Comments
Krista • June 15, 2012 5:07 PM
Aaaaaaaaagh. Must. Wash. Brain.
BF Skinner • June 15, 2012 5:54 PM
Eh. A hummingbird just fed at my feeder and then defecated on my land. Disrespect!
But everyone should have a hat
Nick P • June 15, 2012 5:56 PM
I hope SHE washed her mouth haha
BF Skinner • June 15, 2012 6:24 PM
Keep meaning to collect a list of people doings to combat the “people wouldn’t ABUSE the system. Not PEOPLE.”
The Transportation Security Administration has recommended firing seven employees at Philadelphia International Airport, the agency said Friday.
The announcement came after an eight-month investigation that revealed that the employees were involved in bribery.
According to TSA:
A training instructor responsible for administering annual proficiency exams was found to have accepted payment from TSA security officers to ensure passing grades. The training instructor pleaded guilty in Federal District Court on Feb. 28, 2012, to a charge of bribery.
No One In Particular • June 15, 2012 6:29 PM
Didn’t see any mention of the CloudFlare attack that occurred earlier this month:
http://blog.cloudflare.com/the-four-critical-security-flaws-that-resulte
Social engineering, the bypassing Google’s two-factor authentication, and poor system administration practices make for a pretty interesting story.
Nick P • June 15, 2012 8:10 PM
@ Someone in particular 6:29pm
Yeah i oddly saw the Cloudfare attack report around when i was evaluating their claims to resist DDOS attacks. Good news for them is they seem honest on that one: LulzSec successfully used them to defend their site while attacking people. Cloudfare’s spokesman said it was the best pentesting they could get & came largely free of charge haha.
Nick P • June 15, 2012 8:34 PM
Short summary of post in other squid thread
It seems high assurance security certification is truly dead in market for anything more complicated than a kernel or data diode. Products certified high assurance under old rules (B3/A1) were ordered to undergo costly reevaluations to modern eauivalents EAL 6/7.
Products surviving old market collapse were GEMSOS (A1), Boeing SNS (A1), and XTS-400 (B3). GEMSOS couldnt afford re-evaluation, BAE dropped XTS-400 to EAL5+, and SNS’s EAL7 evaluation recently resulted in a very augmented EAL5 rating.
Boeing is a major defense contractor with a big budget and guaranteed contracts. The product is just a guard. They have much experience in assuring guards. They apparently see no reason to invest in an EAL6/7 rating. If big Boeing cant justify it, then is there reason anymore for American companies to produce truly secure systems? At the moment, it seems not.
Neek • June 15, 2012 10:41 PM
Oh no, they are searching for a host!!!
Daniel • June 15, 2012 11:15 PM
@no one
What has bothers me about that attack is how elaborate it is. This wasn’t done by your typical Lolsec script kiddie. It was carefully and meticulously planned by someone who is competent at analyzing various systems in multiple companies and exploiting their weaknesses. I am also impressed by the agility of his mind when he got caught in the act (something that I think caught him off guard). That was some quick thinking on his feet.
At the end of the day this hack should probably be considered a failure but if only one person was behind it I have no qualms about saying I’m impressed.
Willy • June 15, 2012 11:25 PM
Revenge of the squid?
Petréa Mitchell • June 16, 2012 10:27 AM
Preliminary US crime statistics from 2011 show violent crime dropping overall again. Burglary is up a smidge, and there’s been a spike in murders in small towns that no one has any idea how to begin to explain.
QuirkyNickName • June 16, 2012 1:55 PM
I saw this cartoon a few weeks back. Kept meaning to mention it….
http://freefall.purrsia.com/ff2200/fc02192.htm
You just have to love those lines: “Those records are supposed to be private.” “Why do humans keep thinking that minimum wage buys undying loyalty?”
WhiskersInMenlo • June 16, 2012 5:33 PM
Interesting bug in MySOL
http://seclists.org/oss-sec/2012/q2/493
While quickly fixed was the fix quickly deployed?
Hector • June 16, 2012 8:22 PM
That story is totally blowing up the squid blogosphere.
Ottawa airport wired with microphones as Border Services prepares to record travellers’ conversations
www – ottawacitizen – com/news/Ottawa+airport+wired+with+microphones+Border+Services/6788759/story.html
Lord Yarlble • June 17, 2012 2:31 PM
http://www.theregister.co.uk/2012/06/14/pgp_seal_encrypted_communications/ — Zimmermann (PGP) and some unwieldy Seals are cooking up a new and improved encrypted communications scheme.
Nick P • June 17, 2012 5:50 PM
@ Lord Yarlble on Silent Circle
Clive posted it and i gave my initial thoughts on the effort at the link below. Not positive impression from their ad at all.
http://www.schneier.com/blog/archives/2012/06/friday_squid_bl_330.html#c787856
GStarr • June 17, 2012 8:26 PM
Have you heard of any link between the recent “state sponsored” Gmail hacks and malware running on Android phones? Gmail at least on some Android devices is “always on”, i.e.; cannot be logged out. If Gmail is hacked/infected, then phones (could be) too. Do you agree? Has anyone heard of this happening, or have any proof that it does happen?
