|
|
Technology Industry News & Career Management information, brought to you by BrainWave Consulting Company.
May 2009 - Posts
-
Step by step instructions on how to make squid pasta.... Share Post: Read More...
|
-
I am optimistic about President Obama's new cybersecurity policy and the appointment of a new "cybersecurity coordinator," though much depends on the details. What we do know is that the threats are real, from identity theft to Chinese hacking to cyberwar. His principles were all welcome -- securing government networks, coordinating responses, working to secure the infrastructure in private hands... Read More...
|
-
-
In other biometric news, four states have banned smiling in driver's license photographs. The serious poses are urged by DMVs that have installed high-tech software that compares a new license photo with others that have already been shot. When a new photo seems to match an existing one, the software sends alarms that someone may be trying to assume another... Share Post: Read More...
|
-
Wacky: A Singapore cancer patient was held for four hours by immigration officials in the United States when they could not detect his fingerprints -- which had apparently disappeared because of a drug he was taking. [...] The drug, capecitabine, is commonly used to treat cancers in the head and neck, ***, stomach and colorectum. One side-effect is chronic inflammation... Share Post: Read More...
|
-
What do you do if you have too many background checks to do, and not enough time to do them? You fake them, of course: Eight current and former security clearance investigators say they have been pressured to work faster and take on crushing workloads in recent years, as the government tried to eliminate a backlog that once topped 531,000... Share Post: Read More...
|
-
Research: Hiding Information in Retransmissions Wojciech Mazurczyk, Milosz Smolarczyk, Krzysztof Szczypiorski The paper presents a new steganographic method called RSTEG (Retransmission Steganography), which is intended for a broad class of protocols that utilises retransmission mechanisms. The main innovation of RSTEG is to not acknowledge a successfully received packet in order to intentionally invoke Read More...
|
-
Impressive: The Dice-O-Matic is 7 feet tall, 18 inches wide and 18 inches deep. It has an aluminum frame covered with Plexiglas panels. A 6x4 inch square Plexiglas tube runs vertically up the middle almost the entire height. Inside this tube a bucket elevator carries dice from a hopper at the bottom, past a camera, and tosses them onto a... Share Post: Read More...
|
-
Excellent: Seeking to quell fears of terrorists somehow breaking out of America's top-security prisons and wreaking havoc on the defenseless heartland, President Barack Obama moved quickly to announce an Anti-Terrorist Strike Force headed by veteran counterterrorism agent Jack Bauer and mutant superhero Wolverine. Already dubbed a "dream team," their appointment is seen by experts as a crucial step Read More...
|
-
In 2004, I wrote about the prevalence of secret questions as backup passwords. The problem is that the answers to these "secret questions" are often much easier to guess than random passwords. Mother's maiden name isn't very secret. Name of first pet, name of favorite teacher: there are some common names. Favorite color: I could probably guess that in no... Share Post: Read More...
|
-
Three methods: Method 2: Offer Squid a Tasty Treat If your preferred squid looks hungry, try luring it with a delicious oil tanker. During the course of the 1930s, the Norwegian tanker Brunswick was attacked not once, not twice, but three times by giant squid. Metal boats don't sound especially appetizing, but scientists think squid mistake the large, gray objects... Share Post: Read More...
|
-
Marcus Ranum and I did two video versions of our Face-Off column: one on cloud computing, and the other on who should be in charge of cyber-security.... Share Post: Read More...
|
-
They have technology: The FTS Patent has been acclaimed by leading cryptographic authorities around the world as the most innovative and secure protocol ever invented to manage offline and online smart card related transactions. Please see the independent report by Bruce Schneider [sic] in his book entitled Applied Cryptography, 2nd Edition published in the late 1990s. I have no idea... Share Post Read More...
|
-
Four points. One: There was little danger of an actual terrorist attack: Authorities said the four men have long been under investigation and there was little danger they could actually have carried out their plan, NBC News' Pete Williams reported. [...] In their efforts to acquire weapons, the defendants dealt with an informant acting under law enforcement supervision, authorities said.... Share Post Read More...
