Update

April 30, 2012
CISPA Passes the House; epic privacy battle moves to the Senate

CISPA – The New Enemy of the Internet

Original post April 25th 2012

A few months ago, the proposal of an anti-piracy bill by the name of SOPA caused a great deal of controversy and protest due to the fact that it allowed the snooping of web users while opening the door to the censorship of the internet. The proposal of this law caused companies and internet giants such as AOL, Facebook and Google to openly oppose the bill – some even went as far as making their sites “go dark” for a day as a form of protest. The bill was eventually shelved and internet users rejoiced. But it was a very temporary victory. A new law is set to make the internet a highly monitored place.

Were the anti-SOPA companies genuinely concerned about your privacy? Not really. SOPA simply went against their best interests as it placed the burden of internet surveillance on them.

Now, a new bill by the name of CISPA will be proposed this week and its unprecise wording will make legal all kinds of abuse against privacy and free speech. Is there outrage from internet giants or are there corporate websites going black? Not at all. In fact, several companies such as Facebook, Microsoft, Oracle, IBM, Intel, AT&T, Verizon openly support the bill.

“Whereas SOPA and PIPA were bad for many companies that do business on the Internet, and burdened them with the unholy task of policing the Web (or facing repercussions if they didn’t), this bill makes life easier for them; it removes regulations and the risk of getting sued for handing over our information to The Law. Not to mention doing what the bill says it’s going to do: protecting them from cyber threats.”
- Digital Trends, CISPA is not the new SOPA: Here’s why

With the support of big businesses, CISPA is receiving a lot less negative publicity and has a lot more chances to be adopted. It has been recently reported that the Obama administration is against CISPA – but that might not be enough to get it cancelled. Also, with elections coming soon, appearing to be against this controversial law while still having it adopted might be a simple political strategy.

Since companies are backing the law, it is up to the people to get their voices heard. Although different than SOPA, CISPA has all of the main components to turn the internet into a cyber-police-state. Here’s a good article describing CISPA.

As CISPA Nears A Vote, Can The Controversial Cyber-Security Legislation Be Stopped?

As controversial cyber security legislation nears a vote in the House this week, civil liberties groups and some politicians are lining up against the bill.

Critics of the Cyber Intelligence Sharing and Protection Act (CISPA) have likened it to previous bills, such as the Stop Online Piracy Act (SOPA) that was defeated in Congress earlier this year.

(You can read the full pdf text of CISPA here.)

Now, opposition to CISPA is growing more widespread with each passing day as more and more internet groups join forces to push back against what is seen as a serious threat to domestic privacy laws.

The Daily Kos has set up its own action against CISPA, and numerous groups such as the Electronic Frontier Foundation (EFF) have been at the forefront of the effort to halt what they see as a serious threat to American civil liberties.

The ACLU has described the bill as an even more pernicious SOPA, noting that the legislation “would give the government, including military spy agencies, unprecedented powers to snoop through people’s personal information — medical records, private emails, financial information — all without a warrant, proper oversight or limits.”

Meanwhile reddit, the site largely responsible for the groundswell of cyber-grassroots opposition to SOPA, has been overrun with discussions about this latest threat to online privacy.

The critics have a point, writes Timothy B. Lee (not to be confused with Tim Berners-Lee) at Ars Technica.

“CISPA is a solution in search of a problem. And it threatens to undermine important privacy protections.”

Politicians Come Out Against CISPA

Now, even the Obama Administration has come out against the bill, siding again with the forces of the internet against lawmakers.

“The Obama administration opposes Cispa,” Alec Ross, a senior adviser for innovation to Hillary Clinton, told the Guardian. “The president has called for comprehensive cybersecurity legislation. There is absolutely a need for comprehensive cybersecurity legislation.

“[But] part of what has been communicated to congressional committees is that we want legislation to come with necessary protections for individuals.”

Ross did not comment on whether Obama would veto the bill.

