mapping networks and collecting intelligence on targets as the prelude to an attack, especially in closed computer networks. Officials say gaining and keeping access to a network is 99 percent of the challenge.

“It is far more difficult to penetrate a network, learn about it, reside on it forever and extract information from it without being detected than it is to go in and stomp around inside the network causing damage,” said Michael V. Hayden, a former NSA director and CIA director who left office in 2009. He declined to discuss any operations he was involved with during his time in government.

Years in the making

The effort to delay Iran’s nuclear program using cyber-techniques began in the mid-2000s, during President George W. Bush’s second term. At that point it consisted mainly of gathering intelligence to identify potential targets and create tools to disrupt them. In 2008, the program went operational and shifted from military to CIA control, former officials said.

Despite their collaboration on developing the malicious code, the United States and Israel have not always coordinated their attacks. Israel’s April assaults on Iran’s Oil Ministry and oil-export facilities caused only minor disruptions. The episode led Iran to investigate and ultimately discover Flame.

“The virus penetrated some fields — one of them was the oil sector,” Gholam Reza Jalali, an Iranian military cyber-official, told Iranian state radio in May. “Fortunately, we detected and controlled this single incident.”

Some U.S. intelligence officials were dismayed that Israel’s unilateral incursion led to the discovery of the virus, prompting countermeasures.

The disruptions led Iran to ask a Russian security firm and a Hungarian cyber-lab for help, according to U.S. and international officials familiar with the incident.

Last week, researchers with Kaspersky Lab, the Russian security firm, reported their conclusion that Flame — a name they came up with — was created by the same group or groups that built Stuxnet. Kaspersky declined to comment on whether it was approached by Iran.

“We are now 100 percent sure that the Stuxnet and Flame groups worked together,” said Roel Schouwenberg, a Boston-based senior researcher with Kaspersky Lab.

The firm also determined that the Flame malware predates Stuxnet. “It looks like the Flame platform was used as a kick-starter of sorts to get the Stuxnet project going,” Schouwenberg said.

 U.S., Israel developed Flame computer virus to slow Iranian nuclear efforts, officials say – The Washington Post.

Related articles

, , , , , , ,

Leave a Comment

The next consumerization revolution: Your personal data | Consumerization Of It – InfoWorld

Posted by Michael B. Calyn in Privacy, Security, Social, Society on June 16, 2012


JUNE 15, 2012

The next consumerization revolution: Your personal data

Privacy groups want to lock away your personal data. A better option is to let you sell it for what it’s really worth

By Galen Gruman | InfoWorld

When Facebook’s much-vaunted IPO fell flat a couple weeks ago, conventional wisdom said the dot-commers’ belief that almost any online business can make billions through advertising was not a realistic business model after all. Advertising fees online trail those of other media, and multiple studies show that when people are engaged in social networks, they tune out ads precisely because they are so focused on their interactions.

The conventional wisdom is right, but not complete. I believe that in the next two or three years, an even more fundamental assumption about these businesses will be turned on its head. Whether it’s Facebook, Twitter, Google Drive, or Pinterest, the truth is the product is you — all that data about you used to target ads and sales pitches. It’s hardly a new business model — it’s how trade publications have made their money for decades — but in the online world all that information is easily stolen, traded, and spread. Yes, I’m talking about the issue of Internet privacy, though Silicon Valley remains tone-deaf to the topic.

You’re giving away what’s valuable about you                                                              
Right now, users give away valuable information about themselves. Sometimes they get something of real value in return, but most online businesses give away worthless “value” dressed up using gamification techniques. Klout, I’m looking at you.

As we see more data breaches and grosser levels of disrespect for user privacy, I suspect the public will start to realize they’re being had. And as they’ve learned they can do in other venues, they’ll take charge. 

The pieces are out there to create a data brokerage that pays you
I fully expect to see services pop up that act as personal-data brokers, giving users a cut of the money made from their personal information — the data users explicitly choose to share, not what is gathered about them sneakily. Again, this business model has long existed, but not in a way that allows individuals to participate in the proceeds.

