The Seattle Times Company

NWjobs | NWautos | NWhomes | NWsource | Free Classifieds |

Business / Technology

Our network sites | Advanced

Brier Dudley's Blog

Brier Dudley offers a critical look at technology and business issues affecting the Northwest.

E-mail Brier| 206.515.5687 | Follow Brier on Twitter| Microsoft Pri0 blog| RSS feeds Subscribe | Blog Home

June 25, 2012 1:01 PM

Study: Teens behaving worse online, parents clueless

Posted by Brier Dudley

Suprise, surprise.

Parents think they've got a handle on their teens online activity, but most have no idea what their kids are up to on computers and smartphones.

Confirming this is a new study by security vendor McAfee. It found that 73.5 percent of parents trust their teens won't access inappropriate content online.

Yet more than 70 percent of teens have figured out how to avoid parental monitoring, up from 45 percent in a 2010 study.


So what are today's teens doing online?

About a third are looking at pornography.

While 12 percent of parents think their teens are getting to online porn, it turns out 32 percent have done so intentionally and 43 percent of them do so on a weekly basis "if not more frequently," McAfee said in its release.

Some 43 percent have "accessed simulated violence online" and 31 percent access pirated movies and music.

Cheating's also popular. While 77 percent of parents said they're not too concerned about cheating online, 48 percent of teens have looked up answers online and 16 percent admitted to using their phones to look for test answers.

"While it is not necessarily surprising that teens are engaging in the same types of rebellious behaviors online that they exhibit offline, it is surprising how disconnected their parents are," McAfee's "online safety expert" Stanley Holditch said in the release.

"There is a major increase in the number of teens finding ways to hide what they do online from their parents, as compared to the 2010 study. This is a generation that is so comfortable with technology that they are surpassing their parents in understanding and getting away with behaviors that are putting their safety at risk."

McAfee also mentioned "accessing sexual topics online" alongside porn consumption, noting that 36 percent of teens -- and more girls than boys -- have looked into topics such as STD's and pregnancy issues. This isn't necessarily a bad thing, though, if online sources provide needed guidance.

More troubling is that 62 percent of teens have seen cruel behavior online and 23 percent claimed to be targets of cyberbullying, while only 10 percent of parents think their kids have been targeted. McAfee said white kids ages 16 and 17 are most likely to be targeted.

The study found 9.5 percent of teens admit to bullying online and 25 percent said they post mean comments.

The data came from 2,017 online interviews of teens aged 13 to 17 and their parents. The parent and teen group samples have a 3.1 percent margin of error -- so perhaps only 29 percent of teens are surfing for porn, or maybe it's 35 percent?

Meanwhile,less than half of parents are taking steps to get a handle on this activity. McAfee found 49 percent set up parental controls, 44 percent get email and social network passswords and 27 percent have taken away computers and mobile devices.

Another 23 percent of parents "disclosed that they are not monitoring their children's online behaviors because they are overwhelmed by technology."

So what are the tricks teens use to fool their parents?

Here's McAfee's list:

1. Clearing the browser history (53%).
2. Close/minimize browser when parent walked in (46%).
3. Hide or delete IMs or videos (34%).
4. Lie or omit details about online activities (23%).
5. Use a computer your parents don't check (23%).
6. Use an Internet-enabled mobile device (21%).
7. Use privacy settings to make certain content viewable only by friends (20%).
8. Use private browsing modes (20%).
9. Create private email address unknown to parents (15%).
10.Create duplicate/fake social network profiles (9%).

For parents wondering what to do, McAfee offered a few bits of advice, urging them to get engaged and keep up.

"You must challenge yourselves to become familiar with the complexities of the teen online universe and stay educated on the various devices your teens are using to go online," its online security evangelist, Robert Siciliano, said in a blog post.

Microsoft also provides family safety advice for parents, including links to its free parental control software.

Here's the full study:


Comments | Category: Education , Facebook , Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

December 5, 2011 10:51 AM

Seattle's TappIn sold for $9 mil

Posted by Brier Dudley

File-sharing startup TappIn is dancing the two-step today after being acquired by San Antonio-based GlobalSCAPE for $9 million.

All eight employees of TappIn will remain in Seattle, working on the company's software for sharing and accessing PC files from mobile phones and tablets.

TappIn shareholders may receive up to $8 million more from the deal if revenue and product development targets are met over the next three years.

The company, formerly known as HomePipe Networks, was started in 2009 by veterans of Aventail. Chief Executive Chris Hopen was formerly Aventail's co-founder and chief technical officer, and TappIn CTO and co-founder Parvez Anandam earlier worked for Aventail, Microsoft and Symantec.

GlobalSCAPE is a publicly traded company offering file transfer software and services to businesses and consumers.

"Combining GlobalSCAPE's leadership in secure information exchange with TappIn's strength in secure digital content mobility allows us to deliver a powerful solution for consumers and businesses," GlobalSCAPE Chief Executive Jim Morris said in the release.

