August 2010
13 posts
5 tags
Wikileaks - Assange Arrest Warrant →
Friday night an arrest warrant went out, and was then rescinded, for Wikileaks founder Julian Assange. He commented “We were warned to expect “dirty tricks”. Now we have the first one.” Even the New York Times was forced to call it “strange.” I think that was the wrong warning. Wikileaks is poking at a very dangerous system. We went to war with Iraq, claiming it had links to Al Qaida and...
4 tags
Pentagon Says Bradley Manning a Possible Suspect... →
The Pentagon regards Army intelligence analyst Bradley Manning as a possible suspect in leaking a classified six-year history of the U.S.-led war in Afghanistan that Wikileaks published over the weekend, a spokesman said Monday. “He is certainly one person that we would be looking at in terms of this leak,” said Col. Dave Lapan. “He’s not the only person. We’ve neither ruled in or ruled out PFC...
5 tags
US security chiefs tricked in social networking... →
Anna Chapman need never have bothered with moving to Manhattan to become a sleeper agent for the Russian intelligence service. The experience of another femme fatale, Robin Sage, suggests the 28-year-old spy, who posted raunchy photos on her Facebook profile, should instead have honed her social networking skills.
Full Article
4 tags
Report: Political Appointees Vetted DHS Public... →
Contrary to the Obama administration’s promised commitment to open government, the Department of Homeland Security, in a highly irregular move, filtered hundreds of public records requests through political appointees, allowing them to examine what was being requested and delay releasing sensitive material, according to internal e-mails obtained by the Associated Press.
Full Article (Threat...
3 tags
The Washington Post on the U.S. Intelligence... →
The Washington Post on the U.S. Intelligence Industry The Washington Post has published a phenomenal piece of investigative journalism: a long, detailed, and very interesting expose on the U.S. intelligence industry (overall website; parts 1, 2, and 3; blog; Washington reactions; top 10 revelations; many many many blog comments and reactions; and so on). It’s a truly excellent piece of...
3 tags
Microsoft Launches 'Coordinated' Vulnerability... →
Microsoft today revealed a new, modified approach to how it works with security researchers and handles vulnerability disclosures, including working with researchers to publicly release vulnerability details of a zero-day flaw when attacks are under way. In an interview with Dark Reading, Mike Reavey, director of Microsoft Security Response Center, said Microsoft is now promoting...
3 tags
Just another day in Internet-land →
So I’m goofing off at work, gambling with other peoples money using my fully patched but rootable browser, running on a fully patched but rootable operating system, occasionally downloading digitally signed malware…
Full Article
3 tags
Rebooting Responsible Disclosure: a focus on... →
Vulnerability disclosure policies have become a hot topic in recent years. Security researchers generally practice “responsible disclosure”, which involves privately notifying affected software vendors of vulnerabilities. The vendors then typically address the vulnerability at some later date, and the researcher reveals full details publicly at or after this time. A competing philosophy,...
3 tags
Strong profiling is not mathematically optimal for... →
The use of profiling by ethnicity or nationality to trigger secondary security screening is a controversial social and political issue. Overlooked is the question of whether such actuarial methods are in fact mathematically justified, even under the most idealized assumptions of completely accurate prior probabilities, and secondary screenings concentrated on the highest-probablity individuals....
4 tags
Court: Violating Terms of Service Is Not a Crime,... →
Good news: another federal judge has ruled that violating a website terms of service is not a crime. But there’s bad news, too — the court also found that bypassing technical or code-based barriers intended to limit access to or uses of a website may violate California’s computer crime law. The decision comes in Facebook v. Power Ventures, a case in which Facebook is suing a company...
2 tags
Online casino glitch let players use others' money →
For more than a hundred gamblers who logged on during the first few hours of British Columbia’s new online casino, the odds could not have been better. They were able to bet using other people’s money. While it’s not clear how many took advantage of the rare opportunity to experience risk-free gambling, the bizarre security breach prompted BC Lottery Corporation to close down...
5 tags
Researcher detained at U.S. border, questioned... →
A security researcher involved with the Wikileaks Web site was detained by U.S. agents at the border for three hours and questioned about the controversial whistleblower project as he entered the country on Thursday to attend a hacker conference, sources said on Saturday. He was also approached by two FBI agents at the Defcon conference after his presentation on Saturday afternoon about the Tor...
3 tags
Stealthy Government Contractor Monitors U.S.... →
A semi-secret government contractor that calls itself Project Vigilant surfaced at the Defcon security conference Sunday with a series of revelations: that it monitors the traffic of 12 regional Internet service providers, hands much of that information to federal agencies, and encouraged one of its “volunteers,” researcher Adrian Lamo, to inform the federal government about the...