October 2008
52 posts
2 tags
The Call of Cthubuntu →
In the dark, abysmal depths, there dwell timeless alien horrors that once roamed the void of space in the ages before the earliest building blocks of life congealed within the primordial waters of our doomed planet. From far beyond the stars, they came to this world when it was young and forged mighty edifices in the inaccessible places where nothing else could exist, there to rest in dreamful...
2 tags
iPod as device for stealing data →
BANGALORE: Just a month ago, a Bangalore-based construction company lost a multi-crore tender by a thin margin. Baffled company officials vowed there was no way the rival firm could have come so near to their bid. Soon, investigation proved them right and it was found the tender documents were leaked. The company was in a dilemma to find the mole. Only a few persons were aware of the tender...
1 tag
Windows 7 management features will make IT admins... →
Throughout this week’s Professional Developers Conference, Microsoft has been demonstrating a number of new features designed to make the lives of IT types easier. Shanen Boettcher, General Manager of Windows Product Management for the enterprise, demonstrated some of these features at a Windows 7 press briefing, and we’ve had the chance to look at some of them ourselves....
3 tags
A decade of the DMCA: keep the Safe Harbor, ditch... →
Ten years ago this week, President Clinton (remember him?) signed the Digital Millennium Copyright Act into law. Ostensibly passed to bring US copyright law in line with World Intellectual Property Organization treaties, the law has had a variety of effects, some good, others obviously not. If there ha been any unambiguous impact of the law, it has been that it has provided a whole new venue for...
3 tags
Google unveils Android platform roadmap, accepts... →
Google has published a short-term roadmap for Android that provides some insight into the company’s plans for upcoming feature enhancements. Support for localization in the user interface and application framework are one of the major goals. Google aims to complete a German translation by the end of the year and will add French, Italian, and several other languages early next year. This will...
2 tags
A picture is worth a thousand passwords →
Data security is a hard enough problem to solve on even a heavily regulated corporate network, but it becomes even more difficult when users are out in the wild with PDAs, cell phones and other portable communications devices. A recent PhD project at the University of Twente in the Netherlands has described a user-friendly solution to cryptography for ad-hoc network transfers, such as sending...
3 tags
10 Years Later, Misunderstood DMCA is the Law That... →
If you’re wondering whom to thank for the Web 2.0 explosion in interactive websites, consider sending a bouquet to Congress. Today’s internet is largely an outgrowth of the much-reviled Digital Millennium Copyright Act that lawmakers passed in 1998, and President Clinton signed into law exactly a decade ago Tuesday. Blogs, search engines, e-commerce sites, video and social-networking...
3 tags
Your keyboard may be tattling on your typing →
The paranoid have lots of reasons to fear the current information age. Iffy wireless security protocols leave many wireless networking devices prone to snooping, while keyloggers have been used by malware writers to compromise security of wired systems. But researchers in Switzerland have given the security conscious another reason to be worried: they’ve found that they can snoop in on the...
2 tags
4 tags
Outsourced passports netting govt. profits,... →
This is the first in a three-part series on the outsourcing of passports. The United States has outsourced the manufacturing of its electronic passports to overseas companies — including one in Thailand that was victimized by Chinese espionage — raising concerns that cost savings are being put ahead of national security, an investigation by The Washington Times has found. Bert V. Goulait/The...
2 tags
Girls geek out over dinner →
A group of women who define themselves as ‘girl geeks’ are trying to encourage a greater female presence in the technology industry by arranging Girl Geek Dinners across the world. Technology conferences can often be all-male affairs and in some countries the technology industry employs very few female workers. Digital Planet’s reporter Angela Saini, attended their most recent...
3 tags
Damning Report On Sequoia E-Voting Machine... →
TechDirt notes the publication of the New Jersey voting machine study, the attempted suppression of which we have been discussing for a while now. The paper that the Princeton and Lehigh University researchers are releasing, as permitted by the Court, is “the same as the Court’s redacted version, but with a few introductory paragraphs about the court case, Gusciora v. Corzine.”...
2 tags
WatchVulnerabilities of Electronic Voting Machines
A one hour panel discussion held July 18, 2008 at The Last Hope conference, New York city. Discussion was lead by Matt Blaze, associate professor, Computer Sciences Department, University of Pennsylvania, reporting on a study sponsored by Ohio Secretary of State.
The Secretary of State’s Executive summary report can be found here.
2 tags
Why the Kill Switch Make Sense for Android, and... →
“Gasp!” went the collective Internet on Wednesday when the IDG News Service spotted a clause in the terms of service for Google’s Android Market stating that: Google may discover a product that violates the developer distribution agreement … in such an instance, Google retains the right to remotely remove those applications from your device at its sole discretion.
Full Article
4 tags
Compromising Electromagnetic Emanations of Wired... →
Computer keyboards are often used to transmit sensitive information such as username/password (e.g. to log into computers, to do e-banking money transfer, etc.). A vulnerability on these devices will definitely kill the security of any computer or ATM. Wired keyboards emit electromagnetic waves, because they contain eletronic components. These eletromagnetic radiation could reveal sensitive...
3 tags
Data Is a Loaded Gun →
One thing that never ceases to amaze me is the love we humans have for cherry-picking data to come to conclusions. A fine example is this Malcom Gladwell article in which, in an attempt to prove the hypothesis that SUVs are unsafe due to poor handling, he runs a Chevrolet TrailBlazer and a Porsche Boxster Convertible through the Consumer Reports test track. Unsurprisingly the $50,000 sports car...
3 tags
A plan: Refutation of mavericks and hopes of... →
The 2008 Presidential election is guaranteed to be historic simply based on the candidates. We will either have our first black president or first woman vice president. Not unlike previous election cycles as recently as Herbert Walker Bush the economy (stupid) is the issue. The hyperbole and failed policy of “read my lips” has not occurred though we do have “I’m the decider”. Past performance...
1 tag
The eyeballing game →
The game works by showing you a series of geometries that need to be adjusted a little bit to make them right. A square highlights the point that needs to be moved or adjusted. Use the mouse to drag the blue square or arrowhead where you feel it is ‘right’. Once you let go of the mouse, the computer evaluates your move, so don’t let up on the mouse button until you are sure. The...
3 tags
Why Technology Isn't The Answer To Better Security →
Not to be alarmist, but WAKE UP, PEOPLE! Our information security is, in many ways, failing.
Ask the 11 alleged hackers charged in August with breaking into TJX and other retailers by way of insecure Wi-Fi. Forty million credit and debit card numbers were stolen. Ask the Medicaid claims processor at the outsourcer EDS. In February she pleaded guilty to stealing Social Security numbers and dates...
3 tags
Is Twitter the newest data security threat? →
One of the most dangerous threats to data security is also one of the least talked about: employees. Are Twitter and other microblogging sites yet another avenue through which sensitive data can leak out of the corporate database and into the hands of … anyone? Perhaps more worrisome, what information are you giving away simply by being a part of the community? Of course Twitter is a...
3 tags
McCain/Palin campaign angry over bogus DMCA... →
Concerns about DMCA takedown abuse and fair use aren’t limited to Lawrence Lessig, the EFF, and Free Press—John McCain and Sarah Palin are going all mavericky on the issue as well. Yesterday, their campaign sent a letter to YouTube complaining about rightsholders (especially news organizations) that filed illegitimate DMCA takedown notices and managed to have important campaign clips pulled...
3 tags
Windows 7: It’s the one that’s 3-ish after... →
We wrote a few days ago that following Microsoft’s decision to officially call its next operating system Windows 7, there were simply too many opportunities for a good headline. Well, now we get another chance thanks to Microsoft. In a post so ridiculous that I find it hard to believe it’s serious, Microsoft’s Mike Nash lays out how Microsoft got to the “7″ in Windows 7. The problem is really the...
2 tags
First look: Firefox 3.1 beta 1 officially released →
Mozilla has announced the availability of the first Firefox 3.1 beta release, an important development milestone for the popular open source web browser. Mozilla aims to make Firefox 3.1 a strong incremental improvement with user interface enhancements, new features, and increased support for emerging web standards. The new beta release includes a modest handful of noteworthy changes that improve...
