More political hacking talk
Just got around to the NYTimes and found this piece - definitely related to the post below. "Guerilla warfare, waged with code."
"They are computer scientists who have principled causes," said Ronald J. Deibert, an associate professor of political science at the University of Toronto who has studied the activities of such groups and runs the Citizen Lab, a political science technology laboratory that supported Mr. Villeneuve's work. "They are developing technologies not for commercial purposes, but for political purposes."
Doc Searls links to an interesting article on how the media covers hacking. The paper's abstract follows.
Hacktivists or Cyberterrorists? The Changing Media Discourse on Hacking by Sandor Vegh
Some busy days ahead, this week and next, so I'm sure the posting will drop off. A move, some articles and lots of work. I'll try my best though.
A twist on the honeypot, as we've discussed before, but now with a cute name - wartrapping. The setup described in the article is very basic, but I'm interested in the results.
A "honeypot" trap consisting of a Wi-Fi-equipped laptop is the latest weapon against drive-by hackers. Set up at the London headquarters of consultants KPMG, the laptop looks to the outside world like a simple wireless access point, but contains monitoring software designed to determine the level of illicit activity.
Paying for security?
Looks like MS considers it to be a feature. I'm not surprised by this, in tough times, people push whatever sells. Right now, security is a feature some people are willing to place a premium on - and rightly so. But shouldn't it be built into a server operating system?
Asked why it has taken Microsoft 25 years to get trustworthy computing into the forefront of its efforts, he said: "Because customers wouldn't pay for it until recently." Admitting this was a flippant answer to a flippant question, Mundie said that chief information officers had only recently begun to demand security, and it is only in the last ten years that Microsoft has attempted to play in the security-requiring worlds of banking payroll and networked systems.
Sendmail was trojaned.
These files began to appear in downloads from the FTP server ftp.sendmail.org on or around September 28, 2002. The Sendmail development team disabled the compromised FTP server on October 6, 2002 at approximately 22:15 PDT. It does not appear that copies downloaded via HTTP contained the Trojan horse; however, the CERT/CC encourages users who may have downloaded the source code via HTTP during this time period to take the steps outlined in the Solution section as a precautionary measure.
The Wall Street Journal has a piece on hiring hackers. Here's the link, but I think you need to be a subscriber. It's also in the print edition, check it out.
Blogger is having some trouble today - they tweaked a bunch of code. The titles are messed up, couldn't publish from some of their servers. Hopefully this will be fixed soon.
The NYTimes has a cool article on a technique used to jam surveillance cameras - with a laser pointer. An interesting and active response to Big Brother...
His is a Little Brother response: using inexpensive laser pointers to temporarily blind those omnipresent electronic eyes. He plans to post his 13-page, single-spaced treatise on the subject this week on his Web site, www.naimark.net.
Yikes - has it been 5 days? It's been real busy - apologies for the lack of posts. We're in the process of moving and I'm working on a new article. Look for it in a week or two - mitigating distributed denial of service attacks. In the mean time, check out this story on "hackers".
If the hacker mentality were applied to mail, a mailbox would have to be armor plated, chained and locked so no one could possibly open it. Imagine how difficult it would be to build a mailbox at your home or office that was invulnerable to anyone who wanted to take out a letter "just to see if he could"?