Join 3,430 readers in helping fund MetaFilter (Hide)

638 posts tagged with security. (View popular tags)
Displaying 51 through 100 of 638. Subscribe:

Related tags:
+ (70)
+ (63)
+ (61)
+ (47)
+ (44)
+ (44)
+ (43)
+ (36)
+ (36)
+ (32)
+ (27)
+ (26)
+ (25)
+ (21)
+ (20)
+ (19)
+ (18)
+ (18)
+ (18)
+ (18)
+ (17)
+ (17)
+ (16)
+ (16)
+ (16)
+ (14)
+ (14)
+ (14)
+ (14)
+ (13)
+ (13)
+ (13)
+ (13)
+ (12)
+ (12)
+ (12)
+ (12)
+ (12)
+ (12)
+ (12)
+ (11)
+ (11)
+ (10)
+ (10)
+ (10)
+ (10)
+ (10)
+ (10)
+ (10)
+ (10)
+ (9)
+ (9)
+ (9)
+ (9)
+ (9)
+ (9)
+ (9)
+ (8)
+ (8)
+ (8)


Users that often use this tag:
homunculus (20)
mathowie (15)
Postroad (10)
scalefree (7)
Steven Den Beste (7)
zarq (6)
jeffburdges (6)
Blazecock Pileon (5)
skallas (5)
tranquileye (5)
vidur (5)
digaman (5)
amberglow (5)
unSane (4)
kliuless (4)
These Premises Are... (4)
Irontom (4)
Artw (4)
the man of twists ... (4)
chunking express (4)
fenriq (4)
crunchland (4)
Foci for Analysis (3)
netbros (3)
Unregistered User (3)
DBAPaul (3)
Wordshore (3)
semmi (3)
Abiezer (3)
rzklkng (3)
beisny (3)
dejah420 (3)
thescoop (3)
ed (3)
baylink (3)
bkdelong (3)
stoneweaver (3)
paleyellowwithorange (3)
allkindsoftime (3)
Malor (2)
russilwvong (2)
The Whelk (2)
spitefulcrow (2)
johnnydark (2)
destrius (2)
tomcosgrave (2)
Hackworth (2)
orange swan (2)
ericost (2)
laz-e-boy (2)
Pope Guilty (2)
y2karl (2)
madamjujujive (2)
unliteral (2)
silusGROK (2)
specialk420 (2)
tommasz (2)
finite (2)
XQUZYPHYR (2)
Bovine Love (2)

Being the nerd that I am, I was itching to crunch some badass numbers

Debarghya Das, an Indian student at Cornell, wanted to impress his friends by obtaining their examination marks for the Indian Certificate of Secondary Examination and the Indian School Certificate and, thanks to some poorly written javascript, discovers the entire database containing the grades for 200,000 Indian students, as well as potential evidence of widespread tampering.
posted by elgilito on Jun 7, 2013 - 36 comments

Inside joke! Obscure meme reference!

The Pew Internet And American Life Project has a new report out on Teens, Social Media, and Privacy. danah boyd comments:
My favorite finding of Pew’s is that 58% of teens cloak their messages either through inside jokes or other obscure references, with more older teens (62%) engaging in this practice than younger teens (46%).
[more inside]
posted by the man of twists and turns on Jun 5, 2013 - 51 comments

Beyond brute force.

Anatomy of a hack: How crackers ransack passwords like “qeadzcwrsfxv1331” Hackers get %90 of an MD5 password database using multiple analysis techniques including Markov chains, mask, combinator and hybrid attacks. These attacks combine dictionaries of previously-recovered passwords and passphrases with brute force and statistical analysis to expand the power of password cracking.
posted by CBrachyrhynchos on May 28, 2013 - 153 comments

Just continue with the poker face, men

Use These Secret NSA Google Search Tips to Become Your Own Spy Agency
posted by infini on May 8, 2013 - 17 comments

A Thought on Web Security

I long for the future where I can safely assume my passwords are stolen.
posted by stoneweaver on Apr 29, 2013 - 20 comments

Dances with llamas

In southern Sweden, scene of recent sheep-killing incidents perpetrated by wolves, llamas are being introduced to see if they will kick wolf-butt and protect the sheep. In the US, the guard llama is becoming a more common "first line of defense" on ranches. [more inside]
posted by Wordshore on Apr 23, 2013 - 64 comments

Lock your bike

Have you been looking for bike locks that work? Will only the best locks do? Perhaps you just need a secondary lock?
posted by overleaf on Apr 23, 2013 - 40 comments

