| |
| Current Topic: Computer Security |
|
Hackers cut off SCO Web site | CNET News.com |
|
|
|---|
| Topic: Computer Security |
12:33 am EDT, Aug 26, 2003 |
] This weekend, a denial-of-service attack took down the
] Web site of The SCO Group, which is caught in an
] increasingly acrimonious row with the open-source
] community over the company's legal campaign against
] Linux. Most under reported story of the day... Hackers cut off SCO Web site | CNET News.com |
|
Analysis of an Electronic Voting System |
|
|
|---|
| Topic: Computer Security |
5:28 pm EDT, Aug 23, 2003 |
] Recent election problems have sparked great interest in
] managing the election process through the use of
] electronic voting systems. While computer scientists, for
] the most part, have been warning of the perils of such
] action, vendors have forged ahead with their products,
] claiming increased security and reliability. Many
] municipalities have adopted electronic systems, and the
] number of deployed systems is rising. For these new
] computerized voting systems, neither source code nor the
] results of any third-party certification analyses have
] been available for the general population to study,
] because vendors claim that secrecy is a necessary
] requirement to keep their systems secure. Recently,
] however, the source code purporting to be the software
] for a voting system from a major manufacturer appeared on
] the Internet. This manufacturer's systems were used in
] Georgia's state-wide elections in 2002, and the company
] just announced that the state of Maryland awarded them an
] order valued at up to $55.6 million to deliver touch
] screen voting systems. The press claims this paper is discredited because Avi Rubin was involved with an electronic voting company. Read it for yourself and see what you think. Analysis of an Electronic Voting System |
|
ajc.com | Metro | Dare accepted on electronic voting machines |
|
|
|---|
| Topic: Computer Security |
5:27 pm EDT, Aug 23, 2003 |
] Roxanne Jekot, a 51-year-old computer program developer from
] Cumming, said she and a few expert friends could crack Georgia's $54
] million touch-screen voting system in a matter of minutes.
]
] Bring it on, said state election officials. Well, that's a nice change from the we-will-sue-you-into-quiet-submission thing that so in vogue these days.. ajc.com | Metro | Dare accepted on electronic voting machines |
|
'Good' Worm Fixes Infected Computers (TechNews.com) |
|
|
|---|
| Topic: Computer Security |
9:17 pm EDT, Aug 18, 2003 |
] A new Internet worm emerged today that is designed to
] seek out and fix any computer that remains vulnerable to
] "Blaster," the worm that attacked more than 500,000
] computers worldwide last week. 'Good' Worm Fixes Infected Computers (TechNews.com) |
|
The Register - Blackboard press release |
|
|
|---|
| Topic: Computer Security |
7:25 pm EDT, Jul 15, 2003 |
] Blackboard said the settlement shows its systems are
] secure but the whole case is better understood as a
] successful attempt to protect the firm's reputation
] against the possibly exaggerated claims of a pair of
] student hacker/crackers The register got caught up in the spin as well. Since when is using the law an appropriate way to silence critics? Thats the very definition of censorship. Can we accept that this is really the final word on the story, given that its coming from blackboard, and that Acidus and Virgil are injoined from responding? Is Blackboard's technology secure? We may never know. What we do know is that Blackboard has effectively silenced their critics, with extreme prejudice. My lawyer is bigger then your lawyer should not trump the first amendment. In this case it has. These student settled because they did not have the means to defend themselves. Acidus and Virgil owe $20,000 in (clears throat) "legal fees." They are college students. They can't really afford this and they need help. If you would like to contribute, you can paypal the following email address: gte344p@prism.gatech.edu (Above comments from Decius..) I'll have more to say about this later, when I can sit down and type something up without the sound of truck stop poker video games ringing in my ears. The Register - Blackboard press release |
|
Secret Handshakes from Pairing-Based Key Agreements |
|
|
|---|
| Topic: Computer Security |
7:26 pm EDT, Jun 10, 2003 |
This scheme allows Alice to ask Bob if Bob is a warez site, but if it turns out that Bob is the RIAA he cannot prove that Alice asked for warez, and if it turns out that Alice is the RIAA she cannot prove that Bob is a warez site. Secret Handshakes from Pairing-Based Key Agreements |
|
CNN.com - N. Korean training hackers, Seoul says - May. 16, 2003 |
|
|
|---|
| Topic: Computer Security |
6:08 pm EDT, May 16, 2003 |
] North Korea is training around 100 computer hackers each
] year to boost its cyber-warfare capabilities, pushing the
] South to fortify its own computer security, a South
] Korean military official said on Friday. The main reason this seems offbase to me is the "100 hackers each year" thing. I have a feeling tracking down 100 computers in North Korea is a hell of a challenge, let alone 100 hax0rs with clue. Not to mention a decent net connection for them to search out tools over, keep up to date on discovered sploits, etc.. The thing that is going to make a cracker a danger isn't a set selection of skills that the other 99 also have, but rather the ability to think on their feet and learn on the fly.. That takes time and experience. I see this situation being very hard to cultivate, as it would require their cracker-corps to be constantally working on their skills, finding new sploits, etc.. It would require access to many of the devices/software they are interested in hacking, which is going to be nearly impossible for them.. I immagine the resources for this all are very slim.. That number also leads to believe that their intent is not to have their hacker-corps working out of North Korea, but rather send them out of the country and have them work elsewhere. North Korea proper would likely be very easy to cut off from the rest of the world in the event of a conflict, rendering their hacker teams useless.. They would have to be stationed in many places outside North Korea to be useful. Now, if North Korea had crackers spread out all over the globe, working toegether to form some l33t North Korea cracker-corps, this might be logical.. Otherwise, its very unlikely to exist, or be a real danger. Of course, that also implies that North Korea has their shit together, something I don't think is likely. Its more likely that they have 100 people in North Korea who are being called "hackers" and being "trained on hacking", even though most of them have never actually used a real computer for more then 5 min. This is probably another case of North Korea trying to give the impression to South Korea (and everyone else) it is more dangerous then it actually is.. They have 4 skilled and loyal hax0r kiddies, and somehow it became "100 every year".. Don't they have 300 nukes aimed at the US right now? Heh. Two or three maybe. (And more on the way, but that's another story..) There is also another option.. North Korea has zero to do with this, and South Korea is just trying too pump up some fear in order to get its people to take computer security more seriously.. Slammer did really take them for a spin. They have reason to be concerned. CNN.com - N. Korean training hackers, Seoul says - May. 16, 2003 |
|
NYPOST.COM World News: 9/11 PLOT HIDDEN IN E-PORN By NILES LATHEM |
|
|
|---|
| Topic: Computer Security |
5:34 pm EDT, May 10, 2003 |
] Chilling details of al Qaeda's secret communications
] system - and the possibility of widespread knowledge that
] the devastating attacks on New York and Washington were
] in the works - were unveiled in a courtroom in Milan,
] where a group of Islamic militants are on trial for
] supporting al Qaeda's terrorist activities.
]
] According to reports in the Corriere della Sera newspaper
] and on ABC News' Web site, the secret communications were
] discovered during a November 2001 raid on the Via
] Quaranta mosque in Milan, where police confiscated 11
] computers. ] Investigators believe cell members were using a process
] called stenography, in which special software allows a
] text message to be hidden inside a small part of a
] computer photograph. NYPOST.COM World News: 9/11 PLOT HIDDEN IN E-PORN By NILES LATHEM |
|
Who knows the evil that lurks in the buffers of men? The Stack knows! |
|
|
|---|
| Topic: Computer Security |
5:59 am EST, Apr 1, 2003 |
] Firewalls, packet filters, intrusion detection systems,
] and the like often have difficulty distinguishing between
] packets that have malicious intent and those that are
] merely unusual. We define a security flag in the IPv4
] header as a means of distinguishing the two cases. :) Who knows the evil that lurks in the buffers of men? The Stack knows! |
|
Citibank obtains an injunction against distribution of research paper! |
|
|
|---|
| Topic: Computer Security |
6:52 pm EST, Feb 24, 2003 |
] So the secret is well and truly out.
]
] Despite this a London Court judge last week granted an
] injunction preventing experts in the case (including the
] Cambridge security researchers) discussing anything
] likely to become testimony in the trial. Citibanks'
] petition can be found here.
]
] A counterargument by Anderson arguing that the
] injunction, while appropriate for the bank experts
] involved, contravened academic freedoms and was bad for
] security was rejected, the Sunday Times reported
] yesterday. Citibank's court victory is yet to be recorded
] elsewhere, at least as far as we can see. Citibank obtains an injunction against distribution of research paper! |
|