Comments | Category: Entrepreneurs , Security & privacy , Startups |Permalink | Digg Digg | Newsvine Newsvine

October 24, 2011 10:31 AM

Kindle Fire's smoldering privacy issue

Posted by Brier Dudley

It looks like the privacy hullabaloo over's new Web tablet and exotic browser could end before the device goes on sale.

I hope consumers and watchdogs keep paying attention, though.

The Kindle Fire doesn't go on sale until Nov. 15 (though it can be pre-ordered now), but tech experts began questioning the privacy risks of its Silk browser shortly after the device was unveiled last month.

Thumbnail image for IMG_2041.JPG
Silk runs partly on the device and partly on Amazon's EC2 computing network, where the company will analyze browsing activity so it can preload bits of Web pages you're likely to visit.

Amazon anticipated privacy questions and was ready to discuss them at the Kindle Fire launch event in New York last month, but the media coverage focused largely on the new hardware.

Still, the question smoldered, then ignited Oct. 14 when a congressman big on privacy issues fired up. U.S. Rep. Ed Markey, D-Mass., asked the company to answer a list of questions about the browsing information it would collect and how it would be used. He asked Amazon to respond by Nov. 4.

A leading privacy watchdog, the Electronic Freedom Foundation, also weighed in. But after a phone briefing from Amazon last week, the EFF said Silk may not be as much of a privacy nightmare as it feared.

An analysis posted online by the EFF last week assuaged a number of browser and privacy experts, but they all said more analysis is needed. They also said that while Amazon is saying the right things now, diligence is needed to be sure the company doesn't misuse the vast amount of browsing information it will collect.

There are benefits to the hybrid approach Amazon is taking with Silk. It's been around for years, and millions of people now use the Opera Mini browser that has similar technology for accelerating page-load times.

"If it's done properly, there is no privacy issue with doing that," said Elie Bursztein, a researcher at the Stanford Security Lab. "It's actually sort of a good idea as you try to make things faster for the user."

It helps that Silk runs fine by itself on the device, with the online booster turned off, said Steve Gribble, an associate professor of computer science at the University of Washington.

He built a similar browser for the Palm Pilot in grad school, but it didn't have access to the huge, advanced network that's helping power the Silk.

Gribble said the technology is exciting and has all sorts of potential for computer science research, but the privacy concerns are real.

He said Amazon is taking the high road by pledging to not store personally identifiable information, and encrypting communication between the device browser and the cloud.

"They've done a good job so far addressing and being frank about the potential privacy concerns," Gribble said. "In the long run, people need to make sure they continue to do that and they don't slip down a slope toward misusing information they have access to."

The EFF's concerns were addressed in a call from Silk director Jon Jenkins.

"There were some major areas of concern that were abated by our conversation, but I'd say it's ultimately kind of a trade-off," said Dan Auerbach, a former Google engineer who is now an EFF staff technologist. "It's a lot better than we feared in some ways, and the user does get some benefits, notably the fact that their traffic will be encrypted. ... But on the other hand, you are trusting Amazon with an incredible amount of information."

Silk will anticipate pages you're likely to view, based on browsing activity that it's seeing and by analyzing in its data centers. Then it will start downloading components of those pages -- such as logos on a newspaper site -- so the pages load faster on the device.

Amazon won't index the whole Web, as Google does, Jenkins told me at the launch event in New York. But Silk's acceleration system will encompass "the vast majority of what I'll call the popular Web."

Amazon isn't crawling the Web like a search engine, he continued, "We're just using the information flowing through on the (Silk) Web requests to do that."

Before I could ask, he brought up the privacy issue.

Thumbnail image for IMG_2036.JPG

"Privacy is super important to us, so we don't store any personally identifiable information about users or what they're doing on the Web, all of it is completely anonymized," he said, adding that Amazon has "built a foundation of trust with its customers and we will not do anything to jeopardize that trust."

To me, the privacy debate around the Silk browser is a little funny.

If you're truly worried about that sort of thing, perhaps you shouldn't use a computing device that's powered by the world's biggest retailer and a company known for meticulously tracking and analyzing site visitors.

I also keep expecting consumers to rebel against the walled-garden design of Kindles, iPads and Android devices, which are tightly controlled and bound to the platform companies.

Yet consumers seem more than willing to accept the loss of control and privacy risks, because the devices are fun, compelling and useful for communication, productivity and media consumption.

"The truth is that there are risks all over the place," said Hank Levy, chairman of the UW Department of Computer Science and Engineering.

Levy noted that Internet service providers such as Comcast can see your interactions over the Internet, information is potentially visible to cloud service providers such as Gmail and Hotmail, and services such as Facebook can track your online behavior.

"There's all kinds of software running in your browser that can track your behavior and does track your behavior," he said. "At the end of the day a lot of the Internet is being paid for by advertising, and information has value when services are trying to find the best ads for people."

Gribble said these trade-offs are inevitable. Technology can address some of the concerns, but "in the end it's going to be law and contracts and responsible disclosure that will help these companies continue to behave well and not abuse the data that they're increasingly getting access to."

The big test with the Kindle Fire, at least, will come Nov. 15 when consumers get their first chance to buy Amazon's cool new tablet for $199 -- less than half the price of an iPad. It will be hard to resist a device that looks like a good deal, even for people nervous about how much they're disclosing nowadays to the big Internet companies.

"There's a risk that over time you'll give up too much of your privacy, but you're getting something in return for it," Gribble said. "You have to decide whether it's worth it."

Comments | Category: , Android , Kindle , Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

June 10, 2011 10:07 AM

Alleged Sony PSN hackers busted, face Spanish inquisition

Posted by Brier Dudley

Authorities in Spain have arrested three people accused of perpetrating the attack that stole user information from Sony's PlayStation Network and led to an extended shutdown.

Sony shut its network - the cornerstone of its connected entertainment strategy - on April 20 and is still working to fully restore the system. Last week more than 90 percent was back and on Thursday it restarted the Qriocity video service everywhere execept Japan.

Police found a server that had also been used to attack banks and energy companies, according to a New York Times report.

Presumably that means the attackers will face more than the dreaded comfy chair:

Comments | Category: PlayStation , Security & privacy , Sony , Video games |Permalink | Digg Digg | Newsvine Newsvine

May 16, 2011 5:36 PM

Sony's apology gifts: Free games, movies, music

Posted by Brier Dudley

After restarting its PlayStation Network over the weekend, Sony today announced freebies it's offering users to make up for the nearly monthlong outage.

The gifts are on top of the 12 months of an identiity theft protection service that Sony is offering to some 77 million users affected by its compromised network. It remains to be seen whether the gifts are enough to restore faith in the network and avert class-action lawsuits.

Users in North America are being offered two free games from a list of five older titles, including "inFamous" from Bellevue's Sucker Punch Productions. The games will be available once the system is fully restored, and users will have 30 days to download their choices.

Other choices are "Dead Nation," "Little Big Planet," "Super Stardust HD" and "Wipeout HD + Fury."

Sony is also offering PSP portable owners two free games from a list of four: "Little Big Planet," "ModNation Racers," "Pursuit Force" and "Killzone Liberation."

Sony is also giving network users access to a selection of free movies over one weekend. The titles and timing will be announced later.

Network users will also get 30 days of free access to the premium "Plus" service and Plus subscribers will get 60 days of free subscription.

Users of Sony's "Music Unlimited Premium Trial" subscription service will get an additional 30 days of free premium service, and subscribers to the premium and basic services will get a free 30 days of service plus time lost during the outage.

Sony's also giving away 100 free virtual items to use in its PlayStation Home virtual realm. New free content will be added soon, hopefully including padlocks.

Comments | Category: Games & entertainment , PlayStation , Security & privacy , Sony , Video games |Permalink | Digg Digg | Newsvine Newsvine

October 6, 2010 2:07 PM

Facebook adds Googley dashboard, privacy tools redux

Posted by Brier Dudley

Wouldn't it be great if the growing competition between Google and Facebook led to a privacy arms race, with the companies trying to one-up each other with new privacy tools?

Both companies' products are not private by nature. To use their services, you feed them personal information that they use to target advertising.

But they're trying.

Last November, Google added a "dashboard" that lets users see and manage settings for their various Google accounts. Today Facebook released its version, a dashboard for users' Facebook applications that also lets them download and save everything they've posted on the site.

The social network also upgraded its Groups feature for managing lists of friends and what is shared with whom. Friend lists were rolled out in 2007, but they weren't easy to use. With much hoopla in December 2009, Facebook overhauled and simplified its sharing and privacy features to give users more control over sharing and friend lists.

"We're adding something that many of you have asked for -- the ability to control who sees each individual piece of content you create or upload. In addition, we'll also be fulfilling a request made by many of you to make the privacy settings page simpler by combining some settings," Chief Executive Mark Zuckerberg said at the time.

Today Facebook is trying once again, with a revised Groups system. During a press event, Zuckerberg said only 5 percent of users have used the previous tools to create lists.

Its new "spaces" feature lets users create small, private groups of friends to share things and chat on a more ad hoc basis. It sounds kind of like a privacy-enabled version of Google's soon-to-be-shuttered Wave service, which let people assemble groups of contacts to chat and share things.

"It's a simple way to stay up to date with small groups of your friends and to share things with only them in a private space. The default setting is Closed, which means only members see what's going on in a group," Zuckerberg said in a blog post today.

We'll have to see if more than 5 percent use the new tools for sharing private things on the social network.

Comments | Category: Facebook , Google , Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

April 29, 2010 11:40 AM

Facebook "eroding" privacy timeline, yikes

Posted by Brier Dudley

If you've been trying to keep track of Facebook's privacy policies, check out the "eroding privacy policy" timeline published by the Electronic Frontier Foundation.

