Posted: 09/01/10 06:00 AM
Blackberry has cut a deal with security officials in India, allowing them access e-mail and data sent using BlackBerry’s network. But the Indian government isn’t done yet. It’s now applying pressure to some other high-tech players.
Indian officials say they’re exploring ways to track the contents of conversations on Google’s video chat service and on Skype.
We speak with Fred Cate, a law professor at Indiana University who specializes in privacy and security, to understand what - if anything - security services gain when they try to mine massive amounts of information in search of terrorists.
Posted: 08/24/10 12:30 PM
Yesterday, body scan images were in the news thanks to a handful of U.S. Senators who want to know why 35,000 images taken of people walking into a federal courthouse in Florida were stored.
Today, Bruce Schneier noted a story on his blog about skeletal scans. The Wright State Research Institute is working on a system that would scan skeletal structures and match them with previously scanned skeletons. They say they could have this technology ready to go in a year, but it’s not going to make a difference until they have developed a database of skeletal scans for comparison.
by John Moe // Posted: 08/19/10 05:49 PM
By “you”, I mean your computer. By “kill”, I mean infect with malware. She’s going to infect with malware your computer. And by “going”, I mean might.
But Tom Cruise is your computer!
Posted: 08/19/10 06:00 AM
Amid all the announcements Facebook has been making lately, there’s one feature you might not even know about. But you should. It’s called clickjacking. Maybe this has happened to you: you see a link that says “Justin Bieber’s phone number leaked” or “Top ten t-shirt fails”. Maybe it’s in an ad or maybe it even appears to be posted by your friend.
So you click on it and that’s where the trouble begins. You’re taken to page after page of buttons to click, surveys to take, and permissions to give. Unlike the rest of the web, the links are associated with your friends’ names so you trust them. One recent scam was secretly placing $5 weekly charges on users’ cell phone bills.
We talk to Beth Jones from internet security firm Sophos about how clickjacking works. We also check in with Mashable founder and CEO Pete Cashmore who talks about the advantages scammers have in working on Facebook.
Posted: 07/27/10 06:00 AM
Right now you can click on this link and go to a web site that features about 92,000 classified military documents relating to the war in Afghanistan. President Obama wishes you weren’t able to do that because, obviously, the documents are classified. Nevertheless, someone within the US military got a hold of them and passed them along to outside hands in the interest of making them public. Eventually the documents reached the website Wikileaks, which exists solely for the purpose of publicizing confidential information from governments and large organizations.
It’s a curious situation. On the one hand, you have these documents that couldn’t be published nearly as comprehensively and quickly anywhere but the web. And they’re published by an amorphous international organization that doesn’t have to worry about making the government upset. But on the other hand, the only way I was able to make sense of what was in the documents was to read the coverage in mainstream news outlets like the New York Times.
We’ll leave it to you and the newspapers to sift through what’s in each document but we will examine the political and cultural landscape we’re now living in where such a release of documents is now possible. We hear some tape from an interview John Moe did with Julian Assange last winter about Wikileaks’ policies. Plus we hear from Micah Sifry, executive editor of TechPresident.com, and Jonathan Zittrain who teaches law and computer science at Harvard, where he is also the co-founder and co-director of the Berkman Center for Internet and Society.
By the way, the link at the top there probably doesn’t work since Wikileaks’ servers are completely overwhelmed with traffic.
by John Moe // Posted: 07/23/10 04:15 PM
So there’s this problem with Safari, in that it can let any website, even creepy ones you arrive at accidentally, see private information. Apple says it’s working on fixing that but until the do, you can do it yourself. This article walks you through the steps you can and perhaps should take.
By Larissa Anderson // Posted: 07/09/10 06:19 PM
John and I have been watching the story about Pfc. Bradley Manning unfold. He’s the soldier who’s accused of leaking the video of a 2007 deadly American helicopter attack in Baghdad and downloading over 150,000 diplomatic cables. We’ve been wondering about military security and how it’s possible that someone can get a hold of that much highly classified information. An article in the New York Times says the soldier has Lady Gaga to thank for some of that information. He was able to walk out with secret information on a data cd disguised as a Lady Gaga music cd. Because no one suspects a guy humming "Disco Stick" at the computer.
by John Moe // Posted: 07/09/10 06:00 AM
Wednesday’s Wall Street Journal reports on a new classified project by the National Security Agency codenamed Perfect Citizen. The NSA is working with companies and government agencies that run critical infrastructure to put sensing devices on their computer networks.
Siobhan Gorman reported the story for the Journal. We speak to her for an explanation of how it will work and, since it’s classified, how much we’re ever likely to learn about it. We also check in with Stewart Baker who served as Assistant Secretary for the Department of Homeland Security. He’s the author of a new book, Skating on Stilts: Why We Aren’t Stopping Tomorrow’s Terrorism.
