Humans to blame for security breaches

Grok Headline matches for Humans to blame for security breaches

Reporter Breaches UK Palace Security

Reporter Breaches UK Palace Security 11/19/2003 08:15 PM
A Google search for Ryan Parry turns up references to a journalist who last summer gained a job as a security guard to tennis stars at Wimbledon - again, using ...

Four sacked over Los Alamos security
breaches

Four sacked over Los Alamos security
breaches 09/27/2004 07:02 AM
Computer Weekly Sep 27 2004 11:09AM GMT

Customers won't tolerate security
breaches

Customers won't tolerate security
breaches 05/06/2004 10:21 AM

Microsoft attempts to patch up security
breaches with SP2

Microsoft attempts to patch up security
breaches with SP2 08/22/2004 07:40 AM
Los Angeles Times Aug 22 2004 11:45AM GMT

Analyst: Hidden costs in security
breaches

Analyst: Hidden costs in security
breaches 03/14/2005 05:32 PM

UK reporter breaches royal security for
Bush visit

UK reporter breaches royal security for
Bush visit 11/19/2003 08:14 PM
A Google search for Ryan Parry turns up references to a journalist who last summer gained a job as a security guard to tennis stars at Wimbledon - again, using ...

Survey finds human at fault for security
breaches

Survey finds human at fault for security
breaches 04/11/2004 12:23 AM

Los Angeles International Airport Closed
After Security Breaches

Los Angeles International Airport Closed
After Security Breaches 09/04/2004 03:40 PM
Free Internet Press Sep 4 2004 7:11PM GMT

LexisNexis Suddenly Notices Massive Data
Security Breaches Everywhere They Look

LexisNexis Suddenly Notices Massive Data
Security Breaches Everywhere They Look 04/12/2005 06:01 AM
Funny how once the media attention for the various computer security break-ins started receiving attention, the various firms who were caught handing out your private data suddenly noticed that they'd actually been leaking data all along. Choicepoint, which was the first big one to admit a problem, later found a histo ry of leaked data. It appears they're not alone. LexisNexis, whose Seisant subsidiary wasn't particularly careful in how it kept all that data about you that you didn't realize they had (much of it, probably wrong ), decided that maybe it would be a smart move to look over some past transactions to see if this data leakage was a new problem. Turns out that it wasn't. LexisNexis is now admitting that they found not one or two more cases, but fifty-nine cases where their security was breached, opening up access to all sorts of private data (this is one of the databases the government likes to use to build profiles on people). The company is sending out letters to 280,000 people to let them know that they may have to spend the rest of their lives carefully scanning credit reports to make sure the company's own negligence didn't result in identity theft. Meanwhile, everyone's still being told that, basically, there 's nothing they can do against any of these firms that didn't seem to care about your privacy at all.

Should We Blame Security Victims?

Should We Blame Security Victims? 04/28/2004 04:49 AM
There is always something of a back and forth on who to blame whenever a big virus goes around. Is it the fault of a company like Microsoft for not creating their software in a way to better protect against such things? Is it the fault of anti-virus software vendors who are always a step behind the latest virus? Or, is it the fault of the end-user who is convinced to click a strange attachment despite thousands upon thousands of warnings not to? Walt Mossberg recently wrote a column calling for techies to stop blaming the victims. Instead, he blames Microsoft and calls on them to create a one-stop shop for protecting end-users from any and all security problems. Now, Tim Mullen has struck back and pointed out that people should stop being victims if they want to use computers and the internet. He points out, first of all, that Mossberg's vision of the perfect security protection system is impossible. Furthermore, he explains that no one is expecting end users to become system administrators, but to just do a few basic things to secure their computers from the most obvious of malicious attacks by installing basic anti-virus and firewall software (though, these days, you also need anti-spam software, anti-spyware software and anti-phishing software to really be complete). Mullen's point, however, is that we expect a basic level of competence to drive a car without hurting themselves, or to cook meat without giving themselves food poisoning. Thus, is it really that much to ask users to secure their own computers? The answer, of course, probably lies somewhere in the middle. Software companies and, increasingly, internet service providers, are going to be expected to do more to stop malicious attacks in their tracks - but end users should be expected to handle basic protection of their own machines. Besides, if we really must blame someone for all these malicious attacks, shouldn't it be those who are actually creating them?

