Archive for May, 2007
How a Thief Can Use Just a Little Info To Do A Lot of Damage

“Be careful how you list names on your cell phone!

This lady has changed her habit of how she lists her names on her mobile phone after her handbag was stolen. Her handbag which contained her mobile, Credit card, purse…etc…. was stolen. 20 minutes later when she called Her Hubby, from a pay phone telling him what had happened, hubby says “I’ve Just received your text asking about our Pin number and I’ve replied a little while ago.”

read more | digg story

China Readying Cyberweapons

“The Defense Department reports China is building cyberwarfare units and developing viruses.”
Sounds like the stuff I read about in Tom Clancy’s NetForce. I guess the new arms race will be in cyberspace waged by superhackers and insane software engineer mercenaries. Sounds very “Shadow Run-esque”.

read more | digg story

More links: cnn china cyber war

Why Hire a Private-Eye if You Can Just Use Google? (Shocking Video)

This video tutorial on YouTube shows how to actually pull up details on cell phone numbers, unlisted phone numbers and more. The video just goes to show that our privacy is being invaded on an increasing basis as technology advances. It’s scary – look up your own phone number and see for yourself!

read more | digg story

Remove your Number From Google PhoneBook

Concerned about your privacy? One proactive step you can take is to remove your phone number from Google PhoneBook

read more | digg story

Researchers: 307-digit key crack endangers 1024-bit RSA

A group of researchers has factored out the prime numbers in a 307-digit “special” number, and says that cracking a 1024-bit key is on the horizon.

So much for taking thousands of years to crack complex encryption

read more | digg story

Over 15,000 Comments

I’m getting thousands of comment spam.  Way to many to sort through.  Its too bad to because comments used to be one of my favorite things about blogs. 

I’ll have to mass delete them.  Before I was using Akismet.  It was working pretty good against spam until my SQL comment table got corrupt.  I had to go into the MySQL database and clear out all the data.  Since I didn’t back up, it delete all my old comments. 

I guess I’ll have to turn Akismet back on again.

Hack My Son’s Computer, Please

Can an elderly father give police permission to search a password-protected computer kept in his adult son’s bedroom, without probable cause or a warrant? In April, a three judge panel of the 10th Circuit Court of Appeals said yes.

This is an interesting article. Apparently the cops used Encase on his computer and found all kinds of child porn.
Here is the case: USA vs. Ray Andrus –>http://www.ca10.uscourts.gov/opinions/06/06-3094.pdf

read more | digg story

Standard Desktop Configuration (SDC) everywhere

For the last year I’ve been working on the DoD’s SDC implementation.  Standardizing ALL common use desktops is a very good idea for security.  But the problem I have with it, is that they are forcing SDC on mission systems as well.  They allow extension for some systems. 

This is a problem because mission systems are NOT standard.  Each mission system is different with different requirements.  Also, common desktops are in giant homogenous networks that can keep up with the changes in SDC with relative ease with applications like SMS.  Mission system are often controlled by a different entity than host so they must be updated manually.

So bottom line: SDC – great for desktops, VERY bad for many mission systems. 

Now SDC will be pushed to ALL government systems.

CT Teacher’s Fate Postponed Again

“Julie Amero has hung in limbo since January waiting for the Connecticut DA to either put up ( and put her away for up to 40 years ) or shut up and let her return to picking up the pieces of her shattered life. Her conviction on 4 felony counts came after an unprotected classroom computer running Windows 98 began spewing porn pop-ups.”

I’ve followed this case and it is the most amazing example of how incredibly UNJUST the U.S. justice system can be. The messed up thing about it, is that it is probably the best in the world. Julie Amero is looking at getting possibly 40 YEARS for porn pop-ups on a machine with no security. She didn’t activate the porn yet she is blamed for the “corruption” of the kids who saw the porn pop-ups.

If your a security guy, you will definitely see something wrong with how the justice system penned this on her.

read more | digg story

Killroy 2.0 is EVERYWHERE

I’ve been getting into podcasts lately.  I was put on to podcast novels by my buddy, Tre who told me about 7th Son, by J. C. Hutchins.  I am not only entertained, I am inspired.  The guy can write like nobodies business.  The action reminds me of something you might find in a Dean Koontz novel.

Its so good I don’t want to give anything AT ALL away, but I will mention one of cool technologies he makes up in the novel.  He talks about something called EGG.  Its basically an encryption software that not only protects against those trying to gain unauthorized entry, it tracks them and then goes after them.  It actually hacks the hackers. 

This is something that a friend talked to me about creating as a part of his PHD.  “Would that break some kind of law?”  I asked.  He was insistent that people should be able to protect themselves and I don’t totally disagree with that I’m just saying that I don’t think the law protects vigilantes.

Actually, a lawyer at Defcon 14 talked about that very issue when questioned.  And if I’m pretty certain he said it was illegal to hack someone even if they have hacked you. 

But in J. C. Hutchins’ world the PATRIOT ACT III allows the hack back feature of EGG to exist.

So anyway, all security geek stuff aside, its a really good story.  Highly recommended.