Tag: security

  1. You're upset about armed guards in schools?

    22 December 2012

    For those of you who haven't been paying any attention to the news lately (and why should you? it's the holidays.) the president of the National Rifle Association gave a press conference yesterday about what he thought of the recent shootings in Sandy Hook. Predictably, half the Internet blew its buffers and the petitions and sarcastic remarks are flying like paper airplanes when the teacher's back is turned. Once, common sense was the first casualty of tragedy; in recent years common sense ran out of regenerations and was given a viking funeral (video contains spoilers for new season number six …

    Read more...

  2. International Summit For Community Wireless Networks 2012.

    21 October 2012

    A little over two weeks ago Sitwon, Haxwithaxe and I made the trek to Barcelona, Spain for the International Summit For Community Wireless Networks, partially because we thought that we might get some useful things out of it for Project Byzantium, but also because Project Byzantium had been invited to attend and present some of our work and ideas for the community at large at the conference. So, arrangements were made in due course, and our journey took us from Baltimore to Philadelphia for a layover, and then an eight hour transatlantic flight carried us to Spain. Sitwon was traveling …

    Read more...

  3. Announcing the Washington, DC Cryptoparty!

    25 September 2012

    On 14 October 2012, HacDC will be hosting the first #cryptoparty in Washington, DC. Everyone in the DC metroplex who is concerned about privacy, anonymity, surveillance, stalking, journalism, or activism are invited to attend, regardless of your level of technical expertise or field of endeavor. At the #cryptoparty, experts will be on hand to teach you what you need to know to evade surveillance, protect your e-mail from eavesdroppers, protect the data on your hard drives and USB keys from theft, and communicate safely.

    The #cryptoparty begins at 5:00pm sharp on 14 October 2012, so bring your laptops, smartphones …

    Read more...

  4. HacDC: Privacy, anonymity, and operational security.

    05 October 2011

    On Saturday, 8 October 2011 I will be at HacDC giving an impromptu class on personal privacy, online anonymity, and operational security for activists. I will be talking about some of the online surveillance technologies in use right now, risks inherent in organizing online and how to mitigate them, practical cryptography, practical anonymity, and operational security. If you are not familiar with using PGP or GnuPG and would like to generate and distribute a key or learn how to send and receive encrypted and signed e-mail, I can walk you through the process during the class. I will probably be …

    Read more...

  5. Better late than never: The Next HOPE

    27 July 2010

    I got home from work early last Thursday afternoon after putting in a couple of hours at work to wrap things up and ensure that nothing would crash, blow up, or spontaneously develop sentience and go on a rampage through the city while I was taking a long weekend in New York City to attend The Next HOPE conference, thrown by 2600 Magazine once again. Unfortunately, this meant taking a couple of phone calls on the way home and throwing a suitcase of stuff together at the last minute so that Hasufin, Mika, and I could then drive to the …

    Read more...

  6. European ATMs struck by hacksploitation movie plot.

    04 June 2009

    When manufacturers of ATMs started using Windows to run them, you just knew that no good would come of it.

    Eastern European banks discovered this the hard way when the security companies Sophos and SpiderLabs discovered strains of malware tailored for automated teller machines that record the second data track of banking cards inserted into the reader slot along with the PIN entered by the machine's user. That's really all you need to make a copy of the card and loot the account. As if that's not enough, the malware also makes it possible for anyone carrying a specially encoded …

    Read more...

  7. Virginia Prescription Monitoring Program compromised - 8 million records held for ransom.

    07 May 2009

    Yesterday morning, word got out through the Internet Storm Center that the web server of the Virginia Prescription Monitoring Program was compromised by an unknown attacker. The VPMP is tasked with recording all of the pharmaceutical prescriptions filled in the state of Virginia for the purpose of data mining to determine who may or may not be abusing prescription drugs, and probably who may or may not be selling their prescriptions on the street. Given that Virginia enacted some annoying laws a couple of years ago that require a photo ID to get hold of Sudafed and placed limits on …

    Read more...

  8. Firefox plug-ins I have known and loved.

    04 September 2008

    It's been said that the killer app that made the Net as ubiquitous as it is today is the web browser, with e-mail running a close second. Just about everyone uses a browser in some capacity or another to access news, information, and e-mail, possibly moreso than dedicated applications (such as e-mail readers, RSS readers, or database searching applications). As great as they are, web browsers have their own unique sets of problems and vulnerabilities that have to be taken into account, especially if privacy is of concern to you.

    Firefox, in my considered opinion, is an excellent web browser …

    Read more...

  9. Passwords, passphrases, and practical use.

    21 August 2008

    One of the most annoying things about the modern world is that pretty much everything you're likely to use these days, from your network login at work to your webmail account to your bank's website requires a username and password before you can actually do anything. Way back when this functionally didn't used to be such a big deal - people chose easy to guess passwords for their accounts and left it at that. Later on, admins discovered that crackers probably wouldn't spend hours on end guessing passwords, they'd spend a few hours writing software to do it for them (which …

    Read more...

2 / 3