Using RFID to Track HIV-Positive Humans
Time.com has reported that the Papua province in Indonesia
might start implanting RFIDs into certain humans. The goal:
to "prevent the extinction of the Papuan people."
Papua Proposal: A Microchip to Track the HIV-Positive
[06 December 2008, top]
Suckers are Everywhere
Glenn Beck from 21 November 2008.
"By now 99.999% of people out there are aware of the Nigerian
email scam. And those who aren't aware of it are not dumb
enough to wire hundreds of thousands of dollars to the
Central Bank of Nigeria."
Meet not Britney, but Janella Spears...
Glenn Beck: Nigerian email scam nets 400k
[22 November 2008, top]
Pentagon Under Cyberattack (We Need DARPA)
PCWorld.com reported that the the U.S. Department of Defense took
an "estimated 1,500 computers offline Wednesday after a security
breach within the Office of the Secretary of Defense (OSD)."
"I don't do e-mail," said Secretary of Defense Robert Gates.
"I'm a very low-tech person."
Our next Secretary of Defense must be a very high-tech person because
cyber-warfare, bio-warfare, nano-warfare and robo-warfare could be
stark reminders that the United States of America has been asleep
at the wheel.
"September 11 was essentially a collision of early 20th-century
technology: the airplane and the skyscraper. We don't want to
see a collision of 21st-century technology,"
said Bill Joy in 02006.
The United States needs to say 02008 is the 01958 of the 21st century;
therefore, DARPA's current annual budget of approximately $3.2 billion
needs to be increased at least ten-fold.
[21 November 2008, top]
Crackers Adding Cell Phones to Botnet Armies
I posted the following as a comment to a blog posting
at AzCentral.com that was titled "Coming to a cell phone
near you: Business cards."
Crackers are foaming at the mouth as cell phones become
more computer-like and Internet connected. Just think
of the botnets that can be formed when cell phones join
the zombie computer systems found world-wide. What's
even better is that cell phones are being given to kids
of all ages... cracker heaven!
Did you ask this company how they ensure secure usage/communications?
The ACM had a posting that started as follows: "Georgia Tech security
researchers say that hackers will likely target cell phones for use
in creating botnet armies."
Note to ACM: These "hackers" are "crackers."
[01 November 2008, top]
If Palin's Cracker is Guilty, Send Him to Jail
I saw AP reported that David Kernell has been charged with
"intentionally accessing Palin's e-mail account without authorization."
If Kernell is found guilty, then he is a cracker and crackers are
criminals; therefore, he should receive the maximum sentence of
"five years in prison, a $250,000 fine and three years of
Ken Thompson was correct when he wrote: "The act of breaking into a
computer system has to have the same social stigma as breaking into
a neighbor's house."
[10 October 2008, top]
Shoddy IT Practices at OK's Dept. of Corrections
This is an old item that never go posted until now...
WTF--What the Foo!
If this is true, then Oklahoma's Dept. of Corrections needs to fire some
of their IT workers.
Oklahoma Leaks Tens of
Thousands of Social Security Numbers, Other Sensitive Data
[01 October 2008, top]
Sarah Palin's Yahoo Email Account Cracked
Wired is correct to state: "The simplicity of the attack,
of course, makes it no less illegal."
"As detailed in the postings, the Palin hack didn't
require any real skill. Instead, the hacker simply
reset Palin's password using her birthdate, ZIP code
and information about where she met her spouse -- the
security question on her Yahoo account, which was
answered (Wasilla High) by a simple Google search."
Palin is now being critized for conducting work
business using her Yahoo! email account.
Palin E-Mail Hacker Says It Was Easy
[Extra] I posted the following to the my AzFoo@AzCentral.com blog.
[20 September 2008, top]
Sarah Palin's Yahoo! email account was cracked (not hacked) by
a cracker (not a hacker).
People who criticize Palin's computing practices should be careful
because there is a good chance many of us are using our computers
in non-secure ways. For example, I suspect over the span of the
last decade lots of email has been sent over the Internet as
plain-old-text when it should have been encrypted.
Most of the software that we use everyday is "just good enough software."
