Sunday, April 16, 2017

Submit a Report - Watchdog

Submit a Report - Watchdog
C''mon people!! Tell Comcast how you feel!!!

File a bit Report with TRUSTEe

  • TRUSTe requests that you provide a working e-mail address where you can be reached, especially if there are questions or more information is needed. If you consent to TRUSTe sharing your information with the site you reported, TRUSTe will share your report and personally identifiable information with the site you reported. This is often needed in the event the site has to research account-specific issues or make changes to your data or account; such issues often cannot be resolved without being able to provide identifying information to the company you reported.

  • Please enter the details of your complaint. This should include a clear description of the issue and the steps of how to duplicate the problem, if possible. If you wish to include an attachment, you can do so below. Do not include sensitive information such as credit card, social security number or password.

    Before you submit a complaint to TRUSTe, you should attempt to contact the site you are reporting directly to allow them to resolve your concern. Please select when you contacted the site:

    How did you contact the site? Please include as much detail as possible about their response.

    Please describe the action(s) you would like the Site to take to resolve this issue.

    If you are a registered user, please login first to submit a request. If you wish to receive a response or be reachable for questions/updates, you must provide a working e-mail address where you can receive e-mail. Please note that certain requests (such as those requiring account-specific research or changes) cannot be resolved without being able to provide identifying information to the company you reported.

    You are welcome to use your real name or use NoName if you do not wish to provide your name. Providing your name generally helps expedite resolution if the company you are reporting has to look up your specific account.

    Please check the "I am not a robot" box below to indicate that you are not an automated computer process that fill out forms.


    Saturday, April 15, 2017

    BREAKING: Palm Beach Passes Tax to Make Trump Pay for His OWN Vacations. Support?

    BREAKING: Palm Beach Passes Tax to Make Trump Pay for His OWN Vacations. Support?
    I didn't vote for him and I most definitely do not want to pay more taxes for Trump's excessive travel and spending. 

    BREAKING: Palm Beach Passes Tax to Make Trump Pay for His OWN Vacations. Support?

    Palm Beach officials proposed a tax on Trump's Mar-a-Lago resort to cover the cost of his frequent visits. Trump will finally have to pay for his own frequent golf trips.

    According to CNN, Trump's many travels cost taxpayers over $20 million in the first eighty days of his presidency. This cost represents 21 days at Mar-a-Lago.

    That amounts to one-quarter of his time as president spent golfing in Palm Beach, Florida. Well, his travels not only costs the American taxpayer, but also Palm Beach County, and residents are NOT happy.

    Trump's trips cost the county $60,000 PER DAY for law enforcement overtime. That brings the total to over $2 million for the president's first 80 days in office, according to The Orlando Sentinel.

    The county is still looking for the federal reimbursement. So, to combat the country expenses for Trump, County Commissioner Dave Kerner to proposed a tax on Trump's resort to cover the costs.

    "We're very honored to have the president here, but at the same time, his travel here is such high frequency he's not visiting Palm Beach County — he's governing from it," Kerner told Money Magazine.

    Kerner went on to make it clear that Palm Beach taxpayers did not sign up for this ludicrous expense. "Whatever our priorities are, the taxpayers didn't pay this money to us to protect the president," Kerner said.

    The tax on Mar-a-Lago would help with some of the county's expenses, but it needs more. That's why Rep. Lois Frankel (D-Fla.) who represents Palm Beach, called on the government to provide reimbursements for the local governments' security costs or for Trump to cut back on his visits.

    It is ridiculous for counties and cities to pay for Trump's many escapades. If Trump is so rich, he should have no problem footing his own bill.

    Don't you think Trump should be paying for his own frequent vacations?

    POLL: Should Trump pay for his Mar-a-Lago trips?

    Trump has already spent an absurd amount of money on his golfing trips to Mar-a-Lago. It has put an extreme financial burden on the citizens of Palm Beach.