From the privacy group's summation:

Facebook originally earned its core base of users by offering them simple and powerful controls over their personal information. As Facebook grew larger and became more important, it could have chosen to maintain or improve those controls...

The primer comes as Facebook users are facing "high-pressure tactics" to disclose more information, according to ReadWriteWeb.

Comments | Category: Facebook , Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

February 24, 2010 1:09 PM

Video: This you???? Twitter phishing scam

Posted by Brier Dudley

Security firm Sophos has a video explaining the "This you????" phishing scam proliferating on Twitter today. The basic message is, don't click on "This you????" direct messages.

Comments | Category: Security & privacy , Twitter |Permalink | Digg Digg | Newsvine Newsvine

January 21, 2010 11:59 AM

Microsoft's "China" IE browser emergency patch: Get it now

Posted by Brier Dudley

Here's a link to the emergency patch for Internet Explorer that Microsoft issued today.

It fixes the vulnerability that China apparently used to sneak into the networks of Google and other U.S. companies, prompting the brouhaha that Secretary of State Clinton addressed today.

Now that word's out about the Explorer flaw it's critical to update your browser, whether or not you're likely to get cyberattacked by China.

Comments | Category: Asia , Google , Microsoft , Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

November 18, 2009 2:26 PM

NSA helped secure Windows 7

Posted by Brier Dudley

This is a little spooky: The National Security Agency worked with Microsoft to "enhance" the security of Windows 7.

From Computerworld's report:

"Working in partnership with Microsoft and elements of the Department of Defense, NSA leveraged our unique expertise and operational knowledge of system threats and vulnerabilities to enhance Microsoft's operating system security guide without constraining the user to perform their everyday tasks, whether those tasks are being performed in the public or private sector," Richard Schaeffer, the NSA's information assurance director, told the Senate's Subcommittee on Terrorism and Homeland Security yesterday as part of a prepared statement.

The NSA has worked with Microsoft before to develop secure configurations of Windows and Internet Explorer for federal and military users, but this time it started the process during the Windows 7 beta so it was ready when the software launched.

It's still a little unnerving. Electronic privacy advocate Marc Rotenberg told the publication, "When NSA offers to help the private sector on computer security, the obvious concern is that it will also build in backdoors that enables tracking users and intercepting user communications."

Now the agency is trying to work with Apple, Red Hat, Sun and others on "secure baselines" for their products, Schaeffer said in his prepared testimony.

Maybe they should have a logo program so buyers know which systems have the NSA seal of approval.

Comments | Category: Microsoft , Public policy , Security & privacy , Windows 7 |Permalink | Digg Digg | Newsvine Newsvine

July 13, 2009 4:55 PM

Schneier on North Korean cyberattacks: Big yawn

Posted by Brier Dudley

Security guru Bruce Schneier finished yawning and wrote a nice little essay on last week's hullabaloo over North Korean cyberattacks:

Where were you when North Korea attacked America? Did you feel the fury of North Korea's armies? Were you fearful for your country? Or did your resolve strengthen, knowing that we would defend our homeland bravely and valiantly?

My guess is that you didn't even notice, that -- if you didn't open a newspaper or read a news website -- you had no idea anything was happening. Sure, a few government websites were knocked out, but that's not alarming or even uncommon. Other government websites were attacked but defended themselves, the sort of thing that happens all the time. If this is what an international cyberattack looks like, it hardly seems worth worrying about at all.

Schneier said the solution is obvious and old news: Keep computers patched and follow basic security practices. He said last week's incident was probably "kids playing politics" and turned out to be "a sloppily modified five-year-old worm that no modern network should still be vulnerable to."

Enough of the hype and the bluster. The news isn't the attacks, but that some networks had security lousy enough to be vulnerable to them.

Comments | Category: Enterprise , Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

September 30, 2008 5:58 PM

Rep. Smith introduces bill to block wrongful laptop snooping at the border

Posted by Brier Dudley

Lost in the bailout melee was a bill that U.S. Rep. Adam Smith, D-Tacoma, introduced Monday to address intrusive and inappropriate laptop snooping by the Border Patrol.

Smith's statement in the news release:

"The chief responsibility of the United States Government is to protect its citizens, and while doing so it is critical that we do not overshadow the obligation to protect the privacy and rights of Americans. This legislation will provide clear and commonsense legal avenues for the Department of Homeland Security to pursue those who commit crime and wish to do our country harm without infringing on the rights of American citizens. Importantly, it will provide travelers a level of privacy for their computers, digital cameras, cellular telephones and other electronic devices consistent with the Constitution and our nation's values of liberty."

Continue reading this post ...

Comments | Category: Public policy , Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

August 27, 2008 3:09 PM

Microsoft's new browser: Forget "porn mode," the cookie stuff is what's hot

Posted by Brier Dudley

For some reason, tech journalists and bloggers love it when there's a chance to use the word "porn" in their stories.

