|
Ultrasaur Blog
Keeping track of exciting new threats to your digital records.
Archive for the ‘record falsification’ Category
Saturday, June 27th, 2009
We normally focus on the bigger stuff, but fake expense receipts are a reminder that insider fraud does happen.
Some random thoughts on expense receipts:
- I’ve taken taxis for work where the driver offers to increase the receipt $10 or so, if I’d pay in cash.
- They offer perverse incentives, the bus system in Seattle is often easier than a taxi, but I could get a receipt for the taxi making it free (vs $2 to take the bus).
- When I lived in China, outside most subway stops were vendors selling taxi receipts. The idea again being that the subway was cheaper (and often faster), but you could still get reimbursed for a (more expensive) fictional taxi trip.
- The real cost is repeated over and over in the comments, if you need to ask for too much verification, you’re “making all trips cost an extra half day’s productivity for each traveler”
Tags: fraud, old timey ways, records
Posted in record falsification | No Comments »
Friday, May 29th, 2009
Shorter version:
Waste Management sued SAP, for $100 million since the product didn’t live up to the demo. Nobody claims to have a copy of the demo that the case rests on.
My question is, why should Waste Management believe that SAP would necessarily produce the original demo?
I agree that it “would be wise to preserve a copy of product demonstrations as they form new license agreements with vendors” but having given and received demos, I don’t think I’ve ever seen that happen.
Tags: court case, demo, fraud
Posted in fingerprinting, record falsification | No Comments »
Friday, May 15th, 2009
Another “He-said-he-said” argument making news, this time between the CIA and Sen. Bob Graham. In this case the CIA’s records indicate that they told Graham the details about waterboarding but Graham’s records indicate that they didn’t. Or rather, that’s what both party claims, so in the absence of verifiable records, it relies on which party you trust more, which isn’t obvious.
From former presidential speechwriter to Jimmy Carter James Fallows:
Graham also has a specific reputation for keeping detailed daily records of people he met and things they said. He’s sometimes been mocked for this compulsive practice, but he’s never been doubted about the completeness or accuracy of what he compiles…
So if he says he never got the briefing, he didn’t.
Tags: dispute, news, records, usa
Posted in record falsification | No Comments »
Wednesday, May 6th, 2009
It’s not surprising, but it is interesting to see a concrete case of reporters reporting straight from Wikipedia without independent verification:
Student’s Wikipedia hoax quote used worldwide in newspaper obituaries. It’s from The Irish Times, but they probably just read about it in Wikipedia.
Tags: stub
Posted in record falsification | No Comments »
Tuesday, May 5th, 2009
One interesting aspect of this discussion about a copied website, is that no-one has a solution.
http://www.wxbh-lrj.gov.cn/ is the copy, http://www.lokad.com/Technology.ashx is the original.
The funny things are:
* plenty of “left-over” on the Chinese website from the original one.
* imaginative ways of recycling irrelevant illustrations.
* it’s a .gov.cn website, that is to say an official Department of the Government of China.
Tags: china, fraud, stub
Posted in record falsification | No Comments »
Thursday, April 30th, 2009
Would you sell sensitive company data if you’re offered the right incentive? Using the current economic situation, or pure greed as an excuse, 37% of employees surveyed at this year’s Infosecurity Europe event said that they are keeping their options open. via Zero Day, ZDNet.com.
I expect this is an undercount, but it’s a useful estimate of the percentage of people who would change data if they could make money doing it.
Tags: statistics, stub
Posted in record falsification | No Comments »
Tuesday, April 7th, 2009
One wouldn’t think that copying websites would be a large problem, after all the originals are just a click away. But much as stealing blog content for ad-clicks is a right of passage (even I’ve had it), complete website copies are common enough to spawn a community that tracks them down.
Recently there was a very active Rob Morris’ site. Often it’s easy to figure out which one is the copy… it’s the one where the the text hasn’t been 100% updated:
“private organizations in North America and Europe including [...] the Australian National University [...] and Sports Medicine Australia“
and where some of the links are broken. Since generally the copiers copy the best because they don’t have the skills themselves. However, there are cases where it isn’t clear.
Amusingly enough, there are examples of the original author being pursued by the derivative’s author. In one case on YouTube, a timelapse video of clouds was put into the public domain, then used in the background of another video — and the original author’s was taken down:
This is to notify you that your video “Timelapse Clouds Compilation” from your Google Video account has been disabled because it has been identified by our Content Identification tools as potentially lacking the necessary copyright authorization for use on the Google Video site. Content Identification is a program that analyzes similarities in audio or video between user videos and a library of reference content provided to us by copyright owners. When a video matches a reference file, that video is automatically disabled.
Tags: fraud, funny, originals
Posted in record falsification | No Comments »
Wednesday, March 11th, 2009
It seems no good deed goes unpunished, Google Maps now show 1000 results instead of 10 which made it obvious that Locksmiths are spamming Google.
The source of this spam seems to be partially related to a records management issue, in that Google tries to keep their records as up to date as possible (rather than only introducing data that’s been through a thorough vetting process). The spammers can appropriate the authority of more established businesses (steal their googlejuice) by posing as more up-to-date information:
The “blackhat” would create, in their Local Business Center account, a new local business listing with exactly the same information as an existing Locksmith with a high Local 10 Pack standing. The fields would be identical to the legitimate listing with the exception of a different phone number which Google would verify against. Once the new record was validated, the content would merge with the other data in the cluster but take precedence as the most recent. Once the record was secure in the wrong LBC account, the URL could then be changed.
Again the part I find interesting is what to do now that there is false information in the record, Google is somewhat less than helpful:
Basically we’d tell users to make sure that they have one and only one correct, up-to-date, verified listing in their account that is not rejected for content problems.
We at Ultrasaur Records Management would also recommend having one and only one correct, up-to-date, verified record in the unlikely event that you can pull it off — but we’ll still help you prove that your records predate an impostor’s. I sincerely doubt “FakeFlyByNightCo” has the multitudes of documents spanning a decade that “RealGoodLockCo” has (all with the business name mentioned).
Tags: google
Posted in record falsification | No Comments »
Saturday, March 7th, 2009
For a fun twist on record falsification from Connecticut:
“labels for high-end name brands glued onto less-expensive coats. …
This is double-labeling, so you’re selling a fake product,”
Fake goods are common enough, but rarely is it the trademark owners selling the fake products.
source: Consumerist
Tags: fraud
Posted in record falsification | No Comments »
Thursday, March 5th, 2009
IT Worker Indicted For Setting Malware Bomb At Fannie Mae: “a malicious script buried in a legitimate script”…. “Industry experts warn that such exploits may become more common”.
We’ll be making our beta public as soon as possible.
Tags: crime, hacking, stub
Posted in legal, record falsification | No Comments »
|
|