671 posts tagged with security.
Displaying 151 through 200 of 671. Subscribe:

Do you want to see something scary?

GQ reports on paraplegic web cam hacker Luis Mijangos [more inside]
posted by Potomac Avenue on Jan 25, 2012 - 20 comments

"Your mother sells whelks by the hull"

"One in three teens has shared a password with a friend or significant other." [more inside]
posted by jeffburdges on Jan 24, 2012 - 62 comments

SEAndroid

The U.S. National Security Agency (NSA) has begun releasing Security-Enhanced Android patches and tools, which port their Security-Enhanced Linux tools to Android devices. SEAndroid and SELinux provide mandatory access control designed to limit the amount of damage that rogue or exploited software can do. [more inside]
posted by jeffburdges on Jan 21, 2012 - 35 comments

So, would your holiness care to change her password?

The holiday season isn't always relaxing for those in the computing security field. 2011's Chaos Communication Congress brought many gifts in the form of vulnerability disclosures, including: malicious documents that infect HP printers, remote control vulnerabilities in prison lock systems, and denial-of-service attacks against Web servers written in just about every scripting language.
posted by spitefulcrow on Jan 1, 2012 - 32 comments

The Year Secrecy Jumped the Shark

The EFF's Year End Review   The ACLU's This Year in Civil Liberties   Amnesty International's Anual Report (video) [more inside]
posted by jeffburdges on Dec 25, 2011 - 11 comments

Beyond the Border

The U.S.-Canada Beyond the Border agreement is wide-ranging in its impact. Indeed, Prime Minister Harper referred to it Wednesday as "the most significant step forward in Canada-U.S. co-operation since (NAFTA)". This deal promises regulatory alignment (including the food and automotive sectors), quicker border crossings for business or travel (with pre-clearance options), and "screened once, accepted twice" cargo. Perhaps the biggest concern for Canadians however are the changes this agreement could have for their privacy. [more inside]
posted by stinkycheese on Dec 8, 2011 - 130 comments

A leaking woodpecker

Security researchers at North Carolina State University led by Xuxian Jiang (who had previously discovered 12 malicious Android applications sold through Google's Android Market) have uncovered holes in how the permissions-based security model is enforced on numerous Android devices. Called "leaks", these vulnerabilities allow new and existing malicious applications to eavesdrop on calls, track the user's location, install applications, send SMS messages, delete data from the device, and more. (via)
posted by Blazecock Pileon on Dec 5, 2011 - 30 comments

We need some angry nerds.

"The PC is dead. Rising numbers of mobile, lightweight, cloud-centric devices [represent] an unprecedented shift of power from end users and software developers on the one hand, to operating system vendors on the other ... This is a little for the better, and much for the worse." - Jonathan Zittrain, Harvard Law Professor (via battellemedia.com) [more inside]
posted by jeffburdges on Dec 4, 2011 - 153 comments

and battery

The assault on Los Alamos National Laboratory: A drama in three acts
posted by fantabulous timewaster on Nov 10, 2011 - 30 comments

James Fallows on what it's like to have your webmail hacked

Hacked! James Fallows writes in the Atlantic Monthly on how his wife's Gmail account was hacked, and years of email were deleted. Summary: if you have Gmail, you should be using its new 2-step verification; use strong passwords; don't re-use passwords. [more inside]
posted by russilwvong on Nov 5, 2011 - 97 comments

Borders. Security. Refugees. Jerusalem.

The Atlantic is in the middle of a four-part special report on the Israel / Palestinian peace process, called "Is Peace Possible?" which features multimedia presentations on and analyses of what they believe are the four core issues of the conflict: Borders, Security, Refugees, and Jerusalem. (The latter two will be released on Monday, November 7 and 14th, respectively) The report was put together in collaboration with the S. Daniel Abraham Center for Middle East Peace. [more inside]
posted by zarq on Nov 1, 2011 - 21 comments

Phone home

Secret iOS business; what you don’t know about your apps
posted by Artw on Oct 19, 2011 - 125 comments

Stuxnet II: Electric Duqu

A year after the infrastructure-attacking Stuxnet worm was discovered in Iran, a new piece of malware using some of the same techniques (but apparently with different goals) has been found infecting systems in Europe. The new malware, dubbed “Duqu” [dü-kyü], appears to have been written by someone with direct access to the Stuxnet source code.
posted by gemmy on Oct 18, 2011 - 49 comments

Who Watches The Robots?

