Posted in Government, Privacy, Security, Technology on Apr 2nd, 2009
This week, IBM ran a full-page ad in the Wall Street Journal, which advertised that: New York’s “Real Time Crime Center can quickly query millions of pieces of information to uncover previously unknown data relationships and points of connection.” In Poland “personal and vehicle IDs can be instantly checked in an EU-wide database.” In Chicago: [...]
Posted in Forensics, Privacy, Security, Technology on Mar 16th, 2009
No matter where you go, your computer leaves footprints on the network. When you connect to the network, logon to your workstation, or surf the web, these activities leave trails throughout your employer or ISP’s network– even when the administrators are not deliberately trying to monitor your activity. Forensic analysts traditionally focus on hard drive [...]
Posted in Security, Technology on Mar 9th, 2009
For $40, anyone can purchase a cheap wireless AP and plug it into the company network. Often, employees do this simply for the sake of convenience, not realizing that it opens the company to attack. Criminals also deliberately plant wireless access points, which allow them to bypass the pesky firewall and remotely access the network [...]
Posted in Forensics, Government, Security, Uncategorized on Mar 2nd, 2009
The National Drug Intelligence Center has developed software called (ahem) “HashKeeper” “as its principal tool to expedite the analysis of electronic media.” Hahahaha….. Apparently, “HashKeeper is available free of charge.” Contact the National Drug Intelligence Center for more information. National Drug Intelligence Center c/o Mr. Steve Gironda Telephone: 814-532-4987 E-mail: ndic.domex.request@usdoj.gov Hat tip to John [...]
Posted in Economics, Legislation, Memory, Politics, Privacy, Security, Technology, Transit, Uncategorized on Feb 23rd, 2009
Last week marked the original official deadline for the Digital Television Transition, after which analog television broadcasts would be terminated. (The official deadline was recently extended to June 12, 2009.) To ease the transition, the US government launched the TV Converter Box Coupon Program, which “allows U.S. households to obtain up to two coupons, each [...]
One midsummer night in 1977, the power went out in New York City. “Thousands of people took to the streets and smashed store windows looking for TVs, furniture, or clothing… The police made 3,776 arrests, although…many thousands escaped before being caught. 1,037 fires burned throughout the City…” (Blackout History Project) The troublemakers weren’t faceless terrorists [...]
Posted in Security, Technology on Feb 9th, 2009
Walking through the Minneapolis airport, a friend and I came across something… not right. Apparently, the “New and Improved” Internet Access GateStation kiosk had rebooted, and hung with the BIOS displayed. We laughed and walked closer to get a good look. Interesting. It was configured to boot off a USB floppy drive. There couldn’t be [...]
Posted in Credit Cards, Economics, Privacy, Security on Feb 2nd, 2009
Credit bureaus and credit card companies have direct control over the risk of identity theft. They control the systems for granting and rescinding credit, including fundamental mediums for communication and related security features. Oddly, that doesn’t stop them from trying to profit when things go wrong. Credit companies strongly push their identity theft “protection” services, [...]
Sign on the old historical archive in Santa Fe, New Mexico. One chilly day last September, United Airlines’ stock temporarily crashed more than $1 billion due to an accidental re-release of an old news report about its 2002 bankruptcy. The New York Times reported that “shares of United traded at one cent… down 99.92 percent, [...]
Posted in Economics, Privacy, Security, Technology on Jan 12th, 2009
Matt Knox, a talented Ruby instructor and coder, talks about his early days designing and writing adware for Direct Revenue. (Direct Revenue was sued by Eliot Spitzer in 2006 for allegedly surreptitiously installing adware on millions of computers.) S: You wrote adware. You bastard. M: [sheepishly] Yes, I did. I got to write half of [...]
Posted in Security on Jan 5th, 2009
You can tell a lot about a company’s information security posture in 30 seconds. As a security consultant, I’m often amazed at how much I can infer from a simple walk between the front door and the conference room. If you see many computers of the same make and model with the same type of [...]
Posted in Privacy, Security, Technology on Dec 29th, 2008
Last week, the NSA was granted a patent which supposedly allows them to “Spot Network Snoops.”1 At first glance, the patent seems rather obscure and boring. However, it could have major implications for anonymity and privacy on the Internet. Back in 2005, the same NSA inventor, Michael Reifer, and a colleague were granted a patent [...]
Posted in Privacy, Security, Technology on Dec 21st, 2008
Early one recent Sunday, I took the train from Boston to New York City to visit the Transit Museum. When I arrived in New York, it was still too early for the museum to be open. I decided to step outside at Penn Station and grab a sandwich. I was surprised to see these signs: [...]
Posted in Economics, Memory, Philosophy, Security, Technology on Dec 14th, 2008
A few months ago I walked into Radio Shack, looking for a short-range FM transmitter. I asked the woman behind the counter if the store sold FM transmitters. “I don’t know,” she frowned. “The Internet’s down. I can’t access our product catalog.” (Gah!) Weeks later, I walked into a U-Haul to rent a truck. The [...]
United Airlines stock temporarily lost more than $1 billion in value last week, due to an “accidental” reposting of an old news article which indicated that UA was bankrupt. From the New York Times: “An erroneous headline that flashed across trading screens Monday, saying United had filed for a second bankruptcy, sent the airline’s stock [...]
Posted in Economics, Security, Technology on Sep 11th, 2008
For those of you who didn’t catch the full significance of Jon Warner’s GPS Spoofing demonstration, consider that GPS timing information is crucial for the financial industry: “Banking institutions and Foreign Exchange networks rely heavily on precision timing so a stock order placed on one side of the globe can be received almost instantly in [...]
Our global society relies on the civilian GPS for our communications networks, transportation of goods, power distribution, financial transactions and emergency response, using precise location information and time synchronization. Unfortunately, the GPS system was not designed for this purpose. The civilian GPS has dangerous security vulnerabilities which now leave our global society at risk of [...]
Posted in Security on Aug 25th, 2008
I stood in a dimly lit room at Argonne National Labs with both wrists handcuffed, working a tool into the mechanism on my right hand. “Push the cuff up and then down,” said Jon Warner helpfully. The cuff snapped open. We were in the Vulnerability Assessment Team’s (VAT) “museum,” a small display room in Argonne [...]
Posted in Security on Aug 17th, 2008
A friend of mine runs public servers which are regularly attacked by botnets. He writes: The hardest way to shut down a botnet is to just collect IPs and report it to the provider and the Feds… Sometimes, you just need to get proactive. Below are some excerpts from our latest discussion. Names have been [...]
Yesterday, USA Today published an article about fliers without ID, saying: “The Transportation Security Administration has collected records on thousands of passengers who went to airport checkpoints without identification, adding them to a database of people who violated security laws or were questioned for suspicious behavior… The database has 16,500 records of such people and [...]
