57 posts tagged with security and Internet.
Displaying 1 through 50 of 57. Subscribe:

Don't be a glasshole

Mozilla and the Tactical Technology Collective have created a popup storefront in lower Manhattan called The Glass Room: Looking Into Your Online Life. Situated somewhere along the education—art spectrum, The Glass Room provides "a place to consider how you use technology and how those behind technology use you" (as put on the landing page). Resources include a variety of workshops about technology and privacy, along with a book of leaked passwords and other art installations.
posted by redct on Nov 29, 2016 - 15 comments

The internet era of fun and games is over

Network security expert Bruce Schneier notes that if everything has a computer in it, then everything IS a computer. That has serious implications for security. [more inside]
posted by COD on Nov 23, 2016 - 66 comments

Let's play Global Thermonuclear War: lasting impacts of WarGames

If, after the media dubbed Ronald Reagan's Strategic Defense Initiative (YT video, Wikipedia) as "Star Wars" (transcript) in 1983, you might quesiton his concerns triggered from another movie mere months later. But after watching WarGames, he was informed that "the problem is much worse than you think." WarGames was that accurate thanks in part to input in the script from an engineer named Willis Ware, who had concerns about network security (PDF) for decades before the movie. Reagan's fears lead to the first cybersecurity directive from any U.S. President and the first concerns about the NSA's potential role in "data base oversight" (Google books preview), as well as an attempt to regulate teenagers and teenaged technology (Gbp) that impacts US internet use to this day. And then there was the USSR computer program that nearly triggered WWIII. What a year. [more inside]
posted by filthy light thief on Jul 13, 2016 - 20 comments

STOP! Using the Internet!

Why a staggering number of Americans have stopped using the Internet the way they used to Nearly one in two Internet users say privacy and security concerns have now stopped them from doing basic things online — such as posting to social networks, expressing opinions in forums or even buying things from websites, according to a new government survey released Friday. This chilling effect, pulled out of a survey of 41,000 U.S. households who use the Internet, show the insecurity of the Web is beginning to have consequences that stretch beyond the direct fall-out of an individual losing personal data in breach. The research suggests some consumers are reaching a tipping point where they feel they can no longer trust using the Internet for everyday activities.
posted by robbyrobs on May 14, 2016 - 74 comments

The Great Firewall of China has blocked The Economist

After leading with a cover story criticizing Xi Jinping (otoh) The Economist has been censored in China; Time too and now Medium. [more inside]
posted by kliuless on Apr 20, 2016 - 24 comments

38.0000,-97.0000

How an internet mapping glitch turned a random Kansas farm into a digital hell: For the last decade, [Joyce] Taylor and her renters have been visited by all kinds of mysterious trouble. They’ve been accused of being identity thieves, spammers, scammers and fraudsters. They’ve gotten visited by FBI agents, federal marshals, IRS collectors, ambulances searching for suicidal veterans, and police officers searching for runaway children. They’ve found people scrounging around in their barn. The renters have been doxxed, their names and addresses posted on the internet by vigilantes. Once, someone left a broken toilet in the driveway as a strange, indefinite threat. All in all, the residents of the Taylor property have been treated like criminals for a decade. And until I called them this week, they had no idea why.
posted by Cash4Lead on Apr 10, 2016 - 143 comments

Tech and Privacy Experts Erupt Over Leaked Encryption Bill

A draft of a highly anticipated Senate encryption bill was leaked to The Hill late on Thursday night, sparking a swift backlash from technology and privacy groups even before the legislation has been introduced. [more inside]
posted by Bella Donna on Apr 8, 2016 - 108 comments

CJEU Strikes Down Safe Harbour Data Sharing

Europe's top court, the Court of Justice of the European Union (CJEU), has struck down the 15-year-old Safe Harbour agreement that allowed the free flow of information between the US and EU.
posted by XtinaS on Oct 6, 2015 - 22 comments

