Group items tagged

Facebook has gone a long way to protect the privacy of users on its own site. But what happens when users share their Facebook profiles and friend lists with other sites? Are social networks responsible for defending data its members decide to take elsewhere? Those questions have taken on added urgency following the introduction of tools by leading social networks, including Facebook and News Corp.'s (NWS) MySpace, that let users interact with their friends on partner sites. Facebook Connect, for example, lets a user instantly share a movie rating on Netflix (NFLX) with all or some of his or her pals on Facebook. Privacy advocates warn that these services pose a whole new set of concerns about how user data are collected and shared among sites on the Web. Using these open-networking tools, thousands of companies can unearth a trove of new data about a visitor-age, gender, location, interests, and even what a person looks like. "I'm wondering if people really understand when they're using Facebook Connect that other sites get access to their whole user profile and social graph," says Pam Dixon, executive director of the World Privacy Forum. Announced last July, Facebook Connect has already signed up more than 8,000 partner sites, many of which plan to use data collected on Facebook members for their own purposes. Joost, a video-viewing site that integrated with Facebook Connect in December, checks the ages of viewers entered on their Facebook profiles to give its own content partners-CBS (CBS), for example-a better idea of which Joost users are watching CBS programming. Digg.com will let users display their Facebook profile photos alongside comments they make on the social news-sharing site.

"In a bizarre case of cyber crime, the Wall Street Journal reported today that Russian hackers may have stolen tens of millions of dollars from Citigroup, a charge the bank denies. " Citing anonymous government officials, the newspaper reported that the hackers were connected to a Russian cyber gang and that two other computer systems, at least one connected to a U.S. government agency, were also attacked. The FBI is investigating the case, according to the Wall Street Journal, but the company has flatly denied the story. "We had no breach of the system and there were no losses, no customer losses, no bank losses," the banking giant said in a statement. "Any allegation that the FBI is working a case at Citigroup involving tens of millions of losses is just not true."

"A new report from Javelin Strategy and Research suggests that many credit and debit card holders fail to understand the importance of a notice saying that a credit card or debit card has been breached and do not protect themselves from fraud. The company's research found that people notified of a breach of their secure data were four times as likely as the public at large of actually experiencing financial or other fraud within a year of the notification. Further, those who experienced a breach in their secure data and then an incident of fraud very rarely link the fraud to the breach. "Among consumers who received a data breach notification in the past 12 months, 19% suffered fraud, yet only 2% attributed their fraud to a data breach, the firm reported. "It seems as if consumers are not connecting the dots on data breach notifications to fraud events. They are aware, in the abstract, some personal records of theirs have been compromised, but when they become a victim of fraud they do not make the connection to the breach notification.""

First quarter federal reports show Google lobbied on the electronic medical records provisions of the federal economic stimulus act, contradicting the Internet giant's earlier claims that Consumer Watchdog's report of its effort was "100 percent false." Google's report shows a total expenditure of $880,000 on lobbying during the period including on "online health-related initiatives; issues relating to online personal health records, including in connection with H.R. 1: American Recovery and Reinvestment Act of 2009." Google also contracted with an outside firm, the Podesta Group, which independently reported lobbying for Google on "health information technology" and "online privacy." King and Spalding LLP also independently reported lobbying for Google on "online health-related initiatives, including health information technology provisions in H.R. 1, The American Recovery and Reinvestment Act." After the nonprofit, nonpartisan Consumer Watchdog reported the "rumored" lobbying in January, Google contacted a charitable foundation about withdrawing Consumer Watchdog's funding. In a letter to Google CEO Eric Schmidt released today, Consumer Watchdog said the company owes the group an apology. Read Consumer Watchdog's letter here: http://www.consumerwatchdog.org/resources/LtrSchmidt042209.pdf. "It is now clear from public records that Google was lobbying Congress relating to online personal health records in connection with the economic stimulus act... What else could Google have been seeking except to be excluded from the Health Insurance Portability and Accountability Act (HIPAA) provisions on privacy and forbidding sale of records? Please tell us," wrote Jamie Court, Consumer Watchdog president and John M. Simpson, consumer advocate. "There is a simple way to resolve this," the letter said. "Publicly release all the substance of Google's lobbying efforts on H.R. 1. Google knows the drill: organize the information and make it universally accessible and useful."