And to lighten things up, just a bit, we briefly examine the curious case of the Double Rainbow Oh My God video.
by John Moe // Posted: 07/08/10 11:17 AM
The Wall Street Journal reports on a project to build a program to detect cyber attacks on utilities, infrastructure, and corporations. Headed by the NSA, it’s being estimated as a $100 million project with Raytheon having won the contract. No one’s confirming it on the public record but the Wall Street Journal has the story. The project, called Perfect Citizen for some reason, would employ a series of sensors to detect when a cyber attack may be taking place. It’s not intended to thwart the attack, just to sound an alert. It also wouldn’t constantly monitor everything, just make regular patrols. Think of it as a watch dog that patrols the yard and barks when it sees something suspicious.
by John Moe // Posted: 06/04/10 11:44 AM
Google data collection mess gets messier
China blocking Foursquare
U.S. Cyber Command wants to ‘operate freely’ to protect and defend computer resources
Is YouTube about to offer live streaming? Because shouldn’t everything be more like Chatroulette?
Microsoft Patch Tuesday is coming. Stores have had decorations up for months, of course
Could Microsoft be buying AOL? “Welcome! You’ve got Ballmer!”
Get energy from the stars
Car charging stations coming to town
Gadget tells you when you need a break. Thanks, gadget
by John Moe // Posted: 06/04/10 11:10 AM
Me, I like to get back together with all my old friends from the Windows 7 launch parties I went to. Good times. Good. Times.
On Tuesday, Microsoft will issue ten Security Bulletins addressing 34 vulnerabilities. Some of these are rated “Critical,” which means that a hacker could take control of an infected computer. After our talk with Mark Bowden about Conficker, it seems possible that these patches are both important and ultimately futile, since many people don’t pay attention to these kinds of things and many are using an illegal form of Windows. So they’ve got all the vulnerability and no access to patches.
By Larissa Anderson // Posted: 06/04/10 11:01 AM
U.S. Cyber Command wants to “operate freely” to protect and defend computer resources
On Thursday, General Keith Alexander who heads the U.S. Cyber Command spoke out for the first time since the agency was activated in late May. He warned that the U.S. Defense Department has to have the ability to “operate freely and defend its resources in cyberspace.” He said that right now, unauthorized users probe Defense Department systems about 250,000 an hour – more than 6 million times a day.
Congress is already weighing this issue – Sen. Lieberman this week introduced a bill that would give the Dept. of Homeland Security the authority to make sure “critical infrastructure” doesn’t get cut in the event of a cyber attack.
Posted: 06/01/10 06:00 AM
It’s only a little package of data. Maybe 2000 lines of computer code, a barely noticeable drop of water in the ocean of your computer. But the Conficker worm, once it’s wormed it’s way in, can hijack your system and use your processing power for criminal activities. Conficker is already inside millions of computers around the world, possibly yours even though you don’t know it, and it’s all being controlled by an anonymous bad guy who hasn’t been found.
This sounds like science fiction but it’s actually happening. We talk to Mark Bowden of The Atlantic about Conficker. He explains how the worm, despite it’s broad reach, has never really been activated but if that secret bad guy chooses to flip the switch and wake Conficker up, it could form a sort of computer zombie army that could take down the online systems of companies, banks, even governments.
by John Moe // Posted: 05/19/10 12:18 PM
Posted: 05/19/10 08:29 AM
Anyone who’s driven a car made in the last few years knows that they are chock full of computers. A trip to the garage for repairs will drive that fact home, sometimes painfully. But if your desktop computer is vulnerable to security flaws, worms, malware, and all the other problems that go with computing, doesn’t it stand to reason that your car might be as well? A team of researchers from the University of California, San Diego and the University of Washington set out recently to learn how vulnerable your car is to bad guys and whether someone could infiltrate your computer and, say, cut the brakes electronically. We talk to one of the researchers, Stefan Savage, who tells us what his team found out.
by John Moe // Posted: 05/18/10 11:06 AM
by John Moe // Posted: 05/17/10 12:26 PM
Mark Bowden of The Atlantic has a pretty amazing article on the Conficker worm and how powerless we all are against it. From the lede:
When the Conficker computer “worm” was unleashed on the world in November 2008, cyber-security experts didn’t know what to make of it. It infiltrated millions of computers around the globe. It constantly checks in with its unknown creators. It uses an encryption code so sophisticated that only a very few people could have deployed it. For the first time ever, the cyber-security elites of the world have joined forces in a high-tech game of cops and robbers, trying to find Conficker’s creators and defeat them. The cops are failing. And now the worm lies there, waiting…