Accurate, Focused Research on Law, Technology and Knowledge Discovery With Daily Postings Since 2002
National Institute of Standards and Technology, Computer Security Division: “SP 800-44 version 2, Guidelines on Securing Public Web Servers, is published as final. It is intended to aid organizations in the installation, configuration, and maintenance of secure public Web servers. It presents recommendations for securing Web server operating systems, applications, and content; protecting Web servers …
“Two of the key findings from this years Global Security Survey revolve around an organizations people and a paradox that has been around for years. The weakest link in an organizations security is its people. An organizations people include employees, customers, third parties and business partners. And of those people, the highest number of breaches …
Press release: “The FTC today told the Senate Committee on Commerce, Science & Transportation Subcommittee on Interstate Commerce, Trade and Tourism that it has a robust record in protecting consumers and preserving competition in the marketplace…Speaking for the Commission, Chairman Deborah Platt Majoras said that much of the work of the FTCs Bureau of Consumer …
August 31, 2007: Draft Special Publication 800-28 Revision 2 Guidelines on Active Content and Mobile Code (60 pages, PDF) “SP 800-28 version 2 is now available for public comment. It provides an overview of active content and mobile code technologies in use today and offers insights for making informed IT security decisions on their application …
Analysis of Loss of Control Over Sensitive Personally Identifiable Information and Follow-up Actions to Strengthen its Protection, August 28, 2007. Correspondence (23 pages, PDF) Summary: “On August, 28, 2007 we issued a memorandum on our analysis of the circumstances surrounding the July 27, 2006 theft of an OIG laptop from a government vehicle in Doral, …
August 29, 2007: “NIST announces the publication of Special Publication (SP) 800-95, Guide to Secure Web Services (128 pages, PDF). SP 800-95 seeks to assist organizations in understanding the challenges in integrating information security practices into Service Oriented Architecture (SOA) design and development based on Web services. The publication also provides practical, real-world guidance on …
Erickson, K., & Howard, P. (2007). A case of mistaken identity? News accounts of hacker, consumer, and organizational responsibility for compromised digital records. Journal of Computer-Mediated Communication, 12(4), article 5. “The computer hacker is one of the most vilified figures in the digital era, but to what degree are organizations actually responsible for compromised personal …
“Consumers can take many measures to make their laptop secure from hackers, viruses, and other potential threats, such as installing firewalls, updating antivirus software, and using strong passwords. Now, the Federal Trade Commission is offering tips for protecting laptops from theft.” OnGuard Online Laptop Security
“The risk associated with using the Internet remains high. Our State of the Net assesses the likelihood and impact of four leading online hazards, listed in order of incidence, based on the survey by the Consumer Reports National Research Center and our follow-up investigation.” In this report: Overview >> Phishing >> Viruses >> Spam >> …
Press release: “If Assistant Professor of Communication at the University of Washington Phil Howard’s calculations prove true, by year’s end the 2 billionth personal record — some American’s social-security or credit-card number, academic grades or medical history — will become compromised, and it’s corporate America, not rogue hackers, who are primarily to blame. By his …
Press release: “The FBIs Internet Crime Complaint Center (IC3) today released its annual Internet Fraud Crime Report. From January 1 through December 31, 2006, the center received 207,492 complaint submissions. These filings were composed of fraudulent and non-fraudulent complaints primarily related to the Internet and included many different fraud types to include auction fraud, non-delivery, …
Press release: “…the Department of Commerce’s United States Patent and Trademark Office (USPTO) released a report that concludes that the distributors of five popular filesharing programs repeatedly deployed features that they knew or should have known could cause users to share files inadvertently. The report, Filesharing Programs and “Technological Features to Induce Users to Share, …