Maybe they're hoping to lure more search engine traffic, or just revealing something about how they use computers.

Continue reading this post ...

Comments | Category: Microsoft , Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

July 10, 2008 6:30 AM

Impinj acquires Intel RFID business

Posted by Brier Dudley

In a major deal to expand its RFID product lineup, Seattle's Impinj is acquiring an Intel subsidiary that produces chips used in RFID readers.

In return, Intel's receiving a stake in privately held Impinj.

Continue reading this post ...

Comments | Category: Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

October 18, 2007 12:13 PM

Mukilteo hacker busted for SWAT hoax

Posted by Brier Dudley

Just in time for Halloween, a scary story that a reader passed along:

A teenager in Mukilteo was arrested for allegedly spoofing authorities in Orange County, Calif., into sending a team of heavily armed police into a randomly picked family's home.

The Los Angeles Times reported Wednesday that Randal T. Ellis, 19, was arrested Friday, eight months after the prank.

Ellis allegedly manipulated AOL and Verizon systems and pretended to report a killer on the loose at the home, where a SWAT team accompanied by dogs and a helicopter stormed a house and handcuffed at gunpoint the parents of two toddlers.

Police allege he's done the same thing in Washington, Arizona and Pennsylvania since 2005. From the story:

He was in the process of being extradited to California on Tuesday and was charged with false imprisonment by violence and assault with an assault weapon by proxy.

The crimes carry a possible prison sentence of 18 years.

I didn't know we had laws protecting us from that sort of violence and assault, and I especially didn't expect to learn of them from Los Angeles.

Comments | Category: Security & privacy , Web |Permalink | Digg Digg | Newsvine Newsvine

August 2, 2007 3:13 PM

The safest credit cards for preventing ID theft

Posted by Brier Dudley

According to a new report from Javelin Strategy & Research, Bank of America's Visa Platinum is the safest.

Javelin found that "while almost all card issuers do well in helping their customers after fraud or theft occurs, many need to upgrade their identity fraud detection tools,'' according to a story published today by Computerworld.

Among the shortcomings: 56 percent of card issuers still ask customers to provide Social Security numbers to identify themselves.

B of A's platinum card scored 69 out of 80 points in Javelin's survey. American Express Blue was second with 66 points, followed by Discover Platinum and First National Bank Omaha's Platinum Edition Visa Card.

Apparently that extra security comes at a cost. The story didn't mention this, but the top-ranked cards seem to have higher interest rates, according to a quick check with The top-ranked card charges 4 percent more than the best-rate platinum card, so you have to balance the risk with the cost.

Comments | Category: Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

May 16, 2007 10:42 AM

Security: Still a concern?

Posted by Brier Dudley

Are big companies worrying less about security than little ones?

In their latest survey of enterprise CIOs, Goldman Sachs analysts found that security has abruptly fallen down the list of priorities -- to 11th place, down from its consistent 2nd place showing in recent years. From their report:

A slippage in security as a spending priority may indicate some increased comfort with security issues in the enterprise, not completely surprising since most core security technologies are viewed as fairly mature. It could also be partially a result of few high-profile security breaches or highly disruptive malware incidents in recent memory.

But another survey released today said security will be the top priority for IT organizations this year. That's up from a second-place showing in last year's survey of IT pros by CompTIA (the Computer Computing Technology Industry Association).

Here's part of CompTIA Chief Executive John Venator's quote in the release:

"The proliferation of devices that are now connected to networks, and the increasing mobility of customers and workers have pushed security to top of mind for everyone, from the technician monitoring the network to the business owners and operators whose livelihood can be at risk in the event of a security catastrophe."

Goldman also found that enterprises are taking their time upgrading to Vista, with most saying they'll wait until they refresh PCs within the next year and a half. Vista upgrades are planned within the next year by 6 percent of respondents, and another 48 percent say it will happen within 18 months.

More surprising: Software-as-a-service ranked dead last on the priority list. The analysts' take:

"We note that large-company CIOs, which chiefly comprise our panel, are likely to be slower in their adoption of SaaS given large and complex legacy installations and cultural inertia. However, offerings from leading SaaS vendors are seeing increasing adoption by large enterprises, and most large CIOs we speak with are considering where SaaS offerings make sense if they have not adopted it already in certain areas."

Comments | Category: Enterprise , Microsoft , Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

March 8, 2007 3:44 PM

Fumbles of the day: OneCare, daylight savings patch

Posted by Brier Dudley

Yikes. Tough day on Microsoft's Trustworthy Computing front.

First we hear that some Microsoft customers are having trouble with the daylight savings patch. (Sounds likely mostly Exchange users, according to Mary Jo Foley).

Then word gets out that OneCare doesn't just simplify PC maintenance and security for novices, it may also zap their glitch">e-mail archives if any of the messages contain malware.

