More developments on the US-China Commission's decision not to use Chinese manufactured PCs on the SIRPnet follow, an event I covered in a previous post "Espionage Ghosts Busters". The oficially stated attack vector, namely that "..a significant portion" of Lenovo is owned by the Chinese Academy of Sciences, an arm of the Chinese government." is nothing more than a healthy paranoia to me, one
Wednesday, 31 May 2006
Tuesday, 30 May 2006
The Global Security Challenge - Bring Your Know-How
Posted on 09:16 by Unknown
It's a public secret that the majority of innovative ideas come from either the academic enviroment, or plain simple entrepreneurial spirits. I find such annual competitions as a valuable incentive for both sides to unleash the full power of their ideas, or commercialize them - consciously or subconciously. SpaceShipOne is a case study on how elephants can't dance, or at least how they dance on
Covert Competitive Intelligence
Posted on 09:03 by Unknown
Yet another agreement on alleged covert competitive intelligence, this time, "WestJet Airlines says it’s sorry that members of its management team covertly accessed a confidential Air Canada website, and has agreed pay $15.5 million. In a joint news release from the two carriers, WestJet said that in 2003-2004, members of their management team "engaged in an extensive practice of covertly
Microsoft in the Information Security Market
Posted on 08:51 by Unknown
Microsoft is emptying its pockets with tiny acquisitions of security solution providers with the idea to target the masses in its all-in-one security service OneCare. There's nothing wrong with offering up to three licenses for $49.95 per year, at least not from a marketing point of view. Microsoft's Security Ambitions are getting huge "as it continues to reveal its security ambitions in very
No Anti Virus Software, No E-banking For You
Posted on 08:33 by Unknown
Malware and Phishing are the true enemies of E-commerce, its future penetration, and E-banking altogether. Still, there are often banks envisioning the very basic risks, and hedging them one way or another, as "Barclays gives anti-virus software to customers" "Barclays Bank is issuing UK internet banking customers with anti-virus software, as part of attempts to reduce online identity theft. The
Sunday, 28 May 2006
Who's Who in Cyber Warfare?
Posted on 06:34 by Unknown
Wondering what's the current state of cyber warfare capabilities of certain countries, I recently finished reading a report "Cyber Warfare: An Analysis of the Means and Motivations of Selected Nation States", a very in-depth summary of Nation2Nation Cyber conflicts and developments I recommend you to read in case you're interested. It covers China, India, Iran, North Korea, Pakistan, and, of
Saturday, 27 May 2006
Delaying Yesterday's "0day" Security Vulnerability
Posted on 11:47 by Unknown
I never imagined we would be waiting for the release of a "0day" vulnerability, but I guess that's what happens if you're not a customer of an informediary in the growing market for software vulnerabilities -- growth in respect to, researchers, infomediaries and security vulnerabilities. Stay tuned for "Exploit Of Windows 2000 Zero-day To Hit In June", and take your time to appreciate that it's
Forgotten Security
Posted on 11:35 by Unknown
It's one thing to expose a Pengaton conference's attendees list, and another Mr. Blair's security plans intended to protect the Prime Minister from a terrorist attack during the Labour Party conference". From the article : "Security plans intended to protect the Prime Minister from a terrorist attack during the Labour Party conference have been left in a hotel. The documents include a list of
Aha, a Backdoor!
