Tim Marman's Loosely Coupled

Browse by Tags

• Copyright
• Gadgets
• Innovation
• Intellectual Property
• Misbehaving Software
• Things that amuse me
• Things that bother me
• Web 2.0

• Would you trust Zamzar with your data?

  Kevin writes about Zamzar , a free web-based service that converts audio, video and documents from one format to another (via Download Squad ). Sounds cool, but would you trust them with your sensitive data? I don't know about you, but I barely trust Google or Microsoft with this information. Should I trust what appears to be a UK-based startup whose company page provides little, if any, information about the company? In their Terms of Service and Privacy Policy , they make allusions to "respect[ing] the intellectual property rights of others" - though the language seems to be more related to a third party's protected work as opposed to any protected work you are personally uploading. The Privacy Policy also discusses, sort of, how the files are stored and accessible. Storage of User Files When users upload files to be converted Zamzar stores those files on its servers until such time as those files have been converted to the new file format. As soon as this has been done Zamzar removes... Posted Nov 03 2006, 08:37 AM by Tim with | with 2 comment(s) Filed under: Technology, Intellectual Property, Security, Copyright, Web 2.0, Innovation, Privacy

• Sensitive data does not belong on mobile devices

  13,000 current and former ING employees are at risk after a laptop, which was neither password protected or encrypted, was stolen from an agent’s home . Equifax lost the names and SSNs of 2,500 employees . "The personal data of millions of consumers who obtain credit scores from Equifax were not compromised, however it makes one wonder about their endpoint security policies if their own employee data is not safe." In perhaps the greatest irony, two laptops containing names, addresses, SSN and financial account numbers were stolen from a government agency tasked with fighting identity theft . Warner Vogels , CTO for Amazon.com, recently said you should guard customer data with your life . If you are running an online business you have to guard your customer’s data with your life. Credit card information should be kept in a physical secure location separate from your other servers with armed guards in front of it (I am not kidding). The location should not only be physically isolated but... Posted Jun 28 2006, 09:05 AM by Tim with | with 2 comment(s) Filed under: Technology, Security, Privacy

• NSA to mine social networks

  The NSA is planning to harvest the extensive information available on social networks ( via Waxy ). The NSA has demonstrated a desire to build and mine a database of personal connections, so this should come as no surprise - even if it isn't particularly effective . Bruce Schneier also pointed to a great article about the problems of data mining . Looked at this way, President Bush is only a few steps away from Osama bin Laden (in the 1970's he ran a company partly financed by the American representative for one of the Qaeda leader's brothers). And terrorist hermits like the Unabomber are connected to only a very few people. So much for finding the guilty by association. A second problem with the spy agency's apparent methodology lies in the way terrorist groups operate and what scientists call the "strength of weak ties." As the military scientist Robert Spulak has described it to me, you might not see your college roommate for 10 years, but if he were to call you up and ask to stay in... Posted Jun 16 2006, 05:30 AM by Tim with | with no comments Filed under: Technology, Security, Privacy

• Microsoft's Genuine Advantage: WGA Phones Home

  Windows Genuine Advantage phones home , sending the product key, manufacturer, operating system version, BIOS information and user locale setting and language back to Microsoft servers. WGA phones home even after the particular copy has been validated. Microsoft defended this , saying its intentions are good. when the WGA Notifications checks in with Microsoft when a PC is booted, it is not providing any information to the vendor if a PC's copy of Windows has already been validated. Instead, it is checking with a "server-side configuration setting to determine if WGA should run or not." The check-in also gives Microsoft the ability to disable the WGA program, if necessary. It looks like Microsoft has since backed off somewhat and will only be checking on 14-day intervals. Fortunately, OneCare blocks it. (Apparently, some have reported that ZoneAlarm does not ). Tags: Microsoft , Windows , WGA , windows genuine advantage Posted Jun 15 2006, 08:59 AM by Tim with | with 2 comment(s) Filed under: Technology, Security, Things that bother me, Privacy, Misbehaving Software

• How not to steal a Sidekick

  Too funny . See, the problem with a Sidekick is that the information is all stored on T-Mobile's servers. In other words, if you steal it and take a bunch of pictures, they are available through the T-Mobile website. And, of course, those pictures get posted on the Internet. Posted Jun 08 2006, 10:44 PM by Tim with | with no comments Filed under: Technology, Security, Gadgets, Things that amuse me, Privacy

• Who's reading your e-mail?

  Your ISP can read your e-mail. That's what a federal district court decided in 2003, and what the First Circuit Court of Appeals upheld last week. A little history: Back in 1998, an online bookseller gave free e-mail accounts to book dealers and then secretly copied all messages that came in from Amazon.com. While two employees plead guilty to wiretapping charges, a supervisor fought the charges. He said he wasn't aware of the scheme and should not be held liable, but even if he were, the federal wiretapping law didn't apply. Because the messages were saved on the company's hard drive while being processes, he argued, they should be considered stored communication. This distinction is important. The federal wiretapping laws ban a company from monitoring its customers' communications, but it does not apply to stored communications. The reasoning there is that there is an inherent loss of privacy once the e-mail is stored. By putting e-mail in this category of stored communication, the courts... Posted Jul 11 2004, 07:35 AM by Tim with | with 2 comment(s) Filed under: Technology, Intellectual Property, Security, Privacy