Globetechnology

Former spam king sued again by U.S. companies

Canada's former spam king, Eric Head, whose lawyer said he quit the bulk e-mail trade to play drums in a rock band at 25, is again being sued by U.S. companies for clogging cyberspace with unsolicited pitches for such things as cable descramblers, penis enlargers and debt-consolidation loans.

This time, the Kitchener, Ont., man is also accused of using the trademark of Amazon.com Inc. in countless messages to imply falsely that they were sent or endorsed by the on-line marketing giant, a practice called spoofing.

It is unclear whether the alleged abuses, if they occurred, continued past mid-June, when Mr. Head settled a lawsuit with California-based Yahoo Inc. partly by expressing "deep regret" for any inconvenience he caused and urging all bulk e-mailers to cease operations unless they obeyed new U.S. anti-spam laws. [...]

SEATTLE POST-INTELLIGENCER

Microsoft, Amazon.com file anti-spam lawsuit

A joint lawsuit announced yesterday by Amazon.com Inc. and Microsoft Corp. is the first legal case to result from a spam-fighting collaboration between the companies that began about a year ago. The suit targets a Canadian firm alleged to have used Microsoft's Hotmail service to send misleading commercial e-mails purporting to come from Amazon.com. [...]

vnunet.com

Amazon and Microsoft have joined forces to launch a legal crackdown on alleged phishers and spammers.

The companies have filed a joint federal lawsuit against a Canadian company, Gold Disk Canada, accusing it of spoofing.

The companies claim that Gold Disk Canada has been sending millions of deceptive email messages, including ones falsely purporting to have come from Amazon.com, Hotmail.com and other legitimate domains.

Microsoft internet safety enforcement attorney Aaron Kornblum said: "This is the first time we have got together with an e-tailer to stop spam and phishing, using the Can Spam legislation.

"This is not a criminal case [and] what we hope to accomplish is to get an injunction against the defendants, monetary damages and to send a message to spammers saying that spamming has consequences." [...]

See the FTC Web site at www.ftc.gov/spam for updates on implementation of the CAN-SPAM Act.

The FTC maintains a consumer complaint database of violations of the laws that the FTC enforces. Consumers can submit complaints online at www.ftc.gov and forward unwanted commercial email to the FTC at spam@uce.gov.

__posted by Carolyn L Burke @ 8:18 a.m.
subscribe to Integrity

SearchSecurity.com

[...] Roy Banks, general manager of Authorize.Net, said security has always been a priority and that protection was in place. The problem is the attackers caught the company off guard with their methods. 'We've invested heavily in defense, and we thought we were prepared,' he said. 'But the nature of this attack was something we had never experienced.'

Banks said Authorize.Net has 'learned a great deal' from the past week, and will incorporate those lessons into the next round of security upgrades. 'The tactics of these people are evolving,' he said. 'Our security will evolve so we can stay ahead of them in the future.'

Hoekje hopes so. 'As far as my customers are concerned, when my site is down it only reflects on me,' he said.

Tom Corn, vice president of business development for Cambridge, Mass.-based security firm Mazu Networks, said distributed denial-of-service attacks are particularly serious because they take more sophistication and coordination to pull off than typical outbreaks.

"You're dealing with multiple zombie machines that are targeting this one site," he said. "The fact that this is a DDoS against a financial institution is not a good sign for the future. These guys monitor their victims during the attack and adjust their tactics as the victims try to make their own adjustments. It's difficult to recover from something like that."

Information security experts have long worried about the rapid rise of financially motivated attacks. Zimmerman said FBI officials told him such attacks have picked up since June. Corn noted that since April, at least two other credit card sites have been attacked.

"The big lesson is this: If you rely on these big businesses, you have to ask them questions about how secure they are, not just what their rates are," Corn said.

(0) comments

Statistics Canada - Science, Innovation and Electronic Information Division

The rising availability and adoption of broadband Internet has produced many opportunities for businesses in Canada, particularly small firms. The most obvious advantage -- the ability to access the Internet at much higher speeds -- enables firms to use advanced information and communications technologies (ICTs) more effectively.

Headlines

Broadband for business: An increasing presence

Web presence: High-speed firms leap ahead

Intranets and Extranets: Used primarily by high-speed firms

Purchasing online: High-speed Internet eases access

Online sales: Dominated by high-speed firms

__posted by Carolyn L Burke @ 10:06 a.m.
subscribe to Integrity

(0) comments

American Psychological Society - Psychological Science in the Public Interest

Ed Diener and Martin E.P. Seligman

Volume 5, Number 1

July 2004

Project Editor: Stephen J. Ceci

Policy decisions at the organizational, corporate, and governmental levels should be more heavily influenced by issues related to well-being--people's evaluations and feelings about their lives. [...]

From the study: Well-being, which we define as peoples’ positive evaluations of their lives, includes positive emotion, engagement, satisfaction, and meaning (Seligman, 2002). Although economics currently plays a central role in policy decisions because it is assumed that money increases well-being, we propose that well-being needs to be assessed more directly, because there are distressingly large, measurable slippages between economic indicators and well-being. [...]

Although much more research is needed on the societal correlates of well-being, it is clear that rising income has yielded little additional benefit to wellbeing in prosperous nations, pointing to one limitation of economic indicators. We also review factors in the workplace that influence wellbeing at work, and show that well-being on the job in turn predicts positive work behaviors and perhaps profitability. Finally, we review evidence showing that supportive social relationships are essential to well-being. Well-being, in turn, has positive effects on social relationships, as well as mental and physical health.

(0) comments

InfoWorld

The way forward, Geer suggests, is not to abandon ACLs but rather to augment them with aggressive monitoring that holds people accountable for behaviors that can’t economically be permitted or denied. ACLs don’t scale because checkbox maintenance requires a scarce resource: the human decision-maker. Accountability does scale because event logging and data analysis ride the favorable current of Moore’s law.

This notion is compelling because, as Geer points out, our free society works in a similar way. We don’t have to ask permission for most things, but, “If I sufficiently badly screw up,” Geer says, “there’s some expectation that will be discovered, and I’ll be found, and I’ll be made to pay.

(0) comments

Survey: Symantec, Cisco and McAfee most trusted in security
Symantec, Cisco and McAfee are the most trusted security product vendors in the United States, Yankee Group concluded after surveying 400 enterprises. Firms ranking lower in the poll believe the questioning was overly broad and the answers based more on brand recognition than a company's effectiveness. [...]

Phebe Waterfield, security solutions and services analyst for Yankee Group, conducted the survey in June, asking: "Who are your most trusted security product vendors?" and "Who are your most trusted security service providers?" [...]

Based on the responses, Waterfield concluded the top 10 most trusted security product vendors are Symantec Corp., Cisco Systems, McAfee Inc., IBM Corp., Microsoft, VeriSign Inc., RSA Security, Oracle Corp., Check Point Software Technologies and 3Com Corp. But when asked to name the most trusted security service providers, she found the top 10 to be Symantec, Cisco, VeriSign, IBM, Lucent Technologies, Computer Associates Inc., EDS, AT&T, Internet Security Systems Inc. and Unisys Corp.

(0) comments

Statistics Canada - The Daily

Canadian households spent just over $3.0 billion shopping on the Internet on everything from airplane tickets to books, according to the 2003 Household Internet Use Survey (HIUS).

An estimated 3.2 million Canadian households actively participated in e-commerce in 2003, up from 2.8 million the year before. These households accessed the Internet from various locations, not just home. In total, they placed 21.1 million orders, up from 16.6 million the previous year.

The $3.0 billion in orders placed over the Internet represents a 25% increase from $2.4 billion spent online in 2002. This growth rate far exceeds the 5% increase in the number of households that accessed the Internet from any location in 2003.

Total electronic commerce spending represents only a fraction of the $688 billion in total personal expenditure in Canada last year. However, the new figures confirm that households are increasingly using the Internet as a method of purchasing goods from both Canadian and foreign vendors.

The electronic commerce components of the HIUS from 2001 to 2003 were redesigned to capture Internet shopping from households that regularly used the Internet from various locations, solely for household purposes.

Highlights

• One-third of online purchases made on foreign Web sites
  
• Concerns still high, but online credit card use rises
  
• Books, magazines still most popular purchase
  
• Growth in purchase of digital products (20% up from 16%)
  
• 7 out of 10 use high-speed access at home gateway to online purchases
  
• Ontario households account for almost half of total e-commerce spending
  

(0) comments

TheStar.com

Dramatic results made public today from a unique 20-year American experiment are raising the spectre of runaway warming above the Arctic tundra that would accelerate global climate change.

The findings, if confirmed with additional studies, could also doom Canada's Kyoto plan targets for reducing emissions of carbon dioxide, the leading greenhouse gas.

This double whammy arises because U.S. researchers discovered climate warming might trigger conditions where tundra decomposition will dump carbon dioxide into the atmosphere faster than it's soaked up by accelerated plant growth.
This extra carbon dioxide could trigger a 'positive feedback,' speeding up the rate of global warming even more, warns a study published today in Nature, the influential British research journal."

(0) comments

IT World Canada

[...]the move to outsource is well under way with the likes of intrusion detection and virus scanning already being offered extensively as managed security services.

The Yankee Group puts these services into what it calls first and second generation of outsourcing, heavily dominated by products. As the decade progresses, phases three and four of security outsourcing will move into pervasive security (penetration testing, wireless VPNs, et cetera) and persistence security (Web services and VoIP security, et cetera). By 2008 the global managed security market will grow to US$3.7 billion the report forecasts.

