MetaFilter posts tagged with security

"We are supposed to notify a supervisor. You’re a supervisor, right?"

anastasiav — Fri, 30 Oct 2009 09:38:11 -0800

Do I have the right to refuse this search?

This is just getting embarassing!

Pope Guilty — Tue, 20 Oct 2009 08:35:41 -0800

You know, if I ran the BNP, I think I would think twice about this whole "trusting people with the members list" idea.

Need Firefox 0.8?

netbros — Sat, 10 Oct 2009 06:37:15 -0800

Remember when your computer just worked? Did you click 'OK' to that recommended update on programs like iTunes, Adobe Reader, or Yahoo Messenger, only to realize that the older version ran faster or had better features? Then Version Download may be your solution. Includes back-level versions of browsers, audio and video, security and anti-virus, FTP, file-sharing and communications software.

What Does DHS Know About You?

chunking express — Mon, 05 Oct 2009 07:07:15 -0800

What Does DHS Know About You? A lot. The complete (annotated) report. [PDF]

The First Ripples of the Silver Tsunami

Acromion — Sat, 19 Sep 2009 11:18:53 -0800

Nearly 1 in 5 young adults is out of work. Student debt is the highest its ever been. With a 10 year job growth of negative 230,000 jobs, the pool of available jobs is the lowest its ever been as a ratio to available college grads. And even with this dwindling tax base, in order to sustain Medicare and Social Security by 2020, we will need to tax 1.5 workers for every retiree. The dominant media narrative now is focused on the racial tensions surrounding Obama's health care reform. But in reality, the strongest opposition to Obama now comes not from young whites, who stand to benefit the most from medical reform. It is largely from 'angry white seniors' who fear cuts in the their Medicare. Are you ready for the Silver Tsunami?

Beyond war and crisis

Abiezer — Fri, 11 Sep 2009 06:02:06 -0800

Sustainable Security is a website launched this month by the Oxford Research Group "to be an important platform for promoting a better understanding of the real threats to global security in the 21st century and the policies that should be implemented to address those threats at their root cause." It highlights "four interconnected drivers of global insecurity: climate change; competition over natural resources; global militarism; and poverty and marginalisation. Prof. Paul Rogers makes the case for a rethink of the security paradigm.

It's all Greek to Me

scalefree — Thu, 20 Aug 2009 12:30:49 -0800

In 1984 computer pioneer Ken Thompson wrote one of the seminal works of computer security, Reflections on Trusting Trust [PDF]. In it he postulated putting a trojan horse inside a compiler as a means of infecting software compiled by it. 25 years later somebody has finally done just that. Researchers at anti-virus house Sophos have discovered a virus that places a backdoor into applications compiled with the Delphi language. They've identified at least 3000 separate Delphi applications that have had this backdoor compiled into them so far, including banking programs and programs used for cellphone programming.

And like that... he's gone

homunculus — Mon, 17 Aug 2009 08:42:04 -0800

Gone Forever: What Does It Take to Really Disappear?

Why Can't MS Do This?

DU — Mon, 17 Aug 2009 06:50:40 -0800

An 8 year old critical security bug in the Linux kernel? No problem, we can fix that without even rebooting. You heard me, it is possible to apply a source code patch to a running kernel without reboot.

Neurosecurity

homunculus — Wed, 08 Jul 2009 20:29:23 -0800

Neurosecurity: security and privacy for neural devices. "An increasing number of neural implantable devices will become available in the near future due to advances in neural engineering. This discipline holds the potential to improve many patients' lives dramatically by offering improved—and in some cases entirely new—forms of rehabilitation for conditions ranging from missing limbs to degenerative cognitive diseases. The use of standard engineering practices, medical trials, and neuroethical evaluations during the design process can create systems that are safe and that follow ethical guidelines; unfortunately, none of these disciplines currently ensure that neural devices are robust against adversarial entities trying to exploit these devices to alter, block, or eavesdrop on neural signals. The authors define 'neurosecurity'—a version of computer science security principles and methods applied to neural engineering—and discuss why neurosecurity should be a critical consideration in the design of future neural devices." [Via Mind Hacks]