Two things to remember as you prepare to file your taxes: If you get an e-mail from the IRS, it's probably a scam. And don't forget the stamp. As the April 15 tax filing date nears, online tax-related scams tend to ratchet up, experts say. If you're not careful, you could lose a lot more than just the refund. "Filing your taxes online is extremely convenient, however if you want to maintain the privacy of your data, you need to ensure that you are connecting to the proper Web site, that the connection is using encryption, and that your computer is free from any malware. If any of these components are compromised then your data is not safe," Ryan Barnett, director of application security research for Breach Security, said on Friday. "This would be like going to an ATM machine to withdraw money and allowing everyone around you to see your PIN number as you punch it in," he added. Not only do people have to take precautions in storing and transmitting their data over the Internet, but they also have to be wary of social engineering-type ruses that scammers use to trick people into giving out their sensitive data. Probably the most common type of tax season scam is the fake IRS phishing e-mail. These e-mails will either claim to be a tax refund or an offer to help file for a refund, settle tax debt, or other aid. (Not long ago, scammers were offering economic stimulus payments, even before the plan was approved.) They will provide a link to a Web site where the visitor is prompted to type in personal data like a Social Security number. Don't trust it, experts say.

www.killdo.de.gg Most quality online stores. Know whether you are a trusted online retailer in the world. Whatever we can buy very good quality. and do not hesitate. Everything is very high quality. Including clothes, accessories, bags, cups. Highly recommended. This is one of the trusted online store in the world. View now www.retrostyler.com

This tip is part of Mitigating Web 2.0 threats, a lesson in SearchSecurity.com's Data Protection Security School. Visit the lesson page or our Security School Course Catalog for additional learning resources. Social networking, a term relatively new to the computing vernacular, has already become part of the cultural norm for a great proportion of Internet users. Even more recently, the use of online communities to establish and build connections among those with shared interests has become part of the corporate world as well. As professional social networks such as LinkedIn and Blue Chip Expert continue to grow, and professional groups gain in popularity on once-personal sites like Facebook and MySpace, enterprise security and risk management professionals must face the reality that these sites are emerging conduits for the unauthorized disclosure of confidential corperate information. Add the use of public social networking tools to the list of concerns, and the effectiveness of the traditional corporate security perimeter is further diminished. However, a robust set of policy, process and architecture aids in mitigating the risks of being social. Broadly, social networking is described as software that lets people interact, rendezvous, connect, play or collaborate by use of a computer network. This definition covers the popular social networking sites, including those mentioned above, as well as blogs, wikis, RSS, podcasts, tags, and more recently, search engines. While there are numerous benefits to social network solutions, including reducing costs and increasing collaboration, we'll focus on addressing the risks.

Web sites that strip personally identifiable information about their users and then share that data may be compromising their users' privacy, according to researchers at the University of Texas at Austin. They took a close look at the way anonymous data can be analyzed and have come to some troubling conclusions. In a paper set to be delivered at an upcoming security conference, they showed how they were able to map out the connections on public social networks such as Twitter and Flickr. They were then able to identify people who were on both networks by looking at the many connections surrounding their network of friends. The technique isn't 100 percent effective, but it may make some users uncomfortable about whether they should allow their data to be shared in an anonymous format. Web site operators often share data about users with partners and advertisers after stripping it of any personally identifiable information such as names, addresses or birth dates. Arvind Narayanan and fellow researcher Vitaly Shmatikov found that by analyzing these "anonymized" data sets, they could identify Flickr users who were also on Twitter about two-thirds of the time, depending on how much information they have to work with. "A lot of the time people will share information online and they'll expect that they are anonymous," Narayanan said in an interview. But if their identity can be ascertained on one social network, its possible to find out who they are on some other network, or at least make a "strong guess," he said.

Government Information Security Podcasts As a GovInfoSecurity.com annual member, this content can be used toward your membership credits and transcript tracking. Click For More Info Probing Federal IT Security Programs: Gregory Wilshusen, GAO February 23, 2009 Government Accountability Office auditors will have a busy spring, examining a number of federal government programs aimed at securing government information systems and data. In an interview with GovInfoSecurity.com, Gregory Wilshusen discusses how the GAO is looking at how private industry and two dozen federal agencies employ metrics to measure the effectiveness of information security control activities. Other current GAO information security investigations he discusses include: Federal Desktop Core Configuration intended to standardize security features on personal computers purchased by the government. Trusted Internet Connection initiative aimed at slashing government Internet connections to fewer than 100 from more than 2,000. Einstein automated networking monitoring program run by U.S Computer Emergency Readiness Team. Gregory Wilshusen is director of information security issues at GAO, where he leads information security-related studies and audits of the federal government. He has more than 26 years of auditing, financial management and information systems experience. Before joining GAO in 1997, Wilshusen served as a senior systems analyst at the Department of Education as well as the controller for the North Carolina Department of Environment, Health and Natural Resources.