Wired Magazine: Mystery virus hits U.S drone fleet
posted by The Whelk on Oct 8, 2011 - 68 comments

Exploiting Fear

How Two Scammers Built an Empire Hawking Sketchy Software
posted by vidur on Oct 4, 2011 - 23 comments

Logging out of Facebook is not enough

Logging out of Facebook is not enough - Nik Cubrilovic demonstrates how, even after logging out, Facebook tracks every page you visit on sites that integrate Facebook services [via]
posted by Blazecock Pileon on Sep 27, 2011 - 123 comments

Why the world is scared of hacktivists

They’re watching. And they can bring you down: Why the world is scared of hacktivists. [Via]
posted by homunculus on Sep 25, 2011 - 94 comments

Hacker Rattles Security Circles

“My country should have control over Google, Skype, Yahoo, etc.,” he said by e-mail. “I’m breaking all encryption algorithms and giving power to my country to control all of them.” Is an independent Iranian hacker trying to help his government spy on its people?
posted by beisny on Sep 12, 2011 - 24 comments

Guardian editor alleged to have leaked Cablegate password

Wikileaks has alleged that Guardian editor David Leigh negligently leaked the encryption passphrase to the unredacted 'Cablegate' archive in an upcoming book. The Guardian denies the charges, but states that "[a] Twitter user has now published a link to the full, unredacted database of embassy cables", potentially putting informants at risk.
posted by p3on on Aug 31, 2011 - 203 comments

DigiNotar SSL certificate compromise

Two days ago a user asked Google about a strange warning he was getting when trying to access Gmail from Iran. Turns out he was getting a fraudulent SSL certificate that was issued incorrectly for *.google.com by DigiNotar, a Dutch certificate authority. It seems likely this was a deliberate man-in-the-middle attack to snoop email in Iran. This attack is the second SSL certificate compromise in a year (previously), pointing to a fundamental design flaw in Internet security. [more inside]
posted by Nelson on Aug 30, 2011 - 45 comments

Backdoor, yeah, yeah, snicker, snicker.

You may already be screwed. And not in the good way you were hoping for. MeFi kink favourite, FetLife has been ignoring a longstanding security and privacy compromise. (nsfw)
posted by rodgerd on Aug 9, 2011 - 63 comments

"...nor shall be compelled in any criminal case to be a witness against himself..."

Public interests will be harmed absent requiring defendants to make available unencrypted contents in circumstances like these. Failing to compel Ms. Fricosu amounts to a concession to her and potential criminals (be it in child exploitation, national security, terrorism, financial crimes or drug trafficking cases) that encrypting all inculpatory digital evidence will serve to defeat the efforts of law enforcement officers to obtain such evidence through judicially authorized search warrants, and thus make their prosecution impossible.

The "if you were innocent, you'd have nothing to hide" argument rears its head, in a big way. [more inside]
posted by fifthrider on Jul 11, 2011 - 215 comments

Robert Morris, 1932-2011

Robert Morris, a pioneer in the field of computer security, early major contributor to the UNIX operating system, and father of Robert Tappan Morris (author of the Morris Worm), has died at 78. NYT [more inside]
posted by fireoyster on Jun 29, 2011 - 23 comments

The Next Generation

DEFCON Kids! [more inside]
posted by jeffburdges on Jun 27, 2011 - 15 comments

Searching public hacker databases to keep your passwords safe

Should I Change My Password checks a list of e-mails connected to passwords released by hackers to the public (source list here) and tells you if your password has been compromised.
posted by The Devil Tesla on Jun 25, 2011 - 50 comments

not just to reveal their racist and corrupt nature but to purposefully sabotage their efforts to terrorize communities

"Hackers of the world are uniting and taking direct action against our common oppressors - the government, corporations, police, and militaries of the world" says LulzSec (previously) in their latest release, Chinga La Migra. "We are releasing hundreds of private intelligence bulletins, training manuals, personal email correspondence, names, phone numbers, addresses and passwords belonging to Arizona law enforcement. We are targeting AZDPS specifically because we are against SB1070 (previously) and the racial profiling anti-immigrant police state that is Arizona."

