My First Pre App February 10, 2010
Posted by Xavier Morgan in Applications, Web 2.0.Tags: Palm Pre Application Development
add a comment
I developed my first Palm Pre application – if you want to stretch the concept of an app that far.
We’ll see how the submission process goes.
Application URL: http://developer.palm.com/appredirect/?packageid=com.mycompany.miranda
We will see how it works!!!
Google to enlist NSA to help it ward off cyberattacks February 5, 2010
Posted by Xavier Morgan in Editorial, Security, Web 2.0.Tags: CS292 Forensic Security Cybercrime Attack China Google cloudwatch
add a comment
February 4, Washington Post – (National) Google to enlist NSA to help it ward off cyberattacks. The world’s largest Internet search company and the world’s most powerful electronic surveillance organization are teaming up in the name of cybersecurity. Under an agreement that is still being finalized, the National Security Agency would help Google analyze a major corporate espionage attack that the firm said originated in China and targeted its computer networks, according to cybersecurity experts familiar with the matter. The objective is to better defend Google — and its users — from future attack. Google and the NSA declined to comment on the partnership. But sources with knowledge of the arrangement, speaking on the condition of anonymity, said the alliance is being designed to allow the two organizations to share critical information without violating Google’s policies or laws that protect the privacy of Americans’ online communications. The sources said the deal does not mean the NSA will be viewing users’ searches or e-mail accounts or that Google will be sharing proprietary data. Source: http://www.washingtonpost.com/wp-dyn/content/article/2010/02/03/AR2010020304057.html?hpid=topnews
As we push more and more data out of our personal and institutional custody into the hands of network attached services, we have to contend with assessing this as a risk.
Texas Man Convicted for Role in Identity Theft Scheme February 4, 2010
Posted by Xavier Morgan in Forensics, Law Enforcement, Security, Web 2.0.Tags: fbi identity theft CS292 Security
add a comment
Department of Justice Press Release [Note: Your physical security still matters as it relates to ID theft!]
For Immediate Release
February 3, 2010
United States Attorney’s Office
District of Massachusetts
Contact: (617) 748-3100
Texas Man Convicted for Role in Identity Theft Scheme
BOSTON, MA—A Texas man was convicted late yesterday in federal court for his role in a scheme to steal credit cards from health club locker rooms and take more than $400,000 in cash advances at horse race tracks in at least 10 states.
United States Attorney Carmen M. Ortiz; Warren T. Bamford, Special Agent in Charge of the Federal Bureau of Investigation – Boston Field Division; Robert Bethel, Inspector in Charge of the U.S. Postal Inspection Service; Steven D. Ricciardi, Special Agent in Charge of the U.S. Secret Service; and Boston Police Commissioner Edward Davis, announced that DENNIS SAVARESE was convicted of conspiracy, aggravated identity theft, and identity fraud.
SAVARESE conspired with at least four others, including JAMES DESIMONE, DONALD DESIMONE, JR., RICHARD REGNETTA, and ARTHUR RIZZO to steal credit cards from health club locker rooms all over the country and then use those cards to steal hundreds of thousands of dollars in cash. On a weekly basis, for more than two years, SAVARESE traveled around the country and broke into lockers at two different nationwide gyms. After SAVARESE stole the credit cards, he then transferred the names from the credit cards to one of his coconspirators in Massachusetts who purchased fake identifications with photos of SAVARESE or one of his coconspirators and the names from the stolen cards. Then, on weekends, SAVARESE met up with one or more of the other defendants at racetracks and casinos all over the country to use those stolen credit cards to take thousands of dollars in fraudulent cash advances. The remaining defendants have pled guilty and are awaiting sentencing on similar charges.
Sentencing for SAVARESE is scheduled for April 27, 2010 at 2:00 p.m. SAVARESE faces up to five years in prison on the conspiracy charge; on the aggravated identity theft charges he faces up to two years on each count; and up to 10 years on the identity theft fraud count.
