May 29 2011

Shoot first, identify later?

Tag: (i)realidad,Informática LegalJoaquim Anguas @ 5:01 pm

Though federal courts can indeed be slow, it took Shadur only three days from the case assignment to issue a memorandum order that opened with these words:
«It seems that attorney John Steele (“Steele”) might be well advised to stay away from Las Vegas or other casinos, because his current filing on behalf of plaintiff Boy Racer, Inc. has—despite odds in the range of 25 to 1—been assigned at random to the calendar of this District Court, which had previously been the recipient of another random assignment of a Steele-filed action (that one being CP Productions, Inc. v. Does 1-300, No. 10 C 6255). This Court had ended up dismissing the CP Productions action for the reasons stated in its February 7, 2011 memorandum order and its February 24, 2011 memorandum opinion and order, which (among other reasons) rejected attorney Steele’s effort to shoot first and identify his targets later.»

Via arstechnica.

Enter DGW! (again) :

After being honored with an Oscar for best motion picture last year, the makers of The Hurt Locker have now also secured the award for the biggest file-sharing lawsuit the world has ever witnessed. By targeting at least 24,583 alleged BitTorrent users, Voltage Pictures hopes to recoup millions of dollars in settlements to compensate the studio for piracy-related losses.»

The math shows that this scheme could turn out to be extremely profitable for the parties involved. If ‘only’ 10,000 of the alleged infringers eventually pay a $2,000 settlement this would bring in $20 million. In comparison, that’s more than the $17 million The Hurt Locker grossed at the U.S. box office.»

See also here for some background.

May 28 2011

RSA SecureID breach & Lockheed Martin hacker attack

Tag: (i)realidad,Informática LegalJoaquim Anguas @ 2:44 pm

However, to counter any threats, we regularly take actions to increase the security of our systems and to protect our employee, customer and program data,» he said. «We have policies and procedures in place to mitigate the cyber threats to our business, and we remain confident in the integrity of our robust, multilayered information systems security.»

From WSJ, via BB.

See also arstechnica and NYT (registration required).

Reminder: Required Actions for SecurID Installations (March 18th, 2011).

Overall Recommendations:

RSA strongly urges customers to follow both these overall recommendations and the recommendations available in the best practices guides linked to this note.

  • We recommend customers increase their focus on security for social media applications and the use of those applications and websites by anyone with access to their critical networks.
  • We recommend customers enforce strong password and pin policies.
  • We recommend customers follow the rule of least privilege when assigning roles and responsibilities to security administrators.
  • We recommend customers re-educate employees on the importance of avoiding suspicious emails, and remind them not to provide user names or other credentials to anyone without verifying that person’s identity and authority. Employees should not comply with email or phone-based requests for credentials and should report any such attempts.
  • We recommend customers pay special attention to security around their active directories, making full use of their SIEM products and also implementing two-factor authentication to control access to active directories.
  • We recommend customers watch closely for changes in user privilege levels and access rights using security monitoring technologies such as SIEM, and consider adding more levels of manual approval for those changes.
  • We recommend customers harden, closely monitor, and limit remote and physical access to infrastructure that is hosting critical security software.
  • We recommend customers examine their help desk practices for information leakage that could help an attacker perform a social engineering attack.
  • We recommend customers update their security products and the operating systems hosting them with the latest patches.»

See also securosis and schneier.

Uptate: Reuters via BB.

May 16 2011


Tag: 01Joaquim Anguas @ 10:24 am

The benefits of a currency like this:

a) Your coins can’t be frozen (like a Paypal account can be)
b) Your coins can’t be tracked
c) Your coins can’t be taxed
d) Transaction costs are extremely low (sorry credit card companies)»

More info here.




Exchange rate.

Update: good explanation + Q&A.

May 10 2011

Cooperative and defective strategies

Tag: 01,Informática LegalJoaquim Anguas @ 8:56 am

All complex systems contain parasites. In any system of cooperative behavior, an uncooperative strategy will be effective — and the system will tolerate the uncooperatives — as long as they’re not too numerous or too effective. Thus, as a species evolves cooperative behavior, it also evolves a dishonest minority that takes advantage of the honest majority. If individuals within a species have the ability to switch strategies, the dishonest minority will never be reduced to zero. As a result, the species simultaneously evolves two things: 1) security systems to protect itself from this dishonest minority, and 2) deception systems to successfully be parasitic.»

From Schneier on Security.

May 07 2011

Games, arts and nostalgia

Tag: (i)realidadJoaquim Anguas @ 4:42 pm

He said (I’m paraphrasing) that we should stop worrying about whether or not video games are «Art,» but instead think of them as the new medium for creative expression in the 21st century.»

Exhibition at the Smithsonian
Interview at BoingBoing

BTW guys at the Smithsonian, its «Shadow of THE Colossus». And I miss PaRappa the Rapper

May 06 2011

You know you’re a triathlete when…

Tag: (i)realidadJoaquim Anguas @ 9:12 pm

… you’re convinced that if you rest more than one day, your muscles will atrophy, your ultra-fit body will turn into a pile of goo and everyone in your age group will beat you.

Human(?) behaviour

… you’re a professional copywriter and add your articles and race reports appeared on Triathlete on your portfolio.
… you would like to be called «Scott» but not sure if instead of your first name or if instead of your family name.
… you’ve gone running in dress/work socks and/or your only pair of under-wear rather than skip a noontime workout just because you forgot these
… you go back to the office without these items *or* wearing them sweaty, *and* you’re darned glad you didn’t have to skip the workout just to
have dry work clothes. (corollary to the one before)
… tell your minister you can only make it to church on Sunday’s in the off season… Which will be after this one more race….
… you ride your bike to the start of a local 10k, and on being questioned, you explain that you need a good warm up.
… you leave work on Friday your boss requests that: «You don’t break anything at one of those ‘athlon things».
… you grin while thinking that Ben and Jerry’s ‘Chubby Hubby’ really is a dietary requirement.

Continue reading «You know you’re a triathlete when…»