Saturday, November 20, 2010

This goes a long way toward restoring that warm, fuzzy feeling.

Hacked Federal Reserve Network Was Test-only

November 19, 2010 by admin

Robert McMillan reports:

A June 2010 hacking incident that compromised a network at the Federal Reserve Bank of Cleveland happened on a test system and not the bank’s production servers…. According to Gates, the hacker managed to break into a single Fed test PC that was connected to other test computers. “This is a system that is used to test software and applications with fake data and information,” she said. “The incident did not involve our live production system on which we process our work.”

Read more on PC World.

So what was the source of the 400k credit card numbers found in Poo’s possession?

[Yesterday they claimed:

Prosecutors say he hacked into the Federal Reserve Bank of Cleveland's network in June of this year, and compromised at least 10 computers there.

The TSA kerfuffle is generating lots of stories, but unless you plan to fly commercial (and are not an exempt pilot) they are simply more examples of “Security theater” so I'm just going to point you to them without commenting on each.

Bruce Schneier vs. the TSA

Posted by Soulskill on Friday November 19, @05:08PM

"Bruce Schneier has posted a huge recap of the controversy over TSA body scanners, including more information about the lawsuit he joined to ban them. There's too much news to summarize, but it covers everything from Penn Jillette's [Worth reading! Bob] and Dave Barry's grope stories, to Israeli experts who say this isn't needed and hasn't ever stopped a bomb, to the three-year-old girl who was traumatized by being groped and much, much more."

Another reader passed along a related article, which says, "Congressman Ron Paul lashed out at the TSA yesterday and introduced a bill aimed at stopping federal abuse of passengers. Paul’s proposed legislation would pave the way for TSA employees to be sued for feeling up Americans and putting them through unsafe naked body scanners."

[Bruce has his own collection of “news”:

Of course, airport security is an extra-Constitutional area, so there's no clear redress mechanism for those subjected to too-intimate patdowns.

This video provides tips to parents flying with young children. Around 2:50 in, the reporter indicates that you can find out if your child has been pre-selected for secondary, and then recommends requesting "de-selection." That doesn't make sense.

Neither does this story, which says that the TSA will only touch Muslim women in the head and neck area.

Senior Democrats rebuke TSA over screening rules

Small business TSA decisions

This morning I had to have the most unpleasant discussions with my staff concerning my company buying their plane tickets and thus causing them to lose their privacy rights.

I can't help thinking that they will generate (and store?) the same images, but will “cartoonize” them to keep the peasants from revolting.

Report: Stick figures may be used to calm ire surrounding body scanners

They do mention Privacy, in one paragraph on the last page...

November 18, 2010

DHS - Preventing and Defending Against Cyber Attacks November 2010

Related to the TSA stories. My concern is that as a “Security Expert” and someone who teaches “Ethical Hacking” I access web sites, have lots of software that “normal” people don't, and (most damning) criticize the TSA. Will this happen to me?

Whitehat Hacker Moxie Marlinspike's Laptop, Cellphones Seized

Posted by timothy on Saturday November 20, @12:06AM

"The well-known whitehat hacker and security researcher that goes by the handle Moxie Marlinspike has recently experienced firsthand the electronic device search that travelers are sometimes submitted to by border agents when entering the country. He was returning from the Dominican Republic by plane, and when he landed at JFK airport, he was greeted by two US Customs officials and taken to a detention room where they kept him for almost five hours, took his laptop and two cell phones and asked for the passwords needed to access the encrypted material on them."

For my Intellectual Property Lawyer friends (not an oxymoron – they do exist) Does this parallel the rules for ISPs? Will Cloud storage providers have to look at every bit of data you upload?

MP3Tunes ‘Safe Harbor’ Challenge Is Legal Test for Cloud Storage

A key test of digital-copyright law will be heard soon in New York federal court: whether online music storage services and search engines can be held liable when users upload copyright material. The outcome could have far-reaching implications for so-called “cloud-based” services, which allow users to store their content on remote servers accessible on the internet.

… Several influential digital rights groups filed a brief last Tuesday supporting the defendant in the case, MP3tunes. They urged the court to uphold the “safe harbor” provision, lest online innovation be stifled.

Three years ago, several labels and publishers affiliated with major record label EMI sued MP3tunes, which provides an online music “locker” service where users can store their music and access it from computers and mobile devices. MP3tunes also operates a music search engine called Sideload, where people can find music tracks on other sites and then put them in their locker.

To EMI, MP3tunes and Sideload represent a two-step mechanism for the discovery and acquisition of copyright music. MP3tunes argues that its service merely allows users to store their music online so they can listen to it anywhere. And even if some users upload copyright content, the company says, it can’t be found liable because it is protected by the DMCA.

Another “Cloud Computing” article. Interesting in that it is a government computer system that is relatively cheap ($2 million) and works!

eJuror Will Lead To New List of Jury Duty Excuses

Posted by Soulskill on Friday November 19, @02:25PM

"Now you can say your jury duty request got lost in the cloud, or that the network was down, or the Internet ate it. That's because the US District Court system is close to completing a rollout of its national eJuror system that lets prospective jurors have the option of responding to their jury questionnaire or summons online. About 80 of the 94 US district courts have had the eJuror software installed and more than half of those courts are already live on the system."

For my (you better be doing research) students. Shows the rapid increase in searches for “TSA” for example. Also shows a number of related search terms that were (more and less) popular... Note: The “personal information' is aggregated so it isn't obvious how that would be a problem. Unless I'm missing something?

Yahoo! Clues divulges personal information on searches

November 19, 2010 by Dissent

Nadia Ibanez reports:

Yesterday, Yahoo! unveiled the beta test of Yahoo! Clues, which is designed to help users data-mine trending search terms. When a user types in a search term, they’re shown a graph with the highs and lows of the trend over the past week or month. Information about the gender, age, income and location is also provided along with the search paths that other users have taken to provide for a better-rounded search capability.

Read more on Business Review USA. If you want to test it out, the correct url is

For my Math students. I tell them the same thing, based on my observations. Nice to have “scientific confirmation”

Traffic Jams In Your Brain

Posted by timothy on Saturday November 20, @06:01AM

"Carl Zimmer's latest foray into neuroscience examines why the brain can get jammed up by a simple math problem: 'Its trillions of connections let it carry out all sorts of sophisticated computations in very little time. You can scan a crowded lobby and pick out a familiar face in a fraction of a second, a task that pushes even today's best computers to their limit. Yet multiplying 357 by 289, a task that demands a puny amount of processing, leaves most of us struggling.' Some scientists think mental tasks can get stuck in bottlenecks because everything have to go through a certain neural network they call 'the router.'"

Something for students who complete my Math classes.

Massachusetts Institute of Technology Entrance Examination, 1869-70

No comments: