There’s a Secret Patriot Act, Senator Says | Danger Room | Wired.com

How will this effect our ability to work and interact with the US. More and more organisations in the UK and Europe are concerned about their data and in the drive for the cloud, organisations are holding back on both adoption and storage because they can’t control where their data resides.

Detailed as it is, our ability to function and maintain an operational structure is becoming even more difficult due to controls and restraints.

There’s a Secret Patriot Act, Senator Says | Danger Room | Wired.com

Cyber War - The risk to Government & Business

Cyberwar hype is inhibiting government attempts to develop an appropriate response to cybersecurity threats, say computer scientists.

A heavyweight study by UK computer scientists for the Organisation for Economic Cooperation and Development (OECD) concludes that it is "highly unlikely" there will ever be a "pure cyber war”, comparable with recent conflicts in Afghanistan or the Balkans. Suggestions to the contrary are down to "heavy lobbying" by suppliers, the report's authors – Professor Peter Sommer of the London School of Economics and Dr Ian Brown of the Oxford Internet Institute, University of Oxford – conclude.

It is unlikely that there will ever be a true cyberwar. The reasons are: many critical computer systems are protected against known exploits and malware so that designers of new cyberweapons have to identify new weaknesses and exploits; the effects of cyberattacks are difficult to predict – on the one hand they may be less powerful than hoped but may also have more extensive outcomes arising from the interconnectedness of systems, resulting in unwanted damage to perpetrators and their allies. More importantly, there is no strategic reason why any aggressor would limit themselves to only one class of weaponry.
Instead of a standalone war in cyberspace, it is far more likely that cyber-conflicts will take place alongside conventional attacks by nation states and propaganda offensives. Cyber-spying is a real enough threat but it isn't helpful to conflate this threat with cyberwar – cyberespionage is not a “few keystrokes away from cyberwar”, the authors argue.

The study, aimed at global businesses and policymakers, concludes that hype over cyber-war (or information warfare) is clouding judgements and responses to real threats, such as denial of service attacks against critical infrastructure elements, perhaps along the lines of high-profile denial of service attacks against Estonia back in 2007.

Part of the problem in assessing cybersecurity responses comes from treating an easily ignoring phishing email as equivalent to a targeted, disruptive cyber-attack.

“We don’t help ourselves using ‘cyberwar’ to describe espionage or hacktivist blockading or defacing of websites, as recently seen in reaction to WikiLeaks” said Professor Sommer, visiting professor at LSE.

“Nor is it helpful to group trivially avoidable incidents like routine viruses and frauds with determined attempts to disrupt critical national infrastructure.”

The authors list "careful system design" and user education as well as the use of security products to mitigate risks. Applying contingency plans for disaster recovery is a more sensible course than treating cybersecurity as a war between miscreants and system defenders, they explain.

“We think that a largely military approach to cybersecurity is a mistake," Dr Brown said. "Most targets in the critical national infrastructure of communications, energy, finance, food, government, health, transport, and water are in the private sector. Because it is often difficult to be certain who is attacking you from cyberspace, defence by deterrence does not work.”

The military do have a role in cybersecurity, but that comes in protecting their own systems as well as developing potential offensive capabilities rather than taking the lead on cybersecurity, say the computer scientists.

Future shock
The study is part of a broader OECD review of Future Global Shocks that also covers possible disruption of the world financial system, climate change and possible future pandemics.

Very few single cyber-related events have the potential to cause global disruption, Sommer and Brown conclude. However, cyberattacks that cause "localised misery" – due to loss of telecoms service, for example – are a growing threat.

In addition, the report says, reliable net comms are important in co-ordinating response to other events. Governments therefore need to prepare contingencies to recover from either accidental or deliberate collapse of net services and telecoms.

Crucially governments need to work with public sector organisations because in most countries the elements of critical national infrastructure are in private ownership.

Possible cyber-threats might include attacks against internet routing protocols (such as BGP) and communication disruption as a result of a massive solar flare. These two problems might cause disruption on a global scale, whereas computer viruses or denial of service attacks are only likely to cause a little local difficulty. More disruptive attacks on a wider scale would need to combine "zero-day exploits; careful research of the intended targets; and methods of concealment both of the attack method and the perpetrators", among other factors.

The recent Stuxnet worm, targeted malware which infected industrial control systems and is blamed for high failure rates in high-speed uranium enrichment centrifuges in Iran – disrupting the country's controversial nuclear programme as a result – is one of the few attacks to date that combine these elements.

Every citizen to have personal webpage

Everyone in the country is to be given a personalised webpage for accessing Government services within a year as part of a plan to save billions of pounds by putting all public services online, Gordon Brown is to announce.

The Prime Minister has previously hailed the potential for the internet to slash the costs of delivering services by reducing paper forms, face-to-face contact with officials, postage, phone calls and building costs.

He is now set to use a speech on Monday to unveil plans to give every voter a unique identifier allowing them to apply for school places, book GP appointments, claim benefits, get a new passport, pay council tax or register a car.

Within another three years, the Times reported, the secure site would include a Facebook-style interactive service allowing people to ask medical advice of their doctor or consult their children's teachers.

The move could see the closure of job centres and physical offices dealing with tax, vehicle licensing, passports and housing benefit within 10 years as services were offered through a single digital ''gateway'', Downing Street sources told the newspaper.

Private firms such as Amazon could be involved in a bid to make the processes as simple as possible, it said.

But the proposals came under fire from union leaders who complained that thousands of public sector workers would be made jobless and pointed to the Government's poor record of handling personal data.

Questions have also been raised about the impact on some older people unable to use the internet.

