fm984.net

“We have no reason to believe any identity theft or fraudulent financial activity resulted from this situation,” the FAQ says. “You still might want to get a free credit report and file a fraud alert with the credit bureaus. When you get your credit report, look for any accounts you didn’t open and/or inquiries from creditors that you didn’t initiate.”

The data includes customer names, Social Security numbers, addresses, e-mail addresses, telephone numbers, and income and employment information, but not credit card information, LendingTree said in an e-mail to customers and on a frequently-asked-questions page on its Web site.

LendingTree could also face lawsuits from its customers, as well as sanctions from the U.S. Federal Trade Commission, particularly given the potential for identity theft, according to Brian Cleary, vice president of marketing at Aveksa, an enterprise security governance software company.

The outside lenders are believed to have accessed LendingTree customer loan request forms between October 2006 and early 2008. The lenders then tried to market loans to the customers, LendingTree says.

The e-mail to customers also advises that they have the right to obtain a police report and may also request a security freeze on their credit report file.

As a result of the breach, LendingTree has sued three California lenders: Newport Lending Group and Sage Credit Company, both of Irvine, and Home Loan Consultants of Newport Beach. None of the firms immediately returned calls seeking comment.

LendingTree on Monday told customers that their sensitive information was leaked in a security breach and that it has sued three lending companies as a result.

(Credit:
LendingTree)

Several former employees of LendingTree are believed to have taken company passwords and given them to a handful of lenders who then accessed LendingTree customer data files, the company said.

LendingTree’s internal security uncovered the security breach and the company quickly reported it to authorities and made several security system changes. A LendingTree spokeswoman declined to say exactly when the breach occurred, when it was discovered, or how many customers were affected.

“Organizations have an obligation to protect sensitive customer information like this,” Cleary said. More than half of the data breaches these days are due to insiders leaking the information, he added.

ARM lists other devices like the Nokia N95, the BlackBerry 8700g, and the Motorola Q. All powered by ARM silicon.

(Credit:
ARM)

But ARM processors have been powering small, low-power devices since 1985. There was the Psion series of handhelds, the Apple Newton, Nintendo DS, and, today, products like the
Microsoft Zune. All used or use ARM architecture chips.

And ARM is not exaggerating. If anything ARM is understating the case. As one of the most understated chip architectures today, few consumers know the name. And almost no one listening to their Zune or
iPod or talking on their Nokia phone knows that there is ARM silicon inside. But consumers can hardly miss the flashy Intel, AMD, ATI, or Nvidia branding on their PCs.

1999 Psion Revo Plus PDA looks a lot like MIDs today.

The Apple iPhone is full of ARM silicon and technically a MID

(Credit:
Miha Ulanov)

The
iPhone is a mobile Internet device. Just in case you forgot, ARM wants to remind you that before the Intel Atom processor there was the iPhone and its handful of ARM processors. Yeah, it’s a MID too.

Listening to Intel, a casual observer might believe that the world’s largest chipmaker is single-handedly creating the class of tiny devices called mobile Internet devices or MIDs.

The Web page continues: “ARM licenses the intellectual property that powers MIDs. This includes all the technology required by the chips at the heart of these devices: the microprocessor, digital signal processing, embedded memory, graphics acceleration, (and) fabric interconnect.”

And this conspicuous PC-style branding strategy will carry over to Intel MIDs and Netbooks too. Lest consumers forget, maybe ARM should do a little more in-your-face branding.

On a Web page titled Mobile Internet Devices, ARM now posts this marketing message: “It is clear that the future of mobile computing rests in devices that are truly mobile, always connected and providing a rich Internet browsing experience–ARM calls these devices Mobile Internet Devices (MID).” Intel does too.

(Credit:
Ubisoft)

(Credit:
Ubisoft)

The fighting system has completely changed, as well. Not only will you be fighting one enemy at a time, but the battle will now be a long, almost cinematic experience. Elika will also be there to lend a helping hand–which, from what we’ve seen, looks like a very interesting addition to the gameplay experience.

Elika replaces the “time-control” effect the Prince games had in the past. She’ll now be the one bailing you out of missed jumps and confusing puzzles. Her built-in compass will also give you an idea of which direction to head next, even though this new Prince of Persia is not as linear as previous titles in the franchise.

Prince of Persia will be available for the
Xbox 360,
PlayStation 3, and PC this fall. You can check out a sneak-peek trailer of the game from E3 here.

First off, you can forget most of what you already know about the Prince of Persia series. It was made very clear to us that this new Prince game is a huge departure from what we’re used to. Most apparent is the brand new art style in the game. We don’t want to call it cel-shaded, but it definitely borrows a few components from that technique. Up close, the details on the Prince and Elika are astonishing, as are those in the enormous environments you’ll be playing inside.

The goal in Prince of Persia is to help Elika revitalize the now-barren world of the game. The land is very gray and bleak, but when a guardian enemy is defeated, the rich and colorful landscape comes back to fruition. This immediately reminded us of the storylines in games like Okami and Zelda: The Twilight Princess.

We got a chance to sit down with the new Prince of Persia game from Ubisoft Montreal last night at the company’s New York showcase. And now we have a much better idea of what we can expect this time around, including the story of the game and the role our new female companion Elika will play.

(Credit:
TippingPoint)

Since it was the third day of the contest, which saw a MacBook Air get hacked on Thursday, the TippingPoint Zero Day Initiative relaxed the rules even further. On the first day of the contest, only the operating system could be targeted, but on the second day that was expanded to include standard applications. An undisclosed
Safari flaw led to the MacBook Air’s downfall.

It held out as long as possible, but a Windows Vista laptop fell to a determined bunch of hackers Friday evening at the Pwn to Own contest at CanSecWest.

A Sony Vaio laptop running Ubuntu remained unscathed at the end of the conference.

Shane Macaulay, Derek Callaway and Alexander Sotirov, were able to gain control of the laptop, which also means they get to keep it. However, since the rules had been relaxed, they only get $5,000; the MacBook Air winners collected $10,000.

TippingPoint’s Aaron Portnoy, with Shane Macauley and Alexander Sotirov (left to right) take control of a Windows Vista laptop.

The contest rules stipulated that any winner sign a nondisclosure agreement immediately after a successful hack, so that the nature of the flaw could be disclosed to the vendor. Once Adobe and Apple patch their flaws, the nature of the flaw will be disclosed.

But on Friday, hackers could target any “popular” piece of application software that you might find on a system. The Fujitsu laptop, running Vista Ultimate, was compromised by a previously undiscovered flaw in Adobe’s Flash software.

Click here for full coverage of the Intel Developer Forum.

The SL9400 and SL9300 processors have a thermal envelope of 17 watts, about one half the power envelope of mainstream Intel mobile processors rated at 35 watts. The SL9400 runs at 1.86GHz and is priced at $316. The SL9300 is clocked at 1.6GHz and priced at $284. Both chips have 6MB of cache memory.

The chipmaker also listed its first mobile quad-core processor, the QX9300, which runs at 2.53GHz and comes with 12MB of level-2 cache. The processor is priced at $1,038.

The ThinkPad X301 uses a new ultralow voltage processor from Intel.

The 45-nanometer low-power processors will go into ultra-portable notebooks like the new ThinkPad X301 announced this week, and HP 2530p also rolled out on Monday. The next version of the MacBook Air is also rumored to be using one of these chips.

Further down the power scale, the SU9400 and SU9300 are rated at only 10 watts and have clock speeds of 1.4GHz and 1.2GHz, respectively. The SU9400 is set at $289, while the SU9300 goes for $262. Both have 3MB of cache memory.

(Credit:
CNET Networks)

Intel has listed new low-power processors for upcoming ultra-portables from Hewlett-Packard, Dell, and Lenovo, among others.

Intel also announced new mobile Celeron models. The mobile Celeron 585 has a core clock speed of 2.66GHz and is priced at $107. The 575 model runs at 2GHz and sells for $86.

Most Twitterers didn’t seem to believe the contents of the conference, probably because there were enough gray areas in the press conference to paint the walls of my office a nice foggy hue. Biscardi denied that he’d participated in a money-scheming Bigfoot hoax in 2005, saying that he’d been duped by a deranged woman who claimed she had two “Bigfeet” in captivity; he claimed he refunded those who’d charged to see a Webcast of the creatures when he realized it was fake. And Whitton shrugged off a series of goofy YouTube videos, most of them now pulled from the video-sharing site, in which he and Dyer reportedly claimed the Bigfoot was a fake and featured Whitton’s brother dressed up as a scientist analyzing it.

“I didn’t believe in Bigfoot at the time,” Whitton said.

“R.I.P. Harry. The Hendersons will miss you,” one Twitter user said jokingly in reference to the ’80s comedy Harry and the Hendersons, about a family that adopts a Bigfoot. Others were more skeptical, given the dubious nature of the photos. “That Bigfoot in the box looks so totally fakey, like a bad Halloween costume,” another Twitter user said.

People have been Googling it, too. The search query “Bigfoot press conference” hit the top three on Google Trends.