Of course I'd like to sit around and chat... but someone's listening in

Fresh from The Intercept (that fearless vanguard of journalism helmed by Glenn Greenwald and Laura Poitras): disturbing documents exposing the unfathomable reach of the United Kingdom's GCHQ in its quest for total awareness of global internet traffic. A hundred billion user actions logged per day. A "Black Hole" database of 1.1 trillion logs. Frightening programs like KARMA POLICE, MEMORY HOLE, and MUTANT BROTH that correlate the kilo-crore corpus -- IP addresses, cookies, forum posts, search histories, emails, and passwords all compiled and cross-referenced into a real-time "diary" that gives penetrating insight into the relationships, beliefs, and desires of every web user on the planet. Internal documents suggest only widespread encryption can threaten the regime -- a movement the UK is determined to subdue (previously). [more inside]
posted by Rhaomi on Sep 26, 2015 - 105 comments

Shhh

Following up on their promise last month to release the data they hacked from Ashley Madison (the online infidelity-enablement site) hackers have released a ship-load personal information on ASM users. The hackers claim it is more of an attack on the shady business practices of the corporation than the users. (Though in contrast to other hacks, it looks like ASM managed to do a better job of storing passwords semi-securely). But certainly a lot of people's private issues are now public, including 10,000 folks with government emails, and many writers are warning: "Don't be smug, this is only the beginning. And Wired has some useful advice on checking out if you or a loved one is among the hacked data: Don't.
posted by Potomac Avenue on Aug 19, 2015 - 396 comments

Blackhat 2015 Keynote

End of the Internet Dream? - by Jennifer Granick This field should be in the lead in evolving a race, class, age, and religiously open society, but it hasn’t been. We could conscientiously try to do this better. We could, and in my opinion should, commit to cultivating talent in unconventional places.

Today, the physical design and the business models that fund the communications networks we use have changed in ways that facilitate rather than defeat censorship and control.
posted by CrystalDave on Aug 18, 2015 - 49 comments

That last line sounds kind of familiar

Here's what happens when you install the top ten download.com apps.
posted by DoctorFedora on Jan 13, 2015 - 123 comments

FRIENDLIEST SCADA ON THE NET

A scan for systems allowing remote desktop connections without passwords performed during a Defcon talk about the Masscan tool found a wide variety of system open for anyone with knowledge of the correct IP address, such as access to a hockey rink, a manufacturing plant for a Swedish condiment, hydroelectric plants and a lot more. [more inside]
posted by rpn on Aug 15, 2014 - 17 comments

Journey to the Centre of Google Earth

“But what shall we dream of when everything becomes visible?” Virilio replies: “We’ll dream of being blind."
posted by 0bvious on Jun 24, 2014 - 5 comments

Cyber Threats Map

Cyber Threat Real-Time Map. This Map Tracks Cyberattacks Around the World in Real Time. [Via]
posted by homunculus on Apr 1, 2014 - 10 comments

Keys to the Domain

Meet the people who hold the master keys to the internet. Hear all about their quirky sci-fi get together.
posted by stp123 on Feb 28, 2014 - 35 comments

The Internet Bug Bounty

Rewarding friendly hackers who contribute to a more secure internet. "We've selected some of the most important software that supports the internet stack, and we want you to hack it. If the public is demonstrably safer as a result of your contribution to internet security, we'd like to be the first to recognize your work and say "thanks" by sending some cash to you or your favorite non-profit." This is a full disclosure bug bounty program, and all vulnerability reports will eventually be made public. Also featuring an Allie Brosh logo for The Internet.
posted by destrius on Nov 6, 2013 - 15 comments

Possible FBI infiltration of TOR

In a crackdown that FBI claims to be about hunting down pedophiles, half of the onion sites in the TOR network has been compromised, including the e-mail counterpart of TOR deep web, TORmail. FreedomWeb, an Irish company known for providing hosting for Tor "hidden services" -- services reached over the Tor anonymized/encrypted network -- has shut down after its owner, Eric Eoin Marques, was arrested over allegations that he had facilitated the spread of child pornography. [more inside]
posted by whyareyouatriangle on Aug 4, 2013 - 126 comments

