Ramblings & ephemera

American Express’ security policies made things more insecure

From Bruce Schneier’s Crypto-Gram of 15 August 2003: When I called to activate an American Express credit card I had received in the mail, the automated system told me that I would have to associate a PIN with it. The system told me that other users liked the idea of using their mother’s birthday as […]

RFID dust

From David Becker’s “Hitachi Develops RFID Powder” (Wired: 15 February 2007): [Hitachi] recently showed a prototype of an RFID chip measuring a .05 millimeters square and 5 microns thick, about the size of a grain of sand. They expect to have ‘em on the market in two or three years. The chips are packed with […]

How security experts defended against Conficker

From Jim Giles’ “The inside story of the Conficker worm” (New Scientist: 12 June 2009): 23 October 2008 … The dry, technical language of Microsoft’s October update did not indicate anything particularly untoward. A security flaw in a port that Windows-based PCs use to send and receive network signals, it said, might be used to […]

80% of all spam from botnets

From Jacqui Cheng’s “Report: botnets sent over 80% of all June spam” (Ars Technica: 29 June 2009): A new report (PDF) from Symantec’s MessageLabs says that more than 80 percent of all spam sent today comes from botnets, despite several recent shut-downs. According to MessageLabs’ June report, spam accounted for 90.4 percent of all e-mail […]

Storm made $7000 each day from spam

From Bruce Schneier’s “The Economics of Spam” (Crypto-Gram: 15 November 2008): Researchers infiltrated the Storm worm and monitored its doings. “After 26 days, and almost 350 million e-mail messages, only 28 sales resulted — a conversion rate of well under 0.00001%. Of these, all but one were for male-enhancement products and the average purchase price […]

Newspapers are doomed

From Jeff Sigmund’s “Newspaper Web Site Audience Increases More Than Ten Percent In First Quarter To 73.3 Million Visitors” (Newspaper Association of America: 23 April 2009): Newspaper Web sites attracted more than 73.3 million monthly unique visitors on average (43.6 percent of all Internet users) in the first quarter of 2009, a record number that […]

35% of adults have a social networking profile

From danah boyd’s “Social Media is Here to Stay… Now What?” at the Microsoft Research Tech Fest, Redmond, Washington (danah: 26 February 2009): At this stage, over 35% of American adults have a profile on a social network site.

Facebook & the Dunbar number

From The Economist‘s “Primates on Facebook” (26 February 2009): Robin Dunbar, an anthropologist who now works at Oxford University, concluded that the cognitive power of the brain limits the size of the social network that an individual of any given species can develop. Extrapolating from the brain sizes and social networks of apes, Dr Dunbar […]

Give CLEAR your info, watch CLEAR lose your info

From “Missing SFO Laptop With Sensitive Data Found” (CBS5: 5 August 2008): The company that runs a fast-pass security prescreening program at San Francisco International Airport said Tuesday that it found a laptop containing the personal information of 33,000 people more than a week after it apparently went missing. The Transportation Security Administration announced late […]

Number of bots drops 20% on Christmas

From Robert Lemos’ “Bot-infected PCs get a refresh” (SecurityFocus: 28 December 2006): On Christmas day, the number of bots tracked by the Shadowserver group dropped nearly 20 percent. The dramatic decrease in weekly totals–from more than 500,000 infected systems to less than 400,000 computers–puzzled researchers. The Internet Storm Center, a threat monitoring group managed by […]

Online criminals pay the most for bank account details

From The Economist‘s “The price of online robbery” (24 November 2008): Bank details are the most popular single item for sale by online fraudsters, according to a new report by Symantec, an internet-security firm. They are also the priciest, perhaps because the average account for which details are offered has a balance of nearly $40,000. […]

1st label with more than half of sales from digital

From Tim Arango’s “Digital Sales Surpass CDs at Atlantic” (The New York Times: 25 November 2008): Atlantic, a unit of Warner Music Group, says it has reached a milestone that no other major record label has hit: more than half of its music sales in the United States are now from digital products, like downloads […]

The NSA and threats to privacy

From James Bamford’s “Big Brother Is Listening” (The Atlantic: April 2006): This legislation, the 1978 Foreign Intelligence Surveillance Act, established the FISA court—made up of eleven judges handpicked by the chief justice of the United States—as a secret part of the federal judiciary. The court’s job is to decide whether to grant warrants requested by […]

How Obama raised money in Silicon Valley & using the Net

From Joshua Green’s “The Amazing Money Machine” (The Atlantic: June 2008): That early fund-raiser [in February 2007] and others like it were important to Obama in several respects. As someone attempting to build a campaign on the fly, he needed money to operate. As someone who dared challenge Hillary Clinton, he needed a considerable amount […]

The various participants in phishing schemes

From Chapter 2: Botnets Overview of Craig A. Schiller’s Botnets: The Killer Web App (Syngress: 2007): Christopher Abad provides insight into the phishing economy in an article published online by FirstMonday.org (http://www.firstmonday.org/issues/ issue10_9/abad/). The article, “The economy of phishing: A survey of the operations of the phishing market,” reveals the final phase of the phishing […]

An analysis of splogs: spam blogs

From Charles C. Mann’s “Spam + Blogs = Trouble” (Wired: September 2006): Some 56 percent of active English-language blogs are spam, according to a study released in May by Tim Finin, a researcher at the University of Maryland, Baltimore County, and two of his students. “The blogosphere is growing fast,” Finin says. “But the splogosphere […]

Lots of good info about the FBI’s far-reaching wiretapping of US phone systems

From Ryan Singel’s “Point, Click … Eavesdrop: How the FBI Wiretap Net Operates” (Wired News: 29 August 2007): The FBI has quietly built a sophisticated, point-and-click surveillance system that performs instant wiretaps on almost any communications device, according to nearly a thousand pages of restricted documents newly released under the Freedom of Information Act. The […]

San Francisco surveillance cameras prove useless

From Heather Knight’s “S.F. public housing cameras no help in homicide arrests” (San Francisco Chronicle: 14 August 2007): The 178 video cameras that keep watch on San Francisco public housing developments have never helped police officers arrest a homicide suspect even though about a quarter of the city’s homicides occur on or near public housing […]

If concerts bring money in for the music biz, what happens when concerts get smaller?

From Jillian Cohen’s “The Show Must Go On” (The American: March/April 2008): You can’t steal a concert. You can’t download the band—or the sweaty fans in the front row, or the merch guy, or the sound tech—to your laptop to take with you. Concerts are not like albums—easy to burn, copy, and give to your […]

Surveillance cameras don’t reduce crime

From BBC News’ “CCTV boom ‘failing to cut crime’” (6 May 2008): Huge investment in closed-circuit TV technology has failed to cut UK crime, a senior police officer has warned. Det Ch Insp Mick Neville said the system was an “utter fiasco” – with only 3% of London’s street robberies being solved using security cameras. […]