3 tags
The Spreadsheet Psychic →
In a month when the Dow had its worst single-day plunge in over twenty years, when Lehman imploded, AIG faltered, and WaMu failed, when the word crisis became an everyday staple in newspaper headlines and the presidential race pulled close, then pulled apart, when the Chicago Cubs kicked off a playoff quest to win their first championship in 100 years (then got swept out in three straight games)...
1 tag
3 tags
The Rise of the Machines →
“BEWARE of geeks bearing formulas.” So saith Warren Buffett, the Wizard of Omaha. Words to bear in mind as we bail out banks and buy up mortgages and tweak interest rates and nothing, nothing seems to make any difference on Wall Street or Main Street. Years ago, Mr. Buffett called derivatives “weapons of financial mass destruction” — an apt metaphor considering that the Manhattan Project’s math...
3 tags
2 tags
Strange Ironies →
There have been a lot of strange ironies for me in the last week in the security world. Rather than expound on any one of them, I thought I’d take a stab at all of them all at once. So bear with me — you’re in for a ride.
Full Article
4 tags
World Bank under cyberattack? →
The computer network used by the World Bank Group has suffered a series of at least six intrusions since mid-2007, according to a report. The World Bank Group was first notified of the intrusions by the FBI in September 2007, when the bureau was investigating another cybercrime case involving transactions out of Johannesburg, South Africa. Fox News said it has an internal memo (PDF) describing the...
3 tags
Accused Palin hacker has a history of intrusion →
The college student charged with illegally accessing Alaska Governor Sarah Palin’s e-mail has been accused of computer intrusion before, although last time he faced only an afternoon detention. David Kernell allegedly broke into a school server about eight years ago while studying at Eastern Hills Middle School in Harker Heights, Texas, one of his former teachers said Wednesday.
Full...
4 tags
NSA eavesdropped on Americans, journalists in... →
Two whistleblowers have come forward to ABC News with allegations that the NSA routinely listened in on the phone calls of ordinary Americans, journalists, aid workers, and military personnel who were living in the Middle East and calling friends and loved ones back in the US. Both of these whistleblowers were employed by the NSA as intercept operators at a facility in Fort Gordon, Georgia, where...
2 tags
A Chindogu Clock for Procrastinators →
Setting one’s clock ahead by 15 minutes is a useful trick for procrastinators. I do this myself with my alarm clock, not that it ever does me any good, in the hopes of being a little bit earlier out of bed.
Full Article
2 tags
Hulu's live debate streaming—cable's worst... →
As if the live presidential debate coverage on every major network and news website weren’t enough, tonight’s lexical blizzard will be streamed by Hulu, too—straight to you! (Yes, I’ve been reading children’s books / And learned that rhyming really cooks!) For distribution, the move couldn’t matter less, but the fact that Hulu is now branching out into live streaming...
4 tags
Homeland Security seeks cyber counterattack system →
First, there was “Einstein,” the federal government’s effort to protect itself from cyber attacks by limiting the number of portals to government computer systems and searching for signs of cyber tampering. Then Einstein 2.0, a system now being tested to detect computer intrusions as they happen.
Full Article
Additional commentary
3 tags
Mail Goggles: A breathalyzer test for your Gmail →
How many times have you stumbled home after a long night out with friends, only to plop down in front of the computer and start sending e-mails that you would wake up regretting the next day? OK, maybe some of our older readers in the crowd have never moved beyond “drunk dialing,” but many of us are probably more familiar with the embarrassing phenomenon, a technological evolution of...
3 tags
Google Has Changed Political Debate Forever →
When I was on the high school debate team, about 15 years ago, using the Internet was considered strange, if not cheating. We used photocopy machines, print magazines and academic journals almost exclusively. That time in the world’s history is now gone forever.
Full Article
4 tags
A quantum crack that wasn't: new attack hits... →
Quantum cryptography has gained a lot of notoriety in recent years because it is thought to be fundamentally secure, relying on the laws of nature to guarantee security. The basic idea boils down to the fact that no one can observe a quantum system without altering it. The alterations can be detected as an increase in the error rate of the communications system, alerting everyone to a potential...
