Archive for October, 2009
A sneak peek at a government file ABOUT YOU
October 12th, 2009. Published under My Recent Reads. No Comments.
pulled from Google Reader (click on title for original post)
Ever wonder what information a government agency might hold about your traveling habits? Thanks to an anonymous U.S citizen, we can sneak a peek at a travel record held by the United States Department of Homeland Security. The scanned copies are posted on philosecurity, and include data like:
- IP address used to make web travel reservations
- Hotel information and itinerary
- Full Name, birth date and passport number
- Full airline itinerary, including flight numbers and seat numbers
- Cruise ship itinerary
- Credit card number and expiration
- Phone numbers, including. business, home & cell
- Every frequent flier and hotel number, even ones not used for the specific reservation
Several countries, including Canada, collect similar information as part of an Advanced Passenger Information or Passenger Name Record program.
While we would all prefer it if the government did not collect information about our travel habits, these programs are meant to provide security agencies with enough advance information to screen travelers and identify potential risks to transport security. If your travel plans include the European Union, Switzerland or the United States, information in Canada’s database will also be shared with their security agencies.
More information about the Canada Border Services Agency’s programs is available, including directions on how each individual can access the travel data the Agency holds on you.
(IN)Secure Mag issue 22 released
October 12th, 2009. Published under My Recent Reads. No Comments.
pulled from Google Reader (click on title for original post)
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics.
The covered topics include:
Using real-time events to drive your network scans
Review: Data Locker
The Nmap project: Open source with style
Enterprise effectiveness of digital certificates: Are they ready for prime-time?
A look at geolocation, URL shortening and top Twitter threats
How “fake stuff” can make you more secure
Making clouds secure
Q&A: Dr. Herbert (…)
York University Obtains Court Order For Bell & Rogers Subscriber Information
October 12th, 2009. Published under My Recent Reads. No Comments.
pulled from Google Reader (click on title for original post)
There has been considerable discussion in recent weeks regarding the prospect of court orders mandating ISPs or other intermediaries disclose identifying information about anonymous individuals (Google model case, Ottawa city hall blog). Overlook, however, is a recent order obtained by York University requiring Bell and Rogers to disclose subscriber information. Neither ISP opposed the order, which included some novel requirements in return for ordering the two companies to disclose the names of customers associated with particular IP addresses. First, York University was required to pay the ISPs to compensate them for providing the information – Rogers gets $600, while Bell gets $300. Second, the court added a condition that required notification of the customers identified by Bell and Rogers so that they could apply to the court to vary or vacate the order. Despite constituting only three paragraphs, the order raises some very interesting issues including the questions about why a university would seek this order, the compensation to the ISPs, and the attempt to factor in a response from the identified subscribers.