Wireless security in London
still no good.
With a hand-held scanner, researchers were able to pick up information from company wireless networks by simply driving around the streets of London. The research identified that 63 per cent of the networks surveyed were left on default configuration, which clearly identifying the company owning the data and where it was coming from.
The dumbing down of security
New M$ security initiative for the non-expert, covered by The Register:
...this week it offered a small concession - an email newsletter intended to cover the same territory as the TechNet security notification service, but in less technical language.
Old IDS theory hangs up its gloves
Make way for new technology story linked from SNP:
“What we're saying here is that [the] original notion of IDS has just fallen over at this point” The problem is that an IDS that flags anything possibly malicious simply produces too many alerts, says the analyst. “If you're dealing with more alerts than you can interpret, it doesn't do you any good.”
The walls come down and the surveillance cameras go up...
TIA update in NYC courtesy cryptome:
6th grader changes grades
The boy told reading teacher Susan Seal he left his lunch in her room, according to a sheriff's report. Instead of retrieving his meal, he sat down at her computer, changed the grades of five reading assignments and saved the changes. Math teacher Tanya Schmidt saw the boy at the computer and asked what he was doing.
Jericho's take on Richard Clarke's departure. He's not sad to see him go.
The role of Cyber Security Czar is simple but important. Make informed decisions and recommendations so that the presidential administration can act responsibly in shaping legislation and standards that will affect the Internet. If such a czar is not making informed recommendations or finds himself using fear, uncertainty, and doubt as a tool to further his soon-to-be private sector life, then he isn't fit to hold the position. Grossly misstating facts to undermine the security and confidence of the Internet you are tasked to protect before entering the private sector that profits heavily off those insecurities is tantamount to fraud.
The Domestic Security Enhancement Act. Be afraid.
"I think the Department of Justice has concluded that it wants the ability to use these techniques in virtually every situation," says Marc Rotenberg, director of the Electronic Privacy Information Center. "This is breathtakingly bad. Apart from the dramatic expansion of government surveillance authority and government secrecy, (the DSEA) transfers enormous power from the Congress and the judiciary to the executive branch and gives the attorney general absolutely unprecedented authority. This is more than an assault on constitutional liberty--it is an attack on the constitutional system of checks and balances."