CitiApartments

Stephen Elliott — Thu, 02 Jul 2009 17:42:57 -0800

San Francisco's largest residential landlord is refusing to give back security deposits. CitiApartments is possibly going broke and, according to the head of the San Francisco Tenants Union, refusing to refund many tenants security deposits (he says they're getting three to four complaints a week). CitiApartments' buildings are filled with vacancies because their business model is purchasing buildings and then harassing and intimidating tenants into moving out so they can raise the rent. The end of the SFAppeal article states: "if a person really wanted to push back against whatever it is that CitiApartments is doing, they could pretty easily twist the knife a bit on craigslist simply by flagging every single CitiApartments listing." Here is the website dedicated to fighting CitiApartments and here are links to a three part series on CitiApartments by the San Francisco Bay Guardian. And here is an article on CitiApartments parent company from San Francisco Business Times.

You See, In Order to Save the Village America, We Have to ...

WCityMike — Wed, 01 Jul 2009 12:24:25 -0800

Michael Scheuer, the former chief of the CIA's "bin Laden Station", and the initially anonymous author of Imperial Hubris, pulls an O'Reilly on yesterday's Glenn Beck broadcast:

"The only chance we have as a country have right now is for Osama bin Laden to deploy and detonate a major weapon in the United States [...] only Osama can execute an attack which will force Americans to demand that their government protect them [...] with as much violence as necessary."

Earlier this month, Scheuer even wrote a speech he proposed bin Laden give. Disturbingly, bin Laden recommended Hubris in a September 2007 speech; if he's still alive, let's hope he doesn't follow Scheuer's media appearances. The video has spread off of political blogs onto sites nearer the mainstream, but mounting calls of treason are rendered a bit hyperbolic when compared with Article III and with U.S. v. Gadahn, the country's first treason indictment since 1952 and the only one post-9/11 ... not to mention reminiscent the worst of the right.

An Unclear Future

mattdidthat — Tue, 23 Jun 2009 12:41:18 -0800

Clear, the "security service" that allowed travellers to bypass TSA security lines, offered a Father's Day discount if you purchased a one-year membership by June 21. On June 23, Clear ceased operations. Sorry, no refunds.

The dry, technical language of Microsoft's October update did not indicate anything particularly untoward.

The Whelk — Mon, 15 Jun 2009 14:40:29 -0800

Its reach is impossible to measure precisely, but more than 3 million vulnerable machines may ultimately have been infected. : The inside story on the Conficker Worm at New Scientist.

Now, where did I put that plane factory?

hrbrmstr — Mon, 08 Jun 2009 13:28:07 -0800

Hiding in "plane" sight. Images and details of the significant efforts made by the United States to prevent the Japanese from bombing our west coast aircraft factories. I wonder what this effort would take today to "fool" Google Maps/Earth. From the article: "The idea of deceiving the enemy as to what you are doing is not new. Trying to hide individual items from observation is not new, trying to hide whole factories from aerial bombing during The Second World War was new. After December 7, 1941 the Lockheed and Boeing aircraft factories along the West Coast were put under netting to try and hide them from Japanese aircraft attack."

Protect Yourself, Your Family, Your Identity

netbros — Mon, 01 Jun 2009 11:42:49 -0800

The commercials are all over television — and they certainly are attention-grabbing. They’re the ones where the heavy, bald guy is sitting in his easy chair talking in a squeaky female voice about all the clothes he bought — including a bustier. Or the little old lady speaking with the gruff voice of a younger man about the sweet motorcycle she now owned. Identity theft is a serious crime — one that is occurring with an alarming frequency. The Identity Theft Manifesto explains how criminals get your personal info, and what you can do about it.

High Security? Maybe.

ostranenie — Thu, 28 May 2009 12:22:26 -0800

You are Medeco, one of the world's premier lock companies. And you think your super-secure locks are tight. Until, that is, some upstart troublemaker comes along, reverse engineers them and shows the world (via Wired magazine--with video, natch) showing just how (supposedly) insecure they are. Then this same troublemaker releases a book giving all your secrets away. Wired article comes complete with overblown, panic-now headlines (Ultimate Lock Picker Hacks Pentagon) from the Wired writers. You think they had a contest?

