[SecurityRatty] tag: residential

In Mumbai, bloggers and Twitter offer help to relatives

Wed, 26 Nov 2008 21:00:00 +0000

Bloggers pitched in offering information and other help to people worldwide as Indian police and commandos battled it out Thursday with armed terrorists in two top hotels and a residential complex in south Mumbai.

Phila. Network Use Skyrockets while Free

Mon, 21 Jul 2008 15:32:31 +0000

No surprise that more people use a free network than one that charges: However, the strategy of Network Acquisition Corp. (someday to be renamed) is to create a best-efforts Wi-Fi network that will be subsidized through their other business and residential offerings. So the 17,000 daily users now versus 6,000 EarthLink subscribers as of last month seem like a good sign of interest.

The network hasn't been revamped yet to focus on more complete outdoor coverage, but that should start happening soon, the company told Metro Philadelphia.

Wee-Fi: Zen X-Fi, Apple iPod/iPhone Remote, Bullet Train-Fi, St. Louis-Fi

Thu, 10 Jul 2008 10:40:15 +0000

Creative unveils ZEN X-Fi: The handheld music player, one of the first to have what appears to have real flair without being an iPod ripoff, can stream music from a local collection over Wi-Fi. It also includes a Secure Digital slot, instant messaging (via Yahoo and MSN), an FM tuner, and a wide LCD scree. The unit is on sale in Singapore for about $170 for an 8GB model without Wi-Fi; a Wi-Fi-enabled model is $250 for $16 GB and $300 for 32 GB. They're due in the US "soon."

iPhone, iPod touch now Wi-Fi remote control (see screen capture at right): The iPhone 2.0 software was soft released today, with a download available from Apple that's not yet being pushed via iTunes software when users' systems check for updates. The free Remote software, downloadable from the new App Store on the iPhone or Applications area in the iTunes Store, controls copies of iTunes on the local network once you've used a simple pairing technique. The same is true for the Apple TV with a free 2.1 software update for the digital box that's available now. (Also, you can snap screen shots in iPhone 2.0: Hold down the Home button and then press the top button. The capture is stored in your photo roll.)

Japanese bullet train gets Wi-Fi by next March: This was first announced in 2006; it's still on track, pun intended. The line runs from Tokyo to Osaka.

Network 1 expands its service St. Louis area: The company will offer service in 8 additional cities for a total of 15 in the St. Louis, Mo., area. The network provider is building out a neighborhood at a time using ostensibly commodity equipment. They charge $20 to $50 per month for service, and are focused on residential, rather than outdoor cloud access.

Your 419 Mail Roundup

Wed, 25 Jun 2008 09:29:29 +0000

Are you ready for more 419 missives?

Of course you are. Plenty of winning lottery tickets, fictitious banks, a wonderfully sick "Robert Mugabe" themed mail and, er, someone called "Captain Frank Bojo" after the jump...
Subject:
HELLO DEAR
From:
"abavanagift13 Gazeta.pl"
Date:
Sat, 21 Jun 2008 12:26:24 +0000
BCC:

Hello Dear,

My name is Blessing Abavana, the elder daughter of Mr. paul Abavana of Zimbabwe, I am 17 years old with my younger brother (Micheal), we are in Ghana as refuge/asylum since we lost our parents because of the recent war that occurred in our country.please do go through this web page for better understanding with full details:

http://www.rte.ie/news/2000/0418/zimbabwe.html

I am looking for one who will honestly assist my younger brother and I to realize our inherited funds into your account and as well as invest it into a lucrative business.

During the recent war against the farmers in Zimbabwe from the supporters of our President, Robert Mugabe to claim all the white -owned farms to his party members and his followers, he ordered all the white farmers to surrender all their farms to his party members and his followers.

My father being one of the few rich and successful black farmers in our country was also victimized because of his opposition to Mugabe's policies. And because he did not support Mugabe's ideas, Mugabe's supporters invaded my father's farm and burnt everything in the farm, killed my father and made away with a lot of items in my father's farm. This action was taken because my late father felt the growing tension on the farm issue, but I guess he never anticipated the tragedy that brought their brutal and sudden death.

However with the benefit of hindsight, owing to the looming but deteriorating crisis in my country, Zimbabwe, my father, before his unfortunate death deposited with International Commercial Bank (ICB) here in Accra Ghana the sum of US$ 35MUsd (Thirty Five Million United States Dollars), with the sole aim of acquiring and buying some dredging equipments in setting up of a dredging firm with his partner. With his death and all his assets seized at home and accounts frozen, the family is now in a very difficult situation.

After the death of my father, my brother and I escaped to the Republic of Ghana where he had deposited the money in the Bank . And we were permitted to reside here as Political Refugees.

So Because of our present and unpleasant status here we decided to contact an overseas firm / individual that can assist us to move this money out Of Ghana because, as asylum seekers, we are not allowed to operate any financial transaction of such amount within Ghana and also to assist in providing me and my brother a permanent residential permit in your country after the money must have been transferred to your account.

We have agreed to offer you 30% of the total sum for your assistance, and the rest will be for my brother and I, to Invest in your country under your assistant

All I want you to do is to furnish me with the below information including your readiness to assist me achieve this transaction for investment purposes in your country under your supervision. Kindly re-confirm to me the followings:

1) Your Full Name:
2) Phone, Fax and Mobile
3) Profession, Age and Marital Status.
4) Nationality

I have to re-assure you that this transaction is 100% risk free and should be treated with absolute confidentiality. All the vital documentation/certification that has to do with the origin of the fund is with me for the security reasons.And I will send them to you when we progress.And I guarantee you that this fund is not government fund, drug money, or from arms deals.

I will detail you more about the bank immediately I receive your acceptance response. I hope this is the beginning of a prosperous relationship between us.Thanks and God bless you

Regards

Blessing/Micheal Abavana

(Wow, spectacularly sick. Not that we're expecting scammers to have any morals, of course).

*********************************************************************************************

Subject:
Lycos Online Lottery Notification
From:
"LHOUTY MOHAMMED HASSANE"
Date:
Sun, 22 Jun 2008 02:42:53 -0000
BCC:

LYCOS LOTTERY ONLINE
8th Floor
1 Stephen Street
London
W1T 1AL

WINNING NOTIFICATION
This is to inform you that your email address has won the Lycos Lottery for the year 2008. your email has won you the sum of ?952,350.00 (Nine Hundred And Fifty Two Thousand, Three Hundred And Fifty pounds sterling).
You are advised to keep this notice confidential to avoid misinterpretation of funds and unauthorize claims, cheating or fraud.
To claim your funds please contact us with the information below.
Name: Dr. George Stevenson
Tel:+447031991681
Email:lycosclaimsdpt@gmail.com

It is mandatory that you send us your full names, address, phone number,
age, sex and occupation to enable us arrange your claim.

Note: Winners were selected through a computer ballot system drawn from Microsoft users from company and individual email addresse users. All winning must be claimed not later than 21 working days from the time of notification. After this date all unclaimed funds will be returned to European Union Treasury as unclaimed funds.

Congratulations from mambers and staff of Lycos
Lhouty Mohammed Hassane.
Lycos Lottery Co-ordinator

(A "Lycos Lottery" and they're using a GMail address? Doh).

*********************************************************************************************

Subject:
Yukos Oil
From:
Mr. Timinskiy Vladimir
Date:
Wed, 25 Jun 2008 5:38:17 -0400
To:

I have a profiling amount in an excess of US$100.5M, which I seek you in accommodating for me. You will be rewarded with 4% .If intrested, please reply me for moredetails...
Regards
Mr. Timinskiy Vladimir

(Short. Sweet. Pointlessly fake).

*******************************************************************************

Subject:
Immediate Release of Your FUND Via ATM CARD
From:
"Mr. Mark Louis"
Date:
Wed, 25 Jun 2008 01:45:09 -0700
To:
undisclosed-recipients:;

SUBJECT: Immediate Release of Your FUND Via ATM CARD

Attention: ATM Card Beneficiary,

I wish to use this medium to inform you that your CONTRACT/INHERITANCE Paymen of USD$10,000,000.00 (Ten Million United States Dollars) from CENTRAL BANK
OF NIGERIA have been RELEASED and APPROVED for onward transfer to you via an ATM CARD which you will use to withdraw all the USD$10,000,000.00 in any
ATM SERVICE MACHINE in any part of the world, but the maximum you can withdraw in a day is USD$10,000.00 Only.

We have mandated IBTC CHARTERED BANK PLC, to send you the ATM CARD and PIN NUMBER which you will use to withdraw all your USD$10 Million Dollars in
any ATM SERVICE MACHINE in any part of the world. You are therefore advice to contact the Head of ATM CARD Department of IBTC CHARTERED BANK PLC;

Contact Person: Dr. Olu James
Office email address: pcfc_nigeria@yahoo.com
Private: +2347084501007
Office:018969906

Tell Dr. Olu James that you received a message from the CENTRAL BANK OF NIGERIA. Instructing him to send you the ATM CARD and PIN NUMBER which you will use
to withdraw your USD$10 Million Dollars in any ATM SERVICE MACHINE in any part of the world, also send him your direct phone number and contact address
where you want him to send the ATM CARD and PIN NUMBER to you. We are very sorry for the plight you have gone through in the past years. Thanks for adhering to this instruction and once again accept our congratulations.

