Security Blog |
7.6.2002
Damn Blogger! It's been down all day. Starting to play around with Moveable Type, but we'll have to see. Can't expect much from a free service. 7.5.2002
Status Not a lot going on news wise due to the holiday. I'll be around, but don't expect a flurry of posts. 7.4.2002
4th Have a good holiday everyone. I'm working on a new article. Hoping it'll go up early next week - detecting and removing malicious code. 7.3.2002
Wireless Sec ZDNet has a story on wireless security woes. One point I disagree with - warchalking is a product of the wifi sharing movement, not a tool of hackers. They don't need chalk marks, they'll find access points without them. 7.2.2002
The Pulpit Cringley has a scary take on Palladium. He thinks MS will use it to replace TCP/IP with something proprietary. I'm glad people are discussing the ramifications of such a system. If this goes through, as Cringley says, the Internet will become MSN. Let's understand here that not all Microsoft products are bad and many are very good. Those products serve real customer needs and do so with genuine purpose, not marketing artifice. But Palladium isn't that way at all. This is NOT about making things better for the user. This is about removing the ability for the end user to make decisions about how his or her computer functions. It is an effort by Microsoft to take literal ownership of Internet technology, Microsoft's "embrace and extend" strategy applied for the Nth time, though on a grander scale than we've ever seen before.
Read this It blew me away. A fascinating look into the infrastructure of the drug cartel. It's scary to think that the criminals might be more organized and advanced (technically) than the authorities. On a rainy night eight years ago in the Colombian city of Cali, crack counter-narcotics troops swarmed over the first floor of a low-rise condominium complex in an upscale neighborhood. They found no drugs or guns. But what they did find sent shudders through law enforcement and intelligence circles around the world. 7.1.2002
Bad Geek We're moving into the age of the criminal geek. The article also mentions how IT workers can be the target of intimidation and bribery. Criminal gangs were also likely to start hiring more people with technological know-how as computers increasingly become an important tool in crime, he said.
Finally I've waited a long time to see this in print: "The notion that somebody armed with a laptop in Peshawar, Pakistan, could bring down California's power grid is pretty far-fetched," said Kevin Terpstra, communications director for the California Department of Information Technology, an agency responsible for assessing the security of the state's computer systems. Nice to see some reality based reporting.
Kevin Mitnick - Author? The Art of Deception - a fictional account of social engineering techniques. Keyword - fictional. Wink, wink.
Anomaly Detection My new article on the state of Anomal Detection was published today at SecurityFocus. It's a fascinating technology which will help Intrusion Detection become more effective. Let me know what you think. 6.30.2002
More Palladium While reading the P2P article below, this piece on Palladium caught my eye. Lots of quotes.
We wouldn't have guessed Surprise. The representative pushing a new P2P vigilance law is from California. I wonder where his campaign contributions come from? |