"what kind of surveillance society we should be fighting for"

Practical Ethics: Enlightened Surveillance?
Surrendering on surveillance might be the least bad option – of all likely civil liberty encroachments, this seemed the less damaging and hardest to resist. But that’s an overly defensive way of phrasing it – if ubiquitous surveillance and lack of privacy are the trends of the future, we shouldn’t just begrudgingly accept them, but demand that society gets the most possible out of them.
[more inside]
posted by the man of twists and turns on Apr 18, 2013 - 23 comments

The World Has No Room for Cowards

It’s not often that one has the opportunity to be the target of a cyber and kinetic attack at the same time. But that is exactly what’s happened to me and my Web site over the past 24 hours. On Thursday afternoon, my site was the target of a fairly massive denial of service attack. That attack was punctuated by a visit from a heavily armed local police unit that was tricked into responding to a 911 call spoofed to look like it came from my home. Well, as one gamer enthusiast who follows me on Twitter remarked, I guess I’ve now “unlocked that level.” ~ KrebsonSecurity
posted by infini on Mar 16, 2013 - 56 comments

the ultimate in spyware

Meet the men who spy on women through their webcams - "If you are unlucky enough to have your computer infected with a RAT, prepare to be sold or traded to the kind of person who enters forums to ask, "Can I get some slaves for my rat please? I got 2 bucks lol I will give it to you :b" At that point, the indignities you will suffer—and the horrific website images you may see—will be limited only by the imagination of that most terrifying person: a 14-year-old boy with an unsupervised Internet connection."
posted by madamjujujive on Mar 10, 2013 - 172 comments

TSA troubles

Delta Airlines and other airline workers' unions have asked the TSA to reconsider their recent announcement to loosen security restrictions on airlines, effective April 25, that would allow passengers to carry small pocket knives, among other items. [more inside]
posted by roomthreeseventeen on Mar 9, 2013 - 202 comments

Dreaming of password combinations sucks

Password Cracking AES-256 DMGs and Epic Self-Pwnage
posted by unliteral on Feb 12, 2013 - 42 comments

Retweet to add additional diamonds to your shopping basket

Twitter is experimenting with online shopping: "American Express card holders who connect their card numbers to their Twitter accounts can post on Twitter to trigger a purchase of select products, including discounted American Express gift cards, Kindle Fire tablets from Amazon.com Inc. and jewelry from designer Donna Karan. The program will roll out over the next few days." [more inside]
posted by Wordshore on Feb 12, 2013 - 65 comments

Shhhhhhh …..

Silent Circle, a security start-up led by PGP creator Phil Zimmermann and two ex-Navy SEALs, has been teasing technology that purports to make mobile communications "virtually invulnerable to surveillance efforts" for a few months (previously). Now, they're pushing a "groundbreaking encrypted data transfer app that will enable people to send files securely from a smartphone or tablet at the touch of a button." The company has pledged not to comply with law enforcement surveillance requests, nor to provide backdoor access for the FBI.
posted by jbickers on Feb 5, 2013 - 49 comments

Ruby off the Rails

What The Rails Security Issue Means For Your Startup summarizes the impact of recent arbitrary-code-execution security vulnerabilities in Ruby on Rails: "What Do We Do When Apocalyptically Bad Things Happen On Our Framework of Choice?"
posted by We had a deal, Kyle on Feb 1, 2013 - 94 comments

Mark Zuckerberg's Hoodie

It is June 2, 2010 and Mark Zuckerberg is sweating. He’s wearing his hoodie—he’s always wearing his hoodie—and he’s on stage and either the lights or the questions are too hot. … “Do you want to take off the hoodie?” asks Kara Swisher.
“I never take off the hoodie.”
The varied cultural resonances of an unassuming garment.
posted by the mad poster! on Jan 29, 2013 - 157 comments

Freedom from....

The New York Times asks seven 'experts': Does makeup ultimately damage a woman’s self-esteem, or elevate it? [more inside]
posted by zarq on Jan 16, 2013 - 260 comments

But not browsing MetaFilter

(BBC) A security check on a US company has reportedly revealed one of its staff was outsourcing his work to China. [more inside]
posted by Wordshore on Jan 16, 2013 - 86 comments

NSF/smashthestate

Password Security in Deus Ex
posted by Zarkonnen on Jan 5, 2013 - 61 comments

It's the end of the world and they know it

The most-watched show in the history of the National Geographic Channel isn't Wild, Taboo or even the longest-running documentary series on cable tv: Explorer. It's Doomsday Preppers, a show that documents the "lives of otherwise ordinary Americans" as they prepare for the end of the world. [more inside]
posted by zarq on Dec 21, 2012 - 115 comments

Look Out—He’s Got a Phone!