The World Has No Room for Cowards

It’s not often that one has the opportunity to be the target of a cyber and kinetic attack at the same time. But that is exactly what’s happened to me and my Web site over the past 24 hours. On Thursday afternoon, my site was the target of a fairly massive denial of service attack. That attack was punctuated by a visit from a heavily armed local police unit that was tricked into responding to a 911 call spoofed to look like it came from my home. Well, as one gamer enthusiast who follows me on Twitter remarked, I guess I’ve now “unlocked that level.” ~ KrebsonSecurity
posted by infini on Mar 16, 2013 - 56 comments

Green Dam Youth Escort

"During his civil lawsuit against the People's Republic of China, Brian Milburn says he never once saw one of the country's lawyers. He read no court documents from China's attorneys because they filed none. The voluminous case record at the U.S. District courthouse in Santa Ana contains a single communication from China: a curt letter to the U.S. State Department, urging that the suit be dismissed. That doesn't mean Milburn's adversary had no contact with him." [China Mafia-Style Hack Attack Drives California Firm to Brink]
posted by vidur on Nov 28, 2012 - 12 comments

An unauthorized certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This issue affects all supported releases of Microsoft Windows.

"Flame" is the name of a newly-identified malware program which utilizes a previously unknown MD5 collision attack to successfully spoof Microsoft Terminal Services, and install itself as a trusted program using Windows Update, Microsoft has confirmed. The program appears to have targeted computers in the Middle East, and specifically Iran; analysts have alleged it is likely created by the same entity that designed Stuxnet. Flame has been live and actively spying since 2010, but went undetected until recently, due to sophisticated anti-detection measures. [more inside]
posted by mek on Jun 8, 2012 - 53 comments

Choosing good passwords

Choosing good passwords - a straightforward real-world guide for the average user, by AusCERT. Also includes links out to a fun and informative piece on The Top 500 Worst Passwords of All Time, and more in-depth material aimed at the tech and security savvy, like this enjoyable conference talk: Security As If Your Life Depended On It (because it might!). So we can avoid becoming xkcd cartoons.
posted by philipy on Feb 26, 2012 - 71 comments

Kuang Grade Mark Eleven

He leaves his cellphone and laptop at home and instead brings "loaner" devices, which he erases before he leaves the US and wipes clean the minute he returns . In China, he disables Bluetooth and Wi-Fi , never lets his phone out of his sight and, in meetings, not only turns off his phone but also removes the battery , for fear his microphone could be turned on remotely. He connects to the Internet only through an encrypted, password-protected channel, and copies and pastes his password from a USB thumb drive. He never types in a password directly, because, he said, "Chinese are very good at installing key-logging software on your laptop." - Travel precautions in the age of digital espionage.
posted by Artw on Feb 13, 2012 - 125 comments

Phone home

Secret iOS business; what you don’t know about your apps
posted by Artw on Oct 19, 2011 - 125 comments

Why the world is scared of hacktivists

They’re watching. And they can bring you down: Why the world is scared of hacktivists. [Via]
posted by homunculus on Sep 25, 2011 - 94 comments

It's Dangerous to Go Alone! Take This.

Security-in-a-Box. A complete guide to digital security for advocates and human rights defenders (and for you too!). It includes all the info and tools you'll need for anything related to personal digital security.
Mobiles in-a-box: Tools and tactics for mobile advocacy.
Message in-a-box: Everything you need to make and distribute your own media.
NGO-in-a-box: Set up you NGO using free and open-source software.
[more inside]
posted by lemuring on Feb 28, 2011 - 14 comments

Some people learn lessons the hard way.

Aaron Barr, of security company HBGary, claimed in the Financial Times to have infiltrated Anonymous and to be collecting information on members of the group. Predictably, Anonymous responded by hacking HBGary's website and replacing its front page, as well as by stealing Barr's research documents on Anonymous (and social networking accounts) and releasing them to the public, along with thousands of internal HBGary emails.
posted by Pope Guilty on Feb 7, 2011 - 199 comments

I felt a great disturbance in the Force, as if millions of to-do lists suddenly cried out in terror, and were suddenly silenced

