Wednesday, January 25, 2006

FBI 2005 Survey on Cybercrime Reflects a New Generation of Abegnales

The report reads like there is a growth industry of new Frank Abegnales - the man made famous in the movie "Catch Me If You Can". The statistics garnered from 2000 surveys taken from the public and private organisations shows alarming responses.

Here are some of the findings listed on their webpage:

Frequency of attacks. Nearly nine out of 10 organizations experienced computer security incidents in a year's time; 20% of them indicated they had experienced 20 or more attacks.

Types of attacks. Viruses (83.7%) and spyware (79.5%) headed the list. More than one in five organizations said they experienced port scans and network or data sabotage.

Financial impact. Over 64% of the respondents incurred a loss. Viruses and worms cost the most, accounting for $12 million of the $32 million in total losses.

Sources of the attacks. They came from 36 different countries. The U.S. (26.1%) and China (23.9%) were the source of over half of the intrusion attempts, though masking technologies make it difficult to get an accurate reading.

Defenses. Most said they installed new security updates and software following incidents, but advanced security techniques such as biometrics (4%) and smart cards (7%) were used infrequently. In addition, 44% reported intrusions from within their own organizations, suggesting the need for strong internal controls.

Reporting. Just 9% said they reported incidents to law enforcement, believing the infractions were not illegal or that there was little law enforcement could or would do. Of those reporting, however, 91% were satisfied with law enforcement's response. And 81% said they'd report future incidents to the FBI or other law enforcement agencies. Many also said they were unaware of InfraGard, a joint FBI/private sector initiative that battles computer crimes and other threats through information sharing

FBI Cybercrime Survey 2005

Monday, January 23, 2006

Another example of convergence making DMCA outdated?

A small company in Mass., US, has begun selling IPODs with movies from the DVDs purchased by their new owners uploaded. On the face of it, such sales of IPODs with copyrighted and tech protected DVD movies have breached the DMCA provisions. However interestingly the business continues to do this despite the legal risk. Apparently the owners of the business argue that the DMCA is outdated law and claim that moving the content onto the device is a one-way transfer, which since the purchaser gets both the original and the copy it is legal under their fair use provisions of their Copyright law. Will content owners sit by and less this continue? Keep a look out for updates here.

TVMyPod ventures into copyright gray area CNET News.com

Friday, January 20, 2006

NEWS: Privacy Advocates v. Pornography Prosecutors

Google, Yahoo and MSN refused to assist when they were asked by Anti Porn legislator to hand over search statistics. As a result, they had been subpoenaed by the Bush Administration for the information they asked for in their effort to fight Porn online. All three search engines responded differently. The various issues raised in their defence was the protection of the privacy of its users, lack of useable specific data retained and that the information handed over did not include personal information.

As a bystander observer, is such a process of obtaining data reflective of the Bush Administration's view of its position regarding privacy protection? Unfortunately the problem with porn appears to far outweigh that concern. Hopefully, the process will in fact not result in the breach of the privacy of the users of these search engines.

TechWeb Search Engines, Free Speech Google, Yahoo, MSN Subpoenaed In Anti-Porn Effort

UPDATE: CNET NEWS.com has published some useful FAQs on the Google subpoena by the US Justice Department on its database statistics. CLICK HERE for the FAQ

Monday, January 16, 2006

Yet another pricing 'blunder' at an online store

A problem that seems to be reported with some familiarity is the error in pricing on webmalls as to the pricing of their goods. The problem has been around since the boom on online commerce but despite the growth of ever more stable and reliable solutions, the pricing mistakes continue to happen to the displeasure of many customers. The latest reported here is Apple's Online Education Store that priced an Olympus camera at only 98.70 sterling pounds. The camera normally retails for 600 pounds.

In the past retailers online succeeded in avoiding concluded electronic contracts on the defence that the buyer had bought the goods in bad faith - usually shown by the purchased of dozens of the mispriced items. The problem for Apple and other retailers is - if a buyer only buys one unit of the goods - is there grounds to allege bad faith?

With the ever growing outrage of how easy retailers can renege on the agreements made online, is it an impossibility for law makers to raise the retailer's liability to strict liability for their pricing? While this is a matter of conjecture for now - consumer protection for online transactions - especially for those who legitimately bought the goods believing the price to be right as well as with good faith - should have some recourse and protection.

Furthermore, the expensive web commerce solutions are nothing like the retail shops and malls where price labels are manually stuck on the goods. The system in many of these retailers have state of the art inventory and pricing systems that work in conjunction with their payment systems. Can they really be able to claim to an honest mistake by their pricing system?

Consider the Singapore Electronic Transactions Act which provides inter alia that the transactions sytem will be deemed as an agent of the owner. Thus if an 'agent' quotes a wrong price - the principal is bound to the agent's words. Unfortunately this provision has yet to be tested in the courts. But it is clear from this provision that the legislators do not place much credence on online retailers claiming that their machines are had not been properly configured and it is designed to make them accountable.

Apple pricing 'blunder' caught on camera - WebWatch - Breaking Business and Technology News at silicon.com

Wednesday, January 04, 2006

NEWS: New Year starts badly for Microsoft with discovered Windows flaw

CNET just reported that there is a new flaw found in the Windows Meta File which may have spawned a series of attacks last week. The primary OS vulnerable are Windows XP with Service Pack 1 and 2 and Windows Server 2003. CNET reports that it is estimated 99 percent of computers worldwide are vulnerable to attack. Some attacks on the WMF flaw has already resulted in attacks such as the Exploit-WMF Trojan. The report however did indicate that while there is a real risk, the danger of another world wide threat is small.

I would recommend to keep a finger on the windows update icon to check on the possibility of new patches as well as updating all firewall and antivirusware.

Windows flaw spawns dozens of attacks CNET News.com
Site Meter