Security experts agree that it’s only a matter of time before smartphones become the smart person’s murder weapon of choice.
posted by stoneweaver on Dec 20, 2012 - 56 comments

256 bit security and the laws of physics

Why 256 bit keys are long enough. A nice graphic explanation by Schneier why brute-force attacks against 256-bit keys will be infeasible until computers are built from something other than matter and occupy something other than space. [more inside]
posted by Twang on Dec 17, 2012 - 34 comments

You’re not anonymous

Sumit Suman recently visited a site, did not sign up for anything, did not connect via social media, but got a personal email from the site the next day. Here’s how they did it.
posted by Foci for Analysis on Dec 12, 2012 - 52 comments

Slap the flower decal on the internet detective van

The Mystery of the Phantom Likes. Bernard Meisler at Read Write Web is trying to find out why his dead friends are liking stuff on Facebook. [more inside]
posted by Diablevert on Dec 11, 2012 - 63 comments

Nothing to hide?

Why Privacy Matters, Even If You Have Nothing To Hide, by Daniel J. Solove
The nothing-to-hide argument pervades discussions about privacy. The data-security expert Bruce Schneier calls it the "most common retort against privacy advocates." ... To evaluate the nothing-to-hide argument, we should begin by looking at how its adherents understand privacy. Nearly every law or policy involving privacy depends upon a particular understanding of what privacy is. The way problems are conceived has a tremendous impact on the legal and policy solutions used to solve them.
[more inside]
posted by the man of twists and turns on Dec 9, 2012 - 67 comments

Green Dam Youth Escort

"During his civil lawsuit against the People's Republic of China, Brian Milburn says he never once saw one of the country's lawyers. He read no court documents from China's attorneys because they filed none. The voluminous case record at the U.S. District courthouse in Santa Ana contains a single communication from China: a curt letter to the U.S. State Department, urging that the suit be dismissed. That doesn't mean Milburn's adversary had no contact with him." [China Mafia-Style Hack Attack Drives California Firm to Brink]
posted by vidur on Nov 28, 2012 - 12 comments

Tazreen factory fire

At least 112 workers died in Tazreen garments factory fire in Bangladesh. The reasons of the fire are the subject of investigation, but the firefighters put the blame for the tragedy on the lack of fire exits. Since 2006, over 500 garment factory workers died in Bangladesh fires caused often by poor safety standards and shoddy electrical installations. The garments made in the Tazreen factory were sold by C&A, among others. Clothing makes up 80 percent of the country's $24 billion in annual exports.
Last year saw the 100th anniversary of another such tragedy.
posted by hat_eater on Nov 25, 2012 - 31 comments

The threat won't be understood until a Cyberdisaster

The Frightening Things You Hear at a Black Hat Conference. (Previously-ish).
posted by MattMangels on Nov 23, 2012 - 49 comments

The ++ operator is now illegal

What does proper authorization to access a computer system mean? Robert Graham of Errata Security writes about the recent conviction of Andrew Auernheimer (aka weev) for “hacking” AT&T. Two years ago, weev discovered a bug in AT&T's website that exposed the email addresses of customers with iPads. According to weev, the flaw was reported as per responsible disclosure practices by first informing AT&T before bringing it public. However the FBI investigated and arrested him under the Computer Fraud and Abuse Act (CFAA). On 20th November 2012, he was found guilty of identity fraud and conspiracy to access a computer without authorization.
posted by destrius on Nov 21, 2012 - 114 comments

The age of the password has come to an end...

Mat Honan of Wired has a covetableTwitter username (@mat). Recently hackers tore his digital world apart in an attempt to commandeer it. Now he reflects: The age of the password has come to an end; we just haven’t realized it yet. And no one has figured out what will take its place. What we can say for sure is this: Access to our data can no longer hinge on secrets—a string of characters, 10 strings of characters, the answers to 50 questions—that only we’re supposed to know. The Internet doesn’t do secrets. Everyone is a few clicks away from knowing everything.
posted by rongorongo on Nov 16, 2012 - 75 comments

The Brief - A daily briefing of technology news worth caring about

NASA will send you an email or text alert when the International Space Station is visible from your area. IBM scientists have recently made significant advances in nanotechnology. A mathematician thought a poorly-encrypted headhunting email from Google was testing him, but he had actually discovered a major security hole. All of this found via The Brief: A Daily Briefing of Technology News Worth Caring About from MeFi's own nostrich. [via mefi projects]
posted by davidjmcgee on Nov 9, 2012 - 15 comments

Thanks for two hours of your time

"I am calling you from Windows": A tech support scammer dials Ars Technica [more inside]
posted by the man of twists and turns on Oct 26, 2012 - 98 comments

And change the combination on my luggage!

