May 2011
30 posts
3 tags
Google Fixes More Than 25 Bugs in Chrome, Pays... →
Google has released another new version of Chrome that fixes a total of 27 different bugs on various platforms. The company paid out $16,500 in bounties to researchers for the vulnerabilities they reported, including one $3,000 payment for a high-severity bug. The new version of Chrome, version 11.0.696.57, fixes a slew of high-severity vulnerabilities, most notably a URL bar spoofing problem...
April 2011
51 posts
1 tag
We Heart: Douglass Boulevard Christian Church →
Last week, a small church in Kentucky renounced their right to grant marriages to heterosexual couples until full equality for same-sex couples has been legalized at the federal level. The congregation of Douglass Boulevard Christian Church (DBCC) voted unanimously for the church to stop signing marriages licenses.
Full Article
6 tags
Recent News (RE: PSN) →
To start, I sure am glad I don’t have a PSN account about now. And, as a onetime victim of identity theft, I feel for everyone who’s data has been stolen. I’m not going to make cracks at Sony for flipping a shit when /their/ data is compromised, and not even having the decency to apologize when it’s your data that’s misappropriated. And to anyone who thinks I was...
1 tag
4 tags
Sony: Hackers Nabbed Info Of 70 Million Members →
Sony admitted that hackers broke into its PlayStation Network online gaming network made off with the personal information of more than 77 million members in what would be one of the largest reported data breaches in history.
Full Article
3 tags
Apple Accused in Suit of Tracking IPad, IPhone... →
Apple Inc. (AAPL) was accused of invasion of privacy and computer fraud by two customers who claim in a lawsuit that the company is secretly recording movements of iPhone and iPad users. Vikram Ajjampur, an iPhone user in Florida, and William Devito, a New York iPad customer, sued April 22 in federal court in Tampa, Florida, seeking a judge’s order barring the alleged data collection.
Full...
3 tags
WikiLeaks Donations Topped $1.9 Million in 2010 →
A German nonprofit that processes most of the donations submitted to the secret-spilling site WikiLeaks has finally made good on a nearly year-old promise to release a report detailing how those donations are spent — though the report remains silent on how much money was paid to WikiLeaks founder Julian Assange. The Berlin-based Wau Holland Foundation, which accepted donations for WikiLeaks via...
5 tags
Data loss hit an all-time low in 2010... But don’t... →
In the 2011 Data Breach Investigations Report (DBIR) from Verizon Business, the number of compromised records hit an all-time low, while the number of incidents hit an all-time high. Yet, once you move past the numbers and look at what they represent, the report paints a dark picture of the state of security in the business world.
Full Article
6 tags
Millions of Passwords, Credit Card Numbers at Risk... →
Sony warned today that intruders had broken into its PlayStation online game network, a breach that may have jeopardized the user names, addresses, passwords and credit card information of up to 70 million customers. In a post to the company’s PlayStation blog, Sony spokesman Patrick Seybold said the breach occurred between April 17 and April 19, and that user information on some PlayStation...
5 tags
Bradley Manning to Be Moved From Quantico →
WikiLeaks suspect Bradley Manning is being moved from the Quantico brig where he is currently being held to the prison at Ft. Leavenworth in Kansas, according to the Pentagon. The Associated Press reported that the move is connected to criticism about how the Marine Corps brig in Quantico, Virginia, has treated the Army soldier. But at a press conference on Tuesday, the Army’s general counsel...
3 tags
198 Methods of Nonviolent Action →
These methods were compiled by Dr. Gene Sharp and first published in his 1973 book, The Politics of Nonviolent Action, Vol. 2: The Methods of Nonviolent Action. (Boston: Porter Sargent Publishers, 1973). The book outlines each method and gives information about its historical use.
Full Article
9 tags
How can US law enforcement agencies access... →
Over the past day, the iPhone location scandal has expanded beyond location data retained on the phone to data sent by iPhones and Android devices back to Apple and Google. This raises some really interesting issues, particularly regarding the degree to which these companies can be compelled to disclose that data to law enforcement agencies. In this blog post, I am going to try and examine the...
