Security Focus has a new columnist - my friend Scott Granneman. Check out his first piece on Al-Jazeera, the First Amendment and Security Professionals.
As security professionals, our duty is to uphold data integrity and availability, and to make sure that systems can be accessed. If you're American, the principles of the First Amendment need to come into play as well. You might not agree with everything Al-Jazeera publishes, but their right to publish should not be endangered by electronic vigilantes. After all, you would ask the same protection for your company's Web site regardless of what your competitors may wish.
CC pattern recognition
The WSJ has a piece on credit card companies using profiling and pattern matching techniques to catch fraud. The downside is what's referred to as the "personal insult" factor, or legitimate purchases being denied. Very interesting read if you get the chance. The article discusses several of the techniques in use.
The card companies raise the red fraud flag for any one of dozens of reasons. They're constantly looking for spending that doesn't fit normal cardholder patterns, or those of the retailers where people might be shopping. Most Americans don't buy computers in Paris, for instance, but a thief who stole their card might. Card companies are skeptical of purchases in foreign lands with high rates of fraud, including Russia, most of Eastern Europe and South Africa.
Slate has an interesting blurb on social security numbers.
Paranoid anti-government types aren't technically required to have a Social Security number, but life in the U.S. is virtually impossible without one. The IRS requires all employed citizens over 18 to have a number, and a Social Security number is essential to opening up a bank account, paying taxes, and obtaining health insurance. Once you have a number, you can't opt out of the program. On extremely rare occasions you can change your number, but only if you can prove that keeping your current digits is a threat your well-being—say, if you're being pursued by a relentless stalker.
Whitehouse security advisor - quits
First Richard Clarke, now Howard Schmidt. He was only there 3 months! Is the gig that bad? And can the replacement have the proper qualifications. Please.
WASHINGTON (AP) -- White House cybersecurity adviser Howard Schmidt announced his resignation Monday, the second person to leave the post in three months.
In some aspects, it's already here. But Cisco is going to make it easier to do. News.com investigates.
Cisco Systems has created a more efficient and targeted way for police and intelligence agencies to eavesdrop on people whose Internet service provider uses their company's routers.
Madonna - hacked...
Cracker's respond to Madonna's attack on P2P. I find their answer pretty amusing.
After asking P2P users, "what the f--- do you think you're doing," a few apparently answered her back by hacking her website, and hosting her album. As of now the server is unreachable. You can find a mirror of the defacement here, however.