The summary of GAO-10-536T report, Information Security: Concerted Response Needed to Resolve Persistent Weaknesses, March 24, 2010: Without proper safeguards, federal computer systems are vulnerable to intrusions by individuals who have malicious intentions and can obtain sensitive information. The need for a vigilant approach to information security has been demonstrated by the pervasive and sustained…
Category: Commentaries and Analyses
Your health, tax, and search data siphoned
Dan Goodin reports: Google, Yahoo, Microsoft’s Bing, and other leading websites are leaking medical histories, family income, search queries, and massive amounts of other sensitive data that can be intercepted even when encrypted, computer scientists revealed in a new research paper. Researchers from Indiana University and Microsoft itself were able to infer the sensitive data…
Recommended: Gonzalez Lawyers, Judges Debate Data Breach Costs
Evan Schuman writes: When two Boston-based federal judges sentence Albert Gonzalez Thursday (March 25) and Friday (March 26) for a rash of retail cyber-break-ins that he confessed to orchestrating, the exact sentence may be academic. The key legal argument is shaping up to be this question: “When a retailer is breached, what’s the most reasonable…
Western Australia’s Auditor General Finds Serious Weaknesses in Government Agencies’ Handling of Information
In his annual report on Information System Management in state government agencies, the Auditor General for Western Australia has identified serious weaknesses in the way many agencies manage their IT systems. The two-part Information Systems Audit Report, tabled in Parliament, found that government agencies were often failing to implement comprehensive controls over their IT systems…
An ACTA of insecurity
By now, the leaked copy of the January 18, 2010 draft of ACTA is all over the web. What I don’t understand is the notice on the cover: This document must be protected from unauthorized disclosure, but may be mailed or transmitted over unclassified e-mail or fax, discussed over unsecured phone lines, and stored on…
Compensation should be paid for personal data loss, says report
Urmee Khan reports: Putting a price on privacy will deter organisations from losing or abusing people’s personal details, the influential think tank Demos found. The recommendation comes amid increasing concern that there has been a dramatic expansion of a “surveillance society”, which threatens to erode civil liberties. The report Private Lives, published today, recommended that…