2 tags
Dropbox authentication: insecure by design →
For the past several days I have been focused on understanding the inner workings of several of the popular file synchronization tools with the purpose of finding useful forensics-related artifacts that may be left on a system as a result of using these tools. Given the prevalence of Dropbox, I decided that it would be one of the first synchronization tools that I would analyze, and while...
5 tags
Sony admits utter PSN failure: your personal data... →
Sony has finally come clean about the “external intrusion” that has caused the company to take down the PlayStation Network service, and the news is almost as bad as it can possibly get. The hackers have all your personal information, although Sony is still unsure about whether your credit card data is safe. Everything else on file when it comes to your account is in the hands of the...
5 tags
DOJ Warns Gitmo Defense Attorneys Not to Use Gitmo... →
As many of you have undoubtedly heard or read, government documents that may contain classified information have been released via the news media. As a reminder, information that is marked as classified, or that a person with access to classified information knows to be classified, remains as such despite a potential public disclosure by unauthorized means. Classified National Security...
4 tags
WikiLeaks Hits Pentagon Again With Leak Of 759... →
WikiLeaks has taken a detour from its ongoing embarrassment of the State Department to publish a new batch of leaked files: the records of 759 detainees held in the Pentagon’s Guantanamo prison. The revelations in those documents, released Sunday evening, range from U.S. intelligence on the whereabouts of Al Qaeda leaders on September 11th and in the days following the 9/11 attacks to the...
4 tags
Kindle readers can now borrow ebooks from... →
Scribbling in the margins of library books will soon be permitted, after Amazon.com announced yesterday that it would allow Kindle users to borrow ebooks from more than 11,000 American libraries. The deal follows similar agreements from the Kindle’s rivals, the Sony Reader and Barnes & Noble’s Nook, and will enable Kindle users to check out and read ebooks from their local...
3 tags
Chinese Hackers Attack Change.org Platform in... →
Chinese hackers temporarily brought down the world’s fastest-growing social action platform after more than 90,000 people in 175 countries endorsed an online call for the release of internationally acclaimed Chinese artist Ai Weiwei.
Full Article
2 tags
TSA security looks at people who complain about... →
Don’t like the way airport screeners are doing their job? You might not want to complain too much while standing in line. Arrogant complaining about airport security is one indicator Transportation Security Administration officers consider when looking for possible criminals and terrorists, CNN has learned exclusively. And, when combined with other behavioral indicators, it could result in...
3 tags
Spammers Using Facebook Events to Trick Users →
Spammers are using Facebook Events to trick users into completing online surveys, taking part in online contests and perform other tasks which allow spammers to generate commissions. In some cases, users are also tricked into giving up their mobile phone number, which is then automatically signed up for expensive premium services. According to multiple security firms, spammers using Facebook...
4 tags
European Court of Justice To Outlaw Internet... →
Today, the European Court of Justice gave a preliminary opinion that will have far-reaching implications in the fight against overaggressive copyright monopoly abusers. It is not a final verdict, but the Advocate General’s position; the Court generally follows this. The Advocate General says that no ISP can be required to filter the Internet, and particularly not to enforce the copyright...
4 tags
A Government Plan for IDs to Replace Online... →
Online passwords are a pain: They can be tough to remember and easy to break. But the Obama administration says it wants to help fix this. The Department of Commerce introduced a plan Friday for a system of Internet IDs that could replace passwords and simplify secure transactions online. The plan calls for the federal government to encourage the development of these new IDs and make sure they...
2 tags
Inside Google’s Age of Augmented Humanity →
For its next act, the Silicon Valley giant wants to put a supercomputer in your pocket, the better to sense, search, and interpret your personal surroundings. We talked to the scientists who are making it happen.
Full Article
5 tags
The Revolution Will Not Be Properly Licensed →
We see it everywhere. Corporations are trying to take control over our communications tools, citing copyright concerns. Frequently, they are assisted by hapless politicians, who are also aspiring for the same control, citing terrorist concerns or some other McCarthyist scareword of the day. We should see this in perspective of the revolts happening right now in the Arab world.
Full Article
4 tags
(Some) Android apps send private data in clear →
Cellphones running the Android operating system fail to encrypt data sent to and from Facebook and Google Calendar, shortcomings that could jeopardize hundreds of millions of users’ privacy, a computer scientist says. In a simple exercise for his undergraduate security class, Rice University professor Dan Wallach connected a packet sniffer to his network and observed the traffic sent to...
