Sunday, March 22, 2009

U.K. to monitor, store all social-network traffic?

Social networks are the downfall of information value. Well maybe just personal information valuation. While this story is about Big Brother UK style, the real threat is people sticking their virtual assets out there in the wind. Think about all the questions a bank asks you when you are authenticating to you banking account. Pets name date of birth, hometown etc. People put all this info in their facebook, myspace etc.

So hacker will eventually come up with a data mining program that can go through a profile and categories all the answers to these types of questions and have a complete database on people. Sad but true.

Gary Bahadur

*Managed Security Services

*Vulnerability Management

*Compliance & Policy Development

*PGP Security

*FREE Website Security Test

March 18, 2009 9:51 AM PDT

The U.K. government is considering the mass surveillance and retention of all user communications on social-networking sites, including Facebook, MySpace, and Bebo.

Vernon Coaker the U.K. Home Office security minister, on Monday said the EU Data Retention Directive, under which Internet service providers must store communications data for 12 months, does not go far enough. Communications such as those on social-networking sites and via instant-messaging services could also be monitored, he said.

"Social-networking sites such as MySpace or Bebo are not covered by the directive," said Coaker, speaking at a meeting of the House of Commons Fourth Delegated Legislation Committee. "That is one reason why the government (is) looking at what we should do about the Intercept(ion) Modernisation Programme, because there are certain aspects of communications which are not covered by the directive."

Under the EU Data Retention Directive, from March 15, 2009, all U.K. ISPs are required to store customer traffic data for a year. The Interception Modernisation Programme, or IMP, is a government proposal, introduced last year, for legislation to use mass monitoring of traffic data as an antiterrorism tool.

The IMP has two objectives: that the government use deep-packet inspection to monitor the Web communications of all U.K. citizens; and that all of the traffic data relating to those communications are stored in a centralized government database.

Tuesday, March 17, 2009

More Hacking Fun

Just another hacker story from New Zealand. The interesting thing is that it with all the data stolen fromt he online forms for credit card applications, the theft provides a great way to open legit credit cards somewhere else. So how do you stop legitimate applications from going through now? You have to love the "2 years of free credit monitoring" that all the hacked companies give you.

Hackers steal Shell customer information
Tue, 17 Mar 2009 10:17a.m.

Online hackers have stolen personal information from almost 6000 Shell customers in New Zealand and Australia. Shell spokeswoman Jackie Maitland confirmed to NZPA today that 1400 New Zealand customers were affected and another 4500 in Australia.
Both the New Zealand police e-crimes unit and the Queensland police were investigating.
Ms Maitland said the information obtained by the hackers was contained in online application forms for a Shell fuel card.

Gary Bahadur
KRAA Security
Managed Security and Consulting Services
Managed Firewall
Managed IDS
Managed Email