Posts tagged “security

A very brief history of US government Internet surveillance programsJun 7, 2013

A quick tour through decades of US government surveillance programs, from COINTELPRO's mail-opening in the 50s through Carnivore, ECHELON, Room 641A, DCSNet, and now PRISM. The names change, the methods evolve, but the core activity stays the same. PRISM shouldn't surprise anyone paying attention.

Hacked again :-(Dec 11, 2006

Got hacked again, but caught it faster this time and found the entry point. Hopefully that's the end of it.

HackedDec 2, 2006

My hosting account was hacked Friday: phishing sites, bulk emailers, the works. My host caught it after 11 hours and shut me down. I've been cleaning up since, but the hole may still be open. Upgrades and migrations are coming. I feel awful about being an unwilling accomplice to criminals.

Two related thoughts, part 1: DVDs and airline securitySep 7, 2006

The DVD industry's CSS encryption failed because they had to give users the tools to decrypt it. Airline security has the same flaw: publishing the rules tells attackers exactly what to work around. Security theater with a known ruleset is just a temporary inconvenience for a determined adversary.

All I want for ChristmasNov 26, 2005

I have an Amazon wish list if you want to buy me something. Also, I finally secured my WiFi after a neighbor started hogging our bandwidth. Sorry to any innocent freeloaders, but they left me no choice.

One of the most convincing spams I've seen in agesJul 6, 2005

Got a frighteningly convincing PayPal phishing email today. The tone, look, and serial numbers were spot-on. Only caught it because the recipient address was a spam honeypot, which prompted me to inspect the link more carefully. Stay vigilant.

Chav DetectionMay 11, 2005

Bluewater's hoodie ban is a lazy, blunt instrument that will catch chemo patients and cold-eared tourists alongside actual troublemakers. Give security staff the discretion to make real judgements. Zero-tolerance policies are an abdication of responsibility, not a solution.

Meta-spamApr 12, 2005

Received a brilliantly clever piece of spam today: the message is hidden entirely in the whitespace between random characters. The text itself is harmless gibberish. Good luck filtering that one.

Comment fucking spamJan 26, 2005

Fed up with comment spammers taking down my server. Disabling all MT comments until further notice and likely ditching MovableType entirely.

Random links I've made today: Get your very own George W. Bush Aviator Action Figure! Complete...Aug 14, 2003

A grab-bag of links: Bush action figure, scary nuclear-isomer weapons, the Chewbacca defense, a serial killer vs. programmer quiz, and the Blaster worm, which hit me personally. At least the worm's source code had a funny message for Bill Gates.

I'm in Edinburgh, staying at Evil Dan's, and as with every home machine I've come across recently,...Aug 3, 2003

Visiting Evil Dan in Edinburgh and his PC is drowning in adware and spyware. Use Spybot Search and Destroy to clean that crap up.

"When it comes to our security, we really don't need anybody's permission." In other news, the UN...Mar 7, 2003

The US declared it doesn't need permission to act on security. The UN and NATO disbanded, citing irrelevance. Also, read the Borowitz Report. He's a self-satisfied dickhead, but worth it.

It's time for another round of Microsoft-bashing -- you know how much fun that is. It's been a bad...Nov 2, 2001

Bad week for Microsoft: XP is 11% slower than Win2K at best, and .NET Passport has already been cracked, leaking credit card numbers via malicious Hotmail emails. Avoid .NET and Microsoft products where possible.

This is my first blog post-WTC. I'll be posting a bunch about WTC and related items after a while,...Sep 20, 2001

Post-9/11, the Nimda virus feels trivial by comparison. Still, it's notable as the first virus you can catch just by viewing a webpage, exploiting an IE 5.5 security hole. Here's a demo and the CERT advisory if you want details.

Okay, so I'm scared. The first arrest under the DMCA has been made. This was always a very scary...Jul 20, 2001

The first DMCA arrest just happened: a guy exposed a flaw in Adobe's security and got arrested for it. Improve your security, don't criminalize people who point out weaknesses. If Microsoft follows Adobe's lead, I'm in serious trouble.

Well, after two weeks of unemployment (I'm on vacation, and need money to avoid going into the red)...Mar 30, 2001

Got a data entry job after two weeks broke on vacation. MSIE is a security disaster, Netscape is garbage, Mozilla shows promise but crawls. The MSIE patch doesn't even fix it, meaning HTML emails can execute arbitrary code. I miss when email viruses were just hoaxes.