Security

Investigation reveals TJX WEP(ons) of mass destruction

Leave a comment

I’m speechless…

Despite a market capitalization of almost $13bn, it appears the company couldn’t afford to secure its Wi-Fi network with anything more robust than the woefully inadequate Wired Equivalent Privacy protocol. (The much more secure Wi-Fi Protected Access has come standard on most routers for four years now.) It also failed to use firewalls or install software patches and disregarded requirements imposed by Visa and MasterCard concerning how card information is stored and transmitted.

[…]

All told, the breach could cost TJX $1bn over five years in costs for consultants, security upgrades, attorney fees and damage-control marketing, analysts from Forrester Research estimate.

Significantly, Forrester’s estimate doesn’t include liabilities that may result from lawsuits, such as one recently filed by associations representing almost 300 Northeastern banks in the US.

Plenty of banks have been saddled with costs resulting from the breach. Banking associates are lobbying federal and state lawmakers for legislation that would require companies who suffer security breaches to absorb the costs of issuing new credit cards.

From the Register.

Energy, Security

800hp and low-emissions

Leave a comment

Autoblog reports that the company that makes the fastest supercar in the world has a new engine that meets global emissions standards:

Ultima’s efforts start with Chevy’s LS7 lump from the Z06, which rocks 505 HP standard. Ultima then adds their own exhaust, for a boost up to 565 HP. The camshafts are swapped out, raising the horse count to 650. Finally, a supercharger provides the 150 HP coup de grace, for a finally tally of 800. The entire package meets global emissions standards, as does every step in between.

Amazing.

Poetry, Security

European poetry takes over Washington DC

1 Comment

All 27 European Union member states and the European Commission in Washington, DC, have launched a literary project titled European Poetry in Motion to commemorate the 50th anniversary of the EU.

Over a hundred poems ― five poems from each of the 27 member states of the European Union ― will be exhibited this month on posters in Washington area public bus and metro systems in their original language along with an English translation. EU country representatives also will participate in a marathon reading at the Goethe Institute and poetry readings at Bus Boys and Poets.

They have an awful flash-based website, demonstrating that good poetry is often still presented with bad code, so here are some notable events:

May 1st
Begin of exhibition in Metro buses and Metro stations

May 5th
2—7 p.m.: Poetry Marathon
Goethe Institut
812 7th Street, NW
Washington, DC 20001
For more information call: 202.289.1200 or go to
www.goethe.de/washington

May 7th-8th
EU Short Film Festival
Goethe Institut
812 7th Street, NW
Washington, DC 20001
For more information call: 202.289.1200 or go to
www.goethe.de/washington

May 9th
Europe Day
Ambassadors to School Program
European Commission Ambassador John Bruton and Ambassadors from 27 countries will be teaching students about the EU at Washington area schools to commemorate Europe Day, May 9. This marks the day in 1950 when French Foreign Minister Robert Schuman called on France, Germany and other countries to pool together their coal and steel production as the first concrete foundation of a European federation.
For more information go to www.eurunion.org

May 12th
Open House at EU member state embassies and the EU Commission in Washington, DC
Shuttle service provided
For more information go to: www.germany.info

May 20th
4 – 6 p.m.: European Poetry Reading
Busboys and Poets
2021 14th Street, NW
Washington, DC 20009
For more information call: 202.387.POET or go to
www.busboysandpoets.com

I like the ability to switch between languages when you click on the text. Very nice idea; but flash is still a horrible way to present ideas. Placing text side by side actually gives a better sense of translation. And what’s with the giant “print” button? Perhaps an “embed” button would be better so bloggers around the world could weave favorites into their own threads. Print. Who wants to print?

After looking around I’m already tempted to work on another translation of Petr Borkovec’s poem (Natural Causes).

Security

Prisoner conviction based on return address

Leave a comment

This story might have more to it than meets the eye:

A Wisconsin state appeals court refused to overturn the conviction of a prisoner who said no one ever saw him write a threatening letter to a judge.

The 2nd District Appeals Court noted Wednesday that Anthony Dwane Turner’s return address was on the envelope, sealing its decision.

Since he was a prisoner at the time, it would seem his return address was determined for him:

Turner asked the appeals court in 2005 to overturn his conviction. He argued prosecutors didn’t present any evidence at trial that anyone saw him write the letter or that the handwriting was his.

The appeals court refused, saying the envelope was marked with Turner’s name, inmate number and the address of the prison in Green Bay.

So I guess the question raised is whether someone in a prison can impersonate a prisoner by sending a letter that appears to be from their cell. The address is treated as a signature, but how trustworthy/spoofable is it?