Online Privacy ! No Such Thing.

September 23, 2006 @ 1:57 pm

A very compelling argument…a must read !!

Earlier this month, the popular social networking site Facebook learned a hard lesson in privacy. It introduced a new feature called “News Feeds” that shows an aggregation of everything members do on the site, such as added and deleted friends, a change in relationship status, a new favorite song, a new interest. Instead of a member’s friends having to go to his page to view any changes, these changes are all presented to them automatically……
Privacy used to be about secrecy. Someone defending himself in court against the charge of revealing someone else’s personal information could use as a defense the fact that it was not secret. But clearly, privacy is more complicated than that. Just because you tell your insurance company something doesn’t mean you don’t feel violated when that information is sold to a data broker. Just because you tell your friend a secret doesn’t mean you’re happy when he tells others. Same with your employer, your bank or any company you do business with……..
But public perception is important. The lesson here for Facebook and other companies — for Google and MySpace and AOL and everyone else who hosts our e-mails and webpages and chat sessions — is that people believe they own their data. Even though the user agreement might technically give companies the right to sell the data, change the access rules to that data or otherwise own that data, we — the users — believe otherwise. And when we who are affected by those actions start expressing our views — watch out.

Complete WIRED News Article

Category News | No Comments

ATM Hack Uncovered

September 22, 2006 @ 1:03 pm

atm

A security expert in New York has learned how to get free money from some ATMs by entering a special code sequence on the PIN pad.

Last week, news reports circulated about a cyber thief who strolled into a gas station in Virginia Beach, Virginia, and, with no special equipment, reprogrammed the mini ATM in the corner to think it had $5.00 bills in its dispensing tray, instead of $20.00 bills.

Using a pre-paid debit card, the crook then made a withdrawal, and casually strolled off with a 300% profit in his pocket.

Foolishly, he left the ATM misprogrammed this way for 9 days — presumably to the delight of other customers — before a good Samaritan reported the issue and exposed the caper.

How, exactly, he pulled off the swindle remained unreported. Curious, Dave Goldsmith, a computer security researcher at Matasano Security began poking around. Based on CNN’s video, he identified the ATM as a Tranax Mini Bank 1500 series.

He then set out to see if he could get a copy of the manual for the apparently-vulnerable machine to find out how the hack worked. Fifteen minutes later, he reported success.

From Wired Blog

Category News | 1 Comment

Hezbollah Cracks Israeli Radio Code !

September 21, 2006 @ 12:25 am

Hezbollah fighters reportedly used Iranian-supplied technology to tap Israeli radio comms during last month’s war in southern Lebanon. The intelligence gleaned from these intercepts helped frustrate Israeli tank attacks, according to Hezbollah and Lebanese officials.

Military radio transmissions typically use frequency-hopping – switching between dozens of transmission frequencies per second as a means to frustrate jamming and interception – and encryption.

But troops in combat might sometimes make mistakes in following secure radio procedures, creating a possible means for Hezbollah eavesdropping teams to snatch valuable snippets of intelligence using kit capable of monitoring changing radio frequencies (if not capable of breaking scrambling codes).

from The Register

Category News | No Comments

Nazi Secret Messages in Fashion Drawings

September 5, 2006 @ 2:08 pm

Secret Messages

German spies hid secret messages in drawings of models wearing the latest fashions in an attempt to outwit Allied censors during World War Two, according to British security service files released on Monday.

Nazi agents relayed sensitive military information using the dots and dashes of Morse code incorporated in the drawings.

They posted the letters to their handlers, hoping that counterespionage experts would be fooled by the seemingly innocent pictures.

But British secret service officials were aware of the ruse and issued censors with a code-breaking guide to intercept them.

The book — part of a batch of British secret service files made public for the first time — included an example of a code hidden in a drawing of three young models.

See complete CNN News Article.

Category News | No Comments

Hackers Steal AT&T Customer Data

September 1, 2006 @ 2:08 pm

att

Hackers have obtained the credit card details of almost 19,000 online shoppers from telecoms giant AT&T.

The US company said it had notified shoppers at its online store of the security breach, which affected people buying high-speed DSL internet items.

Security was breached at the weekend, the company said, and online stores were quickly shut down in response.

AT&T said it would reimburse customers for any fraudulent transactions and pay for any necessary credit services.

There were no indications that fraudulent transactions had been carried out before the stolen information came to light, AT&T said.

more here..

Category News | No Comments

Chat Users to Report Child Abuse

August 26, 2006 @ 12:34 pm

Windows Messenger

Users of Windows Messenger can now report suspected sexual predators of children with a mouse click.

A “report abuse” icon will soon appear on the chat software as a result of work by the UK’s Child Exploitation and Online Protection Centre (CEOP).

Users will be encouraged to click the icon when they suffer or witness inappropriate sexual contact.

CEOP said, if necessary, reports would be passed to police forces around the world to track down sexual predators.

full story here..

Category News | 2 Comments

Fugitive Caught by Tracing Skype Call

August 25, 2006 @ 9:23 pm

Top Hi-Tech Fugitive Caught by Tracing Skype Call

Skype Logo

Kobi Alexander, the founder of Comverse, was nabbed in Negombo, Sri Lanka yesterday by a private investigator. He is wanted by the US government in connection with financial fraud charges. He is accused of profiting from some very shady stock-option deals, to the detriment of Comverse shareholders. Once the deals became public and he was indicted, he resigned as CEO and fled the US.

Alexander was traced to the Sri Lankan capital of Colombo after he placed a one-minute call using Skype. That was enough to alert authorities to his presence and hunt him down.

Ars Technica :

The fugitive former CEO may have been convinced that using Skype made him safe from tracking, but he—and everyone else that believes VoIP is inherently more secure than a landline—was wrong. Tracking anonymous peer-to-peer VoIP traffic over the Internet is possible (PDF File-George Mason University). In fact, it can be done even if the parties have taken some steps to disguise the traffic.

VoIP and law enforcement have been in the news lately, due primarily to the Communications Assistance for Law Enforcement Act. CALEA, passed in 1994, gives the FBI the ability to easily tap landline and cell phone calls. As written, CALEA had originally included some exemptions for Internet-based systems, but the FBI convinced the Federal Communications Commission that they should not apply to VoIP traffic. As a result, VoIP operators in the US will need to make their systems wiretap friendly.

If nothing else, Alexander’s capture reinforces the message that despite appearances, nothing we do on the Internet is truly anonymous.

Category News | No Comments

Police Decryption Powers ‘Flawed’

August 19, 2006 @ 1:33 am

encryption

The government faces criticism over plans to give police powers to make suspects produce readable copies of encrypted computer evidence.

“But the draft code of conduct has no guidance on weighing privacy against the demands of law enforcement,” said Caspar Bowden, former head of FIPR.

Already, he said, there had been one court case in which a suspect was acquitted after claiming a computer virus under someone else’s control had caused the offences for which he faced trial. Mr Bowden speculated that other suspects could use the same tactic or would fake a virus infection to get themselves off the hook.

“Will it deter the mass of honest users from properly securing their data?” said Mr Bowden.

Lord Phillips of Sudbury described RIPA as a “hair-raising” piece of legislation and expressed reservations about the effect the powers being given to police would have.

“You do not secure the liberty of our country and value of our democracy by undermining them,” he said. “That’s the road to hell.”

BBC News

Category News | No Comments

Hackers Clone E-Passports

August 6, 2006 @ 12:46 pm

Electronic Passport

A German computer security consultant has shown that he can clone the electronic passports that the United States and other countries are beginning to distribute this year.

“The whole passport design is totally brain damaged,” Grunwald says. “From my point of view all of these RFID passports are a huge waste of money. They’re not increasing security at all.”

Although countries have talked about encrypting data that’s stored on passport chips, this would require that a complicated infrastructure be built first, so currently the data is not encrypted.

“And of course if you can read the data, you can clone the data and put it in a new tag,” Grunwald says.

Wired News

Category News | No Comments

Satellite Images of Beirut Destruction

August 5, 2006 @ 9:25 pm

 Before Harat After Harat   
A close up of Beirut’s Harat Hurayk neighborhood before and after the Israeli bombing. (Digital Globe)

 Before Harat 2 After Harat 2
Beirut’s Harat Hurayk neighborhood before after the Israeli bombing. (Digital Globe)

Before  Airport After Airport
Beirut International Airport before and after the Israeli bombing. (Space Imaging)

Category News | No Comments