TJX Companies Inc. has agreed to pay $525,000 to settle a lawsuit brought by several banks in connection with the massive data breach disclosed by the retailer in January 2007. The money will reimburse AmeriFirst Bank, HarborOne Credit Union, SELCO Community Credit Union, and Trustco Bank a portion of the expenses they incurred in connection with the breach, TJX said in a statement. As part of the agreement, the banks will drop all other claims against TJX. The discount retailer admit no wrongdoing. The settlement money is part of the $118 million the company had set aside in the second quarter of 2007 to cover breach related costs.

"Google's expanding its grasp on the Internet with a newly revealed DNS resolving service. Google Public DNS, announced Thursday on Google's blog, will offer you an alternative way to connect to Web sites. As with the launch of most Google services, people are starting to ask questions about what kind of data will be collected and how exactly it will be used. (Or, in more lay terms, "Is Google going to be evil?") Here are some straight-forward answers, straight from the source. "

"We all know that Internet and communications technology is changing rapidly, creating huge opportunities for business innovation and individual self-expression. Most people are probably not aware, however, that privacy law is not evolving nearly as quickly. It is time to update legal protections to reflect the impact the digital revolution is having on modern life. Cloud computing -- a bit of tech-jargon meaning the use of remote servers to store and process data -- is a great example. The movement of personal and proprietary data off desktop computers and into "the cloud", which is made up of server farms and broadband connections, is a major disruptive trend in computing. Unless our laws change to account for cloud computing and other equally momentous technology developments, the Constitution's protection against unreasonable search and seizure will become a relic of the past. The federal law setting standards for government access to personal communications -- the Electronic Communications Privacy Act (ECPA) -- was written more than two decades ago, before the Internet took off. "

"You probably don't analyze the chatter or quality of your social media connections, but creditors may be doing just that. In their quest to identify creditworthy customers, some are tapping into the information you and your friends reveal in the virtual stratosphere. Before calling the privacy police, though, understand how it's really being used."

The social media outlets you use may affect credit offers!

"This presentation contains statements of a forward-looking nature which represent our management's beliefs and assumptions concerning future events. Forward-looking statements involve risks, uncertainties and assumptions and are based on information currently available to us. Actual results may differ materially from those expressed in the forward-looking statements due to many factors, including without limitation, the impact that the significantly unfavorable economic conditions confronting the United States may have on our business, the results and effects the security breach of our processing system may have on us, including the costs and damages we may incur in connection with the claims arising from such breach that have been made and may in the future be made against us, the extent of cardholder information compromised and the possibility that such security breach could cause us to lose customers or make it difficult for us to obtain new customers, the possibility that we may not be successful in developing and implementing an end to end encryption solution, the possibility that if we are successful in developing and implementing an end to end encryption solution it may not prevent future security breaches of our payment processing system, and additional factors that are contained in the Company's Securities and Exchange Commission filings, including but not limited to, the Company's annual report on Form 10- K for the year ended December 31, 2008. We undertake no obligation to update any forward-looking statements to reflect events or circumstances that may arise after the date of this presentation. Topics / Agenda - The Future of Electronic Payments * What Is The Problem? The Cybercrimes Arms Race * Who Is Heartland Payment Systems? * What Happened and What Has/Will It Cost? * What Did We Do About It and What Are We Doing Now? * Massive Quantity/Quality of Breaches Call for Enhanced Solutions * Our New Solution Called E3 -

"A new proof-of-concept (PoC) application enables an attacker to remotely activate a BlackBerry microphone and listen in on surrounding sounds and conversations. The application, called PhoneSnoop, was released last week on the blog of security researcher Sheran Gunasekera. To download and install the application, an attacker would need physical access to a BlackBerry device and to know a PIN, if the owner uses one to lock his or her device. After PhoneSnoop is installed on a device, when a call is received from a preconfigured number, the BlackBerry automatically answers the phone, allowing an attacker to listen in, Marc Fossi, senior researcher at Symantec Security Response told SCMagazineUS.com on Thursday. Once the call is connected, the BlackBerry is set to speakerphone, increasing the microphone's sensitivity to pick up sound from far distances. "First and foremost, the most important thing about this is it's a proof of concept, Fossi said. "It's not something you need to worry about right now.""

