healthbeatradio.net

Technically, American Express and Capital One lead the pack–with 485 and 242 respective incidents per billion dollars in deposits. However, Hoofnagle excluded them from the graph due to the small scale of each company’s banking operation (Amex’s 7 billion in deposits compared with Bank of America’s nearly 760 billion).

(Credit:
With permission from Chris Hoofnagle)

Estimated Annual Incidents Per Billion in Deposits Among Largest US Banks (2006)

Customers of HSBC, Bank of America, and Washington Mutual suffer the highest rates of identity theft in the banking industry, according to an investigative study released Wednesday by a UC Berkeley Law School researcher.

Hoofnagle received detailed information for three randomly chosen months in 2006: January, March, and September. These months included data from 88,560 complaints, with 46,262 names of institutions identified by victims.

The Federal Trade Commission received over 245,000 reports of identity theft in 2006, but does not typically publish the names of the financial firms and companies listed in the reports. Through an extensive Freedom of Information Act request, Chris Hoofnagle, a staff attorney at UC Berkeley’s Boalt School of Law, was able to get detailed records on the individual consumer complaints.

While the FTC incidents that Hoofnagle examined were from 2006, a number of recent reports indicate that HSBC has recently been overwhelmed with a “a wave of banking fraud.” Real numbers to back up these reports will not be available from the FTC for some time.

Hoofnagle’s 16-page study, with detailed numbers and graphs, can be found here.

Finally, while the FTC publishes an annual identity theft report, it is not required to break down its figures and reveal the names of the most frequently victimized banks. While states like California have been able to pass significant pro-consumer data breach legislation, this is one area where states have little power. Incidents of identity theft are primarily reported to the FTC, and not to state attorneys general. To force the FTC to voluntarily publish such data, federal legislation will be required–something that is unlikely to happen.

Outside of the financial services sector, telecom giants AT&T and Sprint suffered from more than 9,100 and 8,300 estimated reported cases of identity theft. As the firms do not publish the numbers of customers they serve, it was impossible for Hoofnagle to break these numbers down further.

Once he crunched the numbers, Hoofnagle discovered that HSBC has the highest rates of reported identity theft in the financial industry during 2006, when adjusted for billions of dollars in deposits. Bank of America and Washington Mutual came in a close second and third. According to Hoofnagle’s stats, HSBC had 21 incidents of identity theft per billion dollars in deposits, Bank of America/MBNA had about 17, while Washington Mutual had 16. Online banking leader ING had the lowest rates in the industry, with just a single reported incident.

The levels of theft described by Hoofnagle’s match up nicely with a 2007 report released by Cambridge University researchers, which revealed that Bank of America and Washington Mutual took the longest time to shut down phishing sites targeting the banks. Sites masquerading as BofA and Wamu typically stayed online for more than 100 hours, compared with less than two days for Chase and PayPal.

Google Calendar Sync lets you sync your Google Calendar with your Microsoft Outlook calendar.

(Credit:
Google)

Google released Google Calendar Sync on Wednesday, which allows you to sync up those two calendars.

Online calendars are great but the problem is you tend to have one at work and a separate personal one. Now you can see events in both calendars at once, at least if you are using Google Calendar and Microsoft Outlook.

The tool gives you control over which direction you want the synchronization to go as well as how often you want it to happen.

There are other Outlook calendar sync tools, but most aren’t free. Jotlet announced two-synchronization with Outlook and its calendar last year. Another interesting one is Calgoo, a Java-based app that syncs online and offline calendars, including Google and Microsoft.

Update 5:25 p.m. PT with other sync tools.

The software was easy to install, and I was able to see the Outlook items in my Google Calendar but not the other way around for some reason. Oh well. Once I get this figured out it sure will be useful.

The software giant launched its unsolicited buyout bid for Yahoo on Feb. 1, valuing the cash-stock deal at $31 a share. Yahoo later rejected the offer as undervaluing the company and only last month ended its “radio silence” and began informal merger talks with Microsoft.

“Microsoft is not buying Yahoo for one quarter’s performance or two. They’re buying it for the strategic advantage they hope to get over the long-term,” said the portfolio manager.