    Trump claims to be filthy rich. Shouldn't he pay for his own vacations instead of relying on hardworking Americans to foot the bill? Tell Trump what you really think in the poll below.

    At the rate Trump is going, he will bypass the total costs of President Obama's vacations over an eight-year period IN ONLY ONE YEAR. This from the president who tweeted that Obama took too many vacations and needed to stay in the White House.

    His travels are so frequent that Homeland Security Secretary John Kelly requested additional funding for the Secret Service. Apparently, Secret Service agents work so much overtime to protect Trump that they had to call in other agents around the country.

    This is an atrocious use of taxpayer money. The citizens of Palm Beach deserve better. We hope that the new tax on Mar-a-Lago provides much-needed relief soon.

    If you agree that Trump takes too many vacations and that local governments receive reimbursement for them, please take our poll and share this article on Facebook.


    Friday, April 14, 2017

    Email Usage Policy | Columbia University Administrative Policy Library

    Email Usage Policy | Columbia University Administrative Policy Library

    Email Usage Policy

    Published:  October 2013

    Latest Revision:  April 2016

    Revised: November 2014

    I. Introduction 

    Email is an expedient communication vehicle to send messages to the Columbia University community.  The University recognizes and has established the use of email as an official means of communication.  However, use of an email system at the University requires adequate security measures to protect the Data (as such term is defined in the Columbia University Information Security Charter (the "Charter") that is transmitted.

    Capitalized terms used herein without definition are defined in the Charter. 

    II. Policy History

    The effective date of this Policy is November 1, 2013.  This Policy and other Information Security Policies replace (A) the following University Policies:

    •   Electronic Information Resources Security Policy, dated March 1, 2007

    •    Email Usage and Retention Policy, dated April 1, 2008

    and (B) the following CUMC Policy:

    • Communicating Protected Health Information via Electronic Mail (Email) at Columbia University Medical Center, dated January 21, 2004, and amended as of September 21, 2012

    III. Policy Text

    To see the full text of this policy, please use the link on the right.


    Law Enforcement Using Facebook and Apple to Data-Mine Accounts of Trump Protest Arrestees

    Law Enforcement Using Facebook and Apple to Data-Mine Accounts of Trump Protest Arrestees | Alternet

    Law Enforcement Using Facebook and Apple to Data-Mine Accounts of Trump Protest Arrestees

    Photo Credit: Casey McKeel

    Law enforcement is compelling Apple and Facebook to hand over the personal information of users who were mass arrested at protests against the inauguration of Donald Trump in Washington, D.C., AlterNet has confirmed. The tech giants appear to be complying with the data-mining requests, amid mounting concerns over the heavy-handed crackdown against the more than 200 people detained on January 20, among them journalists, legal observers and medics.

    "This is part of an increasing trend of law enforcement attempting to turn the internet, instead of technology for freedom, into technology for control," Evan Greer, the campaign director for Fight for the Future, told AlterNet. "This trend started long before Trump and seems to be escalating and growing in scale now."

    More than 200 of those picked up in the sweep at the anti-fascist, anti-capitalist bloc have been hit with felony riot charges, which carry penalties of up to ten years in prison and a $25,000 fine. Because the arrests took place in Washington, D.C., the cases are being prosecuted by the U.S. Attorney's Office for the District of Columbia, which is directly accountable to the Department of Justice, now overseen by the notorious white supremacist Jeff Sessions.

    Mark Goldstone, a National Lawyers Guild-affiliated attorney who is representing numerous defendants in the case, told AlterNet that "several" of his clients have been contacted by Facebook and Apple and informed that their personal information has been requested by law enforcement.

    AlterNet viewed a "customer notice" email sent on February 14 by Apple to one of the defendants, who requested anonymity due to the ongoing charges. "On 2017-01-27, Apple Inc. ('Apple') received a legal request from United States Attorney's Office requesting information regarding your Apple account," the message states.

    The communication states that "Apple will be producing the requested data in a timely manner as required by the legal process."

    The individual who received the notice told AlterNet, "My phone wasn't present at the time of arrest and wasn't taken." That individual does not know whether the data has been handed over to prosecutors.

    "I wasn't surprised by it, but it was also very unsettling and made me feel very vulnerable and exposed," the individual said. "That some federal grunt could be looking through old texts, personal stuff and selfies. This is exposing and gross and creepy."

    Goldstone emphasized, "It's an outrageous overreach by the government to try to data-mine personal property that wasn't even seized at the demonstration. This will be fought vigorously."

    AlterNet also viewed a statement sent from Facebook on February 3 to an anonymous defendant. "We have received legal process from law enforcement seeking information about your Facebook account," states the email, sent from the company's records office.

    "If we do not receive a copy of documentation that you have filed in court challenging this legal process within ten (10) days, we will respond to the requesting agency with information about the requested Facebook account," the letter continues. "We may need to respond to this legal request within less than ten (10) days if we have a reasonable belief that we are legally required to do so."

    Stephanie Lacambra, a criminal defense staff attorney for the Electronic Frontier Foundation, told AlterNet that, in addition to Facebook and Apple, Google has also been sent requests for information by law enforcement. None of the companies responded to a request for an interview.

    'What is the government doing with the data?'

    It is not immediately clear what information law enforcement has requested and under what legal justification.

    "The most invasive form of surveillance is a warrant. A judge could authorize police to look through every byte of data on someone's Facebook account," Michael Price, counsel for the Liberty and National Security Program at the Brennan Center for Justice, told AlterNet. "A 2703(d) court order allows police to get metadata about communications, and that could possibly include location information about when communications took place and when a phone was connected to cell tower. A national security letter allows police to get that information but does not require a court order."

    According to Lacambra, law enforcement could be accessing "surface information like user names, the registration information that was collected and the metadata on the last time of login and duration of service." Or, they could be searching "information stored in Apple iCloud, contacts, the content of emails, any number of photos that are stored there."

    "I don't know the scope of information," she said, "because I don't know what legal instrument was used."

    Goldstone, the defense attorney, said he was not informed of what legal justification law enforcement invoked to seize the information. "No one has said or sent anything to me," he explained.

    The Metropolitan Police Department and the U.S. Attorney's Office for the District of Columbia both refused to comment, citing the pending investigation.

    According to Price, "As a general matter, it is not uncommon for law enforcement to seek information from a third-party service provider like Apple or Facebook. It happens all the time."

    "One of my biggest concerns," he said, "is that police will attempt to use electronic surveillance to get information about the people who were at the protest, in order to compile a list of the people who were present. Is that information going to be mined and used for other purposes? What is the government doing with the data? Are they going to store it? Are they going to send it to an intelligence analyst?"

    Lacambra said the investigation raises disturbing questions. "Why is the Department of Justice trying to intrude into the digital lives of people exercising their rights to protest?" she asked. "Is this to intimidate, silence or threaten people for exercising their constitutional rights? When you arrest 230 people, some of whom are medics and legal observers, and try to systematically get to the content of their digital life, that is troubling."

    The anti-capitalist, anti-fascist bloc was part of a day of disruptive protests across Washington, D.C., and the world, to interrupt business as usual and register opposition to the rise of Donald Trump, whose cabinet has aggressively delivered on his white supremacist campaign pledges. Since Trump took the White House, millions have taken to the streets, flocked to airports and mobilized to defend their neighborhoods and communities against a multi-pronged assault.

    'People should be paying close attention'

    Some of the arrestees were already suspicious that police had searched their phones, which were seized by police. Those phones are still being held as evidence, according to legal support volunteers.

    AlterNet spoke with a journalist who was arrested on January 20 and requested anonymity. He sent AlterNet a screenshot of his Google account, which shows that while he was detained and his phone was in police custody, there was activity on his account. AlterNet confirmed that the login occurred while the phone was in police custody by viewing a property receipt issued to the journalist by the MPD. The journalist says his phone is password protected.

    This mysterious account activity is similar to activity on the account of an unidentified medic, reported by George Joseph of CityLab. As in the case of the journalist, the medic spotted activity on his account while the phone was in police custody. Joseph notes that a screenshot of the activity "suggests that police began mining information from the captured cellphones almost immediately after the arrests."

    Goldstone, who has defended protesters in Washington, D.C., for more than 30 years, underscored that he has "never seen phones seized at protests, let alone phones that were not part of a protest."

    He also said that he has "never seen a felony riot charge in Washington, D.C., let alone more than 200 of them." According to news reports, 214 people have been indicted for these charges so far, indicating that the prosecution plans to move forward with the bulk of the charges.

    "We're in a dangerous new world," he declared.

    Those arrested in the sweep already reported heavy violence at the hands of the MPD, which is overseen by Chief Peter Newsham, who has a troubling history of kettling and mass arresting people in the proximity of protests.

    On January 20, Washington, D.C.-based lawyer Jeffrey Light filed a class action lawsuit on behalf of those detained charging that "Without warning and without any dispersal order, the police officers kettled all of the plaintiffs." The lawsuit states, "Defendants John Doe MPD Officers and/or John Doe Park Police Officers deployed a large amount of chemical irritants against the plaintiffs, as well as struck multiple plaintiffs with their batons, and deployed flash-bang grenades."

    The anonymous journalist told AlterNet that, while covering the protests, he was sprayed in the face with what he believes was OC gas. "Two flash-bang grenades fell within three or four feet of me. I had tinnitus in my ears for a couple of minutes. I yelled out for a medic, and by the time I could see, we were completely kettled. I was incapacitated. I had a press badge and tried to tell them I was press."

    AlterNet spoke with one anonymous arrestee who said that, at the police academy where arrestees were taken for processing, he received a "two-knuckle-deep cavity search." He noted, "I didn't see any reason for it."

    According to Greer, the police crackdown is "unquestionably an attempt to silence dissent, frighten people and keep them off of the streets. But I wouldn't call it new. Anyone who has been involved in activist movements for more than a few years has seen this before."

    In recent weeks, Republican lawmakers across the country have introduced state-level bills aimed at criminalizing protests. One piece of proposed legislation in Washington state calls for certain acts of civil disobedience to be classified as "economic terrorism." North Dakota lawmakers introduced a bill that would make it lawful for motorists to hit and kill protesters staging acts of civil disobedience obstructing highways, as long as the cause is "negligence." The legislation, which failed earlier this month, is clearly aimed at Indigenous resistance at Standing Rock, as well as the Black Lives Matter movement, which has staged acts of civil disobedience across the country.

    Meanwhile, police departments have long been building up their capacity for surveillance. A 10-month investigation by, a project of The Atlantic, revealed earlier this month that "major police departments around the country are spending millions on cellphone spy tools that can be used to build up massive surveillance databases—with few rules about what happens to the data they capture." According to the investigation, most of the major police departments in the United States have either cell phone interception devices and/or "cell phone extraction devices, used to crack open locked phones that are in police possession and scoop out all sorts of private communications and content."

    In light of this climate, the fact that tech giants like Google, Apple and Facebook store large amounts of personal data is sparking concerns.

    "Tech companies are building business models based on collecting large amounts of personal information and then failing to protect that information from the government and others who attempt to access it," said Greer, who attended the January 20 protests in Washington, D.C. "People should be paying close attention and be concerned."

    Sarah Lazare is a staff writer for AlterNet. A former staff writer for Common Dreams, she coedited the book About Face: Military Resisters Turn Against War. Follow her on Twitter at @sarahlazare.


    Five Inmates Built Two PCs and Hacked a Prison From Within

    Five Inmates Built Two PCs and Hacked a Prison From Within

    Five Inmates Built Two PCs and Hacked a Prison From Within

    Five inmates from the Marion Correctional Institution (MCI) built two computers from spare parts, hid them in the ceiling of a training room closet, and used them to hack into the prison's network.

