662 posts tagged with security.
Displaying 151 through 200 of 662. Subscribe:

James Fallows on what it's like to have your webmail hacked

Hacked! James Fallows writes in the Atlantic Monthly on how his wife's Gmail account was hacked, and years of email were deleted. Summary: if you have Gmail, you should be using its new 2-step verification; use strong passwords; don't re-use passwords. [more inside]
posted by russilwvong on Nov 5, 2011 - 97 comments

Borders. Security. Refugees. Jerusalem.

The Atlantic is in the middle of a four-part special report on the Israel / Palestinian peace process, called "Is Peace Possible?" which features multimedia presentations on and analyses of what they believe are the four core issues of the conflict: Borders, Security, Refugees, and Jerusalem. (The latter two will be released on Monday, November 7 and 14th, respectively) The report was put together in collaboration with the S. Daniel Abraham Center for Middle East Peace. [more inside]
posted by zarq on Nov 1, 2011 - 21 comments

Phone home

Secret iOS business; what you don’t know about your apps
posted by Artw on Oct 19, 2011 - 125 comments

Stuxnet II: Electric Duqu

A year after the infrastructure-attacking Stuxnet worm was discovered in Iran, a new piece of malware using some of the same techniques (but apparently with different goals) has been found infecting systems in Europe. The new malware, dubbed “Duqu” [dü-kyü], appears to have been written by someone with direct access to the Stuxnet source code.
posted by gemmy on Oct 18, 2011 - 49 comments

Who Watches The Robots?

Wired Magazine: Mystery virus hits U.S drone fleet
posted by The Whelk on Oct 8, 2011 - 68 comments

Exploiting Fear

How Two Scammers Built an Empire Hawking Sketchy Software
posted by vidur on Oct 4, 2011 - 23 comments

Logging out of Facebook is not enough

Logging out of Facebook is not enough - Nik Cubrilovic demonstrates how, even after logging out, Facebook tracks every page you visit on sites that integrate Facebook services [via]
posted by Blazecock Pileon on Sep 27, 2011 - 123 comments

Why the world is scared of hacktivists

They’re watching. And they can bring you down: Why the world is scared of hacktivists. [Via]
posted by homunculus on Sep 25, 2011 - 94 comments

Hacker Rattles Security Circles

“My country should have control over Google, Skype, Yahoo, etc.,” he said by e-mail. “I’m breaking all encryption algorithms and giving power to my country to control all of them.” Is an independent Iranian hacker trying to help his government spy on its people?
posted by beisny on Sep 12, 2011 - 24 comments

Guardian editor alleged to have leaked Cablegate password

Wikileaks has alleged that Guardian editor David Leigh negligently leaked the encryption passphrase to the unredacted 'Cablegate' archive in an upcoming book. The Guardian denies the charges, but states that "[a] Twitter user has now published a link to the full, unredacted database of embassy cables", potentially putting informants at risk.
posted by p3on on Aug 31, 2011 - 203 comments

DigiNotar SSL certificate compromise

Two days ago a user asked Google about a strange warning he was getting when trying to access Gmail from Iran. Turns out he was getting a fraudulent SSL certificate that was issued incorrectly for *.google.com by DigiNotar, a Dutch certificate authority. It seems likely this was a deliberate man-in-the-middle attack to snoop email in Iran. This attack is the second SSL certificate compromise in a year (previously), pointing to a fundamental design flaw in Internet security. [more inside]
posted by Nelson on Aug 30, 2011 - 45 comments

Backdoor, yeah, yeah, snicker, snicker.

You may already be screwed. And not in the good way you were hoping for. MeFi kink favourite, FetLife has been ignoring a longstanding security and privacy compromise. (nsfw)
posted by rodgerd on Aug 9, 2011 - 63 comments

"...nor shall be compelled in any criminal case to be a witness against himself..."

Public interests will be harmed absent requiring defendants to make available unencrypted contents in circumstances like these. Failing to compel Ms. Fricosu amounts to a concession to her and potential criminals (be it in child exploitation, national security, terrorism, financial crimes or drug trafficking cases) that encrypting all inculpatory digital evidence will serve to defeat the efforts of law enforcement officers to obtain such evidence through judicially authorized search warrants, and thus make their prosecution impossible.

