Proposed Legislation to Curb 1.3 million Demand for Subscriber Information in 2011
Recently, cellphone carriers reported they responded to 1.3 million demands for subscriber information in 2011 from law enforcement agencies seeking text messages, caller locations and other information in the course of investigations.
With the introduction of a newly drafted legislation by Representative Edward Markey, he is looking for a way to curb the growing number of requests wireless carriers receive from U.S. law enforcement agencies for their customers’ phone records.
Peter Modafferi, chief of detectives for the Rockland County district attorney’s office in New York stated, “At every crime scene, there’s some type of mobile device, the need for the police to exploit that technology has grown tremendously, and it’s absolutely vital”
The proposed bill will also asks the Federal Communications Commission to devise regulations setting a limit on how long wireless carriers can keep customers’ personal information.
The Obama administration is looking for ways to give consumers more control over personal information while surfing the Internet on laptops and mobile phones. The administration unveiled plans to protect the privacy of Internet titled “The Consumer Privacy Bill of Rights” which outlined principles that the administration expects Internet companies to adopt, even if legislation isn’t passed.
Visit NBCNews.com for breaking news, world news, and news about the economy
Large collection of Free Microsoft eBooks
Microsoft has released a large collection of Free eBooks for you, including: SharePoint, Visual Studio, Windows Phone, Windows 8, Office 365, Office 2010, SQL Server 2012, Azure, and more.
You can access them below:
2012 Washington D.C. Tech-Security Conference
Conference Details:
Date: Thursday, Aug. 23rd, 2012
Time: 8:15am – 4:00pm
Place:
L’Enfant Plaza Hotel
480 L’Enfant Plaza, SW,
Washington, D.C. 20024
Topics that will be covered and discussed:
Protection Against Spear Phishing and the Modern Cyber Threats.
Bit9/ Accuvant
Turning the Mobile Device Evolution in Your Favor.
Entrust
Manage, Control, and Audit the Use of Shared, Privileged, and Administrative Accounts.
Cyber-Ark
Eliminating Data Security Threats.
Varonis
Centralizing Identity, Policy and Privilege to Simplify Data Center Security and Compliance. Centrify
Securing the Virtual World.
WatchGuard
Understanding Managed File Transfer: Moving from Chaos to Control.
Axway
Onboarding Personal Devices to Corporate Networks.
Bradford Networks
****This conference qualifies for CPE credits.****
Tickets include LUNCH & Conference Materials.
Numerous Door Prizes & Give-A-Ways!
iPods, Gift Cards, USB Watch, PSP, Memory Sticks, & More!
Dropbox confirms it was hacked, offers users help
After a two-week investigation, the online file storage service confirms that usernames and passwords were stolen from third party Web sites and then used to access Dropbox accounts.
When a few hundred Dropbox users began receiving spam emails about online casinos and gambling sites two weeks ago, it seemed like something was up. And indeed there was.
Read more on CNET.com
EC-Council University Offering Ethical Hacking Scholarship
EC-Council University (ECCU) is offering a full scholarship for its Master of Security Science (MSS) Program. The MSS prepares students for leadership positions in the cyber security industry. A 36-hour program, the course work can be completed online in as little as two years. Specifically the program offers in-depth instruction in the areas of ethical hacking, network security, digital forensics, disaster recovery, organizational structure and behavior, leadership and communication.
The $17,000 Ethical Hacking Scholarship covers tuition and fees for the MSS program. Additional costs for textbooks, shipping, computer equipment, internet fees, supplies and exam proctoring are not included in the scholarship. Students may transfer up to twelve credits of graduate course work into the MSS program from accredited institutions of higher education recognized by the US Department of Education. Nine of those credits can be from professional industry certifications. The acceptance of transfer credits is at the discretion of the University.
Scholarship applicants must
- Have a bachelor’s degree with a 2.5 cumulative GPA or better or the foreign equivalent.
- Meet EC-Council University’s admission requirements. http://www.eccuni.us/
Admissions.aspx
- Complete ECCU Application for Admission—application fee will be waived for Ethical Hacking Scholarship applicants.
Students interested in the Ethical Hacking Scholarship should go to http://www.eccuni.us for the scholarship application process. In order to be considered for the Ethical Hacking Scholarship, all materials must be received by no later than September 1, 2012. The scholarship winner will be announced no later than October 1, 2012.
About the MSS Program Structure
The MSS program consists of an 18-credit set of core requirements, a 15-hour emphasis and a graduation project. Students can select either an emphasis in Information Assurance or Management. The Information Assurance emphasis focuses on a range of skills, strategies and techniques designed to broaden the expertise of the cyber security practitioner. The Management emphasis focuses on the development of leadership and communication skills; and broadens the student’s understanding of organizational structure, behavior and change.
- Student Catalog
- Graduate Certificates
- Transfer Credits
President’s Message
At EC-Council University, we have high aspirations for our students. We want them to be tomorrow’s technology leaders.
We have built this institution on four main principles. First, we understand the Technology Revolution and aim to prepare our students to excel in the new future. Second, we embrace a new learning paradigm where knowledge is shared across space, time and medium using our Learn Anywhere Anytime model.
Third, we provide course content and materials that are highly relevant and fresh out of many research and development labs. Finally, we believe in a professional faculty who openly share their experience and knowledge with our students.
It is these principles and a strong sense of mission that drives all my colleagues and associates of EC-Council University to provide not only the most high-tech content and learning resources, but also a learning system and environment which allows every student at EC-Council University to learn, experience and lead into the digital age.
We strive to prepare our graduates to embrace the challenging position of Information Security and Information Assurance Specialist in international organizations worldwide. We consider this to be the school where Chief Information Security Officers and e-Business Architects of world class stature are educated.
Sanjay Bavisi
President
Comparing enterprise data anonymization techniques
There comes a time when data needs to be shared — whether to evaluate a matter for research purposes, to test the functionality of a new application, or for an infinite number of other business purposes. To protect sensitivity or confidentiality of shared data, it often needs to be sanitized before it can be distributed and analyzed.
A popular and effective method for sanitizing data is called data anonymization. Also known as data masking, data cleansing, data obfuscation or data scrambling, data anonymization is the process of replacing the contents of identifiable fields (such as IP addresses, usernames, Social Security numbers and zip codes) in a database so records cannot be associated with a specific individual, project or company. Unlike the concept of confidentiality, which often means the subjects’ identities are known but will be protected by the person evaluating the data, in anonymization, the evaluator does not know the subjects’ identities.
Thus, the anonymization process allows for the dissemination of detailed data, which permits usage by various entities while providing some level of privacy for sensitive information.
Data anonymization techniques
There are a number of data anonymization techniques that can be used, including data encryption, substitution, shuffling, number and date variance, and nulling out specific fields or data sets.
Data encryption is an anonymization technique that replaces sensitive data with encrypted data. The process provides effective data confidentiality, but also transforms data into an unreadable format. For example, once data encryption is applied to the fields containing usernames, “JohnDoe” may become “@Gek1ds%#$”. Data encryption is suitable from an anonymization perspective, but it’s often not as suitable for practical use. Other business requirements such as data input validation or application testing may require a specific data type — such as numbers, cost, dates or salary — and when the encrypted data is put to use, it may appear to be the wrong data type to the system trying to use it.
Read more at TechTarget’s SearchSecurity
