Pages: 1 ... 5 6 7 8 9 10 ...11 ... 13 ...15 16

  2008-10-26

Twitter Terrorists -- Come On...

  By Hagai Bar-El   , 184 words
Categories: Security Policies

I could not miss this one in Wired.com.

Then the presentation launches into an even-more theoretical discussion of how militants might pair some of these mobile applications with Twitter, to magnify their impact. After all, “Twitter was recently used as a countersurveillance, command and control, and movement tool by activists at the Republican National Convention,” the report notes. “The activists would Tweet each other and their Twitter pages to add information on what was happening with Law Enforcement near real time.”

It seems as people are making an effort to ring the bell on just about anything. Twitter? Twitter is merely an application that facilitates instant messaging, like tons of others. Whatever can be done with Twitter can also be done with IRC, Web chat rooms, shout boxes (those little frames on websites that display whatever is written by guests to the website), and what not.

Yes, someone evil can use Twitter to pass messages to other evil people in the field, but the ability to pass instant messages along is a “problem” of ubiquitous network technologies, not of this or that particular product.

  2008-03-18

Firewire threat to FDE

  By Hagai Bar-El   , 320 words
Categories: Security Engineering

Full-Disk Encryption (FDE) suffers class attacks lately.

As if the latest research (which showed that RAM contents can be recovered after power-down) was not enough, it seems as Firewire ports can form yet an easier attack vector into FDE-locked laptops.

From TechWorld: Windows hacked in seconds via Firewire

The attack takes advantage of the fact that Firewire can directly read and write to a system’s memory, adding extra speed to data transfer.


The tool mentioned seems to only bypass the Win32 unlock screen, but given the free access to RAM, exploit code that digs out FDE keys is a matter of very little extra work.

This is nothing new. The concept was presented a couple of years ago, but I haven’t seen most FDE enthusiasts disable their Firewire ports yet.

Read more »

  2008-01-26

The TSA Does Not Get It Completely Wrong

  By Hagai Bar-El   , 537 words
Categories: Security Policies, Counter-media

Many homeland security experts preach against the approach to airport security taken by the TSA. The TSA’s mitigation efforts focus primarily on specific tactics that terrorists may use, rather than on more generalized, more effective, measures, such as intelligence. Airline security, according to the ones opposing the TSA’s acts, shall be in effect long before the terrorist reaches the airport. All existing mechanisms, such as scanning shoes, banning liquids, etc., are a waste of time and money and punish only the innocent.

I generally agree, but I do so with mixed emotions.

Read more »

  2008-01-13

An Interview on Secure Content Distribution

  By Hagai Bar-El   , 1148 words
Categories: Security Engineering

I was interviewed (by e-mail) for a project that preferred to remain undisclosed, on the future of secure content distribution. Enclosed are the (slightly modified) questions and answers.

Read more »

The iPhone Hack -- Security Done Wrong or Security Done Right?

  By Hagai Bar-El   , 552 words
Categories: Security Engineering, Counter-media

A while ago the iPhone was hacked so to make it usable on networks other than AT&T’s.

Since that moment, many opinions were sounded on how Apple could have done their security better and how the hack could have been eliminated. Moreover, some of the industries security experts went on to their desks to work out a stronger mechanism that can save the gigantic firm from such embarrassments in the future.

An obvious question comes up: couldn’t Apple, with its $167 billion market cap, afford to pay some good security designers to protect its assets on the iPhone?

Read more »

  2008-01-12

Airport Security: Israel vs. the United States

  By Hagai Bar-El   , 381 words
Categories: Security Policies

Last July, an interesting post appeared in Bruce Schneier’s blog. It’s called: Airport Security: Israel vs. the United States. It discusses the difference between airport security in Israel and in the U.S. The post quotes evidence showing that the airport security in Israel is based more on interrogation and less on mechanical scanning. Mr. Schneier commented:

Regularly I hear people talking about Israeli airport security, and asking why we can’t do the same in the U.S. The short answer is: scale. Israel has 11 million airline passengers a year; there are close to 700 million in the U.S. Israel has seven airports; the U.S. has over 400 “primary” airports — and who knows how many others. Things that can work there just don’t scale to the U.S.



I do not generally buy this.

Read more »

  2008-01-09

Last Major Label Plans to Ditch DRM Restrictions

  By Hagai Bar-El   , 240 words
Categories: Security Policies

No one who follows on DRM news could have missed this: Report: RIP DRM, as Last Major Label Plans to Ditch Restrictions:

In a move certain to rock the distribution of digital music, Sony BMG is in the midst of finalizing plans to begin offering at least part of its downloadable music catalog DRM-free, according to BusinessWeek.com. This makes Sony BMG the last of the Big Four record labels to cave on digital rights management schemes designed to restrict the distribution of music via peer-to-peer networks.


I was asked more than once: What can prevail, if DRM cannot?

Read more »

1 ... 5 6 7 8 9 10 ...11 ... 13 ...15 16


Form is loading...

  XML Feeds

Search

License

All contents are licensed under the Creative Commons Attribution license.