Create an Account
username: password:
 
  MemeStreams Logo

It's always easy to manipulate people's feelings. - Laura Bush

search

Decius
Picture of Decius
Decius's Pics
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Decius's topics
Arts
  Literature
   Sci-Fi/Fantasy Literature
  Movies
   Sci-Fi/Fantasy Films
  Music
   Electronic Music
Business
  Finance & Accounting
  Tech Industry
  Telecom Industry
  Management
  Markets & Investing
Games
Health and Wellness
Home and Garden
  Parenting
Miscellaneous
  Humor
  MemeStreams
Current Events
  War on Terrorism
Recreation
  Cars and Trucks
  Travel
Local Information
  United States
   SF Bay Area
    SF Bay Area News
Science
  Biology
  History
  Math
  Nano Tech
  Physics
Society
  Economics
  Politics and Law
   Civil Liberties
    Internet Civil Liberties
    Surveillance
   Intellectual Property
  Media
   Blogging
Sports
Technology
  (Computer Security)
  Macintosh
  Spam
  High Tech Developments

support us

Get MemeStreams Stuff!


 
Current Topic: Computer Security

Frequency X Blog: More on Automatic Exploit Generation
Topic: Computer Security 5:30 pm EDT, Apr 23, 2008

I think the authors have demonstrated a powerful tool that could be a useful asset to a vulnerability analyst, but their abstract, and the conclusions they draw, assume solutions to difficult problems that remain unsolved in the open, public security research space.

Xpost

Frequency X Blog: More on Automatic Exploit Generation


Boston Review — Jonathan Zittrain on Protecting the Internet Without Wrecking It
Topic: Computer Security 8:21 am EDT, Mar 25, 2008

Protecting the Internet Without Wrecking It
How to meet the security threat
Jonathan Zittrain

With responses by Bruce M. Owen, Richard Stallman, Susan Crawford , David D. Clark, Roger A. Grimes, and Hal Varian;

There is a hell of a lot of writing here but the basic idea seems to be that the way to develop secure computers without resorting to the creation of trusted computing type closed systems like the xbox is to create a trusted computer with a more democratic control system instead of putting all of the power in the hands of a signal software vendor.... a reputation system for code.

Boston Review — Jonathan Zittrain on Protecting the Internet Without Wrecking It


Targeted malware attacks against pro-Tibet groups - F-Secure Weblog : News from the Lab
Topic: Computer Security 3:52 pm EDT, Mar 21, 2008

Somebody is trying to use pro-Tibet themed emails to infect computers of the members of pro-Tibet groups to spy on their actions.

More info here.

Targeted malware attacks against pro-Tibet groups - F-Secure Weblog : News from the Lab


Whistle-Blower: Feds Have a High-Speed Backdoor Into Wireless Carrier | Threat Level from Wired.com
Topic: Computer Security 10:39 pm EST, Mar  5, 2008

According to his affidavit, Pasdar tumbled to the surveillance superhighway in September 2003, when he led a "Rapid Deployment" team hired to revamp security on the carrier's internal network. He noticed that the carrier's officials got squirrelly when he asked about a mysterious "Quantico Circuit" -- a 45 megabit/second DS-3 line linking its most sensitive network to an unnamed third party.

Quantico, Virginia, is home to a Marine base. But perhaps more relevantly, it's also the center of the FBI's electronic surveillance operations.

"The circuit was tied to the organization's core network," Pasdar writes in his affidavit. "It had access to the billing system, text messaging, fraud detection, web site, and pretty much all the systems in the data center without apparent restrictions."

I hope the feds put a firewall on the other side, otherwise....

Whistle-Blower: Feds Have a High-Speed Backdoor Into Wireless Carrier | Threat Level from Wired.com


How Crypto Won the DVD War | Threat Level from Wired.com
Topic: Computer Security 7:37 pm EST, Feb 26, 2008

Support from studios has been widely cited as the reason for Blu-ray's victory, but few consumers know that the studios were likely won over by the presence of a digital lock on movies called BD+, a far more sophisticated and resilient digital rights management, or DRM, system than that offered by HD DVD.

This is very interesting.

How Crypto Won the DVD War | Threat Level from Wired.com


RE: Pakistan Cuts Access to YouTube Worldwide - New York Times
Topic: Computer Security 2:18 pm EST, Feb 26, 2008

bucy wrote:

Pakistan Telecom then made an error by announcing that dummy route to its own telecommunications partner, PCCW, based in Hong Kong, shortly before noon New York time on Sunday, according to Renesys.

PCCW then made a second error, accepting that dummy route for YouTube and relaying it to other Internet providers around the world.

Except that everyone makes this "error." No one dutifully filters routes they accept from peers. The core point here is that anyone with a BGP feed can take anyone else out pretty much whenever.

RE: Pakistan Cuts Access to YouTube Worldwide - New York Times


Bush Order Expands Network Monitoring - washingtonpost.com
Topic: Computer Security 8:07 pm EST, Jan 28, 2008

President Bush signed a directive this month that expands the intelligence community's role in monitoring Internet traffic to protect against a rising number of attacks on federal agencies' computer systems.

Bush Order Expands Network Monitoring - washingtonpost.com


Security Data Visualization: Graphical Techniques for Network Analysis
Topic: Computer Security 3:40 pm EST, Jan 25, 2008

Greg Conti published a book last October!

Information overload. If you're responsible for maintaining your network's security, you're living with it every day. Logs, alerts, packet captures, and even binary files take time and effort to analyze using text-based tools - and once your analysis is complete, the picture isn't always clear, or timely. And time is of the essence.

Information visualization is a branch of computer science concerned with modeling complex data using interactive images. When applied to network data, these interactive graphics allow administrators to quickly analyze, understand, and respond to emerging threats and vulnerabilities.

Security Data Visualization is a well-researched and richly illustrated introduction to the field. Greg Conti, creator of the network and security visualization tool RUMINT, shows you how to graph and display network data using a variety of tools so that you can understand complex datasets at a glance. And once you've seen what a network attack looks like, you'll have a better understanding of its low-level behavior - like how vulnerabilities are exploited and how worms and viruses propagate.

You'll learn how to use visualization techniques to:

# Audit your network for vulnerabilities using free visualization tools, such as AfterGlow and RUMINT
# See the underlying structure of a text file and explore the faulty security behavior of a Microsoft Word document
# Gain insight into large amounts of low-level packet data
# Identify and dissect port scans, Nessus vulnerability assessments, and Metasploit attacks
# View the global spread of the Sony rootkit, analyze antivirus effectiveness, and monitor widespread network attacks
# View and analyze firewall and intrusion detection system (IDS) logs

Security visualization systems display data in ways that are illuminating to both professionals and amateurs. Once you've finished reading this book, you'll understand how visualization can make your response to security threats faster and more effective

You can download Chapter 5, "One Night on my ISP", from the publisher.

Security Data Visualization: Graphical Techniques for Network Analysis


FAA: Boeing's New 787 May Be Vulnerable to Hacker Attack
Topic: Computer Security 1:42 pm EST, Jan  6, 2008

Boeing's new 787 Dreamliner passenger jet may have a serious security vulnerability in its onboard computer networks that could allow passengers to access the plane's control systems, according to the U.S. Federal Aviation Administration.

The computer network in the Dreamliner's passenger compartment, designed to give passengers in-flight internet access, is connected to the plane's control, navigation and communication systems, an FAA report reveals.

Dec0de says: How f*#king stupid can people be?

Well, lets see:

Gunter wouldn't go into detail about how Boeing is tackling the issue but says it is employing a combination of solutions that involves some physical separation of the networks, known as "air gaps," and software firewalls. Gunter also mentioned other technical solutions, which she said are proprietary and didn't want to discuss in public.

"There are places where the networks are not touching, and there are places where they are," she said.

What?! Either the networks are connected or they are not. There is no middle ground. This isn't some enterprise network where you've got to have connectivity and you put in a firewall but every once in a while a virus outbreak happens anyway and you loose a day. This is an airplane. One virus outbreak on your internal network and you kill a lot of people. Conclusion: REAL, REAL f*#king stupid!

FAA: Boeing's New 787 May Be Vulnerable to Hacker Attack


PhreakNIC 0x0b Day 1 - 04 - CypherGhost - Postal Experiments
Topic: Computer Security 9:18 am EST, Dec 20, 2007

PhreakNIC 0x0b presentation from CypherGhost on the funny rules surrounding what you can and can't ship via the USPS, as well as why some things take longer than others.

I've also been meaning to watch this. I hear he mailed a sphere. :) I think I can take 45 minutes this morning....

PhreakNIC 0x0b Day 1 - 04 - CypherGhost - Postal Experiments


(Last) Newer << 1 - 2 - 3 - 4 - 5 - 6 - 7 ++ 17 >> Older (First)
 
 
Powered By Industrial Memetics
RSS2.0