Presidential hopeful and staunch libertarian Ron Paul has come out against the legislation as well.

“CISPA permits both the federal government and private companies to view your private online communications without judicial oversight provided that they do so of course in the name of cyber security,” said the Texas Republican.

“Simply put, CISPA encourages some of our most successful internet companies to act as government spies, sowing distrust of social media and chilling communications in one segment of the world economy where Americans still lead.”

Critics of CISPA point out that the lawmakers responsible for bills that tinker with the internet rarely understand the technical side of the equation, whereas critics of this and earlier bills have a much stronger grasp not merely on the civil liberties aspects but on the way such bills could harm the internet itself.

The man many credit for “inventing” the internet, Tim Berners-Lee, has also come out against the bill, noting how quickly these sorts of bills resurface in Congress.

CISPA “is threatening the rights of people in America, and effectively rights everywhere, because what happens in America tends to affect people all over the world. Even though the SOPA and PIPA acts were stopped by huge public outcry, it’s staggering how quickly the US government has come back with a new, different, threat to the rights of its citizens,” Lee told The Guardian.

So what is CISPA, and what does it do?

Basically CISPA bypasses various laws that have been put in place to protect privacy. The legislation allows companies and government agencies to share “cyber threat information” with other private companies or the government “notwithstanding any other provision of law.”

Such broad strokes are always worrisome, especially given how fast and loose the term “threat” has become in recent years. What sort of private information could be used to prevent a cyber threat?

The Center for Democracy and Technology list four broad areas for concern:

• CISPA has a very broad, almost unlimited definition of the information that can be shared with government agencies and it supersedes all other privacy laws.
• CISPA is likely to lead to expansion of the government’s role in the monitoring of private communications.
• CISPA is likely to shift control of government cybersecurity efforts from civilian agencies to the military.
• Once the information is shared with the government, it wouldn’t have to be used for cybersecurity, but could instead be used for other purposes.

One imagines that almost anything could potentially be helpful in preventing a cyber attack. Emails, health records, online purchases. The language in the bill is so broad and leaves so much room to maneuver, that the sharing of private information could be excused or overlooked for almost any reason.

The truly perplexing thing about the bill is that a great deal of information is already routinely shared by companies and the government. The only difference between this information sharing and information sharing under CISPA is that there are currently safeguards in place to prevent abuse. CISPA strips those safeguards away in the name of cyber security.

But Is It SOPA?

Not quite, argues Ars Technica’s Tim Lee. “A better analogy is the 2008 FISA Amendment Act, which granted major telecommunications incumbents retroactive immunity for their participation in warrantless wiretapping and eliminated judicial oversight for a broad category of government surveillance.”

CISPA simply loosens already weak protections of privacy and does so with few, if any, restraints and little oversight. In other words, it’s just another piece of the security-state puzzle we’ve been cobbling together since 9/11 which already includes domestic surveillance, the possible detention of US citizens by the military, and numerous other assaults on individual liberty and privacy.

With SOPA, the “threat” was online piracy. With CISPA, the “threat” is much more vague. Does internet piracy itself constitute a cyber threat?

“And whereas SOPA pitted Silicon Valley against Hollywood, CISPA seems to have the support of many technology and Web-based companies, including Facebook, Microsoft, Symantec and IBM,” writes Forbes cyber-security guru Andy Greenberg.

While SOPA raised first amendment concerns, CISPA raises concerns about privacy. Still, privacy and free speech are not exactly mutually exclusive. Loss of privacy threatens free speech, and the loss of free speech is inevitably a loss of privacy.

The only silver lining at this point is that whereas the FAA passed during a time of political crisis, the anti-censorship forces and internet groups in opposition this time around are much better organized. The stunning defeat of SOPA and PIPA earlier this year illustrate just how far these groups, and the social media tools they wield, have come in a short span of time.