Best Regards.
Mr. Mark Louis.
Executive Governor,

Central Bank of Nigeria {CBN}.

(Ah, the old "Let's lure them in with the magical bank card" trick).

******************************************************************************************

Subject:
CONTACT THE FEDEX COMPANY FOR YOUR FUNDS
From:
"SAMUEL DUNBAR"
Date:
Fri, 20 Jun 2008 12:33:43 +0100
BCC:

Dear Friend,

Compliment of the new year, I have been waiting for you since to come down here and pick your Bank Draft which my boss left with me before he travelled to England but I did not hear from you since that time till today. I went to the bank to confirm whether the draft is getting close to expire as it had been long time my boss issued the draft. The director of the bank told me that before the draft will get to you, that it will expire. Then I told him to help me and cash the cashier bank draft of $1,500.000.00 to cash payment.

However, I have successfully cashed the draft and packaged it in a box and have registered it in the Fedex Express Company Service here in Benin Republic because I will travell to see my boss in England and will not come back till August 20th 2008. You have to contact the Fedex Express Company Service to know when they will deliver your package to your address. I have paid for the delivering charges and insurance fees. The only money you have to send to them is their security keeping feeswhich is USD$135.00 USD to receive your package. Don't be deceived by any body.

This is their Contact Address;
Attn: Cheif Mr. George Kobra (Director)
Tel: +229-9799 2240
E-mail: fc.bj@sify.com

Send them your contacts information to enable them locate you
immediately they arrived in your country with your package.

This is the information they needed from you.

1. Your full name:.....
2. Your shipping/home address:.....
3. Your tel no #......
4. Your current office tel no #
5. A copy of your passport.

Try to contact them as soon as possible to avoid increasement of the security keeping fees Note; I didn't tell the Fedex Express Company Service that it's money inside the box, I registered it as a church of a Church Minister Materials. This is to avoid delay or any upfront problem during the delivery. So, do not let them know that the package contents money. Do let me know as soon as you received your package. You will contact me only through e-mail as my phone is no longe available now that I am out from our country. Contact me at samdunbar1986@yahoo.com and I will reply as soon as I can.
I wish you and your family Long Life,
Prosperity and Happy 2008.

Thanks and Remain Blessed.

Yours sincerely,
Mr.Samuel Dunbar
(Secretary)

(Honestly, if you contact FedEx they'll give you tons of money....)

****************************************************************************************

That's your lot for another week....

Metro Round-Up: Aurora (Ill.), Bay Area (Calif.), Santa Fe Says Yes-Fi

Thu, 12 Jun 2008 06:13:56 +0000

As networks go dark, so, too, do governmental network advocates: I haven't tracked the political fortunes of elected and appointed officials who pinned their star to Wi-Fi's glow, but I have to imagine both those that have suffered removal from office or who have remained in position are infinitely less likely to push plans in the near future that have any parallels with the plans that stalled.

Aurora, Ill., joins MetroFi cities turning down gear deal: Aurora, the city of light, the first electrified streetlit city in the U.S., opts to not buy the MetroFi gear. Along with all of MetroFi's other networks (excluding Riverside, Calif., operated with AT&T), June 20 will likely be the last day of service. About 160 of 600 to 900 nodes were installed in Aurora.

San Francisco paper wraps up MetroFi's shutdowns in their area: Ryan Kim writes in the SF Chronicle about the many networks being shut down by MetroFi around the bay. Santa Clara and San Jose are still looking at MetroFi's equipment offer. Neither city has complete coverage; Santa Clara is focused on some residential portions, and San Jose has some downtown service. Kim brings up the spectre of twice or three times dead Ricochet.

Santa Fe bypasses Wi-Fi health concerns: The city council voted unanimously to approve Wi-Fi service in libraries and city-owned buildings. This odd paragraph appears in the AP story: "Julie Tambourine, an advocate for the disabled and homeless, said after Wednesday's meeting that the legal analysis was flawed, because it didn't take into account those with diabetes, seizure disorders, respiratory ailments and other conditions that can be adversely affected by microwave radiation." It's unfortunate the writer didn't get a medical research in any of those areas to discuss that. I have never heard the strongest advocates of the view that EMF causes health issues mention any of those conditions.

Wee-Fi: Go, Go, Wires! Go, Go, Cablevision!

Fri, 16 May 2008 07:12:08 +0000

OSnews explains why wiring a house still makes sense in the 21st century c.e.: A very well-reasoned article from OSnews explains why the site still backs residential wiring. They're involved in the build-out of a Utah home partly as a technology demonstration, and they've put coax and Cat 5E Ethernet cable throughout, as well as conduits for future wire pulls. Fundamentally, wire has more capacity; I'd argue it does across several dimensions, too. You can run 1 Gbps raw across a Cat 5E or 6 Ethernet cable in both directions at the same time versus best performance of unidirectional nearly 100 Mbps in my testing of Draft N. But you also get switching with Ethernet--multiple simultaneous symmetrical 1 Gbps--and if you need more capacity you simply pull more wires and put in more switches. Wire is cheap and switches are now, too. It's a good read if you're thinking of rewiring (or unwiring) your home.

Cablevision's already started its rollout: An observant tri-stater at the Cable Rant site spotted Cablevision installers putting up BelAir gear on their cable line. He took some photos.

iPhone Gains 15 Minutes Free Wi-Fi in 28 Airports

Fri, 02 May 2008 08:04:16 +0000

Boingo offers ads-for-access for iPhone, iPod touch users in 28 airports: If you're traveling in the US, Canada, or the UK through one of the 28 airports operated by Boingo's Concourse division, you can trade 15 seconds of your life for 15 minutes of free Wi-Fi. The company has tested this previously, and has now rolled the deal out.

The service is enabled by JiWire, which has gradually transitioned itself from a site that developed a hotspot directory supplemented by editorial coverage and how-to's on wireless data, to one that's now hotspot directory plus hotspot advertising. The transition is interesting, as it reflects what I've seen on Wi-Fi Networking News: Wi-Fi is easier to use, as is cell data; costs for equipment is lower or you don't need to make a choice about equipment; and usage is up so far at hotspots that there's an audience there for commercial-based access.

MetroFi has famously declared free access to metro-scale services paid for by advertising to be unworkable; that may be so, given that they were the biggest proponent of it for a few years, and no other company followed them into that approach. However, metro-scale ad-supported Wi-Fi, in which residential and roaming users alike looked at banners and commercials in exchange for servcie is a far cry from the focused hotspot advertising market.

Hotspot ads involve a very open exchange between surfer and service, and JiWire pushes the watch-for-access model quite heavily. What's saving a few bucks worth to you? 15 seconds? 30 seconds? If so, we have a deal for you, they say, that also works for the advertiser and the service provider (and JiWire). It's not subtle; you have to watch the ad to gain access. But it seems like a reasonable exchange, with two hours' access up to a full day running $4 to $12 in the U.S. at paid locations. (Of course, I subscribe to Boingo Wireless's roaming service now, so I can bypass the ads in favor of paying $22 per month for unlimited usage, too. That's part of that tradeoff.)

(Disclosure: I own a very small number of share in JiWire as part of my early working relationship with them.)

BT Encourages Businesses to Open Up Wi-Fi for OpenZone Expansion

Tue, 22 Apr 2008 09:51:44 +0000

BT will upgrade its business customers broadband modem firmware to allow public hotspot service: This is a very, very interesting move on the part of the UK's giant telecom provider. The company will upgrade the firmware for its BT Business Total Broadband customers, which number 170,000. By flipping a switch, the business's modem will create an outpost of BT OpenZone, using a separate SSID, and a "secure Internet channel," as the press release describes it, which means a VLAN or similarly segregated connection that prevents access to the business's internal network.

The notion is that visitors can gain Internet access by using an existing OpenZone subscription, paying a fee (the business can sell vouchers), or being a member of a roaming network. The business customers receive 50 to 500 minutes of use on OpenZone each month themselves, based on their BT contract for broadband.

This business hotspot option extends a previous relationship for residential users with Fon that allows BT home users to flip a switch and become a Fonero.

These kinds of organic extensions of networks have very little impact on the party that's sharing their broadband, because there's almost no work involved. But if enough people opt in, it can have a large impact on the amount of hotspot service that's available. While I have critique Fon for its backside-utility quotient--how readily one can get work done or even make a phone call at many Foneros' locations--the BT business plan assures that hotspots will be in places where people work and gather.

Financial Ombudsman losing it?

Wed, 23 Jan 2008 12:14:58 +0000

I appeared on “You and Yours” (Radio 4) today at 12.35 with an official from the Financial Ombudsman Service, after I coauthored a FIPR submission to a review of the service which is currently being conducted by Lord Hunt.

