In my last blog entry I linked to an excellent writeup on how to do log analysis on the cheap using Kiwi Syslog Daemon. One thing I wanted to know is if Kiwi could be set up to listen on an interface that doesn’t have an IP address and is just listening in promiscuous mode. So I sent the folks at Kiwi an email asking. They got back to me within an hour or so! That’s great customer service, especially from a company who’s supporting a freeware product. The full text of their reply is in the extended entry. By the way, so far, the answer to my question was ‘no’.
Continue Reading »
Sunday night my wife and I went out to a local community center and saw an artist I’ve liked for quite a while, Sophie B. Hawkins. After the show Ms. Hawkins had a meet and greet and was signing copies of her newest CD, Wilderness. It was a great concert at a small venue and overall it was a really good experience.
Forward to last night: I finally got the chance to put the CD I had purchase into my laptop and play it. Or rather try and play it. The laptop in question is off the network for various reasons and I generally just use it to play CD’s through a stereo (old laptop, really old stereo). When I placed the CD in the laptop, it immediately started trying to access the Internet. I thought that was odd and opened up Windows Explorer to look at the disk. Normally there would be a number of .cda files that are the actuall songs, but instead there were a host of installation files and subdirectories. I took the CD to my main computer where I could access the Internet. When I tried to play the CD this time, it opened Winamp, which is apparently incompatible with whatever technology is used to protect this CD.
I haven’t played Wilderness on a regular CD player yet, and quite frankly I’m more than a little annoyed that I should have to. This is the second CD I’ve purchase this year that has some sort of DRM that cripples it’s usage on a computer, and I returned the first one. I’d return this one too if I hadn’t purchased it directly from the artist and had her sign it. I’m not trying to pirate a CD, I’m just trying to use it as intended. Heck, I wasn’t even trying to rip the CD to MP3 format, though I’m definitely going to do that now.
If you believe that Digital Rights Management (DRM) technologies are aimed at protecting the artists against having their music shared on the Internet, you haven’t been paying attention for the last several years. More and more, it becomes obvious that DRM is only about limiting when and where the end user can use the product, not for the user’s good, or even the artists good, but for the record companies profit. And I’m not willing to contribute to their bottom line.
I don’t know the exact technology used to protect this CD yet, but I will figure it out. I’m not sure if the DRM protection was put in place with the approval of Sophie B. Hawkins, but quite frankly I probably won’t be buying any more of her music. Which is too bad, since I really liked her up to now. What was advertised as a way of protecting her music has now cost her at least on listener.
Credit card companies can keep data ID theft secret | The Register
Security breach disclosure law faces court test
This really burns me up, especially since it’s happening in my own backyard. In 2003, California put into effect SB1386, a law forcing companies who have suffered loss of credit card information to notify their customers or face stiff penalties. There have always been a number of rather large loopholes in the law, but over all, it was a good first attempt at forcing companies to take responsibility for the security of credit card information in their care, and a number of other states have followed California’s example.
This episode all started earlier this year when it was revealed that CardSystems Solutions suffered a security breach and as many as 20 million credit card numbers may have been exposed to hackers, and as many as 260,000 records were taken. CardSystems does not directly do credit card business, but is a data processor and takes care of payment data for other companies. They had kept a copy of the data they were processing for other companies for use in thier own testing, which is a direct violation of Visa and MasterCard policy. It was this copy of the database that hackers were able to get access to.
Shortly after the breach was revealed, a class action suit was filed against Visa and MasterCard seeking damages. The credit card companies responded that they are not responsible for notifying costomers or paying damage, since they are not the merchant, just the bank issuing the credit cards. And as much as it pains me to say it, their probably correct. At least for now, the law is on their side, but hopefully that will change in the future.
CardSystems Solutions is the real culprit here, they only reason they aren’t the primary target of the suit is because they don’t have deep enough pockets. They knowingly broke the policies set forth by Visa and Mastercard, and now a lot of people are going to pay for it. The only good thing I see coming out of this is that Visa has cut all ties with CardSystems, which is probably the death knell for the company. Would you want to business with a company that has proven it can’t protect itself and the resources it’s designed to protect? Not me.