Weekend Reading
FBI Mined Grocery Store Records to Find Iranian Terrorists
Like Hansel and Gretel hoping to follow their bread crumbs out of the forest, the FBI sifted through customer data collected by San Francisco-area grocery stores in 2005 and 2006, hoping that sales records of Middle Eastern food would lead to Iranian terrorists.
The idea was that a spike in, say, falafel sales, combined with other data, would lead to Iranian secret agents in the south San Francisco-San Jose area.
The brainchild of top FBI counterterrorism officials Phil Mudd and Willie T. Hulon, according to well-informed sources, the project didn’t last long. It was torpedoed by the head of the FBI's criminal investigations division, Michael A. Mason, who argued that putting somebody on a terrorist list for what they ate was ridiculous — and possibly illegal.
A check of federal court records in California did not reveal any prosecutions developed from falafel trails.
[Only In America] Take a look HERE.
==================================================================
The Borrower Who Never Was
In May 2002, Las Vegas resident Adam Gregory went on a business trip to Phoenix. He stayed at the Ritz-Carlton and charged the $1,082 bill to his American Express card - or so financial records show. In fact, Mr. Gregory didn't live in Las Vegas, never held a job and wasn't even a real person.
Rather, Mr. Gregory was a "synthetic" identity - a person who appears real on paper but is actually a fraudster's concoction designed to trick financial institutions into granting loans and issuing credit cards.
Read the article HERE.
==================================================================
Another Way to Evade NIDS
Although online privacy is something we always need to take care of, the use of anonymous proxy services could lead to trouble as well. First of all, the use of SSL prevents NIDS and most desktop-based IPS from checking those resources visited through the proxy, leaving the desktop antivirus with the full burden of protecting the computer. Then, in an enterprise environment, these systems can bypass security policies through URL and traffic encoding, allowing internal users to browse resources that would otherwise be restricted. For example, this could lead to users checking their private Web emails and downloading those "funny jokes" sent by their friends, unfiltered by the corporate network.
Read the article HERE.
==================================================================
How to build a nuclear device in your home
First, obtain about 50 pounds (110 kg) of weapons grade Plutonium at your local supplier. A nuclear powerplant is not recommended, as large quantities of missing Plutonium tends to make plant engineers unhappy. We suggest that you contact your local terrorist organization, or perhaps the Junior Achievement in your neighborhood.
Take a look HERE.
In next month's column, we will learn how to clone your neighbor's wife in six easy steps. This project promises to be an exciting weekend full of fun and profit. Common kitchen utensils will be all you need.
==================================================================
Microsoft unwraps Windows Live desktop suite
Microsoft's Windows Live services are living up to their name by going live, losing the "beta" label and becoming available as a free, Windows suite of six Web-connected applications. The suite includes Windows Live Mail, which integrates with Hotmail and supports POP and IMAP. Among the other complete, desktop services are Windows Live Messenger and Windows Live Writer for composing blog posts. Windows Live Photo Gallery manages picture albums that can be uploaded to Microsoft Spaces, MSN Soapbox or Yahoo's Flickr.
Take a look HERE.
==================================================================
The latest on troubleshooting Leopard
While some of us are still waiting to get our hands on the new Apple OS, the guys over at APC mag have been putting the cat through its paces. They've published a couple of useful articles looking at the state of play with application compatibility and Leopard, as well as an interesting article looking at the features which Apple seems to have dumped from their new OS.
Take a look HERE.
==================================================================
Not all Russians Are Bad
Over the past few weeks thousands of Russian bloggers have united to combat a pharmaceutical scam that tried to persuade Russian pensioners to spend around half of their annual pension on a course of Gravikol 21 - ‘anti-arthritis’ drugs that were actually little more than vitamin pills.
In perhaps the most startling expression of their offline power, Russia’s bloggers made 21 million (!) phone calls to the offending company’s switchboard, forcing it into meltdown.
Take a look HERE.
==================================================================
Computer scientist fights threat of ‘botnets’
Computer scientist Paul Barford has watched malicious traffic on the Internet evolve from childish pranks to a billion-dollar “shadow industry” in the last decade, and his profession has largely been one step behind the bad guys. Viruses, phishing scams, worms and spyware are only the beginning, he says.
Take a look HERE.
==================================================================
Hacker Curriculum: How We Can Use It in Teaching
Dartmouth’s Computer Science Department has been offering a course in security and privacy since the 2000–2001 academic year. The class’s particulars have varied widely over the years in response to both the ever-shifting nature of the security landscape and the course instructors’ evolving interests. However, the goal has remained the same: give students a sense of the security and privacy issues that arise when software leaves the lab and gets exposed to the misuse and abuse of real users—malicious and otherwise. An introduction to the attackers’ view and methods is an irreplaceable part of this process.
Read the article HERE.