Maybe that's why Microsoft won't issue any patches next Tuesday, the first break since Patch Tuesday began in 2005. The security team's probably busy with other things.

Apple fans would be having a heyday if they hadn't just finished patching critical flaws in OSX and QuickTime.

Comments | Category: Microsoft , Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

March 5, 2007 2:42 PM

OneCare taking hits

Posted by Brier Dudley

Microsoft's OneCare seems like a great business and a good solution for non-technical households, so I wonder why this kind of stuff keeps happening.

The company can't seem to win, though -- if it fully protects customers from malware, companies like Symantec call foul and raise antitrust questions. If it doesn't protect customes enough, it gets ripped by security consultancies.

Comments | Category: Microsoft , Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

January 22, 2007 2:02 PM

Schneier: The onus is on banks to stop ID theft

Posted by Brier Dudley

Security guru Bruce Schneier has a great essay in Forbes on how to solve the identity theft problem.

In short, he says the focus needs to shift from the theft of personal information to the sloppy ways that banks and other institutions verify identity and allow fraudulent transactions to occur.

Right now, the economic incentives result in financial institutions that are so eager to allow transactions -- new credit cards, cash transfers, whatever--that they're not paying enough attention to fraudulent transactions. They've pushed the costs for fraud onto the merchants.
But if they're liable for losses and damages to legitimate users, they'll pay more attention. And they'll mitigate the risks. Security technologies can work wonders in preventing identity theft, once the economic incentives to apply them are there.

Comments | Category: Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

December 18, 2006 1:46 PM

Paynter scholarship fund

Posted by Brier Dudley

Should I raise money for Susan Paynter to attend this workshop on open government records in Seattle next spring?

In a column that advocates restricting public access to government records, she included an unchallenged quote saying that a name and birthday are "a running start for identity theft!"

The Web is big, scary and mysterious, but it's not the primary vehicle for identity theft. That's more likely to happen from someone stealing mail or paper files out of a personnel office.

Nor is the Web a reason to let government close even more of its public records to the public. I thought we were trying to make public information more accessible, not less.

Not to downplay concerns about identity theft, which can be an awful thing, but Paynter's chasing a tired old red herring.

Public record laws have already been updated to block the release of information that can be used for identity theft.

Suggesting that the disclosure of a person's name and birthday will lead to their being ripped off is misleading and inflammatory. It may also undermine what's left of public access to government records.

A great New York Times story in September pointed out that despite all the hoopla over lost laptops and accidental disclosures personal information, identity theft and financial fraud has not increased. It was talking about the inadvertant release of truly sensitive personal information, like social security numbers, which aren't being disclosed in the flap Paynter wrote about.

There's always tension between government employees who want to operate in secrecy and the public's right to know who their public servants are and how tax dollars are being spent.

For the press, it's a constant battle to maintain open records, especially when governments try to act more like private businesses and form relationships with secretive corporations.

It's understandable that government employees would be even more uncomfortable with public disclosure with all the hype over identity theft, but we've already been through this. The most recent change to the law was last year, when new language was inserted about personal information such as social security numbers.

That's why it was astounding to see a newspaper saying "The media may know too much" without analyzing the source of the hysteria or providing useful information about the actual risks of identity theft.

What I'd like to see a newspaper do is determine whether public records disclosures have ever led to identity theft. I've never heard of that happening, but there's plenty of evidence that closing access to public records is a problem.

A public records request is probably the last route a thief would take to get personal information, anyway. The requests generate a paper trail that could be traced if the information is misused.

The disclosure of public employee names and birthdays are what got Paynter going. But you can't open a credit card account or get a loan providing just a name and birthday. If you could, then the problem would lie with the bank that issues that account.

Instead of railing about the Web and public access to government records, perhaps we should be calling for new bank regulations and consumer protection laws. That's more important than ever since most of our personal info has already been leaked, lost or spread around.

New identity control tools are being developed by the tech industry. But I'll bet there would be no identity theft crisis if banks and merchants would just be more strict and diligent about verifying identity.

Comments | Category: Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

November 2, 2006 2:12 PM

Ozzie, Diffie and others on public key cryptography

Posted by Brier Dudley

If you missed the Computer History Museum's celebration and roundtable discussion marking the 30th anniversary of public key cryptography last week, a podcast and video are available here at a site hosted by event co-sponsor Voltage Security.

Comments | Category: Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

October 25, 2006 1:48 PM

Internet ID theft fears overblown, new report says

Posted by Brier Dudley

Internet ID is an "insignificant" portion of overall ID fraud on- and offline, according Javelin Strategy & Research, whose latest findings were reported here by Computerworld.

"The Internet always grabs the headlines, but it is individuals who are close to the victims, such as family and friends, that are doing most of it," firm president, James Van Dyke, said.

Comments | Category: Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

October 19, 2006 5:13 PM

Unofficial Microsoft response to iPod virus whine

Posted by Brier Dudley

I wondered how the folks in Redmond would respond to Apple's "hardy" finger pointing over the virus found in some of the new video iPods.