    Their actions were discovered in July 2015, when the prison's IT staff switched internal proxy servers from Microsoft to WebSense (now part of Forcepoint).

    These servers, designed to monitor and report suspicious traffic, immediately started reporting issues.

    Prison IT staff started receiving weird alerts

    In the beginning, MCI admins received reports that the user account, belonging to a prison contractor, was exceeding daily traffic quotas. While other employees had also surpassed their daily traffic threshold, the problem was that these reports were coming in the days when that employee was off duty.

    Things got weirder a few days later when admins received reports that the same employee was attempting to avoid the traffic monitoring proxies.

    At this point, the prison's IT staff decided to investigate further. Their suspicion that something was wrong was confirmed moments later when they traced back the traffic to a computer with the name "-lab9-", a name inconsistent with the prison's internal computer naming scheme.

    Computers hid in a closet's ceiling

    The prison staff started an investigation and tracked suspicious network traffic to port 16 of a switch located in the prison's P3 training room.

    Network hub located in  MCI Training Room P3
    Network hub located in  MCI Training Room P3 [ODRC]

    When they got to the switch, IT staffers followed the network cable plugged into port 16 to a nearby closet, and up into the ceiling. Removing the ceiling tiles, prison employees found two fully-working computers, placed on two pieces of plywood.

    Inmates used parts from prison's recycling program

    According to a report released yesterday by the Ohio Department of Rehabilitation and Correction's (ODRC), the agency says it identified the five prisoners who built the PCs.

    The five inmates managed to build their two PCs because they were part of the prison's Green Initiative program where they worked in trash management and electronics recycling.

    Inmates hacked prison network

    A forensic analysis of the hard drives found in the two PCs found legitimate software, hacking tools, and traces of illegal activities. According to the Office of the Ohio Inspector General, the two hard drives contained:

    Searches of inmate information through the ODRC Departmental Offender Tracking System (DOTS).
    Accessing of inmate data via DOTS.
    The issuance of passes for inmates to gain access to multiple areas within MCI.
    A Bloomberg Business article on tax refund fraud.
    Submissions of five credit card applications in the name of other inmates (data they obtained from DOTS).
    Conversations with family members.
    CC Proxy - a proxy server for Windows.
    Cain - hacking tool for password recovery.
    Zed Attack Proxy (ZAP) - vulnerability scanner.
    Wireshark - network traffic packet analyzer.
    NMap - network mapping and security auditing tool.
    ZenMap - security scanner and GUI for NMap.
    Webslayer - hacking tool for launching brute-force attacks
    JanaServer - multi-platform proxy server.
    Yoshi - email spamming tool.
    AdvOr Tor Browser - a variation of the Tor Browser.
    THC Hydra - password cracking tool.
    Cavin - editor for encrypting and decrypting text.
    Paros - Java-based proxy server and MitM tool.
    3CXVoip Phone - free VOIP tool for Windows.
    VirtualBox - virtual machine software with Kali Linux installed.
    TrueCrypt - full-disk encryption tool.
    CC Cleaner - tool for system optimization, privacy, and cleaning.
    VideoLan - multimedia player
    Clamwin - antivirus
    phpBB - open-source forum software
    SoftEther VPN
    Custom-crafted software

    According to investigators, the inmates used these tools to capture network traffic, move laterally in the prison's network, crack passwords for active user accounts, and use these accounts to access the prison's network.

    They used this access to collect personal information for other inmates, apply for credit cards in the names of other inmates, and issued passes for other inmates.

    Prison staff shares some of the blame

    Following the discovery of these tools and inmates actions, the ODRC moved the suspects to other institutions in November 2015.

    The Office of the Ohio Inspector General also found that MCI staffers were also at fault. First for failing to supervise inmates (who built two frickin' computers while in prison), and second for failure to force employees to change passwords every 90 days.

    The findings from this investigation have been forwarded to the
    Marion County Prosecutor's Office and the Ohio Ethics Commission for consideration of any punishments.