A computer hacker who helped orchestrate the theft of tens of millions of credit and debit card numbers from major retailers in one of the largest such thefts in U.S. history pleaded guilty Tuesday in the last of three cases brought by federal prosecutors.
Albert Gonzalez, a one-time federal informant from Miami, faces a prison sentence of up to 25 years under the terms of separate plea agreements. He is tentatively scheduled for sentencing in March.
"This is a young kid who did some reckless things and he's going to pay a price for it," said Gonzalez's attorney, Martin Weinberg, after his 28-year-old client calmly answered guilty to charges of conspiracy and wire fraud.
Weinberg said Gonzalez was remorseful and that he would ask two federal judges hearing the cases to sentence Gonzalez to the lower end of the 17- to 25-year sentencing range spelled out in the plea agreements.
Tuesday's plea stemmed from a case that was originally brought by federal prosecutors in New Jersey, but later transferred to Boston. It charged Gonzalez with conspiracy to gain unauthorized access to computer servers at Hannaford Brothers Inc., a Maine-based supermarket chain; convenience store giant 7-Eleven Inc.; Heartland Payment Systems Inc., a New Jersey-based processor of credit and debit cards; and two unnamed companies.
Gonzalez pleaded guilty in September in two other cases that were combined in Boston. Those cases included charges that he hacked into the computers of prominent retailers such as TJX Cos., BJ's Wholesale Club, OfficeMax, BostonMarket, Barnes & Noble and Sports Authority.
Under questioning Tuesday by U.S. District Court Judge Douglas Woodlock, Gonzalez indicated that he had used alcohol and a number of drugs, including marijuana, cocaine and LSD, prior to his arrest in May 2008.
Federal prosecutors have agreed to seek concurrent sentences in the cases, meaning that Gonzalez would serve no more than 25 years in prison. Weinberg, however, said he would argue for a lesser sentence based on factors including the prior drug abuse and a psychiatrist's report that Gonzalez exhibits behavior consistent with Asperger's syndrome, a form of autism.
The defense-commissioned report by Dr. Barry Roth described Gonzalez as an Internet addict with an "idiot-Savant-like genius for computers and information technology," but socially awkward.
"His personal life has been characterized most of all by awkwardness, impairment, troubles connecting to people, with an overarching preference and predilection to machines and technology," Roth wrote.
Authorities said Gonzalez, who said he had worked as a computer security consultant, was the ringleader of a group that targeted large retailers.
In 2003, Gonzalez was arrested for hacking but was not charged because he became an informant, helping the Secret Service find other hackers. But authorities said he continued to use his talents for illegal activities.
Over the next five years, he hacked into the computer systems of retailers even while providing assistance to the government.
He lived lavishly during that time. Authorities said he amassed $2.8 million and bought a Miami condo and a BMW. Under the plea deals, Gonzalez must forfeit more than $2.7 million, plus his condo, car, a Tiffany ring he gave to his girlfriend and Rolex watches he gave to his father and friends.
Before accepting the plea Tuesday, Woodlock heard Assistant U.S. Attorney Stephen Heymann outline the sophisticated hacking scheme, which also involved an individual identified only as "P.T." and two individuals identified in the indictment as Hacker 1 and Hacker 2. Heymann said they remain fugitives.
Gonzalez identified potential corporate victims by poring through lists of Fortune 500 companies and by going to retail stores to probe for potential vulnerabilities, Heymann said.
"It was foreseeable to defendant Gonzalez that the losses resulting from unauthorized acces.
Wednesday, December 30, 2009
Sunday, December 20, 2009
December Identity Newsletter
Identity Theft Newsletter Latest News On The #1 Crime In America & Tips On How To Keep Your ID Your Own!
Welcome to the December 2009 Identity Theft Newsletter...
Identity Theft is the number one white collar crime in America yet most folks bury their heads in the sand believing it will never happen to them.
It is my hope this newsletter will help to pull some of those heads out of the sand and save some from the horror of having their identity stolen...
Have a Happy and Safe Holiday Season!
This Holiday Season, DON'T give a gift to a thief! .
It's been said that the true spirit of the holiday season is in giving, not receiving. With this in mind, it's likely that you will be spending a bit of time shopping for presents, your credit card flying out of your wallet or purse like wind-blown snow.
But as you shop in stores and online, be sure you're not giving a surprise gift to an identity thief. Because the surprise will be on you -- and it won't be a good one.
Sometimes when you do business, you may be asked for your Social Security number. In many cases, those asking don't really need it. If anyone asks for your Social Security number or other identifying information, ask them why they want it and whether they absolutely need it. They can refuse you service if you don't provide it, but consider whether the service is worth the risk.
Web scams net millions; Unwary Canadians are bilked online, watchdog says
It's a case of "caveat clicker" when it comes to avoiding online fraud, according to consumer watchdogs.
The worst Top 10 Scams of 2009 have an e-commerce focus this year, bilking B.C. consumers and businesses of millions of dollars and identity theft.
Online fraud watchdog PhoneBusters.comsays e-mail, Internet and text-messaging scams have bilked Canadian consumers for $16 million between January and November.
"The key to avoid becoming a victim is education," said Pasacreta yesterday. "We still see a huge knowledge gap. Web marketers are savvy to consumers who click first, and ask questions later."
Lynda Pasacreta, president and CEO of the Better Business Bureau of Mainland B.C., said people have flocked to the Internet, without realizing they have to read the fine print before clicking "yes."
This year's online scams run the gamut, from teeth-whitening products to text messages.
People sign up for a free trial, only to be hooked into monthly membership fees of up to $100, and can't get them stopped. Or they get roped into monthly bills for premium text-message services, without realizing that they signed up when playing an online quiz or IQ test.
Facebook Moves to Standardize and Own Customer IDs
Adorning the walls of Facebook's Palo Alto, Calif., headquarters are multiple prints of Rene Magritte's iconic painting The Son of Man. The image of a man's face partly obscured by a green apple is considered a critique of people's attempts to conceal their true selves. It's also an apt metaphor for the millions who spend time on the Web trying to keep their own identities hidden, say executives at Facebook, the world's largest social network. "Part of what Facebook is trying to do is help people take the apple away," says Facebook Vice-President of Product Chris Cox.
There's good reason to push people to be up front about who they are on the Web, where million of users enshrouded in anonymity engage in everything from bullying to spamming, identity theft to financial fraud. To help users establish their identities online, Web sites such as Amazon and eBay's PayPal require customers to enter personal information on a site-by-site basis. Yet there's a dearth of widely accepted identity standards "the online equivalents of a driver's license or Social Security Number. "There isn't anything built into the architecture of the Web that lets you verify who you are," says Jules Polonetsky, director of the Future of Privacy Forum.