The case was investigated by the U.S. Postal Inspection Service, U.S. Secret Service, the Federal Bureau of Investigation – New England Field Division, and the Boston Police Department. The case was prosecuted by Assistant U.S. Attorneys Adam J. Bookbinder of Ortiz’s Computer Crime Unit and Sarah E. Walters of Ortiz’s Economic Crimes Unit.
Twitter Back Door via Torrents February 4, 2010
Posted by Xavier Morgan in Security, Web 2.0.Tags: backdoor warez security gotcha
add a comment
OK kiddos .. this is why I don’t want you downloading stuff with torrents! The classics never stop – these are
1) Reusing your passwords on sites out of the trust zone [i.e if it’s not one of the big boys like Google, Microsoft, Amazon, etc… use a throw away or generated password]
2) If you play in the red light districts of the Internet [i.e. you run with criminals] expect to be a victim of those criminals
February 3, The Register – (International) Warez backdoor allows hackers to pwn Twitter accounts. Twitter has lifted the lid on its recent advice to many users to reset their passwords for the micro-blogging site. Originally, it was thought that the guidance had come in response to a common or garden phishing attack. In a post on February 2, Twitter explained that the attack was actually far more devious and elaborate. Hackers established Torrent user sites and forums with hidden backdoors. They waited for these forums to grow in popularity before they harvested login details. These login credentials were then used in attempts to break into accounts on third party sites such as Twitter. The attack relied on the frequent mistake of using the same password and user ID combination for multiple sites. In other words, victims are using the same password/userID combo on warez forums and Twitter, a mistake that left them open to attack because unidentified hackers had backdoor access to these forums. Twitter detected the attack after it became suspicious of a “sudden surge in followers” to two previously obscure accounts last week. Followers of these accounts were advised to change their passwords over concerns that hackers involved in the attack had compromised their accounts to, in order to gain more followers on Twitter. It is unclear how many profiles were taken control of by the attacks or what other sites might have been involved. All might have been prevented via the use of rudimentary password security precautions. Source: http://www.theregister.co.uk/2010/02/03/twitter_phish/
Apple iPad Pricing January 29, 2010
Posted by Xavier Morgan in Editorial.Tags: Apple ipad
add a comment
Just finished watching the full Apple briefing. The games, the iWork designed for the iPad, the iBook platform … it all adds up to a game changing experience. 60 days for the wifi and 90 days for the wifi + 3G. The keyboard dock and the picture frame dock make this thing so accessible in so many different spaces.
You Get Hit, You get Sued January 28, 2010
Posted by Xavier Morgan in Editorial, Web 2.0.Tags: cyber crime liability civil criminal
add a comment
Imagine the shock of the business described in this Computer World article. To me, this is close to saying that if you did not lock your door, it’s your fault someone violated your house. Running a large network in a free and open campus requires a lot of education and collaboration, so I am not sure if this is going to be a beneficial approach to end user education:
18. January 26, Computerworld – (Texas) Bank sues victim of $800,000 cybertheft. A Texas bank is suing a customer hit by an $800,000 cybertheft incident in a case that could test the extent to which customers should be held responsible for protecting their online accounts from compromises. The incident, which was first reported by a blogger this week, involves Lubbock-based PlainsCapital bank and its customer Hillary Machinery Inc. of Plano. In November 2009, unknown attackers based in Romania and Italy initiated a series of unauthorized wire transfers from Hillary’s bank accounts and depleted it by $801,495. About $600,000 of the amount was later recovered by PlainsCapital. Hillary demanded that the bank repay it the rest of the stolen money. In a letter to the bank in December, Hillary claimed that the theft happened only because PlainsCapital had failed to implement adequate security measures. PlainsCapital promptly filed a lawsuit in the U.S. District Court for the Eastern District of Texas asking the court to certify that its security procedures were “commercially reasonable.” In its complaint, the bank noted that it had made every effort to recover the stolen money. The bank sought to absolve itself from blame in the heist by stating that the unauthorized wire transfer orders had been placed by someone using valid Internet banking credentials belonging to Hillary Machinery. “PlainsCapital accepted the wire transfer orders in good faith” and had therefore not breached any of its agreements with Hillary, the bank said in its complaint. The complaint itself is somewhat unusual in that it does not seek anything specific from Hillary. Rather, all it asks is for the court to certify that its systems are reasonably secure.