“I’m not dying to sell at $29, which is where the deal is priced at now, or even $31 (the deal value at the time of the initial offer). I’m pretty happy to own Yahoo. And I know that if Microsoft doesn’t get it now, it’ll come back a year from now because it needs Yahoo,” said one portfolio manager, who also owns a sizable stake in Microsoft and who requested anonymity.

Microsoft has refused to consider raising its bid and “bidding against itself,” unless Yahoo engages in formal merger talks. Meanwhile, Yahoo has refused to open its books until it gets some signal that Microsoft would be willing to raise its offer, according to sources.

The thinking goes that if Yahoo hits the high-end of its reconfirmed revenue range and gives a rosy outlook, Microsoft may be willing to increase its bid and do a friendly deal. And if Yahoo comes in at the low-end of the range, the Internet pioneer will need to suck it up and sit at the negotiating table without any beforehand wink or nod from Microsoft that it will raise the bid.

Winning the hearts of investors is key to any successful merger, friendly or not, and in a proxy fight, the game becomes even more crucial. (For full coverage, see “Microsoft’s big bid for Yahoo.”)

Microsoft has threatened to launch a proxy fight and exchange offer, should Yahoo refuse to enter formal merger talks and conclude a deal by this weekend.

And while many Wall Street and Microsoft-Yahoo observers are anticipating that Yahoo’s first-quarter earnings report on Tuesday will be the catalyst to prompt either party to move the deal forward, others are not so sure.

But proxy solicitors and some investors do not believe that the first-quarter results, should they remain in Yahoo’s estimated range, will have a bearing on how Microsoft and Yahoo will react–even if they are on the high or low side of the range.

Without increasing its bid above $31 a share, a Microsoft proxy fight is likely to be a tough sell among at least one-fourth of Yahoo’s institutional investors, say portfolio managers.

In general, if one-third of investors votes are against a deal, it can be very difficult to win approval of a merger. But it is not necessarily impossible, said one proxy solicitor, who requested anonymity. The proxy solicitor also noted that while investors may indicate that they may vote one way, it does not always translate into how they actually vote when the time comes.

That figure does not include the more than 12 percent stake that Yahoo officers and directors held, as of the company’s last proxy filing in April last year. Add that number into the mix and nearly one-third of Yahoo’s shares, at a minimum, would likely oppose a Microsoft effort to unseat Yahoo’s current board of directors via a proxy war.

Mac accessories store AppleOwner.com and a Taiwanese site called apple.pro are both showing off the allegedly leaked shots, which don’t offer much in the way of detail, besides an aluminum chassis with the MacBook name stamped into it. Check out the pics for yourself after the break and let us know if you think they’re legit or fake.

(Credit:
AppleOwner.com) (Credit:
AppleOwner.com) (Credit:
AppleOwner.com) (Credit:
AppleOwner.com)

Are these really leaked pics of a redesigned MacBook, widely expected later this year? Probably not, as Apple has always done an excellent job of keeping its new designs under wraps. But the Interwebs are abuzz with this series of shots that generally fit in with the conventional wisdom–that the MacBook line is getting an aluminum makeover, to look more like the high-end MacBook Pro.

Jerry Seinfeld will appear as a celebrity pitchman as part of a new $300 million ad campaign being developed for Microsoft, The Wall Street Journal reported.

(Credit:
Seinfeld)

The comedian will reportedly get $10 million for the campaign, in which he will appear with Microsoft Chairman Bill Gates in some of the ads. Comedians Will Ferrell and Chris Rock were also considered for the new advertising campaign, the paper said.

The campaign, which is expected to debut September 4, just around the time Apple is expected to roll out new products and ads.

The paper said the ads, being developed by a new agency, Crispin Porter + Bogusky, will use a form of the phrase “Windows, Not Walls,” and will stress connecting people and ideas. It will also focus on changing negative perceptions about Windows Vista.

There doesn’t appear to be just one vulnerability, but several, according to Robert Hansen who first wrote about this Friday. Hansen says the potential for these vulnerabilities, as he understands it, if exploited, could result in great damage. And fixing it will require coordination with vendors of operating systems, firewalls, and Web-enabled devices.

Lee said he doesn’t plan to have a big, public disclosure press conference like Dan Kaminsky did with the DNS flaw this past summer. “We plan to work with vendors to ensure they understand the issues fully and have adequate solutions in place before publicly sharing details on the issues. Since there are multiple issues, we may be able to share information on individual issues as they are individually addressed.”