Doug Mahugh pointed to a snarky comeback here.

PC World - of course - went even deeper. It ran a whole story today on the reaction. The meat of the story came from the blog of Jon Poon, who checks Microsoft products for viruses before they ship.

"The fact that it's found on the portable player means that there's an issue with how the quality checks, specifically the content check was done," Poon wrote. "This also indicates that through the manufacturing cycle, the base device from which the image was duplicated to the other devices in the manufacturing run, was connected to a PC that most probably did not have , and i quote their press release, 'up to date anti-virus software which is included with most Windows computers.' "

Comments | Category: Apple , Microsoft , Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

August 9, 2006 2:44 PM

Homeland Security goes code yellow over Microsoft

Posted by Brier Dudley

The feds are weighing on Microsoft's latest security patch for Windows. If you need more prompting to download the fix, here's the Homeland Security press release.

Technorati Profile

Comments | Category: Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

July 25, 2006 3:43 PM

Symantec downgraded, time for a hacker scare

Posted by Brier Dudley

Is it a coincidence that a new PC security scare appeared just as Wall Street started frowning on security software vendors McAfee and Symantec?

Merrill Lynch downgraded Symantec from "buy" to "neutral" today, and issued a sector report that found "overall weakness" and "erosion of security spending."

"With a typically slower summer season closing in, we do not expect any meaningful upside demand catalysts barring an unanticipated virus outbreak or other event,'' the report said.

Then voila, Symantec announced "attack code" had been released for two Windows vulnerabilities. There have been no actual attacks, according to this ominous sounding Cnet report.

Comments | Category: Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

July 25, 2006 3:34 PM

Watchguard + Attachmate?

Posted by Brier Dudley

Francisco Partners, the investment group that bought WatchGuard today, was also involved in the purchase and merger of WRQ and Attachmate. Will it roll WatchGuard into the bundle?

If so, we've got a new ticker candidate: WAW, for WatchGuard-Attachmate-WRQ.

Comments | Category: Enterprise , Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

July 11, 2006 11:35 AM

It's Microsoft patch Tuesday

Posted by Brier Dudley

This month there are seven security fixes available here -- five critical ones and two that are merely important.

Of the critical fixes, two are for Windows and three for Office. Technical details are here.

Comments | Category: Microsoft , Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

July 10, 2006 1:45 PM

Googling for malicious Web sites

Posted by Brier Dudley

The story's been out for a few days, but Computerworld had a good rundown of security firm Websense using Google's binary search capabilities to track down thousands of malicous web sites.

The kicker at the story's end: Google may be developing a file search service.

Comments | Category: Google , Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

June 14, 2006 2:04 PM

Patch your Windows quickly

Posted by Brier Dudley

Computerworld says exploits are already circulating for the Windows flaws announced Tuesday.

Comments | Category: Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

June 13, 2006 11:15 AM

Windows patch time

Posted by Brier Dudley

Today's weather in Seattle is perfect for updating a PC, and Microsoft obliged with its monthly batch up of security patches. Put on a pot of coffee and start downloading. Eight of the 12 patches are rated "critical."

You'd think Microsoft would have this sorted out, but as of 11:20 this morning, if you went to and clicked on "this month's updates" you'd get information on the May updates, not the June updates released today. To go straight to the June updates, go here.

Comments | Category: Microsoft , Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

June 12, 2006 9:41 AM

Today's column on safety

Posted by Brier Dudley

To become an official member of the columnist club, I had to write a piece about the dangers of and other social networking sites.

The column only touched on ways that parents can be sure their kids are safe online. We ran another set of tips on Saturday, and I've invited Seattle Police Detective Malinda Wilson to answer questions from readers during a live online Q&A on Wednesday. We're now taking questions for her here.

I'd been thinking about a MySpace column since I saw a couple of MySpace executives on stage with Bill Gates at Microsoft's Mix06 conference a few months ago in Las Vegas. They seemed a little sensitive about the site's raunchy reputation. After they navigated to the site, displaying it on the huge display screens in the meeting hall, the typical revealing images of young women appeared. They quickly scrolled down until the women weren't so prominent.

After doing some reporting on the topic, two things were really surprising to me -- how little parents have engaged, apparently, despite all the publicity around MySpace predators, and how easy it is for a small group of detectives with a modest budget to track down the predators.

I'm not keen on state oversight of the Web, but I'd rather have more tax dollars spent on police chasing pedophiles at MySpace and less spent on questionable security measures like walling the Mexican border and periodically shadowing the ferries to Bainbridge and Bremerton with machine gun boats.

Comments | Category: Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

June 7, 2006 11:29 AM

Oprah's tech tips

Posted by Brier Dudley

Immediately remove all webcams from the rooms of children, since the devices are primarily used for online sex, according to New York Times reporter Kurt Eichenwald.

