For any of my students who still think passwords
are adequate security.
Password
Cracking Tool Hashcat Goes Open Source
Hashcat,
the popular password recovery utility advertised as the world’s
fastest password cracker, has been released as open source.
The
announcement was first made on December 4 on Twitter via an MD5
hash that read “hashcat open source” when cracked. Jens
'atom' Steube, the main Hashcat developer, later announced in a post
on the official
forum that the source code for both Hashcat, the CPU-based tool,
and oclHashcat, the GPU-based version, has been released under the
MIT license.
… The
source code for Hashcat
and oclHashcat
is available on GitHub. Bug fixes and new features can be submitted,
but contributors must ensure that their code complies with a
specified set of requirements.
For
some reason I don't think this is the last we'll hear of the OPM
breach.
Eric
Yoder reports:
The last of the notices are set to go out this week to the more than 21 million people whose personal information was stolen in a cyber breach of government security clearance files, with about 1.5 million of those having signed up so far for identity and credit monitoring services.
Read more on Washington
Post.
Perspective?
Everyone want to teach kids to code, no one wants to teach ethics?
None of the hackers arrested for the TalkTalk hack are over 21.
UK
Police Campaign Targets Hackers as Young as 12
Britain's National Crime Agency on Tuesday
launched a campaign to discourage youngsters from becoming hackers
after it found the average age of suspects had plummeted to 17.
The NCA's #CyberChoices campaign targets parents
of boys aged 12-15 who may be involved in cyber-crime without their
knowledge.
Everyone knows, cars don't lie!
Hit-And-Run
Suspect Busted After Her Car Calls The Police, Spurs Controversial
Legal Ramifications
… Take the case of Cathy Bernstein, for
example. The 57-year-old woman made an absolutely boneheaded play by
rear-ending another vehicle and then fleeing the scene. Bernstein,
perhaps thinking that she had gotten away with her act of
recklessness, went about her business until she received a call from
police dispatch.
How did police dispatch find out that Bernstein
was even involved in an accident? Well, her Ford
vehicle was equipped with an Emergency Assistance feature that alerts
emergency personnel when it detects that the vehicle has been
involved in a serious accident. In addition to alerting first
responders about a serious accident, an onboard GPS module can
pinpoint the exact time and location of the accident.
… Use of GPS
technology in vehicles is already drawing
criticism from privacy groups, as they feel that innocent
citizens could have their personal information and driving habits
wind up in the hands of law enforcement. In the case involving Cathy
Bernstein, the good guys won, but some feel that automatically
dialing law enforcement represents a violation of fourth amendment
rights.
Surveillance Apps for the masses.
New
software watches for license plates, turning you into Little Brother
We now live in a world where if you have an
IP-enabled security camera, you can download some free, open-source
software from GitHub
and boom—you have a fully functional automated license plate reader
(ALPR, or LPR).
… For the last six months, the two-man team
behind OpenALPR has built this
software and given it away for free, largely as a way to draw
attention to their other paid services:
How would DNA testing be different from a test for
pollen or mud from a crime scene? What basis would there be to seize
clothing if it could not be examined for evidence?
Orin Kerr writes:
This summer, my co-counsel and I filed a cert petition in a pro bono case on behalf of a criminal defendant named Manuel Arzola. The case, Arzola v. Massachusetts, raises this question:
Whether a Fourth Amendment “search” occurs when government agents remove blood from a person’s lawfully-seized clothing and conduct a DNA test that generates a DNA identity profile.
Read more on The
Volokh Conspiracy.
Please forgive me, I feel a rant coming on. The
“easy” solution (ask any politician) is to ban encryption. Let's
ignore the fact that ISIS (and others) are attracting followers via
unencrypted social media. Apparently, we have no counter for “the
gospel according to ISIS.” We don't even try to develop a counter
argument. Instead we blame encryption – even when the evidence
says encryption was not used.
Homeland
chair moves to rein in 'dark' networks
The head of the House Homeland Security Committee
is pushing a new initiative to deal with the proliferation of
encrypted devices that critics say allow terrorists to communicate
without detection.
The effort by Chairman Michael McCaul (R-Texas)
will not force concessions on tech companies, he said Monday.
Instead, it would create “a national commission
on security and technology challenges in the digital age,” which
McCaul promised would be tasked with providing specific
recommendations for dealing with an issue that has become a priority
for law enforcement officials.
… “It is time for Congress to act because
the White House has failed to bring all parties together —
transparently — to find solutions.”
… McCaul initially
claimed that the terrorists behind last month’s deadly
attacks in Paris had the encrypted messaging application Telegram on
their phones.
However, a staffer subsequently told The Hill that
he “was providing a reference point to the types of encrypted
messaging platforms that are available” and is
not aware “of any specific app on the Paris attackers’
phones.”
Still, the staffer noted that intelligence
officials have indicated that they
believe the attackers communicated through encrypted
channels.
(Related) There may be no evidence that this will
help, but “we've got to do something!”
Andrew Griffin reports:
France is proposing that it will ban free public Wi-Fi and anonymised browsing because of the Paris attacks, according to leaked documents.
The French government is considering extending internet powers in a way that has only previously been done in Iran and China, according to the document seen by French newspaper Le Monde.
Read more on The
Independent.
Perspective. Why you need a mobile App for your
customers.
How We Shop
Differently on Our Phones
… The researchers found that the average order
size of low spenders (defined as shoppers whose total spending was
less than the median in the first phase) increased after they adopted
mobile shopping. They also placed more orders per year than they had
using only a computer. Among high-spending mobile shoppers, the size
of the order remained about the same. But, as with the low spenders,
the frequency of their purchases steadily increased the more they
used their mobile devices for shopping.
No comments:
Post a Comment