Security
Port
A Security Port Blog
HIV
and Hepatitis Test Results Available on
Internet |
11/27/2007 | |
A security breach has exposed the
confidential information of some patients who were
tested for such infectious diseases as HIV and
hepatitis. The breach, at the Provincial Public
Health Laboratory, occurred Tuesday.
It involved
the exposure of files containing patient information
through an open Internet connection. Information held by
the lab included names, health card numbers, age, sex,
physician and test results for infectious diseases,
including HIV and hepatitis. |
Internet Goes Down for Pirates |
11/26/2007 | |
Internet users in France who frequently
download music or films illegally risk losing Web access
under a new anti-piracy system unveiled on Friday.
The three-way pact between Internet service
providers, the government and owners of film and music
rights is a boon to the music industry, which has been
calling for such measures to stop illicit downloads
eating into its sales. |
UK
Kids Warned MySpace Is Not Private |
11/26/2007 | |
Young people are compromising their career
prospects and opening the door to online fraud by
posting personal information on social networking sites
without thinking about the consequences, a U.K. privacy
watchdog warned Friday. |
1000
Internet Specialists |
11/16/2007 | |
More than 1,000 Internet specialists
from government agencies, universities, nonprofits and
the private sector are meeting in Brazil this week.
Security is one of the top agenda items at
the second U.N. Internet Governance Forum in Rio de
Janeiro, Brazil, running until Thursday.
Other issues include freedom of
expression, the fight against cyber-crime, privacy,
multilingualism and diversity, and measures against the
dissemination of child pornography and child sexual
exploitation, according to a statement from the
organizers on the forum's Web site, where most sessions
can be monitored live over the Internet.
complete article
|
|
The PCI Security Standards Council, the
body managing the Payment Card Industry data security
initiative, on Wednesday announced that it will anoint a
set of best practices developed by Visa Inc. as the new
security standard for third-party application software
in the payment industry.
The new standard is
called the Payment Application Data Security Standard
(PA-DSS) and is based on Visas Payment Application Best
Practices (PABP).
Over the next few months, the
PCI Security Standards Council, together with
participating organizations, security auditors, and
vulnerability scanning vendors, will offer comments and
suggestions relating to the PA-DSS. The security council
will then incorporate this feedback and publish a final
version of the application security standards in the
first quarter of 2008, said Bob Russo, general manager
of the security standards council.
|
Security RSS Feeds |
11/14/2007 | |
Easily find security and protection RSS
feeds, by searching or navigating the directory. Security Feeds.
|
Chinese Spying |
11/13/2007 | |
Recent revelations that China-based
hackers may have penetrated U.S. computer networks --
including those operated by the Departments of Defense
and Homeland Security as well as by major U.S. defense
firms -- has heightened concerns about Chinese spying in
the United States.
Computer experts believe that
the extensive scale of the information operations means
they probably involved, to some degree, the Chinese
military or intelligence services.
Although U.S.
authorities remain concerned by the espionage operations
conducted in the United States by Russia, Iran, and
Cuba, they consider Chinese spying the most serious in
terms of size. |
Macs
Becoming Virus Friendly |
11/13/2007 | |
It is a common refrain dashed off in
response whenever anyone writes about the sorry state of
PC security. In fact, you have probably seen it
countless times on this blog alone: Get a
Mac!
Well, the times they are a changing. As the
Macintosh becomes more popular with users, the
inevitable has begun: Macs are increasingly being
targeted by malware creators, as the sheer size of that
pool becomes more and more tempting.
|
FaceBook Does Not Allow
Psedonyms |
11/09/2007 | |
Just as in earlier times a man was only
as good as his family name, today we are defined by the
social networks we belong to. So imagine my horror when
I learned that I have become a virtual bastard. Earlier
this week I logged into Facebook and discovered that
without warning my account had been deleted. According
to Facebook, I am a fake, a charlatan, a nonperson and
all of my more than 200 Facebook friends are the victims
of a cruel hoax.
complete article
|
WhoIs Under Fire |
11/08/2007 | |
According to a recent AP article, the
Whois service, a series of databases with information
about the individuals that register domains, has come
under fire from privacy advocates and a new proposal
seeks to do away with the service
altogether.
Such a move would be a tremendous
blow to law enforcement, lawyers and researchers that
regularly use the database. However, it may also
alleviate some of the spam and privacy concerns that
come with the database in its current format.
more information
|
Personal Privacy |
11/06/2007 | |
Over the past two years, data leaks have
compromised more than 150 million personal-data records,
according to the Privacy Rights Clearinghouse.
These breaches come with a high price tag.
Forrester Research says that a security breach can cost
anywhere between $90 and $305 per record, meaning that
the cost of a single, significant breach may run into
millions or even billions of dollars. The problem is
certainly not going away, and it is no surprise the
federal government is considering laws to mandate how
sensitive data is handled. |
How
to Tell if Software is Pirated |
11/05/2007 | |
Microsoft took another incremental step in
its long-standing anti-piracy program this week when it
filed lawsuits against 20 vendors in 13 states for
allegedly selling pirated copies of its software.
The company also launched a new educational
site, HowToTell.com to help teach buyers
tell the difference between legitimate and counterfeit
or pirated software. |
What
is Fair Use? |
10/26/2007 | |
As the Internet matures, users and
governments are struggling to manage controversial
issues. Lets face it, the Internet did not exist when
the US copyright laws were written;let us not forget,
while many countries respect copyright laws, the
Internet is global without a governing body. There are
not only different laws, rules and regulations, but also
jurisdiction issues. RSS didn't exist when copyright
laws were written either. While ardent supporters feel
any content in a feed can be syndicated, other equally
fervent publishers contend that original works are just
that--original works, and in many countries protected by
copyright laws.
Much of the Internet is
uncharted territory. There is no single agencies that
has complete control over content or censorship, and it
is unlikely that there will ever be a recognized body
that regulates and agrees to terms and conditions to
govern the online world. At this point, the location of
webhosts and companies owning domains dictate what laws
that are observed. In other words, if a company in the
US or UK is violating a copyright and their host is in
the US or UK, it will be easy to enforce copyright laws
in the event of a violation and have the website content
pulled. If the website is located on a server in a
region that does not recognize or acknowledge the rights
of a copyright holder, the web host will be less likely
to cooperate in removing the offending content.
What is Fair Use?
|
Current Blog
2007 Security Blog Archive
November Archive
October Archive
September
Archive
August
Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive
2006 Security Blog Archive
December
Archive
November Archive
October Archive
September
Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive
| |
 |

Security Alerts
Locate security alerts, and security feeds via a security rss feed
directory.
|