Source: http://www.computerworld.com/s/article/9149218/Bank_sues_victim_of_800_000_cybertheft
Pants on the Ground January 27, 2010
Posted by Xavier Morgan in Editorial, Entertainment, Web 2.0.Tags: CS292 Video imitator culture popular media mashup contribution
add a comment
Pants on the Ground’: A Mashup of Imitators
Read more: http://www.time.com/time/video/player/0,32068,63442179001_1956943,00.html/r:t#ixzz0drDrtCS6
Time Magazine’s Pants on the Ground Article – this is about viral marketing and cultural contributions.
Google Voice on Iphone January 26, 2010
Posted by Xavier Morgan in Editorial, Web 2.0.Tags: google voice iphone reuters
add a comment
Looks like Apple and Google are gonna go at each other. Reuters reports: “SAN FRANCISCO (Reuters) – Google Inc unveiled a new version of its Internet phone service on Tuesday in its latest effort to bypass Apple Inc’s gatekeepers and make Google Voice a popular service on the iPhone.”
Source Article: http://goo.gl/XNel
Data breach costs top $200 per customer record. January 26, 2010
Posted by Xavier Morgan in Editorial, Web 2.0.Tags: security cost incident response forensic financial impact
add a comment
January 25, Network World – (International) Data breach costs top $200 per customer record. The cost of a data breach increased last year to $204 per compromised customer record, according to the Ponemon Institute’s annual study. The average total cost of a data breach rose from $6.65 million in 2008 to $6.75 million in 2009. Ponemon Institute based its estimates on data from 45 companies that publicly acknowledged a breach of sensitive customer data last year and were willing to discuss it. Breach costs increased just $2 per compromised customer record, as compared to 2008 costs. However in the five years that Ponemon Institute has conducted its study, costs have increased from $138 per compromised customer record. In tallying the cost of a data breach, Ponemon Institute looks at several factors including: the cost of lost business because of an incident; legal fees; disclosure expenses related to customer contact and public response; consulting help; and remediation expenses such as technology and training. Overall, 42 percent of all cases in the Ponemon data-breach study involved third-party mistakes and flubs. In addition, more than 82 percent of the cases in the Ponemon study were organizations that had more than one data breach in 2009 involving the loss or theft of more than 1,000 records containing personal information. At about 40 percent of the companies that participated in the study, the chief information security officer (CISO) was in charge of managing the response related to the data breach.
Source: http://www.networkworld.com/news/2010/012510-data-breach-costs.html?hpg1=bn
We have a Twitter Down January 22, 2010
Posted by Xavier Morgan in Editorial, Web 2.0.Tags: cloud computing web2.0 outsourcing ASP Application Service Provider Software on Demand cloudwatch
add a comment
January 20, IDG News Service – (International) ‘Sudden failure’ Wednesday morning brings Twitter down. On the morning of January 19, Twitter suffered a “sudden failure” and then encountered problems switching to a backup system, which left the site “largely inaccessible” for about 90 minutes, the company said. Once notorious for regular and prolonged outages, Twitter has improved in this respect in the past year, but remains inconsistent. In August of last year, Twitter logged more than 6 hours of downtime, following a total of only 17 minutes in July, according to monitoring company Pingdom. In October, it had more than 5 hours of downtime, sandwiched between only 33 minutes in September and 22 minutes in November.
Source: http://www.computerworld.com/s/article/9146680/_Sudden_failure_Wednesday_morning_brings_Twitter_down
