Clearly the goal isn't security. Perhaps it isn't even the appearance of security. But clearly it allows tracking (inventorying) of the second class... Note: If this technology allows “reading” of the card without the traveler even taking it from his pocket (and it does) will the Boarder Guards feel any need to actually look at the document?
http://www.bespacific.com/mt/archives/016990.html
December 31, 2007
CDT: Passport Card Rule Will Weaken Border Security and Privacy
"Today, the Department of State released a final rule for the new "Passport Card," which is intended to be used by American citizens who frequently travel by land or sea to Canada, Mexico, the Caribbean, and Bermuda. The new rule calls for the use of "vicinity read" RFID technology without the use of encryption. This means the card will be able to be read remotely, at a long distance. CDT strongly objected to the use of this technology--developed for tracking inventory, not people--because it is inherently insecure and poses threats to personal privacy, including identity theft, location tracking by government and commercial entities outside the border control context, and other forms of mission creep."
Tools and techniques:
http://digg.com/security/Eavesdropping_on_Bluetooth_headsets_with_Linux
Eavesdropping on Bluetooth headsets with Linux
hackszine.com — Few users realize that Bluetooth headsets can be exploited granting a remote attacker the ability to record and inject audio through the headset while the device is not in an active call. SANS Institute author and senior instructor Joshua Wright demonstrates.
http://www.hackszine.com/blog/archive/2007/12/eavesdropping_on_bluetooth_hea.html
You don't have to understand a technology to misuse it.
http://it.slashdot.org/article.pl?sid=07/12/31/2041205&from=rss
The Rising Barcode Security Threat
Posted by ScuttleMonkey on Monday December 31, @06:23PM from the what's-in-a-number dept. Security Software
eldavojohn writes "As more and more businesses become dependent on barcodes, people are pointing out common problems involving the security of one- or two-dimensional barcode software. You might scoff at this as a highly unlikely hacking platform but from the article, 'FX tested the access system of an automatically operated DVD hire shop near his home. This actually demanded a biometric check as well, but he simply refused it. There remained a membership card with barcode, membership number and PIN. After studying the significance of the bar sequences and the linear digit combinations underneath, FX managed to obtain DVDs that other clients had already paid for, but had not yet taken away. Automated attacks on systems were also possible, he claimed. But you had to remember not to use your own membership number.' The article also points out that boarding passes work on this basis — with something like GNU Barcode software and a template of printed out tickets, one might be able to take some nice vacations."
Craftsman Rootkits require Craftsman Class Action lawyers!
Researcher says Sears downloads spyware
Sears and Kmart customers who sign up for the My SHC marketing program could, in essence, be stuck with spyware without notification, a Harvard professor says
By Robert McMillan, IDG News Service December 31, 2007
Sears and Kmart customers who sign up for a new marketing program may be giving up more private information than they'd bargained for, a prominent anti-spyware researcher claims.
According to Harvard Business School Assistant Professor Ben Edelman, Sears Holdings' My SHC Community program falls short of U.S. Federal Trade Commission (FTC) standards [..and that's hard to do! Bob] by failing to notify users exactly what happens when they download the company's marketing software.
And given the invasive nature of the product, Sears has an obligation to make its behavior clearer to users. "The software is not something you'd want on your computer or the computer of anyone you care about," Edelman said in an interview. "It tracks every site you go to, every search you make, every product you buy, and every product you look at but don't buy. It's just spooky."
Edelman has written up an analysis of Sears's software, set to be made public on Tuesday.
Always something useful
http://www.bespacific.com/mt/archives/016986.html
December 31, 2007
New on LLRX.com
Mis-Information at the Heart of the University: Why Administrators Should Take Libraries More Seriously, by Stuart Basefsky
Carpe Diem: Establish an Institutional Repository for Your Organization, by Carol A. Watson
What's New in Cordless Mice? by Jeffrey J. Beard
FOIA Facts: FOIA - The Year in Review, by Scott A. Hodes
E-Discovery Update: A Contrarian Retrospective On E-Discovery In 2007, by Conrad Jacoby
Who Said, “Go West, Young Man” - Quote Detective Debunks Myths, by Fred R. Shapiro
Burney's Legal Tech Reviews: Legal Gadget Wish-List for the New Year, by Brett Burney
CongressLine: The Committee Markup, Paul Jenks
Analysis of the Energy Bill, the EPA's Refusal to Grant Waivers and State Laws With Respect to Climate Change, by Beth Wellington
Your tax dollars at work... No doubt the TV industry will be paid 'per coupon issued' rather than for the coupons used.
http://hosted.ap.org/dynamic/stories/D/DIGITAL_TV?SITE=VALYD&SECTION=HOME&TEMPLATE=DEFAULT
Feds Share Coupons to Help TV Transition
By JOHN DUNBAR Associated Press Writer Dec 31, 6:18 PM EST
WASHINGTON (AP) -- Millions of $40 government coupons become available Tuesday to help low-tech television owners buy special converter boxes for older TVs that might not work after the switch to digital broadcasting.
Beginning Feb. 18, 2009, anyone who does not own a digital set and still gets their programming via over-the-air antennas will no longer receive a picture.
No comments:
Post a Comment