Off The Hook - 23 January 2008

The Data Loss of the Week award goes to GE Money, the credit card processing company used by JC Penny department stores, who lost information on 650,000 customers including social security numbers for 150,000 of those. The information was on a backup tape that was stored in a warehouse of Iron Mountain and went missing last October. Of course, the company reported that there was no reason to suspect the data was stolen nor used fraudulently. Mike mentions that, like most lost data incidents, a year of free credit monitoring will probably be given to the victims. Emmanuel wonders whether those given the credit monitoring service will be automatically billed for it after the year is up. Bernie S. uses a service after TD Ameritrade lost his information 3 months ago. He said that they did not take any billing information, so wouldn’t be able to charge him without his knowledge and likens it to the Do Not Call List, which is often abused by unscrupulous telemarketers. The Identity Theft Resource Center says that there was a 6 fold increase in the number of compromised records last year, a total of 125 million in 2007.

Emmanuel goes on a long tirade about his Verizon land-line phone bill, complaining about the charge for “Verizon Freedom Essentials,” which includes call-waiting ID, and anonymous call rejection, which is free. The big complaint is something marked as “discounted telecommunications service” which, though it sounds like a good and normal thing, is actually the name of a company, that charged him for directory assistance at a rate of $8.50 per instance. In order to get the charge removed, Emmanuel says the best tactic is to claim that the line is connected to a fax machine and that there is no way he could have made a call. A tangential discussion about the exorbitant cost and low quality of directory assistance leads Bernie to divulge his method of getting good advice for an area he knows little about: he simply calls a random number in the NPA and prefix that he is looking for information about. With a bit of social engineering, most people will recommend a business that suits your needs.

A North Dakota judge decided that performing a zone transfer is illegal if you don’t obtain authorization first. Bernie likens it to what he was arrested for, possessing equipment for the modification of telecommunications instruments for the unauthorized access to telecommunications services. His appeal was based upon the fact that the law didn’t specify who would give authorization for such modifications. Though a similar case, Mike clarifies that performing a zone transfer, getting all of the host in a domain, is trivial, requiring no special equipment and only common software. Furthermore, DNS servers can be easily setup to deny zone transfer requests. The same judge also said that compiling ‘whois’ lookups without permission from Network Solutions is also illegal.

The head of the European Union’s privacy regulators declared that IP addresses should be treated as personal information. Though Google and others maintain that an IP address only identifies a computer, the EU commissioner said that because most people use the same computers repeatedly, it was still personal information.

The Church of Scientology was DDOSed by “Anonymous” last week orchestrated as Project Chanology as a coordinated attack against Scientology. This is in response to a recent video of Tom Cruise which the Church of Scientology forced YouTube to take down. Gawker still has the video up, a good example of the Streisand Effect, which goes unmentioned on the show.

Time Warner has announced that it will start using usage-based billing, which Emmanuel likens as, “people who use the internet more will pay more and people who use it less will pay the same.” Bernie notes that Time Warner and Comcast both kick people off of their “unlimited” services if they cross a certain threshold of usage surmising that they don’t publish the limit because it would conflict with the advertising of the service as unlimited.

The Federal Energy Regulatory Commision approved cyber-security standards to protect electrical utilities from attacks by hackers. A group representing electricity generators, the Edison Electric Institute recommended the standards, “following growing concerns about the security of utilities.” A senior CIA analyst, Tom Donahue, is quoted as saying, “hackers literally turned out the lights in multiple cities after breaking into electrical utilities and demanding extortion payments before disrupting the power.” He refused to elaborate about where, when or how long the outages lasted only that they were outside the United States. A video from last year, the Aurora Generator Test, blew this out of proportion last year showing simulated hackers causing a generator to explode.

A cocaine vaccine was announced; Emmanuel and notkevin up the Orwellian implications such as parents giving it to their children which is an admission that their children might try cocaine in the future.

Sprextel and T-Mobile were denied hearing of a case by the supreme court dealing with an 11th circuit decision that would force them to add taxes into the pricing of their plan, rather than listing them separately.

Cellphones were used to steal merchandise at a WalMart on Long Island.

FBI wiretaps were halted after the bureau failed to pay bills on their lines. Bernie brings up the incredible cost of wiretaps, stating that a single wiretap can cost more than $10,000 which all comes out of taxpayers pockets.

Untraceable, a soon to be released action film about internet snuff films, seems to advocate against net-neutrality.

A listener calls asking for a recommendation of an MP3 player that will also tune AM stereo and Bernie recommends the Pogo RadioYourWay.

Redbird responds to a listener’s question about anti-virus for smart phones, saying that it’s really not necessary.