This type of software is fine when using it on a personal computer that
is not connected to the Internet; but, this code becomes "just bad enough
software" when the personal computer is connected to the Internet (and a
whole wide world of crackers/criminals).
Don Henley, back in 01989, wrote a song titled "Gimme What You Got"
that contained the lyric: "A man with a briefcase can steal more money
than any man with a gun." Henley should modernize his lyric by adding
the line "And a cracker with a high-speed Internet connection can steal
more money than any man with a briefcase."
Although they will eventually become a computing relic,
passwords still play a critical role in our computing world.
During 01999, I created a webpage
Crackers Cracking Away at the Large Hadron Collider
Crackers cracking supercomputers is beyond scary.
Hackers attack Large Hadron Collider
[15 September 2008, top]
Google's Chrome Suffers Buffer Overflow Defect
Last week Google released a beta-version of a web browser named Chrome.
Browsers are software and most software, especially when new, contains
Buffer overflows live!
"The bug is a buffer overflow that occurs if a user saves a
Web page containing an overly long 'title' tag, according
to Bach Koa Internetwork Security (Bkis), based at the
Hanoi Institute of Technology."
PCWorld.com reported that the Chrome defect "can be exploited on PCs
running Windows XP SP2 and Chrome version 0.2.149.27."
Hmmm... I wonder what the version number means?
Critical Vulnerability Patched in Google's Chrome
[08 September 2008, top]
Laptop at the Intl. Space Station Cracked
The following was obtained from NewsFactor.com via My.Yahoo.com.
"Space-oriented Web site SpaceRef.com has reported that a
laptop aboard the International Space Station has become
infected with a Level 0 virus, and on Tuesday the National
Aeronautics and Space Administration (NASA) confirmed that
a virus was carried aboard last month."
When it comes to virus levels, I doubt we can go any lower
than zero, but I wonder what the maximum virus level is?
NASA Discovers Computer Virus Aboard the International
[28 August 2008, top]
E-Voting Systems Approaching ACCURATE
I get the shivers everytime I hear about e-voting systems being deployed.
For the last couple of decades, the computing profession has been alerting
politicans that e-voting systems are not ready for elections of any
significance. Thank goodness the National Science Foundation agrees.
Back in August of 2005, the NSF awarded $7.5 million to ACCURATE. ACCURATE
is A Center for Correct, Usable, Reliable, Auditable, and Transparent
Given who the principal investigators are for ACCURATE, especially with
the inclusion of Peter Neumann and Avi Rubin, e-voting systems might
someday become a reality.
[20 August 2008, top]
Good Passwords Are Still Important
Passwords remain critically important in today's computing world.
Someday this will change, but until it does computer users need
to learn how to select good password.
Does your password pass the test?
Back in the 20th century, I wrote
[04 August 2008, top]
SysAdmins Are Key Employees
Time and time again I've commented about how employers needs
to treat their SysAdmins with the utmost respect. SysAdmins,
especially those who are decent programmers, are in extremely
"San Francisco's computer system has denied access to
IT administrators. Authorities said a disgruntled employee
programmed the system with a password only he knows."
NewsFactor.com reported that "Cisco has been consulted, and estimates
are that in the worst case, the network could be rebuilt from scratch
in six to eight weeks." Yuck!
Admins Locked Out of San Francisco's I.T. System
[Extra] From last century...
System Administrators (SysAdmins)
[18 July 2008, top]
Un-Patched DNS Defects Are Dangerous
DNS (Domain Name System) allows devices connected to the
Internet to be reference by name rather than IP address.
It appears as though Dan Kaminsky, director of penetration
testing at IOActive, deserves a huge Thank You from all
us Internet users.
Major DNS flaw could disrupt the Internet
[10 July 2008, top]
Potential Set-Back To Privacy Rights (YouTube-Viacom)
The court has ruled that Google needs to hand over YouTube
usage data to Viacom (and the Football Assoc. Premier League).
"Defendants encourage individuals to upload videos to the YouTube
site, where YouTube makes them available for immediate viewing by
members of the public free of charge. Although YouTube touts
itself as a service for sharing home videos, the well-known
reality of YouTube's business is far different. YouTube has
filled its library with entire episodes and movies and significant
segments of popular copyrighted programming from Plaintiffs and
other copyright owners, that neither YouTube nor the users who
submit the works are licensed to use in this manner. Because
YouTube users contribute pirated copyrighted works to YouTube
by the thousands, including those owned by Plaintiffs, the videos
'deliver[ed]' by YouTube include a vast unauthorized collection of
Plaintiffs' copyrighted audiovisual works. YouTube's use of this
content directly competes with uses that Plaintiffs have authorized
and for which Plaintiffs receive valuable compensation."
The EFF reported that the "court ordered production of not just
IP addresses, but also all the associated information in the
The EFF said the Logging database contains:
"for each instance a video is watched, the unique 'login ID'
of the user who watched it, the time when the user started
to watch the video, the internet protocol address other devices
connected to the internet use to identify the user's computer
(IP address), and the identifier for the video."
At least one person has suggest Google should provide
the information in paper form.
Luckily for Google, they do not have to supply the
code with the data.
Court Ruling Will Expose Viewing Habits of YouTube Users
[05 July 2008, top]
Using Tattoos and Scars For Identification
There are numerous forms of biometrics that work well:
fingerprint, face, eye and DNA are examples. Heck,
advances are being made with "gait" recognition systems,
which identify us based upon how we walk.
I had not heard of identification systems that can
"recognize" tattoos, but I can see them being effective.
"Called 'Tattoo-ID,' the system Jain has been working on is a
software program, which includes an annotated database containing
images of scars, marks and tattoos, provided by law enforcement
agencies. Each tattoo image in the database is linked to the
criminal history records of all the suspects and convicts who
have a tattoo."
Biometric Recognition To The Next Step By Adding Scar, Mark And
Tattoo Recognition Capability
[03 July 2008, top]
Bruce Schneier on "Digital Manners Policies"
When Bruce Schneier speaks, I try to listen.
I've known about "kill switches."
"OnStar will soon include the ability for the police to shut
off your engine remotely. Buses are getting the same capability,
in case terrorists want to re-enact the movie Speed. The Pentagon
wants a kill switch installed on airplanes, and is worried about
potential enemies installing kill switches on their own equipment.
But I had not heard heard of "Digital Manners Policies."
"Microsoft is doing some of the most creative thinking along these
lines, with something it's calling 'Digital Manners Policies.'
According to its patent application, DMP-enabled devices would
accept broadcast 'orders' limiting capabilities. Cellphones could
be remotely set to vibrate mode in restaurants and concert halls,
and be turned off on airplanes and in hospitals. Cameras could be
prohibited from taking pictures in locker rooms and museums, and
recording equipment could be disabled in theaters. Professors finally
could prevent students from texting one another during class."
Students texting during class is not that big of deal...
at least they're not sleeping.
Scheneir ends his posting with the following.
"'Digital Manners Policies' is a marketing term. Let's call this
what it really is: Selective Device Jamming. It's not polite, it's
dangerous. It won't make anyone more secure -- or more polite."
I've Seen the Future, and It Has a Kill Switch
[01 July 2008, top]
East Valley Tribune--At Least a Decade Too Late
East Valley Tribune Editorial on 27 June 2008.
The headline caught my eye, but it was the first
paragraph that captured my attention.
"Our View: More safeguards must be in place before
moving all our information online"
"Perhaps it's time we Americans start to talk honestly about
the dangers we subject ourselves to by accepting an ever-widening
use of our personal information on government and private
Hmmm... this is the middle of 2008. This editorial
should have been printed at least a decade ago.
Plus, in addition to being at least a decade behind
the times, the East Valley Tribune use the word hacker
when they should have used the word cracker.
[28 June 2008, top]
Research Continues On Gait Recognition
It has been a while since I've heard anything about
the gait biometric. It appears as though researchers
are continuing to work on gait recognition technololgy.
