Ramblings & ephemera
From David S. Bennahum’s “Hope You Like Jamming, Too” (Slate): …innovative industrial spies, who have several neat new tricks. These days, a boardroom Mata Hari can purchase a specially designed cell phone that will answer incoming calls while appearing to be switched off. In a business meeting, she could casually leave her phone on the […]
Posted on September 8th, 2011 by Scott Granneman
Filed under: business, security | Comments Off on Eavesdropping with your cell phone
From Robert X. Cringely’s “Stream On“: Mailinator is ad hoc e-mail for those times when just maybe you don’t want to use your regular e-mail address. Say you are snitching on the boss, buying inflatable people, or want 32 different PayPal accounts. Just tell someone—anyone—that your e-mail address is fatman@mailinator.com or skinnykid@mailinator.com, or clueless@mailinator.com or […]
Posted on September 8th, 2011 by Scott Granneman
Filed under: business, security | Comments Off on How an email account without passwords can be good for security
From the L.A. Times‘ “Cyberspace Gives Al Qaeda Refuge“: Simplicity seems to work best. One common method of communicating over the Internet is essentially an e-mail version of the classic dead drop. Members of a cell are all given the same prearranged username and password for an e-mail account on an Internet service provider, or […]
Posted on September 8th, 2011 by Scott Granneman
Filed under: security | Comments Off on The email dead drop
From Bruce Schneier’s Crypto-Gram of 15 October 2003: Precision stripping: criminal steals car, chop shop strips car completely down to chassis, chassis dumped on street, cops tow chassis away, chassis sold at auction, criminal buys chassis, chop shop reattaches parts. Result: legitimate car that can be legally sold used. The VIN has been ‘laundered’.
Posted on September 8th, 2011 by Scott Granneman
Filed under: business, security | Comments Off on Laundering a car’s VIN
From Jeff Bezos’s “We are What We Choose: Remarks by Jeff Bezos, as delivered to the Class of 2010 Baccalaureate” (Princeton University: 30 May 2010): What I want to talk to you about today is the difference between gifts and choices. Cleverness is a gift, kindness is a choice. Gifts are easy — they’re given […]
Posted on August 13th, 2010 by Scott Granneman
Filed under: commonplace book | Comments Off on Jeff Bezos on the differences between gifts and choices
From Steven Levy’s Hackers: Heroes of the Computer Revolution (Penguin Books: 2001): 23: The core members hung out at [MIT’s Tech Model Railroad Club in the late 1950s] for hours; constantly improving The System, arguing about what could be done next, developing a jargon of their own that seemed incomprehensible to outsiders who might chance […]
Posted on July 31st, 2010 by Scott Granneman
Filed under: history, language & literature, technology | Comments Off on The origin of the word “munge”, “hack”, & others
From Kim Zetter’s “New Malware Re-Writes Online Bank Statements to Cover Fraud” (Wired: 30 September 2009): New malware being used by cybercrooks does more than let hackers loot a bank account; it hides evidence of a victim’s dwindling balance by rewriting online bank statements on the fly, according to a new report. The sophisticated hack […]
Posted on October 30th, 2009 by Scott Granneman
Filed under: business, science, security | Comments Off on Malware forges online bank statements to hide fraud
From “List of confidence tricks” (Wikipedia: 3 July 2009): Get-rich-quick schemes Get-rich-quick schemes are extremely varied. For example, fake franchises, real estate “sure things”, get-rich-quick books, wealth-building seminars, self-help gurus, sure-fire inventions, useless products, chain letters, fortune tellers, quack doctors, miracle pharmaceuticals, Nigerian money scams, charms and talismans are all used to separate the mark […]
Posted on July 5th, 2009 by Scott Granneman
Filed under: business, history, law, science, security | Comments Off on Various confidence scams, tricks, & frauds
From a Special Operations officer quoted in Tom Ricks’s Inbox (The Washington Post: 5 October 2008): One of the most interesting operations was the laundry mat [sic]. Having lost many troops and civilians to bombings, the Brits decided they needed to determine who was making the bombs and where they were being manufactured. One bright […]
Posted on February 12th, 2009 by Scott Granneman
Filed under: history, law, politics, security | Comments Off on Crazy anti-terrorism plans that worked
From Lisa Vaas’ “Storm Worm Botnet Lobotomizing Anti-Virus Programs” (eWeek: 24 October 2007): According to an Oct. 22 posting by Sophos analyst Richard Cohen, the Storm botnet – Sophos calls it Dorf, and its also known as Ecard malware – is dropping files that call a routine that gets Windows to tell it every time […]
Posted on December 7th, 2008 by Scott Granneman