3 tags
The Man Who Stuck His Head Inside a Particle... →
So with all the recent news about the Large Hadron Collider, many of you may have this nagging question: what, exactly, would happen if you stick your head in the particle accelerator?
Full Article
3 tags
Judge temporarily halts sales of RealDVD in wake... →
Less than a week after RealNetworks launched its new DVD ripping and archiving product, RealDVD, a court has ordered the company to temporarily suspend its distribution. A visit to the RealDVD web site reveals a message from Real, stating that the product is unavailable. “Due to recent legal action taken by the Hollywood movie studios against us, RealDVD is temporarily unavailable,”...
3 tags
Norwegian standards body implodes over OOXML... →
Standards Norway, the organization that manages technical standards for the Scandinavian country, took a serious blow last week when key members resigned in protest over procedural irregularities in the approval process for Microsoft’s Office Open XML (OOXML) format. The 23-person technical committee has lost 13 of its members.
Full Article
2 tags
Outpost24's TCP DOS Attack Explained →
Robert Lee and Jack Louis recently went public claiming to have discovered a new and devastating denial of service (DoS) vulnerability in the core TCP/IP protocol stack used for almost all Internet communication. They refuse to release details before their talk at the T2 security conference in Finland on October 17. Yet they have given many alarming interviews, and the press is having a field day...
3 tags
Right back at ya, CAPTCHA: bad guys crack Gmail,... →
The decline in CAPTCHA efficacy has been an ongoing story in 2008, as hackers and malware authors have steadily found ways to chip away at the protection these security practices were once thought to offer. Now, new findings indicate that both Gmail and Windows Live Hotmail have been compromised again, this time via a more-streamlined attack process. With two of the largest webmail providers once...
3 tags
System Shocks →
A top-level conclusion from my book Brave New War is that security in the future, from economic to physical to environmental to social, will be measured by our responses to a never-ending series of global system shocks derived from a plethora of sources. Unfortunately, we are likely to fare badly.
Full Article
2 tags
The Atlas of the Real World →
The Atlas of the Real World uses software to depict the nations of the world, not by their physical size, but by their demographic importance on a range of subjects. Here, we select a series of travel- and news-related maps.
Source Link
3 tags
GIMP 2.6 released, one step closer to taking on... →
A new release of the venerable GNU Image Manipulation Program (GIMP) is now available for download. Version 2.6 offers a variety of new features, user interface improvements, and is also the first release to include support for the Generic Graphics Library (GEGL), a powerful, graph-based image editing framework.
Full Article
4 tags
Why society should pay the true costs of security →
It’s not true that no one worries about terrorists attacking chemical plants. It’s just that our politics seem to leave us unable to deal with the threat. Toxins such as ammonia, chlorine, propane and flammable mixtures are being produced or stored as a result of legitimate industrial processes. Chlorine gas is particularly toxic; in addition to bombing a plant, someone could hijack a...
3 tags
3 tags
New DoS Attack Is a Killer →
Things are a-brewin’ in Sweden. Sweden is not just home of the infamous bikini team, it is also the home of Outpost 24, an equally sexy software-as-a-service network scanning service, and the employer of my friend Robert E. Lee and his colleague Jack C. Louis. These guys are the inventors of UnicornScan, a user-land TCP stack turned into a port scanner. Never heard of it? Use Nmap exclusively?...
4 tags
A Look at the Clickjacking Web Attack and Why You... →
There’s a nasty new security threat making waves on the web. Actually, clickjacking, as this attack is known, isn’t entirely new, but because no one has yet come up with an effective solution, it remains a serious threat. And clickjacking is the worst sort of security risk — it’s transparent to the unwitting user, simple to implement and difficult to stop.
Full Article
2 tags
Is New York City an anti-white space town? →
The New York City Council heard testimony about the dangers and prospects of unlicensed “white space” devices on Tuesday. Speakers pro and con discussed the question of whether allowing unlicensed applications to tap into unused TV channels would pose a threat to the wireless microphone systems that Broadway production companies depend on. As Ars readers know, this debate normally...