5 tags
Dutch Court Rules WiFi Hacking Is Now Legal →
Breaking in to an encrypted router and using the WiFi connection is not an criminal offence, a Dutch court ruled. WiFi hackers can not be prosecuted for breaching router security. A court in The Hague ruled earlier this month that it is legal to break WiFi security to use the internet connection. The court also decided that piggybacking on open WiFi networks in bars and hotels can not be...
3 tags
How To Protect Your Privacy on Facebook →
Facebook is a incredibly powerful tool to maximize your cause’s impact. It doesn’t have a good reputation, though, for securing the often private information that you share with it, and for most of us it’s hard to master the site’s ever evolving privacy settings on Facebook. It’s all the more pressing, however, if you think you might be using the site to organize....
4 tags
Coreflood: Botnet takedown introduces a... →
The Department of Justice has killed the Coreflood botnet. Using the courts, they replaced the command center of the botnet itself, and told the drones to halt operations. They did this with nothing more than a Temporary Restraining Order (TRO), some research skill, and a single command. So what does this mean for the typical citizen and cyber investigations? Did the FBI go too far?
Full...
4 tags
White House draft bill would put DHS in charge of... →
The White House is circulating a piece of draft legislation that would give the Department of Homeland Security oversight over cybersecurity at civilian agencies, according to a report from FedNewsRadio. The proposed legislation combines the comprehensive cybersecurity bill introduced last year by the Senate Homeland Security Committee with the administration’s memo from July 2010 to...
5 tags
Espionage Act makes felons of us all →
Dear Americans: If you are not “authorized” personnel, but you have read, written about, commented upon, tweeted, spread links by “liking” on Facebook, shared by email, or otherwise discussed “classified” information disclosed from WikiLeaks, you could be implicated for crimes under the U.S. Espionage Act — or so warns a legal expert who said the U.S....
2 tags
Facebook Adds Two-Factor Authentication →
Social networking giant Facebook announced on Tuesday that it was introducing a two-factor security feature that will make user accounts harder to hijack. The announcement was part of a group of security enhancements by Facebook that includes improved secure HTTP features and social reporting tools that make it easier to flag questionable content online.
Full Article
5 tags
Feds to Supreme Court: Allow Warrantless GPS... →
The Obama administration is urging the Supreme Court to allow the government, without a court warrant, to affix GPS devices on suspects’ vehicles to track their every move. The Justice Department, saying “a person has no reasonable expectation of privacy in his movements (.pdf) from one place to another,” is demanding the justices undo a lower court decision that reversed the conviction and life...
3 tags
Social Security Administration Exposed Data Of... →
The Social Security Administration has published the names, birth dates, and Social Security numbers of more than 36,000 living people who mistakenly ended up in its Death Master File.
Full Article
3 tags
Hackers gain root access to WordPress servers →
Hackers have compromised several servers that support WordPress and may have obtained source code, according to the founding developer of Automattic, the company behind the popular blogging platform. Matt Mullenweg wrote on the WordPress blog that Automattic has been reviewing log records to determine how much information was exposed and re-evaluating “avenues to gain access.”...
2 tags
U.S. Shuttering Online Gambling Sites →
Federal authorities unsealed indictments against the operators of some of the world’s largest online gambling sites and moved Friday to seize their U.S domains. The U.S. attorney in Manhattan, Preet Bharara, charged Isai Scheinberg, the founder of PokerStars, and Raymond Bitar, the founder of Full Tilt Poker, and nine others of fraudulently scheming to thwart a 2006 antigaming law that prohibits...
4 tags
Microsoft wrong to accuse Google of misleading... →
Microsoft said Google lied about Apps for Government being Federal Information Security Management Act (FISMA) certified. The General Services Administration (GSA), however, says otherwise. Google Apps Premier Edition is FISMA certified, and Google Apps for Government was built on the same platform with additional controls. According to the GSA, that means the original certification stands for...
5 tags
The Hartford, Hacked →
Hackers reportedly broke into and installed password-stealing programs on a number of servers belonging to insurance giant The Hartford, according to a ComputerWorld report. The 200-year-old, 28,000 employee strong company sent a letter of warning to some 300 employees, contractors and a small number of customers. “It was a very small incident,” said company spokesperson, Debora Raymond...