Our submission looks at three cases in particular in which the ombudsman decided in favour of the banks and against bank customers over disputed ATM transactions. We found that the adjidicators employed by the ombudsman made numerous errors both of law and of technology, and concluded that their decisions were an affront to reason and to justice.

One of the cases has already appeared here on lightbluetouchpaper; the other two cardholders appeared on an investigation into card fraud on “Tonight with Trevor MacDonald”, and their case papers are included, with their permission, as appendices to our submission. These papers are damning, but the Hunt review’s staff declined to publish them on the somewhat surprising grounds that the information in them might be used to commit identity theft against the customers in question. Eventually they published our submission minuss the two appendices of case papers. (If knowing someone’s residential address and the account number to a now-defunct bank account is enough for a criminal to steal money from you, then the regulatory failures afflicting the British banking system are even deeper than I thought.)

The Financial Ombudsman Service, and its predecessor the Banking Ombudsman, have for many years found against bank customers and in favour of the banks. In the early-to-mid 1990s, they upheld the banks’ outrageous claim that mag-stripe ATM cards were invulnerable to cloning; this led to the court cases described here and here. That position collapsed when ATM criminals started being sent to prison. Now we have another wave of ATM card cloning, which we’ve discussed several times: we’ve shown you a chip and PIN terminal playing Tetris and described relay attacks. There’s much more to come.

The radio program is not yet available online; I’ll put in a link here when it appears. We clearly have them rattled; the ombudsman was patronising and abusive, and made a number of misleading statements. He also said that the “independent” Hunt review was commissioned by his board of directors. I hope it turns out to be a bit more independent than that. If it doesn’t, then consumer advocates should campaign for the FOS to be abolished and for customers to be empowered to take disputes to the courts, as we argue in section 31-32 of our submission.

Lost Tennessee Tech flash drive affects 990 students

Thu, 17 Jan 2008 07:14:11 +0000

Technorati Tag: Security Breach

Date Reported:
1/14/08

Organization:
Tennessee Tech University

Contractor/Consultant/Branch:
None

Victims:
Students that lived in the Capital Quad and Crawford dormitories on the Cookeville campus last fall (2007)

Number Affected:
990

Types of Data:
Name and Social Security number

Breach Description:
Officials at Tennessee Tech University are notifying students that they have misplaced a flash drive containing personal information belonging to them.

Reference URL:
Upper Cumberland Daily News Story
Associated Press Story on knoxnews.com

Report Credit:
Upper Cumberland (TN) Daily News

Response:
From the online sources cited above:

COOKEVILLE, Tenn. (Jan. 14, 2008) - About 990 Tennessee Tech University students were notified today that a flash drive containing the name and social security number of students who resided in Capital Quad and Crawford residence halls last fall was recently misplaced.

Although it may be possible the data could be found and accessed by unauthorized individuals, campus officials say they have no evidence that it has been discovered or used by anyone else.

“We are notifying the affected students as a precaution,” said Marc Burnett, vice president for Student Affairs.
[Evan] A more effective precaution would have been not to allow confidential data on flash drives or to ban flash drives all together!

“We will contact the major credit reporting agencies and inform them that some of our students’ personal information may have been compromised because we want to err on the side of caution.”
[Evan] The act of copying personal information to a flash drive without additional controls is reckless and lacks caution.

university officials recommend students on the list place a "fraud alert" on their credit files with the three major credit bureaus.

The university also created a web site at www.tntech.edu/securityID to make people aware of the situation and provide information

“We regret what has happened and apologize for the inconvenience this may cause,” Burnett said. “However, we wanted those students to be fully informed of any potential risk, no matter how small it might be.

The Residential Life department and TTU will continually review our processes in order to maintain personally identifiable information in a secure environment.”
[Evan] I don't understand why the Residential Life department needs to maintain Social Security numbers at all.

Within the year, all of the student information in TTU’s campus databases will move to a new data system that replaces student social security numbers with individually assigned identification numbers.
[Evan] Excellent!

Commentary:
Flash drives have dramatically increased in capacity and decreased in size over the last couple of years. It's now possible to get a 16GB flash drive for less than $100. If the convenience offered by using a flash drive is too compelling to avoid, then at least encrypt the data. There are low-cost and even free options to encrypt confidential data, and most (if not all) major flash memory manufacturers offer encryption options to fit the need (for instance, the SanDisk Cruzer® Titanium Plus).

Personally, I haven't evaluated any of the built-in vendor solutions, so I can't comment on their effectiveness.

Past Breaches:
September, 2007 - Tennessee Tech employee mistake affects 3,100 students