The TCP stack defines a set of rules by which a computer can communicate over any network. Robert E. Lee, chief security officer for Outpost24, told CNET News, “the vendors we are in talks with seem to be taking the threat seriously.”

Two researchers in Sweden have found multiple flaws in the TCP stack that could lead to massive denial-of-service attacks if exploited. At present there is no workaround and there are no patches available.

“Jack found some anomalies in which machines would stop working in some very specific circumstances while being scanned,” Lee told CNET News. One of the behaviors experienced was packet loss where the packets just kept trying, and trying, and trying, creating, more or less, a denial of service (DoS) on that machine.

Asked whether someone else could figure this out before the patches are out, Lee said “even though I think Jack Louis is exceptionally brilliant, Outpost24 doesn’t have a monopoly on bug-finding abilities. It is a matter of time before someone else independently figures it out.”

To exploit the flaws, to see if the TCP vulnerabilities were real, Lee and Louis created a program called “sockstress” that intentionally did some wrong things with the TCP/IP handshake process. The sockstress program was very effective in producing DoS attacks. The pair have no plans to release sockstress.

The discovery follows a test using a port scanner called UnicornScan, which Lee and senior security researcher Jack Louis created. The tool is used for vulnerability assessment and penetration testing at Outpost24. Lee told a Swedish podcast that when they couldn’t get a port scan done soon enough, they decided to move the TCP stack into the program to make it more distributed. That’s when Louis started noticing strange behavior.

IMVU - $10,000,000
ngmoco - $10,000,000
Nurien - $10,000,000
Offerpal Media - $15,000,000
Ohai - $6,000,000
OMGPOP - $5,000,000
OneSeason.com - $3,500,000
Scrapblog - $4,000,000
Viximo - $5,000,000
Three Melons - $600,000

First quarter 2009 financings:

I’ve long held the stance that virtual goods and services are an interesting way to make money online. What’s not clear is what business models work and what segments of user populations are the best targets.

Somewhere down the line these sites and perhaps more importantly, the platforms they’ve built for distribution and commerce, will have a great deal of value to larger players. It’s still too early to tell what bet to take, but there are dollars out there somewhere.

The amazing thing about the 10 financings listed below is how large they are. This indicates that VCs are betting big, or that the companies are giving away a lot of equity for the dollars. Nonetheless, it’s good to see entrepreneurs raising money in a down economy.

Follow me on Twitter @daveofdoom

Start-ups peddling virtual goods raised $69 million in funding in the first quarter of 2009, holding at a steady pace from the previous two quarters according to data from Show Initiative LLC.

See more stories in CNET News.com’s coverage of SXSWi (click here).

And that’s probably why the energy level in the room at the end of the discussion was so high and so buoyant. Many of the participants told me that the gathering would never have happened without Moross taking the time and energy to get them all together, and the gratitude towards him seemed palpable.

After all, there’s strength in numbers, right?

But no matter how far these people and their companies take this and no matter how big their industry grows, the sense of the value of coming together and creating a set of standards and of working for a common purpose all started in a dark room in the bottom of a dingy club in Austin.

But each of these outfits has until now had to solve a set of problems unique to this nascent industry–legal issues, community management processes, and even questions of nomenclature.

“The takeaway is that this is a market,” he said, “and these businesses are starting to prove that.”

“That’s the heart of the question,” Cloutier said. “Is there marketing promise in being community-created…in being people-created versus top-down” created.

“For all of us to get in the same room as the others was hugely valuable,” said David ten Have, the CEO of Ponoko, a company that allows customers to design everything from chairs to lamps to
iPhone stands. It allows us “to learn from others’ mistakes….We all deal with communities (that) power us in one way or another. I’ve got this issue, and others are saying, ‘I’ve got the same problem.’ A problem that might take six or 12 months to solve might be solved (much faster) by getting together in a room and having a discussion with people who’ve done it (before).”

“We struggle every single day with the fact that it’s really challenging to get a community to make something together,” said 8020 Publishing CEO Paul Cloutier. “So the chance to talk to others having similar problems is not very common.