Eichenwald was on "The Oprah Winfrey Show" Tuesday, along with a boy victimized by online sexual predators, discussing the horrifying story he reported last December.

Comments | Category: Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

May 30, 2006 1:09 PM

When it rains, it pours consumer security services

Posted by Brier Dudley

First Microsoft announced OneCare, then Symantec began talking up Genesis. Now McAfee's preparing to launch Falcon.

So far it's a little FUD. OneCare has been in beta, Genesis is supposed to launch in September and McAfee's announcement today was short on details -- like dates and prices. The release said it "will soon release the industry's first fully integrated consumer security service platform" and later said the Falcon's coming this summer.

Comments | Category: Microsoft , Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

May 26, 2006 11:08 AM

First Word, now Symantec hit by security flaws

Posted by Brier Dudley

What should you do about the Word and Symantec security flaws announced this week? Shut down your PC and take a nice, long holiday weekend.

If that's not an option, here's more info.

Researchers at eEye Digital Security found the flaw in Symantec's antivirus products and said it's "high severity." But Symantec said it doesn't affect consumers using its Norton-brand antivirus products. The flaw affects Symantec Antivirus Corporate Edition 10.x. More details are listed here.

Earlier this week, Microsoft advised customers to run Word in Safe Mode until it fixes a vulnerability in Office XP and Office 2003. It says the patch will be ready by June 13, but in the meantime here are the precautions listed in its advisory posting:

-- Do not open Word files that are embedded in other applications, such as Excel, PowerPoint and others.

-- Home users: Even after applying the workarounds do not open Word files directly from ANY mail clients for example, Outlook or Hotmail by double-clicking them. Save your word document to a disk or onto your desktop and use the "Word Safe Mode" Shortcut.

-- Enterprise users: Even after applying the workarounds do not open Word files directly from mail clients other than Outlook, for example, Hotmail by double-clicking them.

-- Do not open .doc from a Web site via Internet Explorer or any other browser.

-- If you do not see "Safe Mode" in Word title bar you are not running Word in Safe Mode. Do not attempt to open any Word files as you may be vulnerable to the malicious .doc files.

-- You can use Word Viewer 2003 to open any files without being affected by this vulnerability.

Comments | Category: Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

May 15, 2006 2:01 PM

Symantec's John Thompson: Mac users beware

Posted by Brier Dudley

SAN DIEGO -- Mac users shouldn't be complacent about security, Symantec Chief Executive John Thompson said at FiRe today.

Windows has presented a bigger target for cyberattacks, but the nature of the threats is changing. Instead of broad virus attacks, hackers are increasingly focused on attacking individuals -- regardless of their computer type -- and stealing their money and identity.

"As you think about the changing threat landscape and the threat landscape moves from high profile viruses and worms to identity theft and fraud, that is not OS dependent,'' he said.

Thompson also had choice words for Microsoft. He said he's not worried about competition from Microsoft's new security offerings, but he suggested Symantec, maker of Norton-brand security products, will pursue antitrust remedies if Microsoft doesn't play "fair."

"Our only concern is whether or not Microsoft will play fairly,'' he said. "If they deliver their classic technology portfolio, we're not concerned at all.' However if they do something that is unfair, then that will be something that will be difficult to compete against, but we'll have other venues for making our point.'

Comments | Category: Security & privacy |Permalink | Digg Digg | Newsvine Newsvine

May 12, 2006 12:41 PM

A lonely Qwest

Posted by Brier Dudley

So Qwest has a spine after all. Is it enough to salvage its reputation?

Comments | Category: Security & privacy , Telecom |Permalink | Digg Digg | Newsvine Newsvine

May 9, 2006 11:13 AM

Microsoft Patch Tuesday

Posted by Brier Dudley

Today's batch: fixes for two "critical" vulnerabilities and one "moderate" vulnerability.

Windows XP users need the moderate patch and one of the critical patches. Windows Exchange users need the other critical patch.

Home users can get their fix here and IT types can get more detailed info here.

Fine print: The critical patch for XP users (and Windows 98 and ME users as well) fixes a vulnerability in Adobe's Macromedia Flash Player that could allow remote code execution. The moderate patch for XP users (and Windows 2000 and Server 2003 users) fixes a vulnerability in the Microsoft Distributed Transaction Coordinator that could allow a denial of service attack. The critical patch for Exchange is for a vulnerability that could allow remote code execution.

Comments | Category: Microsoft , Security & privacy |Permalink | Digg Digg | Newsvine Newsvine







Sun Mon Tue Wed Thu Fri Sat
          1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
Browse the archives

June 2012

May 2012

April 2012

March 2012

February 2012

January 2012



Demo of the Week:

Share your thoughts!

Gadgets and games | Fun stuff I've written about lately includes Apple's iPhone, Hewlett-Packard's HDX laptop and Microsoft's Halo3. Also on the radar are new digital video boxes such as the Tivo HD and the Vudu.