Archive for the ‘Computer Privacy’ Category

h1

What Great Bosses know about Leadership Styles

May 9, 2012
Advertisements
h1

8 Core Beliefs of Extraordinary Bosses

April 26, 2012

1. Business is an ecosystem, not a battlefield.

Average bosses see business as a conflict between companies, departments and groups. They build huge armies of “troops” to order about, demonize competitors as “enemies,” and treat customers as “territory” to be conquered.

Extraordinary bosses see business as a symbiosis where the most diverse firm is most likely to survive and thrive. They naturally create teams that adapt easily to new markets and can quickly form partnerships with other companies, customers … and even competitors.

2. A company is a community, not a machine.

Average bosses consider their company to be a machine with employees as cogs. They create rigid structures with rigid rules and then try to maintain control by “pulling levers” and “steering the ship.”

Extraordinary bosses see their company as a collection of individual hopes and dreams, all connected to a higher purpose. They inspire employees to dedicate themselves to the success of their peers and therefore to the community–and company–at large.

3. Management is service, not control.

Average bosses want employees to do exactly what they’re told. They’re hyper-aware of anything that smacks of insubordination and create environments where individual initiative is squelched by the “wait and see what the boss says” mentality.

Extraordinary bosses set a general direction and then commit themselves to obtaining the resources that their employees need to get the job done. They push decision making downward, allowing teams form their own rules and intervening only in emergencies.

4. My employees are my peers, not my children.

Average bosses see employees as inferior, immature beings who simply can’t be trusted if not overseen by a patriarchal management. Employees take their cues from this attitude, expend energy on looking busy and covering their behinds.

Extraordinary bosses treat every employee as if he or she were the most important person in the firm. Excellence is expected everywhere, from the loading dock to the boardroom. As a result, employees at all levels take charge of their own destinies.

5. Motivation comes from vision, not from fear.

Average bosses see fear–of getting fired, of ridicule, of loss of privilege–as a crucial way to motivate people.  As a result, employees and managers alike become paralyzed and unable to make risky decisions.

Extraordinary bosses inspire people to see a better future and how they’ll be a part of it.  As a result, employees work harder because they believe in the organization’s goals, truly enjoy what they’re doing and (of course) know they’ll share in the rewards.

6. Change equals growth, not pain.

Average bosses see change as both complicated and threatening, something to be endured only when a firm is in desperate shape. They subconsciously torpedo change … until it’s too late.

Extraordinary bosses see change as an inevitable part of life. While they don’t value change for its own sake, they know that success is only possible if employees and organization embrace new ideas and new ways of doing business.

7. Technology offers empowerment, not automation.

Average bosses adhere to the old IT-centric view that technology is primarily a way to strengthen management control and increase predictability. They install centralized computer systems that dehumanize and antagonize employees.

Extraordinary bosses see technology as a way to free human beings to be creative and to build better relationships. They adapt their back-office systems to the tools, like smartphones and tablets, that people actually want to use.

8. Work should be fun, not mere toil.

Average bosses buy into the notion that work is, at best, a necessary evil. They fully expect employees to resent having to work, and therefore tend to subconsciously define themselves as oppressors and their employees as victims. Everyone then behaves accordingly.

Source

h1

The Winners of WSJ’s Data Transparency Weekend

April 17, 2012

magine installing a service on your cellphone that lets you see all the data – from location to address book info – transmitted by your phone. Or a simple website where you and your friends could have private chats that couldn’t be read by the most aggressive spying agencies. Or a service that lets you know how many tracking codes are on a site before you clicked on it.

Lam Thuy Vo
One of the coders at the Data Transparency Weekend models the official T-shirt from the event.

Over the weekend, more than 100 computer programmers built those tools and many more at the Wall Street Journal’s first-ever Data Transparency Weekend in New York.

The event was an outgrowth of the Journal’s extensive reporting about how companies and government’s are increasingly using technology to collect personal data. The event was designed to promote the creation of tools that let people see and control their personal data.

After a weekend of coding, nearly 20 projects were submitted for judging on Sunday. The entries were judged by Alessandro Acquisti, professor of information technology and public policy at Carnegie Mellon, Sid Stamm, Web security and privacy strategist at Mozilla and Andrew McLaughlin, former deputy chief technologist at the White House and vice president at Tumblr.

Danny Weitzner, the deputy chief technologist at the White House, handed out the certificates to the winning teams. The winners were:

Outstanding Scanning Project: TOSBack2 – a project to scan the Web to build a “living archive” of all privacy policies online.

Outstanding Education Project: PrivacyBucket – software that lets users of the Chrome Web browser view the type of demographic estimates that Web tracking companies make about them based on their Web browsing history.

Outstanding Control Project: Cryptocat – an instant messaging service that lets people engage in encrypted chats inside their Web browsers or on their phones. Extra bonus: the program lets people generate random numbers (which are needed for encryption) by shaking their phone – allowing the creators to say that their program is powered by dance moves.

Judge’s Choice Award: Site Scoper – a website that scans for tracking files and sensitive content on websites before you visit it.

