« February 10, 2008 - February 16, 2008 | Main | February 24, 2008 - March 1, 2008 »

February 23, 2008

Do Utilities Safeguard Your Information?

Another story on privacy or lack of it in customer relations databases maintained by public utilities.  One report suggests that this is one of those areas where utility employees may be dipping into to customer information without a business reason.  Your personal data can be someone else's entertainment, it seems.  With few rules in place on the matter, this is more of a public relations problem than a legal problem, at least until someone gets impacted and angry about this kind of conduct.

SFGate, home of the San Francisco Chronicle, has the story.

February 23, 2008 | Permalink | Comments (0) | TrackBack

What Happens to Old Personal Data on Facebook?

Privacy at Facebook may not be what it appears.  One commentator in the Washington Post is concerned about profile data that is retained by the company even after it is revised or deleted by the user.  Just what do they do with that stuff, and how long do they keep it?  Some interesting questions that don't have a complete answer.

Read it here.

February 23, 2008 | Permalink | Comments (0) | TrackBack

MS "Vista Capable" Suit Is a Class Action

The suit against Microsoft's labels of some computers as "Vista Capable" even though they could only run the most basic version of Vista has been certified as a class action suit.

More in CNN Money.

February 23, 2008 | Permalink | Comments (0) | TrackBack

February 21, 2008

Encryption Not What It's Cracked Up To Be

Disk encryption is one of those darlings that businesses, the prudent, and the paranoid turn to as a matter of preserving confidentiality in digital content.  Law enforcement tend to disfavor encryption as it is an impediment in their work of obtaining evidence against lawbreakers.  Homeland security and intelligence agencies have mixed feelings about it.  They like it well enough to preserve their secrets, but when terrorists and other miscreants use it, well, that's another story.  The most recent example is the Boucher case out of the District of Vermont.  There poor Mr. Boucher was arrested because he had alleged child pornography on his laptop as identified by name of files.  When the forensic technician went to later examine the laptop, the files were discovered to be encrypted with PGP software.  The government claims that it cannot break PGP.  As one commenter to an earlier post pointed out, if the government can break PGP, it probably wouldn't waste that bit of information on an alleged holder of child pornography when terrorist intelligence is at stake.  Fair enough.

Other entities beyond government and terrorists have an interest in encryption.  Your local media content provider is one.  Sony and Toshiba certainly had a stake in encrypting their high definition DVD formats after the fiasco of standard DVD encryption.  Fifteen lines of code broke that.  High definition was to be different, and to some extent, it is a bit harder to break, but not impossible.  Enterprising hackers looked for the keys in memory when a disc loaded, and, well, history repeats itself.  The reaction was to revoke certain keys which required a firmware update to play later manufactured discs. This isn't exactly the most consumer friendly way to handle a business where someone comes home from the Wal-Mart with a disc, plops it into the home player and expects it to simply play.

It seems, though, that those DVD hackers may have been on to something.  There is a report in CNET about a new hack strategy that describes something similar to defeat PGP, BitLocker, FileVault, and the rest.  If the keys are in memory, then they can be scanned to pick the lock.  This affects machines in sleep mode and other various states of hibernation.  As a side note, Microsoft designed Vista to push sleep mode as a way of faking a fast restart once reawakened, assuming of course, the machines re-awake.  (On my Vista machine it should be called coma mode because I have to unplug it and reboot to get it to restart when that happens.  I found out the hard way when my cat walked across my keyboard one time and placed the machine into that state by accident.) 

Still, it seems the only way to keep determined people out of an encrypted drive is to turn off the computer, which is kind of silly if one needs to use it.  There are even techniques to get the data from RAM chips removed from one machine to another if done within the right time-frame and temperature. 

This is all detailed in a paper out of Princeton University.  You can read about the paper here and follow the links to get the actual PDF.  The implications are something to think about.

February 21, 2008 | Permalink | Comments (0) | TrackBack

Computer Tech Repair Questionable Practices

For those individuals who may require "professional" help in restoring order on a wayward computer, consider the lesson of the Geek Squad staff who harvest porn from customer hard drives.  There's a sad story about this on the SFGate web site that is certainly less than flattering to the company.  It suggests a duplicitous attitude when it comes to this kind of material.  It is one thing to turn over evidence of child porn to the authorities.  It's another to copy legal files from a hard drive and pass them around the office like they were candy.  That seems to be what happened to a malfunctioning computer belonging to adult performer Jasmine Grey.  The story didn't come out until she died in a car crash.