What are the most common and least common 4-digit PINs? Using data from recent password database leaks, an analysis of PINs. (via Schneier)
posted by fings on Sep 19, 2012 - 91 comments

WoW indeed

Steganographic information (account ID, a timestamp and the IP address of the current realm) is secretly embedded in World of Warcraft screen shots. Via Schneier.
posted by unSane on Sep 13, 2012 - 34 comments

Two Words: Extremist Sharks

"To aid the national security community in imagining contemporary threats, the Australian Security Research Centre (ASRC) is organising Australia’s Security Nightmares: The National Security Short Story Competition. The competition aims to produce a set of short stories that will contribute to a better conception of possible future threats and help defence, intelligence services, emergency managers, health agencies and other public, private and non-government organisations to be better prepared." (via)
posted by vidur on Sep 12, 2012 - 44 comments

Java 7 Vulnerability

A working, cross-platform Java 7 exploit is now in the wild. It's apparently a pair of bugs, working in tandem; neither, alone, would be enough to escape the Java sandbox, but together, any machine, be it Windows, Mac, or Linux, can be instantly and silently compromised, simply by viewing a malicious web page. Only Java 7 is vulnerable, but because of the way Oracle schedules patches, it may be unfixed until October. You can test your machine for the flaw; if vulnerable, you'll want to at least disable Java in your Web browser, if not remove it altogether. On Firefox, NoScript will provide a little protection, by not running Java code unless you click it, but the vulnerability remains.
posted by Malor on Aug 29, 2012 - 104 comments

Your Passwords Are Much Weaker Than You Think

Why passwords have never been weaker—and crackers have never been stronger. Ars weighs in on the amazing advances the bad guys have made in password cracking over the last few years. Think you know how to choose something that's safe? The probability is quite high that you don't, even if you're technically ept. [more inside]
posted by Malor on Aug 21, 2012 - 184 comments

At 5:00 PM, they remote wiped my iPhone. At 5:01 PM, they remote wiped my iPad. At 5:05, they remote wiped my MacBook Air.

Yes, I was hacked. Hard. Mat Honan, a tech journalist, had his iPhone and Mac remotely wiped and his gmail account deleted within the space of 5 minutes. Password cracked? No. Security question leak? No. Social engineering Apple tech support.
posted by gwint on Aug 6, 2012 - 224 comments

Not like the Queen, but like John Hurt

"We thought we were hosts like the queen is at a posh garden party, when actually we're hosts in the way that John Hurt is in Alien." As the Olympics approach, the scandals, inconveniences, mistakes and problems keep mounting, ranging from the frustrating through the comic to the tragic. For your appreciation, a picture of the London Olympics 2012. [more inside]
posted by outlier on Jul 16, 2012 - 300 comments

Cisco called, they want their Internet back

Introducing Cisco Connect Cloud! Now available mandatory for Linksys Smart Wi-Fi Routers, Cisco Connect Cloud gives you almost anybody anytime, anywhere access to your home network.
posted by flabdablet on Jun 30, 2012 - 67 comments

This country will self-destruct in 3 .. 2 ..

"McPhee describes two things: how Switzerland requires military service from every able-bodied male Swiss citizen—a model later emulated and expanded by Israel—and how the Swiss military has, in effect, wired the entire country to blow in the event of foreign invasion. To keep enemy armies out, bridges will be dynamited and, whenever possible, deliberately collapsed onto other roads and bridges below; hills have been weaponized to be activated as valley-sweeping artificial landslides; mountain tunnels will be sealed from within to act as nuclear-proof air raid shelters; and much more." (via)
posted by vidur on Jun 20, 2012 - 100 comments

See something, send something

The Massachusetts Bay Transit Authority has released MBTA See Say [iTunes link], a free iPhone/Android app that allows riders to "send the MBTA Transit Police pictures, text messages, and locations of unattended packages or suspicious activity" [link to MBTA apps page]. The camera's flash is disabled when a photograph is taken within the app. According to ELERTS, who built the app for the MBTA, "the opportunity to crowdsource information from riders who witness suspicious or criminal activities has not been realized by transit systems." The MBTA, which is the fifth largest transit system in the United States, is the first system to adopt this technology.
posted by catlet on Jun 19, 2012 - 62 comments

An unauthorized certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This issue affects all supported releases of Microsoft Windows.