In a world of increasingly savvy and inter-connected customers, an organization's approach to information privacy may offer precisely the competitive advantage needed to succeed. Privacy is essential to creating an environment that fosters trusting, long-term relationships with existing customers, while attracting opportunity and facilitating the development of new ones. Spend the morning with me and nine privacy leaders from major corporations: Intel; IBM; Sun Microsystems, Inc.; Microsoft; Facebook; HP; Privacy Analytics Inc.; Ontario Lottery and Gaming Corporation; Peratech Limited; and GS1 Canada as they present their latest innovations in Privacy-Enhancing Technologies (PETs). You will appreciate how "Privacy by Design" - embedding PETs into the architecture of new systems - protects privacy, without compromising performance or security - a positive-sum not zero-sum outcome.

making best indexing in goggle and bing. RADJASEOTEA is a master of backlinks. You want indexing in goggle and bing. LOOK THIS www.fiverr.com/radjaseotea/making-best-super-backlink-143445

China has denied allegations that it hacked into a Pentagon IT system and recovered plans for the Joint Strike Fighter (JSF). The combat aircraft which is to be procured by Britain as well, is being produced by Lockheed Martin. In allegations first reported in the Wall Street Journal, hackers stole "several terabytes of data related to design and electronics systems". The most sensitive data however on weapons systems and its stealth technology was not breached since it is kept on computers not connected to the internet. IT experts have said that they suspect the hackers came from China although it will be difficult to identify their exact origins. Hacking into IT systems as complex as the DoD's would require the help and capabilities of another government. Recovering data on the JSF would allow countries or rogue groups who could face the aircraft in future conflicts to develop counter measures based on the aircraft's weaknesses. The Chinese strongly denied that the breach originated from their country. "China has not changed its stance on hacking. China has always been against hacking and we have cracked down very hard on hacking. This is not a Chinese phenomenon. It happens everywhere in the world," a spokesperson for the Foreign Ministry said. This is not the first time the JSF's security has been breached. Early on in the contract the DoD and Lockheed Martin admitted that there was no universal IT security policy for the 1,200 sub contractors and that leaks may have occurred. BAE subsequently admitted that their IT security for JSF material was lax and that leaks could have occurred. Britain is scheduled to buy 150 of the aircraft by 2018.

A national security panic spread through the Internet yesterday after a report by The Wall Street Journal suggested "terabytes" of classified data on the F-35 Lightning II had been stolen by hackers. Today the Pentagon and Lockheed Martin responded to the allegations saying they are untrue, and I believe them. Defense Department spokesman Bryan Whitman said, "I'm not aware of any specific concerns." That's a key phrase. Lockheed Martin--the F-35 superjet's primary contractor--also commented "We actually believe The Wall Street Journal was incorrect in its representation of successful cyber attacks on the F-35 program." And the company's CFO Bruce Tanner added "I've not heard of that, and to our knowledge there's never been any classified information breach." While it's easy to argue that these responses are merely a smokescreen to save political face, the language is much more direct than a plain old "no comment." Typically, companies protect themselves in this sort of situation by denying the existing or potential hackers any public information on the success or failure of hack attempts, obscuring the level of secrecy of any stolen data. In the F-35 case it looks like the denials are much firmer, and that suggests the developers of the JSF are confident in their security systems. It's an echo of alleged data leaks via F-35 contractor BAE Systems last year, that were later withdrawn due to lack of evidence that leaks had occurred. Government and defense contractor computer networks face a pretty continuous rate of hack attempts. As a result such companies have even more stringent data security protocols in place than normal organizations. They're still not absolutely impervious to hacking, of course, as no such system ever is. So that's why the most highly classified data--critical to the super-secret offensive and defensive capabilities of hardware like the F-35--is typically stored on computers that have an extremely low-tech "air gap firewall". They're not co