5 tags
Breach Exposes Data Of 3.5 Million Teachers And... →
The Texas Comptroller’s office Wednesday will beging sending notification letters to some 3.5 million employees and tearchers whose personal information was inadvertently disclosed on an agency server that was accessible to the public. The unencrypted data was placed in public-facing servers in violation of state policy, according to officials. “I deeply regret the exposure of the personal...
4 tags
Malaysian group hits Barracuda Networks (Update) →
Barracuda Networks, a California-based security company that focuses on WebAppSec as well as Spam, Malware, and other network protection, suffered a breach this weekend by a Malaysian group known as HMSec. The group published the details of its raid, including database schemas, email addresses, and hashed passwords, after executing an SQL Injection attack on the Barracuda domain.
Full Article
2 tags
5 tags
Pandora Mobile App Transmits Gobs Of Personal Data →
A popular free mobile application from online music service Pandora.com that is the subject of a Grand Jury investigation into loose data privacy practices in the mobile application market confirms that the application silently sends reams of sensitive data to advertisers. The analysis was conducted by application security firm Veracode and found that Pandora’s free mobile application for...
2 tags
The Problem of Issuing Certs For Unqualified Names →
The recent attack on Comodo and several of its associated registration authorities has spurred quite a bit of re-examination of the way that the Web’s certificate authority infrastructure works—or doesn’t. One interesting result of this work is that the folks at the Electronic Frontier Foundation have discovered that there are tens of thousands of legitimate certificates issued...
1 tag
But Is It Art? →
Some years ago Spy magazine punctured the pretensions of the art world with a simple prank. It took a bunch of paintings by preschoolers and hung them in a Soho gallery, then recorded the remarks of art aficionados who showed up and said the gassy sort of things people generally say about modern art. The episode offered some vindication for anyone who ever looked at a modern painting or...
2 tags
2 tags
ASA: CD ripper “incites” law breaking →
God bless the Advertising Standards Authority (ASA). This fearless defender of everything that’s right, moral and upstanding has allowed ISPs to advertise fantasy headline speeds and limited “unlimited” packages for donkey’s years, but when it comes to the really big issues, it’s not afraid to wield the big stick. The latest victim of the ASA’s wrath is 3GA Ltd, the company that makes the...
1 tag
Of the 1%, by the 1%, for the 1% →
Americans have been watching protests against oppressive regimes that concentrate massive wealth in the hands of an elite few. Yet in our own democracy, 1 percent of the people take nearly a quarter of the nation’s income—an inequality even the wealthy will come to regret.
Full Article
1 tag
About the “Porn Wikileaks” and AIM’s Database... →
If you have ever been AIM (Adult Industry Medical Foundation) tested for any reason, whether or not you are a sex worker, porn performer or “porn star” your personal and private information has been published publicly at so-called “Porn Wikileaks” (pornwikileaks.com). That website is, in fact, a copy of Wikileaks with the word “porn” added in its place. The database exploit contains information...
2 tags
Folk Models of Home Computer Security →
Home computer systems are insecure because they are administered by untrained users. The rise of botnets has amplified this problem; attackers compromise these computers, aggregate them, and use the resulting network to attack third parties. Despite a large security industry that provides software and advice, home computer users remain vulnerable. I identify eight ‘folk models’ of security...
5 tags
Terror suspects seek to clear names →
As the U.S. ramps up efforts to root out homegrown terrorism, hundreds of people who have fallen under suspicion are in a state of limbo: Many say they have been singled out unfairly for scrutiny but have been neither charged nor cleared. Some of them, mostly Muslims, have spent weeks in jail; others find it impossible to travel freely. Some say they have had their reputations destroyed by the...
5 tags
Documents Obtained by EFF Reveal FBI Patriot Act... →
In yesterday’s Senate Judiciary Hearing, “Oversight of the Federal Bureau of Investigation,” FBI Director Robert Mueller testified about the Bureau’s desire to extend three expiring provisions of the USA PATRIOT Act — PATRIOT Section 215, authorizing secret court orders for the Internet and financial records of innocent Americans; the “lone wolf”...