The Man Leading The CISPA Charge

The architect of the Cyber Intelligence Sharing and Protection Act is Michigan Rep. Mike Rogers, a Republican, along with his Democratic co-sponsor Rep. C.A. “Dutch” Ruppersberger of Maryland.

Despite the growing opposition to the bill, Rogers remains confident of its passage.

“I feel pretty confident that we’ll close out the bill,” Rogers told Talking Points Memo. “There is a strong chance that the bill will be passed [by the House this] week.”

While Rogers is stubbornly pursuing the bill in the face of White House opposition and the rising tide of anti-CISPA voices across the internet, he does say he’s willing to make changes.

“We’re open to change this bill right up until it comes to the House floor based on external input,” he told TPM.

What sort of changes remains unclear, but critics of CISPA should take this as a sign that mounting pressure could still have an affect on the bill, possibly leading to revised and more constrained language. Even so, the legislation does little to counter actual cyber threats, while opening the floodgates to all sorts of privacy concerns.

Time is running out for opponents of the bill.

Debate in the House will begin this Thursday, and a vote is scheduled for Friday. There are alternatives to the Rogers bill, such as a bill proposed by Rep. Dan Lungren (R-CA), that are less invasive and present a more careful, balanced, and targeted approach to cyber threats.

Cyber security is a legitimate government issue, but until the government starts talking to actual cyber security and tech experts, and takes the concerns of civil liberties groups seriously, we risk giving far too much away, once again, in our quest for an ever-elusive sense of security.

- Source: Forbes

Computer Clarity

If you have a guest over who would like to use your computer to access their email or Facebook or cruise the internet, you can ensure that they don’t accidentally  or intentionally breach your privacy. By activating a Guest account for them you can give your guest a safely limited account that won’t allow system changes. Additionally, you can protect the administrator’s account and any other account with a password.

Enabling a guest account helps draw a line between browser preferences, history and bookmarks, and personal files, and other system settings.

To activate the Guest account, Click the Start button, then Control Panel and find Users, User Accounts or, as in Windows 7, “User Accounts and Family Safety”.  Click on “Add or remove user accounts” and find the Guest account.  If it is off, click the icon to turn it on.

Now that you have an active Guest account, here is a very simple yet effective method to let your Guests access your computer without the fear of exposing your personal documents and files. Furthermore, this method could be used to limit access to folders for just about any user and not only the Guest users.

Step 1: Make sure you are logged in to an administrator account. Right-click on any folder you want to block from Guest users and open the Properties window.

Step 2: In the folder property window, open the Security tab and click on the Edit button to change the permission settings.

Step 3: You will see a list of groups and users of your system. As there’s no privilege level defined for Guest user here, click on the Add button to include the Guest user.

Step 4: In the Select Users or Groups window write down guest in the text box below enter the object names to select and click on the button Check Names. Windows will now check for the user or group name for its existence. Once the window has identified the user, click on the Ok button.

Step 5: Now select the Guest user in the list, and check deny on the permissions you want to revoke from the user and click Ok.

Step 6: Windows will ask you for your confirmation by a Security Warning dialog box. Click on Yes and wait for Windows to change attributes for the files.

From now on, if a guest user tries to access a folder, you’ve denied them permission to access the folder so they will be prompted to enter the admin password.

From piracy to privacy, and cybersecurity to spectrum, Congress this year will be wading into several potentially blockbuster issues that could affect a wide swath of the tech community.

Below are just a few of the major issues to watch for.

Online Piracy

When the House returns later this month, Judiciary Chairman Lamar Smith, R-Texas, has vowed to continue a markup he started before the holiday break on legislation that would provide new tools to curb piracy and counterfeiting on foreign websites.

The committee spent two days last month wading through dozens of amendments to legislation known as the Stop Online Piracy Act, or SOPA. The bill aims to cut off funding and U.S. access to foreign websites that offer pirated movies, music, counterfeit running shoes, luxury purses, prescription drugs, and other items. The amendments were offered by a bipartisan group of critics on the committee, and the bill is expected to now pass the committee.