“We just decided to have a little fun with it,” Whitton said. When asked why he didn’t call authorities when they claimed to have found the body in early June, he answered, “I didn’t see any need to at the time. It seemed like it would create a frenzy.”

On the Web it was equally chaotic. Twitter users went nuts, with Twitter Search (formerly Summize) bringing up dozens of posts per minute from users who were watching the press conference online or expressing their opinions within the site’s 140-character limit. Third-party analytics site Twitscoop showed a barrage of Twitters that included the word “Bigfoot,” and determined the word to be the hottest term on the microblogging site at the time.

And if Twitter is to be believed, the Internet still doesn’t.

It’s the ultimate summer Friday news story: CNN Webcasting a press conference hosted by the men who claim they nabbed a dead body of the legendary creature known as Bigfoot.

Bigfoot hunter Tom Biscardi held the press conference in Palo Alto, Calif., in conjunction with Matthew Whitton and Rick Dyer, the two men from Georgia who claim that they found the corpse while hiking. Biscardi wouldn’t actually show the body, saying that he had invited Fox News reporter Megan Kelly to show it on-air and that a number of scientists would be performing an autopsy on Monday.

But most of the Twitter observers tuned into the press conference seemed to take the whole thing as entertainment. “I’m actually fearful to enter these Bigfoot infested woods in Georgia!” one exclaimed. “He’s a Bigfoot dressed up as a Bigfoot, playing another Bigfoot,” one wrote in a nod to a line spoken by Robert Downey Jr. in the just-released satire flick Tropic Thunder.

That didn’t do too much to appease the skeptical audience of the press conference, who were on the verge of heckling.

Plus, the Associated Press reported that Whitton and Dyer’s story had changed, and in the press conference Whitton claimed that he and Dyer hadn’t actually been veteran Bigfoot hunters as reported earlier. When they found the creature, they considered the idea of doing guided tours of Bigfoot country, but that was as far as they said they went.

“I want to protect the species,” Whitton continued. “Everyone would be up there hunting for Bigfoot and disturbing the habitat.”

“Starting Monday I should have assembled some fine scientists that will do the autopsy to find the origin and death of this creature, and at that point in time we will make it known and hopefully we’ll get somebody to come in and film it,” Biscardi said to listeners, “to show it to the world as it’s being done. I want to get to the bottom of it.”

commentary

Open Season Episode 12 was a very special session for us, as we got Fake Steve Jobs (aka “Dan Lyons”) to join in. We spent a fair amount of time talking with Dan about his position on open source and why he gets so much flak for his coverage of the open-source community. Dan is hilarious and often insightful. It was a pleasure to have him on the podcast.

One of our best. Have a listen. (Also, the link provides my coconut cream pie recipe, which is definitely worth having.)

Under the threat of criminal prosecution, I must hide all aspects of my involvement in the case–including the mere fact that I received an NSL–from my colleagues, my family and my friends. When I meet with my attorneys I cannot tell my girlfriend where I am going or where I have been. I hide any papers related to the case in a place where she will not look. When clients and friends ask me whether I am the one challenging the constitutionality of the NSL statute, I have no choice but to look them in the eye and lie.

What if Google’s PR people are telling the truth? What if Google really didn’t help the NSA, and that the spooks are collecting millions of search records via wiretaps placed on the Internet backbone?

If this poor gentleman had to lie to his girlfriend and family, it’s
possible that Google, if it did receive a FBI National Security
Letter, might be placed in a similar position.

Careful wording
My original question to Google was, “Is Google sharing ‘huge volumes’ of
search records with the government?” I never asked about the NSA’s
Terrorist Surveillance Program specifically.

Google has now taken the interesting step to become the first major Internet company to deny helping the NSA. In an on-the-record e-mail with a company spokesperson on Friday, I was told that:

For those of you who care more about your privacy than cute YouTube videos, I highly recommend the Tor anonymous web proxy, as well as the Customize Google Firefox browser extension.

However, the biggest problem is search. Google offers no way for its customers to search the Internet without an evil ISP (such as AT&T) from snooping in on the traffic. Google could very easily enable SSL search sessions, but has not taken any steps to do so.

Continued concerns

In any case, on January 17, 2007, Attorney General Alberto Gonzales announced that the Terrorist Surveillance Program would not be reauthorized by the president, but would be subjected to quasi-judicial oversight. So the Terrorist Surveillance Program, at least by that name, no longer exists, and Google could be actively handing over millions of e-mails, while the statement made by its PR people would be completely true.

The owner of an ISP who received one of these secret orders explained the significant restrictions placed upon him in a letter to The Washington Post back in 2007.

Is that enough to reassure you?

