Regarding responsibilities in affiliate marketing

Quite some time back, the Data Protection Ombudsman in Finland has issued a position paper on affiliate marketing and the division of responsibilities therein. The document is naturally in Finnish only. The core message is following the money; holding the owners of the advertised products and services responsible for the processing of personal data in such situations. This is nice when (as so often happens) the affiliate marketers violate all laws on the books, remaining anonymous, not including anything on the file of personal data they use, spamming, etc.

Shellshock Restrictions Lifted: Comments Allowed

It looks like WordPress and our security software have done whatever testing and updates are necessary to prevent shellshock compromises to WordPress, so comments are again enabled on this site.

Temporary Shellshock Restrictions

I have turned off comments on this blog for the present till the new Shellshock vulnerability is completely assessed and thoroughly patched. WordPress is based on PHP, and uses shell calls. I don’t know that WordPress comments are vulnerable to exploitation of this bug, but until I’m sure we won’t take that chance. Thank you for your patience!

How to hijack social media accounts without any hacking required

Facebook, LinkedIn, Twitter and any number of smaller social networks we don’t even know all seem to suffer from the same problem: ignoring the fact that domains cease to exist.

Only just today, I’ve spotted mail from LinkedIn to many accounts in over a dozen spamtrap domains. Twitter likewise, and Facebook, even more. I imagine that having control of these email addresses, I could “reset password” in all of those accounts if I wanted to, and therefore gain control over most of them (if they aren’t using two-factor authentication, such as that LinkedIn offers). How is this in the interest of the social networks or the account owners?

Does CAN-SPAM Have Teeth?

“It does have teeth; it keeps them in a glass by the bed.”
                                                                           — Mickey Chandler, Spamtacular

‘Nuff said. ūüėČ

New Finnish spam list vendor: yritysguru.fi

The self titled “Business Guru” (www in Finnish, www in English at alternate domain) is selling the standard fare, B2B spam lists. The yritysguru.fi domain is registered to Mikael Suominen as a private person. The finnishcompanyregistry.com domain is WhoisGuard Protected. The actual hosting of both is cloaked by CloudFlare.
Read more…

Washington Post: Ignoring Unsubscribes

The Washington Post, one of the major newspapers in the U.S., just started emailing advertisements to the email addresses of people who have accounts there to comment. I was foolish, and provided my usual blog commenting email address instead of a tagged address that I could turn off if needed. :/ I unsubscribed, and also sent email to their ESP E-Dialog (now eBay). The unwanted advertising emails have continued. I want to warn users that either the Washington Post is ignoring unsubscribes or E-Dialog’s unsubscribe system is unconscionably slow despite having (twice now) confirmed that my email address was removed.

Read more…

ACC Consulting Oy gets conditional fines

acc_consulting_logo

The Data Protection Ombudsman has decided that ACC Consulting Oy cannot be brought into line with advice and guidance alone, and has passed the matter on to the Data Protection Board with a requirement to impose a conditional fine to ensure compliance.

Reply from Data Protection Ombudsman

An open letter to Filip Poutintsev / Lateralus Enterprise / Tavoite Media

This was sent in private email on Feb 12 in response to a spam. No response has been received so far.

Read more…

Go back to top