Posted on 11:19 by Unknown
Security precautions can indeed blur the transparency of a company's financial performance -- one that's extremely important in the post-Enron corporate world. Under fire over some of the biggest corporate scandals during the last decade, the Securities and Exchange Commission (SEC) has been trying to change the data standards to ensure greater accountability and support decision makers. On the
Travel Without Moving - Korean Demilitarized Zone
Posted on 10:51 by Unknown
Continuing the travel without moving series, the Korean Demilitarized Zone remains a hot spot with North Korea publicly stating its ambtions of joining the nuclear club. How big of a threat is the statement anyway? I believe it's a desperate move from the North Koreans' side, while trying to put itself on the world's map again -- and the news of course. What they lost was the momentum, one that
Tuesday, 23 May 2006
Bedtime Reading - The Baby Business
Posted on 10:15 by Unknown
While not necessarily an AI, a Project 2501 type of living entity breakthrough development, there's a growing (underground) market for genetically modified newborns, a scary scenario that reminds of previous episodes (Criminal Nature) of the Outer Limits and of course Gattaca in all of its twisted beauty and utopian representation of Space as the "final destination".The Baby Business explains how
The Current, Emerging, and Future State of Hacktivism
Posted on 10:06 by Unknown
Zone-H recently reported yet another major hacktivism case in what's stated to be the biggest hacking incident in the web-hosting history-- single hack, multiple targets exposed and their audiences' attention "acquired". The very same type of tension happened several weeks ago due to the Muhammad cartoons. It may seem questionable whether Hacktivism would survive in today's for-profit online
Arabic Extremist Group Forum Messages' Characteristics
Posted on 09:56 by Unknown
Ever wondered what's the font size of a terrorist forum posting? These guys are really deep into using AI for gathering intelligence on various Cyberterrorism threats, and as you can see they neatly visualize their findings. "Applying Authorship Analysis to Extremist-Group Web Forum Messages" by Ahmed Abbasi and Hsinchun Chen, University of Arizona seem to have found a way, or at least patters of
Espionage Ghosts Busters
Posted on 09:35 by Unknown
In previous posts, "Insider Competition in the Defense Industry", and "The anti virus industry's panacea - a virus recovery button" , I gave examples of insider trading, of malware infecting border-screening computers, or the plain truth on how U.S "manufactured" PCs are actually assembled in China these days.Obviously, plain old paranoia without solid background still dominates as "
Nation Wide Google Hacking Initiative
Posted on 09:21 by Unknown
The idea of doing reconnaissance for the purpose of pen testing ormalicious activity through google hacking, has already reached levels of automation -- the problem is how the threat gets often neglected by those that actually suffer from a breach later on. I came across to an article pointing out that :"Anyone who wants to hack into sensitive information on New Zealand internet sites might be
Monday, 22 May 2006
Travel Without Moving - Cheyenne Mountain Operations Center
Posted on 08:16 by Unknown
It's a small world -- and a busy one, this post was supposed to appear the previous week so here it goes. There are certain places you just can't miss on the world's map, and the Cheyenne Mountain Operations Center is one of them. Remember the typical massive gate in the War Games movie, or in pretty much any other military/intelligence thriller you've watched? Try this one. Nuke it, EMP it, it's
Tuesday, 16 May 2006
Techno Imperialism and the Effect of Cyberterrorism
Posted on 06:20 by Unknown
It's been a while since I've last blogged about Cyberterrorism, and while many did mentioned the topic in between the recent DRDoS attacks, Cyberterrorism is so much more than simply shutting down the Internet, namely the ability to communicate, research, recruit and use propaganda to achieve goals based on ideological beliefs, or the convergence of Terrorism and the Internet.Can we argue that
Insider Competition in the Defense Industry
Posted on 05:49 by Unknown
While there aren't any smoking emails mentioned in this case, where else can we spot insiders if not in the defense industry, an industry where securing government-backed contracts, or teasing military decion makers with the latest technologies ensures the long-term existence of the business itself? From the article :"Boeing has been under investigation for improperly acquiring thousands of pages
EMP Attacks - Electronic Domination in Reverse
Posted on 05:21 by Unknown
Yesterday, I came across to an updated(April 14, 2006) CRS report - High Altitude Electromagnetic Pulse (HEMP) and High Power Microwave (HPM) Devices: Threat Assessments, a topic I covered in a previous post related to asymmetric warfare.Basically, it outlines critical issues such as, what is the U.S(or pretty much any other country thinking asymmetric warfare) doing to ensure critical civil
Monday, 15 May 2006
Valuing Security and Prioritizing Your Expenditures
Posted on 05:16 by Unknown
I often blog on various market trends related to information security and try to provide an in-depth coverage of emerging or current trends -- in between active comments. In previous posts "FBI's 2005 Computer Crime Survey - what's to consider?", "Spotting valuable investments in the information security market", "Why we cannot measure the real cost of cybercrime?", "Personal Data Security
Friday, 12 May 2006
Terrorist Social Network Analysis
Posted on 11:09 by Unknown
In previous posts "Visualization, Intelligence and the Starlight project" and "Visualization in the Security and New Media world" I covered various security and intelligence related projects and mostly emphasized on the future potential of visualizing data. Data mining is still everyday's reality -- social networking as well. Just came across this at DefenseTech :"It'd be one thing if the NSA's
Thursday, 11 May 2006
Travel Without Moving - Scratching the Floor
Posted on 05:55 by Unknown
You don't really need a reconnaissance satellite to spot this, it's precisely the type of "sight" you can see for yourself on daily basis -- but he's still moving isn't he? :)
Pocket Anonymity
Posted on 05:07 by Unknown
While the threats posed by improper use of removable media will continue to make headlines, here's a company that's offering the complete all-in-one pocket anonymity solution -- at least that's how they position it. From the article :"Last month, a company called Stealth Ideas Inc. of Woodland Hills, Calif., came out with its StealthSurfer II ID Protect. The miniature flash drive lets you surf
Is Bin Laden Lacking a Point?
