dpreformer sends word that President Bush signed a classified directive Jan. 8 (it only came to light this week) putting all cyber-defense and counter-offensive activity for government networks under the aegis of the National Security Agency. Previously, federal agencies had disparate intrusion and attack monitoring programs. The directive does not address private-sector networks and systems. [...]
Browsing Posts published in January, 2008
Not only are privacy and security not at odds with one another, but in a networked, database-driven world, they’re virtually identical. Here’s why Real ID will make a hash of both. [From Analysis: Metcalfe's Law + Real ID = more crime, less safety]
After blogging about the need to use and maintain an anti-virus solution for your OS X systems, an anonymous reply questioning the need to use security tools at all on OS X systems gave me pause. You do not need me to link to the numerous articles flying around the internets that report on how [...]
BoingBoing is reporting that the FBI may be burying the existence of a document that proves US officials stole nuclear secrets for eventual sale to Pakistan and Saudi Arabia. “One of the documents relating to the case was marked 203A-WF-210023. Last week, however, the FBI responded to a freedom of information request for a file [...]
Boing Boing’s Gadgets editor Joel Johnson was asked to appear on The Hugh Thompson Show, an AT&T-produced program that airs on the AT&T Tech Channel. Johnson was obviously supposed to speak about gadgets, but instead used his allotted time questioning AT&T’s plans to implement piracy filters across their network, which the show’s producers apparently didn’t [...]
Updated version of Mujahideen Secrets encryption software issued by al-Qaida-linked group touted as communications tool for militants. [From Jihadi software promises secure Web contacts]
BobB passed us a link to a NetworkWorld article, exploring the ongoing realization in business circles of the dangers online criminals pose. The piece raises the possibility that criminal elements are gaining access to US research labs in an effort to ferret out corporate and governmental information. One institute referred to in the article states: [...]
Google to Host Terabytes of Open-Source Scientific Data — Sources at Google have disclosed that the humble domain, http://research.google.com, will soon provide a home for terabytes of open-source scientific datasets. The storage will be free to scientists and access to the data will be free for all. Link: http://blog.wired.com/wiredscience/2008/01/google-to… [From Google to Host Terabytes of [...]
US Government challenges encryption keys ruling [From US Government challenges encryption keys ruling]
New Storm worm wave sweeping the internet [From New Storm worm wave sweeping the internet]
Along with the standard spiels about exit rows and seat belts, flight attendents of the future might add this to their repetoires: “The captain has requested that all passengers close their browsers until he regains control of the aircraft.” Recently the AP reported on a possible unintended consequence of offering Internet access to all passengers [...]
Cyber attacks on critical infrastructure targets. On Wednesday the Central Intelligence Agency (CIA) told an international gathering of government officials, engineers and security managers from electric, water, oil & gas and other critical industry asset owners that the CIA has information that cyber intrusions into utilities was responsible for at least three blackouts and then [...]
The disclosure was made at a New Orleans security conference Friday attended by international government officials, engineers, and security managers. [From CIA Admits Cyberattacks Blacked Out Cities]
PolishLinux.org has an unconventional review of SLAX 6. RC6 which focuses on exploring the nature of LiveCDs and the power of technologies like mounting devices, SquashFS and Union File System in regards to SLAX LiveCD distribution. [From SLAX 6.0: How does it work? ]
Are you using SSH in the best way possible? Have you configured it to be as limited and secure as possible? The goal of this document is to kick in the new year with some best practices for SSH: why you should use them, how to set them up, and how to verify that they [...]
As the Internet grows in size and bandwidth, routers must search through larger and larger routing tables faster and faster. Not an impossible task, but probably an expensive one in the future unless we come up with a different approach to Internet routing. Read More… [From Internet routing shows growing pains—again]
Spychief Mike McConnell is drafting a plan to protect America’s cyberspace that will raise privacy issues and make the current debate over surveillance law look like “a walk in the park,” McConnell tells The New Yorker in the issue set to hit newsstands Monday. “This is going to be a goat rope on the Hill. [...]
The first stop is a little utility called opensnoop. Leopard ships with something called DTrace that gives developers and administrators the ability to take a peek at what all running code is doing in a flexible and dynamic way. Giving DTrace the coverage it deserves is beyond a simple blog post, but there are some [...]
[From Hackers Unleash Insidious Crimeware Attack]
Significant security flaws in the Transportation Security Administration’s traveler redress web site exposed thousands of travelers to the risk of identity theft. Alanis might call it ironic, but we call it sad and unacceptable. Read More… [From TSA security flaws exposed users to risk of identity theft]