“Ready for Primetime” Award: MobileScope – a service that lets people see what data is being transmitted without their knowledge by their cellphone. It also offers ad-blocking and do-not-track services for cellphones.

The judges also dreamed up their own three award categories:

The Zuckerberg/Systrom Memorial Award for Opportunistic Optimism Award: Pestagram, for its blatantly commercial mashup of hot Web technologies Instagram and Pinterest.

Best Listener Award: The Price of Free, for the fact that the project was generated by Professor Acquisti’s speech kicking off the weekend, in which he challenged participants to find ways to quantify how much people are paying with their data for free services.

And, finally, The Soup Cans and String Winner: Ostel, for its work on technology that allows people to make encrypted cellphone calls using voice-over-the-Internet technology.

Source: The Winners of WSJ’s Data Transparency Weekend

h1

Top 10 managed file transfer considerations

April 11, 2012

 1. Platform Openness – To reduce the points of connection to sensitive data and reduce the risk of exposure to those without a need-to-know the MFT solution should be installed on the server operating system where the sensitive data and applications reside. If your corporate data mostly resides on the IBM X, then it would make sense to get a MFT solution that runs on the IBM X.

2. Authorization Controls – To meet many compliance regulations, the MFT solution must provide role based access to limit user access to certain servers or MFT functions based on user credentials.

 3. Secure FTP – Plain FTP is not secure. The MFT solution must support both SFTP (FTP over SSH) and FTPS (FTP over SSL) protocols for secure FTP transfers.

 4. Encryption Standards – At minimum, the solution should support the industry standard encryption standards: AES, Open PGP, AS2, SSH, SSL, TLS and S/MIME.

5. Database Integration – The MFT should readily connect to DB2, SQL Server, Oracle, MySQL and other popular database servers for extracting and inserting data.

6. Data Transformation – Is the ability to translate data between popular data formats including XML, CSV, Excel and fixed-width text formats.

7. Data Compression – Compresses and packages data using popular standards such as ZIP, GZIP and TAR to reduce transmission times.

8. Application Integration – The MFT should provide commands and APIs for interfacing with your applications.

 9. Scheduling – Allows transfers and other MFT functions to be scheduled for future dates and times.

10. Key Management – Does the MFT include management tools for creating, importing and exporting keys and certificates?

h1

Apple holds the master decryption key when it comes to iCloud security, privacy

April 5, 2012

Apple can potentially decrypt and access all data stored on iCloud servers. This includes contacts, notes, unencrypted e-mails, application preferences, Safari bookmarks, calendars, and reminders.

This was recently confirmed by a source speaking to Ars, and security researcher and forensic data analysis expert Jonathan Zdziarski agreed. “I can tell you that the iCloud terms and conditions are pretty telling about what the capabilities are at Apple with respect to iCloud, and suggests they can view any and all content,” Zdziarski told Ars.

In particular, Zdziarski cited particular clauses of iCloud Terms and Conditions that state that Apple can “pre-screen, move, refuse, modify and/or remove Content at any time” if the content is deemed “objectionable” or otherwise in violation of the terms of service. Furthermore, Apple can “access, use, preserve and/or disclose your Account information and Content to law enforcement authorities” whenever required or permitted by law. Apple further says that it will review content reportedly in violation of copyright under DMCA statutes.

“If iCloud data was fully encrypted, they wouldn’t be able to review content, provide content to law enforcement, or attempt to identify DMCA violations,” Zdziarski told Ars.

Source

h1

New EU Data Laws: Cloud Brings Increased Risk Of Massive Fines

April 4, 2012

That was the warning delivered by Vinod Bange, a top London-based IT lawyer, as the EU proposes new laws to penalise data breaches.

Bange said: “Regulatory sanctions have gone way off the scale in terms of what we are used to right now. The sting in the tail, which did not exist before, is that there is a provision to calculate a fine that is based on a percentage of annual global turnover. That’s big news and a big change.

“Organisations have moved on so much since the original legislation in 1995. In this globalised, outsourced, social media, cloud driven environment, you could end up with a third tier fine.”

The EU is proposing three tiers of fines, the first of which runs up to £209,000 or 0.5 per cent of turnover, the second up to £418,000 or 1 per cent of turnover. The top tier allows for a fine of up to £837,000 or 2 per cent of turnover.

The latter could be a potentially massive fine to the tune of hundreds of millions, with tier three penalties relating to international data transfers. Businesses using the cloud, and data centres across the globe, could be more vulnerable to this massive whack of a fine.

Currently, the ICO’s maximum imposition for those who aren’t careful with their data is a £500,000 penalty.

Source: Computerworld

Read more: http://www.itproportal.com/2012/04/02/new-eu-data-laws-cloud-brings-increased-risk-of-massive-fines/#ixzz1r2Ox2ptx

h1

Google wants to serve you ads based on the background noise of your phone calls

March 23, 2012

Just when you think that we’re pretty tech savvy, companies like Google and Nokia file outlandish “forward-thinking” patents that make you feel like we’re all in a Star Trek episode. In the case of Google’s latest patent, it makes us feel like we’re in a police state.

The patent discusses the technology to analyze the background noise during your phone call and serve up ads for you based on the environmental conditions Google picks up on.