Unauthorized accesses of data
August 21, 2009 Leave a comment
Officers run a background check on the president.
NSA reading emails of private citizens
August 4, 2009 Leave a comment
Raw Story has a story on NSA’s improper use of wiretapping technology. MSNBC interviewed a former security analyst who discussed how members of the NSA used their wiretapping abilities to read the email of private citizens. Risen reported that Bill Clinton’s emails had been read. He then clarified saying:
“It sounded like, from the former NSA analyst that we interviewed, that it was rare to access the emails of celebrities or famous people, but that it was fairly routine, according to him, for people to access the emails of girlfriends or wives or other people that they might know.â€
City jobs require surender of logins and passwords
June 19, 2009 Leave a comment
As part of their job application process the city of Bozeman Montana requires applicants to surrender login names and passwords to all social networking sites they are involved with. The list of sites includes Google, Yahoo, MySpace and Facebook. Supposedly this is so that the city can do a background check and determine that “the people that we hire have the highest moral character.†Read the article for full details but here is my favorite quote:
“You know, I can understand that concern. One thing that’s important for folks to understand about what we look for is none of the things that the federal constitution lists as protected things, we don’t use those. We’re not putting out this broad brush stroke of trying to find out all kinds of information about the person that we’re not able to use or shouldn’t use in the hiring process,†Sullivan said.
Update: Bozeman has decided to change their hiring practices and has apologized for the “honest mistake.â€
Update: Looks like North Carolina does the same thing.
Analysis of security breaches
June 11, 2009 Leave a comment
Interhack has a study of security breaches by industry and type. The authors categorized 925 security incidents using a taxonomy they developed. They then analyze the incidents by industry and type of incident. Two interesting points were that the Financial industry had the highest percentage of insider attacks and that incidents caused by insiders were more common than those caused by outsiders.
While the bulk of media attention on threats to private information is given to the activity of outside attackers, these breaches account for only approximately 22% of the instances in our data set. More significant is the number and type of breaches caused by people within an organization. Poor procedures, human errors by staff (Processing and Disposal), and the malicious activities of people on the inside of an organization account for greater than 35% of our observations.
Security glitch on Facebook gives out administrative access
March 27, 2009 Leave a comment
Facebook appears to have given out administrative rights to several major pages such as Microsoft and Star Wars to at least one Facebook user who is not affiliated with the companies.
Government employees viewing passport records
March 23, 2009 Leave a comment
Several government employees have been charged with accessing passport files without an official reason. One of the employees cited the reason as “idle curiosity.”