Blame Bad Security on Sloppy Programming

Blame Bad Security on Sloppy Programming 06/28/2004 01:34 PM

Developers Blame Users For Security
Problems

Developers Blame Users For Security
Problems 07/21/2004 09:14 AM

18 Separate Security Updates !!! Just
Blame Dell

18 Separate Security Updates !!! Just
Blame Dell 10/15/2002 07:15 AM
18 Separate Security Updates !!! Just Blame Dell If you want to know another reason why we have such extreme security problems with MS Windows, here's one: Blame Dell. That's right Dell. No I don't mean Dell the company but the PC manufacturer in general. Here's what just happened to me: Helped a friend buy a new computer. Brand new. From Dell. Not surplus or pre-manufactured but NEW. Set it up. Went to Windows Update and found 18 Separate Security Updates. No this isn't a surprise to me. What Microsoft does is release 1 operating system every few years and then multiple updates, service packs and fixes so that the customer has to do the update themselves. As far as I am concerned, Dell just sold me an obsolete, buggy, insecure product. Why did I have to update it? Why didn't Dell take care of it for me? I (my friend actually) just spent $1,400 for a new Latitude laptop and then I had to spend 2 + hours bringing it up to date. That's just wrong. NOTE: And just to be clear, the oldest of these security updates was October, 2001. Sidebar, Feel Free to Ignore: When is the high tech industry as a whole going to figure this stuff out and start realizing that computers and software are just products like any other and the time honored concepts like customer service, quality and warranties actually matter? As I've said before it's going to take a class action lawsuit to bring companies into reality. And it will happen within the next 3 years or so I suspect. Sure I'll admit that this is Microsoft's fault ultimately, for not rolling out new versions of the operating system with all patches integrated but the Dell and all the manufacturers could band together and say "We're not gonna take it !". Sigh. What else can I say but: As Dumb as Dell. (And don't even get me started on the fact that Dell True Mobile 1150 integrated WiFi cards won't connect to standard LinkSys WAP 11 access points. And when I googled for it, I found that I am NOT the only one. I strongly recommend that you skip Dell WiFi hardware and use LinkSys instead. That was another 2 hours out of my life I'll never get back. And it still doesn't work. Anyone have any thoughts?)

Bill Gates says users to blame for
security problems

Bill Gates says users to blame for
security problems 11/03/2003 05:33 AM

Can't Blame The Messenger For Identity
Theft Security Problems

Can't Blame The Messenger For Identity
Theft Security Problems 03/31/2005 04:50 PM
With all of the various data security holes reported over the past few weeks, one aspect that didn't get much coverage was how some of them were discovered. The guy who found out that an online payroll company was exposing plenty of personal data has written up his experience claiming that PayMaxx threatened to sue him for pointing out the flaw. They said it was a violation of the Computer Fraud and Abuse Act -- even though he was just trying to protect his own and others' content. With such an experience behind him, he's pointing out that any real attempt to stop identity theft needs to explicitly allow "white hat" hacking. This way, those who are simply trying to help companies find the security flaws in their system are protected. It's basically a question of whether or not the messenger should be blamed. Still, many will point out that there's a fine line between good Samaritan hacking and malicious hacking -- and some worry that malicious hackers will start claiming good intentions when they're caught. However, if the boundaries are made clear, this shouldn't be a huge problem.

Microsoft Software to Blame for the
CardSystems Solutions Data Security
Breach?

Microsoft Software to Blame for the
CardSystems Solutions Data Security
Breach? 06/22/2005 02:14 AM
Softpedia Jun 22 2005 5:59AM GMT

Price of oil breaches $40 barrier

Price of oil breaches $40 barrier 05/07/2004 12:17 PM
Oil prices reach levels last seen when Iraq invaded Kuwait in 1990, following continuing fears about security in the Middle East.

Hit squad set up to combat DP breaches

Hit squad set up to combat DP breaches 06/17/2005 04:41 PM
Who thought data protection could be so exciting?

U.S. Blogger Breaches Canadian
Publication Ban

U.S. Blogger Breaches Canadian
Publication Ban 04/04/2005 04:17 PM

Iran to Prosecute Over Building Law
Breaches in Bam

Iran to Prosecute Over Building Law
Breaches in Bam 01/02/2004 07:22 PM
Reuters via Wired News Jan 2 2004 6:44PM ET

Banks ordered to tell customers about
breaches

Banks ordered to tell customers about
breaches 03/24/2005 11:10 PM
Four federal finance agencies have issued rules that force banks to tell customers when their personal data has been exposed

U.S. Wants Iran Breaches Reported to UN
Council

U.S. Wants Iran Breaches Reported to UN
Council 06/18/2004 06:29 AM
Reuters via Wired News Jun 18 2004 10:51AM GMT

Credit Card Breaches Not Only Old Hat,
But Also Declining

Credit Card Breaches Not Only Old Hat,
But Also Declining 06/22/2005 02:17 AM
In the wake of CardSystems outra geous 40 million customer data exposure and its seemi ngly quaint predecessors, the Monday morning quarterbacks are weighing to explain what we've all known for a while now: security breaches of this kind are nothing new, it's just that we're finding out about them more. In fact, the evidence shows that the incidence of credit card fraud is actually declining. Turns out that banks and merchants have been tackling this issue for some time, and actually reduced illegal credit card purchases by $100 million between 2003 and 2004. The industry still has a ways to go (after all, $788 million worth of fraud is still a serious problem), but at least there are signs of improvement. The same can't be said of identity theft, which the BusinessWeek story says is slightly on the rise and probably fueling the misperception about fraud in general. Of course, identity theft is a much more damaging crime with fewer solutions than a bunch of fake charges on your credit card. And, scammers don't need to swipe tons of data to cause widespread problems. Just a couple hundred thousand people's info will do.