“To be able to say there’s almost a sense of movement, that there is something happening,” Cloutier said, “is an exciting thing. That is the greatest promise of this.”

Another big issue was the simple problem of what to call this type of business. For now, the term is “people-powered,” but as Cloutier noted, other terms could be “community-created” or even the familiar “user-generated.”

He said that in an industry where each company is making products based on designs submitted by customers, it’s essential to be sure that nothing is produced to which those users don’t own copyright.

That company has been around since 1999, and so Moross invited CafePress vice president of business operations Abdul Popal to attend the gathering both to share in the group discussion and to be on hand as somewhat of a “grandfather” figure.

The CafePress precedent
To many in the room, there is already one leading example of how to deal with some of the issues each company is facing: CafePress.

One way to achieve that, several of the executives on hand argued, could be to create some sort of logo that could be placed on the Web sites and marketing of any participating company, much as the “Made for
iPod” logo designates products certified by Apple that work with iPods. The logo itself, in other words, could be an effective marketing tool.

In addition to the companies named above, executives were also on hand from bag maker Timbuk2, shirt makers Spreadshirt and Threadless, custom framed art maker Imagekind and several others.

That was the premise of a gathering here of executives from most of the leading companies in what might be called the “people-powered” industry.

I was originally invited to attend the gathering, but some of the participants balked at the idea of a reporter being in the room, worrying that having someone taking notes might make people feel like they couldn’t open up and say everything they’d like to. As a compromise, I was allowed to show up just as the formal discussions were ending but before anyone left and to talk to any of the participants about anything I liked.

“A lot of us are pushing some serious (legal) boundaries,” said ten Have.

Coming up with common terminology that each company–and newcomers to the industry–can use is crucial, the participants said, because it would go a long way towards building wider public awareness of what the industry is about. That would be a big step for the participating companies because that awareness could draw customers attracted by the very notion that such an industry exists.

The copyright challenge
To Moross, the major issue that got tackled Sunday during the four-hour closed-door session was that of copyright.

“It’s flattering to see what was one company and one idea spawning all these micro-businesses and doing the same idea,” said Popal. “It was unimaginable at the time that this one business is going to spawn an industry.”

“The challenges that many of these companies are facing,” Popal said, “are things that we went through….As almost the grandfather of the industry, you’re seeing the children go through what you went through.”

But on the heels of building a base of 6.5 million users that have created 170 million products, CafePress definitely has something to teach the Moos and 8020s of the world, Popal said.

“One thing we agreed on as a next step,” Moross said, “was linking up all of our legal departments to just get synchronized on those issues.”

These Moo notecards are an example of the kinds of products being sold by companies whose users do all the creation and design of the things they buy.

But as the industry veteran, CafePress has definitely impressed upon the newcomers that it’s possible to build a successful business on the idea of letting customers do the design work.

Regardless of who had done the organizing, there’s little doubt that most, if not all, of the participants on hand want to move forward. They’ve already created a private wiki that they’re using to keep things moving even when they can’t be together in person, and a blog is also likely.

(Credit:
Daniel Terdiman/CNET News.com)

So as many of the people behind these companies prepared to go to Austin for this year’s South by Southwest Interactive (SXSWi) festival, Moo CEO Richard Moross decided that maybe this would be a good time and place to get everyone together and discuss whether a cooperative investigation and search for solutions to common problems would be a good thing for everyone involved.

AUSTIN, Texas–Why invent the wheel by yourself if you can turn instead to a group of peers and solve it together?

These are companies like CafePress, Moo, Etsy, and 8020 Publishing whose business is manufacturing physical products designed by customers. CafePress, for example, makes T-shirts, coffee mugs, hats, and many other products emblazoned with logos and designs uploaded by users. Moo makes business and greeting cards adorned with users’ own photos and images, and 8020 publishes photo and travel magazines full of readers’ work.

Here are some of the primary indicators that your system is infected:

Microsoft’s Help and Support site offers step-by-step instructions for using System Restore in XP (which also describes how to undo a restoration). Vista users will find information on System Restore and other system-recovery options for that operating system on the company’s Windows Help and How-to site.

Where did the virus/worm come from?
When you’re in the midst of a PC disinfection, the source of the virus may not be your first concern. But once your system is working again, you want to avoid whatever action caused the problem.