"C. Nandini of the Vidya Vikas Institute of Engineering and
Technology and C.N. Ravi Kumar of the S.J. College of Engineering
in Mysore, India, explain that human gait typifies the motion
characteristics of an individual. Viewed from the side, we each
have a unique gait that makes us easily recognizable."
Tell me by the way I walk
[16 June 2008, top]
Is China Cracking U.S. Government Computers?
It got a small column in today's (12 June 2008) Arizona
Republic, but the news is getting heavily pushed around
I don't have any data to say anything about China cracking
the computers that belong to the U.S. government, but for
some reason I suspect these computers are easily crackable.
From the duh department...
"We cannot afford to look the other way when foreign sources
are threatening to compromise our government institutions,
our economy, our very way of life through cyber espionage.
We cannot sit by and watch."--Rep. Frank Wolf of Virginia
Note: The state of Virginia is Internet heartland.
China Accused of Hacking Computers on Capitol Hill
[12 June 2008, top]
From ACM Technews... China's Cyber-Militia
The Security Watchdog has zero doubts that the following is true.
"Chinese hackers pose a clear and present danger to U.S.
government and private-sector computer networks and may
be responsible for two major U.S. power blackouts."
Cyberwarfare is going to be uglier than ugly.
"Cyber-networks are the new frontier of counterintelligence.
If you can steal information or disrupt an organization by
attacking its networks remotely, why go to the trouble of
running a spy?" -- Joel Brenner, the government's senior
[09 June 2008, top]
VOIP Users Beware
VOIP is Voice Over Internet Protocol) and it supports the
making of phone calls via the Internet.
"It exploits the fact VOIP uses UDP, not TCP; it is designed
to tolerate some packets going missing so hijacking a few to
transmit a hidden message is not a problem."
Secret messages could be hidden in net phone calls
[02 June 2008, top]
Huge Crack Found In OpenSSL Library
Finding cracks in the OpenSSL library is indeed "alarming."
Talk about the power of The Code...
"Two changed lines of code have created profound security
vulnerabilities in at least four different open-source
operating systems, 25 different application programs,
and millions of individual computer systems on the Internet."
SSL stands for "Secure Socket Layer" and it is used
to encrypt and decrypt information.
"Modern computer systems employ large numbers to generate
the keys that are used to encrypt and decrypt information
sent over a network."
Large numbers are critical when it comes to encryption.
"Instead, it reduces the number of different keys that
these Linux computers can generate to 32,767 different
keys, depending on the computer's processor architecture,
the size of the key, and the key type."
32,767 is not a large number.
Alarming Open-Source Security Holes
With the Quickness: HD Moore sets new
land speed record with exploitation of
Debian/Ubuntu OpenSSL flaw
[02 June 2008, top]
UofA's Phoenix Mars Mission Website Cracked
The University of Arizona is hosting a website
in support of the Phoenix Mars Lander. The
website was cracked.
"A spokeswoman for the Phoenix Mars Lander mission says
a hacker took over the mission's public Web site during
the night and changed its lead news story."
Phoenix Mars Mission
[01 June 2008, top]
China Engaged In Cyberwarfare With India?
This is bad news for the United States of America.
With each attack, China gets better and better at
"China's cyber warfare army is marching on, and India is
suffering silently. Over the past one and a half years,
officials said, China has mounted almost daily attacks
on Indian computer networks, both government and private,
showing its intent and capability."
Cyberwarfare is beyond ugly.
China mounts cyber attacks on Indian sites
[05 May 2008, top]
More and More Webpages Being Cracked
Crackers are finding increasingly difficult to crack
systems using email; therefore, they have turned to
using webpages instead.
"A year ago, one out of every 909 e-mails was infected with
malicious code. In the first quarter of 2008, only one out
of every 2,500 was infected.
"Last year, Sophos detected an average of roughly 5,000 infected
Web pages a day; this quarter, the average is 15,000 per day.
That's one new infected Web page every five seconds."
"And these are sites you may well visit: 79 percent are legitimate
sites, not sites set up specifically to host malicious attacks."
More bad news...
"The Sophos report also shows that more than 92 percent of all
e-mail sent in the first quarter of this year was spam.
Crackers are criminals.
Study Finds Infected Web Pages on the Rise
[01 May 2008, top]
E-Voting Systems Not Ready For Presidential Election
Electronic voting... many in the computing world think it
could be worse than hanging chads.
"The three systems we looked at are three of the most widely
used around the nation. They're going to be using them in
the 2008 elections; they're still going to have the same
vulnerabilities we found."--David Wagner, Computer Science
professor at UC-Berkeley
U.S. Presidential Election Can Be
[14 April 2008, top]
Click Fraud Happens
I've never understood how clicks could be accurately counted.
Surprise, surprise... some people are using the inexact science
of counting clicks to commit fraud. In fact, click counting has
spawned an "industry" (at least for the time being).
Industry Click Fraud Rate Climbs to 16.6 Percent for Fourth Quarter 2007
[01 April 2008, top]
No Excusing Sloppy IT Practices
It's bad enough when computer systems contain cracks
that allow crackers to crack them, but there are no
excuses for sloppy IT practices.
BlueCross BlueShied's Dental Network unit needs to
improve their IT operations.
"A dental HMO accidentally put the social security numbers
of 75,000 members online last month, and the people weren't
notified until three weeks later, the Baltimore Sun reports.
USA Today reported that the HMO said "the data is now secure
and the issues that resulted in the data breach have been
corrected." That's nice, but I doubt the 75,000 people
who have had their SSNs exposed could care less.
[27 March 2008, top]
Hannaford Brothers Shoppers Beware
Hannaford Brothers supermarket chain was attacked by crackers.
The company announced that "as many as four million credit- and
debit-card numbers" were stolen from a "data intrusion into its
computer network." Hannaford Brothers reported that "no personal
information, such as names and addresses, was accessed or obtained"
and that it is "aware of fewer than 2,000 cases of reported fraud
related to this crime."
The Security Watchdog hopes "fewer than 2,000 cases of reported
fraud" isn't considered "good" news; just one case of fraud is
one case too many.
Hannaford's press release indicated that "data was illegally accessed
from Hannaford's computer systems during the card-authorization
The Security Watchdog found the following quote humorous.
"What showed up here was a new trend where criminals are going
after data in transit, as opposed to data at rest. I think
everybody was caught off-guard by that."--Avivah Litan,
a security analyst for Gartner, via NewsFactor.com
It is difficult to believe that anybody was "caught off-guard"
by the fact that crackers around the world are intercepting data
that's being transmitted via the world's networks.
Credit Card Security Press Release
[20 March 2008, top]
Crackers Don't Need To Be Hackers
Forbes.com--Cyber Security: "The No-Tech Hacker."
It starts with the following...
"Hackers have a lot of fancy names for the technical exploits
they use to gain access to a company's networks: cross-site
scripting, buffer overflows or the particularly evil-sounding
SQL injection, to name a few. But Johnny Long prefers a simpler
entry point for data theft: the emergency exit door."
"By law, employees have to be able to leave a building without
showing credentials," Long says. "So the way out is often the
easiest way in."
"Case in point: Tasked with stealing data from an ultra-secure
building outfitted with proximity card readers, Long opted for
an old-fashioned approach. Instead of looking for vulnerabilities
in the company's networks or trying to hack the card readers at
the building's doors, he and another hacker shimmied a wet washcloth
on a hanger through a thin gap in one of its exits. Flopping the
washcloth around, they triggered a touch-sensitive metal plate
that opened the door and gave them free roam of the building.
'We defeated millions of dollars of security with a piece of
wire and a washcloth,' Long recalls, gleefully."
Physical security remains a huge issue and I don't think
it is going away anytime soon.
The No-Tech Hacker
[18 March 2008, top]
First crackers cracked 10,000 websites using mostly dot-asp
(Active Server Pages). Now they have cracked 200,000 webpages
"The infected pages bring up what appears to be a pornographic
web site. Upon loading the page, a 'fake codec' social engineering
attack is attempted. The user is told that in order to view the
movie on the page, a special video codec must be installed."
"The user then downloads a trojan program which installs a malware
package on the users system then delivers a fraudulent error message
telling the user that the supposed codec could not be installed."
Crackers are criminals.
Second mass hack exposed
[18 March 2008, top]
Crackers Use GNU Radio To Crack Pacemakers
Hackers don't hack pacemakers, but crackers might crack them.
Crackers can use GNU Radio software to crack a
"combination pacemaker and defibrillator having
InformationWeek.com wrote the following.
"The researchers say they believe that their attempts to
reverse-engineer the communications going to and from the
Medtronic implantable cardioverter defibrillator represent
the first use of software defined radios in the security
community for reverse engineering wireless protocols. The
group used the GNU Radio software toolkit to create a radio
receiver capable of processing radio waves as defined by software."
Pacemakers Vulnerable To Hacking
[13 March 2008, top]
Our Educational Systems Are Behind The Times
When it comes to taking a test, a common policy seems to
be no talking, no books, no notes, no computer, no Internet,
and no cell phone. Coming soon? No wrist watches.
"Thai students will be barred from wearing watches in national
university entrance exams this weekend after a student was
caught cheating using a mobile phone wrist watch."
In our March department meeting, one faculty member
indicated that instructor copies of textbooks can be
obtained on eBay.com for $10.
Our educational systems have not adapted to
the Internet world. What a shame.
[11 March 2008, top]
FTP Remains a Cracker Power Tool
FTP is the File Transfer Protocol (Program). According to a
NewsFactor.com posting, "8700+ FTP login names and passwords
are being peddled at an online auction site for stolen data."
The crackers are using the "NeoSploit 2" toolkit, which is
"designed to exploit and trade FTP account credentials stolen
from legitimate companies."
NewsFactors.com headline uses the term "Saas" and SaaS stands
for "Software as a Service."
Hackers Use SaaS To Auction FTP Passwords, Inject Code
[29 February 2008, top]
Who Owns Electronic Address Books?
Headlines (titles, subject-lines, et al.) are important.
Fortune Magazine had an article titled "Who owns your
address book?" The answer seems almost as obvious as
who owns your door knob, but then again nothing's easy.
Who owns your address book?
[23 February 2008, top]
Biometrics Becoming a Growth Industry
Biometrics might morph into a growth industry.
"Next Generation Identification, will give the government new
capabilities to identify people in the United States and abroad."
From $2.7 billion in 2007 to $7.1 billion on 2012?
BCC Research called The Global Biometrics Market, the
global market for biometrics was worth nearly $2 billion
in 2006 and is expected to increase to $2.7 billion in
2007 and $7.1 billion by 2012, a compound annual growth
rate of 21.3 percent over the next five years.
FBI Unveils $1B Biometrics Initiative
[23 February 2008, top]
Crackers Are All Over the World
Crackers are all over the world and they come in
many shapes and sizes and ages. Crackers crack
systems and sometimes they do it without intending
to be criminals.
"A Polish teenager allegedly turned the tram system in
the city of Lodz into his own personal train set, triggering
chaos and derailing four vehicles in the process. Twelve
people were injured in one of the incidents."
"The 14-year-old modified a TV remote control so that it could
be used to change track points, The Telegraph reports. Local
police said the youngster trespassed in tram depots to gather
information needed to build the device. The teenager told
police that he modified track setting for a prank."
Polish teen derails tram after hacking train network
[04 February 2008, top]
Defending Hackers, Exposing Crackers
I posted the following in response to an Arizona Republic
article found in the Business section on 2 February 2008.
The article was titled: "U.S. tests its hacker defenses."
The United States has little to fear from hackers, but
we have lots to be worried about when it comes to crackers.
Hackers good; crackers criminals. Some crackers are hackers
that have gone bad; however, these days it is relatively easy
for somebody who is not a hacker to be an effective cracker.
This posting should have been titled "U.S. tests its
I wanted to extend a Thank You to kgcoleman and
rootwebmasteraz for their informative comments.
Cyberwarefare, if it happens, is not going to be fun.
Reboot America could be a movie titled "Reboot America
--Invasion of the Blue Screens of Death."
Quoting Bill Joy: "September 11 was essentially a collision of
early 20th-century technology: the aeroplane and the skyscraper.
We don't want to see a collision of 21st-century technology."
I suspect Joy was referencing bioterrorism (near term) and
nanowarfare (next 2-3 decades), but cyberwarfare has probably
already started. Simple attack: crack banking systems and multiple
every positive account balance by zero. When the masses don't have
any money, then what?
[04 February 2008, top]
Cyber-gangs Getting Into Mac Attacks
Get ready for some serious Mac attacks? Sophos,
an IT security and control firm, thinks so.
"No-one should underestimate the significance of
financially-motivated malware arriving for Apple
Macs at the end of 2007. Although Macs have a long
way to go in the popularity stakes before they overtake
PCs,particularly in the workplace, their increased
attractiveness to consumers has proven irresistible
to some criminal cybergangs."--Graham Cluley
Sophos Security Threat Report reveals cybercriminals moving beyond Microsoft
[31 January 2008, top]
RIAA Sends 407 Letters To Universities
I came across this news story on the PLUG-discuss mailing-list.
(PLUG is the Phoenix Linux Users Group)
The RIAA's press release started with the following paragraph.
"The Recording Industry Association of America (RIAA), on
behalf of the major record companies, this week sent a new
wave of 407 pre-litigation settlement letters to 18 universities
nationwide as part of an ongoing campaign against online music
theft. The letters reflect evidence of significant abuse of
campus computer networks for the purpose of copyright infringement."
[source: RIAA.com on 10 January 2008]
On the local front, Arizona State University received 33
of the RIAA's 407 letters.
RIAA Continues College Deterrence Campaign Into 2008
[15 January 2008, top]
Revisiting "Reflections on Trusting Trust"
Ken Thompson won the ACM Turing Award in 1984. He wrote a
paper titled "Reflections on Trusting Trust" that many
computing gurus consider a classic. Thompson ended his
essay with the following essay.
"I have watched kids testifying before Congress. It is clear
that they are completely unaware of the seriousness of their
acts. There is obviously a cultural gap. The act of breaking
into a computer system has to have the same social stigma as
breaking into a neighbor's house. It should not matter that
the neighbor's door is unlocked. The press must learn that
misguided use of a computer is no more amazing than drunk
driving of an automobile."
Anybody who breaks into a computer is a cracker and
crackers are criminals. And this is true independent
of the cracker's age.
Reflections on Trusting Trust by Ken Thompson
[15 January 2008, top]
U.K. Might RFID Criminals
I have suggested that everybody coming into the country be
"chipped" with a RFID. However, this probably won't happen
until there's another 911-like attack on our homeland.
Chipping criminals sounds like a 21st century thing
Prisoners 'to be chipped like dogs'
[14 January 2008, top]
Privacy--Huge Issue In 2008?
An AzCentral.com blogger posted Business Week's predictions for 2008.
The following was listed as #10: "The world is going to find out how
our privacy has been invaded by click-tracking software online."
It's more than just clicks. An "event" is generated everytime a
computer mouse moves from one pixel to another. In addition, the
amount of time a mouse hovers over a pixel can be measured. All
this information can be transmitted over the Internet to supercomputers
and subjected to 21st century Informatic processing.
With respect to privacy, I wonder if Business Week said anything
[11 January 2008, top]
2007 Was a Great Year For Crackers
It is no surprise that 2007 was a record year when it
comes to crackers/criminals stealing data.
"The number of publicly reported data breaches in the U.S.
rose by more than 40% in 2007, compared to the previous year,
according to statistics compiled by the Identity Theft Resource
Center (ITRC), a consumer rights advocacy group."
InformationWeek.com reported that "127 million data records
were exposed during 2007."
The Security Watchdog will remain operational during 2008
and it might even make it into 2009.
Record Number Of Data Breaches Reported In 2007
[03 January 2008, top]
About the Security Watchdog
The starts 2008
with 422 postings. This blog was started during March of 2000
and the current world of computer security is worse now than it
was then. Needless to say, there will always be content for the
for at least the
next couple of years.
Security Watchdog Archives:
[01 January 2008, top]