LexisNexis Uncovers More Consumer Data
Breaches

LexisNexis Uncovers More Consumer Data
Breaches 04/12/2005 01:17 PM
Personal information on 310,000 U.S. citizens may have been stolen from its computer systems, 10 times more than its initial estimate last month, data broker LexisNexis said.

Lasers To Signal Airspace Breaches
(washingtonpost.com)

Lasers To Signal Airspace Breaches
(washingtonpost.com) 04/16/2005 02:44 AM
washingtonpost.com - The U.S. military will begin using an elaborate network of cameras and lasers next month to scan the sky over Washington and flash colored warning beams at aircraft that enter the nation's most restricted metropolitan airspace.

Intellectual property rights breaches
resolved

Intellectual property rights breaches
resolved 03/30/2005 01:51 AM
Xinhua News Agency Mar 30 2005 3:42AM GMT

LexisNexis: More Consumer Data Breaches
(Reuters)

LexisNexis: More Consumer Data Breaches
(Reuters) 04/12/2005 11:10 AM
Reuters - Data broker LexisNexis said on Tuesday that personal information on 310,000 U.S. citizens may have been stolen from its computer systems, 10 times more than its initial estimate last month.

Spamhaus breaches great firewall of
China

Spamhaus breaches great firewall of
China 04/23/2004 05:34 AM
vnunet.com Apr 23 2004 9:13AM GMT

Data brokers didn't notify consumers of
past breaches

Data brokers didn't notify consumers of
past breaches 04/13/2005 05:53 PM
Executives at ChoicePoint and LexisNexis said they have had past data breaches that they have not reported to victims.

Wipro net profit up 26 percent, breaches
billion dollar revenue mark (AFP)

Wipro net profit up 26 percent, breaches
billion dollar revenue mark (AFP) 04/16/2004 12:56 AM
AFP - Indian software company Wipro net profit jumped 26 percent in the year to March as it became the second listed IT firm in India to breach the one-billion-dollar revenue mark.

Incident response plans avert disaster
and make breaches 'temporary
inconvenience'

Incident response plans avert disaster
and make breaches 'temporary
inconvenience' 09/14/2004 03:55 AM
Computer Weekly Sep 14 2004 8:13AM GMT

Learn how to visualize network activity,
uncover anomalous traffic and
investigate breaches. Register to downl

Learn how to visualize network activity,
uncover anomalous traffic and
investigate breaches. Register to downl 05/22/2004 08:15 AM
Internet News May 22 2004 12:08PM GMT

XAML is for humans

XAML is for humans 11/10/2003 11:12 PM

Don Box: Today, the data needed to initialize an object graph is hidden behind imperative statements in your programming language of choice. That makes it difficult to tease out of the rest of your program without weird markers in the source code to delimit the structure of your code into recognizable pieces.

My previous post on this subject had more to it, but I chickened out and didn't post it.  What the heck, I could be wrong, but... here's essentially what I said.

...

die puny humans:

die puny humans: 12/24/2003 03:01 AM
posting to Die Puny Humans .. "statements for 2004," .. wrote a short piece

diepunyhumans.com/archives/006847.html
track this site | 4 links

"die puny humans:"

"die puny humans:" 12/24/2003 09:20 PM

The Top Three Reasons for Humans in
Space

The Top Three Reasons for Humans in
Space 04/11/2005 03:17 PM

When All The Humans Are Gone From
Customer Support

When All The Humans Are Gone From
Customer Support 12/29/2004 10:35 PM
The NY Times is running an article similar to ones that others have run before, noting how incredibly difficult it is to actually get a human on the phone these days when you need customer support from a company. While many people know the "tricks" such as hitting 0 to get around the painful menus, it looks like some companies are spending more time making it harder for customers to reach humans (rather than, say, actually figuring out ways to help their customers). This means that the "0" trick won't always work -- though, sometimes hitting it three or four times in a row will get you through. Other tricks include hitting the * key in the hopes of getting a company directory. What's still not clear is why companies do this. Most of these automated systems simply keep people on these phone calls for a longer period of time and tend to piss them off. My favorite system so far was a Comcast system that required me to go through twelve menus before I could speak to a human, whose first question to me was "what phone number are you calling from" when in step two or three I had specifically punched in my phone number.

A worthy aspiration for most humans: To
be like your own dog

A worthy aspiration for most humans: To
be like your own dog 05/11/2004 12:38 AM
A worthy aspiration for most humans: To be like your own dog .. this to say .. more»

sfgate.com/cgi-bin/article.cgi?f=/c/a/2004/05/08/HOGU86C2 GU1.DTL
track this site | 5 links

Did Early Humans Use Toothpicks?

Did Early Humans Use Toothpicks? 11/07/2003 04:19 AM

cnn.com/2003/TECH/science/11/05/toothpicks.prehistoric.reut/index.h tml
track this site | 5 links

Grok Description matches for Humans to blame for security breaches
GrokA matches for Humans to blame for security breaches

Humans to blame for security breaches

The following phrases have been identified by the grok system as matching this entry: