September, 2008

Last week, the Swedish government made vital changes to the law they approved this summer.

According to Digi.no (sorry, only Norwegian), the Swedish government has changed the law, and there is no longer legal to do surveillance without consent.

In July, I covered the story when the Swedish approved the new law, allowing their police and surveillance teams to tap into ANY and ALL internet traffic that came through their country - no matter if there where any suspicions or not at hand. This meant that everyone suddenly became victims, and no-one would be able stay off their radar - innocent or not.

This time, the Swedish government where forced to redo the law. They had to add a quality control mechanism, something that has been a very well accepted rule in the western world for centuries - that any surveillance must be following (not followed by) a suspicion. Thus following the principle - innocent until proved guilty.

In the past (mainly since 9/11/2001), we have seen dramatic changes in how this principle is followed. Privacy is lessened by the day. Surveillance increases - with or without our consent. Our legal rights are set aside by the governments increased lack of control. And our politicians constantly fail to understand how technology changes the world - no, not slowly, but at speeds that keeps spinning the world around so fast that no-one are really able to grasp even the smallest of implications.

Today, laws tends to come around way too late to tackle the initial challenge. And instead of allowing the technology be an enabler, they tend to force into action regulations that are no longer relevant, to challenges no longer available.

I applaud the Swedish government for extremely quick action when they discovered their error. This kind of reaction is exactly what is required to stay up to date for any government. Don't just sit around, poking your stick in the ground, waiting for someone to decide for you.

Governments challenge is to turn their reactive regulations into proactive delegations. By using laws as enablers, as opposed to regulators as they are today, governments will be able to change the way we do business, and the way we use technology. And the way we interact.

Just a quick report from the day in the court.

I was told in advance to reserve two full days for this session in court, just in case it would last longer than the expected one day. So I had dug deep into my well of patience (yes, I do have one...somewhere) and calmed myself enough to sustain two full days of doing nothing.

After a brief intro by the professional judge, we entered the court. And everyone where standing. I kinda liked that. We sat down, and the case started.

Pretty soon it became obvious that we would not be spending much time in court today, and after one hour all the required questions and procedures where over. The prisoner pleaded guilty as charged, and voila, we where done.

I bet that the next time I am a judge, it will take the full two days, and then some. But at least, I am happy that my first introduction to the court of law was this easy to handle!

I am scavenging the net these days, and seem to find quite some fascinating sources of information.

Today, I present to you the DocDroppers.  At first glance, you realize the warp back to the late 1990s, Matrix and a totally different area of IT-security. And it is tempting to just move on.

I cannot explain where my curiosity came from, but I started to read. The language they use is even worse than mine, but I do get the feeling the authors are native speakers, unlike me.

To me, the whole site resembles a lost and forgotten Script Kiddies project, but digging deeper it turns out to be a live project. When they are not spending time cleaning up spam, their current project seems to be a documentary on how to write key loggers.

Except from the layout, I find the DocDroppers to have valid and interesting information. In their own words:

docdroppers, hacking, security

Today, I will be learning a new trade. Or at least I will take part in a new trade. I will be a local judge. No, not the Miss Local Salmon or whatever they call it. A real judge in a real court.

As the court of law is a part of security in the society, I am looking forward to this opportunity. I do realize that it is miles away from how I usually spend my time.

Anyway, enjoy your day in the sunshine, while I will try not to fall asleep in the dark halls of Justice!

law

Just love this cartoon :)

cartoon, security

Carl Jongsma, Computerworld Australia gives some valuable input to how business should consider web-based e-mail.

Using the Palin e-mail hack as an example, Carl discusses how companies can learn from this and similar attacks.

palin, e-mail, security

Mental note to self: Take a closer and deeper look at Atlas, a monitor of IT-related threats.

Avenue Z is a blog that covers "the trials and tribulations of a new freelance copywriter". Not my usual cup of tea. But, being freelance usually means doing business, and doing business usually means making mistakes. No surprise there.

The errors made by Beth Z at Avenue Z may not seem to grave, nor to relevant at first glance.

But failing to set targets for sales and income very soon mean you are loosing out on opportunities, and reducing profit. And failing to sell to existing contacts usually means you both miss out good business, and also that you spend more time and gain less business (I know of no industry where the cost of getting new clients is lower than getting more business from existing clients).

A document by CERT that gives home users an overview of the security risks and countermeasures.

IMO, most of the content is also relevant to SOHO (Small Office/Home Office) environments.

security, soho, CERT

Identity theft and fraud related to ID-theft becomes increasingly popular with online tools gathering momentum and popularity. There are many resources out there that can help, but some stands out of the crowd.

What I like with this site is that they have a high volume of relevant articles. And they are easy to read, easy to understand - even for someone not very familiar with the ID-theft challenge. And I like that. There are too many sites wasting time and focus by forgetting who is reading.

If you are looking for ID-theft prevention, or even ID-theft protection, you will find many articles and information to help you. You can also register for free, and access a discussion board, and it seems to be a living, breathing community discussing and helping each others.

At least I know where I will be headed next time I am looking into ID-theft resources.

Edit: I live in Europe, thus some of the tips and resources on this website is not directly relevant to myself. But. Most of the general tips and information is relevant to me, and people no matter where they reside. I also find the tips related to business’ to be of great value, as it seems to be hard work to get some companies to realize their responsibilities when it comes to protect their employee data.

ID-theft