#antisec is a new track from nerdcore rapper ytcracker (previously)
posted by finite on Jun 23, 2011 - 47 comments

Yet more censational news

Lulzsec appear to have hacked the UK 2011 Census which, if true, could be quite a significant ramp up of the security wars. Grabbing a few million credit card numbers is one thing, 60 million identities is something else entirely. Not to mention the celebrity data. Here's the Hacker News comment thread, and a list of the actual census questions to show what could be on offer.
posted by Duug on Jun 21, 2011 - 135 comments

I think Lulzsec is a pretty cool guy. eh hacks US Senate and doesn't afraid of anything.

LulzSec (twitter account) have hacked senate.gov. The group has previously hacked Bethesda, Pron.com, FBI affilliates amongst others. Although some argue that LulzSec represent the catalyst to improve IT security, this message to the Senate seems likely to provoke a more direct investigation: [more inside]
posted by jaduncan on Jun 13, 2011 - 141 comments

The only secure password is the one you can’t remember.

People who use Sony don't make very good passwords. "None of this is overly surprising, although it remains alarming. We know passwords are too short, too simple, too predictable and too much like the other ones the individual has created in other locations. The bit which did take me back a bit was the extent to which passwords conformed to very predictable patterns, namely only using alphanumeric character, being 10 characters or less and having a much better than average chance of being the same as other passwords the user has created on totally independent systems." [more inside]
posted by -->NMN.80.418 on Jun 7, 2011 - 142 comments

Tupac the Kiwi

Over the weekend, PBS' website was hacked by a group calling itself "The Lulz Boat", or "LulzSec". The PBS site displayed a story claiming that rapper Tupac Shakur was alive and well in New Zealand. (He's not). The hack was apparently over the Frontline program that aired last week, 'Wikisecrets', which Julian Assange called "hostile". This follows a separate, unrelated breach at Lockheed Martin, also publicized over the weekend. (Previously)
posted by IvoShandor on May 30, 2011 - 62 comments

Can't touch this

Last week the Texas House of Representatives unanimously passed a bill (House Bill 1937) prohibiting public servants from intrusively touching anyone seeking access to a public building or form of transportation. (TIME, Dallas News, Washington Times) The blogosphere touted the legislation as a move to criminalize TSA groping. Today, the bill was withdrawn from consideration by the state senate after a threat from the TSA and Department of Justice to "close down all the airports in Texas". Protesters are currently marching on the state capitol. [more inside]
posted by thescientificmethhead on May 25, 2011 - 93 comments

Of spies, special forces and drone strikes

Warfare: An advancing front - "The US is engaged in increasingly sophisticated warfare, fusing intelligence services and military specialists" [more inside]
posted by kliuless on May 21, 2011 - 19 comments

you may say I'm a dreamer

-Only an 'energy internet' can ward off disaster
-We must electrify the transport sector [more inside]
posted by kliuless on May 19, 2011 - 58 comments

"We noticed an issue yesterday...:

In last week's post about the PSN security breach, several MeFites recommended LastPass for storing passwords. Well, yesterday they found some anomolous network traffic, and they're asking all users to update their master password. (Some notes from James Fallows of The Atlantic. One guy explaining why you shouldn't freak out. Ask MeFi: "What simple, secure, portable password and secure data management systems do you use?")
posted by epersonae on May 5, 2011 - 97 comments

Conflict, Security, and Development

Remove the scourge of conflict - "Taming mass violence is the theme of the World Bank's latest World Development Report, which focuses on 'conflict, security and development' [pdf] ... Mass violence destroys all hopes of progress. We should make a huge effort to eliminate this scourge. It seems feasible. It is desirable. So try."
posted by kliuless on Apr 30, 2011 - 18 comments

TSA a Giant Waste of Money

John Mueller and Mark Stewart may have found the one part of government we can afford to cut in their paper "Terror, Security, and Money: Balancing the Risks, Benefits, and Costs of Homeland Security" From the abstract "The cumulative increase in expenditures on US domestic homeland security over the decade since 9/11 exceeds one trillion dollars. It is clearly time to examine these massive expenditures applying risk assessment and cost-benefit approaches that have been standard for decades."
posted by RSaunders on Apr 27, 2011 - 30 comments

PlayStation Network and Qriocity Security Breach

Sony's PlayStation Network and Qriocity have been down since April 20 2011 due to an illegal intrusion. Today Sony announced that user data - birthdate, user name, password, e-mail address, possibly credit card information, and more - has been compromised for its 69 million users, exposing them to identify theft amongst other things. [more inside]
posted by Foci for Analysis on Apr 26, 2011 - 285 comments

RSA has been hacked.

