Ramblings & ephemera

Could Green Dam lead to the largest botnet in history?

From Rob Cottingham’s “From blocking to botnet: Censorship isn’t the only problem with China’s new Internet blocking software” (Social Signal: 10 June 2009): Any blocking software needs to update itself from time to time: at the very least to freshen its database of forbidden content, and more than likely to fix bugs, add features and […]

Green Dam is easily exploitable

From Scott Wolchok, Randy Yao, and J. Alex Halderman’s “Analysis of the Green Dam Censorware System” (The University of Michigan: 11 June 2009): We have discovered remotely-exploitable vulnerabilities in Green Dam, the censorship software reportedly mandated by the Chinese government. Any web site a Green Dam user visits can take control of the PC. According […]

The Uncanny Valley, art forgery, & love

photo credit: hans s From Errol Morris’ “Bamboozling Ourselves (Part 2)” (The New York Times: 28 May 2009): [Errol Morris:] The Uncanny Valley is a concept developed by the Japanese robot scientist Masahiro Mori. It concerns the design of humanoid robots. Mori’s theory is relatively simple. We tend to reject robots that look too much […]

Taxi driver party lines

photo credit: 708718 From Annie Karni’s “Gabbing Taxi Drivers Talking on ‘Party Lines’” (The New York Sun: 11 January 2007): It’s not just wives at home or relatives overseas that keep taxi drivers tied up on their cellular phones during work shifts. Many cabbies say that when they are chatting on duty, it’s often with […]

Al Qaeda’s use of social networking sites

From Brian Prince’s “How Terrorism Touches the ‘Cloud’ at RSA” (eWeek: 23 April 2009): When it comes to the war on terrorism, not all battles, intelligence gathering and recruitment happen in the street. Some of it occurs in the more elusive world of the Internet, where supporters of terrorist networks build social networking sites to recruit […]

The watchclock knows where your night watchman is

photo credit: 917press From Christopher Fahey’s “Who Watches the Watchman?” (GraphPaper: 2 May 2009): The Detex Newman watchclock was first introduced in 1927 and is still in wide use today. &hellip What could you possibly do in 1900 to be absolutely sure a night watchman was making his full patrol? An elegant solution, designed and […]

A better alternative to text CAPTCHAs

From Rich Gossweiler, Maryam Kamvar, & Shumeet Baluja’s “What’s Up CAPTCHA?: A CAPTCHA Based On Image Orientation” (Google: 20-24 April 2009): There are several classes of images which can be successfully oriented by computers. Some objects, such as faces, cars, pedestrians, sky, grass etc. … Many images, however, are difficult for computers to orient. For […]

A story of failed biometrics at a gym

photo credit: kevindooley From Jake Vinson’s “Cracking your Fingers” (The Daily WTF: 28 April 2009): A few days later, Ross stood proudly in the reception area, hands on his hips. A high-tech fingerprint scanner sat at the reception area near the turnstile and register, as the same scanner would be used for each, though the […]

German twins commit the perfect crime

From “Twins Suspected in Spectacular Jewelry Heist Set Free” (Spiegel Online International: 19 March 2009): Saved by their indistinguishable DNA, identical twins suspected in a massive jewelry heist have been set free. Neither could be exclusively linked to the DNA evidence. German police say at least one of the identical twin brothers Hassan and Abbas […]

Criminal goods & service sold on the black market

From Ellen Messmer’s “Symantec takes cybercrime snapshot with ‘Underground Economy’ report” (Network World: 24 November 2008): The “Underground Economy” report [from Symantec] contains a snapshot of online criminal activity observed from July 2007 to June 2008 by a Symantec team monitoring activities in Internet Relay Chat (IRC) and Web-based forums where stolen goods are advertised. […]

Another huge botnet

From Kelly Jackson Higgins’ “Researchers Find Massive Botnet On Nearly 2 Million Infected Consumer, Business, Government PCs” (Dark Reading: 22 April 2009): Researchers have discovered a major botnet operating out of the Ukraine that has infected 1.9 million machines, including large corporate and government PCs mainly in the U.S. The botnet, which appears to be […]

Things we do that are legal, yet wish to remain private

Kissing Interviewing for a new job without your boss’s knowledge Visiting a therapist Praying Inspired by Patrick Keefe’s “Camera Shy” (Legal Affairs: July/August 2003).

Reasons Windows has a poor security architecture

From Daniel Eran Dilger’s “The Unavoidable Malware Myth: Why Apple Won’t Inherit Microsoft’s Malware Crown” (AppleInsider: 1 April 2008): Thanks to its extensive use of battle-hardened Unix and open source software, Mac OS X also has always had security precautions in place that Windows lacked. It has also not shared the architectural weaknesses of Windows […]

Vista & Mac OS X security features

From Prince McLean’s “Pwn2Own contest winner: Macs are safer than Windows” (AppleInsider: 26 March 2009): Once it did arrive, Vista introduced sophisticated new measures to make it more difficult for malicious crackers to inject code. One is support for the CPU’s NX bit, which allows a process to mark certain areas of memory as “Non-eXecutable” […]

$9 million stolen from 130 ATM machines in 49 cities in 30 minutes

From Catey Hill’s “Massive ATM heist! $9M stolen in only 30 minutes” (New York Daily News: 12 February 2009) With information stolen from only 100 ATM cards, thieves made off with $9 million in cash, according to published reports. It only took 30 minutes. “We’ve seen similar attempts to defraud a bank through ATM machines […]

Social software: 5 properties & 3 dynamics

From danah boyd’s “Social Media is Here to Stay… Now What?” at the Microsoft Research Tech Fest, Redmond, Washington (danah: 26 February 2009): Certain properties are core to social media in a combination that alters how people engage with one another. I want to discuss five properties of social media and three dynamics. These are […]

What passwords do people use? phpBB examples

From Robert Graham’s “PHPBB Password Analysis” (Dark Reading: 6 February 2009): A popular Website, phpbb.com, was recently hacked. The hacker published approximately 20,000 user passwords from the site. … This incident is similar to one two years ago when MySpace was hacked, revealing about 30,000 passwords. … The striking different between the two incidents is […]

Should states track cars with GPS?

From Glen Johnson’s “Massachusetts may consider a mileage charge” (AP: 17 February 2009): A tentative plan to overhaul Massachusetts’ transportation system by using GPS chips to charge motorists a quarter-cent for every mile behind the wheel has angered some drivers. … But a “Vehicle Miles Traveled” program like the one the governor may unveil this […]

Crazy anti-terrorism plans that worked

From a Special Operations officer quoted in Tom Ricks’s Inbox (The Washington Post: 5 October 2008): One of the most interesting operations was the laundry mat [sic]. Having lost many troops and civilians to bombings, the Brits decided they needed to determine who was making the bombs and where they were being manufactured. One bright […]

Why cons work on us

From Damien Carrick’s interview with Nicholas Johnson, “The psychology of conmen” (The Law Report: 30 September 2008): Nicholas Johnson: I think what I love most about con artists and the world of scammers is that they’re criminals who manage to get their victims to hand over their possessions freely. Most thieves and robbers and the […]