Identity thieves using the names and Social Security numbers of Irving Independent School District employees have made thousands of dollars in purchases, school officials say. One woman has been accused of fraudulent use or possession of identifying information and two charges of credit card abuse. A second person linked to the theft case has been arrested but no charges have yet been filed in the Irving case, authorities said. At least 64 of the 3,400 teachers and other employees whose names were on the old benefits report that somehow ended up in the trash have said they are identity theft victims. The school district mailed letters to current and former employees about the breach, but 472 of the letters were returned as undeliverable. Pat Lamb, district security director, said in a story for Sunday's online edition of The Dallas Morning News that the employees at risk of being on the list worked for the district in the 2000-01 school year and had payroll deductions for benefits. "We still do not know how our records were compromised," Lamb said. "We don't know if somebody was supposed to shred that information, but it ended up in a Dumpster." Lamb said his name was among those on the report, which was generated in 2000. Cynthia Will, a former teacher, pleaded for help from the school board last week. More than $25,000 was charged in her name, including a $4,000 diamond ring, the newspaper reported. "It was stunning the damage that was done in just seven days," she told the board. Will has to carry an affidavit stating that she is an identity theft victim and if there are warrants on her old driver's license number that they are not for her. Dawn Bizzell, who has taught in the district since 1996, said district officials acted too slowly. An employee advisory wasn't posted until Jan. 26. Bizzell said she learned she was an identity theft victim on Nov. 28 and police told her of the district connection on Dec. 3.

www.killdo.de.gg Most quality online stores. Know whether you are a trusted online retailer in the world. Whatever we can buy very good quality. and do not hesitate. Everything is very high quality. Including clothes, accessories, bags, cups. Highly recommended. This is one of the trusted online store in the world. View now www.retrostyler.com

Last week, the government took another step toward closing a legal loophole in federal privacy and security rules for emerging Health 2.0 information technology applications by issuing proposed rules aimed at covering an estimated 900 companies and organizations offering personal health records and electronic systems connected to them. The Federal Trade Commission was careful to point out its new interim proposed rule on federal breach notification requirements for the developers of electronic PHR systems did not apply to covered organizations or their business associates as defined by the Health Insurance Portability and Accountability Act of 1996, heretofore the key federal privacy and security regulation. The FTC, operating under new authority given it by the American Recovery and Reinvestment Act of 2009, noted that its new rule seeks to cover previously unregulated entities that are part of a Health 2.0 product mix. FTC staff estimates that about 200 PHR vendors, another 500 related entities and 200 third-party service providers will be subject to the new breach notification rule. The staffers estimate that the 900 affected companies and organizations, on average, will experience 11 breaches each per year at a total cost of about $1 million per group, per year. Costs include investigating the breach, notifying consumers and establishing toll-free numbers for explaining the breaches and providing additional information to consumers. Pam Dixon, founder and executive director of the World Privacy Forum, said that this isn't the first involvement of the FTC in healthcare-related regulation, noting the consumer protection agency joined with the Food and Drug Administration in a joint statement on the marketing of direct-to-consumer genetic tests. The FTC also has worked in the field of healthcare competition. She noted the compliance deadline with the FTC's "red flag rules" on provider organizations that provide consumer credit to patients for installment payment

Chris Nolter Department store proprietor John Wanamaker is famously said to have quipped, "Half the money I spend on advertising is wasted; the trouble is, I don't know which half." The founder of Wanamaker's department store is known as the "father of modern advertising." His innovations, in late 19th-century and early 20th-century Philadelphia and New York, included publishing reliable prices in advertisements, copyrighting pitches, offering money-back guarantees and hiring a full-time writer to produce ad copy. A century later, advertising professionals have gotten more sophisticated and adapted to radio, television, outdoor and digital media. Wanamaker's observation about the value and effectiveness remains profound for merchants and manufacturers, as well as for media outlets that have seen broadcasting or print-advertising dollars reduced to digital pennies. The Internet has made the amount of space that can be filled with advertising virtually infinite, while the recession has all but emptied the advertising coffers of automakers, financial services firms and real estate companies. While digital media has disrupted the traditional ad business, it also presents the tantalizing promise to answer Wanamaker's question. Prior generations of digital advertising gave us spam and banner ads that tempted us with animated mortgage holders wildly dancing on the roof of their home or prizes for whacking a mole. The new proposition is that digital ads will allow advertisers to target audiences and track their returns on investment, and provide users with advertising and content that is more relevant. More than 400 advertising networks have come into existence to sell ad space on the expanding inventory of Web sites and pages. These networks connect advertisers with online publishers, often shopping ad space that a Web site's own sales staff cannot fill. Many of the networks cater to niches, such as food, wine, cars or sports. Increasingly, they are selling access to a

Like this http://www.hdfilmsaati.net Film,dvd,download,free download,product... ppc,adword,adsense,amazon,clickbank,osell,bookmark,dofollow,edu,gov,ads,linkwell,traffic,scor,serp,goggle,bing,yahoo.ads,ads network,ads goggle,bing,quality links,link best,ptr,cpa,bpa. www.killdo.de.gg