Jeff's LiveJournal

I've been delaying the posting of this blog entry, but since there haven't been any new developments I thought I should finally post it...

iGive.com is a website that allows people to shop at popular e-commerce retailers and have a small percentage of the purchase sent to a charity that you nominate. In theory it's a nice idea, however I've noticed a few problems with their implementation, particularly in regard to the security and confidentiality of the personal information of members that sign up. distributed.net has been using iGive since 1997, though my opinion of them has been lowered as a result of this (and other actions that are not covered here).

iGive elected to belong to the TRUSTe "web privacy seal" program, which has the goal of providing some assurance to internet users that their privacy can be safely entrusted to a website. Most of TRUSTe's assurance comes from requiring websites to pay a certification fee and have a privacy policy that complies with TRUSTe requirements, but they don't actually seem to do their own auditing unless someone makes a complaint. There are other critics that claim that TRUSTe does not take a proactive role in monitoring or punishing organizations.

( Read more )

TRUSTe recently made a blog post warning that "encoding an ID# in the URL or relying on another mechanism that can be changed by the user risks exposing data". I don't know if iGive qualifies as a "major consumer web site ... [that exposes] passports", but I'm sure they were at least attempting to aggregate the lessons from iGive's problems in that post.

Just happened to see this old news article mentioned on Bruce Schneier's blog... Photo ID cards for Indian cattle:

"Thousands of villagers in the state's Murshidabad district bordering Bangladesh are queuing up outside photo studios to have their cows photographed for the identity cards.

...

Valid for two years, each laminated cattle ID card displays the picture of the animal and its owner. It also carries vital information about the animal, such as its colour, height, sex and length of horns."

Nice to see some improvement in equality rights for cows! Though I'm sure they'll also suffer from the typical bad license photo syndrome. I still intend to go to Texas DPS and get my photo retaken one of these days. :)

Texas Republican congressman Lamar Smith (of the 21st district of Texas, which includes parts of Austin), introduced a bill, which he dubbed the Safety Act, to the US House of Representatives.

If it goes through, the bill would require ISPs to record all users' surfing activity, IM conversations, and email traffic and would impose fines and a prison term of one year on ISPs which failed to keep full records. As well, owners of sexually explicit websites would be forced to include warning labels on their web pages, or face jail. Finally, a 20-year "jail tariff" would be standard for anyone ordering child pornography that crosses state borders, with a $150,000 fine for the ISP that allowed the transaction to take place.

Source: vnunet.com - Republican calls for email and IM monitoring, ynot.com - Lamar Smith Revives SAFETY Act, Includes New Data Retention Provisions Aimed at ISPs

If you disagree, you can contact him directly and send him your thoughts.

So tonight's project was to install a security lock box in my Jeep Wrangler by replacing the factory-installed center console storage box. Although the original console box was lockable, I never really felt that it would stop anyone that was actually interested in getting into it. In fact, the plastic around the locking latch of the factory console was visibly white from being stressed during normal usage.

I found someone's personal recommendation to this same problem and how he installed a new console so I decided to buy one of the Tuffy Security Console Inserts myself too. Here are some photos of my own installation: