Linux BlueProximity

This is nice:

BlueProximity is a clever program that sets up your computer to lock itself when your phone is out of bluetooth range, and unlock itself when it comes close enough again.

With so many enterprise users getting cell-phones issued by default, it makes for a clever two-factor solution.

Bluetooth isn’t the strongest model, but the concept is worthy of note and the fact that it can be tested today for free is a big bonus.

Gaps in US Breach Notification Laws

CSO magazine has posted an illustration to show US states that still do not have breach notification requirements:

  • South Dakota
  • Alaska
  • New Mexico
  • Iowa
  • Missouri
  • Kentucky
  • West Virginia
  • Virgina
  • South Carolina
  • Alabama
  • Mississippi

Any guesses why these sates chose not to pass notification laws? Economics? Politics? Washington D.C. has the footnote “Pending Federal Legislation”. Wouldn’t that be true for all states?

This reminds me of a VP I used to work for who swore up and down that breach notification laws were horrible things that would immediately turn into swarms of “ambulance-chasing lawyers” trying to pick on the weak and vulnerable companies who had to disclose a breach. I guess he was wrong.

Two modes of security

I like this analysis by Margaret Fuller:

There are two modes of criticism. One which … crushes to earth without mercy all the humble buds of Phantasy, all the plants that, though green and fruitful, are also a prey to insects or have suffered by drouth. It weeds well the garden, and cannot believe the weed in its native soil may be a pretty, graceful plant.

There is another mode which enters into the natural history of every thing that breathes and lives, which believes no impulse to be entirely in vain, which scrutinizes circumstances, motive and object before it condemns, and believes there is a beauty in natural form, if its law and purpose be understood.

Wikipedia says this is from “Poets of the People” in Art, Literature and the Drama (1858). Although she says criticism is the mode, I see security.

POS Prints Expletives, Customers Demand Compensation

I do not have a humor category, but if I did this BBC story would surely go there. Nice example of POS control failure.

Ten friends found the abusive and sexually-explicit message on their bill at Joe Delucci’s Italian restaurant in Bird Street, Lichfield, Staffordshire.

Gives new meaning to the term “receipt”.

Ms Watkin said: “I couldn’t believe it. The bill read ‘fish cakes’, which one of us had for a starter, and it was written right above it – absolutely disgusting language.

Fish cakes for £4.95? Disgusting. Oh, I mean disgusting language, indeed!

Joe Delucci’s owner Mr Langsdon said the message had been meant to be seen only by kitchen staff and he did not know how it ended up as an item on the receipt.

He said: “That shouldn’t come out on the bill, so we’ve got to find out what’s gone wrong there.

Receipt
I see. The problem is that the system was designed so staff could to enter messages into the register and have them seen only by the kitchen staff. Clearly, then, this expletive message went to the wrong place.

But then I have to ask if “Suck My Dxxk Fxxk Face” is really a message for which the kitchen staff would have any use? Input validation seems suddenly very appropriate for wait staff.

Incidentally, the BBC also reports the meal cost £284.68 and the image of the receipt shows £73.45 in drinks. I don’t know why the price matters, but as long as everyone seems to be sending random data as output, I thought I would join in on the fun.

Ok, who now is still worried about the POS vendors who handle money or voting machines?

How long would this type of message be stored in the system, and would it be tied to the credit card number, or a customer name?