Monday, May 25, 2009
Memorial Day 2009
Take some time today to reflect on those who have given the ultimate sacrifice for our freedom. Share a story about someone you know who died while serving our country. We will always treasure those who serve...
Saturday, May 23, 2009
How not to secure your future...
Passer-by pushes suicide jumper in south China
BEIJING – Chen Fuchao, a man heavily in debt, had been contemplating suicide on a bridge in southern China for hours when a passer-by came up, shook his hand — and pushed him off the ledge.
Chen fell 26 feet (8 meters) onto a partially inflated emergency air cushion laid out by authorities and survived, suffering spine and elbow injuries, the official Xinhua News Agency said Saturday.
The passer-by, 66-year-old Lai Jiansheng, had been fed up with what he called Chen's "selfish activity," Xinhua said. Traffic around the Haizhu bridge in the city of Guangzhou had been backed up for five hours and police had cordoned off the area.
"I pushed him off because jumpers like Chen are very selfish. Their action violates a lot of public interest," Lai was quoted as saying by Xinhua. "They do not really dare to kill themselves. Instead, they just want to raise the relevant government authorities' attention to their appeals."
BEIJING – Chen Fuchao, a man heavily in debt, had been contemplating suicide on a bridge in southern China for hours when a passer-by came up, shook his hand — and pushed him off the ledge.
Chen fell 26 feet (8 meters) onto a partially inflated emergency air cushion laid out by authorities and survived, suffering spine and elbow injuries, the official Xinhua News Agency said Saturday.
The passer-by, 66-year-old Lai Jiansheng, had been fed up with what he called Chen's "selfish activity," Xinhua said. Traffic around the Haizhu bridge in the city of Guangzhou had been backed up for five hours and police had cordoned off the area.
"I pushed him off because jumpers like Chen are very selfish. Their action violates a lot of public interest," Lai was quoted as saying by Xinhua. "They do not really dare to kill themselves. Instead, they just want to raise the relevant government authorities' attention to their appeals."
Wednesday, May 20, 2009
Tuesday, May 19, 2009
Wednesday, March 26, 2008
Tuesday, October 16, 2007
10 reasons websites get hacked
List of top 10 web vulnerabilities classified by OWASP, here with a description of the problem and some examples.
Wait there is more! NSA is on your computer!
NSA LIKELY READING WINDOWS SOFTWARE IN YOUR COMPUTER
Sooner or later, a country that spies on its neighbors will turn on its own people, violating their privacy, stealing their liberties.
President Bush’s grab for unchecked eavesdropping powers is the culmination of what the National Security Agency(NSA) has spent forty years doing unto others.
And if you’re upset by the idea of NSA tapping your phone, be advised NSA likely can also read your Windows software to access your computer.
European investigative reporter Duncan Campbell claimed NSA had arranged with Microsoft to insert special “keys” in Windows software starting with versions from 95-OSR2 onwards.
And the intelligence arm of the French Defense Ministry also asserted NSA helped to install secret programs in Microsoft software. According to France's Strategic Affairs Delegation report, “it would seem that the creation of Microsoft was largely supported, not least financially, by NSA, and that IBM was made to accept the (Microsoft) MS-DOS operating system by the same administration.” That report was published in 1999.
The French reported a “strong suspicion of a lack of security fed by insistent rumours about the existence of spy programmes on Microsoft, and by the presence of NSA personnel in Bill Gates’ development teams.” It noted the Pentagon was Microsoft’s biggest global client.
And heck, who wouldn't belive the French?
More here.
Sooner or later, a country that spies on its neighbors will turn on its own people, violating their privacy, stealing their liberties.
President Bush’s grab for unchecked eavesdropping powers is the culmination of what the National Security Agency(NSA) has spent forty years doing unto others.
And if you’re upset by the idea of NSA tapping your phone, be advised NSA likely can also read your Windows software to access your computer.
European investigative reporter Duncan Campbell claimed NSA had arranged with Microsoft to insert special “keys” in Windows software starting with versions from 95-OSR2 onwards.
And the intelligence arm of the French Defense Ministry also asserted NSA helped to install secret programs in Microsoft software. According to France's Strategic Affairs Delegation report, “it would seem that the creation of Microsoft was largely supported, not least financially, by NSA, and that IBM was made to accept the (Microsoft) MS-DOS operating system by the same administration.” That report was published in 1999.
The French reported a “strong suspicion of a lack of security fed by insistent rumours about the existence of spy programmes on Microsoft, and by the presence of NSA personnel in Bill Gates’ development teams.” It noted the Pentagon was Microsoft’s biggest global client.
And heck, who wouldn't belive the French?
More here.
Because George said NO!
More on GW's spying program -According to documents released by lawmakers on Monday, major U.S. telephone carriers refused to answer questions from the Democratic-led Congress about their possible participation in President George W. Bush's warrantless domestic spying program...
More...
Saturday, October 13, 2007
Pre-9/11 wiretap bid is alleged
Why is this a surprise to anyone?
A former Qwest Communications International executive, appealing a conviction for insider trading, has alleged that the government withdrew a $200-million contract after Qwest refused to participate in an unidentified National Security Agency program that the company's top lawyer said was illegal.
Nacchio's account, which places the NSA proposal at a meeting on Feb. 27, 2001, suggests that the Bush administration was seeking to enlist telecommunications firms in programs without court oversight before the terrorist attacks. The Sept. 11 attacks have been cited by the government as the main impetus for its warrantless surveillance efforts.
More here.
