June 2010
26 posts
4 tags
Gregory Evans admits plagiarism charges.
(Audio...
2 tags
Anti-virus is a Poor Substitute for Common Sense →
A new study about the (in)efficacy of anti-virus software in detecting the latest malware threats is a much-needed reminder that staying safe online is more about using your head than finding the right mix or brand of security software. Last week, security software testing firm NSS Labs released the results of its latest controversial test of how the major anti-virus products fared in detecting...
3 tags
Researcher 'Fingerprints' The Bad Guys Behind The... →
Malware writers actually leave behind a telling trail of clues that can help identify their native tongue, their geographic location, their ties to other attacks — and, in some cases, lead law enforcement to their true identities. A researcher at Black Hat USA next month plans to give away a homemade tool that helps organizations glean this type of intelligence about the actual attacker...
4 tags
Remote Kill and Install on Google Android →
In this post, I’ll talk about the REMOVE_ASSET and INSTALL_ASSET mechanisms that can be invoked by Google via Android’s GTalkService to not only remotely remove applications from an Android device but also remotely install new applications.
Full Article (Jon.Oberheide.org - jon.oberheide.org)
3 tags
Location Services Raise Privacy Concerns →
Location-based services are becoming more common and the features they add to mobile devices can be useful and even fun. But they also bring concerns about privacy and safety. Several sites take a social networking approach such as Foursquare.com Gowalla.com and Yelp. All three offer options where a user shares their location with friends. For example on Foursquare one can “check in”...
4 tags
Apple collecting, sharing iPhone users' precise... →
Apple Inc. is now collecting the “precise ” “real-time geographic location” of its users iPhones iPads and computers. In an updated version of its privacy policy the company added a paragraph noting that once users agree Apple and unspecified “partners and licensees” may collect and store user location data. When users attempt to download apps or media from...
3 tags
The strange and consequential case of Bradley... →
On June 6, Kevin Poulsen and Kim Zetter of Wired reported that a 22-year-old U.S. Army Private in Iraq, Bradley Manning, had been detained after he “boasted” in an Internet chat — with convicted computer hacker Adrian Lamo — of leaking to WikiLeaks the now famous Apache Helicopter attack video, a yet-to-be-published video of a civilian-killing air attack in Afghanistan,...
4 tags
Wikileaks: CIA studied why people steal secrets →
Officials and others pondering why U.S. Army intelligence analyst Bradley Manning allegedly leaked reams of classified documents to Wikileaks need look no further than a 20-year-old CIA study on moles. Project Slammer, now partially declassified, was based on extensive prison interviews with some 30 former military and intelligence personnel who had been convicted of spying for Russia, China and...
5 tags
[HOPE Conference] Speaker Under Threat By U.S.... →
In a story that continues to get more interesting with each passing day, one of our keynote speakers for The Next HOPE is said to be in great danger of being apprehended or worse by the United States government after a source of sensitive information was arrested. Our keynote speaker, Julian Assange of Wikileaks, published a video back in April that showed U.S. troops firing on unarmed Reuters...
3 tags
Microsoft hides mystery Firefox extension in... →
As part of its regular Patch Tuesday, Microsoft released an update for its various toolbars, and this update came with more than just documented fixes. The update also installs an add-on for Internet Explorer and an extension for Mozilla Firefox, both without the user’s permission. As you can see in the Windows Update screenshot above, Microsoft does not indicate that the update will...
3 tags
iPad 'vulnerability': A Reality Check →
I was asked by our PR team today whether that was a story on the recent iPad ‘vulnerability’ that is doing the rounds in both the tech and mainstream media. The vulnerability was found by Goatse Security (great name guys) and is being pitched as ‘Apple’s worse security breach’. The situation has got massively out of hand, I recieved a number of emails from worried...
5 tags
SCOwned: no new trial, Novell can shut down IBM... →
SCO was dealt yet another blow in court today when District Judge Ted Stewart rejected the company’s motion requesting a new trial or judgement of law. In a ruling issued today, Judge Stewart sided with a jury that issued a verdict against SCO in April, finding that Novell was the rightful owner of the UNIX SVRX copyrights. According to Judge Stewart, SCO failed to demonstrate that the...
4 tags
Apple's Worst Security Breach: 114,000 iPad Owners... →
Apple has suffered another embarrassment. A security breach has exposed iPad owners including dozens of CEOs, military officials, and top politicians. They—and every other buyer of the wireless-enabled tablet—could be vulnerable to spam marketing and malicious hacking. The breach, which comes just weeks after an Apple employee lost an iPhone prototype in a bar, exposed the most exclusive email...
