Samsung Chairman Lee Kun-Hee was indicted on charges of evading taxes on billions of dollars he hid in stock accounts under the names of his aides, The New York Times is reporting.
He also faces criminal charges of breach of trust, stemming from his involvement in arranging for company subsidiaries "to sell stock to his son" at "unfairly low prices" to help his son "take over management control," The Times says. Lee was cleared, however, of more serious allegations he starting a slush fund worth $215 million used to bribe prosecutors, judges, and other public officials.
Nine other Samsung executives were indicted on charges similar to Lee's, but none were arrested. Lee wasn't arrested either.
Still, the charges aren't good for the image of South Korea's largest company. Samsung operates in many industries, but is primarily known for its electronics. The company is one of the largest television manufacturers in the world, and is also a leading handset maker.
Lee thus far has maintained his title, however Samsung is planning a related restructuring, the details of which will be disclosed next week, according to The Wall Street Journal.
Back in December, Microsoft dutifully notified the (few) people using its Windows Home Server software that a bug in the product could corrupt files.
Typically, when Microsoft posts a bulletin outlining specific problems in its products, as it did in this case, a fix is usually right around the corner.
Not so for Windows Home Server. According to a bulletin posted this week, the bug will not be fixed until June, when the company posts a patch. That means, in essence, Windows Home Server will be on the market for a year before the fix comes.
When certain programs such as Vista Photo Gallery, Microsoft Outlook, and Intuit QuickBooks are used to edit or transfer files that are stored on a server running Windows Home Server that has more than one hard drive, the files may become corrupted, Microsoft said.
Granted, the problem should affect only a small number of the few servers actually running the software. In January, Microsoft's Steven VanRoekel told CNET News.com's Ina Fried that the product's sales have exceeded the company's expectations, though he declined to give specific numbers.
"It's definitely tens of thousands," VanRoekel said at the time.
A post in the Windows Home Server team blog indicates that the problem has been found and acknowledges the tardy response, but doesn't really explain the delay:
From the outside looking in, some people would say "Why is this taking so long?" Fixing this issue is the Windows Home Server team's top priority and the team is making good progress on the fix. We understand the issue really well at this point--it is at an extremely low level of the operating system and it requires thorough testing to ensure that the fix addresses the issue. We have coded a part of the fix which is currently being tested internally. Internal testing is expected to continue for at least several more weeks.
As ZDNet blogger Adrian Kingsley-Hughes notes, that response will do little to boost confidence in--or sales of--the product:
...a patch needs thorough testing, but there's no excuse for releasing a file server OS containing such a critical flaw, and there's no excuse for a fix to take so long, leaving users in the lurch in the interim.
Microsoft and market analysts have noted that Windows Home Server will remain a tough sell for some time to come. The product is targeted at consumers as a way to simplify accessing music, video, and digital photos from any home PC.
Few people, outside of Bill Gates and some optimistic analysts, expect more than token sales for at least a few years. One problem: few consumers really understand what a server is, much less why they would need one in their home.
Out-of-the-box data corruption and a tardy fix for the problem will all but guarantee niche status.
Update: This blog post has been modified since it was first published. Click here for more details, or scroll to the bottom to see the original text.
A pro-consumer, bipartisan data-breach bill was stripped of most its provisions before its feeble remains were finally passed by an Indiana Senate committee on Tuesday.
This came after two weeks of intensive lobbying by AT&T, Verizon, Microsoft, and LexisNexis, all of which wanted to kill the bill. For the most part, they were successful.
In a blog post last week, I explained how I had worked with my state Rep. Matt Pierce (D-Bloomington) to draft and submit a data-breach bill. The bill fixed a number of major loopholes in the existing laws and borrowed heavily from existing laws in pro-consumer states such as New York, California, and New Hampshire.
It also broke new legal ground and would have made Indiana the first state in the country to require that all data breach reports impacting state residents be put online at the state attorney general's Web site. This is something that the New Hampshire Department of Justice already does, but out of a voluntary effort to help consumers and not due to a legal mandate.
Indiana's existing data-breach statute has a number of major loopholes. The most critical of these is that companies are not required to disclose a data loss/theft incident, as long as the device in question is protected with a password. The law does not require encryption of all confidential user data, but instead lets companies off the hook as long as they employ a Windows log-in password. These passwords do little to protect data, as they can be broken in a matter of seconds using free tools--or an attacker can use a Linux boot CD to read the data directly off the drive.