Same church different pew...
http://www.wired.com/science/discoveries/news/2006/04/70619
A former Qwest Communications International executive, appealing a conviction for insider trading, has alleged that the government withdrew a $200-million contract after Qwest refused to participate in an unidentified National Security Agency program that the company's top lawyer said was illegal.
Nacchio's account, which places the NSA proposal at a meeting on Feb. 27, 2001, suggests that the Bush administration was seeking to enlist telecommunications firms in programs without court oversight before the terrorist attacks. The Sept. 11 attacks have been cited by the government as the main impetus for its warrantless surveillance efforts.
More here.
Same church different pew...
http://www.wired.com/science/discoveries/news/2006/04/70619
Monday, October 01, 2007
Thursday, September 27, 2007
18th episode of The Silver Bullet Security Podcast
Gary talks with Dr. Eugene Spafford, better known as “Spaf.” Spaf is a professor of computer science and Electrical and Computer Engineering at Purdue University and executive director of the Center for Education and Research in Information Assurance and Security (CERIAS). On this episode, Gary and Spaf discuss the role of software testing in computer security, commercial certifications and whether they obviate the need for academic training, how Spaf feels about so-called “ethical hacking,” and why auditing and compliance is an area of emerging specialization.
Sunday, September 23, 2007
Saturday, September 22, 2007
Wednesday, September 19, 2007
Today (9/19) is International Talk Like A Pirate Day
Put a parrot on your shoulder, strap on a peg leg, hit the rum and start bellowing "Shiver me Timbers" -- Wednesday is International Talk Like A Pirate Day.
"Pirates of the Caribbean" star Johnny Depp is not the only over-the-top buccaneer allowed to have fun.
September 19 is your once-a-year chance to don an eye patch, sport a ridiculously large hat and keep on saying "Arrrrr.
It all started back in the 1990s as a cult joke between two American friends -- John "Ol Chumbucket" Baur and Mark "Capn Slappy" Summers -- but really took off when syndicated columnist Dave Barry got to hear about their surreal festival.
Monday, September 17, 2007
Crime does pay!
Internet crime has become a major commercial activity, reveals a report by computer security company Symantec.
The report said cyber crime had become increasingly professional and was now a multi-billion dollar industry.
The underground economy has its own auction sites and marketplaces that sell valuable data such as credit card numbers and bank accounts.
They also sell toolkits for novice cyber criminals who lack technical know-how to craft their own attacks.
BBC story.
The report said cyber crime had become increasingly professional and was now a multi-billion dollar industry.
The underground economy has its own auction sites and marketplaces that sell valuable data such as credit card numbers and bank accounts.
They also sell toolkits for novice cyber criminals who lack technical know-how to craft their own attacks.
BBC story.
Hackers hit US stockbroker TD Ameritrade
Only email addresses? Yea right...
Stock broking firm TD Ameritrade has revealed a breach to one of its databases resulting in the theft of user data.
The company confirmed that, while online account numbers and passwords were not compromised, customer names, email addresses and phone numbers had all been stolen.
The database also contains Social Security numbers, although TD Ameritrade claimed that there is no evidence to suggest that the numbers were among the stolen data.
A spokesperson for the company told vnunet.com that the compromised database stored information on all of the company's 6.3 million customer accounts. It is not yet known how many customers were directly affected.
Story here.
Stock broking firm TD Ameritrade has revealed a breach to one of its databases resulting in the theft of user data.
The company confirmed that, while online account numbers and passwords were not compromised, customer names, email addresses and phone numbers had all been stolen.
The database also contains Social Security numbers, although TD Ameritrade claimed that there is no evidence to suggest that the numbers were among the stolen data.
A spokesperson for the company told vnunet.com that the compromised database stored information on all of the company's 6.3 million customer accounts. It is not yet known how many customers were directly affected.
Story here.
Thursday, September 06, 2007
Osama bin Laden, drove a Canadian-flagged motorcade through two security checkpoints in Sydney
Members of an Australian comedy TV show, one dressed as Osama bin Laden, drove a Canadian-flagged motorcade through two security checkpoints in Sydney Thursday before being stopped near a hotel where U.S. President George W. Bush is staying.
The stunt-embarrassed Sydney police had imposed the tightest security measures in the city's history. The Australian city is hosting a summit of leaders from Pacific Rim countries, including Bush and Canadian Prime Minister Stephen Harper, who arrived Thursday.
Police arrested 11 cast and crew from the TV program, The Chaser's War on Everything, and impounded three vehicles, the Australian Broadcasting Corp., which airs the show, said on its website.
Full story here.Monday, September 03, 2007
The First Amendment, Satellite Imagery and National Security
So what should MS of done?Recently a photograph appeared on the Internet of the propeller on an Ohio-class ballistic missile submarine at Trident Submarine Base in Bangor. A key to the submarine's ability to deploy and remain undetected, propeller designs have been kept under wraps for years, literally. When out of the water, the propellers typically are draped with tarps.
The propeller image appeared on Microsoft's mapping tool, Virtual Earth. It was discovered accidentally by Dan Twohig, a deck officer with the Washington state ferry service who was using the program to examine real estate on the west side of Puget Sound.
More here.
ShmooCon '08
Start planning now... TSG is happy to announce that ShmooCon '08 will take place at the Wardman Park Marriott in Washington DC, February 15-17.
17th episode of The Silver Bullet Security Podcast
Gary talks with Eric Cole, CEO of Secure Anchor. Eric has written seven books on computer security, including books on steganography and network security. Gary and Eric discuss how to demostrate security ROI in different types of organizations (ranging from government to corporate), the academic approach to security versus practitioner certification models, and what kinds of training makes for good network security practitioners. They also discuss the difficulty of certifying software developers.