U.S. Census underway, beware of false workers
With the U.S. Census process beginning, the Better Business Bureau (BBB) advises people to be cooperative, but cautious, so as not to become a victim of fraud or identity theft. There are always con artists lurking when you least expect them.
The first phase of the 2010 US Census is underway as workers have begun verifying the addresses of households across the country. Eventually, more than 140,000 US Census workers will count every person across the nation and will gather information about every person living at each address including name, age, gender, race and other relevant data.
The big question is " how do you tell the difference between a U.S. Census worker and a con artist?
#################
Be safe out there,
Kathleen Fulgham
Secure Data solutions
661-256-6642
fulghamkathleen@yahoo.com
Add Us To Your Address Book
To help ensure that you receive all email messages consistently in your inbox with images displayed, please add this address to your address book or contacts list: kathleenfulgham@yahoo.com
Special Tips for CyberSafe Seniors
Is there a Special Senior Citizen among your family and friends who still hasn't seen the value and benefit in the Invisus Direct services to protect their PC and their personal identity? Perhaps they just don't trust their computer when it involves spending money.
Yet...they still want to shop conveniently or call the catalog companies with card in hand?
Perhaps the most loving thing you can do -- especially during the holidays when shopping is at its peak -- is to offer to help them with using their credit cards safely. (After all, they do trust you, their family member.) So, you ask, How can this be done? Connie Kiser, Invisus associate, suggests this, as both a practical and personal example regarding how she helps her own 73-year old mother:
"There are times when she needs to purchase airfare or other items online or order items from a catalog, where an individual takes the credit card order. Yet, I know that her laptop is still unprotected, and giving her credit card info to a stranger on the phone...neither of these situations is secure or totally trustworthy in the least. Open invitation for cyberfraud and identity theft!
Knowing that my PC is completely protected with our Invisus service, I told her I would take care of matters for her -- purchasing online with MY PC whatever and whenever she needs it. Thus, saving her from potential devastation.
That lets her remain hassle-free, worry-free (both of us!), and most importantly, restores our peace of mind."
~ Connie Kiser
10 Online Shopping Tips
1. Protect your computer: A computer used for online shopping should always have the the best anti-virus and anti-spyware as well as secure firewall. Remember, not all security software is the same!
2. Trust your gut: Offers in unsolicited e-mails that sound too good to be true ARE too good to be true. The price for taking this offer up may be too dear!
3. Beware of phishing scams: Legitimate businesses do not send e-mails claiming problems with an order or an account to lure the "buyer" into revealing financial information.
4. Confirm your online purchase is secure: Look for Https is the address bar signifying it's a secure page. Scammer generally won't take the time to set up secure sites. Note the closed padlock in your browser to back up the Https
5.Beware of emails coming for eBay scammers: It's difficult to tell a real from a fake. If you are seeking deals on eBay go right to the site don't respond to emails. If you do decide to make a purchase on eBay check the eBay sellers history. eBay is set up on the honor system and an established seller with great feedback should be legitimate.
6. Pay with a credit card: It's best to use a credit card because under federal law, the shopper can dispute the charges if he or she doesn't receive the item.
7. Avoid paying by check online/Mail order: Once the money is taken from your account and you don't receive the goods, you are likely out of luck!
8. Keep documentation of your order: After completing the online order process, there may be a final confirmation page or the shopper might receive confirmation by e-mail. Keep a copy of the Web page and any e-mails for future reference and as a record of the purchase.
9. Check your credit card statements often: The BBB recommends consumers check their credit card statements for suspicious activity by checking statements online regularly or by calling credit card companies.
10. Know your rights: Federal law requires that orders made by mail, phone or online be shipped by the date promised or, if no delivery time was stated, within 30 days. If the products you ordered aren't shipped on time, you can cancel your order and demand a refund.
http://www.sfi4.com/10882008/FREE
10 Online Shopping Tips
1. Protect your computer: A computer used for online shopping should always have the the best anti-virus and anti-spyware as well as secure firewall. Remember, not all security software is the same!
2. Trust your gut: Offers in unsolicited e-mails that sound too good to be true ARE too good to be true. The price for taking this offer up may be too dear!
3. Beware of phishing scams: Legitimate businesses do not send e-mails claiming problems with an order or an account to lure the "buyer" into revealing financial information.
4. Confirm your online purchase is secure: Look for Https is the address bar signifying it's a secure page. Scammer generally won't take the time to set up secure sites. Note the closed padlock in your browser to back up the Https
5.Beware of emails coming for eBay scammers: It's difficult to tell a real from a fake. If you are seeking deals on eBay go right to the site don't respond to emails. If you do decide to make a purchase on eBay check the eBay sellers history. eBay is set up on the honor system and an established seller with great feedback should be legitimate.
6. Pay with a credit card: It's best to use a credit card because under federal law, the shopper can dispute the charges if he or she doesn't receive the item.
7. Avoid paying by check online/Mail order: Once the money is taken from your account and you don't receive the goods, you are likely out of luck!
8. Keep documentation of your order: After completing the online order process, there may be a final confirmation page or the shopper might receive confirmation by e-mail. Keep a copy of the Web page and any e-mails for future reference and as a record of the purchase.
9. Check your credit card statements often: The BBB recommends consumers check their credit card statements for suspicious activity by checking statements online regularly or by calling credit card companies.
10. Know your rights: Federal law requires that orders made by mail, phone or online be shipped by the date promised or, if no delivery time was stated, within 30 days. If the products you ordered aren't shipped on time, you can cancel your order and demand a refund.
Welcome to the December 2009 Identity Theft Newsletter...
Identity Theft is the number one white collar crime in America yet most folks bury their heads in the sand believing it will never happen to them.
It is my hope this newsletter will help to pull some of those heads out of the sand and save some from the horror of having their identity stolen...
Have a Happy and Safe Holiday Season!
This Holiday Season, DON'T give a gift to a thief! .
It's been said that the true spirit of the holiday season is in giving, not receiving. With this in mind, it's likely that you will be spending a bit of time shopping for presents, your credit card flying out of your wallet or purse like wind-blown snow.
But as you shop in stores and online, be sure you're not giving a surprise gift to an identity thief. Because the surprise will be on you -- and it won't be a good one.
Sometimes when you do business, you may be asked for your Social Security number. In many cases, those asking don't really need it. If anyone asks for your Social Security number or other identifying information, ask them why they want it and whether they absolutely need it. They can refuse you service if you don't provide it, but consider whether the service is worth the risk.