"Flame" is the name of a newly-identified malware program which utilizes a previously unknown MD5 collision attack to successfully spoof Microsoft Terminal Services, and install itself as a trusted program using Windows Update, Microsoft has confirmed. The program appears to have targeted computers in the Middle East, and specifically Iran; analysts have alleged it is likely created by the same entity that designed Stuxnet. Flame has been live and actively spying since 2010, but went undetected until recently, due to sophisticated anti-detection measures. [more inside]
posted by mek on Jun 8, 2012 - 53 comments

To Profile or Not to Profile?

To Profile or Not to Profile? A Debate between Sam Harris and Bruce Schneier.
posted by brundlefly on May 29, 2012 - 150 comments

Cyberwar: China's move discovered

Revolutionary hardware backdoor discovered in China-made military-grade FPGA chips. Claims were made by the intelligence agencies around the world, from MI5, NSA and IARPA, that silicon chips could be infected. We developed breakthrough silicon chip scanning technology to investigate these claims. We chose an American military chip that is highly secure with sophisticated encryption standard, manufactured in China. Our aim was to perform advanced code breaking and to see if there were any unexpected features on the chip. We scanned the silicon chip in an affordable time and found a previously unknown backdoor inserted by the manufacturer. This backdoor has a key, which we were able to extract. If you use this key you can disable the chip or reprogram it at will, even if locked by the user with their own key. This particular chip is prevalent in many systems from weapons, nuclear power plants to public transport. In other words, this backdoor access could be turned into an advanced Stuxnet weapon to attack potentially millions of systems. The scale and range of possible attacks has huge implications for National Security and public infrastructure.
posted by scalefree on May 27, 2012 - 152 comments

Isn't that Byronic?

Computer security consultant Byron Sonne (previously, previously) has been acquitted of charges he plotted to attack the G20 summit in Toronto.
posted by unSane on May 15, 2012 - 12 comments

The Avian Flu: Transparency vs. Public Safety

"Experimental adaptation of an influenza H5 HA confers respiratory droplet transmission to a reassortant H5 HA/H1N1 virus in ferrets." After an extensive, months-long debate, one of two controversial papers showing ways the H5N1 "avian" influenza virus could potentially become transmissible in mammals with only 3 or 4 mutations was published in Nature today. The journal included an editorial on the merits and drawbacks of "publishing risky research" with regard to biosafety. The debate included an unprecedented recommendation by The US National Science Advisory Board for Biosecurity (NSABB) to block publication -- a decision they later reversed. (Via: 1, 2) Nature's special report has additional articles, including interviews with the teams behind both papers.
posted by zarq on May 3, 2012 - 37 comments

A real world distopian sports event

Not content with displacing the poor, menacing photographers and blocking ambulances the london olympics now wants ground-to-air missiles, presumably to shoot down rogue skywriters who might misuse it's brand.
posted by Artw on Apr 28, 2012 - 68 comments

Timeo Danaos et dona ferentis.

Multiple analysts warned of vulnerabilities, but instead of being heeded they were severely punished After a lengthy DDOS attack, some determined hacking, and repeated attempts to penetrate its hardened security layer, the host was finally rooted by a cunningly designed piece of social and mechanical engineering. When the malware released its payload, not only was the system completely wiped, but the culture that created it as well. This day in tech: the original Trojan.
posted by unSane on Apr 24, 2012 - 29 comments

Telnet Times Ten Thousand

If you've ever worked with the command prompt on a Unix-based computer, you're likely familiar with SSH (Secure SHell), which is a program and a protocol that allows you (yes, you!) to securely access a remote system. While SSH has certainly earned the "Secure" portion of its namesake over the years, it's functionality as a shell has ironically received very little attention, and has begun to show signs of age and obsolescence: SSH doesn't work very well on mobile connections, and its support for Unicode is buggy and incomplete. A group of MIT researchers think they've found solutions to these problems, and have created Mosh as a potential successor to SSH, which fixes many of the old protocol's annoyances and shortcomings, while retaining all of SSH's security features.
posted by schmod on Apr 12, 2012 - 77 comments

Page: 1 2 3 4 5 6 7 8 ... 13