August 11, 2008
How not to make friends with the US military
The Financial Times reports on British hacker Gary McKinnon is to again appeal his extradition to the US. I reported on McKinnon - who infiltrated a US military network seven years ago - at the end of June.
Last month he lost an appeal in the House of Lords that opens the way for the US to extradite him for trial and a possible lifetime sentence. He is set to take his appeal to the European Court of Human Rights in Strasbourg. (Link)
The US claim that his actions led to the military shutting down defence systems in the wake of September 11th. And while McKinnon said his motivation was to search for information about UFOs he somewhat ill-advisedly left a comment on a US computer that said "US foreign policy is akin to government sponsored terrorism these days." Not exactly the best way to endear yourself to a military superpower.
His lawyer Karen Todner said:
"Gary McKinnon is neither a terrorist nor a terrorist sympathiser. His case could have been properly dealt with by our own prosecuting authorities. Instead, we believe that the British government declined to prosecute him to enable the US government to make an example of him."
All this fuss because the US military left system administrator passwords blank?
Banks encouraged to authenticate email
We’ve been saying it for ages but now a leading analyst has said it too: banks should be implementing email authentication. (Link)
Ron Shevlin, a retail banking analyst at Aite Group, writing on banktech.com said:
“Specifically, a bank should publish its Sender Policy Framework (SPF) record (a technical standard that helps prevent sender address forgery); implement cryptographic solutions, such as digital signatures and encryption; and control and monitor its brand domain names.”
Banks often shy away from using the low-cost but effective email medium for communicating with customers because of fears over fraud and privacy. But Shevlin said banks need to educate customers and help them recognise email fraud.
“Banks also should empower the customer/recipient in the fight against e-mail fraud. To do this, banks should provide easy and conspicuous access to preference pages and their privacy policies, allowing recipients to understand and control their preference information, including the ability to opt out or change messaging frequency and content.”
Shevlin specifically talks about DKIM as part of the overall solution.
“While SIDF and DKIM fulfil a role in the sifting of wheat from chaff, a number of third-party solutions have been brought to market with the specific aim of providing some form of certificate of authenticity for delivered e-mails. A common characteristic of these solutions is to provide some form of mark for the end user to visually illustrate that an e-mail is trustworthy, such as a sealed envelope or a padlock.”
Click on “home” below to see exactly what he’s talking about.
Hell hath no fury like a gamer scorned
One of the most cut-and-dried cases of IP (intellectual property) infringement has been played out on Facebook recently with the hugely-popular application Scrabulous the target of a lawsuit by Scrabble game-maker Hasbro.
Aside from adopting the look-and-feel, rules and name of the Scrabble game it’s hard to see what Scrabulous have done wrong. However those cynical businessmen at Hasbro clearly feel there’s a case to answer.
Scrabulous has been a phenomenon, attracting about half-a-million users daily. Clearly this is something that the straggling Hasbro wants a slice of and they recently launched their own version on Facebook: slow, lacking features, lack of control, confusion over geographical versions and dictionaries. And they’re the good points.
But the backlash against the trademark holders took a turn for the worse when hackers decided to teach them a lesson and take their application offline.
(Link)
A statement from Hasbro said:
“EA's Scrabble Facebook game experienced a malicious attack this morning, resulting in the disabling of Scrabble on Facebook," the statement read. "We're working with our partners to resolve this issue and have Scrabble back online and ready to play as soon as possible."
You might note I’m a little cynical about Hasbro’s actions and you will see there is little sympathy out there save for some pro-IP columnists. The fairest action – and best from a PR point of view - would have been for Hasbro to work out a deal with Scrabulous’ developers that would see them licence their code and integrate it in to the official Scrabble application.
But these big guys love to crack a walnut with a sledgehammer.
|
