Google discusses Android security measures
For the last year, discussions about the risk mobile devices, and the applications they run, have filled the headlines and annual reports of countless security vendors. On Thursday, Google opened up some on the measures they’ve taken to protect the people who’ve come to rely on the Android Market for their application needs. The Android platform is the fastest growing mobile device platform in the world, and according to Google, Android device activations grew some 250% last year, and Market Place downloads topped out at 11 billion.
The need for truthful and honest product disclosure in IT Security
The exponential rise in cyber- attacks and the seemingly lock-step proliferation of security products to safeguard against said attacks seem to have created an unintelligible quagmire for consumers of IT security products. Simply put, consumers have to wade through marketing propaganda and techno-speak in their quest for some form of reasonable assurance of a safe, private internet experience. It is high time that IT security companies provide transparent truthful and honest ‘Plain English’ disclosure of what threats a given product can and cannot protect against.
Key Internet operator VeriSign hit by hackers
VeriSign Inc, the company in charge of delivering people safely to more than half the world’s websites, has been hacked repeatedly by outsiders who stole undisclosed information from the leading Internet infrastructure company. The previously unreported breaches occurred in 2010 at the Reston, Virginia-based company, which is ultimately responsible for the integrity of Web addresses ending in .com, .net and .gov.
Dear Verisign: Trust requires Transparency
On their blog, Verisign made the following statement, which I’ll quote in full:
Leaked memo outlines backdoor usage for government intercepts
Last week, The Tech Herald reported on the Indian group Lords of Dharmaraja, and their plan to release information taken from a recent breach of servers maintained by India’s military intelligence division. The story focused on Symantec’s source code, but has since expanded to India’s use of communication intercept protocols. As it turns out, the Lords of Dharmaraja released a memo where a group of vendors known as RINOA (RIM, Nokia, and Apple), are said to have provided India with backdoors into their technology in order to them to maintain a presence in the local market space. These backend offerings allowed the military to conduct surveillance (RINOA SUR) against the US-China Economic and Security Review Commission.
Hackers Claim Breach Of Norton Antivirus Source Code; Experts Say Claims Are Exaggerated
Symantec confirmed that a hacking group has gained access to some of the source code of its Norton Antivirus product, but also stated the code was old and not stolen directly from Symantec servers. An Indian hacking group called the Lords of Dharmaraja has threatened to publicly disclose the source code.
You may be a Terrorist
It’s been one of those days when I went from ZERO —> STABBY really really quickly. What brought me to this point today was a tweet linked to an article at PublicIntelligence where they talk about a flyer put out jointly by the FBI and the Department of Justice (Bureau of Justice Assistance) on what to look for in an “online” terrorist or an “internet cafe” terrorist.
New SEC Guidance May Impact Corporate Disclosure
As companies begin submitting their regulatory filings and financial reports from 2011, the SEC is pushing for more comprehensive data breach, cyber attack, and general risk-assessment disclosures. As it stands, companies not only downplay the severity of hacking and other Internet-borne threats in their risk-assessments to the investor public, but they’ve also shown reluctance in disclosing and similarly downplayed attacks that have already occurred.
New School Approaches to Passwords
Adam Montville left a comment on my post, “Paper: The Security of Password Expiration“, and I wanted to expand on his question: “Passwords suck when they’re not properly cared for. We know this. Any other known form of authentication we have is difficult because of the infrastructure required to pull it off. That sucks too. Does this leave us at a stalemate where we need to get people to care about their passwords?”
Did Symantec source code hack reveal Indian phone surveillance?
Indian hackers have claimed to have breached a military intelligence server in India and obtained source code to two of Symantec’s anti-virus enterprise security products, along with many documents. The attack and subsequent leaks of information have also led to speculation over the existence of a program to give the Indian intelligence agencies access to backdoors in mobile phones or their supporting infrastructure.
Geeks to Testify (Finally!) About SOPA Blacklisting Implications
Rep. Darrell Issa (R-California), a major opponent of the Stop Online Piracy Act, announced Monday he is bringing in the techies to hold a public hearing highlighting the online security implications of a proposed bill that would force changes to internet infrastructure to fight online copyright infringement. The announcement came three weeks after a markup of SOPA in the House Judiciary Committee was abruptly postponed amid concerns over its blacklisting element, which lets the attorney general order changes to core internet infrastructure in order to stop copyright infringement.
Did Apple, RIM and Nokia Help The Indian Government Spy On The U.S.?
Documents purportedly lifted from Indian government servers contain explosive allegations: that leading Western firms including Apple Corp., Research in Motion and Nokia provided the government with secret access to mobile devices their mobile operating systems- access that the Indian government then used to spy on official, high-level conversations about trade relations between the U.S. and China.
Babeland Locations Offer Free Bicycle Delivery On Valentine’s Day
Imagine the tragedy if, during a hot party with one or more of your bestest battery-powered and/or silicone friends, one of them suffers from vibrator breakdown or nipple clamp metal-fatigue. And if a toe-curling orgasm causes you to accidentally propel that dildo out the window before you’re finished with it? Never fear…if you’re in Brooklyn, at least!
Anonymous Leaks FBI, Scotland Yard Phone Call Detailing Hacking Investigations
Hacktivists with the online collective Anonymous have released a recording of a sensitive phone call between officials with the FBI, Scotland Yard and other foreign police agencies related to ongoing investigations into hacking. The conference call, which occurred Jan. 17, focused on the continued investigative efforts against hacktivists associated with Anonymous, LulzSec, Antisec and other related groups. In addition to uploading the recording to YouTube, Anonymous also posted an email with the call-in details to Pastebin.
Bradley Manning to Face All Charges in Court-Martial
WikiLeaks suspect Bradley Manning is headed for a general court-martial, according to the commander of the U.S. Army Military District of Washington in an announcement released late Friday. Maj. Gen. Michael Linnington, the general convening authority for the district, made the determination that Manning will face all 22 charges leveled against him, include aiding the enemy, wrongfully causing intelligence to be published on the internet knowing that it is accessible to the enemy, theft of public property or records, transmitting defense information, and fraud and related activity in connection with computers.