IPv6, a newer version of the Internet Protocol that most of the net will convert to during the next few years due to "address exhaustion" with the current IPv4, (previously, previously) has a variety of advanced security features in it. Once IPv6 is fully rolled out and all the technical people are familiar with it, computers connected to the internet will be much safer from some kinds of hacking - but until then we may be in for a bumpy ride.
posted by XMLicious on Feb 1, 2011 - 60 comments

Anonymous Buzzkill

A worrisome set of posts from Princeton University's 'Freedom to Tinker" Blog:
In many situations, it may be far easier to unmask apparently anonymous online speakers than they, I, or many others in the policy community have appreciated. Today, I'll tell a story that helps explain what I mean. Second post: what BoingBoing knows about John Doe. Third, and most concerning post: The traceability of an online anonymous comment. Related post: a well researched review of the privacy concerns around the roll-out of, and push-back against, Google Buzz.
posted by Rumple on Feb 18, 2010 - 41 comments

The dry, technical language of Microsoft's October update did not indicate anything particularly untoward.

Its reach is impossible to measure precisely, but more than 3 million vulnerable machines may ultimately have been infected. : The inside story on the Conficker Worm at New Scientist.
posted by The Whelk on Jun 15, 2009 - 84 comments

IOKIYO

Beyond even the outrageously broad "state secrets" privilege invented by the Bush administration and now embraced fully by the Obama administration, the Obama DOJ has now invented a brand new claim of government immunity, one which literally asserts that the U.S. Government is free to intercept all of your communications (calls, emails and the like) and -- even if what they're doing is blatantly illegal and they know it's illegal -- you are barred from suing them unless they "willfully disclose" to the public what they have learned. - Glenn Greenwald. [more inside]
posted by Joe Beese on Apr 7, 2009 - 102 comments

15 bits of crypto should be enough for anybody

On May 13, security advisories published by Debian and Ubuntu revealed that, for over a year, their OpenSSL libraries have had a major flaw in their CSPRNG, which is used by key generation functions in many widely-used applications, which caused the "random" numbers produced to be extremely predictable. [lolcat summary] [more inside]
posted by finite on May 16, 2008 - 81 comments

too quiet...

If Bruce Schneier, the expert voice of security moderation, is "worried" than so am I. Since the beginning of the year Storm, an advanced, distributed worm network has been growing quietly as its authors tweak its social engineering attack. Now it seems that it is in place and waiting. Schneier's article. Digital Intelligence and Strategic Operations Group has been monitoring Storm for a year. OWL.
posted by shothotbot on Oct 15, 2007 - 89 comments

"If you scratch a paranoid, you find a narcissist"

What's the Big Secret? Four surveillance experts try to figure out what the NSA's superclassified wiretapping program really is (hint: it may have something to do with the filters). They don't seem to realize that this kind of reckless public discussion means some Americans are going to die. [Via Threat Level.]
posted by homunculus on Aug 30, 2007 - 47 comments

FBI-CIPAV.exe is an unknown application. Install anyway?

FBI's CIPAV nabs first victim: Former Timberline High School student is the first (known) person to be caught by the FBI's secret spyware program, known as CIPAV (Computer and Internet Protocol Address Verifier). Wired broke the story Wednesday, then received a form letter from the FBI in response to a few key questions. (more inside)
posted by mrgrimm on Jul 20, 2007 - 27 comments

Herding Zombies

Interesting "New Yorker" article about online extortion via DDoS attacks. Call me naive and underinformed, but I had little understanding of how this works. "In the most common scenario, the bots surreptitiously connect hundreds, or thousands, of zombies to a channel in a chat room. The process is called “herding,” and a herd of zombies is called a botnet."
posted by dersins on Oct 7, 2005 - 34 comments

A new twist on paying for Internet porn

A new twist on paying for Internet porn Although no mention of porn in the CNN story. Anyone ever been threatened like this?
posted by Samuel Farrow on Dec 29, 2003 - 18 comments

Nasty new IE hole

A new MS Internet Explorer vulnerability is discovered. Most digerati already know about the spammer and lamer trick to publish URLs that look like legitimate hostnames to fool people in to trusting a malicious site. This trick is frequently used by spammers to steal people's PayPal accounts, by tricking them in to "resetting" their password at a site owned by the spammer but disguised as PayPal.com. Today's new IE vulnerability is significantly worse. By including an 0x01 character after the @ symbol in the fake URL, IE can be tricked in to not displaying the rest of the URL at all. Don't expect a patch right way, the guy who found the hole released it to BugTraq on the same day he notified Microsoft. (via Simon Willison)
posted by dejah420 on Dec 9, 2003 - 29 comments

Worms!!!!!!!!!!

