The problem is, they never RTFM (Read the F***ing Manual) The Questions are: 1) Why no encryption? 2) Why would an Embassy use Tor?

http://www.pogowasright.org/article.php?story=20070910061510649

Tor at heart of embassy passwords leak

Monday, September 10 2007 @ 06:22 AM CDT Contributed by: PrivacyNews News Section: Internet & Computers

Tor advertises itself as a means for people and groups to improve their privacy. And when used properly, the distributed, anonymous network does just that. But a Swedish security consultant has used the very same system to gain access to login credentials for a thousand or so individual email addresses, including those of at least 100 accounts belonging to foreign embassies.

Dan Egerstad, who made waves last week posting the login details to embassies belonging to Iran, India, Japan and Russia, among others, has finally identified how he got access to the information.

Source - The Register

[From the article:

Tor has taken pains to warn its users that people running so-called exit nodes - which are the last Tor servers to touch a packet before sending it on its way - "can read the bytes that come in and out there." They go on to say: "This is why you should always use end-to-end encryption such as SSL for sensitive Internet connections."

... The posting of 100 official embassy passwords has made Egerstad a pariah in many circles. Publishing information that allows any old criminal to infiltrate sensitive government networks [But only because criminals RTFM! Bob] is a touchy thing, and many, including several Reg readers, have denounced it.

As usual there are a number of incidents that I didn't bother blogging about.

http://www.pogowasright.org/article.php?story=20070910060649165

Data “Dysprotection:” breaches reported last week

Monday, September 10 2007 @ 06:20 AM CDT Contributed by: PrivacyNews News Section: Breaches

A recap of incidents or privacy breaches reported last week for those who enjoy shaking their head and muttering to themselves with their morning coffee.

Source - Chronicles of Dissent

Tools and Techniques: Announcements of data spills claim the data was protected by passwords in probably 8 of 10 instances. Here is one example why that isn't enough...

http://www.codinghorror.com/blog/archives/000949.html

September 08, 2007

Rainbow Hash Cracking

The multi-platform password cracker Ophcrack is incredibly fast. How fast? It can crack the password "Fgpyyih804423" in 160 seconds. Most people would consider that password fairly secure. The Microsoft password strength checker rates it "strong". The Geekwisdom password strength meter rates it "mediocre".

Late to market...

http://googlesystem.blogspot.com/2007/09/microsoft-launches-translation-service.html

Sunday, September 09, 2007

Microsoft Launches Translation Service

Microsoft launched a service for automatic translation called Windows Live Translator. The site lets you translate a text limited to 500 words or a web page from English to German, Dutch, French, Spanish, Portuguese, Italian, Korean, Chinese, Japanese, Russian.

... Google also has a translation service powered by Systran. The translations are identical to the ones returned by Babel Fish, but they're different from Windows Live's translations, so Microsoft might use an updated version of Systran's software.

Google developed a machine translation system that's available to the public for only three languages: Arabic, Chinese and Russian. [Gee, I wonder what government agency would be interested in those languages... Bob]

This works in other areas as well. Expect virtual elections – perhaps a delegation from the great state of Second Life

http://www.technewsworld.com/rsstory/59238.html

Virtual Worlds: An Economist's Sandbox

By Peter Svensson AP 09/09/07 4:00 AM PT

Second Life is just one example of how economists and virtual worlds are teaming up, to mutual benefit. Outside Second Life, a game company just hired its first full-time economist. Another economist, coming from the academic side, believes that just as virtual economies need economists, so economists need virtual economies -- to experiment with.

One of my former students sent this... Think she rigged the test?

http://www.elks590.org/main/cooltest.htm

COOL PERSON TEST