Web scams net millions; Unwary Canadians are bilked online, watchdog says
It's a case of "caveat clicker" when it comes to avoiding online fraud, according to consumer watchdogs.
The worst Top 10 Scams of 2009 have an e-commerce focus this year, bilking B.C. consumers and businesses of millions of dollars and identity theft.
Online fraud watchdog PhoneBusters.comsays e-mail, Internet and text-messaging scams have bilked Canadian consumers for $16 million between January and November.
"The key to avoid becoming a victim is education," said Pasacreta yesterday. "We still see a huge knowledge gap. Web marketers are savvy to consumers who click first, and ask questions later."
Lynda Pasacreta, president and CEO of the Better Business Bureau of Mainland B.C., said people have flocked to the Internet, without realizing they have to read the fine print before clicking "yes."
This year's online scams run the gamut, from teeth-whitening products to text messages.
People sign up for a free trial, only to be hooked into monthly membership fees of up to $100, and can't get them stopped. Or they get roped into monthly bills for premium text-message services, without realizing that they signed up when playing an online quiz or IQ test.
Facebook Moves to Standardize and Own Customer IDs
Adorning the walls of Facebook's Palo Alto, Calif., headquarters are multiple prints of Rene Magritte's iconic painting The Son of Man. The image of a man's face partly obscured by a green apple is considered a critique of people's attempts to conceal their true selves. It's also an apt metaphor for the millions who spend time on the Web trying to keep their own identities hidden, say executives at Facebook, the world's largest social network. "Part of what Facebook is trying to do is help people take the apple away," says Facebook Vice-President of Product Chris Cox.
There's good reason to push people to be up front about who they are on the Web, where million of users enshrouded in anonymity engage in everything from bullying to spamming, identity theft to financial fraud. To help users establish their identities online, Web sites such as Amazon and eBay's PayPal require customers to enter personal information on a site-by-site basis. Yet there's a dearth of widely accepted identity standards "the online equivalents of a driver's license or Social Security Number. "There isn't anything built into the architecture of the Web that lets you verify who you are," says Jules Polonetsky, director of the Future of Privacy Forum.
U.S. Census underway, beware of false workers
With the U.S. Census process beginning, the Better Business Bureau (BBB) advises people to be cooperative, but cautious, so as not to become a victim of fraud or identity theft. There are always con artists lurking when you least expect them.
The first phase of the 2010 US Census is underway as workers have begun verifying the addresses of households across the country. Eventually, more than 140,000 US Census workers will count every person across the nation and will gather information about every person living at each address including name, age, gender, race and other relevant data.
The big question is " how do you tell the difference between a U.S. Census worker and a con artist?
#################
Be safe out there,
Kathleen Fulgham
Secure Data solutions
661-256-6642
fulghamkathleen@yahoo.com
Add Us To Your Address Book
To help ensure that you receive all email messages consistently in your inbox with images displayed, please add this address to your address book or contacts list: kathleenfulgham@yahoo.com
Special Tips for CyberSafe Seniors
Is there a Special Senior Citizen among your family and friends who still hasn't seen the value and benefit in the Invisus Direct services to protect their PC and their personal identity? Perhaps they just don't trust their computer when it involves spending money.
Yet...they still want to shop conveniently or call the catalog companies with card in hand?
Perhaps the most loving thing you can do -- especially during the holidays when shopping is at its peak -- is to offer to help them with using their credit cards safely. (After all, they do trust you, their family member.) So, you ask, How can this be done? Connie Kiser, Invisus associate, suggests this, as both a practical and personal example regarding how she helps her own 73-year old mother:
"There are times when she needs to purchase airfare or other items online or order items from a catalog, where an individual takes the credit card order. Yet, I know that her laptop is still unprotected, and giving her credit card info to a stranger on the phone...neither of these situations is secure or totally trustworthy in the least. Open invitation for cyberfraud and identity theft!
Knowing that my PC is completely protected with our Invisus service, I told her I would take care of matters for her -- purchasing online with MY PC whatever and whenever she needs it. Thus, saving her from potential devastation.
That lets her remain hassle-free, worry-free (both of us!), and most importantly, restores our peace of mind."
~ Connie Kiser
10 Online Shopping Tips
1. Protect your computer: A computer used for online shopping should always have the the best anti-virus and anti-spyware as well as secure firewall. Remember, not all security software is the same!
2. Trust your gut: Offers in unsolicited e-mails that sound too good to be true ARE too good to be true. The price for taking this offer up may be too dear!
3. Beware of phishing scams: Legitimate businesses do not send e-mails claiming problems with an order or an account to lure the "buyer" into revealing financial information.
4. Confirm your online purchase is secure: Look for Https is the address bar signifying it's a secure page. Scammer generally won't take the time to set up secure sites. Note the closed padlock in your browser to back up the Https
5.Beware of emails coming for eBay scammers: It's difficult to tell a real from a fake. If you are seeking deals on eBay go right to the site don't respond to emails. If you do decide to make a purchase on eBay check the eBay sellers history. eBay is set up on the honor system and an established seller with great feedback should be legitimate.
6. Pay with a credit card: It's best to use a credit card because under federal law, the shopper can dispute the charges if he or she doesn't receive the item.
7. Avoid paying by check online/Mail order: Once the money is taken from your account and you don't receive the goods, you are likely out of luck!
8. Keep documentation of your order: After completing the online order process, there may be a final confirmation page or the shopper might receive confirmation by e-mail. Keep a copy of the Web page and any e-mails for future reference and as a record of the purchase.
9. Check your credit card statements often: The BBB recommends consumers check their credit card statements for suspicious activity by checking statements online regularly or by calling credit card companies.
10. Know your rights: Federal law requires that orders made by mail, phone or online be shipped by the date promised or, if no delivery time was stated, within 30 days. If the products you ordered aren't shipped on time, you can cancel your order and demand a refund.
http://www.sfi4.com/10882008/FREE
10 Online Shopping Tips
1. Protect your computer: A computer used for online shopping should always have the the best anti-virus and anti-spyware as well as secure firewall. Remember, not all security software is the same!
2. Trust your gut: Offers in unsolicited e-mails that sound too good to be true ARE too good to be true. The price for taking this offer up may be too dear!
3. Beware of phishing scams: Legitimate businesses do not send e-mails claiming problems with an order or an account to lure the "buyer" into revealing financial information.
4. Confirm your online purchase is secure: Look for Https is the address bar signifying it's a secure page. Scammer generally won't take the time to set up secure sites. Note the closed padlock in your browser to back up the Https
5.Beware of emails coming for eBay scammers: It's difficult to tell a real from a fake. If you are seeking deals on eBay go right to the site don't respond to emails. If you do decide to make a purchase on eBay check the eBay sellers history. eBay is set up on the honor system and an established seller with great feedback should be legitimate.