• Your system slows to a crawl for no apparent reason.
• The machine crashes, with or without an automatic restart.
• Error messages pop up repeatedly.
• Programs or files open slowly or not at all (especially security apps).
• You can’t access drives or other storage media.
• Certain Web sites won’t open in your browser, especially those of security software vendors.
• You can’t download updates for your antivirus software.
• You can’t print.
• A program disappears from your system.
• Strange icons are added to your desktop, or programs appear that you never installed.
• The unused space on your hard drive disappears (which could mean a worm is making copies of itself).
• People in your contacts list receive e-mail from your account, often with a virus attached.
• There’s a big jump in the amount of traffic on your network, especially outbound.

In the past, most viruses and worms traveled via e-mail and latched themselves onto your hard drive when you clicked to open an attachment, or sometimes when you merely viewed a message. Now infections are more likely to occur after you browse to an infected Web site or download and open a file.

PCs do the darnedest things. When a program crashes, your system slows down, or a file or program refuses to open, it’s probably due to a problem with an application or device. But not always. Computer viruses and worms will cause your PC to exhibit many of the same symptoms as a failed or failing component or program.

Of course, if the virus or worm has blocked your PC’s access to the Internet or is preventing your security software from running, you’ll have to use another system to download and install an up-to-date antivirus program on a flash drive, optical disc, or other external storage device. Then plug or insert that device in the infected machine and run the AV program from there. One option is the free ClamWin Portable, though many other free AV programs can be installed and run off external media.

Even if System Restore appears to fix your PC, update your antivirus software’s definitions and do a full system scan with the program. If you don’t use AV software, download and install a copy. You’ll find a list of free and low-cost antivirus programs on this Download.com page. Two freebies that get rave reviews from most users are Avira AntiVir Personal and Avast Home Edition.

Your best virus/worm-prevention strategy is to keep Windows and your antivirus/antispyware/firewall software up-to-date, don’t open e-mail attachments you weren’t expecting (even if they appear to be from someone you know), and avoid file-sharing and other dicey Web sites. This is no guarantee of keeping your PC virus-free, but it will keep the odds in your favor.

The recent
Conficker worm takes advantage of Windows’ Autorun feature that allows programs to open simply by plugging in the USB flash drive, CD, or DVD on which it’s stored, sometimes even if you thought you had disabled Autorun and AutoPlay on the machine. Microsoft released a patch that closed this hole late last year, though you still must disable these features manually. You’ll find instructions for doing so on this site.

How to disinfect a PC
Whenever your system starts acting funky, the simplest remedy is to use Windows’ System Restore feature to turn back the clock to a time when the machine worked. (Note that many viruses and worms can outsmart System Restore, so this is far from a cure-all.)

Another option for virus and worm removal is Microsoft’s own Malicious Software Removal Tool, which can disinfect a PC but doesn’t prevent infections. Note that if your system is set to receive automatic Windows updates, it probably already has the tool installed. You can read more about MSRT on the Microsoft Help and Support site.

commentary

I think there’s a lot of truth in Linus Torvald’s derisive comment about innovation, and the software industry’s fetish with it.

I think that “innovation” is a four-letter word in the industry. It should never be used in polite company. It’s become a PR thing to sell new versions with.

It was Edison who said “1% inspiration, 99% perspiration”. That may have been true a hundred years ago. These days it’s “0.01% inspiration, 99.99% perspiration”, and the inspiration is the easy part. As a project manager, I have never had trouble finding people with crazy ideas. I have trouble finding people who can execute. IOW, “innovation” is way oversold. And it sure as hell shouldn’t be applied to products like MS Word or Open office.

Amen. Looking around the industry, there’s very little “innovation” going on. The
iPhone’s interface? Sure. Vista (or, for that matter, Apple’s
Leopard)? Nah.

These are incremental technology advances backed by good execution. Microsoft isn’t Microsoft because it makes “innovative” technology. It’s Microsoft because it tends to keep the trains running on time.

Microsoft’s problem now isn’t innovation on the web. I have little doubt that its online services are as good, or nearly so, as Google’s. It’s that it doesn’t seem to know how to execute a web-centric business.

In open source, we need more talented executors to achieve dominance. Sure, we can innovate, but that’s not really the point.