|
News for 110299
contributed by AlienPlague, Atropsy, and
Hamartia
It has been learned that RealNetworks' RealJukebox software monitors
users and sends the data it collects back to the company. The data
collected includes user listener habits, what file types the user plays,
and a globally unique identifier (GUID), among other things.
RealNetworks never informed anybody of these facts, but claims that this
is not an invasion of privacy. (Ummm, yeah.)
C|Net
ZD
Net
Late Sunday evening, after the above story broke, RealNetworks changed
its privacy policy to reflect the new data being collected. The
voluntary privacy watchdog group Truste has been called on to
investigate the matter. Privacy advocates will closely watch Truste's
actions since they question if the industry can adequately police
itself.
(RealJukebox may be free software but we question what you are really
paying for it.)
C|Net
|
contributed by Punkis
Joint Task Force-Computer Network Defense (JTF-CND) conducted a
cyber-war game in early October of this year. The effort was named
Zenith Star and was the first such simulation since Eligible Receiver in
1997. Participants in the exercise included representatives from NSA,
CIA, FBI, Defense Department and other agencies. The war game included
powergrid blackouts, 911 emergency system outages, disrupting crucial
Pentagon computer networks and other situations.
(This article also regurgitates the story about the SPAWAR printer
whose print jobs where redirected to Russia. We would love to have more
information on that security hole if anyone has it.)
LA
Times
|
contributed by CyberDiva
Currently, a state government web site is providing information on that
states computer system preparedness levels. This information is made
freely available to the general public. You, as a web surfer, may go and
review this information. You can view the status of Public Utilities
(gas, water, power), Health Care Providers, the 911 system,
Telecommunications, etc. Then because the site is configured incorrectly
you can change the information to read whatever you like. (Talk about
Y2K panic.)
NewsTrolls
|
contributed by Maggie
President Clinton has unveiled a privacy plan aimed at protecting the
privacy of individually identifiable health information. The plan would
require health plans to get consent before releasing electronic medical
records, requires patient notification of use of records, and it would
let patients view and correct their records. The rules are slated to go
into effect on Feb. 21, 2000, after public comment on the issue.
(This is at least a first step. There is so much further to go.)
ZD
Net
Department of Health and Human
Services - Contains Full Text and Summary of the Proposal
|
contributed by Weld Pond
Christopher J. Seline has released the draft of paper that explains the
legalities of eavesdropping on the electromagnetic emanations of digital
equipment (TEMPEST). The paper covers the laws in Canada, England and
the United States. There is also recommendations for any future laws and
a complete bibliography.
Crytome
|
contributed by EvilWench
The computer of Joshua Handler, a Princeton University specialist in
nuclear radiation and security has had his computer and documents seized
by the Russian Secret Service (FSB).
Russia
Today
|
contributed by s_d
Sir Dystic, creator of the original Back Orifice, and Kevin Poulsen,
currently a columnist for ZD Net, will be speaking at the 16th World
Conference on Computer Security and Control on November 3 1999. The
conference will be held in London England.
Compsec International 99
|
contributed by Weld Pond
C|Net has listed what it calls the top 10 technology products that will
"scare you to death"! Number 8 on that list is Invisible KeyLogger 97
designed to capture every keystroke including passwords. (This is yet
another commercial Back Orifice like product. Why are the Anti-Virus
companies refusing to release definitions for these?)
C|Net
KeyLogger
|
contributed by deepquest, Cruciphux and
mosthated
Gov-boi, aka Insanity (Rick Stoeppelwerth), of http://www.hack.co.za
passed away Sunday night in a terrible car accident. His loss is a
tragedy and his
security expertise will be greatly missed by all who knew him. He was
known on irc as gov-boi or hotmetal.
http://www.hack.co.za/
The
Stamford Advocate
|
|
|