Dilbert: Intellectual Property and Privacy
It would not be funny if it was not true.....
It would not be funny if it was not true.....
#EFF I am glad I joined this weekend. No I didn't get a mowhawk.
WASHINGTON, D.C. - Federal agencies have repeatedly assured worried passengers that all images generated by full body scanners in airports would be destroyed as soon as the image was viewed.
But, it turns out some law enforcement agencies are in fact saving tens of thousands of images, according to CNet.com.
The U.S. Marshals Service has admitted that it has saved thousands of images recorded with a millimeter wave system at the security checkpoint of the federal courthouse in Orlando.
The Marshals Service disclosure comes on the heels of a report from the TSA that said it requires all airport body scanners it purchases to store and transmit images for, "testing, training, and evaluation purposes." CNet reported the TSA said those capabilities aren't activated when the devices are installed at airports.
The controversial scanners produce highly detailed images. The U.S. government wants the machines because they say it can detect concealed weapons better than metal detectors.
Homeland Security Secretary Janet Napolitano announced that scanners would be installed at every major airport in the country. Miami International Airport already has some of the scanners installed at the terminal.
According to CNet, the Electronic Privacy Information Center has filed a lawsuit asking a federal judge to grant an immediate injunction pulling the plug on TSA's body scanning program.
From Gizmodo
Apple's iPhone 4 pre-ordering has been a total disaster, but it gets much worse: An AT&T insider claims that this iPhonecalypse may be related to "a major fraud update that went wrong." The bug is exposing AT&T users' private information.
So far there have been at least three accounted cases of mistaken identities sent by Gizmodo.com readers. This is how it happens: A customer tries to log into their AT&T account to order a new iPhone 4 upgrade. Despite entering their username and password, the AT&T system would take them to another user account. This gives access to all kinds of private information about the mistaken customer: Addresses, phone calls, and bills, along with the rest of private information, becomes exposed to random strangers.
The latest case comes from reader John King:
From: john king
Date: Tue, Jun 15, 2010 at 2:04 PM
Subject: ATT WEBSITE LOGS ME IN AS ANOTHER CUSTOMER
To: tips@gizmodo.comI LOGGED IN AS ME AND IT BROUGHT UP A MARY ???? BIG PROBLEM
-JPK
But according to an AT&T insider, there could be a lot more happening which are not being reported. These login problems, according to the source, are probably linked to an AT server software update that went wrong this weekend [Emphasis added]:
I work at a 3rd party order processing facility—what AT&T refers to as a 3CC. We process business-to-business, business-to-customer Wireline Indirect, and ACME/PAC (what AT&T calls their iPhone program internally). Agents use AT&T programs called Phoenix, Telegence, Compass, Ordertrack and myCSP to process orders.
Over the weekend there was a major fraud update that went down on all of AT&T's systems, from Saturday overnight to Sunday early morning. All systems were down and agents were unable to use any systems.
The issues people are seeing at AT&T stores and online are most likely related to this update that went wrong.
I do know that there was absolutely NO TESTING of this system done before the launch of the new iPhone. I know it's just heresay at this point, but I can confirm that there was a major outage over the weekend that impacted all ordering systems and programs, and I can confirm that there were multiple systems being upgraded/updated, with some updates being related to fraud.
At this point, I can say that the system that AT&T uses to send automated orders to be processed is as of this very moment down completely. Our facility is unable to process any orders by phone or by automation.
[Regarding the identity problem] Whenever we see people who are logging in and seeing other customer's account info, it is an issue with the databases that contain customer information. Orders that contain any information like this can cross customer information, and cause a customer be able to see other accounts by logging out and logging back in. This means that when they log in a few times, it gives them different customer account info every time. It's a rare occurrence, but it has happened in the past.
You might want to advise people to not get the upgrade at this point as it may be a doorway to a major privacy breach.
Unfortunately it appears that even if you don't upgrade your private information could be exposed as other people try to upgrade, allowing accidental access to your account. After we reported on the initial security breaches this morning, AT&T took down their account online system completely.
At this time (3:34PM EDT), the account system is back online, but the iPhone 4 eligibility page is still down.
AT&T and Apple have not issued any statement about this security problem or the nationwide pre-order disaster.
Today, Facebook is having an emergency meeting to discuss their site's privacy problem. But these instant messages, supposedly sent by CEO Mark Zuckerberg in Facebook's early days, suggest that user privacy may have always been an afterthought.
The messages were uncovered by Silicon Alley Insider, who is no stranger to excavating the unsavory details of Facebook's past. They read:
Zuck: Yeah so if you ever need info about anyone at Harvard
Zuck: Just ask.
Zuck: I have over 4,000 emails, pictures, addresses, SNS
[Redacted Friend's Name]: What? How'd you manage that one?
Zuck: People just submitted it.
Zuck: I don't know why.
Zuck: They "trust me"
Zuck: Dumb fucks.
As SAI points out, there's no context for Zuckerberg's remarks, if they are indeed his, and there's no way to tell if these comments reflect how he really viewed matters of privacy when he was building Facebook.
But the allegation that Zuckerberg once used information from Facebook's logs to hack into Harvard Crimson reporters' email accounts certainly doesn't help his track record on this sort of thing, and Facebook's official response to the messages doesn't deny that they came from Zuckerberg:
The privacy and security of our users' information is of paramount importance to us. We're not going to debate claims from anonymous sources or dated allegations that attempt to characterize Mark's and Facebook's views towards privacy.
While the vast majority of Facebook's users might not think twice about what the site does with the information they post in their profiles, the contingent that is concerned is growing in size and becoming increasingly vocal. Yesterday, an open source Facebook alternative called Diaspora was lavished with attention and subsequently received a deluge of funding—it has now raised over $100,000. And even though these messages don't paint the whole picture by any means, I wouldn't be surprised if they drive a lot more funding in Diaspora's direction.
http://gizmodo.com/5538489/19+year+old-facebook-ceo-didnt-take-your-privacy-seriously-either