Posts Tagged ‘Security’

On Apple’s Location Tracking

The controversy over Apple’s “Location Tracking” is quite interesting. It’s worth making clear that the nodes stored in the database are approximations of cell phone towers and WiFi hotspots you’re likely to encounter rather than your location(s) at any given point in time. It’s a way to “prime the well” when doing a GPS lookup […]

Quicken Security Theater

I don’t understand this one. The reason many (most) sites require you to confirm your password is to ensure you typed it correctly when creating your password, otherwise a typo would prevent you from logging back in correctly later. We’ve all “fat fingered” a password before. That simple confirmation step prevents it on creation. How […]

When The Laptop Watches You

Virtually everyone in the United States has now heard of the case in Lower Merion School District where administrators allegedly took thousands of pictures of students at home. They did this by using a school issued laptop that was equipped with a camera and software that could remotely access them. Kids often leave them in […]

Fourth Amendment In The Cloud

The Fourth Amendment in the United States Constitution reads: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, […]

Plugin Check

Mozilla’s Plugin Check just launched. Considering 30% of Firefox crashes are plugin related, and they are often the source of security issues, it’s worth making sure you’re up to date. It’s pretty simple to use. Just visit the page, and update the plugins that need to be updated. At the end of the day you […]

Google Chrome OS

The big news over the past 24 hours is the announcement of Google Chrome OS. Effectively Google Chrome OS is a stripped down Linux Kernel with just enough to boot Chrome/WebKit as it’s main UI. The exact UI paradigm hasn’t been reveled as of yet. Google claims: Speed, simplicity and security are the key aspects […]

How To Be More Secure With Your Data & Identity

It’s amazing how on a daily basis there’s a story about someone’s identity or data being stolen, personal info being misused, or just getting screwed via the Internet. Most of the time it’s due to a complete lack of standards regarding how people treat their digital property and identity. It’s the electronic equivalent of leaving […]

Elvis Takes Off

The other day I mentioned that it’s possible to clone a RFID passport, a massive security risk that the government seemingly doesn’t care to much about. It’s no longer really a proof of concept. Elvis now has an accepted RFID passport. That’s right. Mr. dead in 1977 Elvis Aaron Presley. The hack was done in […]

First CVE

I just found out the other day I found my first bug worthy of being a CVE (Common Vulnerabilities and Exposures) Candidate: CVE-2008-3747. Low profile, but I guess still a potential vulnerability. I must admit I didn’t know that the database is funded by the National Cyber Security Division of the United States Department of […]

How To Clone ePassports

How to clone ePassports (the ones that use RFID). Yet another piece of evidence that shows the technology is not ready for prime time. I’ve mentioned several times before what a failure RFID deployments in high security situations has been. This is just another example. [Via Bruce Schneier]