The "if you were innocent, you'd have nothing to hide" argument rears its head, in a big way. [more inside]
posted by fifthrider on Jul 11, 2011 - 215 comments

Robert Morris, 1932-2011

Robert Morris, a pioneer in the field of computer security, early major contributor to the UNIX operating system, and father of Robert Tappan Morris (author of the Morris Worm), has died at 78. NYT [more inside]
posted by fireoyster on Jun 29, 2011 - 23 comments

The Next Generation

DEFCON Kids! [more inside]
posted by jeffburdges on Jun 27, 2011 - 15 comments

Searching public hacker databases to keep your passwords safe

Should I Change My Password checks a list of e-mails connected to passwords released by hackers to the public (source list here) and tells you if your password has been compromised.
posted by The Devil Tesla on Jun 25, 2011 - 50 comments

not just to reveal their racist and corrupt nature but to purposefully sabotage their efforts to terrorize communities

"Hackers of the world are uniting and taking direct action against our common oppressors - the government, corporations, police, and militaries of the world" says LulzSec (previously) in their latest release, Chinga La Migra. "We are releasing hundreds of private intelligence bulletins, training manuals, personal email correspondence, names, phone numbers, addresses and passwords belonging to Arizona law enforcement. We are targeting AZDPS specifically because we are against SB1070 (previously) and the racial profiling anti-immigrant police state that is Arizona."

#antisec is a new track from nerdcore rapper ytcracker (previously)
posted by finite on Jun 23, 2011 - 47 comments

Yet more censational news

Lulzsec appear to have hacked the UK 2011 Census which, if true, could be quite a significant ramp up of the security wars. Grabbing a few million credit card numbers is one thing, 60 million identities is something else entirely. Not to mention the celebrity data. Here's the Hacker News comment thread, and a list of the actual census questions to show what could be on offer.
posted by Duug on Jun 21, 2011 - 135 comments

I think Lulzsec is a pretty cool guy. eh hacks US Senate and doesn't afraid of anything.

LulzSec (twitter account) have hacked senate.gov. The group has previously hacked Bethesda, Pron.com, FBI affilliates amongst others. Although some argue that LulzSec represent the catalyst to improve IT security, this message to the Senate seems likely to provoke a more direct investigation: [more inside]
posted by jaduncan on Jun 13, 2011 - 141 comments

The only secure password is the one you can’t remember.

People who use Sony don't make very good passwords. "None of this is overly surprising, although it remains alarming. We know passwords are too short, too simple, too predictable and too much like the other ones the individual has created in other locations. The bit which did take me back a bit was the extent to which passwords conformed to very predictable patterns, namely only using alphanumeric character, being 10 characters or less and having a much better than average chance of being the same as other passwords the user has created on totally independent systems." [more inside]
posted by -->NMN.80.418 on Jun 7, 2011 - 142 comments

Tupac the Kiwi

Over the weekend, PBS' website was hacked by a group calling itself "The Lulz Boat", or "LulzSec". The PBS site displayed a story claiming that rapper Tupac Shakur was alive and well in New Zealand. (He's not). The hack was apparently over the Frontline program that aired last week, 'Wikisecrets', which Julian Assange called "hostile". This follows a separate, unrelated breach at Lockheed Martin, also publicized over the weekend. (Previously)
posted by IvoShandor on May 30, 2011 - 62 comments

Can't touch this

Last week the Texas House of Representatives unanimously passed a bill (House Bill 1937) prohibiting public servants from intrusively touching anyone seeking access to a public building or form of transportation. (TIME, Dallas News, Washington Times) The blogosphere touted the legislation as a move to criminalize TSA groping. Today, the bill was withdrawn from consideration by the state senate after a threat from the TSA and Department of Justice to "close down all the airports in Texas". Protesters are currently marching on the state capitol. [more inside]
posted by thescientificmethhead on May 25, 2011 - 93 comments

Of spies, special forces and drone strikes

Warfare: An advancing front - "The US is engaged in increasingly sophisticated warfare, fusing intelligence services and military specialists" [more inside]
posted by kliuless on May 21, 2011 - 19 comments

you may say I'm a dreamer

-Only an 'energy internet' can ward off disaster
-We must electrify the transport sector [more inside]
posted by kliuless on May 19, 2011 - 58 comments

"We noticed an issue yesterday...:

In last week's post about the PSN security breach, several MeFites recommended LastPass for storing passwords. Well, yesterday they found some anomolous network traffic, and they're asking all users to update their master password. (Some notes from James Fallows of The Atlantic. One guy explaining why you shouldn't freak out. Ask MeFi: "What simple, secure, portable password and secure data management systems do you use?")
posted by epersonae on May 5, 2011 - 97 comments

Conflict, Security, and Development

Remove the scourge of conflict - "Taming mass violence is the theme of the World Bank's latest World Development Report, which focuses on 'conflict, security and development' [pdf] ... Mass violence destroys all hopes of progress. We should make a huge effort to eliminate this scourge. It seems feasible. It is desirable. So try."
posted by kliuless on Apr 30, 2011 - 18 comments

TSA a Giant Waste of Money

John Mueller and Mark Stewart may have found the one part of government we can afford to cut in their paper "Terror, Security, and Money: Balancing the Risks, Benefits, and Costs of Homeland Security" From the abstract "The cumulative increase in expenditures on US domestic homeland security over the decade since 9/11 exceeds one trillion dollars. It is clearly time to examine these massive expenditures applying risk assessment and cost-benefit approaches that have been standard for decades."
posted by RSaunders on Apr 27, 2011 - 30 comments

PlayStation Network and Qriocity Security Breach

Sony's PlayStation Network and Qriocity have been down since April 20 2011 due to an illegal intrusion. Today Sony announced that user data - birthdate, user name, password, e-mail address, possibly credit card information, and more - has been compromised for its 69 million users, exposing them to identify theft amongst other things. [more inside]
posted by Foci for Analysis on Apr 26, 2011 - 285 comments

RSA has been hacked.

Computer security vendor RSA, maker of two-factor authentication SecurID, has been hacked by unknown parties. In an open letter to it customers RSA Executive Chairman Arthur W. Coviello, Jr. calls the attack the work of an Advanced Persistent Threat, meaning a highly skilled, well-funded group acting deliberately & precisely to achieve a specific goal. RSA's clients include many Fortune 100 companies, US Government, Military & Intelligence Community organizations.
posted by scalefree on Mar 17, 2011 - 118 comments

Cracking voyeurism

Using honeypots and logging tools, some server admins have logged actual server break-in attempts by nincompoop crackers. [more inside]
posted by Foci for Analysis on Mar 11, 2011 - 50 comments

Car-go or Car-stop?

Yesterday Air Canada said it would stop shipments of all cargo to the U.S.A. due to an "emergency change to US security" [more inside]
posted by sardonyx on Mar 10, 2011 - 60 comments

iTunes Scammers At It Again

A thread at Apple's Support site has popped up with frustrated users describing nearly identical iTunes account disruptions: up to hundreds of dollars of charges are being racked up by fraudulent buyers, using iTunes gift card balances and even credit card information to fund the purchases. [more inside]
posted by Khazk on Mar 9, 2011 - 71 comments

Stasi, SSIS, ...

"I almost can't believe I'm witnessing this. We're inside the fortress of terror, our very own Mordor..." [more inside]
posted by jeffburdges on Mar 7, 2011 - 74 comments

It's Dangerous to Go Alone! Take This.

Security-in-a-Box. A complete guide to digital security for advocates and human rights defenders (and for you too!). It includes all the info and tools you'll need for anything related to personal digital security.
Mobiles in-a-box: Tools and tactics for mobile advocacy.
Message in-a-box: Everything you need to make and distribute your own media.
NGO-in-a-box: Set up you NGO using free and open-source software.
[more inside]
posted by lemuring on Feb 28, 2011 - 14 comments

It's a purr-fect night for a heist.

When the sun goes down, it's time to hit the streets. Dusty is a cat burglar.
posted by XhaustedProphet on Feb 28, 2011 - 28 comments

“Duuuuuuuudddde! It’s 7 a.m. where you are, who died?”

Security reporter Brian Krebs [previously] visits Russian illicit online prescription baron Pavel Vrublevsky.
posted by These Premises Are Alarmed on Feb 21, 2011 - 3 comments

"The Package"

Inside the Secret Service. Sidebars: Radio Chatter and The Presidential Motorcade (Via) [more inside]
posted by zarq on Feb 8, 2011 - 48 comments

Some people learn lessons the hard way.

Aaron Barr, of security company HBGary, claimed in the Financial Times to have infiltrated Anonymous and to be collecting information on members of the group. Predictably, Anonymous responded by hacking HBGary's website and replacing its front page, as well as by stealing Barr's research documents on Anonymous (and social networking accounts) and releasing them to the public, along with thousands of internal HBGary emails.
posted by Pope Guilty on Feb 7, 2011 - 199 comments

I felt a great disturbance in the Force, as if millions of to-do lists suddenly cried out in terror, and were suddenly silenced

IPv6, a newer version of the Internet Protocol that most of the net will convert to during the next few years due to "address exhaustion" with the current IPv4, (previously, previously) has a variety of advanced security features in it. Once IPv6 is fully rolled out and all the technical people are familiar with it, computers connected to the internet will be much safer from some kinds of hacking - but until then we may be in for a bumpy ride.
posted by XMLicious on Feb 1, 2011 - 60 comments

Fish finger

Security advisor Brian Krebs on the 'hacking' of web dating site Plenty of fish by Chris Russos.
posted by unliteral on Jan 31, 2011 - 73 comments

Today's status: Smokey Bear.