Tamara Benson • June 17, 2012 10:12 PM
I quit eating Squid in 2003 when I saw a PBS show about how the cellular structure of their eyes is so very similar to human eyes. 🙂
Cannibalism isn’t for me.
Since then I’ve learned a lot of reasons not to kill our ocean, and seen how interdependent we and sea life are.
No Polly Anna here, just hoping to survive without eating something that might save me. 🙂
By the way, I’ve been learning to pay attention to how my body reacts to different foods–and if something makes you feel lousy later, (pork does that to me) or gives you gas, etc, maybe our bodies are trying to tell us what we can handle and what we shouldn’t.
Knowing could improve quality of life, even if no guarantees for quantity.
bon appetit guys!
Wael • June 18, 2012 12:10 AM
@ GStarr,
The only way I know of to delete your gmail account from your android phone is to do a factory reset on the phone. I don’t like that and wondered why it behaves that way. Same applies to Google voice, once you sign up, you cannot delete your account. You can remove the numbers of the phones that are forwarded, but you can not delete your account. That was a year ago. Not sure if they changed that.
gun_mortimer • June 18, 2012 2:36 AM
Here we go again, the web site of a hospital equipment provider riddled with malware… and hospitals downloading malware infested updates for respirators and the like … Just plain scary … From threatpost: http://threatpost.com/en_us/blogs/software-update-site-hospital-respirators-found-riddled-malware-061412
Erich Schmidt • June 18, 2012 7:19 AM
Does anyone understand this? Game theory, stackelberg, TSA.
Figureitout • June 18, 2012 8:56 AM
@Gstarr
I never used the email address I had to make to use the phone, but like Wael said, I know Google voice would remain activated. Very frustrating. Instantaneously after turning it off, it would turn itself right back on. Plus, apps that I didn’t download would turn up on my phone. Was glad to get rid of the p.o.s., it serves as a second alarm clock now 🙂
Petréa Mitchell • June 18, 2012 11:35 AM
Erich Schmidt:
The post asks whether an approach based on game theory is can be helpful in designing airport security strategies. It raises some good questions about whether the type of game under discussion even properly models the problem, and then answers them with an unsupported assertion that yes, it works and everything is cool.
Erich Schmidt • June 18, 2012 12:07 PM
Thanks Petréa — for the information, and for the laugh you gave me!
Daniel • June 18, 2012 9:00 PM
I know it’s Monday but did anyone see this:
https://www.nytimes.com/2012/06/17/opinion/sunday/how-depressed-people-use-the-internet.html
“What are the practical applications of this research? We hope to use our findings to develop a software application that could be installed on home computers and mobile devices. It would monitor your Internet usage and alert you when your usage patterns might signal symptoms of depression.”
Well, if having an internet program that watches my every activity in the name of my “health” doesn’t depress me, I don’t know what will.
jacob • June 19, 2012 9:19 AM
@daniel.
Interesting. It might explain my ISP.
“Let’s piss him off a little bit more and then we better stop”…. 😉
Richard • June 19, 2012 10:17 AM
I recently ordered “Liars and Outliers” from the local library. Ironically, while it was being held for me to pick it up, somebody stole it.
Clive Robinson • June 19, 2012 5:19 PM
OFF Topic:
It would appear that the cat&mouse story of Julian Assange has taken another weird step…
http://www.bbc.co.uk/news/uk-18514726
He walked into the London embassy of Ecuador and asked for asylum. Apparently he believes he was about to be shipped off to Sweden prior to his latest attempt to get the extradition order quashed.
It appears this may not be unrelated to an offer made back in 2010 by Ecuador to offer Mr Assange residency, which in of it’s self has a few twists and turns.
ON another matter the EFF are supporting the “Internet Archive” in a legal case against Washington State,
https://www.eff.org/press/releases/internet-archive-sues-stop-new-washington-state-law
Put simply Washington State has enacted a badly written law (SB-6251) that flies in the face of US Federal law.
In essence it’s purpose is to make online service providers criminally liable for providing access to third parties’ offensive materials, and on the face of it, it would appear to have laudable goals. But in practice it is to broadly written in very vague terms thus making it dangerous in many respects. Further it brings it squarly into conflict with Section 230 of the Communications Decency Act, which is current Federal law which adequately covers what SB-6251 attempts to cover so badly.
Oh and “one for the parents”… How is you kids maths? are they any good at division, fractions or surds?
If not they may not be able to hack it in our modern world according to some reasurch,
http://www.sciencedaily.com/releases/2012/06/120615114057.htm
Of course underpining all of this as normal is a good knowledge of primes 😉
omg that is too funny!
Subscribe to comments on this entry
Leave a comment
Sidebar photo of Bruce Schneier by Joe MacInnis.
Pete • June 15, 2012 4:44 PM
Eww. I’ll take a raincheck on the calamari.