BrainWave Technology Tidbits

The Seven Habits of Highly Ineffective Terrorists

Schneier on Security — Tue, 07 Oct 2008 11:48:53 GMT

Most counterterrorism policies fail, not because of tactical problems, but because of a fundamental misunderstanding of what motivates terrorists in the first place. If we're ever going to defeat terrorism, we need to understand what drives people to become terrorists in the first place. Conventional wisdom holds that terrorism is inherently political, and that people become terrorists for political...(read more)

Clickjacking

Schneier on Security — Mon, 06 Oct 2008 19:45:02 GMT

Good Q&A on clickjacking: In plain English, clickjacking lets hackers and scammers hide malicious stuff under the cover of the content on a legitimate site. You know what happens when a carjacker takes a car? Well, clickjacking is like that, except that the click is the car. "Clickjacking" is a stunningly sexy name, but the vulnerability is really just a... Share Post: Read More......(read more)

New Cross-Site Request Forgery Attacks

Schneier on Security — Mon, 06 Oct 2008 11:42:04 GMT

Interesting: CSRF vulnerabilities occur when a website allows an authenticated user to perform a sensitive action but does not verify that the user herself is invoking that action. The key to understanding CSRF attacks is to recognize that websites typically don't verify that a request came from an authorized user. Instead they verify only that the request came from the... Share Post: Read More......(read more)

Friday Squid Blogging: Close-Up of a Long-Finned Squid Tentacle

Schneier on Security — Fri, 03 Oct 2008 22:25:00 GMT

Wow.... Share Post: Read More......(read more)

Article in the Irish Times

Schneier on Security — Fri, 03 Oct 2008 19:43:49 GMT

On Wednesday I was interviewed by the Irish Times.... Share Post: Read More......(read more)

Another Article on Chemical Plant Security and Externalities

Schneier on Security — Fri, 03 Oct 2008 17:45:37 GMT

This essay of mine was published in The Guardian yesterday. Nothing I haven't said before.... Share Post: Read More......(read more)

How to negotiate better pay

Advice Line | Bob Lewis — Fri, 03 Oct 2008 16:13:07 GMT

Compensation is based on the law of supply and demand. Use it to your advantage. READ MORE Share Post: Read More......(read more)

Taleb on the Limitations of Risk Management

Schneier on Security — Fri, 03 Oct 2008 13:48:41 GMT

Nice paragraph on the limitations of risk management in this occasionally interesting interview with Nicholas Taleb: Because then you get a Maginot Line problem. [After World War I, the French erected concrete fortifications to prevent Germany from invading again -- a response to the previous war, which proved ineffective for the next one.] You know, they make sure they solve... Share Post: Read More.....(read more)

Bank Robber Hires Accomplices on Craigslist

Schneier on Security — Thu, 02 Oct 2008 18:18:55 GMT

Now this is clever: "I came across the ad that was for a prevailing wage job for $28.50 an hour," said Mike, who saw a Craigslist ad last week looking for workers for a road maintenance project in Monroe. He said he inquired and was e-mailed back with instructions to meet near the Bank of America in Monroe at 11... Share Post: Read More......(read more)

"Scareware" Vendors Sued

Schneier on Security — Thu, 02 Oct 2008 13:03:09 GMT

This is good: Microsoft Corp. and the state of Washington this week filed lawsuits against a slew of "scareware" purveyors, scam artists who use fake security alerts to frighten consumers into paying for worthless computer security software. The case filed by the Washington attorney general's office names Texas-based Branch Software and its owner James Reed McCreary IV, alleging that McCreary's......(read more)

MI6 Camera -- Including Secrets -- Sold on eBay

Schneier on Security — Wed, 01 Oct 2008 19:59:17 GMT

I wish I'd known: A 28-year-old delivery man from the UK who bought a Nikon Coolpix camera for about $31 on eBay got more than he bargained for when the camera arrived with top secret information from the UK's MI6 organization. Allegedly sold by one of the clandestine organization's agents, the camera contained named al-Qaeda cells, names, images of suspected... Share Post: Read More......(read more)

Hand Grenades as Weapons of Mass Destruction

Schneier on Security — Wed, 01 Oct 2008 12:37:22 GMT

I get that this is terrorism: A 24-year-old convert to Islam has been sentenced to 35 years in prison for plotting to set off hand grenades in a crowded shopping mall during the Christmas season. But I thought "weapons of mass destruction" was reserved for nuclear, chemical, and biological weapons. He was arrested in 2006 on charges of scheming to... Share Post: Read More......(read more)

The next career step for an AS/400 jockey

Advice Line | Bob Lewis — Wed, 01 Oct 2008 03:32:22 GMT

When you know RPGLE development and want to move to something new, what choices do you have? READ MORE Share Post: Read More......(read more)

How to Clone and Modify E-Passports

Schneier on Security — Tue, 30 Sep 2008 18:24:51 GMT

The Hackers Choice has released a tool allowing people to clone and modify electronic passports. The problem is self-signed certificates. A CA is not a great solution: Using a Certification Authority (CA) could solve the attack but at the same time introduces a new set of attack vectors: The CA becomes a single point of failure. It becomes the juicy/high-value... Share Post: Read More......(read more)

Hot Dogs are Not Bombs

Schneier on Security — Tue, 30 Sep 2008 12:58:16 GMT

Another bomb scare.... Share Post: Read More......(read more)