Paterson warns Congress of "impending calamity," police say soph threatened school with data release, Stratton asks for raise, CDTA increasing swiper prices, fares up at ALB
David Paterson told Congress yesterday that New York needs federal assistance to "stave off an impending calamity." The Gov also invoked The Fountainhead by Ayn Rand. [NYT] [NYP]
Sales tax data indicates that local consumers are continuing to spend. Sales tax revenue during the first three quarters of this year for Albany, Schenectady and Saratoga counties was up 5 percent over the same period last year. [Daily Gazette]
The company hired by the state to test its new voting machines has been suspended by a federal oversight board. That won't affect things this year, but it could mean the old lever machines will hang on through 2009 and possibly into 2010. [TU]
State Police say the Shen sophomore who discovered unsecured employee data on a district server had uploaded the data to his own web account -- and issued vague demands to the district for its return. "He knew exactly what he was doing when he did it," a state police investigator said. [TU]
Schenectady mayor Brian Stratton is asking for a three percent salary raise and a tripling of his travel allowance in this year's city budget. That's not going over well with the city council. Said councilman Mark Blanchfield, who's been sparring with Stratton over the 3 percent tax increase in the proposed budget, "That raise is just inadvisable." [TU] [Daily Gazette]
CDTA has proposed increasing the cost of its pre-paid swiper cards next April. A five-day card will be $55, up from $36. CDTA says the new swiper cards will actually offer a slightly larger discount in the new fare structure. The cost of a single ride will increase from $1 to $1.50 next April. [TU]
The federal EPA says it'll be cleaning up a tributary of the Patroon Creek in Colonie that's contaminated with mercury. The level of pollution is apparently high enough that it would endanger people if they were directly exposed. [TU]
The Troy Public Library wants to levy a library tax for the first time. The library's director says the library is "not sustainable" under the funding arrangement. [TU] [Troy Record]
A report from the federal DOT says airline fares at ALB are the 37th highest among the nation's 100 biggest airport. The average fare was $362.19 during the second quarter of this year, up 6.7 percent from the same period last year. [Biz Review]
The cast iron lions have been returned to the steps of Saratoga Springs' city hall. The lions were refurbished as part of the $210,000 project to renovate the building's front entrance. One disappointment: there wasn't enough snow to show off the new radiant heat steps. [Saratogian] [Daily Gazette]
Say Something!
We'd really like you to take part in the conversation here at All Over Albany. But we do have a few rules here. Don't worry, they're easy. The first: be kind. The second: treat everyone else with the same respect you'd like to see in return. Cool? Great, post away. Comments are moderated so it might take a little while for your comment to show up. Thanks for being patient.
Comments
I'm wary whenever law enforcement says "uploaded the data to a web account," or something of that ilk. I'm fairly technically literate, and I don't even know what that's supposed to mean. My guess is that he saved a copy of a file so he could prove to the administration that he wasn't blowing smoke. Uploading the data to an FTP server to get around a school firewall may have been just that. That's a far cry from posting a web page with the SSNs of district employees hoping Google will index it.
It's also unbelievable that no one at the district, who created this mess in the first place due to their lax security policies, aren't going to see any repercussions.
Given the backlash against the kid, no wonder he tried to mask his identity while still pointing out the security flaw. His example will only guarantee that future holes go unplugged and data remains insecure.
I may be completely wrong, and the kid may have had terrible intentions. But the current tenor of computer and Internet law is to prosecute prosecute prosecute. And no offense intended to our wonderful state Troopers, but state and local police forces aren't exactly IT professionals.
... said James Cronen on Oct 30, 2008 at 10:42 AM | link
Just to be clear, "uploaded the data to a web account" was a phrase I wrote. The TU's article used this phrase: "uploaded the data to his personal Web page."
I used the term "web account" because I wasn't sure what they meant when they said he had uploaded something to a web page. I figured they either meant he posted the data on a page, or he uploaded the actual file to space he had on a web server.
I think you make a good point about being skeptical about the details of this case. That said, the State Police and the school administrators say this wasn't the first time the student's been involved with something like this and the talk of him issuing some kind of threat doesn't look good for him.
... said Greg on Oct 30, 2008 at 11:25 AM | link
@Greg:
Thanks for the clarification. As a regular Slashdot reader and fan of the Electronic Frontier Foundation, electronic privacy and law is one of my hot-button issues.
There are two schools of thought in computer security. One is "security through obscurity" — make the holes you leave hard to find. The second is to publicize the heck out of security breaches. While the second idea may sound like it's inviting trouble, it's been proven time and again that networks are more secure when the problems are solved than when they're hidden. For obvious reasons, organizations don't like to have their flaws published for all to see. They want to punish those who dare to find the gaps rather than sending them a fruit basket thanking them for their free labor. Meanwhile, the network admins who were negligent in allowing the data to slip out of their hands go entirely unpunished.
But as I said before, we don't really know until more details come out about the case.
... said James Cronen on Oct 30, 2008 at 3:18 PM | link
I agree, the story is completely vague.
Somehow i feel they'd give out more details if the kid actually meant to do harm.
so the way i see it, rather than admitting to a mistake, shen is concentrating more on punishing the kid. probably hoping nobody would stop and think "Hey, is that the only security breach they have? and how safe is their data anyways?" hmmm...
i like to think google has ingrained "don't be evil" in our little hacker's head.
we'll see...
... said Daria on Oct 31, 2008 at 2:01 PM | link