Smith has said he would consider a request by some opponents to hold another hearing that would examine concerns that the legislation could interfere with efforts to bolster the security of the Internet’s domain-name system. But he plans to continue the markup regardless.

The Senate Judiciary Committee approved its own version of piracy legislation in May, but Sen. Ron Wyden, D-Ore., has been blocking it from moving to the Senate floor. Senate Majority Leader Harry Reid, D-Nev., has scheduled a vote for Jan. 24 on a motion to begin debate.

Cybersecurity

Leaders in both chambers have promised to move forward with wide-ranging cybersecurity legislation this year. While the intent may be clear, the details remain murky.

Reid plans to bring comprehensive cybersecurity legislation to the floor during the first month of work after the Senate returns on Jan. 23. Various draft legislation has been making the rounds.

Potential proposals include clarifying the role and authority of government agencies to tackle cyberthreats, defining what “critical infrastructure” may warrant additional government protection, and ways to increase information sharing between the government and corporations.

While the Senate plans to tackle cybersecurity in a comprehensive bill, the House may be taking a more roundabout approach. In October, the House Republican Cybersecurity Task Force proposed developing smaller pieces of legislation in the various standing committees that could be packaged into a larger bill.

“We are generally skeptical of large, ‘comprehensive’ bills on complex topics, at least as the bills are being written,” the task force wrote in its report. House members have proposed several bills, including one from House Intelligence Committee Chairman Mike Rogers, R-Mich., that aims to allow the government to share more information with businesses.

 Spectrum

Congress will also continue work in the second session on legislation that would free up more spectrum to meet the public’s growing demand for wireless technologies.

The spectrum legislation is likely to be part of the larger debate over whether to pass a one-year extension of the payroll-tax holiday. The House included spectrum legislation in a payroll tax bill it passed last month. And some of the key players in the spectrum debate have been named as conferees to help negotiate with the Senate on the issue, including Energy and Commerce Chairman Fred Upton, R-Mich.; Energy and Commerce ranking member Henry Waxman, D-Calif.; and Rep. Greg Walden, R-Ore., chairman of the Communications and Technology Subcommittee.

 Privacy

Privacy will continue to make waves on the Hill and regulatory agencies, but the chances that lawmakers will actually pass a bill at this point appear remote. Nonetheless, the House Energy and Commerce Subcommittee on Manufacturing, Commerce and Trade is expected to hold more hearings. The panel’s chairwoman, Rep. Mary Bono Mack, R-Calif., has said she is still undecided on the need for legislation.

Her panel has approved legislation that would set national standards for how companies must respond to data breaches. The data-breach bill, however, is still awaiting action by the full committee.

In the Senate, a spokesman for Senate Commerce Chairman Jay Rockefeller, D-W.Va., said privacy remains a priority but the panel is still crafting its agenda for the second session.

 Cloud Computing

While the government has joined businesses in moving toward cloud computing, significant legislation on the issue has been delayed in Congress.

Cloud computing, in which data and programs are stored on remote servers and usually accessed online, offers ways to cut costs and increase efficiency but poses a range of concerns over privacy, security, and liability.

Many industry leaders say legislation is needed to clarify existing law and provide certainty to encourage investment in the new technology.

Sen. Amy Klobuchar’s Cloud Computing Act of 2011 generated a lot of buzz when the Minnesota Democrat announced it at a Best Buy store in her home state in April. But seven months later, the bill floundered after Sen. Orrin Hatch, R-Utah, who was originally floated as a cosponsor, bailed.

Late last year Klobuchar said she is working with new authors to introduce the bill.

Other issues that could emerge this session include debate over legislation that would require online retailers to collect sales taxes from out-of-state customers. Also on the Senate’s docket are two nominees to the Federal Communications Commission. They were approved by the Senate Commerce Committee but their final confirmation vote is on hold while Sen. Chuck Grassley, R-Iowa, spars with the FCC over the handling of the LightSquared proceeding.

