671 posts tagged with security.
Displaying 251 through 300 of 671. Subscribe:

It's all Greek to Me

In 1984 computer pioneer Ken Thompson wrote one of the seminal works of computer security, Reflections on Trusting Trust [PDF]. In it he postulated putting a trojan horse inside a compiler as a means of infecting software compiled by it. 25 years later somebody has finally done just that. Researchers at anti-virus house Sophos have discovered a virus that places a backdoor into applications compiled with the Delphi language. They've identified at least 3000 separate Delphi applications that have had this backdoor compiled into them so far, including banking programs and programs used for cellphone programming.
posted by scalefree on Aug 20, 2009 - 52 comments

And like that... he's gone

Gone Forever: What Does It Take to Really Disappear?
posted by homunculus on Aug 17, 2009 - 98 comments

Why Can't MS Do This?

An 8 year old critical security bug in the Linux kernel? No problem, we can fix that without even rebooting. You heard me, it is possible to apply a source code patch to a running kernel without reboot.
posted by DU on Aug 17, 2009 - 54 comments

Neurosecurity

Neurosecurity: security and privacy for neural devices. "An increasing number of neural implantable devices will become available in the near future due to advances in neural engineering. This discipline holds the potential to improve many patients' lives dramatically by offering improved—and in some cases entirely new—forms of rehabilitation for conditions ranging from missing limbs to degenerative cognitive diseases. The use of standard engineering practices, medical trials, and neuroethical evaluations during the design process can create systems that are safe and that follow ethical guidelines; unfortunately, none of these disciplines currently ensure that neural devices are robust against adversarial entities trying to exploit these devices to alter, block, or eavesdrop on neural signals. The authors define 'neurosecurity'—a version of computer science security principles and methods applied to neural engineering—and discuss why neurosecurity should be a critical consideration in the design of future neural devices." [Via Mind Hacks]
posted by homunculus on Jul 8, 2009 - 22 comments

CitiApartments

San Francisco's largest residential landlord is refusing to give back security deposits. CitiApartments is possibly going broke and, according to the head of the San Francisco Tenants Union, refusing to refund many tenants security deposits (he says they're getting three to four complaints a week). CitiApartments' buildings are filled with vacancies because their business model is purchasing buildings and then harassing and intimidating tenants into moving out so they can raise the rent. [more inside]
posted by Stephen Elliott on Jul 2, 2009 - 79 comments

You See, In Order to Save the Village America, We Have to ...

Michael Scheuer, the former chief of the CIA's "bin Laden Station", and the initially anonymous author of Imperial Hubris, pulls an O'Reilly on yesterday's Glenn Beck broadcast:
"The only chance we have as a country have right now is for Osama bin Laden to deploy and detonate a major weapon in the United States [...] only Osama can execute an attack which will force Americans to demand that their government protect them [...] with as much violence as necessary."
[more inside]
posted by WCityMike on Jul 1, 2009 - 96 comments

An Unclear Future

Clear, the "security service" that allowed travellers to bypass TSA security lines, offered a Father's Day discount if you purchased a one-year membership by June 21. On June 23, Clear ceased operations. Sorry, no refunds.
posted by mattdidthat on Jun 23, 2009 - 50 comments

The dry, technical language of Microsoft's October update did not indicate anything particularly untoward.

Its reach is impossible to measure precisely, but more than 3 million vulnerable machines may ultimately have been infected. : The inside story on the Conficker Worm at New Scientist.
posted by The Whelk on Jun 15, 2009 - 84 comments

Now, where did I put that plane factory?

Hiding in "plane" sight. Images and details of the significant efforts made by the United States to prevent the Japanese from bombing our west coast aircraft factories. I wonder what this effort would take today to "fool" Google Maps/Earth. [more inside]
posted by hrbrmstr on Jun 8, 2009 - 15 comments

Protect Yourself, Your Family, Your Identity

The commercials are all over television — and they certainly are attention-grabbing. They’re the ones where the heavy, bald guy is sitting in his easy chair talking in a squeaky female voice about all the clothes he bought — including a bustier. Or the little old lady speaking with the gruff voice of a younger man about the sweet motorcycle she now owned. Identity theft is a serious crime — one that is occurring with an alarming frequency. The Identity Theft Manifesto explains how criminals get your personal info, and what you can do about it.
posted by netbros on Jun 1, 2009 - 15 comments

High Security? Maybe.