Mark Serwotka, general secretary of the Public and Commercial Services Union, said: ''Cutting public services is not only bad for the public who use services but also the economy as we are pushing people who provide valuable services on the dole.''

Among the Prime Minister's advisers on the drive to put services online is world wide web inventor Sir Tim Berners-Lee.

''I don't want to go to a government office to do a government thing. It should all be online. That saves time for people and it saves money for the Government - the processing of a piece of paper and mailing it back costs many times more than it costs to process something electronically,'' he told the newspaper.

''There will come a point where you don't need all the physical offices anymore.''

The Tories are also exploring ways to switch services to the web.

 

Microsoft OneNote 2010 Release Date

I have been using OneNote 2010 now for coming 6 months. As a tablet notebook user, I rely heavily on the OneNote Suite and its integration with Outlook to manage all my meeting notes and client interactions.
I have recently started to introduce the platform to the medical profession and have found a very welcoming response. Aside from carrying loads of note journals, Doctors, Interns and students find managing client notes, records, journal entries and the like a complete pain. With OneNote and now OneNote Mobile, the medical profession can carry a single electronic device such as an ultra-portable tablet, PDA and Smartphone and manage all their notes from a single platform. The integration with Outlook extends the productivity element out to an extensive user base.
Non OneNote users can benefit from reading OneNote in HTML format. Alough they can read the output, they cannot add or edit any of the content. File recording and embedded video make the OneNote Platform a must have for every person who takes and shares notes.

‘Why enter notes twice and share, when you can utilise OneNote, enter once, e mail, share with SharePoint, edit, embed video and voice and index for Enterprise Search from a single platform’
“Why word hard when you can work Smarter with Microsoft OneNote”

Lost Council USB Key

A USB stick that contained social services' confidential information about children in care has been found on a pavement in Stoke-on-Trent.

The Staffordshire newspaper The Sentinel reported that dozens of sensitive Stoke-on-Trent City Council documents were discovered on the memory stick, and includes records of foster cares, family court proceedings, parenting assessments, child custody arrangements and the psychological history of youngsters.

It reported that the information on the memory stick was not encrypted, which is against the council's own policy. Council officials have launched an urgent investigation into how the security breach happened.

A council spokesman said: "The safety of children in our care is our priority. We have procedures for ensuring that confidential and sensitive data is kept as secure as possible. We will conduct a thorough investigation to determine the circumstances in which the data was lost.”

A spokesman at the Information Commissioner's Office said: “We may serve an enforcement notice if an organisation has failed to comply with any of the data protection principles. We have statutory power to impose a financial penalty if there has been a serious breach of data protection.”

Nick Lowe, head of Western Europe sales at Check Point, said: “The data was not encrypted, which is against the council's own data protection policies. This highlights the fact that policies alone are not enough to protect sensitive data: the encryption has to be automated and 'always on' to stop these breaches happening and avoid penalties from the ICO.”

Dave Jevans, CEO of Ironkey, said: “This is a clear breach of UK data privacy regulations. It seems that local councils and government offices need much better training and enforcement in the areas of data protection and encryption. The use of self-encrypting secure storage devices, such as encrypted USB memory sticks, should be required and enforced.”

Thanks to the close relationship between BSS and Ironkey, several Northern Ireland Councils and all of the Central Departments have implemented the Ironkey Enterprise Solution. Developed with Military Grade Encryption, The Enterprise Ironkey delivers not only a robust, secure, efficient storage platform but also a low cost, efficient ‘Secure Remote Access Platform’ for Government, Health and Education establishments alike.

‘Watch this space’

Microsoft adds Facebook to Outlook 2010

Social networking services will all be integrated into Outlook through its Connector system

Outlook 2010 will be able to pull in feeds and contacts from Facebook, LinkedIn and MySpace using its Social Connector.

The Outlook Social Connector (OSC), announced at the end of last year, brings in content such as contacts and social networking into Microsoft's e-mail client.

Microsoft said the LinkedIn beta was now available, and announced new deals that would see Facebook and MySpace follow suit. Microsoft's own Windows Live will also integrate with Outlook.

LinkedIn for Outlook lets users view details and photos of contacts from the site right in the e-mail system, as well as pull in updates from the social networking site to keep contacts up to date.

The Facebook and MySpace systems will pull status updates and photos into Outlook, and let users add friends without leaving their e-mail.

Microsoft said those connectors will be available "later this year" before the expected June arrival of Office 2010.

"The goal of the OSC is not to create another social network or set of privacy settings for you to manage, but rather to bring the networks you already value and use to the Outlook experience," Microsoft said in a blog post.

Privacy
With privacy a concern for many social networking users, Microsoft was quick to address the issue.

The post on the Outlook blog said that "privacy and permissions settings on each of the networks you use are represented and respected within this experience".

That means that your profile photo from Facebook will accompany your e-mail to other OSC users who also use that site - something to keep in mind before posting a goofy picture of yourself.

"Similarly, if you choose to restrict profile access on a given network, the OSC will respect that privacy," it added.

The LinkedIn for Outlook system only works with 32-bit editions of the e-mail client, and Microsoft advised Outlook beta users to uninstall previous versions of OSC before installing the new one

Windows 8 - We have just got the hold of 7

Well on the same day as PDC 2009, since we won't hear anything about Windows 8, I took it upon myself to see what I could find. It look like there is a few more announcements to partners where Windows 8 Server is concerned. In the context of the roadmap anyhow. The information crew are all saying the same thing. Windows 8 is being releasid around the 2012. Funny enough that's the same same time as all this end of the world nonence.