Source: National Journal

Computer Clarity

The World’s Most Private Search Engine now makes SSL encryption the default

Oct. 24, 2011

As of today, Startpage, by Ixquick, the “world’s most private search engine”, automatically encrypts ALL searches. Startpage was the first search engine to offer SSL encryption in 2009, and today it again breaks new ground by making SSL encryption the default.

SSL encryption, also known as secure socket layer encryption, is widely praised by security experts as the most secure way to surf the web. Startpage’s encryption prevents eavesdropping by Internet Service Providers (ISPs) who may become legally required to store massive amounts of personal information on you.

“In combination with the U.S. Patriot Act, snooping ISP’s pose an enormous, Orwellian privacy threat,” says Robert E.G. Beens, CEO of Ixquick and Startpage. “That’s why we’ve decided to change our website default to 100% SSL encryption, to further protect the privacy of our users’ Internet searches.”

All visitors to Startpage.com and its sister meta-search engine Ixquick.com will benefit from the new encryption service, which will automatically redirect them to the secure website. Users will see the letters “HTTPS” in the URL bar, indicating that all data will be transmitted in encrypted form. Any hacker or eavesdropper who accesses the connection will simply see gobbledygook.

Other search engines have begun to follow Startpage’s lead by offering SSL encryption. However, the privacy benefits of using SSL with other major search engines may be misleading, since those search engines themselves record users’ IP address and store extensive records of their searches.

“When you use Startpage, your IP address is not recorded, your visit is not logged, and no tracking cookies are placed on your browser,” explains Beens. “In fact, Startpage does not record any information about its users. Nothing. Nada. Zilch.”

Consumer privacy expert and Startpage spokesperson Dr. Katherine Albrecht concurs. “Now our users get the outstanding privacy of Startpage combined with the power of Google search results, and it’s all wrapped up with a tidy bow of encryption.”

“When you perform an encrypted web search through Startpage, we remove all identifying information from your query and submit it to Google anonymously through our own servers,” she explains. “We obtain Google’s search results and serve them to you in total privacy. Then we delete all records of your visit.”

Automatic SSL encryption is just the latest addition to the growing family of privacy features which combine to make Startpage the world’s most private search engine.
About Startpage “The World’s Most Private Search Engine”

Startpage by Ixquick is an award-winning search engine that is third-party certified and fully anonymous. It is the only search engine to offer a free proxy service, and the first to offer SSL encryption. Startpage has earned the coveted EuroPriSe “trust mark” for outstanding privacy and data handling practices. It is also certified by Certified Secure and registered with the Dutch Data Protection Authority.

https://www.startpage.com/

Original Source

Computer Clarity

Many people are under the misguided perception that mobile phones are automatically off limits for telemarketing and solicitation calls.

Original Source

Everyone has encountered a telemarketing call. It may be a robocall directing you to vote for some political candidate, or perhaps some local organization seeking donations. But, most people are used to getting those calls on their home land line, not their mobile phones. Telemarketers are increasingly targeting mobile phone numbers, so here is what you need to do to stop–or at least minimize–those annoying calls.

There is a common misconception that mobile phones are somehow inherently protected against telemarketing solicitations. Unfortunately, that is not true.

PrivacyStar, an app available for Android and BlackBerry smart phones that lets users report violations of the Do Not Call list to the Federal Trade Commission (FTC) has compiled stats from the over 200,000 complaints it has logged to date. According to PrivacyStar, more than half of the users who have used the app to lodge complaints never registered for the Do Not Call List in the first place.

There are two easy ways to add you mobile phone number to the FTC Do Not Call registry:

• FTC Website: https://www.donotcall.gov/register/reg.aspx
• Call Directly: 1-888-382-1222

Of course, the Do Not Call list only works for organizations that play by the rules. I have had repeated calls for over a year from some company promising to lower my interest rates on credit cards. It is an automated call and every time I have pressed “1″ to speak with a representative and asked to be removed from the list, the rep has simply hung up and the calls have persisted.