6. Pay with a credit card: It's best to use a credit card because under federal law, the shopper can dispute the charges if he or she doesn't receive the item.
7. Avoid paying by check online/Mail order: Once the money is taken from your account and you don't receive the goods, you are likely out of luck!
8. Keep documentation of your order: After completing the online order process, there may be a final confirmation page or the shopper might receive confirmation by e-mail. Keep a copy of the Web page and any e-mails for future reference and as a record of the purchase.
9. Check your credit card statements often: The BBB recommends consumers check their credit card statements for suspicious activity by checking statements online regularly or by calling credit card companies.
10. Know your rights: Federal law requires that orders made by mail, phone or online be shipped by the date promised or, if no delivery time was stated, within 30 days. If the products you ordered aren't shipped on time, you can cancel your order and demand a refund.
Saturday, October 31, 2009
Web marketer ordered to pay Facebook $711M damages
LOS ANGELES - Facebook said Thursday a California court has awarded the social networking Web site $711 million in damages in an anti-spam case against Internet marketer Sanford Wallace.
Facebook sued Wallace for accessing users' accounts without their permission and sending phony posts and messages. The company said on its blog that in addition to the damage award, the San Jose, Calif., court referred Wallace to the U.S. Attorney's office for prosecution for criminal contempt of court — meaning he could face jail time.
Wallace earned the monikers "Spam King" and "Spamford" as head of a company that sent as many as 30 million junk e-mails a day in the 1990s.
In May 2008, the online hangout MySpace won a $230 million judgment over junk messages sent to its members when a federal judge in Los Angeles ruled against Wallace and his partner, Walter Rines, in another case brought under the federal anti-spam law known as CAN-SPAM. In 2006, Wallace was fined $4 million after the Federal Trade Commission accused him of running an operation that infected computers with software that caused flurries of pop-up ads, known as "spyware."
"While we don't expect to receive the vast majority of the award, we hope that this will act as a continued deterrent against these criminals," said Sam O'Rourke, associate general counsel for Facebook, in a blog posting Thursday. "This is another important victory in our fight against spam."
There was no phone number listed for Wallace in Las Vegas, where he is believed to be living, according to the ruling.
The company said the judgment marks the second-largest anti-spam award ever. In November 2008, Facebook won an $873 million judgment against Adam Guerbuez and his business, Atlantis Blue Capital, who bombarded users with sexually explicit spam messages.
http://www.kathy1313.com/
http://perfecttrafficstorm.com/aff/4163
http://www.DesktopLightning.com/fulghamkathleen
http://www.leadsleap.com/?referid=fulghamkathleen
Facebook sued Wallace for accessing users' accounts without their permission and sending phony posts and messages. The company said on its blog that in addition to the damage award, the San Jose, Calif., court referred Wallace to the U.S. Attorney's office for prosecution for criminal contempt of court — meaning he could face jail time.
Wallace earned the monikers "Spam King" and "Spamford" as head of a company that sent as many as 30 million junk e-mails a day in the 1990s.
In May 2008, the online hangout MySpace won a $230 million judgment over junk messages sent to its members when a federal judge in Los Angeles ruled against Wallace and his partner, Walter Rines, in another case brought under the federal anti-spam law known as CAN-SPAM. In 2006, Wallace was fined $4 million after the Federal Trade Commission accused him of running an operation that infected computers with software that caused flurries of pop-up ads, known as "spyware."
"While we don't expect to receive the vast majority of the award, we hope that this will act as a continued deterrent against these criminals," said Sam O'Rourke, associate general counsel for Facebook, in a blog posting Thursday. "This is another important victory in our fight against spam."
There was no phone number listed for Wallace in Las Vegas, where he is believed to be living, according to the ruling.
The company said the judgment marks the second-largest anti-spam award ever. In November 2008, Facebook won an $873 million judgment against Adam Guerbuez and his business, Atlantis Blue Capital, who bombarded users with sexually explicit spam messages.
http://www.kathy1313.com/
http://perfecttrafficstorm.com/aff/4163
http://www.DesktopLightning.com/fulghamkathleen
http://www.leadsleap.com/?referid=fulghamkathleen
Friday, October 30, 2009
Is The Government Doing Enough?
October is National Cybersecurity Awareness Month.
Does this mean the U.S. Government is finally getting serious about cybersecurity?? Truthfully, it's our SHARED responsibility of good cyber-hygiene among ALL computer users, not just industry and government.
To give just a hint of the depth of this challenge, the Cybersecurity Act of 2009 is presently making its way through Congress. The bill’s co-sponsor, Senator Olympia Snowe (R-Maine), has stated:
“America’s vulnerability to massive cybercrime, global cyber-espionage and cyber-attacks has emerged as one of the most urgent national security problems facing our country today.”
Folks, the explosion of cybercrime and identity theft has reached a 5-year high, increasing annually at a rate of 22%!! It's escalating rapidly in our difficult economic times. In 2008 alone, 9.9 MILLION Americans were victims of identity theft. In fact, the Wall Street Journal states: "Information breaches to U.S. companies in 2008 reached a per-incident cost of $6.65 MILLION."
Take note of these scary, but very real statistics:
** More than 1 person in 10 knew the person who stole their identity.
** Identity thieves are working dramatically faster to exploit their victims.
** Information stolen and stored for a year or more was up 50%.
** Women are 26% more likely to be victims of identity theft than are men.
** Latinos are 47% more apt to become victims of identity theft.
** Minors are increasingly targets. The thieves know that it can take years before a child's ID
theft is discovered.
** Households with higher incomes -- $75,000 or more -- are now at a higher risk.
So…what do these identity theft stats have to do with cybersecurity? Everything. The common denominator here is easy access to individual and business computers in which hackers [read: cyber criminals] are able to penetrate and hijack computers, jeopardizing proprietary and corrupting computers.
The need to turn the Tsunami tide is CRITICALLY urgent, as both our personal AND our national security hinges on ALL computers (home AND businesses) being secured against the ravages and major headaches of cybercrime....all producing hassles, headaches, and serious problems for the end user, along with being an unsuspecting participant in the raging, stealth war of cybercrime and identity fraud. Yes, folks, we’re in an escalating cyber war….it’s already begun!
I am including in this post a link (below) to a blog article from TechRepublic.com called “Cybersecurity: Is the U.S. Government doing enough?”. This explains exactly WHY cybersecurity is EVERYONE'S responsibility. Especially in these challenging days, what is available as "security" software (like Norton, McAfee, TrendMicro, Kaspersky, Panda, etc.) is merely "entry level" and just isn't capable of meeting -- much less staying on top of -- the increasing challenges of sophisticated cybercriminals and other hackers. (If the off-the-shelf, entry-level software did the job, why would the problems be escalating??)
That's exactly why, in my business as a PC Security and Care and Identity Protection Specialist, access to unlimited service and corporate-grade security is provided to computer owners, enabling them to keep cyber criminals from hijacking personal and business PC’s and stealing proprietary data and committing crimes like identity theft and credit fraud. Truthfully, we’re a hacker’s worst nightmare!
Both individuals and small businesses can now finally keep their PC’s and identities secure and truly free from hassles, headaches, and worry….allowing them to literally and finally gain true peace of mind!
Cybersecurity…it’s our shared responsibility!
http://blogs.techrepublic.com.com/security/?p=2532&tag=nl.e036#comments
http://www.kfidentity.com/
http://perfecttrafficstorm.com/aff/4163
http://www.DesktopLightning.com/fulghamkathleen
http://www.leadsleap.com/?referid=fulghamkathleen
Does this mean the U.S. Government is finally getting serious about cybersecurity?? Truthfully, it's our SHARED responsibility of good cyber-hygiene among ALL computer users, not just industry and government.
To give just a hint of the depth of this challenge, the Cybersecurity Act of 2009 is presently making its way through Congress. The bill’s co-sponsor, Senator Olympia Snowe (R-Maine), has stated:
“America’s vulnerability to massive cybercrime, global cyber-espionage and cyber-attacks has emerged as one of the most urgent national security problems facing our country today.”
Folks, the explosion of cybercrime and identity theft has reached a 5-year high, increasing annually at a rate of 22%!! It's escalating rapidly in our difficult economic times. In 2008 alone, 9.9 MILLION Americans were victims of identity theft. In fact, the Wall Street Journal states: "Information breaches to U.S. companies in 2008 reached a per-incident cost of $6.65 MILLION."
Take note of these scary, but very real statistics:
** More than 1 person in 10 knew the person who stole their identity.
** Identity thieves are working dramatically faster to exploit their victims.
** Information stolen and stored for a year or more was up 50%.
** Women are 26% more likely to be victims of identity theft than are men.
** Latinos are 47% more apt to become victims of identity theft.
** Minors are increasingly targets. The thieves know that it can take years before a child's ID
theft is discovered.
** Households with higher incomes -- $75,000 or more -- are now at a higher risk.
So…what do these identity theft stats have to do with cybersecurity? Everything. The common denominator here is easy access to individual and business computers in which hackers [read: cyber criminals] are able to penetrate and hijack computers, jeopardizing proprietary and corrupting computers.
The need to turn the Tsunami tide is CRITICALLY urgent, as both our personal AND our national security hinges on ALL computers (home AND businesses) being secured against the ravages and major headaches of cybercrime....all producing hassles, headaches, and serious problems for the end user, along with being an unsuspecting participant in the raging, stealth war of cybercrime and identity fraud. Yes, folks, we’re in an escalating cyber war….it’s already begun!
I am including in this post a link (below) to a blog article from TechRepublic.com called “Cybersecurity: Is the U.S. Government doing enough?”. This explains exactly WHY cybersecurity is EVERYONE'S responsibility. Especially in these challenging days, what is available as "security" software (like Norton, McAfee, TrendMicro, Kaspersky, Panda, etc.) is merely "entry level" and just isn't capable of meeting -- much less staying on top of -- the increasing challenges of sophisticated cybercriminals and other hackers. (If the off-the-shelf, entry-level software did the job, why would the problems be escalating??)
That's exactly why, in my business as a PC Security and Care and Identity Protection Specialist, access to unlimited service and corporate-grade security is provided to computer owners, enabling them to keep cyber criminals from hijacking personal and business PC’s and stealing proprietary data and committing crimes like identity theft and credit fraud. Truthfully, we’re a hacker’s worst nightmare!
Both individuals and small businesses can now finally keep their PC’s and identities secure and truly free from hassles, headaches, and worry….allowing them to literally and finally gain true peace of mind!
Cybersecurity…it’s our shared responsibility!
http://blogs.techrepublic.com.com/security/?p=2532&tag=nl.e036#comments
http://www.kfidentity.com/
http://perfecttrafficstorm.com/aff/4163
http://www.DesktopLightning.com/fulghamkathleen
http://www.leadsleap.com/?referid=fulghamkathleen
Saturday, September 26, 2009
September Identity Newsletter
Latest News On The #1 Crime In America & Tips On How Thttp://www.kathy1313.como Keep Your ID Your Own!
Welcome to the September 2009 Identity Theft Newsletter!
Id Theft is the number one fastest growing crime in America yet most people people believe it will never happen to them.
It is my sincere hope that by helping to get the word out through these newsletters that some may be saved from the personal nightmare of having there identity stolen.
Identity Theft Victim Meets Her Identity Thief
Back in January, Michelle McCambridge found herself staring into the face of the woman who stole her identity.
Only a week earlier, she learned that someone had taken out credit cards in her name and racked up thousands in charges. A federal agent had shown her a surveillance photo. But the image didn't ring a bell.
Now the woman in thick-rimmed glasses was standing there at McCambridge's women's-casual counter at J.C. Penney at Southcenter, asking to open a credit account.
http://clicks.aweber.com/y/ct/?l=EQNY_&m=1dvgwuLjKmGWfD&b=iW4R32.w0fLSFOGmfviSFw
Identity theft growing, getting harder to stop
MIAMI - With a few keystrokes, computer security expert Esteban Farao can find all the wireless networks in use in a half-block radius from a Starbucks.One of them, it appears, is intended for guests at the Marriott. Others are private networks for individual businesses.Farao, of Coral Gables-based Enterprise Risk Management, said the security of any of those networks could be compromised - a la Albert Gonzalez."It's a matter of time," Farao said, even for networks that are encrypted and password protected.http://clicks.aweber.com/y/ct/?l=EQNY_&m=1dvgwuLjKmGWfD&b=XpTSy3onzmeuBWLKXHkWCw
TJX hacker pleads guilty in major ID theft case
The hacker involved in a massive data breach at TJX Companies has pleaded guilty to identity theft and fraud for the theft of more than 40 million credit and debit card numbers from TJX and other retailers.Albert Gonzalez, 28, of Miami, pleaded guilty in Massachusetts to 19 charges related to the hacking of computer systems at TJX and retailers including Barnes & Noble. He also pleaded guilty to a charge brought in the Eastern District of New York for hacking into the systems of the Dave & Buster's restaurant chain.
http://clicks.aweber.com/y/ct/?l=EQNY_&m=1dvgwuLjKmGWfD&b=u.93zNj9Lht8tHd6w8.f2w
Keep an eye out for the Computer Security Newsletter October first...