Your Tax Dollars At Work

fourcheesemac — Sun, 17 May 2009 05:59:50 -0800

A message from baby Emily. Most popular baby names + Medicare advice + awful Elvis impersonation = EPIC FAIL. A single link video post from the Social Security Administration. You will laugh. Until you remember we (USians) paid for this. (via Andrew Sullivan)

Electricity Grid in the U.S. Penetrated by Spies

Roach — Wed, 08 Apr 2009 08:20:37 -0800

According to an article posted in today's Wall Street Journal, the electricity grid in the U.S. has been compromised by foreign spies, leaving it vulnerable to disruption. Last year, the CIA acknowledged that the system had been compromised and that the goal had been extortion. In response, the Federal Electric Regulatory Commission issued new cybersecurity specs for the power grid, to which companies such as GE have begun responding. But could it be that the new security efforts are motivated by government officials who stand to gain by this attempt at drastically increasing government control over the Internet? Note: Paranoid views of last blog post do not necessarily reflect those of this poster, but I thought it a valid concern as we deal with this huge security concern, especially in light of the recent flap over Presidential powers to control the internet.

IOKIYO

Joe Beese — Tue, 07 Apr 2009 12:18:20 -0800

Beyond even the outrageously broad "state secrets" privilege invented by the Bush administration and now embraced fully by the Obama administration, the Obama DOJ has now invented a brand new claim of government immunity, one which literally asserts that the U.S. Government is free to intercept all of your communications (calls, emails and the like) and -- even if what they're doing is blatantly illegal and they know it's illegal -- you are barred from suing them unless they "willfully disclose" to the public what they have learned. - Glenn Greenwald. In other news... The Cybersecurity Act of 2009 would, for example, give the President unfettered power to shut down Internet traffic in emergencies or disconnect any critical infrastructure system or network on national security grounds. - Center for Democracy and Technology

Cloning passport card RFIDs

homunculus — Tue, 03 Feb 2009 14:32:46 -0800

Passport RFIDs cloned wholesale by $250 eBay auction spree. "Using inexpensive off-the-shelf components, an information security expert has built a mobile platform that can clone large numbers of the unique electronic identifiers used in US passport cards and next generation drivers licenses. The $250 proof-of-concept device - which researcher Chris Paget built in his spare time - operates out of his vehicle and contains everything needed to sniff and then clone RFID, or radio frequency identification, tags. During a recent 20-minute drive in downtown San Francisco, it successfully copied the RFID tags of two passport cards without the knowledge of their owners." [Via]

Heartland Systems data breach

Class Goat — Tue, 20 Jan 2009 15:39:55 -0800

"Payments processor Heartland Payment Systems has learned it was the victim of a security breach within its processing system in 2008. Heartland believes the intrusion is contained." Heartland Payment Systems processes payroll and credit card payments for more than 250,000 businesses. Looks like this data breach is even bigger than 2007's TJ Maxx break-in.

Stir in poisoned DNS and add a dash of transparent proxying...

These Premises Are Alarmed — Tue, 30 Dec 2008 08:44:20 -0800

The embargo has been lifted on the newest research on growing internet infrastructure insecurity. Using an army of Playstations, researchers have managed to forge a RapidSSL (owned by Verisign) CA certificate in a couple hours due to known flaws in MD5.

Quis custodiet ipsos custodes?

up in the old hotel — Mon, 08 Dec 2008 16:49:40 -0800

The National Security Agency is building a data center in San Antonio that’s the size of the Alamodome. Microsoft has opened an 11-acre data center a few miles away. Coincidence? Not according to author James Bamford, who probably knows more about the NSA than any outsider. Bamford's new book reports that the biggest U.S. spy agency wanted assurances that Microsoft would be in San Antonio before it moved ahead with the Texas Cryptology Center. Bamford notes that under current law, the NSA could legally tap into Microsoft’s data without a court order. Whatever you do, don't take pictures of it the spy building unless you want to be taken in for questioning.

"I don't know what safe is."

The Card Cheat — Wed, 19 Nov 2008 11:14:26 -0800

Culture Of Fear. An interesting look at the security concerns National Football League players harbour in the wake of the death of Sean Taylor, who was robbed and shot within his own home. Previously. Other NFL players recently victimized include Darrent Williams, shot and killed while sitting in a limo, Javon Walker, beaten and robbed in Las Vegas, and Richard Collier, shot and paralyzed while waiting outside an apartment.