Filed under: business, security, tech in changing society | Comments Off on How the Storm botnet defeats anti-virus programs
From Paul J. Zak’s “How to Run a Con” (Psychology Today: 13 November 2008): When I was in high school, I took a job at an ARCO gas station on the outskirts of Santa Barbara, California. At the time, I drove a 1967 Mustang hotrod and thought I might pick up some tips and cheap […]
Posted on November 27th, 2008 by Scott Granneman
Filed under: business, science, security | 1 Comment »
From Gregg Keizer’s “Massive botnet returns from the dead, starts spamming” (Computerworld: 26 November 2008): A big spam-spewing botnet shut down two weeks ago has been resurrected, security researchers said today, and is again under the control of criminals. The “Srizbi” botnet returned from the dead late Tuesday, said Fengmin Gong, chief security content officer […]
Posted on November 27th, 2008 by Scott Granneman
Filed under: business, law, security, tech in changing society | Comments Off on A botnet with a contingency plan
From Ernesto Londono and Clarence Williams’s “Md., D.C. Banks Duped By Phony Cash Courier” (The Washington Post: 12 January 2008): And on Thursday, about 9:30 a.m., a man dressed as an employee of the security company Brink’s walked into a Wachovia branch in downtown Washington and walked out with more than $350,000. The man had […]
Posted on November 22nd, 2008 by Scott Granneman
Filed under: security | Comments Off on Social engineering a bank robbery
From Brian Ross’ “Fake FedEx Trucks; When the Drugs Absolutely Have to Get There” (ABC News: 18 January 2008): Savvy criminals are using some of the country’s most credible logos, including FedEx, Wal-Mart, DirecTV and the U.S. Border Patrol, to create fake trucks to smuggle drugs, money and illegal aliens across the border, according to […]
Posted on November 22nd, 2008 by Scott Granneman
Filed under: business, security | Comments Off on Cloned trucks used to commit crimes
From Vassilis Prevelakis and Diomidis Spinellis’ “The Athens Affair” (IEEE Spectrum: July 2007): On 9 March 2005, a 38-year-old Greek electrical engineer named Costas Tsalikidis was found hanged in his Athens loft apartment, an apparent suicide. It would prove to be merely the first public news of a scandal that would roil Greece for months. […]
Posted on November 22nd, 2008 by Scott Granneman
Filed under: business, politics, security, tech in changing society | Comments Off on How the Greek cell phone network was compromised
Robert Salisbury From “Man scammed by Craigslist ad” (The Seattle Times: 24 March 2008): The ads popped up Saturday afternoon, saying the owner of a Jacksonville home was forced to leave the area suddenly and his belongings, including a horse, were free for the taking, said Jackson County sheriff’s Detective Sgt. Colin Fagan. But Robert […]
Posted on November 22nd, 2008 by Scott Granneman
Filed under: law, security, tech in changing society | Comments Off on Craigslist “everything is free!” scams
From Bruce Schneier’s “Getting Free Food at a Fast-Food Drive-In” (Crypto-Gram: 15 September 2007): It’s easy. Find a fast-food restaurant with two drive-through windows: one where you order and pay, and the other where you receive your food. This won’t work at the more-common U.S. configuration: a microphone where you order, and a single window […]
Posted on November 21st, 2008 by Scott Granneman
Filed under: security | Comments Off on Synchronization attacks at fast food drive-through windows
From Bruce Schneier’s “My Open Wireless Network” (Crypto-Gram: 15 January 2008): A company called Fon has an interesting approach to this problem. Fon wireless access points have two wireless networks: a secure one for you, and an open one for everyone else. You can configure your open network in either “Bill” or “Linus” mode: In […]
Posted on November 21st, 2008 by Scott Granneman
Filed under: business, technology | Comments Off on A wireless router with 2 networks: 1 secure, 1 open
From Russell L. Ackoff & Daniel Greenberg’s Turning Learning Right Side Up: Putting Education Back on Track (2008): A classic story illustrates very well the potential cost of placing a problem in a disciplinary box. It involves a multistoried office building in New York. Occupants began complaining about the poor elevator service provided in the […]
Posted on September 18th, 2008 by Scott Granneman
Filed under: commonplace book, science, true stories | Comments Off on To solve a problem, you first have to figure out the problem
From Victor Bogado da Silva Lins’ letter in Bruce Schneier’s Crypto-Gram (15 May 2004): You mentioned in your last crypto-gram newsletter about a cover that makes a license plate impossible to read from certain angles. Brazilian people have thought in another low-tech solution for the same “problem”, they simply tie some ribbons to the plate […]
Posted on April 20th, 2008 by Scott Granneman
Filed under: security | Comments Off on A cheap, easy way to obfuscate license plates