You are Medeco, one of the world's premier lock companies. And you think your super-secure locks are tight. Until, that is, some upstart troublemaker comes along, reverse engineers them and shows the world (via Wired magazine--with video, natch) showing just how (supposedly) insecure they are. Then this same troublemaker releases a book giving all your secrets away. [more inside]
posted by ostranenie on May 28, 2009 - 75 comments

Your Tax Dollars At Work

A message from baby Emily. Most popular baby names + Medicare advice + awful Elvis impersonation = EPIC FAIL. A single link video post from the Social Security Administration. You will laugh. Until you remember we (USians) paid for this. (via Andrew Sullivan)
posted by fourcheesemac on May 17, 2009 - 309 comments

Electricity Grid in the U.S. Penetrated by Spies

According to an article posted in today's Wall Street Journal, the electricity grid in the U.S. has been compromised by foreign spies, leaving it vulnerable to disruption. Last year, the CIA acknowledged that the system had been compromised and that the goal had been extortion. In response, the Federal Electric Regulatory Commission issued new cybersecurity specs for the power grid, to which companies such as GE have begun responding. But could it be that the new security efforts are motivated by government officials who stand to gain by this attempt at drastically increasing government control over the Internet? [more inside]
posted by Roach on Apr 8, 2009 - 29 comments

IOKIYO

Beyond even the outrageously broad "state secrets" privilege invented by the Bush administration and now embraced fully by the Obama administration, the Obama DOJ has now invented a brand new claim of government immunity, one which literally asserts that the U.S. Government is free to intercept all of your communications (calls, emails and the like) and -- even if what they're doing is blatantly illegal and they know it's illegal -- you are barred from suing them unless they "willfully disclose" to the public what they have learned. - Glenn Greenwald. [more inside]
posted by Joe Beese on Apr 7, 2009 - 102 comments

Cloning passport card RFIDs

Passport RFIDs cloned wholesale by $250 eBay auction spree. "Using inexpensive off-the-shelf components, an information security expert has built a mobile platform that can clone large numbers of the unique electronic identifiers used in US passport cards and next generation drivers licenses. The $250 proof-of-concept device - which researcher Chris Paget built in his spare time - operates out of his vehicle and contains everything needed to sniff and then clone RFID, or radio frequency identification, tags. During a recent 20-minute drive in downtown San Francisco, it successfully copied the RFID tags of two passport cards without the knowledge of their owners." [Via]
posted by homunculus on Feb 3, 2009 - 24 comments

Heartland Systems data breach

"Payments processor Heartland Payment Systems has learned it was the victim of a security breach within its processing system in 2008. Heartland believes the intrusion is contained." [more inside]
posted by Class Goat on Jan 20, 2009 - 33 comments

Stir in poisoned DNS and add a dash of transparent proxying...

The embargo has been lifted on the newest research on growing internet infrastructure insecurity. Using an army of Playstations, researchers have managed to forge a RapidSSL (owned by Verisign) CA certificate in a couple hours due to known flaws in MD5.
posted by These Premises Are Alarmed on Dec 30, 2008 - 33 comments

Quis custodiet ipsos custodes?

The National Security Agency is building a data center in San Antonio that’s the size of the Alamodome. Microsoft has opened an 11-acre data center a few miles away. Coincidence? Not according to author James Bamford, who probably knows more about the NSA than any outsider. Bamford's new book reports that the biggest U.S. spy agency wanted assurances that Microsoft would be in San Antonio before it moved ahead with the Texas Cryptology Center. Bamford notes that under current law, the NSA could legally tap into Microsoft’s data without a court order. Whatever you do, don't take pictures of it the spy building unless you want to be taken in for questioning.
posted by up in the old hotel on Dec 8, 2008 - 42 comments

"I don't know what safe is."

