Can you hear that? That’s the sound of air escaping as we all finally recover from the RSA conference. Rich and Martin are back, and Zach… never left (but did celebrate a birthday last week). We do a quick recap of RSA and then dig into the security news… much of which had nothing to do with the conference. Weird. Network Security Podcast, Episode 188, March 9, 2010 Time:  Read More →

The U.S. Supreme Court is agreeing to decide how much personal information the federal bureaucracy may acquire on its workers. The justices, without comment, decided Monday to review a lower-court decision surrounding the concept of so-called “ informational privacy .” The 9th U.S. Circuit Court of Appeals in San Francisco struck down intrusive background checks last year on nearly three dozen National Aeronautics…  Read More →

The CEO of Lifelock, Todd Davis, became famous for advertising his Social Security number on television ads and banners painted on trucks promising his $10 monthly service would protect consumers from identity theft. The company also offered a $1 million guarantee to compensate customers for losses incurred if they became a victim of identity theft after signing up for the service. But the Federal Trade Commission said Tuesday that the claims... 

Pink Floyd and its label, EMI, are battling over online royalties stemming from a contested clause in their decade-old contract. The developer of The Dark Side of the Moon and other top-selling albums claims its contract with EMI requires its music to be sold as an entire album, not the single tracks that EMI has permitted iTunes to distribute. The band’s attorney, Robert Howe, told a London court on Tuesday, “It’s a matter... 

Interesting commentary: I don’t think this is really a case about ISP liability at all. It is a case about the use of a person’s image, without their consent, that generates commercial value for someone else. That is the essence of the Italian law at issue in this case. It is also how the right of privacy was first established…  Read More →

The “Microsoft Online Services Global Criminal Compliance Handbook (U.S. Domestic Version)” (also can be found here, here, and here) outlines exactly what Microsoft will do upon police request. Here’s a good summary of what’s in it: The Global Criminal Compliance Handbook is a quasi-comprehensive explanatory document meant for law enforcement officials seeking access to Microsoft’s stored user information. It also…... 

Snort was one of the first security tools I ever used.  Read More →

Citing anti-competitive concerns, the Justice Department sued Election Systems & Software in order to force the company to divest itself of the voting machine assets it obtained from Premier Election Solutions last year. The department’s antitrust division, along with nine state attorneys general, filed the civil antitrust lawsuit (.pdf) in U.S. District Court in Washington, D.C., charging that the acquisition threatened competition.... 

Funny: MOUNTAIN VIEW, CA—Responding to recent public outcries over its handling of private data, search giant Google offered a wide-ranging and eerily well-informed apology to its millions of users Monday. “We would like to extend our deepest apologies to each and every one of you,” announced CEO Eric Schmidt, speaking from the company’s Googleplex headquarters. “Clearly there have been some…  Read More →

The Supreme Court agreed Monday to delve into the sensitive question of whether the First Amendment protects anti-gay protesters carrying placards outside military funerals, bearing “America is Doomed,” “Thank God for 9/11″ and other volatile slogans, like “Thank God for dead soldiers.” The messages and picketing are part of a Kansas church’s belief that the United States’ tolerance for homosexuality... 

I just noticed that my tenth edition of Traffic Talk , titled Pcapr.net — where Web 2.0 meets network packet analysis , has been posted. From the article: Solution provider takeaway: Pcapr.net is a free packet collaboration site hosted by Mu Dynamics. Solution providers can participate in the community to exchange, analyze and gather traces for testing products or processes for their customers, including network packet analysis. Not many... 

How not to destroy evidence: In a bold and bizarre attempt to destroy evidence seized during a federal raid, a New York City man grabbed a flash drive and swallowed the data storage device while in the custody of Secret Service agents, records show. The article wasn’t explicit about this — odd, as it’s the main question any reader would…  Read More →

Interesting paper: “A Practical Attack to De-Anonymize Social Network Users.” Abstract. Social networking sites such as Facebook, LinkedIn, and Xing have been reporting exponential growth rates. These sites have millions of registered users, and they are interesting from a security and privacy point of view because they store large amounts of sensitive personal user data. In this paper, we introduce…  Read More →

It’s hard doing interviews on the showroom floor at RSAC.  Read More →

Jan Hichert, CEO of Astaro Internet Security , and I met in one of the quieter hallways of the 2010 RSA Convention.  Read More →