Companies such as Amazon.com and Rakuten (better known by its LinkShare brand) already have similar businesses based on giving users a cut of sales from their product referrals. The tracking and payment platforms are in place, as are the reach and trust in Amazon’s case. A company such as R.R. Donnelley, which handles about half the junk mail (postal and online) in the United States and microtargets it based on your available data, would be a natural in this business as well, though it would need to create a brand from cloth.

Apple’s forthcoming Passbook service in iOS 6 could also be a foundation for your personal data portfolio — imagine if Apple lets you use your iCloud or iTunes ID as a universal ID, tied into your payments and Passbook accounts. Apple’s track record of empowering users over their personal data is better than most, and it has the reach to be a common ID/data vault, especially given how much personal data you already entrust to it via iTunes and iCloud.

Users are already choosing Facebook as a central ID across websites (never mind that Facebook is a terrible steward of your data). That could easily become not just an ID but a personal information vault that Facebook also sells — without paying you or even worrying about what you want shared. There’s also of course OpenID. Many of the pieces are in place, just scattered.

The telecom carriers are interested in such a role as well, though they’ve focused mainly on back-end services to enable secured digital identities. They keep looking for ways to get into new markets and have dallied with payment systems, app stores, and other services for years, though I wouldn’t trust any of them to be an honest broker.

As you can tell, I don’t see the personal privacy issue the same way the advocacy groups do. The information is out there and will stay out there — the very act of digitization means the data is easily shared, manipulated, and used. That genie can’t return to the bottle as the privacy groups demand.

Instead, I see the issue as a business proposition. If the data has value — and we know it does — its creators (you and me) should be paid for it. And if we take over the selling of our data, all those companies using it now have to respect us and abide by our standards. Currently, we’re a free resource to mine whether we like it or not; we’re the Indians trading trinkets to the Dutch for Manhattan. That didn’t work out well for the Indians, did it?

I’m all for bartering personal information for valuable services — heck, that’s how InfoWorld makes the money to pay me and the rest of the team — but too much of that “value” proffered has no value. As users opened up the corporate technology tool chest with BYOD, they too will open up the business of making money from their own data. The companies buying it will also be more likely to safeguard it, because we won’t sell to those that don’t; if they let it get loose through sloppiness, they essentially end up subsidizing their competitors. The free market can be our friend in protecting our personal information.

To help that day come sooner, assess the sites you’ve signed up for and unsubscribe from those whose value is tiny. Remember, they’re making hundreds of dollars or more a year from your information. If you’re not getting that much value back, cut them off. That way, you use economic pressure to steer the market in a better direction. It worked with the major banks’ attempts to gouge debit card fees from all of us to recoup the losses they created. It can work again.

 The next consumerization revolution: Your personal data | Consumerization Of It – InfoWorld.

Related articles

, , , , , , ,

Leave a Comment

FTC cracks down on personal-data site Spokeo – The Hill’s Hillicon Valley

Posted by Michael B. Calyn in Business, Ethics, Internet, Security on June 12, 2012


http://thehill.com/templates/thehill/images/space.gif

FTC cracks down on personal-data site Spokeo

By Brendan Sasso 06/12/12 11:10 AM ET

Spokeo, a website that sells detailed information about people, agreed to settle charges with the Federal Trade Commission (FTC) on Tuesday that it violated federal law.

The company agreed to pay $800,000 over allegations that it violated the Fair Credit Reporting Act.

Spokeo creates profiles of millions of people by aggregating information from public sources such as phone listings, social networks, marketing surveys, real estate listings and other websites. 

The profiles often include names, addresses, ages and email addresses. The site even collects information about people’s finances, hobbies and pictures of them and their homes.

According to the FTC, Spokeo was behaving as a consumer reporting agency by marketing profiles for background screenings and job recruiting. Federal investigators said Spokeo encouraged companies to use its service to “Explore Beyond the Resume” and ran online ads targeting employers. 