Culture Of Fear. An interesting look at the security concerns National Football League players harbour in the wake of the death of Sean Taylor, who was robbed and shot within his own home. Previously. [more inside]
posted by The Card Cheat on Nov 19, 2008 - 4 comments

Trolling the head of the TSA

Trolling the Head of the TSA: Bruce Schneier [previously], consummate voice of sanity on all issues of security, co-authors an article in The Atlantic [previously] demonstrating how weak and ultimately pointless most of the new security practices put in place at airports since 9/11 are by, among other things, boarding airplanes with large amounts of liquid, using fake boarding passes he printed off his computer, and wearing an "I <3 Hezbollah" t-shirt. TSA head Kip Hawley then responds on the TSA's blog. Schneier then responds to the response on his blog. Hawley then leaves a comment to that post. Schneier fires back again in his monthly newsletter. Quite an interesting and intelligent debate, despite both men humorously falling victim to the idioms of the medium and getting increasingly snarky with each passing post. [via this month's crypto-gram, a good read all the way around.]
posted by ChasFile on Nov 17, 2008 - 30 comments

Ensuring the future of food

A well designed Japanese video about food security
posted by oxford blue on Nov 16, 2008 - 44 comments

Phishing in Plain English

The latest paper-based video from the folks at Common Craft. This video explains the ins and outs of phishing scams. Show it to your less web-savvy brethren.
posted by dbarefoot on Oct 21, 2008 - 5 comments

The Things He Carried

The Things He Carried. "Airport security in America is a sham—'security theater' designed to make travelers feel better and catch stupid terrorists. Smart ones can get through security with fake boarding passes and all manner of prohibited items—as our correspondent did with ease."
posted by chunking express on Oct 16, 2008 - 91 comments

Psych Securities LLC

Psych Securities LLC. "With future forecasts declaring ultimate doom from all components of the man-altered world, it seems there is a clog in the conduit of information transmitted between those in control and the public at large. Black Ops, psychological torture, acoustic weapons, Project Starfire, and a multitude of other state sponsored programs exist, well-hidden in plain sight, shrouded in a stigma of conspiracy and diluting any significant public inquiry. Psych Securities LLC is an ongoing exploration of this aforementioned covert reality, most clearly seen while in an alternative psychological state. By compiling declassified documents, historical narratives, and psychedelic conjecture, a visual world is pieced together; undermining strategies of deception and concealed truths." [Via]
posted by homunculus on Aug 18, 2008 - 40 comments

Clearly unprotected

Clear passenger data stolen. A unencrypted laptop with the personal data, including name, address, SSi number, passport number, date of birth, etc. of every one of the 33,000+ users of the the Clear system has been stolen. The Clear system allows travelers who register and pay an annual fee to bypass airport security lines by using a smart card in some airports. TSA has suspended new registrations until Verified Identity Pass, Inc., a subsidiary of GE, figures out how to install PGP. VIP is the only private contractor allowed to register users to the Clear system. Via
posted by dejah420 on Aug 5, 2008 - 103 comments

Freedom Flies

The Department of Homeland Security has expressed interest [PDFs] in forcing all commercial airline passengers to wear a taser bracelet that can be used to incapacitate anyone on an airline. This video, from the company that will produce the bracelets, explains how the bracelet would be put on the passenger at the point that they clear security, and would not be removed until they leave secure areas. It would take the place of boarding passes, carry personal and biometric information about the passengers, track and monitor every passenger via GPS and shock the wearer on command, immobilizing him or her for several minutes. DHS official, Paul S. Ruwaldt of the Science and Technology Directorate, office of Research and Development is also excited about the possiblility of using it as an interrogation tool at airports. Ah freedom, who knew it smelled like burning flesh?
posted by dejah420 on Jul 12, 2008 - 146 comments

TSA gets Xray goggles. No, seriously.

Scanners that see through clothing installed in US airports. Good news! No more testing. Time to roll these puppies out. It's OK though, seriously guys. See we're gonna blur the faces when we look at their sexual organs, so everything's cool. K? Prev.
posted by allkindsoftime on Jun 13, 2008 - 185 comments

How to steal priceless jewelry: prank call

Theives bypassed all security systems by simply posing as the security company on the phone These days as a robber dealing with high-tech security systems it seems that it's not about being a hacker or having loads of money to pull off a heist, its about making a phone call, having bear spray, and waiting for a guard to go on smoke break. [more inside]
posted by figTree on Jun 4, 2008 - 42 comments

It doesn't matter how much security you put on the box. Humans are not secure.