PC Security & Identity Theft
Protection 661-256-6642
Kathleen’s Personal Identity Theft Blog.
http://www.kfidentity.com/
Kathleen’s Complete Internet Protection Web Site. Includes tons of computer and identity theft protection information:
http://www.kathy1313.com
Add Me To Your Address Book
To help ensure that you receive all email messages consistently in your inbox with images displayed, please add this address to your address book or contacts list:
synergymrktng@aweber.com
Identity Theft Facts:
The FBI receives close to 300,000 complaints of suspicious activity per month and only investigates around 6,000.
73% of Identity Theft victims suffered due to the misappropriation of their credit card info.
Identity Theives Targeting Small Businesses
Businesses lose an estimated 57 billion dollars a year to identity theft.
Small businesses are even more vulnerable for two reasons:
1.) They rely on local law enforcement to investigate but most local law enforcement agencies are not prepared to handle business identity theft.
2.) As larger companies have taken on more sophisticated computer network protections, cyber criminals have adapted and gone after smaller businesses who do not have high-level security.
In other words, to identity thieves, small businesses are the low hanging fruit just ripe for the picking!
Business Owners, are you complying with the Red Flags Rule?
The Red Flags Rule requires many businesses and organizations to implement a written Identity Theft Prevention Program designed to detect the warning signs - or "red flags" - of identity theft in their day-to-day operations.
The deadline is November 1, 2009.
Are you covered by the Red Flags Rule?
http://clicks.aweber.com/y/ct/?l=EQNY_&m=1dvgwuLjKmGWfD&b=2mL35GnR3khOp5HyCqUyAQ
Online Red Flag Training
Red Flag Rules training, is designed to familiarize public sector employees with terms, definitions, and requirements related to FTC Government Red Flag Rules.
It teaches the participants to detect, address, and respond appropriately to Red Flags.
http://clicks.aweber.com/y/ct/?l=EQNY_&m=1dvgwuLjKmGWfD&b=QEvEzHG8.wpqj_ttk8UydQ
http://www.leadsleap.com/?referid=fulghamkathleen
http://www.DesktopLightning.com/fulghamkathleen
http://perfecttrafficstorm.com/aff/4163
Welcome to the September 2009 Identity Theft Newsletter!
Id Theft is the number one fastest growing crime in America yet most people people believe it will never happen to them.
It is my sincere hope that by helping to get the word out through these newsletters that some may be saved from the personal nightmare of having there identity stolen.
Identity Theft Victim Meets Her Identity Thief
Back in January, Michelle McCambridge found herself staring into the face of the woman who stole her identity.
Only a week earlier, she learned that someone had taken out credit cards in her name and racked up thousands in charges. A federal agent had shown her a surveillance photo. But the image didn't ring a bell.
Now the woman in thick-rimmed glasses was standing there at McCambridge's women's-casual counter at J.C. Penney at Southcenter, asking to open a credit account.
http://clicks.aweber.com/y/ct/?l=EQNY_&m=1dvgwuLjKmGWfD&b=iW4R32.w0fLSFOGmfviSFw
Identity theft growing, getting harder to stop
MIAMI - With a few keystrokes, computer security expert Esteban Farao can find all the wireless networks in use in a half-block radius from a Starbucks.One of them, it appears, is intended for guests at the Marriott. Others are private networks for individual businesses.Farao, of Coral Gables-based Enterprise Risk Management, said the security of any of those networks could be compromised - a la Albert Gonzalez."It's a matter of time," Farao said, even for networks that are encrypted and password protected.http://clicks.aweber.com/y/ct/?l=EQNY_&m=1dvgwuLjKmGWfD&b=XpTSy3onzmeuBWLKXHkWCw
TJX hacker pleads guilty in major ID theft case
The hacker involved in a massive data breach at TJX Companies has pleaded guilty to identity theft and fraud for the theft of more than 40 million credit and debit card numbers from TJX and other retailers.Albert Gonzalez, 28, of Miami, pleaded guilty in Massachusetts to 19 charges related to the hacking of computer systems at TJX and retailers including Barnes & Noble. He also pleaded guilty to a charge brought in the Eastern District of New York for hacking into the systems of the Dave & Buster's restaurant chain.
http://clicks.aweber.com/y/ct/?l=EQNY_&m=1dvgwuLjKmGWfD&b=u.93zNj9Lht8tHd6w8.f2w
Keep an eye out for the Computer Security Newsletter October first...
PC Security & Identity Theft
Protection 661-256-6642
Kathleen’s Personal Identity Theft Blog.
http://www.kfidentity.com/
Kathleen’s Complete Internet Protection Web Site. Includes tons of computer and identity theft protection information:
http://www.kathy1313.com
Add Me To Your Address Book
To help ensure that you receive all email messages consistently in your inbox with images displayed, please add this address to your address book or contacts list:
synergymrktng@aweber.com
Identity Theft Facts:
The FBI receives close to 300,000 complaints of suspicious activity per month and only investigates around 6,000.
73% of Identity Theft victims suffered due to the misappropriation of their credit card info.
Identity Theives Targeting Small Businesses
Businesses lose an estimated 57 billion dollars a year to identity theft.
Small businesses are even more vulnerable for two reasons:
1.) They rely on local law enforcement to investigate but most local law enforcement agencies are not prepared to handle business identity theft.
2.) As larger companies have taken on more sophisticated computer network protections, cyber criminals have adapted and gone after smaller businesses who do not have high-level security.
In other words, to identity thieves, small businesses are the low hanging fruit just ripe for the picking!
Business Owners, are you complying with the Red Flags Rule?
The Red Flags Rule requires many businesses and organizations to implement a written Identity Theft Prevention Program designed to detect the warning signs - or "red flags" - of identity theft in their day-to-day operations.
The deadline is November 1, 2009.
Are you covered by the Red Flags Rule?
http://clicks.aweber.com/y/ct/?l=EQNY_&m=1dvgwuLjKmGWfD&b=2mL35GnR3khOp5HyCqUyAQ
Online Red Flag Training
Red Flag Rules training, is designed to familiarize public sector employees with terms, definitions, and requirements related to FTC Government Red Flag Rules.
