From Wikipedia’s “Gruen transfer” (28 September 2009): In shopping mall design, the Gruen transfer refers to the moment when consumers respond to “scripted disorientation” cues in the environment. It is named for Austrian architect Victor Gruen (who disavowed such manipulative techniques) … The Gruen transfer refers to the moment when a consumer enters a shopping […]
Posted on October 30th, 2009 by Scott Granneman
Filed under: business, science, security | Comments Off on Why we get disoriented in malls
From Darryl Taft’s “Enterprise Applications: 20 Things You Might Not Know About COBOL (as the Language Turns 50)” (eWeek: September 2009). http://www.eweek.com/c/a/Enterprise-Applications/20-Things-You-Might-Not-Know-About-COBOL-As-the-Language-Turns-50-103943/?kc=EWKNLBOE09252009FEA1. Accessed 25 September 2009. Five billion lines of new COBOL are developed every year. More than 80 percent of all daily business transactions are processed in COBOL. More than 70 percent of all […]
Posted on September 25th, 2009 by Scott Granneman
Filed under: business, history, security, technology | Comments Off on COBOL is much more widely used than you might think
Image by Dim Sum! via Flickr From Tim Greene’s “Black Hat set to expose new attacks” (Network World: 27 July 2009): Black Hat USA 2009, considered a premier venue for publicizing new exploits with an eye toward neutralizing them, is expected to draw thousands to hear presentations from academics, vendors and private crackers. For instance, […]
Posted on August 3rd, 2009 by Scott Granneman
Filed under: security | Comments Off on Grab what others type through an electrical socket
Image by rustybrick via Flickr From Robert McMillan’s “Security certificate warnings don’t work, researchers say” (IDG News Service: 27 July 2009): In a laboratory experiment, researchers found that between 55 percent and 100 percent of participants ignored certificate security warnings, depending on which browser they were using (different browsers use different language to warn their […]
Posted on July 27th, 2009 by Scott Granneman
Filed under: business, language & literature, security | Comments Off on Warnings about invalid security certs are ignored by users
Image via Wikipedia From Timothy Noah’s “Why No More 9/11s?: An interactive inquiry about why America hasn’t been attacked again” (Slate: 5 March 2009): … I spent the Obama transition asking various terrorism experts why the dire predictions of a 9/11 sequel proved untrue and reviewing the literature on this question. The answers boiled down […]
Posted on July 15th, 2009 by Scott Granneman
Filed under: history, politics, religion, security | Comments Off on Some reasons why America hasn’t been attacked since 9/11
Image via Wikipedia From Adam St. Patrick’s “Chop Chop Square: Inside Saudi Arabia’s brutal justice system” (The Walrus: May 2009): This is Saudi Arabia, one of the last places on earth where capital punishment is a public spectacle. Decapitation awaits murderers, but the death penalty also applies to many other crimes, such as armed robbery, […]
Posted on July 15th, 2009 by Scott Granneman
Filed under: law, politics, religion, security | Comments Off on A beheading in Saudi Arabia
From David Becker’s “Hitachi Develops RFID Powder” (Wired: 15 February 2007): [Hitachi] recently showed a prototype of an RFID chip measuring a .05 millimeters square and 5 microns thick, about the size of a grain of sand. They expect to have ‘em on the market in two or three years. The chips are packed with […]
Posted on July 7th, 2009 by Scott Granneman
Filed under: business, science, security, tech in changing society | Comments Off on RFID dust
photo credit: sleepymyf 2005 From Brian Krebs’ “Leaving Las Vegas: So Long DefCon and Blackhat” (The Washington Post: 1 August 2005): DefCon 13 also was notable for being the location where two new world records were set — both involved shooting certain electronic signals unprecedented distances. Los Angeles-based Flexilis set the world record for transmitting […]
Posted on July 7th, 2009 by Scott Granneman
Filed under: business, politics, science, security, tech in changing society | Comments Off on RFID security problems
From “List of confidence tricks” (Wikipedia: 3 July 2009): Get-rich-quick schemes Get-rich-quick schemes are extremely varied. For example, fake franchises, real estate “sure things”, get-rich-quick books, wealth-building seminars, self-help gurus, sure-fire inventions, useless products, chain letters, fortune tellers, quack doctors, miracle pharmaceuticals, Nigerian money scams, charms and talismans are all used to separate the mark […]
Posted on July 5th, 2009 by Scott Granneman
Filed under: business, history, law, science, security | Comments Off on Various confidence scams, tricks, & frauds
From Jim Giles’ “The inside story of the Conficker worm” (New Scientist: 12 June 2009): Earlier this year, smartphone users in China started to get messages promising a “sexy view” if they clicked on a link. The link led to a download. That download was a spam generator which, once installed, sent identical “sexy view” […]