Consumer reporting agencies have to meet a variety of requirements under the Fair Credit Reporting Act, such as ensuring that the personal information they sell is accurate and is only used for legal purposes. The law also requires agencies to notify consumers of negative information in their report.

The FTC accused Spokeo of failing to meet the requirements of the Fair Credit Reporting Act and of misrepresenting endorsements by failing to disclose they were made by Spokeo’s own employees. In addition to the $800,000 fine, Spokeo agreed not to violate the Fair Credit Reporting Act in the future or misrepresent endorsements.

In a blog post, Spokeo co-founder Harrison Tang said the FTC focused on a previous version of the website and that the company has already changed many of its business practices.

He said the site never intended to act as a consumer reporting agency.

“We are a technology company organizing people-related data in innovative ways,” Tang wrote. “We do not create our own content, we do not possess or have access to private financial information, and we do not offer consumer reports.”

The complaint against Spokeo was first filed by the nonprofit Center for Democracy and Technology.

 FTC cracks down on personal-data site Spokeo – The Hill’s Hillicon Valley.

Related articles

, , , , , , ,

Leave a Comment

Adopt the cloud, kill your IT career | Data Center – InfoWorld

Posted by Michael B. Calyn in Cyber Security, Internet, Security on June 11, 2012


JUNE 11, 2012

Adopt the cloud, kill your IT career

It’s irresponsible to think that just because you push a problem outside your office, it ceases to be your problem

By Paul Venezia

 

It’s safe to say that you receive many solicitations from vendors of every stripe hawking their new cloud services: software, storage, apps, hosted this, managed that. “Simplify your life! Reduce your burden! It’s a floor wax and a dessert topping!” Some of these services deliver as promised, within fairly strict boundaries, though some are not what they seem. Even more have a look and feel that can make you swoon, but once you start to peer under the covers, the specter of integrating the service with your infrastructure stares back at you and steals your soul.

It’s not just the possibility of empty promises and integration issues that dog the cloud decision; it’s also the upgrade to the new devil, the one you don’t know. You might be eager to relinquish responsibility of a cranky infrastructure component and push the headaches to a cloud vendor, but in reality you aren’t doing that at all. Instead, you’re adding another avenue for the blame to follow. The end result of a catastrophic failure or data loss event is exactly the same whether you own the service or contract it out. The difference is you can’t do anything about it directly. You jump out of the plane and hope that whoever packed your parachute knew what he or she was doing.

A common counter to this perspective is that a company can’t expect to be able to hire subject experts at every level of IT. In this view, working with a cloud or hosted service vendor makes sense because there’s a high concentration of expert skill at a company whose sole focus is delivering that service. There’s some truth to that, for sure, but it’s not the same as infallibility. Services can fail for reasons well outside the technological purview, no matter how carefully constructed it may be. Of course, they can and do fail without outside assistance as well. The Titanic was unsinkable, if you recall.

Let’s look at LinkedIn, eHarmony, and Last.fm. Although they may not be considered cloud providers in the strictest sense, they’re veteran Internet companies that employ many highly skilled people to build and maintain their significant service offerings. They are no strangers to this game. Yet in the past week, all three had major security issues wherein thousands or millions of user account details were compromised. LinkedIn reportedly lost 6.5 million account details, including passwords, to the bad guys.

Just imagine if LinkedIn were a cloud provider responsible for handling your CRM or ERP application. You now have to frantically ensure that all your users change passwords or have them changed and relayed to the right party. You have to deal with what could conceivably be compromised data, rendering the application less than useless. What’s left of your hair is on fire — but you can’t do anything about it directly. You can only call and scream at some poor account rep who has no technological chops whatsoever, yet is thrown to the wolves. Don’t think that this can’t or won’t happen. It’s guaranteed to happen — again and again.

Now imagine where you’ll be when you’ve successfully outsourced the majority of your internal IT to cloud providers. All your email, apps, storage, and security rest easy in the cloud. You have fancy Web consoles to show you what’s going where and what resources you’re consuming. You no longer have to worry about the pesky server hardware in the back room or all those wires. If a problem arises, you fire off an email or open a support ticket, sit back, and wait.

Once that becomes the norm, the powers that be might realize they don’t need someone to do any of those tasks. I mean, if they’re paying good money to these vendors for this hosted cloud stuff, why do they need an IT department? They’d be mistaken, of course, but frankly, they’d also have a point. After all, anyone can call a vendor and complain.

Don’t get me wrong. I believe there are many areas in which the cloud brings significant benefits to an organization of any size. Data warehousing, archiving, and backup using cloud storage providers that offer block-level storage, tightly integrated security, and local storage caching and abstraction devices come to mind.

But on the opposite end of that spectrum are application and primary storage services that function at higher levels and can be compromised with a single leaked password. Aside from the smallest of companies, these services collected into any form cannot serve as a full-on replacement for local IT. Doing so places the organization in unnecessary jeopardy on a daily basis. 

Cloud vendors necessarily become targets for computer criminals, and however vigilant the vendor may be, at some point they’re going to be compromised. Judging by the recent revelations of Stuxnet, Flame, and Duqu, this may have already happened. Don’t think that I’m being overly paranoid, either. If I’d told you a month ago that several widespread viruses were completely undetectable by antivirus software due to the fact they were signed using Microsoft certificates, you’d have thought the same. But it happened.

If and when it comes to light that a major cloud vendor has been compromised for months and has divulged significant amounts of sensitive customer information to hackers over that period, we should not be surprised. I mean, City College of San Francisco had been compromised for more than a decade before anyone figured it out.

The fact of the matter is that a significant internal or external event occurring at one or more cloud providers can be ruinous for that provider and, by extension, its customers. That means you in IT. The best idea is to use cloud offerings wisely, and be ever vigilant about maintaining control over what little you can. Trust, but verify — and keep your cards close to the vest.

 

 Adopt the cloud, kill your IT career | Data Center – InfoWorld.

Related articles

, , , , , , ,

Leave a Comment

Facebook: The Hacker’s Holy Grail – 24/7 Wall St.

Posted by Michael B. Calyn in Facebook, Security on June 9, 2012


 

Facebook: The Hacker’s Holy Grail

Posted: June 8, 2012 at 6:21 am

Now that hackers have broken into eHarmony’s database, the game system of Sony’s (NYSE: SNE) PlayStation network, Google’s (NASDAQ: GOOG) Gmail system in China, and several U.S. government and major corporate websites, the only great target left is Facebook (NASDAQ: FB). It is nearly certain that the world’s best breakers of security systems have been working on hacking Facebook or loading its systems with malware. Where better
 can elicit coders show off their prowess? Some or all of the Facebook network or its hundreds of millions of passwords will be compromised. It is just a matter of when.

Facebook’s own public filings report that one of the company’s greatest risk factors for investors is network security:

Computer malware, viruses, and computer hacking and phishing attacks have become more prevalent in our industry, have occurred on our systems in the past, and may occur on our systems in the future.

Hackers cannot reveal their actual names to the public, but among them they must have some system of trophy and ribbon awards. The hacker’s victories are based on the premise that the world’s best and most well-developed security software can be breached by the some of the best minds in the secret coder world. One of the most widely reported targets is the source code of Symantec’s own security protection software — Norton. A major protector could not protect itself.

Facebook already has been pressured by hackers. Famous hacker alliance Anonymous has hinted that Facebook is among its targets. It is safe to assume that Facebook’s highly secret defense systems have been under a multitude of attacks for years. Facebook’s biggest security problem is that it operates in a world where expert hackers never tire. And most of the participants in attacks will never be found. For them, the action of taking down large networks has almost no risk.

Imagine the chaos if tens of millions of Facebook passwords are made public. That, or something very like it, is just around the corner.

Douglas A. McIntyre

Facebook: The Hacker’s Holy Grail – 24/7 Wall St..

Related articles

, , , , , , ,

1 Comment

Follow

Get every new post delivered to your Inbox.

Join 265 other followers

%d bloggers like this: