Schneier on Security: Conversation with Kip Hawley, TSA Administrator (Part 3)
Topic: Society
11:37 am EDT, Aug 1, 2007
KH:
We do not publicize how often the no-fly system stops people you would not want on your flight. Several times a week would low-ball it.
Almost 20,000 False Positives:
The Justice Department's proposed budget for 2008 reveals for the first time how often names match against the database, reporting that there were 19,967 "positive matches" in 2006.
19,967 / 52 = 383.9 What that really translates to approximately 350 people per week inconvenienced. If they were arrested, deported, or their plot foiled we would of heard about it in the news.
But remeber what KH said about why they use the no-fly list:
The real danger is the gradual erosion of individual liberties through the automation, integration, and interconnection of many small, separate record-keeping systems, each of which alone may seem innocuous, even benevolent, and wholly justifiable. -----U.S. Privacy Protection Study Commission, 1977
The Privacy Rights Clearinghouse (PRC) is a nonprofit consumer organization with a two-part mission -- consumer information and consumer advocacy. It was established in 1992 and is based in San Diego, California. It is primarily grant-supported and serves individuals nationwide.
The PRC's goals are to: * Raise consumers' awareness of how technology affects personal privacy. * Empower consumers to take action to control their own personal information by providing practical tips on privacy protection. * Respond to specific privacy-related complaints from consumers, intercede on their behalf, and, when appropriate, refer them to the proper organizations for further assistance. * Document the nature of consumers' complaints and questions about privacy in reports, testimony, and speeches and make them available to policy makers, industry representatives, consumer advocates, and the media.Advocate for consumers' privacy rights in local, state, and federal public policy proceedings, including legislative testimony, regulatory agency hearings, task forces, and study commissions as well as conferences and workshops.
Halvar Flake tossed by U.S. Customs on way to BlackHat
Topic: Society
11:30 am EDT, Jul 30, 2007
U.S. Customs needs a 24/7 process where their agents can escallate a disagreement to someone who is not a complete fucking moron.
Policies like this are only hurting the digilantis' out there and other security professionals like Halvar.
Digilanti n. Combining digerati expertise with vigilante initiative, the digilanti anonymously police the Internet, exposing scams and fighting spam in the interest of making the Web safe without government intervention.
Hopefully some better policies come out of the EU discussion on cyber-crime.
Because what Germany is doing would be comparable to a U.S. State banning guns. "Guns don't kill people; people kill people"
I say "Hacker tools don't hack systems; hackers hack systems."
Google Code for Educators - Introduction to Web Security
Topic: Technology
10:47 am EDT, Jul 30, 2007
Nice to see a corporation reaching out to academia in this fashion. I'm sure part charity, part if you want something done right (in this case developer education), do it yourself.
Sounds MAD! Mutual assured destruction (MAD) is a doctrine of military strategy in which a full-scale use of nuclear weapons by one of two opposing sides would effectively result in the destruction of both the attacker and the defender.
Software patent does not have a universally accepted definition. One definition suggested by the Foundation for a Free Information Infrastructure is that a software patent is a "patent on any performance of a computer realized by means of a computer program".
There is intense debate over the extent to which software patents should be granted, if at all. Criticisms of software patents include:
* Whether software is patentable; and * Whether the inventive step and non-obviousness requirement is too easily satisified for software.
Summary:A principal Department of Defense agency is looking for programmers, developers or coders to code, support field deployment and maintenance of a new database application which will be used by Army units in Iraq. Scope These are full-time positions (12/7) located at one of the major US Bases in IRAQ. Deployment will be period of 6-12 months. Training on the application software will begin prior to deployment and will take place in Virginia. These positions are available for full time employment or for independent contractors. These positions are available now.
Seriously? There are so many things wrong with this. Guarantee DoD is mis-using AJAX. Could this be the first programmer to die for Web 2.0? Couldn't they just telecommute?
Apple anti-theft system would leave thieves powerless—literally
Topic: Miscellaneous
10:07 am EDT, Jul 26, 2007
The patent, titled "Protecting electronic devices from extended unauthorized use," outlines a technique that would allow a particular device to authenticate itself with certain, user-approved power supplies and devices so that it can only be charged by those devices. In a lot of ways, it's a lot like DRM, but for electronic devices.
Twenty years ago, on an outbuilding of his Southern California estate, tycoon Robert K. Graham began a most remarkable project: the Repository for Germinal Choice, a sperm bank for Nobel Prize winners. Part altruism, part social engineering, part science experiment, the repository was supposed to help reverse the genetic decay Graham saw all around him by preserving and multiplying the best genes of his generation. By the time Graham's repository closed in 1999, his genius sperm had been responsible for more than 200 children.
