Miscreant UAV
George Leopold, writing for Defense Systems, regales us with the notion of the new in-security platform of choice - namely, drone-based surveillance systems capable of the usual bad behaviors - sniffing, rogue network creation, air/war driving and what not.
Feet of Clay
Municipalities just as private corporations, engage in seemingly mad, long dashes for revenue; to what end? In this case, speeding and red light traffic infraction generated income is the goal, whilst minimizing law enforcement hands on in the process. Unfortunately, the corporate entity that facilitates that revenue stream with traffic recording devices and cameras apparently possess clear-cut, if you will, evidence of proverbial feet of clay...
Traffic Infrastructure, Security of
via the SCADASEC mail list, comes this well crafted paper entitled, appropriately enough: Green Lights Forever: Analyzing the Security of Traffic Infrastructure, authored by Branden Ghena, William Beyer, Allen Hillaker, Jonathan Pevarnek, and J. Alex Halderman [all members of the University of Michigan's Electrical Engineering and Computer Science Department]. Detailing the both the obvious, and necessarily, the not so obvious nature of the movable feast we have created on our nations, and the world' streets. Today's' Must Read.
The Shaming →
Evidently, Public Shaming, a la 16th Century European public pillorying and taunt, is the vogue, when targeting mindless, and therefore vulnerable, web deployments. The latest body incarnate example of this manouevre, is HTTP Shaming, a Tumblr blog dedicated to exposing the less-than-well-planned-sites floating around our interweb.
NIST, IAPP Privacy Workshop Slated →
Maybe, just maybe, there is scientific hope for the Right to Privacy. At once, ruminating upon the Declaration of Universal Human Rights*** and the United State's 4th Amendment to the Constitution** , hope doth, truly spring eternal...
The National Institute of Standards and Technology has announced the second co-sponsored Privacy Engineering Workshop, slated for the 15th and 16th of September, 2014 in San Jose, California. Co-sponsored with the International Association of Privacy Professionals, the Workshops mandate is a focus on engineering objectives (in draft) and the necessitated Risk Model (that model was a key output of the first Privacy Workshop).
Constitution of the United States, Amendment IV**
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
Universal Declaration of Human Rights, Article 12***
No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.
DARPA's 7 →
In which, the magickal number seven is the sum total of methods utilized to authenticate under considerable contemplation at DARPA.
Spiked, The Litany of BGP
AnandTech's Brett Howse on the latest debacle of Border Gateway Protocol [BGP] and the spike's effect on our beloved Interweb. Go figure...
MonsterMind
via the inimitable Kim Zetter, Senior Staff Writer at Wired, comes this staggeringly well crafted piece on the United States National Security Agency / Central Security Service's work to create a tool known as MonsterMind. The natural progeny of encompassing surveillance, is the capability to detect and mitigate malware in the wild.
Net Commentary →
Fascinating Infographic of public commentary, this time, focusing on the interweb , as it were.
CryptoWall, Redux
Do you need further proof that advertising is intrinsically evil? I'll wager not, especially in the case of the obviously idiotically managed, and therefore open-to-exploitation Yahoo Ad Network. It's one exploit after another for these poor fools... Profoundly and Blatantly Stupid.
'In January, for instance, Fox IT reported that visitors to Yahoo’s website were bombarded with malicious adverts that attempted to infect computers with a wide array of financially-motivated malware. Later in the same month, there were claims made that Bitcoin-mining malware had been spread via Yahoo ads...' via Graham Cluely
News of Bletchley Park
Bletchley Park has released the August 2014 edition of the Trusts' podcast series, this time, entitled 'Inspiring Women' in cryptanalysis; in which, the Trust focuses on the work women accomplished at Bletchley Park during World War II.