Posted on 04:27 by Unknown
If I were to name the masters of PSYOPS, that would be terrorists, who without a super power's financial capabilities still manage to achieve the "media echo" effect they seem to be so good at. As you will eventually read in case you haven't though about it before, to me Al Jazeera always seems to be the launching platform given its strategic position in the region, and the rest of the world's
Pass the Scissors
Posted on 03:46 by Unknown
Counterfeiting U.S currency is a profitable business given its stability and actual valuation, and so is money printing! It's just that sometimes there are too much legally printed money as well, and the Fed is raising the interest rates for the sixteenth time during the last two years -- which doesn't stop it from making a buck in between. Did you know you could get Uncut Currency sheets "of
Snooping on Historical Click Streams
Posted on 03:16 by Unknown
In a previous post "The Feds, Google, MSN's reaction, and how you got "bigbrothered"? I gave practical advices on how can easily do your homework on the popularity of certain search terms and sites, without the need of issuing a subpoena. The other day, AlltheWeb (Yahoo!) introduced their Livesearch feature, seems nice, still it basically clusters possible opportunities. Now the interesting part
Tuesday, 9 May 2006
Wiretapping VoIP Order Questioned
Posted on 11:17 by Unknown
There's been a lot of buzz recently on the FCC's order requiring all VoIP providers to begin compliance with CALEA in order to lawfully intercept VoIP communications by the middle of 2007 . Yesterday, a U.S judge seems to have challenged the order, from the article :"The skepticism expressed so openly toward the administration's case encouraged civil liberties and education groups that argued
The Cell-phone Industry and Privacy Advocates VS Cell Phone Tracking
Posted on 06:19 by Unknown
I've once mentioned various privacy issues related to mobile devices, the growing trend of "assets tracking", and of course, cell phones tracking. Yesterday I came across to great summary of the current situation -- privacy groups make a point of it. From the article :"Real-time tracking of cell phones is possible because mobile phones are constantly sending data to cell towers, which allows
Monday, 8 May 2006
Shaping the Market for Security Vulnerabilities Through Exploit Derivatives
Posted on 11:47 by Unknown
In a previous post "0bay - how realistic is the market for security vulnerabilities?" I gave a brief overview of the current market infomediaries and their position, listed various research I recommend you to go through, and speculated on an auction based market model. During April, at the CanSecWest Security Conference "Groups argued over merits of flaw bounties" some quotes :"The only economic
Thursday, 4 May 2006
The Current State of Web Application Worms
Posted on 05:50 by Unknown
Remeber the most recent Yahoo! Mail's XSS vulnerabilities, or the MySpace worm? I just read through a well written summary on Web Application Worms by Jeremiah Grossman, from WhiteHat Security, "Cross-Site Scripting Worms and Viruses - The Impending Threat and the Best Defense", an excerpt :"Samy, the author of the worm, was on a mission to be famous, and as such the payload was relatively benign
Travel Without Moving - Typhoon Class Submarines
Posted on 04:50 by Unknown
In previous posts "Security quotes : a FSB (successor to the KGB) analyst on Google Earth", "Suri Pluma - a satellite image processing tool and visualizer", "The "threat" by Google Earth has just vanished in the air" I talked about various issues related to satellite imagery and security. Moreover, I'm also actively covering various emerging Space Warfare issues, and with the recent speculation
Wednesday, 3 May 2006
Biased Privacy Violation
Posted on 04:37 by Unknown
This is a very interesting initiative, going beyond the usual MySpace's teen heaven privacy issues, but directly exposing the mature audience in a way I find as a totally biased one. Girls writing stories on men that supposedly chated on them. DontDateHimGirl.com aims to :"DontDateHimGirl.com is an online resource for women who have shared the experience of dating a no-good man! Browse our search
Tuesday, 2 May 2006
April's Security Streams
Posted on 02:39 by Unknown
Hi folks, it's about time to quickly summarize April's Security Streams. As of today, my blog is officially six months old and the feeling of witnessing change and improvements has always been a pleasant one. Blogging "my way" takes a lot of time, that is, posts going beyond "preaching" but emphasizing on "teaching", a little bit of investigative research, full-disclosure, and constructive key
Subscribe to:
Comments (Atom)