The moral here is not whether porn is good or evil, but rather than when one turns over a machine to the Geek Squad, or presumably their equivalents, that there is no privacy guarantee.  The Geek Squad Privacy Policy covers information about marketing names and contact information, but says nothing about the contents of a computer drive.  That's tax returns, credit card numbers, health records, or any kind of personal data stored there.  One should not necessarily assume that these people are identity thieves.  At the same time, you never know who's looking at your private materials in the name of fixing your computer.  It could easily be some creep who calls over friends with a "lookie what I found" statement.  Just what anyone needs when your hard drive is in the hands of a third party.

Read the sordid (and they are) details here.

February 21, 2008 | Permalink | Comments (0) | TrackBack

February 20, 2008

Another Legal Research Site

Meet the Public Library of LawNewsweek has a nice story on them along with Fastcase, which is not free.

February 20, 2008 | Permalink | Comments (0) | TrackBack

Wikileaks Lives

Use the IP address rather than the name.  Go to 88.80.13.160 and you'll find stories about the shut down and the correspondence between the site and the Swiss bank, among other items of interest.  A nice analysis of where everything stands is at the Computerworld website.

February 20, 2008 | Permalink | Comments (0) | TrackBack

February 19, 2008

Microsoft to Go Hostile on Yahoo! Bid

The latest chapter in our soap opera involving Microsoft and Yahoo! finds Microsoft peeved at being spurned and will likely go the route of a proxy fight to get a board of directors sympathetic to its offer.  Maybe it will work, and maybe it won't.  Bill Gates says the offer was fair and won't be raised.  We still don't know how the various flirtings Yahoo! has with News Corp. over a partnership deal affects this.  Scary stuff, boys and girls.  Stay tuned for another episode of Microsoft Horror Chiller Theatre.

February 19, 2008 | Permalink | Comments (0) | TrackBack

Wikileaks Access Barred by Federal Court

Wikileaks.org is offline thanks to an order by a federal judge in the United States that commands Dynadot, the registrar for Wikileaks, to lock the domain name and disable it's use in the DNS system.  Dynadot complied.  The struggle is over documents from the Cayman Island branch of the Swiss Bank Julius Baer displayed on the site.  The documents purport to show some elements of tax fraud by the bank in hiding its customers' assets.  While Wikileaks is offline for the moment, the document is reported to be available on BitTorrent.  The judge and the bank may punish Wikileaks, but stopping the availability of the documents and their contents is fruitless.  I would say that the publicity surrounding this is likely to spur people would wouldn't even be remotely interested in this event to check out the documents.  More information about that is here.

February 19, 2008 | Permalink | Comments (1) | TrackBack

February 18, 2008

New Postal Code Allows Tracking for Ordinary Mail

Learn about the Post Office's new 31 digit code to allow users to track ordinary pieces of mail from mail drop to delivery.  You say you mailed that check when?  That's not what the tracking says.  Details in the Washington Post.

February 18, 2008 | Permalink | Comments (0) | TrackBack

HD-DVD on Death's Door

The last official act to end the high definition DVD format war is expected when Toshiba announces that they are pulling the plug on HD-DVD.  The writing's been on the wall with Warner Brothers moving to Blu-Ray exclusively, and the cascading decisions such as Wal-Mart, Blockbuster, Netflix, and Best Buy, among others, going exclusively Blu-Ray.  Toshiba stock was actually up on the news.  Cutting losses, significant as they are, means Toshiba would be spending fewer resources on a losing cause.

The only point that leaves one uneasy about Blu-Ray being the ultimate winner is that Sony has a questionable track record when it comes to DRM.  Reports exist how some Blu-Ray discs won't play on some players without a firmware upgrade, and some companies (including Sony) have been slow to come up with those upgrades.  Sony is, as are most content owners, paranoid about broken DRM to the point where the consumer experience is less than seamless.  Sony is also the same company that builds exceptionally proprietary formats and inflexible crippled equipment that tend to be consumer unfriendly.  Lest we forget, Sony also brought us the root kit fiasco in the name of protecting CD content from moving off a computer.  These kinds of marketing decisions may have more to do with the acceptance of Blu-Ray compared to other choices (upconverting anyone?) than Toshiba moving out of the market.  Otherwise, the war is over.

February 18, 2008 | Permalink | Comments (0) | TrackBack