It teaches the participants to detect, address, and respond appropriately to Red Flags.
http://clicks.aweber.com/y/ct/?l=EQNY_&m=1dvgwuLjKmGWfD&b=QEvEzHG8.wpqj_ttk8UydQ
http://www.leadsleap.com/?referid=fulghamkathleen
http://www.DesktopLightning.com/fulghamkathleen
http://perfecttrafficstorm.com/aff/4163
Thursday, September 24, 2009
Sophisticated Botnet Causing a Surge in Click Fraud
Thursday, September 17, 2009 4:10 PM PDT
A new botnet has caused a sharp spike in click fraud because it is skirting the most sophisticated filters of search engines, Web publishers and ad networks, according to Click Forensics.
The company, which provides services to monitor ad campaigns for click fraud and reports on click fraud incidence every quarter, said on Thursday that the botnet's architects have figured out a way to mask it particularly well as legitimate search ad traffic.
Click Forensics is calling this the "Bahama botnet" because initially it was redirecting traffic through 200,000 parked domains in the Bahamas, although it now is using sites in Amsterdam, the U.K. and Silicon Valley.
Click fraud affects marketers who spend money on pay-per-click (PPC) advertising on search engines and Web pages. It happens when a person or a machine clicks on a PPC ad with malicious intent or by mistake.
For example, a competitor may click on a rival's PPC ads in order to drive up their ad spending. Also, a rogue Web publisher may click on PPC ads on its site to trigger more commissions, which is probably what's behind the Bahama botnet.
Click fraud also includes nonmalicious activity that nonetheless yields a click of little or no value to the advertiser, such as when someone clicks on an ad by mistake or two consecutive times.
Click Forensics has been warning recently that click fraud scammers are increasingly resorting to botnets, which are networks of computers that have been secretly compromised for a variety of malicious tasks.
The Bahama botnet is masking the source of its clicks to convince click-fraud filters they are coming from high-quality, legitimate sources, such as U.S. libraries and schools. The botnet is also altering the "interval and breadth" of the attacks from the compromised PCs, according to Click Forensics.
In a piece of extremely bad news for advertisers running PPC campaigns, Click Forensics has seen worst-case scenarios in which as much as 30 percent of a monthly ad budget is swallowed by Bahama botnet click-fraud traffic.
Ordinary users' PCs are made part of the Bahama botnet with malware. Click Forensics found links to the malware in search results for queries about the non-existent Facebook Fan Check virus.
Last week, security company Sophos and Facebook both warned that malicious hackers were setting up malware-infested Web sites that falsely claimed to remove a non-existent virus from a new Facebook application called Fan Check.
False rumors spread that Fan Check infected PCs with malware, so scammers tried to capitalize on the concern that many Facebook members had about the application.
As Facebook members used popular search engines to find antivirus information about Fan Check, they got results that pointed to sites that offered false virus removal kits and instead infected their computers with malware.
Click Forensics also said the botnet malware is "extremely similar" to the "scareware" program found in malicious ads that The New York Times was tricked into serving up on its Web site last weekend. Before the Times eliminated them, the ads displayed pop-up messages falsely telling users their PCs were infected so they would buy a fake anti-virus program.
Click Forensics is in contact with major search engines, ad network providers, advertisers, publishers and security companies regarding the Bahama botnet and ways to address it.
Neither Google nor Yahoo, which operate the two largest search engines and PPC ad networks, immediately responded to a request for comment.
http://www.kathy1313.com/
http://perfecttrafficstorm.com/aff/4163
http://www.DesktopLightning.com/fulghamkathleen
http://www.leadsleap.com/?referid=fulghamkathleen
A new botnet has caused a sharp spike in click fraud because it is skirting the most sophisticated filters of search engines, Web publishers and ad networks, according to Click Forensics.
The company, which provides services to monitor ad campaigns for click fraud and reports on click fraud incidence every quarter, said on Thursday that the botnet's architects have figured out a way to mask it particularly well as legitimate search ad traffic.
Click Forensics is calling this the "Bahama botnet" because initially it was redirecting traffic through 200,000 parked domains in the Bahamas, although it now is using sites in Amsterdam, the U.K. and Silicon Valley.
Click fraud affects marketers who spend money on pay-per-click (PPC) advertising on search engines and Web pages. It happens when a person or a machine clicks on a PPC ad with malicious intent or by mistake.
For example, a competitor may click on a rival's PPC ads in order to drive up their ad spending. Also, a rogue Web publisher may click on PPC ads on its site to trigger more commissions, which is probably what's behind the Bahama botnet.
Click fraud also includes nonmalicious activity that nonetheless yields a click of little or no value to the advertiser, such as when someone clicks on an ad by mistake or two consecutive times.
Click Forensics has been warning recently that click fraud scammers are increasingly resorting to botnets, which are networks of computers that have been secretly compromised for a variety of malicious tasks.
The Bahama botnet is masking the source of its clicks to convince click-fraud filters they are coming from high-quality, legitimate sources, such as U.S. libraries and schools. The botnet is also altering the "interval and breadth" of the attacks from the compromised PCs, according to Click Forensics.
In a piece of extremely bad news for advertisers running PPC campaigns, Click Forensics has seen worst-case scenarios in which as much as 30 percent of a monthly ad budget is swallowed by Bahama botnet click-fraud traffic.
Ordinary users' PCs are made part of the Bahama botnet with malware. Click Forensics found links to the malware in search results for queries about the non-existent Facebook Fan Check virus.
Last week, security company Sophos and Facebook both warned that malicious hackers were setting up malware-infested Web sites that falsely claimed to remove a non-existent virus from a new Facebook application called Fan Check.
False rumors spread that Fan Check infected PCs with malware, so scammers tried to capitalize on the concern that many Facebook members had about the application.
As Facebook members used popular search engines to find antivirus information about Fan Check, they got results that pointed to sites that offered false virus removal kits and instead infected their computers with malware.
Click Forensics also said the botnet malware is "extremely similar" to the "scareware" program found in malicious ads that The New York Times was tricked into serving up on its Web site last weekend. Before the Times eliminated them, the ads displayed pop-up messages falsely telling users their PCs were infected so they would buy a fake anti-virus program.
Click Forensics is in contact with major search engines, ad network providers, advertisers, publishers and security companies regarding the Bahama botnet and ways to address it.
Neither Google nor Yahoo, which operate the two largest search engines and PPC ad networks, immediately responded to a request for comment.
http://www.kathy1313.com/
http://perfecttrafficstorm.com/aff/4163
http://www.DesktopLightning.com/fulghamkathleen
http://www.leadsleap.com/?referid=fulghamkathleen
Sunday, September 20, 2009
Officials: Special Plastic Sleeves May Stop Identity Theft
To protect against skimming and eavesdropping attacks, federal and state officials recommend that Americans keep their e-passports tightly shut and store their RFID-tagged passport cards and enhanced driver's licenses in "radio-opaque" sleeves.