Like Hansel and Gretel hoping to follow their bread crumbs out of the forest, the FBI sifted through customer data collected by San Francisco-area grocery stores in 2005 and 2006, hoping that sales records of Middle Eastern food would lead to Iranian terrorists.
The idea was that a spike in, say, falafel sales, combined with other data, would lead to Iranian secret agents in the south San Francisco-San Jose area.
The brainchild of top FBI counterterrorism officials Phil Mudd and Willie T. Hulon, according to well-informed sources, the project didn’t last long. It was torpedoed by the head of the FBI's criminal investigations division, Michael A. Mason, who argued that putting somebody on a terrorist list for what they ate was ridiculous — and possibly illegal.
A check of federal court records in California did not reveal any prosecutions developed from falafel trails.
[Only In America] Take a look HERE.
==================================================================
The Borrower Who Never Was
In May 2002, Las Vegas resident Adam Gregory went on a business trip to Phoenix. He stayed at the Ritz-Carlton and charged the $1,082 bill to his American Express card - or so financial records show. In fact, Mr. Gregory didn't live in Las Vegas, never held a job and wasn't even a real person.
Rather, Mr. Gregory was a "synthetic" identity - a person who appears real on paper but is actually a fraudster's concoction designed to trick financial institutions into granting loans and issuing credit cards.
Read the article HERE.
==================================================================
Another Way to Evade NIDS
Although online privacy is something we always need to take care of, the use of anonymous proxy services could lead to trouble as well. First of all, the use of SSL prevents NIDS and most desktop-based IPS from checking those resources visited through the proxy, leaving the desktop antivirus with the full burden of protecting the computer. Then, in an enterprise environment, these systems can bypass security policies through URL and traffic encoding, allowing internal users to browse resources that would otherwise be restricted. For example, this could lead to users checking their private Web emails and downloading those "funny jokes" sent by their friends, unfiltered by the corporate network.
Read the article HERE.
==================================================================
How to build a nuclear device in your home
First, obtain about 50 pounds (110 kg) of weapons grade Plutonium at your local supplier. A nuclear powerplant is not recommended, as large quantities of missing Plutonium tends to make plant engineers unhappy. We suggest that you contact your local terrorist organization, or perhaps the Junior Achievement in your neighborhood.
Take a look HERE.
In next month's column, we will learn how to clone your neighbor's wife in six easy steps. This project promises to be an exciting weekend full of fun and profit. Common kitchen utensils will be all you need.
==================================================================
Microsoft unwraps Windows Live desktop suite
Microsoft's Windows Live services are living up to their name by going live, losing the "beta" label and becoming available as a free, Windows suite of six Web-connected applications. The suite includes Windows Live Mail, which integrates with Hotmail and supports POP and IMAP. Among the other complete, desktop services are Windows Live Messenger and Windows Live Writer for composing blog posts. Windows Live Photo Gallery manages picture albums that can be uploaded to Microsoft Spaces, MSN Soapbox or Yahoo's Flickr.
Take a look HERE.
==================================================================
The latest on troubleshooting Leopard
While some of us are still waiting to get our hands on the new Apple OS, the guys over at APC mag have been putting the cat through its paces. They've published a couple of useful articles looking at the state of play with application compatibility and Leopard, as well as an interesting article looking at the features which Apple seems to have dumped from their new OS.
Take a look HERE.
==================================================================
Not all Russians Are Bad
Over the past few weeks thousands of Russian bloggers have united to combat a pharmaceutical scam that tried to persuade Russian pensioners to spend around half of their annual pension on a course of Gravikol 21 - ‘anti-arthritis’ drugs that were actually little more than vitamin pills.
In perhaps the most startling expression of their offline power, Russia’s bloggers made 21 million (!) phone calls to the offending company’s switchboard, forcing it into meltdown.
Take a look HERE.
==================================================================
Computer scientist fights threat of ‘botnets’
Computer scientist Paul Barford has watched malicious traffic on the Internet evolve from childish pranks to a billion-dollar “shadow industry” in the last decade, and his profession has largely been one step behind the bad guys. Viruses, phishing scams, worms and spyware are only the beginning, he says.
Take a look HERE.
==================================================================
Hacker Curriculum: How We Can Use It in Teaching
Dartmouth’s Computer Science Department has been offering a course in security and privacy since the 2000–2001 academic year. The class’s particulars have varied widely over the years in response to both the ever-shifting nature of the security landscape and the course instructors’ evolving interests. However, the goal has remained the same: give students a sense of the security and privacy issues that arise when software leaves the lab and gets exposed to the misuse and abuse of real users—malicious and otherwise. An introduction to the attackers’ view and methods is an irreplaceable part of this process.
Read the article HERE.
posted by vanish at 7:43 AM
0 Comments:
Post a Comment
<< Home