b.cognosco

Where leaping to conclusions is my primary form of forward motion.

Most Popular

Book Reviews

Recently

Sunday, October 2, 2005

Acoustical Spying Recovers Passwords With 90-percent Accuracy

Once the system is trained, recovering the text became more straightforward, even if the text was a password and not an English word. After just 20 attempts, the researchers were able to retrieve 90 percent of five-character passwords, 77 percent of eight-character passwords and 69 percent of 10-character passwords.

[...]

What was particularly striking about this study, the researchers said, was the ease with which the text could be recovered using off-the-shelf equipment. "We didn't need high-quality audio to accomplish this," said Feng Zhou, a UC Berkeley Ph.D. student in computer science and co-author of the study. "We just used a $10 microphone that can be easily purchased in almost any computer supply store."

Posted by:  Terry Frazier at 9:51 PM  | Permanent Link  | Trackback URL | 
Categories: Privacy, Technology

Does Your Doctor's Computer Have Spyware?

Posted by:  Terry Frazier at 9:54 AM  | Permanent Link  | Trackback URL | 
Categories: Privacy

Friday, May 13, 2005

Are You A Denied Person?

Terry this isn't a re-instatement of the law, it is the current law. The "review" is a machine review. Your name is run against the "denied persons" list - which you can find here (btw i don't see your name on it)

http://www.bxa.doc.gov/dpl/Default.shtm

Its not a list of terrorists or naughty boys and girls but a list of those who've violated export control laws and are 'denied' as part of their punishment under law.

When you click to download the software a GEO IP check is performed (determines geographically where you are by your IP) to make sure you aren't in the IP space of one of the embargoed countries - Iran, Iraq, Cuba, Libya, N. Korea. Sudan & Syria. If your IP is anonymous or from a satellite ISP - you'll also be denied I think. Those IPS fall into "A1" and "A2" IP space.

This IP check of course doesn't and couldn't account for someone in say a Syrian embassy in a european country.

I checked the site. It's part of the Dept. of Commerce.  And the post seems written by someone who knows the subject. This past Tuesday I received the following e-mail:

Dear Terry Frazier,

PGP Corporation has just released completely new versions of its award-winning desktop products -- PGP Desktop Professional 9.0 (formerly PGP Workgroup Desktop 8.x) and PGP Desktop Home 9.0 (formerly PGP Personal Desktop 8.x). These new versions are the most significant PGP product upgrades ever offered. [...]

Posted by:  Terry Frazier at 10:00 PM  | Permanent Link  | Trackback URL | 
Categories: Policy & Regulation, Privacy, Security

Thursday, March 10, 2005

Senators to Hear Testimony on Data Theft

At least we’re getting a little traction on the data theft issues. I’m not optimistic anything substantive will happen. We’ll see… Found via Privacy Digest.

Senate Banking Committee to hold hearings on security of sensitive consumer information

Tomorrow, 10 March 2005, the Banking Committee of the United States Senate is holding hearings on "recent developments" related to the security of consumer information. By recent developments, they are referring to the ChoicePoint, Bank of America and LexisNexis incidents. Here is the notice of hearing, with the list of who is testifying (including the VP of ChoicePoint):

U.S. Senate Committee on Banking, Housing, and Urban Affairs:

"US Senator Richard Shelby
Chairman

US Senator Paul Sarbanes
Ranking Member

Committee: US Senate Committee on Banking, Housing, and Urban Affairs
Title: Identity Theft: Recent Developments Involving the Security of Sensitive Consumer Information
Date: 3/10/05
Time: 2:30 PM
Place: 538 Dirksen Senate Office Building
Agenda: The Committee will meet in OPEN SESSION to conduct a hearing on "Identity Theft: Recent Developments Involving the Security of Sensitive Consumer Information."

Publication: Printable Hearing not available at this time

Witnesses

Panel 1

Honorable Patrick J. Leahy (D-VT) , Unites States Senator

Panel 2

Honorable Deborah Platt Majoras , Chairman, Federal Trade Commission

Panel 3

Mr. Larry Johnson , Special Agent in Charge - Criminal Investigative Division, United States Secret Service

Ms. Amy S. Friend , Assistant Chief Counsel, Office of the Comptroller of the Currency

Mr. Don McGuffey , Vice President, ChoicePoint Services, Inc.

Mr. Evan Hendricks , Editor, Privacy Times

Ms. Barbara J. Desoer , Executive Vice President, Global Technology, Service and Fulfillment Executive, Bank of America Corporate Center

- David T.S. Fraser [PIPEDA and Canadian Privacy Law]

Posted by:  Terry Frazier at 8:07 PM  | Permanent Link  | Trackback URL | 
Categories: Policy & Regulation, Privacy

How Widespread is Data Theft?

This is a big deal, but until someone in Congress, the Judiciary, or the Executive branches of government are directly affected we're not going to get any protection. Our video rental records are protected by the Video Privacy Protection Act of 1988 (VPPA) because one guy, Judge Robert Bork, got smeared by his video habits. One guy. We already have hundreds of thousands of regular Americans at risk, and with no recourse, because we have no rights to our own personal information –  it belongs to mega-corporations with no obligation to protect us. Found via John Robb.

More data theft, this time at Lexis/Nexis.  Where is this data flowing?  Offshore?  Nobody seems to want to tackle that question.  Also, what's the recourse if your data is stolen?  Not much, particularly given the recent legal reforms enacted.  Oh, those pesky class action law suits...

Posted by:  Terry Frazier at 11:40 AM  | Permanent Link  | Trackback URL | 
Categories: Policy & Regulation, Privacy

Syndication

Contact

 

Presence

 

 
 ICQ

 

 

 

www.flickr.com More of GratefulZed's photos

This Page was last updated: Wed, 02 Jul 2008 22:06:57 GMT