Sunday, August 26, 2007

Just because it's expensive doesn't mean it will work!

The $84 million Internet porn filter implemented just recently by the Australian government has been cracked by a teenager in just 30 minutes :) Read more...

This maybe a lesson to some people that in the world of computer security, big bucks alone can't solve their problems...

Friday, August 24, 2007

Solid State Drives in 2008

Seagate will be releasing solid-state drives based on flash memory chips in its storage devices next year. You will be able to grab a Laptop or Desktop PC next year with this baby in it. Read more

Saturday, August 18, 2007

Ubuntu Under Attack

Five of the eight Ubuntu community servers were compromised and used to attack other systems. The servers were shut down to deal with the compromise and are now back online. Canonical, the sponsor and manufacturer of Ubuntu, states the breach was due to more than 15 unpatched web applications running in parallel on the systems, out of date server software being used and the systems using unencrypted FTP.
reported on SANS... read full article.

Wednesday, August 15, 2007

Too much USB?

Now there are a lot of USB devices out there, but the items listed on this article, I didn't even dream would exist...

A fun read, I particularly liked the thumb size USB oil burner and the USB smoking accessories.

Check out the article on CIO.com : 20 USB Gizmos That Have No Place in the Enterprise (But You'll Love Just the Same)

E-Passport Vulnerable to Sabotage!!!

This is an interesting article about e-passports and buffer overflows in e-passport readers.

I think since there are some countries introducing e-passports (Maldives issued its first e-passport to the president and first lady on July 26 this year) it is important to be aware of the security issues involved in them.

There have been a number of security issues (including hacks that were demonstrated to the public) involving e-passports especially in the EU and USA. Some articles talk about how people can actually read the information stored on these RFID chips from a distance without the knowledge of the owner. So imagine someone being able to steal your biometric information such as facial or fingerprint information and store it on his own e-passport and... Well you get the idea!

Original Article: Wired - Scan This Guy's E-Passport and Watch Your System Crash

System Abuse

Recently I came across an interesting post on Schneier's blog on how people can abuse the system, especially if such systems aren't designed in such a way to avoid such vulnerabilities.

I will just quote as it was in the original article which was also quoted no his post.

" Defense lawyers in a number of other terrorism suspect cases accused informants of solely seeking financial boon by creating so-called terrorists that did not exist.

According to court records, Eldawoody was paid $100,000 over a period of 3 years.

Since Siraj's conviction, Eldawoody has his rent covered and receives a monthly stipend of $3,200.

According to The Washington Post, a police spokesman indicated the direct payments to Eldawoody would likely continue "indefinitely."

With such incentives, critics argue, informants are likely to be created out of thin air to join the "inform-and-cash" industry.

Meanwhile, the Muslim community across the country is feeling the heat of being closely watched.

"This is creating mistrust between our community and law enforcement officials," Ayloush said.

In light of their extensive criminal records, Ayloush added, these individuals would neither qualify as police officers nor as FBI agents, yet they are on the payroll of law enforcement agencies and are allowed to do law enforcement work.

"We all respect hardworking law enforcement agents," Ayloush said. "But mercenary informants? Hardly." "

Original Article: Southern California InFocus: Is Big Brother at your mosque?

...