September 2010
23 posts
2 tags
Video: Bank Customers Foil ATM Skimmer →
Authorities in Europe have seized a nice video recorded by a group of carders showing the criminals installing a skimming device and hidden camera at an ATM in the United Kingdom to steal customer PINs. Filmed from the hidden pinhole camera itself, installed above the ATM, the video shows how easy it is to capture the PINs as customers enter them on the keypad. But a few wily customers, who are...
2 tags
T-Mobile Claims Right to Censor Text Messages →
T-Mobile told a federal judge Wednesday it may pick and choose which text messages to deliver on its network in a case weighing whether wireless carriers have the same “must carry” obligations as wire-line telephone providers. The Bellevue, Washington-based wireless service is being sued by a texting service claiming T-Mobile stopped servicing its “short code” clients after it signed up a...
3 tags
Massachusetts data breach reporting law: I know... →
I recently attended an event where Scott Schafer, Chief of the Consumer Protection Division of the Massachusetts Attorney General’s office, reiterated the AG’s take on some aspects of MGL 93H, the Massachusetts data breach reporting law. Specifically, Assistant AG Schafer put forward a very strict interpretation of the definition of breach in 93H, covering when you must report a breach. The AG’s...
3 tags
evercookie - virtually irrevocable persistent... →
evercookie is a javascript API available that produces extremely persistent cookies in a browser. Its goal is to identify a client even after they’ve removed standard cookies, Flash cookies (Local Shared Objects or LSOs), and others.
Link (samy.pl)
You may want to reconsider using NoScript for Firefox.
3 tags
3 tags
Nasty Twitter Worm Outbreak →
Several new Internet worms are spreading quite rapidly via a newly-found vulnerability in Twitter.com. While the flaw that powers these attackers will most likely be sewn shut in a matter of hours, if you’re going to frequent Twitter today you’d be wise to use a Twitter client or at least block Javascript on the site, as these worms appear to be spreading with little to no interaction on the...
2 tags
5 tags
Hello MPAA, I'm a Pirate →
Dear Motion Picture Association of America (MPAA), That’s right, I am one of those dastardly pirates that engages in Peer-to-Peer (P2P) theft, downloading movies when so inclined. I do not do it because I have a fascination with breaking the law, nor am I struggling for money. I do it because it is convenient, and the movie industry has done an incredibly poor job meeting consumer demands,...
2 tags
Google Adds 2-Factor Security to Gmail, Apps →
Google said today that it will begin offering users greater security protections for signing in to Gmail and other Google Apps offerings. This “two-step verification” process — which requires participating users to input a user ID, password and six-digit code sent to their mobile phones — effectively means Google will be offering more secure authentication than many U.S. financial institutions...
4 tags
Guess What, You Don’t Own That Software You Bought →
A federal appeals court said Friday that software makers can use shrink-wrap and click-wrap licenses to forbid the transfer or resale of their wares, an apparent gutting of the so-called first-sale doctrine. The first-sale doctrine is an affirmative defense to copyright infringement that allows legitimate owners of copies of copyrighted works to resell those copies. That defense, the court said,...
3 tags
Massive Cache of Iraq War Docs to Be Published by... →
A massive cache of previously unpublished classified U.S. military documents from the Iraq War is being readied for publication by WikiLeaks, a new report has confirmed. The documents constitute the “biggest leak of military intelligence” that has ever occurred, according to Iain Overton, editor of the Bureau of Investigative Journalism, a nonprofit British organization that is working with...
5 tags
New (German) government ID cards easily hacked →
The sensitive personal information found on the new German identification cards with data chips scheduled for nationwide introduction this November can be easily hacked, according to testing done by a TV news show. Public broadcaster ARD’s show “Plusminus” teamed up with the hacker organisation the Chaos Computer Club to find out how secure the controversial new radio-frequency (RIHD) chips...
2 tags
Revisiting Secunia’s Personal Software Inspector →
Security vulnerability research firm Secunia has released a public beta of its Personal Software Inspector tool, a program designed to help Microsoft Windows users keep their heads above water with the torrent of security updates for third-party applications. The new beta version includes the promised auto-update feature that can automatically apply the latest patches for a growing number of...
4 tags
ACLU Sues Over Laptop Border Searches →
An Obama administration policy allowing U.S. border officials to seize and search laptops, smartphones and other electronic devices for any reason was challenged as unconstitutional in federal court Tuesday. Citing the government’s own figures, the American Civil Liberties Union and the National Association of Criminal Defense Lawyers claim about 6,500 persons had their electronic devices...
2 tags
5 tags
Quantum Crypto is Quantum Backdoored, But It’s Not... →
Nature reports that Quantum Cryptography has been completely broken in “Hackers blind quantum cryptographers.” Researcher Vadim Makarov of the Norwegian University of Science and Technology constructed an attack on a quantum cryptography system that “gave 100% knowledge of the key, with zero disturbance to the system,” as Makarov put it.
Full Article
5 tags
Security Researcher Arrested for Refusing to... →
An Indian computer scientist was arrested this weekend when he refused to disclose an anonymous source who provided an electronic voting machine to a team of security researchers. Hari Prasad is the managing director of Netindia Ltd., an Indian research and development firm. He and other researchers have long questioned the security of India’s paperless electronic voting machines. Despite...
4 tags
Steve Jobs Is Watching You: Apple Seeking to... →
It looks like Apple, Inc., is exploring a new business opportunity: spyware and what we’re calling “traitorware.” While users were celebrating the new jailbreaking and unlocking exemptions, Apple was quietly preparing to apply for a patent on technology that, among other things, would allow Apple to identify and punish users who take advantage of those exemptions or otherwise...
2 tags
Backtalk Doublespeak on Encryption →
Storefront-Backtalk magazine had an interesting post on Too Much Encrypt = Cyberthief Gift. And when I say ‘interesting’, I mean the topics are interesting, but the author (Walter Conway) seems to have gotten most of the facts wrong in an attempt to hype the story. The basic scenario the author describes is correct: when you encrypt a very small range of numbers/values, it is...
4 tags
Sweden reopens Wikileaks founder rape... →
A senior Swedish prosecutor has ordered the reopening of a rape investigation into Wikileaks founder Julian Assange. Public Prosecutions Director Marianne Ny said there was “reason to believe a crime has been committed” and that the crime was classified as rape.
Full Article
6 tags
After BlackBerry, India Now Wants Access to... →
…and there it is. RIM has backed down in the face of pressure from the Indian security establishment. Now the Indian security establishment appear to have become emboldened. As a result they’re seeking out data from any source they can get their hands on.
Full Article
4 tags
Dead Codebreaker Was Linked to NSA Intercept Case →
A top British codebreaker found mysteriously dead last week in his flat had worked with the NSA and British intelligence to intercept e-mail messages that helped convict would-be bombers in the U.K., according to a news report. Gareth Williams, 31, made repeated visits to the U.S. to meet with the National Security Agency and worked closely with British and U.S. spy agencies to intercept and...
4 tags
Detecting Deceptive Discussions in Conference... →
Abstract: We estimate classification models of deceptive discussions during quarterly earnings conference calls. Using data on subsequent financial restatements (and a set of criteria to identify especially serious accounting problems), we label the Question and Answer section of each call as “truthful” or “deceptive”. Our models are developed with the word categories...