That's because experiments have shown that the e-passport begins transmitting some data when opened even a half inch, and chipped passport cards and EDLs can be read from varying distances depending on reader techonology.
The cover of the e-passport booklet contains a metallic sheathing that can diminish the distances radio waves travel, presumably hindering unwanted interceptions.
Alloy envelopes that come with the PASS cards and driver's licenses do the same, the government says.
The State Department asserts that hackers won't find any practical use for data skimmed from RFID chips embedded in the cards, but "if you don't want the cards read, put them in an attenuation sleeve," says John Brennan, a senior policy adviser at the Office of Consular Affairs.
Gigi Zenk, a spokeswoman for the Washington state Department of Licensing, says the envelope her state offers with the enhanced driver's license "ensures that nothing can scan it at all."
But that wasn't what researchers from the University of Washington and RSA Laboratories, a data security company in Bedford, Mass., found last year while testing the data security of the cards.
The PASS card "is readable under certain circumstances in a crumpled sleeve," though not in a well maintained sleeve, the researchers wrote in a report.
Another test on the enhanced driver's license demonstrated that even when the sleeve was in pristine condition, a clandestine reader could skim data from the license at a distance of a half yard.
Will Americans consistently keep their enhanced driver's licenses in the protective sleeves and maintain those sleeves in perfect shape — even as driver's licenses are pulled out for countless tasks, from registering in hotels to buying alcohol?
The report's answer: "It is uncertain ... "
And when the sleeves come off, "you're essentially saying to the world, 'Come and read what's in my wallet,'" says Marc Rotenberg, executive director of the Electronic Privacy Information Center in Washington, D.C.
By obliging Americans to use these sleeves, he says, the government has, in effect, shifted the burden of privacy protection to the citizen.
Meanwhile, researchers have raised other red flags.
— In 2006, a mobile security company, Flexilis, conducted an experiment in which the transponder of a partially opened e-passport triggered an explosive planted in a trashcan when a dummy carrying the chipped passport approached the bin. A video of the experiment was shown that year at a security conference.
Flexilis has suggested that the government adopt a dual cover shield and specifically designed RFID tag that would make the e-passport remotely unreadable until it is fully opened.
No changes have been made to the U.S. e-passport in response, according to the State Department.
— Some RFID critics wonder: Could government officials read the microchips in an enhanced driver's license or passport card by scanning people via satellite or through a cell phone tower network?
The short answer is no — because the chips in PASS cards and EDLs are "passive," or batteryless, meaning they rely on the energy of readers to power up. Passive tags are designed to beam information out 30 feet.
However, research is moving forward to make batteries tinier and more powerful, says Ari Juels, director of RSA Laboratories.
A "semi-passive" tag that could transmit into the atmosphere when triggered by a reader "may be feasible at some point," he says.
Separately, a system called STAR, that adapts deep-space communications technologies to read passive tags from distances greater than 600 feet, was announced last year by a Los Angeles startup called Mojix, Inc.
It uses "smart antennas" and "digital beam forming" to process signals in four dimensions — time, space, frequency and polarization.
Mojix, founded by a former NASA scientist, promotes the technology for supply chain management and asset tracking.
http://www.wysong.net/
That's because experiments have shown that the e-passport begins transmitting some data when opened even a half inch, and chipped passport cards and EDLs can be read from varying distances depending on reader techonology.
The cover of the e-passport booklet contains a metallic sheathing that can diminish the distances radio waves travel, presumably hindering unwanted interceptions.
Alloy envelopes that come with the PASS cards and driver's licenses do the same, the government says.
The State Department asserts that hackers won't find any practical use for data skimmed from RFID chips embedded in the cards, but "if you don't want the cards read, put them in an attenuation sleeve," says John Brennan, a senior policy adviser at the Office of Consular Affairs.
Gigi Zenk, a spokeswoman for the Washington state Department of Licensing, says the envelope her state offers with the enhanced driver's license "ensures that nothing can scan it at all."
But that wasn't what researchers from the University of Washington and RSA Laboratories, a data security company in Bedford, Mass., found last year while testing the data security of the cards.
The PASS card "is readable under certain circumstances in a crumpled sleeve," though not in a well maintained sleeve, the researchers wrote in a report.
Another test on the enhanced driver's license demonstrated that even when the sleeve was in pristine condition, a clandestine reader could skim data from the license at a distance of a half yard.
Will Americans consistently keep their enhanced driver's licenses in the protective sleeves and maintain those sleeves in perfect shape — even as driver's licenses are pulled out for countless tasks, from registering in hotels to buying alcohol?
The report's answer: "It is uncertain ... "
And when the sleeves come off, "you're essentially saying to the world, 'Come and read what's in my wallet,'" says Marc Rotenberg, executive director of the Electronic Privacy Information Center in Washington, D.C.
By obliging Americans to use these sleeves, he says, the government has, in effect, shifted the burden of privacy protection to the citizen.
Meanwhile, researchers have raised other red flags.
— In 2006, a mobile security company, Flexilis, conducted an experiment in which the transponder of a partially opened e-passport triggered an explosive planted in a trashcan when a dummy carrying the chipped passport approached the bin. A video of the experiment was shown that year at a security conference.
Flexilis has suggested that the government adopt a dual cover shield and specifically designed RFID tag that would make the e-passport remotely unreadable until it is fully opened.
No changes have been made to the U.S. e-passport in response, according to the State Department.
— Some RFID critics wonder: Could government officials read the microchips in an enhanced driver's license or passport card by scanning people via satellite or through a cell phone tower network?
The short answer is no — because the chips in PASS cards and EDLs are "passive," or batteryless, meaning they rely on the energy of readers to power up. Passive tags are designed to beam information out 30 feet.
However, research is moving forward to make batteries tinier and more powerful, says Ari Juels, director of RSA Laboratories.
A "semi-passive" tag that could transmit into the atmosphere when triggered by a reader "may be feasible at some point," he says.
Separately, a system called STAR, that adapts deep-space communications technologies to read passive tags from distances greater than 600 feet, was announced last year by a Los Angeles startup called Mojix, Inc.
It uses "smart antennas" and "digital beam forming" to process signals in four dimensions — time, space, frequency and polarization.
Mojix, founded by a former NASA scientist, promotes the technology for supply chain management and asset tracking.
http://www.wysong.net/
Subscribe to:
Posts (Atom)