The AI-Box Experiments. The hypothesis: "A transhuman can take over a human mind through a text-only terminal." Does Artifical Intelligence create moral monsters (PDF) ? Can we create friendly AI?
posted by desjardins on May 21, 2008 - 55 comments

15 bits of crypto should be enough for anybody

On May 13, security advisories published by Debian and Ubuntu revealed that, for over a year, their OpenSSL libraries have had a major flaw in their CSPRNG, which is used by key generation functions in many widely-used applications, which caused the "random" numbers produced to be extremely predictable. [lolcat summary] [more inside]
posted by finite on May 16, 2008 - 81 comments

Bin Laden Determined To Strike In U.S. Part 2

"The United States Lacks a Comprehensive Plan to Destroy the Terrorist Threat and Close the Safe Haven in Pakistan's Federally Administered Tribal Areas" (PDF). A recent GAO report claims that the Bush administration has failed to prevent Al Qaeda's reemergence in Pakistan, and that we're basically right back where we started in 2001.
posted by homunculus on Apr 30, 2008 - 38 comments

Bovine terrorism is a bomb in a bull.

Slate asks, "What's behind the boom in homeland-security and emergency-management majors?"
posted by Afroblanco on Mar 29, 2008 - 28 comments

outsourcing the country

The Governmental Printing Office prints all United States passports but they decided that it was time to outsource part of the work. They claim it is secure [pdf].
posted by mustcatchmooseandsquirrel on Mar 27, 2008 - 22 comments

NECs new biometric security cam will guess your age, gender, (and it would be nice if it could size you up according to how you dress).

NEC plans to market a system later this year that can derive someone's gender and age from images captured with a camera "The system compares the photo against a database of several thousand faces to figure gender and age based on such factors as facial shape and wrinkles. " According to Nikkei Weekly 01/28/2008 Edition. Link goes to Ubergizmo. "It's called FieldAnalyst and it's from NEC. The system homes in on faces of people who pass by the video camera. It then rapidly compares the image against samples in a database. It then spits out what it believes is your approximate age is and your gender." .."NEC scientists may next try to add clothing as a characteristic and classify people by whether they wear a suit or a T-shirt." more here
posted by celerystick on Mar 23, 2008 - 9 comments

what did we tell you

The owners of the domain donotreply.com get a lot of mail. [via]
posted by Armitage Shanks on Mar 19, 2008 - 68 comments

Remember Total Information Awareness?

Two years ago, then NSA-chief Gen. Michael Hayden said its domestic surveillance program was "not a driftnet over Lackawanna or Fremont or Dearborn, grabbing all communications and then sifting them out." Today, a story in the Wall Street Journal alleges this is precisely what is happening. Total Information Awareness seems to not have died, but to have just been quietly absorbed into the NSA's already extensive surveillance apparatus, all without the hassle of any kind of transparency or oversight.
posted by [expletive deleted] on Mar 10, 2008 - 70 comments

Watch Lists

ACLU Watch List Counter: U.S. Terror List Now Exceeds 900,000 Names. That's an awful lot of terrorists. More Privacy and Surveillance Filter: Bruce Schneier on The Myth of the 'Transparent Society', Glenn Greenwald on The Banality of the Surveillance State, and Stephen Colbert on AT & Treason. [more inside]
posted by homunculus on Mar 8, 2008 - 46 comments

Improved Billboard Touts AT&T and NSA Collaboration

"The Billboard Liberation Front today announced a major new advertising improvement campaign executed on behalf of clients AT&T and the National Security Agency. Focusing on billboards in the San Francisco area, this improvement action is designed to promote and celebrate the innovative collaboration of these two global communications giants." [Via Threat Level.]
posted by homunculus on Feb 28, 2008 - 67 comments

lil komsomol playkit

Ready, kids! Unsatisfied with your kids slow adoption of very important homeland security adjustments? Buy them the Playmobil Security Check Point! How does this stack up against increased TSA checks of toys?
posted by yonation on Feb 27, 2008 - 48 comments

SurveillanceSaver: "A haunting live soap opera."