I have also dealt with various entities trying to track down someone that I can only assume is the previous owner of my phone number. Apparently, he has a lot of collectors who are anxious to get in touch with him even though I  have had my phone number for five years.

The Do Not Call list may not work for situations like these, but it will stop the vast majority of the annoying solicitations and telemarketing calls. Don’t make the mistake of assuming that your mobile phone is somehow off limits.

Take the 30 seconds to visit the FTC site or call the Do Not Call registry number and get your mobile phone number added to the list.

Computer Clarity

Apple Updates for Multiple Vulnerabilities

Original release date: October 13, 2011
Last revised: –
Source: US-CERT

National Cyber Alert System
Cyber Security Alert SA11-286A

Apple has released security updates for Apple iOS, Safari 5.1.1, OS X Lion v10.7.2, iWork 09, and Apple TV 4.4 to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, and bypass security restrictions.

Systems Affected

• Mac OS X 10.6.8
• Mac OS X Server 10.6.8
• Mac OS X 10.7, 10.7.1
• Mac OS X Server 10.7, 10.7.1

Overview

There are multiple vulnerabilities in Mac OS X 10.6.8, 10.7, and 10.7.1 and Mac OS X Server 10.6.8, 10.7, and 10.7.1. Apple has released updates to address these vulnerabilities.

Solution

Install updates

The updates to address these vulnerabilities are available through the Mac OS X Software Update feature. Apple support article Mac OS X: Updating your software describes how to install these updates.

Description

The Apple Security Advisory for OS X Lion v10.7.2 and Security Update 2011-006 describes multiple vulnerabilities in Mac OS X and Mac OS X Server. Apple has released updates to address these vulnerabilities.

References

• OS X Lion v10.7.2 and Security Update 2011-006 – <http://support.apple.com/kb/HT5002>
• Mac OS X: Updating your software – <http://support.apple.com/kb/HT1338>

It only happens to the big companies, right? While that may have been the conventional thinking in the past, cyber crime is finding large businesses, government institutions, and even individuals as its victims and as the Internet becomes increasingly integrated in to our daily lives, cyber crime continues to become more widespread.

Business is often about timing. Each day you have deadlines and if they aren’t met, you lose money. If you can’t get to your data for any reason, your day and the future of your business may be at risk. With data being so important to businesses of all sizes, it would be reasonable to believe that much like liability insurance, businesses are protected but that’s far from true.

A recent survey concluded that 52% of all business doesn’t have an IT security policy. Their data simply isn’t held under cyber lock and key like it should be and their employees are free to practice internet usage while at work in any way that they see fit.

If your business is in the 52% crowd, something has to change and it has to change today. What can you do to decrease your risk of cyber attack?

Secure you Network Infrastructure

A company that is PCI Compliant passes a stringent test of potential security breach scenarios. PCI Compliance makes sure that all data stored or transmitted in the network is secured.

Secure your Computer

Up to date antivirus and operating system with a cookie-free clean computer are the crucial steps to secure your computer. Scheduling automatic updates and frequent cleanings keeps the computer up to date. Most of the security breaches happen when a computer user isn’t paying attention.

Back up Your Data

Just like in our real lives, not being a victim of theft often starts with common sense. Your data is too important to only be in one place.  Copy your data and place it someplace secure. If you can fit it all on to a portable hard drive or some other piece of hardware that isn’t connected to the internet, do that once per week. If you can’t, find an online backup service that will automatically do this for you

Invest in a Computer Service Warranty

Most manufacturers ONLY offer warranties for hardware defects. Computer Service Warranties what the manufacturers do not; computer maintenance, operating system problems and any virus attack and damage. This supplemental “Insurance”  protects the computer user from sudden “break and fix” repair expenses.

Find out more about Computer Service Warranty.