New Phase for Sobig.f Expected to Hit Friday. Any . . . minute . . . now. . .
posted by archimago on Aug 22, 2003 - 37 comments

The US government recently released a draft of the National Strategy to Secure Cyberspace, essentially it advocates ensuring security through consensus, with vendors, government agencies and consumers taking responsibility for the tools they use. That's not enough for Marcus Ranman who in the TISC newsletter advocates passing legislation mandating consumers and ISPs to install firewalls and anti-viral software. At what point does an individuals (corporate or consumer) chosen level of computer security become a concern for the federal government?
posted by cedar on Oct 17, 2002 - 7 comments

Looks like Verisign

Looks like Verisign forgot to renew their UK domain name.
posted by timeistight on Sep 28, 2002 - 15 comments

First JPEG virus discovered...

First JPEG virus discovered... "The W32/Perrun virus, as it is now being called, extracts data from JPEG files and then injects picture files with infected digital images. A fair warning to those individuals who are fond of sending multimedia files to friends and families." Is everyone's porn stash threatened now?
posted by darian on Jun 14, 2002 - 28 comments

Hackers target Cell Phones

Hackers target Cell Phones With the connectivity of cell phones to the internet, hackers have begun to target cell phones, programming prank calls, placing calls to wherever and erasing the software in the phone.
posted by Lanternjmk on Mar 11, 2002 - 7 comments

How to hack grey matter

How to hack grey matter A big security loophole with grey matter powered sites is out there. It lets anyone have the username and password to these sites. Luckly there is a fix for it which can be found here.
posted by thebwit on Feb 23, 2002 - 20 comments

AOL has been actively blocking Trillian users.

AOL has been actively blocking Trillian users. If you switched over to Trillian and use AIM you've had problems connecting all week. As of this morning, version 0.721 is working but will likely be blocked again. AOL is claiming it as a "security" issue.
posted by tommasz on Jan 31, 2002 - 30 comments

Been to a USGS site today?

Been to a USGS site today? What about your favorite national park site? Probably not, since all are part of the U.S. Department of the Interior, whose external network connections have been severed due to electronic security concerns raised by the court in the case Cobell v. Norton (formerly Cobell v. Babbitt).

With no external email or access to the Internet could you do your job? How dependent is your workplace on electronic information access? (Since all their websites are down, I have no direct link to post. A copy of the memo was sent to the members by the admin of a USGS email distribution list.)
posted by carobe on Dec 7, 2001 - 16 comments

Dark Address Space

Dark Address Space leaves some 100 million hosts completely unreachable from portions of the Internet.
posted by trioperative on Nov 15, 2001 - 2 comments

Silicon Valley backs Senate bill

Silicon Valley backs Senate bill that would allow companies to report computer network attacks to the government without having to worry about the public finding out. The reasoning: it would encourage more companies to report the problems and help the government track down the culprits. A similar bill is in the House.
posted by thescoop on Sep 25, 2001 - 3 comments

Seeing weird things in your website logs today? This will explain it... Running IIS and haven't patched it in over a month? Go here. 13,000 servers have already been affected.
posted by machaus on Jul 19, 2001 - 37 comments

Attrition: Evolution.

Attrition: Evolution. Attrition.org has decided to cease updating their archive of Web defacement mirrors. The reasons being the total lack of appreciation on some part as well as the shear volume of mirrors per day, and the fact that it sucked up what little personal lives the staff already had. Fear not, however, statistics and commentary will still be around - just based on the Alldas mirror and stay tuned for the rebirth of their more informative sections like Errata and Security.
posted by bkdelong on May 21, 2001 - 0 comments

Page: 1 2