5 tags
2 tags
Apple's "evil genius" plan to punk the web and... →
There were two awkward moments yesterday at Apple s World Wide Developers Conference. A few sites have already made much of Steve Jobs wireless networking difficulties during his demonstration. But the real awkward moment was when Jobs launched into his defense of Apple s app approval process which was a kind of “take it or leave it” apologia that for the most part didn t answer any...
3 tags
Should the U.S. support Internet freedom through... →
The foreign policy priorities enumerated by the State Department, from Secretary of State Clinton to senior innovation advisor Alec J. Ross to case officers abroad, now include supporting Internet freedom around the world. As always with big ideas, the devil is in the details. “The issue for governments is that the same technology used for Internet freedom can be used for porn, copyright...
2 tags
Ten Tips to Prevent Identity Theft →
How much information does someone really need to know in order to impersonate you to a 3rd-party? Your name? Birth date? Address? Armed with easily found information such as this, and maybe a couple other key pieces of information such as the high school you went to, your dog’s name or your mother’s maiden name, an individual might be able to access your existing accounts or establish new loans...
2 tags
What would your ultimate network security look... →
Is it possible that given a clean slate and likely millions of dollars, engineers could come up with the ultimate in secure network technology? The scientists at the Defense Advanced Research Projects Agency (DARPA) think so and this week announced the Clean‐Slate Design of Resilient, Adaptive, Secure Hosts (CRASH) program that looks to lean heavily on human biology to develop super-smart,...
4 tags
Plaintext over Tor is still plaintext →
Recently, a few articles have been published regarding Tor, Wikileaks, and snooping data coming out of the Tor network. I write to remind our users, and people in search of privacy enhancing technology, that good software is just one part of the solution. Education is just as important. This is why there is a warning on the Tor download page about what Tor does and does not do. We also have a...
2 tags
Leaks And Pitchforks →
How quickly we collectively rush into the breach in an effort to lynch the rat. But, wait. Do we know the facts of the case? Really? I know that I don’t. I’m often surprised by mob rule and the ebb and flow that it encompasses. Admittedly I have been drawn in on occassion. What can I say? I’m human.
Full Article (Liquidmatrix Security Digest - liquidmatrix.org)
4 tags
U.S. Intelligence Analyst Arrested in Wikileaks... →
Federal officials have arrested an Army intelligence analyst who boasted of giving classified U.S. combat video and hundreds of thousands of classified State Department records to whistleblower site Wikileaks, Wired.com has learned. SPC Bradley Manning, 22, of Potomac, Maryland, was stationed at Forward Operating Base Hammer, 40 miles east of Baghdad, where he was arrested nearly two weeks ago...
2 tags
Security Expert Dan Kaminsky to Keynote HOPE... →
We’re pleased to announce that security expert Dan Kaminsky will be one of the keynote speakers at The Next HOPE, taking place in New York City July 16-18, 2010. As previously announced, Julian Assange of Wikileaks will also be keynoting. Dan KaminskyDan has a widely respected history in the computer security world, probably best known for discovering the 2008 DNS cache poisoning vulnerability,...
4 tags
Opt-Out Required to Prevent Your Yahoo! Mail... →
Earlier this week, Yahoo! announced a plan to try to leverage its Yahoo! Mail users’ contacts into a social network of friends who will receive your Yahoo! Updates. Once the most visited website in the world, Yahoo! now ranks fourth worldwide, reaching about a quarter of all Internet users each day. Like Google Buzz’s ill-fated launch using Gmail contacts, Yahoo! wants to jump start...
3 tags
Operating System Choice Does Not Equal Security →
Yesterday while some of us in the USA were enjoying a day off Google made the news with this article in the Financial Times stating that they are moving away from Microsoft Windows due to security concerns. My first reaction was to question why a company with as many smart brains as Google would make such a misguided decision. That was, of course, before I actually read the entire article.
...
3 tags
WikiLeaks Was Launched With Documents Intercepted... →
WikiLeaks, the controversial whistleblowing site that exposes secrets of governments and corporations, bootstrapped itself with a cache of documents obtained through an internet eavesdropping operation by one of its activists, according to a new profile of the organization’s founder. The activist siphoned more than a million documents as they traveled across the internet through Tor, also known...
3 tags
Google dumps Windows? Are Google’s security issues... →
Per article in Financial Times, Google is not deploying user systems with a Microsoft operating system without very high level clearance. The statement (not seemingly from an official spokesperson) is that they were tightening up security after the recent Aurora incident. Let me make just a few observations:
Full Article (Noodle On This… - noodleonthis.com)