A little bit of security theater will shut down in April as the Department of Homeland Security will end the color coded Homeland Security Advisory System. The terror alert has not changed from yellow in over four years, unless you are on an international flight. The system has been criticized immensely since its introduction. And don't forget the jokes. [more inside]
posted by Mister Fabulous on Jan 28, 2011 - 28 comments

At these prices you'd be crazy not to buy one

A blogger for information security firm Imperva reports the discovery of a hacker site offering root access on US & foreign government, military & educational sites for sale for prices ranging from $55 to $499, or just database records for the reasonable price of $20/1000. Besides US sites the hacker(s) also offer government servers in India, Taiwan & Italy. The hacker(s) also provide what they claim is proof of their access for the skeptical or cautious buyer. No credit card offers, please - the only currency they accept is Liberty Reserve.
posted by scalefree on Jan 21, 2011 - 29 comments

Newsflash: Terrorism existed before 9/11

We never used to go nuts about terrorism.
posted by dougrayrankin on Dec 29, 2010 - 64 comments

The Daily Patdown: Your Daily Dose of Security Theater

The Daily Patdown - Your daily Dose of Security Theater. Some pictures of groping therein. [via mefi projects]
posted by Burhanistan on Dec 20, 2010 - 46 comments

X-rays for naught

The TSA let a loaded gun get on an airplaine. (also, also, also) [more inside]
posted by knz on Dec 19, 2010 - 136 comments

Casinos: not the fortresses they pretend to be

After hearing of a recent heist in which a bandit wearing a motorcycle helmet robbed the Bellagio of $1.5 million in chips (the 10th Vegas casino robbery this year), I remembered the scene from Ocean's 11 where Reuben expounds upon why it is nigh impossible to steal from a Las Vegas casino. But that simply isn't true. Granted, no one has infiltrated a casino for a massive $160 million haul, but sizable losses have occurred over the years: 18 Casino Heists: The Strange, The Surgical, and The Stupid; 5 Most Famous Casino Heists in History, Top 10: Epic Las Vegas Heists; 13 Real Heists from Around the World (there is duplication of mentioned events on these sites, as well as non-casino-related crimes). Casino Security (Wiki) may be high tech (Google .pdf quickview), but it's not unbeatable (Casino insider tells (almost) all about security). Of course, there are other ways to steal from a casino, but you might still get caught. And it's hard to find much lore about successful robberies, mostly because casinos don't want that kind of publicity. [more inside]
posted by bwg on Dec 15, 2010 - 37 comments

Subject: Allegations regarding OpenBSD IPSEC

Theo de Raadt: I have received a mail regarding the early development of the OpenBSD IPSEC stack. It is alleged that some ex-developers (and the company they worked for) accepted US government money to put backdoors into our network stack, in particular the IPSEC stack. [more inside]
posted by These Premises Are Alarmed on Dec 14, 2010 - 94 comments

Bring It On.

An anonymous hacking outfit called "Gnosis" has infiltrated Gawker Media, hijacking the front page and leaking the company's internal chat logs, source code, and content databases along with the usernames, email addresses, and passwords of over 1.3 million users (including Gawker staff). The attack, which was motivated by what the group describes as the "outright arrogance" with which the company's bloggers taunted anonymous imageboard 4chan (semi-previously), affects every site in the Gawker network, including Gizmodo, Kotaku, Lifehacker, Jezebel, Deadspin, Jalopnik, and io9. While most of the leaked passwords are encrypted, more than 200,000 of the simpler ones in the torrent file have been cracked, and the links between account names and email addresses are in plaintext for all to see. Since the integrity of Gawker's encryption methods remains in doubt, it is recommended that anyone who has ever registered an account on any Gawker property change their passwords immediately, especially if the same log-in information is used for other services.
posted by Rhaomi on Dec 12, 2010 - 312 comments

List of commercial airliner bombings.

This list of commercial airliner bombings appears in the Ask a Rocket Scientist section of Aerospaceweb.org. It presents a comprehensive and descriptive catalog of 86 bombings and attempted bombings since 1933, 54 of which resulted in fatalities, and offers some information that might be relevant to the question of airline security.
posted by washburn on Nov 29, 2010 - 44 comments

We'll need to declaw that cat.

Airport-security cartoons from The New Yorker’s archives (1938 - present).
posted by gman on Nov 23, 2010 - 28 comments

Page: 1 2 3 4 5 6 7 8 ... 14