The NoScript Firefox extension faced a major backlash last week when users discovered that it was surreptitiously disrupting the operation of AdBlock Plus. The developers behind the two extensions turned the browser into a battleground as their conflict escalated. Mozilla has responded by proposing a new policy that sets boundaries for appropriate extension behavior.
Google’s search data may have been able to provide an early warning of the swine flu outbreak — if the company had been looking in the right place. Last week, at the request of the Centers for Disease Control, Google took a retroactive look at its search data from Mexico. And there the team found a pre-media bump in telltale flu-related search terms (you know, “influenza + phlegm + coughing”) that was inconsistent with standard, seasonal flu trends.
Earlier analysis (see the “The Optimal Size of a Terrorist Network” for more) indicates that the disruption of al Qaeda network mega-hub in Afghanistan has put strict limits on the size of the surviving virtual network elements. This size limitation may represent a barrier to attacks on the US, but is likely well within the capabilities of what is necessary for limited regional attacks. However, new innovations in group dynamics and the emergence of new unaffiliated guerrilla networks in Iraq may provide a method for regaining strategic capability.
Spies hacked into the U.S. electric grid and left behind computer programs that would let them disrupt service, exposing potentially catastrophic vulnerabilities in key pieces of national infrastructure, a former U.S. government official said Wednesday. The intrusions were discovered after electric companies gave the government permission to audit their systems, the ex-official said. The official was not authorized to discuss the matter and spoke to The Associated Press on condition of anonymity.
CYBERSPACE is ideal for spies. Digitally disguised and undeterred by borders or passports, they can pick locks anywhere in the world, pilfer secrets without trace and even leave toxic traps for the unwary. Security chiefs are very worried; NATO’s new cyberwarfare think-tank in Estonia gets requests for help from across the world. And for researchers outside the charmed circle of high-security clearance, establishing hard evidence of mischief on the net is even harder.
A laboratory robot called Adam has been hailed as the first machine in history to have discovered new scientific knowledge independently of its human creators. Adam formed a hypothesis on the genetics of bakers’ yeast and carried out experiments to test its predictions, without intervention from its makers at Aberystwyth University.
I am here before the subcommittee today to provide testimony on 21st Century security threats. I
hope this testimony is of value despite its brevity. My analytical method is to provide
frameworks for decision makers to help them make sense of rapidly changing environments.
These frameworks are intended to provoke high quality thinking — agreement or disagreement
with their specifics works equally well to achieve this.
Researchers in Toronto have released a document that describes what may be the first real evidence of a government-operated cyber-espionage network in action. In a ten-month investigation, the team documented the operation of what they dubbed GhostNet, and its various worldwide infections.
Canadian researchers have uncovered a vast electronic spying operation that infiltrated computers and stole documents from government and private offices around the world, including those of the Dalai Lama, The New York Times reported on Saturday.
For the security-conscious, the idea that malware, viruses, and Trojans could be lurking around every digital corner is frightening enough. Now, a duo of Argentinian researchers has demonstrated how code can be embedded and flashed into a system’s BIOS. We’ve been down this road before, but it’s definitely much harder to detect and root out such attacks.
DroneBL a distributed DNS Blacklist service, says in a recent blog post that a botnet named Psybot gained control of approximately one hundred thousand routers and that it became a victim of a distributed denial-of-service (DDoS) attack that was carried out by this botnet.
A botnet consisting primarily of routers is actually rather unusual. Usually Windows PCs are enslaved to act like zombies in a botnet. Psybot seems to have specialised in attacking small home network routers that run an embedded Linux for MIPS CPUs.
The global economic crisis isn’t about money - it’s about power. How Wall Street insiders are using the bailout to stage a revolution.
There’s lots of innovation going on in security - we’re inundated with a steady stream of new stuff and it all sounds like it works just great. Every couple of months I’m invited to a new computer security conference, or I’m asked to write a foreword for a new computer security book. And, thanks to the fact that it’s a topic of public concern and a “safe issue” for politicians, we can expect a flood of computer security-related legislation from lawmakers. So: computer security is definitely still a “hot topic.” But why are we spending all this time and money and still having problems? Let me introduce you to the six dumbest ideas in computer security. What are they? They’re the anti-good ideas. They’re the braindamage that makes your $100,000 ASIC-based turbo-stateful packet-mulching firewall transparent to hackers. Where do anti-good ideas come from? They come from misguided attempts to do the impossible - which is another way of saying “trying to ignore reality.” Frequently those misguided attempts are sincere efforts by well-meaning people or companies who just don’t fully understand the situation, but other times it’s just a bunch of savvy entrepreneurs with a well-marketed piece of junk they’re selling to make a fast buck. In either case, these dumb ideas are the fundamental reason(s) why all that money you spend on information security is going to be wasted, unless you somehow manage to avoid them. For your convenience, I’ve listed the dumb ideas in descending order from the most-frequently-seen. If you can avoid falling into the the trap of the first three, you’re among the few true computer security elite.
RICHMOND, Va. (AP) — What began 60 years ago as a humble television store in this sleepy Southern capital ended Sunday as Circuit City closed its doors for good — its 567 remaining U.S. stores to be left broom clean and vacant. For the last month and a half, a group of four liquidators have conducted going-out-of-business sales for what was the nation’s second-largest consumer electronics retailer, selling its remaining $1.7 billion worth of inventory weeks sooner than expected.
The Internal Revenue Service should start taxing the fledgling virtual economy in Second Life, World of Warcraft, and other virtual worlds according to Taxpayer Advocate Nina Olson. In her annual report published on the IRS website, Olsen said that there are still a number of issues that the IRS should “proactively address” before they get out of control. And now that it’s on the IRS’ radar, it’s likely only a matter of time before Uncle Sam tries to figure out some way to get a cut of your gold.