|
-
In an article on the recent arrests in New York: On Wednesday night, they planted one of the mock improvised explosive devices in a trunk of a car outside the temple and two mock bombs in the back seat of a car outside the Jewish center, the authorities said. Shortly thereafter, police officers swooped in and broke the windows on... Share Post: Read More...
|
-
Interesting: Philippe Golle and Kurt Partridge of PARC have a cute paper on the anonymity of geo-location data. They analyze data from the U.S. Census and show that for the average person, knowing their approximate home and work locations â to a block level â identifies them uniquely. Even if we look at the much coarser granularity of a census... Share Post: Read More...
|
-
I'm very happy with this quote in a CNN.com story on "whole-body imaging" at airports: Bruce Schneier, an internationally recognized security technologist, said whole-body imaging technology "works pretty well," privacy rights aside. But he thinks the financial investment was a mistake. In a post-9/11 world, he said, he knows his position isn't "politically tenable," but he believes money would be... Read More...
|
-
This seems smart: Microsoft plans to formally banish the popular programming function that's been responsible for an untold number of security vulnerabilities over the years, not just in Windows but in countless other applications based on the C language. Effective later this year, Microsoft will add memcpy(), CopyMemory(), and RtlCopyMemory() to its list of function calls banned under its secure... Read More...
|
-
For the April 09 issue Wired Magazine, I was asked to create a cryptographic puzzle based on the television show Lost. Specifically, I was given a "clue" to encrypt. Here are details of the puzzle and solving attempts. Near as I can tell, no one has published a solution. Creating something like this is very hard. The puzzle needs to... Share Post: Read More...
|
-
This is cool. It writes like a normal pen, but if you run a hair dryer over the written words they disappear. And if you put the paper in the freezer the words reappear. Fantastic.... Share Post: Read More...
|
-
This is a great movie-plot threat: Pirates could soon find their way to the waters of the Chesapeake Bay. That's assuming that a liquefied natural gas terminal gets built at Sparrows Point. The folks over at the LNG Opposition Team have long said that building an LNG plant on the shores of the bay would surely invite terrorists to attack.... Share Post: Read More...
|
-
Interesting: China has developed more secure operating software for its tens of millions of computers and is already installing it on government and military systems, hoping to make Beijing's networks impenetrable to U.S. military and intelligence agencies. The secure operating system, known as Kylin, was disclosed to Congress during recent hearings that provided new details on how China's government Read More...
|
-
-
At least, according to a U.S. District Court ruling: As the law currently stands, the court said police can mount GPS on cars to track people without violating their constitutional rights -- even if the drivers aren't suspects. Officers do not need to get warrants beforehand because GPS tracking does not involve a search or a seizure, Judge Paul Lundsten... Share Post: Read More...
|
-
Interesting: Kevin Colwell, a psychologist at Southern Connecticut State University, has advised police departments, Pentagon officials and child protection workers, who need to check the veracity of conflicting accounts from parents and children. He says that people concocting a story prepare a script that is tight and lacking in detail. "It's like when your mom busted you as a kid,... Share Post Read More...
|
-
Terrorists attacking our food supply is a nightmare scenario that has been given new life during the recent swine flu outbreak. Although it seems easy to do, understanding why it hasn't happened is important. G.R. Dalziel, at the Nanyang Technological University in Singapore, has written a report chronicling every confirmed case of malicious food contamination in the world since 1950:... Share Post Read More...
|
-
This is an excellent lesson in the security problems inherent in trusting proprietary software: After two years of attempting to get the computer based source code for the Alcotest 7110 MKIII-C, defense counsel in State v. Chun were successful in obtaining the code, and had it analyzed by Base One Technologies, Inc. Draeger, the manufacturer maintained that the system was... Share Post: Read More...
|
-
It's called "sweethearting": when cashiers pass free merchandise to friends. And some stores are using security cameras to detect it: Mathematical algorithms embedded in the stores' new security system pick out sweethearting on their own. There's no need for a security guard watching banks of video monitors or reviewing hours of grainy footage. When the system thinks it's spotted evidence,... Share Read More...
|
-
For this contest, the goal was to: ...to find an existing event somewhere in the industrialized world—Third World events are just too easy—and provide a conspiracy theory to explain how the terrorists were really responsible. I thought it was straightforward enough but, honestly, I wasn't very impressed with the submissions. Nothing surprised me with its cleverness. There were scary entries... Read More...
|
-
From Brian Krebs at The Washington Post: One of the scarier realities about malicious software is that these programs leave ultimate control over victim machines in the hands of the attacker, who could simply decide to order all of the infected machines to self-destruct. Most security experts will tell you that while this so-called "nuclear option" is an available feature... Share Post: Read More...
|
-
A bunch of researchers at the University of California Santa Barbara took control of a botnet for ten days, and learned a lot about how botnets work: The botnet in question is controlled by Torpig (also known as Sinowal), a malware program that aims to gather personal and financial information from Windows users. The researchers gained control of the Torpig... Share Post: Read More...
|
-
Two of my favorite tools for online storage and collaboration are DropBox and Box.net . Because each product offers features that the other lacks, and because they appear to be attacking the challenges of collaboration different perspectives,...( read more ) Share Post: Read More...
|
-
-
Nice essay: In the modern era, the right of privacy represents a vast array of rights that include clear legal standards, government accountability, judicial oversight, the design of techniques that are minimally intrusive and the respect for the dignity and autonomy of individuals. The choice that we are being asked to make is not simply whether to reduce our expectation... Share Post: Read More...
|
-
Oops: The United Kingdom's MI6 agency acknowledged this week that in 2006 it had to scrap a multi-million-dollar undercover drug operation after an agent left a memory stick filled with top-secret data on a transit coach. The general problem. The general solution.... Share Post: Read More...
|
-
This is bad: On Thursday, April 30, the secure site for the Virginia Prescription Monitoring Program (PMP) was replaced with a $US10M ransom demand: "I have your ***! In *my* possession, right now, are 8,257,378 patient records and a total of 35,548,087 prescriptions. Also, I made an encrypted backup and deleted the original. Unfortunately for Virginia, their backups seem to... Share Post: Read More...
|
-
This is worth reading: Five years ago I wrote a Language Log post entitled "BS conditional semantics and the Pinocchio effect" about the nonsense spouted by a lie detection company, Nemesysco. I was disturbed by the marketing literature of the company, which suggested a 98% success rate in detecting evil intent of airline passengers, and included crap like this: The... Share Post: Read More...
|
-
I have long argued that the government should use its massive purchasing power to pressure software vendors to improve security. Seems like the U.S. Air Force has done just that: The Air Force, on the verge of renegotiating its desktop-software contract with Microsoft, met with Ballmer and asked the company to deliver a secure configuration of Windows XP out of... Share Post: Read More...
|
-
Fascinating bit of evolutionary biology: So how did natural selection equip men to solve the adaptive problem of other men impregnating their sexual partners? The answer, according to Gallup, is their penises were sculpted in such a way that the organ would effectively displace the semen of competitors from their partner's vagina, a well-synchronized effect facilitated by the "upsuck" of... Share Post Read More...
|
-
If your data is online, it is not private. Oh, maybe it seems private. Certainly, only you have access to your e-mail. Well, you and your ISP. And the sender's ISP. And any backbone provider who happens to route that mail from the sender to you. And, if you read your personal mail from work, your company. And, if they... Share Post: Read More...
|
-
This may be the stupidest example of risk assessment I've ever seen. It's a video clip from a recent Daily Show, about he dangers of the Large Hadron Collider. The segment starts off slow, but then there's an exchange with high school science teacher Walter L. Wagner, who insists the device has a 50-50 chance of destroying the world: "If... Share Post: Read More...
|
-
-
-
Nice hack: Last year, when law professor Joel Reidenberg wanted to show his Fordham University class how readily private information is available on the Internet, he assigned a group project. It was collecting personal information from the Web about himself. This year, after U.S. Supreme Court Justice Antonin Scalia made public comments that seemingly may have questioned the need for... Share Post Read More...
|
-
It's the season, I guess: The United States has no clear military policy about how the nation might respond to a cyberattack on its communications, financial or power networks, a panel of scientists and policy advisers warned Wednesday, and the country needs to clarify both its offensive capabilities and how it would respond to such attacks. The report, based on... Share Post: Read More...
|
|
|
|