In a committee meeting Tuesday morning, Republican committee members successfully eviscerated the bill, reducing it to a mere 17 lines of text from the original 72. The Web site report provision and the requirement that companies notify the state attorney general whenever a data breach is discovered were stripped. A section of the bill that created incentives for companies to follow encryption and key management practices "in a manner consistent with the best practices common in the industry" was also removed.
Thankfully, the most important part of the bill (which requires real encryption and not just a Windows log-in password) remains, for now.
It only took six votes to completely gut the bill--as the other five members of the committee failed to show up for the vote. On Tuesday afternoon, I spoke with state Sen. Tim Lanane, one of the two Democrats who voted on the bill.
"I certainly didn't support the amendment," he told me, "but I also heard Rep. Pierce (the author of the bill) say that he preferred to have a bill pass, as opposed to it dying in committee."
Lanane told me that his vote was strategic, as he knew that "the (Republican) chairman was not likely to pass the bill (as originally written). Rep. Pierce knew that too." In the end, he added, it was "better to have something come out of committee rather than nothing."
Lanane told me that it is still possible to have the original pro-consumer provisions added back into the bill once it reaches the full Senate, and later if it comes up in a House/Senate conference committee.
The bill sailed through the House of Representatives a few weeks ago, passing 94-0. Unfortunately, when I drove up to the state capital last week to testify in front of a Senate committee, I discovered that big business was gunning after the bill.
At least 10 lobbyists were waiting at the committee meeting, many having flown in from Washington D.C., and were going to do their best to have the bill eviscerated. The lobbyists represented household names such as AT&T, Microsoft, Verizon, Comcast, and LexisNexis.
The lobbyists claimed that consumers could be easily confused by online breach reports, that such reports could be misused by evil phishers and fraudsters as a way of adding authenticity to their attacks, and finally that the reports could act as an unfair scarlet letter for companies that make mild data-breach mistakes.
The New Hampshire Department of Justice has posted data breach reports to its Web site for over two years. In order to learn more about the site, I recently spoke with Lauren Noether, the bureau chief of the New Hampshire DOJ's Consumer Protection Office. She told me, "I think it's important for the public to know that there are these types of breaches." She added that "any information that helps a consumer to make decisions about with whom they want to do business is helpful."
With regard to the reports, she stated that "we have them online so that anyone--the media, the public--can look at them, just to see what's out there in the world of security problems."
She also noted that the reports have been useful for businesses that have recently suffered a breach. "People have called me and asked do I have a form?" She said that she is able to tell them that "you may want to take a look at the ways that other companies have reported it to us."
Noether told me that that she hasn't heard a single complaint about the Web site and that she hasn't received any information to suggest that criminals were using the site to add credibility to their phishing attacks.
So much for the claims of the lobbyists. It's worth noting, however, that LexisNexis, one of the firms that flew a Washington D.C. lobbyist to Indianapolis to testify against the bill, has three different data breaches from 2007 listed on the New Hampshire DOJ site. Perhaps the company should spend more resources on protecting its customers' data, and less on lobbying?
Update: The text below was deleted from the post on February 18th. More details on its removal can be seen here. The original text has now been put back.
AT&T donated over $170,000 to Indiana state legislators in the 2006 election cycle while Verizon donated $48,000. Furthermore, while I'm sure that all 11 of the senators on the committee are all upstanding and honest legislators, I think it's worth mentioning that only one senator (Arnold) has not received thousands of dollars from AT&T in the past. The rest have all taken Ma Bell's money: Steele (R), Bray (R), Drozda (R), Zakas (R), Waltz (R), Waterman (R), Howard (D) Young (D), Tallian (D), Lanane (D).
I'm sure this in no way influenced their votes on Tuesday, but it sure does give you food for thought.
Update 2: When I wrote that original blog post back in February, detailing which members of the committee had received donations from AT&T, I neglected to do a bit of research. My efforts had been focused on just the members of the Senate Committee. I completely forgot to look up the donation history of Senator Brandt Hershman, the Republican Majority Whip, Senate "sponsor" of HB 1197, and the author of the amendment that stripped away 3/4 of the provisions in the original bill.
It turns out that while the senators on the committee each received $2000 from AT&T over the past few years, Senator Hershman has received even more love from Ma' Bell. He received $4000 from AT&T in 2004, and another $2500 in 2006 -- AT&T was his top contributor that year.
Again, just as with the other senators, I'm in no way claiming that Senator Hershman's actions were motivated by the big fat checks he received from AT&T. I am sure that he amended the bill to strip out the parts hated by lobbyists only after carefully considering the issues, and coming to the conclusion that Indiana consumers do not need an easy way to find out about companies that lose their personal data.
- prev
- 1
- next