Google is now the first of the major search engines and e-mail providers to make a firm statement on the issue of the National Security Agency’s wholesale surveillance of Internet content.

If Google was obligated to give up search/e-mail records, it is likely
that this request would be made via a Patriot Act authorized National Security Letter. A recent Journalarticle confirmed as much, stating that
the information gained from National Security letters ended up in the
gigantic NSA databases. But recipients of those letters may not be
allowed to tell anyone about it, and may in fact be forced to lie.

As Salon’s Glenn Greenwald has explained, the Bush administration has been very careful with its use of the term “Terrorist Surveillance Program.” Many snooping activities, some of which were clearly illegal, do not come under this definition. Simply put, Google could have handed over a copy of every search request and every e-mail sent by a Gmail user to the U.S. government and it would still be able to quite correctly deny participating in the Terrorist Surveillance Program.

“Google was not part of the NSA’s Terrorist Surveillance Program.”

The Wall Street Journal recently revealed the true extent of the NSA’s surveillance system:

It’s worth pointing out that Google has stood up to the feds when they
demanded search records a couple years back–but this was the DOJ, not
the NSA.

“According to current and former intelligence
officials, the spy agency now monitors huge volumes of records of
domestic e-mails and Internet searches.”

I spent a few minutes browsing through the channel, but couldn’t find any specific advice on protecting myself from illegal wiretaps and government surveillance. YouTube seems to be a great place to find videos of skateboarding dogs, but not such a great source of privacy tips.

When asked about the webmail security problem, and which steps customers should take to protect their search traffic from snooping Internet service providers, Google’s spokesperson directed me to the company’s much ridiculed YouTube Privacy channel.

This builds on what we learned the previous week, when The Washington Post revealed that the primary motivation for the White House’s wiretapping immunity demands is to protect those firms that assisted with illegal, mass-scale surveillance of e-mail traffic.

Google has stated it didn’t help the NSA search your e-mails. More
specifically the company denies participating in the NSA’s Terrorist
Surveillance Program. But the company’s carefully worded denial might not be enough to reassure savvy readers.

The problem remains that Google is not doing a single thing to protect its customers from this kind of large-scale surveillance. While the company supports SSL-encrypted Webmail sessions, it does little to advertise it, and has taken no steps to turn it on by default.

For more about what to expect at the San Francisco show, read my colleague Robert Vamosi’s preview.

In addition, the company has a new IBM Unstructured Data Security Solution to classify and secure unstructured data in all types of formats.

The company is set to outline at RSA 2008 on Tuesday a new research initiative designed to protect against new security vulnerabilities that arise when a corporation moves from a physical computing environment to a virtualized environment in which hardware is simulated and software is run on virtual machines.

And if that’s not enough wordy product titles for you, the company also has a new IBM Tivoli Access Manager for e-business which offers a single view of user access to a variety of Web-based applications.

Virtual computing environments still need real security, and IBM says it has the answer: “Phantom.”

At the core of Phantom is network and host intrusion protection software that sits in a secure, isolated partition and will, in essence, lock down the hypervisor, or virtual machine monitor.

A new IBM Tivoli Security Information and Event Manager lets customers automate security management for the data center and manage policy compliance by monitoring user activity and server logs.

IBM also will unveiled details of IBM Tivoli Key Lifecycle Manager, which automates the management of encryption keys so that encrypted data on storage devices is safe if the device is lost of stolen.

(Credit:
IBM)

The 32-megajoule weapon appears to be the largest rail gun ever built, according to defense contractor BAE Systems. A joule is what’s needed to produce one watt of energy for one second.

In addition to developing new onboard capacitors or pulsed alternators to power the weapon, the Navy must come up with new materials to secure the gun, firing it can dislodge the conducting rails–or even rip the gun barrel apart, according to some reports. The Navy, which has already tested smaller versions, as seen in the video, wants a rail gun onboard a ship as early as 2020.

It uses a magnetic “rail” instead of a chemical propellant like gunpowder to heave projectiles at Mach 7 for what could be up to 220 miles down range–that’s 10 times farther than what contemporary naval guns. The projectile hits at Mach 5, destroying the target with kinetic energy instead of conventional explosives.

Ship building and design are expected to benefit should the new gun prove feasible, mainly because new vessels won’t be forced to haul tons of explosives. But while the rail gun uses no gunpowder, it can hardly be called energy efficient. A planned 64-megajoule system would suck around 6 million amps.

(Credit:
U.S. Navy)

The U.S. Navy is installing an electro-magnetic laboratory rail gun at its Surface Warfare Center in Dahlgren, Va., bringing it one step closer to developing a ship-mounted version of this futuristic cannon.