Computer security vendor RSA, maker of two-factor authentication SecurID, has been hacked by unknown parties. In an open letter to it customers RSA Executive Chairman Arthur W. Coviello, Jr. calls the attack the work of an Advanced Persistent Threat, meaning a highly skilled, well-funded group acting deliberately & precisely to achieve a specific goal. RSA's clients include many Fortune 100 companies, US Government, Military & Intelligence Community organizations.
posted by scalefree on Mar 17, 2011 - 118 comments

Cracking voyeurism

Using honeypots and logging tools, some server admins have logged actual server break-in attempts by nincompoop crackers. [more inside]
posted by Foci for Analysis on Mar 11, 2011 - 50 comments

Car-go or Car-stop?

Yesterday Air Canada said it would stop shipments of all cargo to the U.S.A. due to an "emergency change to US security" [more inside]
posted by sardonyx on Mar 10, 2011 - 60 comments

iTunes Scammers At It Again

A thread at Apple's Support site has popped up with frustrated users describing nearly identical iTunes account disruptions: up to hundreds of dollars of charges are being racked up by fraudulent buyers, using iTunes gift card balances and even credit card information to fund the purchases. [more inside]
posted by Khazk on Mar 9, 2011 - 71 comments

Stasi, SSIS, ...

"I almost can't believe I'm witnessing this. We're inside the fortress of terror, our very own Mordor..." [more inside]
posted by jeffburdges on Mar 7, 2011 - 74 comments

It's Dangerous to Go Alone! Take This.

Security-in-a-Box. A complete guide to digital security for advocates and human rights defenders (and for you too!). It includes all the info and tools you'll need for anything related to personal digital security.
Mobiles in-a-box: Tools and tactics for mobile advocacy.
Message in-a-box: Everything you need to make and distribute your own media.
NGO-in-a-box: Set up you NGO using free and open-source software.
[more inside]
posted by lemuring on Feb 28, 2011 - 14 comments

It's a purr-fect night for a heist.

When the sun goes down, it's time to hit the streets. Dusty is a cat burglar.
posted by XhaustedProphet on Feb 28, 2011 - 28 comments

“Duuuuuuuudddde! It’s 7 a.m. where you are, who died?”

Security reporter Brian Krebs [previously] visits Russian illicit online prescription baron Pavel Vrublevsky.
posted by These Premises Are Alarmed on Feb 21, 2011 - 3 comments

"The Package"

Inside the Secret Service. Sidebars: Radio Chatter and The Presidential Motorcade (Via) [more inside]
posted by zarq on Feb 8, 2011 - 48 comments

Some people learn lessons the hard way.

Aaron Barr, of security company HBGary, claimed in the Financial Times to have infiltrated Anonymous and to be collecting information on members of the group. Predictably, Anonymous responded by hacking HBGary's website and replacing its front page, as well as by stealing Barr's research documents on Anonymous (and social networking accounts) and releasing them to the public, along with thousands of internal HBGary emails.
posted by Pope Guilty on Feb 7, 2011 - 199 comments

I felt a great disturbance in the Force, as if millions of to-do lists suddenly cried out in terror, and were suddenly silenced

IPv6, a newer version of the Internet Protocol that most of the net will convert to during the next few years due to "address exhaustion" with the current IPv4, (previously, previously) has a variety of advanced security features in it. Once IPv6 is fully rolled out and all the technical people are familiar with it, computers connected to the internet will be much safer from some kinds of hacking - but until then we may be in for a bumpy ride.
posted by XMLicious on Feb 1, 2011 - 60 comments

Fish finger

Security advisor Brian Krebs on the 'hacking' of web dating site Plenty of fish by Chris Russos.
posted by unliteral on Jan 31, 2011 - 73 comments

Today's status: Smokey Bear.

A little bit of security theater will shut down in April as the Department of Homeland Security will end the color coded Homeland Security Advisory System. The terror alert has not changed from yellow in over four years, unless you are on an international flight. The system has been criticized immensely since its introduction. And don't forget the jokes. [more inside]
posted by Mister Fabulous on Jan 28, 2011 - 28 comments

Page: 1 2 3 4 5 6 7 8 ... 14