Posted on July 5th, 2009 by Scott Granneman
Filed under: business, security, tech in changing society | Comments Off on Cell phone viruses
From Jim Giles’ “The inside story of the Conficker worm” (New Scientist: 12 June 2009): 23 October 2008 … The dry, technical language of Microsoft’s October update did not indicate anything particularly untoward. A security flaw in a port that Windows-based PCs use to send and receive network signals, it said, might be used to […]
Posted on July 5th, 2009 by Scott Granneman
Filed under: business, history, security, tech in changing society | Comments Off on How security experts defended against Conficker
From Brian Krebs’ “Glut of Stolen Banking Data Trims Profits for Thieves” (The Washington Post: 15 April 2009): A massive glut in the number of credit and debit cards stolen in data breaches at financial institutions last year has flooded criminal underground markets that trade in this material, driving prices for the illicit goods to […]
Posted on June 30th, 2009 by Scott Granneman
Filed under: business, law, security, tech in changing society | Comments Off on Stolen credit card data is cheaper than ever in the Underground
From Jacqui Cheng’s “Report: botnets sent over 80% of all June spam” (Ars Technica: 29 June 2009): A new report (PDF) from Symantec’s MessageLabs says that more than 80 percent of all spam sent today comes from botnets, despite several recent shut-downs. According to MessageLabs’ June report, spam accounted for 90.4 percent of all e-mail […]
Posted on June 30th, 2009 by Scott Granneman
Filed under: business, security | Comments Off on 80% of all spam from botnets
From Bruce Schneier’s “The Psychology of Con Men” (Crypto-Gram: 15 November 2008): Great story: “My all-time favourite [short con] only makes the con artist a few dollars every time he does it, but I absolutely love it. These guys used to go door-to-door in the 1970s selling lightbulbs and they would offer to replace every […]
Posted on June 27th, 2009 by Scott Granneman
Filed under: business, security | Comments Off on The light bulb con job
From Bruce Schneier’s “The Economics of Spam” (Crypto-Gram: 15 November 2008): Researchers infiltrated the Storm worm and monitored its doings. “After 26 days, and almost 350 million e-mail messages, only 28 sales resulted — a conversion rate of well under 0.00001%. Of these, all but one were for male-enhancement products and the average purchase price […]
Posted on June 27th, 2009 by Scott Granneman
Filed under: business, law, security | Comments Off on Storm made $7000 each day from spam
From Bruce Schneier’s “Quantum Cryptography” (Crypto-Gram: 15 November 2008): Quantum cryptography is back in the news, and the basic idea is still unbelievably cool, in theory, and nearly useless in real life. The idea behind quantum crypto is that two people communicating using a quantum channel can be absolutely sure no one is eavesdropping. Heisenberg’s […]
Posted on June 27th, 2009 by Scott Granneman
Filed under: business, security | Comments Off on Quanta Crypto: cool but useless
From Bruce Schneier’s “Second SHB Workshop Liveblogging (5)” (Schneier on Security: 11 June 2009): Angela Sasse, University College London …, has been working on usable security for over a dozen years. As part of a project called “Trust Economics,” she looked at whether people comply with security policies and why they either do or do […]
Posted on June 20th, 2009 by Scott Granneman
Filed under: security | Comments Off on What it takes to get people to comply with security policies
photo credit: Andres Rueda From Brian Kreb’s “An Odyssey of Fraud” (The Washington Post: 17 June 2009): Andy Kordopatis is the proprietor of Odyssey Bar, a modest watering hole in Pocatello, Idaho, a few blocks away from Idaho State University. Most of his customers pay for their drinks with cash, but about three times a […]
Posted on June 20th, 2009 by Scott Granneman
Filed under: business, law, security | Comments Off on Small charges on your credit card – why?
Back in 2004 or so, I was asked to write an outline for a college textbook that would be used in courses on Linux. I happily complied, producing the outline you can see on my website. The editor on the project loved the outline & showed it several professors to get their reactions, which were […]
Posted on June 18th, 2009 by Scott Granneman
Filed under: on writing, personal, security | Comments Off on Outline for an Unpublished Linux Textbook
From Bruce Schneier’s “Second SHB Workshop Liveblogging (4)” (Schneier on Security: 11 June 2009): Diana Smetters, Palo Alto Research Center …, started with these premises: you can teach users, but you can’t teach them very much, so you’d better carefully design systems so that you 1) minimize what they have to learn, 2) make it […]
Posted on June 13th, 2009 by Scott Granneman
Filed under: security | Comments Off on How to deal with the fact that users can’t learn much about security