"SurveillanceSaver is an OS X screensaver that shows live images of over 400 network surveillance cameras worldwide." There is also a Windows version. Or check out the camera feeds without installing a screensaver (here are the feeds from Axis network cameras, for example). [Via.]
posted by milquetoast on Feb 23, 2008 - 31 comments

"Leaving no trace [of our daily lives] is nearly impossible."

The Anonymity Experiment. Is it possible to hide in plain sight? Privacy-minded people have long warned of a world in which an individual’s every action leaves a trace, in which corporations and governments can peer at will into your life with a few keystrokes on a computer. Now one of the people in charge of information-gathering for the U.S. government says, essentially, that such a world has arrived.
posted by amyms on Feb 16, 2008 - 44 comments

Come and take it

The president of The University of Texas at Brownsville has refused to sign a right of entry request granting access to surveyors planning the U.S./Mexico border fence. This comes shortly after Cameron County landowners were forced to allow the government access to their land. Meanwhile, landowners in Hidalgo County are filing the next wave of lawsuits.
posted by fiercecupcake on Feb 6, 2008 - 46 comments

Ramak Fazel: 49 State Capitols

Odyssey of State Capitols and State Suspicion. "The story behind an exhibition: postcards, designs, photography, travels, history, stamps and law enforcement." [Via BB.]
posted by homunculus on Jan 22, 2008 - 10 comments

Sears Wants To Hack Your Computer

Online communities to become more 'all-encompassing.' If you join the SHC community on Sears.com, all web traffic to and from your computer thereafter will be copied and sent to a third party marketing research firm - including, for example, your secure sessions with your bank! The Sears.com proxy will send your logins and passwords along with a cleartext copy of all the supposedly secure data. But wait, it gets better: you can only view the true TOS once the proxy has already been installed. [more inside]
posted by ikkyu2 on Jan 3, 2008 - 70 comments

Homeland Security for Sale

Heckuva Job DHS! 5 Years of Corporate Cronyism. CREW and Brave New Foundation have joined forces to create this video and a report, Homeland Security for Sale, documenting five years of waste, fraud and abuse at the Department of Homeland Security. [Via Think Progress.]
posted by homunculus on Dec 5, 2007 - 28 comments

Amazing discoveries in plain-text Tor exit traffic.

This is an ironic tale of the consequences of inept application of cryptographic tools. Or is it? Dan Egerstad, a Swedish hacker, gained access to hundreds of computer network accounts around the world, belonging to various embassies, corporations and other organizations. How did he do it? Very easily: by sniffing exit traffic on his Tor nodes. [more inside]
posted by Anything on Dec 4, 2007 - 27 comments

Big Brother Is Watching You... Pack

The TSA wants you to know, dear American, that if you don't pack your bags neatly, the terrorists have already won. This busiest Thanksgiving travel week ever, why not Simplifly? [more inside]
posted by dw on Nov 20, 2007 - 95 comments

Algorithms for dumb security questions

Algorithms for dumb security questions
posted by nthdegx on Nov 18, 2007 - 19 comments

Throw the tourist from the train.

Throw the tourist from the train. Ejected from a train for refusing to stop taking pictures from the train. Well, for not stopping anyway; the refusing part is unclear. The nation is now secure.
posted by Bovine Love on Nov 8, 2007 - 73 comments

Ron Paul Spam

When Ron Paul email spam started hitting inboxes in late October, UAB Computer Forensics Directory Gary Warner published findings on the spam's textual patterns and the illicit botnet used to spread it -- findings which were picked up by media outlets and tech websites like Salon, Ars Technica, and Wired Magazine's "Threat Level" blog, the latter in a set of followup posts by writer Sarah Stirland: 1, 2, 3. [more inside]
posted by brownpau on Nov 5, 2007 - 306 comments

Page: 1 2 3 4 5 6 7 8 9 ... 14