Ramblings & ephemera

Better security = reduced efficiency

From Robert X. Cringely’s “Stream On“: Yet nearly everything we do to combat crime or enhance safety comes at the expense of reduced efficiency. So we build airports to make possible efficient air transportation, then set up metal detectors to slow down the flow of passengers. We build highways to make car travel faster, then […]

What seems obvious in security often is not

From Russell Nelson’s comment to Bruce Schneier’s Crypto-Gram of 15 November 2003: > A New York detective was once asked whether pickpockets in > Manhattan dressed in suits and ties to facilitate their crimes > subsequent escape. He responded by saying that in twenty years > he had never arrested even one pickpocket in a […]

The difference between crime films & noir

From Roger Ebert’s “Detour (1945)” (The Chicago Sun-Times: 7 June 1998): The difference between a crime film and a noir film is that the bad guys in crime movies know they’re bad and want to be, while a noir hero thinks he’s a good guy who has been ambushed by life.

Woody Allen’s atheism

From Robert E. Lauder’s interview with Woody Allen, “Whatever Works” (Commonweal: 15 April 2010): Well, you know, you want some kind of relief from the agony and terror of human existence. Human existence is a brutal experience to me…it’s a brutal, meaningless experience—an agonizing, meaningless experience with some oases, delight, some charm and peace, but […]

Bernie Madoff & the 1st worldwide Ponzi scheme

From Diana B. Henrioques’s “Madoff Scheme Kept Rippling Outward, Across Borders” (The New York Times: 20 December 2008): But whatever else Mr. Madoff’s game was, it was certainly this: The first worldwide Ponzi scheme — a fraud that lasted longer, reached wider and cut deeper than any similar scheme in history, entirely eclipsing the puny […]

Australian police: don’t bank online with Windows

From Munir Kotadia’s “NSW Police: Don’t use Windows for internet banking” (ITnews: 9 October 2009): Consumers wanting to safely connect to their internet banking service should use Linux or the Apple iPhone, according to a detective inspector from the NSW Police, who was giving evidence on behalf of the NSW Government at the public hearing […]

A beheading in Saudi Arabia

Image via Wikipedia From Adam St. Patrick’s “Chop Chop Square: Inside Saudi Arabia’s brutal justice system” (The Walrus: May 2009): This is Saudi Arabia, one of the last places on earth where capital punishment is a public spectacle. Decapitation awaits murderers, but the death penalty also applies to many other crimes, such as armed robbery, […]

Various confidence scams, tricks, & frauds

From “List of confidence tricks” (Wikipedia: 3 July 2009): Get-rich-quick schemes Get-rich-quick schemes are extremely varied. For example, fake franchises, real estate “sure things”, get-rich-quick books, wealth-building seminars, self-help gurus, sure-fire inventions, useless products, chain letters, fortune tellers, quack doctors, miracle pharmaceuticals, Nigerian money scams, charms and talismans are all used to separate the mark […]

Stolen credit card data is cheaper than ever in the Underground

From Brian Krebs’ “Glut of Stolen Banking Data Trims Profits for Thieves” (The Washington Post: 15 April 2009): A massive glut in the number of credit and debit cards stolen in data breaches at financial institutions last year has flooded criminal underground markets that trade in this material, driving prices for the illicit goods to […]

Roger Ebert on death

From Roger Ebert’s “Go gentle into that good night” (Roger Ebert’s Journal: 2 May 2009): What I expect will most probably happen [when I die] is that my body will fail, my mind will cease to function, and that will be that. My genes will not live on, because I have had no children. Perhaps […]

German twins commit the perfect crime

From “Twins Suspected in Spectacular Jewelry Heist Set Free” (Spiegel Online International: 19 March 2009): Saved by their indistinguishable DNA, identical twins suspected in a massive jewelry heist have been set free. Neither could be exclusively linked to the DNA evidence. German police say at least one of the identical twin brothers Hassan and Abbas […]

Criminal goods & service sold on the black market

From Ellen Messmer’s “Symantec takes cybercrime snapshot with ‘Underground Economy’ report” (Network World: 24 November 2008): The “Underground Economy” report [from Symantec] contains a snapshot of online criminal activity observed from July 2007 to June 2008 by a Symantec team monitoring activities in Internet Relay Chat (IRC) and Web-based forums where stolen goods are advertised. […]

$9 million stolen from 130 ATM machines in 49 cities in 30 minutes

From Catey Hill’s “Massive ATM heist! $9M stolen in only 30 minutes” (New York Daily News: 12 February 2009) With information stolen from only 100 ATM cards, thieves made off with $9 million in cash, according to published reports. It only took 30 minutes. “We’ve seen similar attempts to defraud a bank through ATM machines […]

The end of Storm

From Brian Krebs’ “Atrivo Shutdown Hastened Demise of Storm Worm” (The Washington Post: 17 October 2008): The infamous Storm worm, which powered a network of thousands of compromised PCs once responsible for sending more than 20 percent of all spam, appears to have died off. Security experts say Storm’s death knell was sounded by the […]

The end of Storm?

From “Storm Worm botnet cracked wide open” (Heise Security: 9 January 2009): A team of researchers from Bonn University and RWTH Aachen University have analysed the notorious Storm Worm botnet, and concluded it certainly isn’t as invulnerable as it once seemed. Quite the reverse, for in theory it can be rapidly eliminated using software developed […]

Three top botnets

From Kelly Jackson Higgins’ “The World’s Biggest Botnets” (Dark Reading: 9 November 2007): You know about the Storm Trojan, which is spread by the world’s largest botnet. But what you may not know is there’s now a new peer-to-peer based botnet emerging that could blow Storm away. “We’re investigating a new peer-to-peer botnet that may […]

Number of bots drops 20% on Christmas

From Robert Lemos’ “Bot-infected PCs get a refresh” (SecurityFocus: 28 December 2006): On Christmas day, the number of bots tracked by the Shadowserver group dropped nearly 20 percent. The dramatic decrease in weekly totals–from more than 500,000 infected systems to less than 400,000 computers–puzzled researchers. The Internet Storm Center, a threat monitoring group managed by […]

1/4 of all Internet computers part of a botnet?

From Nate Anderson’s “Vint Cerf: one quarter of all computers part of a botnet” (Ars Technica: 25 January 2007): The BBC’s Tim Weber, who was in the audience of an Internet panel featuring Vint Cerf, Michael Dell, John Markoff of the New York Times, and Jon Zittrain of Oxford, came away most impressed by the […]

Prices for various services and software in the underground

From Tom Espiner’s “Cracking open the cybercrime economy” (CNET News: 14 December 2007): “Over the years, the criminal elements, the ones who are making money, making millions out of all this online crime, are just getting stronger and stronger. I don’t think we are really winning this war.” As director of antivirus research for F-Secure, […]

Criminals working together to improve their tools

From Dan Goodin’s “Crimeware giants form botnet tag team” (The Register: 5 September 2008): The Rock Phish gang – one of the net’s most notorious phishing outfits – has teamed up with another criminal heavyweight called Asprox in overhauling its network with state-of-the-art technology, according to researchers from RSA. Over the past five months, Rock […]