Computer Clarity | Colorado Springs

It’s impossible to express how sad many people in the technology world feel at the news of the death of Steve Jobs.

Sickeningly, as with the deaths of other figures in the public eye, there are scammers waiting to take advantage of bad news.

Here’s a scam we have seen on Facebook, claiming that free iPads are being given away “in memory of Steve Jobs”.

In memory of Steve, a company is giving out 50 ipads tonight. R.I.P. Steve Jobs [LINK]

The cool-sounding link sucks you in, tricking you into believing that you may get a free iPad but then goes on to get you to complete online surveys to “qualify”.

The link goes through the bit.ly short url service (we have asked our friends at bit.ly to shut the link down) and we can see that over 15,000 people have already clicked on the link which was set up within hours of Steve Jobs’s death first being announced.

Of course, if you were one of those people who clicked on the link you may be wondering what the chances are that you will receive a free iPad. I hate to disappoint you, but it’s pretty unlikely.

The webpage you are taken to is very similar to ones we have seen pointed to by other scammers. Here’s what I saw:

I am writing this article from the Virus Bulletin conference in Barcelona, and you can see that the page has auto-magically determined where I am in the world and adjusted its language and wording as appropriate.

Below you’ll see how the survey pages look if you visit them from Sydney, Australia, for instance.

If you don’t click through within a few seconds, it plays an audio message urging you to do so:

You’ll notice that the audio message spectacularly fails to mention the 50 free iPads, which have by this time been reduced to the promise of “an exclusive reward”, whatever that might be.

My colleague Paul Ducklin captured the audio and – being a fountain of interesting but not always entirely relevant information – tells me that the speaker is an Australian who grew up in South Africa.

When Duck visited the page a second time from Sydney, this is what he saw:

How do the scammers make money? Well, they are earning affiliate cash – in a nutshell, they make more money the more traffic they can direct to websites, driving more people to become customers, or take online surveys and competitions.

Cynically, they exploited the death of Steve Jobs in the hope of driving large numbers of internet users to websites offering content such as contests, surveys and online gambling. The fact is, of course, that they could just as easily have taken those users to a webpage containing malicious code or a phishing page designed to steal credentials.

Chances are that this won’t be the only scam we see regarding the untimely death of Steve Jobs. It wouldn’t be a surprise, for instance, to see scams which might try to take advantage of those moved by the loss of Apple’s founder with lures like “Donate to Steve’s favorite charities as a tribute”.

If you do want to pay tribute to Steve Jobs, the most appropriate place it seems to me would be Apple’s website itself.

The truth is that the scammers are not geniuses like Jobs, and they don’t contribute anything to the world of technology or wider society as Steve Jobs did. It’s a shame that they can’t be inspired by speeches like the one Jobs gave at Stanford University in 2005, and make something better of their lives.

Steve Jobs’ 2005 Stanford Commencement Speech

I think that’s how we should remember Steve Jobs today.

Computer Clarity

In congressional testimony this morning, Dr. Gene Spafford of Purdue University said that Sony was using outdated software on its servers—and knew about it months in advance of the recent security breaches that allowed hackers to get private information from over 100 million user accounts.

According to Spafford, security experts monitoring open Internet forums learned months ago that Sony was using outdated versions of the Apache Web server software, which “was unpatched and had no firewall installed.” The issue was “reported in an open forum monitored by Sony employees” two to three months prior to the recent security breaches, said Spafford.

Spafford made his comments in a hearing convened by the House Subcommittee on Commerce, Manufacturing, and Trade. Sony was invited to participate in the hearing, but declined to attend. In a letter to the committee, Sony said it has added automated software monitoring and enhanced data security and encryption to its systems in the wake of the recent security breaches.

“If Dr. Spafford’s assessment is accurate, it’s inexcusable that Sony not only ran obsolete software on servers containing confidential data, but also that the company continued to do so after this information was publicly disclosed,” said Jeff Fox, Consumer Reports Technology Editor.

Original Source

Computer Clarity