(0) comments

Economic & Social Research Council (UK)

Volunteering has a positive influence, irrespective of a community's social class or wealth. 'A relatively poor community with lots of voluntary activity can do better in relation to health, crime and education than a relatively affluent community which lacks such activity' explains [Paul Whiteley, Programme Director of the ESRC Democracy & Participation Research Programme]. The research also tested for links between voluntary activity and overall life satisfaction or happiness. Again there is a strong link between communities with lots of volunteering and those where people are very satisfied with their lives.

(0) comments

LexisNexis.ca

More than half of [Canada's] public accounting firms are choosing not to continue auditing public companies under Canada's new oversight process for auditors.

Of the approximately 500 firms currently auditing reporting issuers in Canada - 50 of which are firms from outside the country - have registered with the new Canadian Public Accountability Board, while a few more have begun the registration process.

(0) comments

JupiterMedia

Essentially, think of a control as a safety valve designed to prevent an accident. Organizations realize, either through trial and error, or by leveraging industry best practices, what to do and what not to do. Literally, processes, technology and people are put in place to 'control' outcomes. There are three broad categories of controls to look at: Preventive, Detective and Corrective.

[...]

(0) comments

TheStar.com

The management of the OSC must figure why they are doing such a poor job of oversight. Does it need more resources? Are there proper checks and balances on company reporting? Should there be a national securities commission to police the markets and their listing companies?

Immediate improvements in oversight by boards of directors and securities regulators are needed for Canadians to have faith in the markets.

(0) comments

NetworkWorldFusion

Six steps to strong network security

As more attacks penetrate perimeter defenses, these six steps can help ensure your organization's network and applications remain secure.

1. Recognize the limits of the perimeter. Although perimeter security technologies such as firewalls and intrusion-detection systems (IDS) are important, they are just one part of an overall security solution. As more organizations look to open up their networks to business partners and customers, the perimeter becomes more porous and application-level security needs to play a greater role.
   
2. Build internal moats. Smart organizations identify their most critical and vulnerable resources and then deploy perimeter-like security devices, such as firewalls and IDSs, around them. This provides an added layer of defense and ensures that in the event of a perimeter breach, critical assets still are protected.
   
3. Protect against attacks from within. Realize that your internal network is no longer a trusted zone and act accordingly. Technologies such as Zone Alarm's Integrity, which checks PCs to ensure they have the proper virus signatures and patch levels in place before providing access to the network, help ensure internal vulnerabilities are mitigated.
   
4. Deploy application-specific security wares. Firewall vendors, including Check Point, F5 and Top Layer are rolling out intrusion-prevention systems that sit between perimeter defenses and internal servers. These devices perform application-specific deep packet inspection on traffic that the perimeter firewall lets through. They are especially effective at stopping application-specific attacks such as domain-level attacks that focus on DNS vulnerabilities or Web attacks that exploit known HTTP and FTP holes.
   
5. Improve identity management. If you can't get to a service, you can't compromise it. New technologies, such as TNT's Identity, look to ease internal and external identity management by integrating with directory services, such as Microsoft's Active Directory, and checking identity at the packet level. Ensuring that only authorized users and applications are granted access goes a long way toward shoring up application security.
   
6. Integrate security into application development. If applications have no security holes, they can't be breached, no matter how insidious the attack. Vulnerability scanners from Spiware and Sanctum can help ensure that applications are hole-free before deployment. Also examine shrink-wrapped products for proper coding practices.

[This was included in a very good article with examples.]

(0) comments

TheStar.com

Proceed with caution. That's our advice to Prime Minister Paul Martin and his Liberal government as they cast about for a more transparent and accountable way to appoint Supreme Court justices.

Canadians are blessed with a high court of knowledgeable, nimble minds and unimpeachable integrity. That matters, especially in an era in which the Charter of Rights and Freedoms must be upheld in the context of rapidly shifting social norms, ever-evolving technology, the erosion of privacy and the need for effective anti-terror laws.

The appointment this week of Madam Justices Louise Charron and Rosalie Abella, two respected jurists, promises to add lustre to a nine-person court already held in high regard in this country and abroad. The court's integrity must be protected, regardless of how justices are to be selected.

Since Confederation, the prime minister has made the appointments, based on vetting by the justice minister who, in turn, consults with the provinces, the bar and law schools to identify the best candidates. The system works. No justice has shown herself or himself to be biased, incompetent or disreputable. And the prime minister's key role is enshrined in the Constitution, so the system cannot be easily changed.

But what is good can be improved. If Ottawa can come up with a process to bring in Parliament and the public, all the better. That is what Justice Minister Irwin Cotler has in mind with his proposal to create a new, broadly based 'judicial advisory committee' to help identify a short list of top candidates from which the prime minister can choose. Cotler hopes to have such a process in place by 2006.

[...]

(0) comments