The State of Airline Security From the Pilot’s Perspective

Almost six years after 9/11, it is inexcusable that — in an environment where TSA misses more than 90% of weapons, RON [aircraft left unattended and unlocked at night] aircraft are not secured, and ground employees are not screened — fewer than 2% of our airliners have a team of armed pilots aboard, fewer than 5% have air marshals, and the flight attendants have no mandatory tactical or behavioral assessment training. $24 billion dollars later, we are not materially safer, except in the areas of intelligence that prevent an attack from getting to an airport. Once at the airport, there is little reason to believe the attack won’t succeed.
Well said. Be sure to read the full thing which has a stinging review of the TSA's failed efforts to make airlines more secure. Keep in mind that this guy is the president of the Airline Pilots Security Alliance and he knows what he's talking about. JTAG ERROR: No schneier_ht index defined Tags: ,

Supermarkets Treat You Like A Criminal – Fingerprints for Food

Some supermarkets now have fingerprint readers in lieu of credit card payments. You have to supply your fingerprint and attach your credit card to it, but then you can pay just by touching your finger to the reader. There are many problems with this: 1) In theory, they’re promising only to take the “data points” not the fingerprint, but if they use the same data points as other companies, then the data points are the same as your fingerprint. If every company uses different data points, as data from each breach is combined, it create a better and better picture of your actual fingerprint. 2) Unlike a credit card that can be re-issued or changed, fingerprints can’t. 3) You don’t leave impressions of your credit card everywhere you touch like you do with your finger. Fingerprints can be used for tracking and accountability that you shouldn’t have to be responsible for unless you’re a criminal. 4) There was nothing wrong with the system that was there before. Swiping a credit card is actually easier and faster than putting your finger on a reader and entering a PIN. 5) The more people that use the system, the more problems they will have with false matches (where your finger and someone elses are too close to distinguish. Granted that the PIN solves this problem to a degree, but these companies will have to add more and more data points to the algorithm to make the system work. The more data points they use, the closer to storing your actual fingerprint. This is bad, bad news. I wonder when the first “fingerprint data breach” will happen. Tags:

29,000 Sex Offenders on Myspace Get the Boot

For those who were wondering, there were almost 30,000 sex offenders on MySpace who were computer literate enough to use the service, but dumb enough to use their real names. How many are still there using fake names I wonder. Tags: , , , ,

Use Virtual Credit Cards to Control How Companies Use and Store Your Credit Card

A virtual credit card is a short term working credit card that has restrictions such as payout amounts, time of use, or merchants who are allowed to debit it. Using these, if the company you're buying from data-brokerings you for your card number, it won't matter because the number they have is worthless after the set period of time or number of transactions etc. JTAG ERROR: No lifehacker_ht index defined Tags:

Harry Potter Leaker May Be Found Due to Hidden Data in His Images

Here's a warning to you all: companies hide tracking information in your media and if you don't know about it and do something about it, you may get some pretty nasty results. Now, in this case, it's a good thing because there's no justification for leaking Harry Potter BEFORE it's public release. That just hurts the writer and others involved. But if this wasn't immoral activity but protected free speech, be warned that you could get nailed in very subtle and sophisticated ways if you don't pay attention to product tracking. For example: tracking dots in printers. Tags: ,

Sender Controlled E-mail – Self Destructing or Single Read E-mail

Ever send an e-mail and then have second thoughts? What about wanting to make sure that the e-mail you send doesn’t get shared beyond your original recipient. Using the same technique that spammers do to bypass filters and verify e-mail accounts, BitString uses images for the content of messages. Since the reader has to load the image (which is stored on the BitString server) to view the message, if the sender wants to take it back, all they have to do is ask BitString to delete the image. As long as the image is destroyed before the reciever opens the e-mail, they can be assured that it’s never been read. Also, since BitString can track how many accesses are made for the image and what IP is requesting it, you can lock it to one individual either by specifying that after the first read of the image, it will be deleted. That will prevent forwarding of the message to your recipients friends. That’s pretty cool.

Verichip – The Human Tracking RFID People – A Summary

Verichip is the first major company to try to make a market out of implanting people with a hard to remove tracking device. They tout it as a "security" device in that it can be used for proximity detection in sensitive areas and can be used to link to medical information in an emergency where the patient can't speak for themselves (for a yearly fee of course). Considering that the chips actaully weaken security, are hard to remove, and basically destroy all privacy you might have had, I find it hard to understand why people would consider this. Anyway, there's a good summary of the Verichip company here. Tags:

SAIC Security Goof Threatens 580,000 Military Personnel

A common story. With a common worthless response:
SAIC spokespeople said that several employees were placed on leave after the incident was disclosed, and that it contracted data security company Kroll Inc. to provide free identity theft protection for all affected individuals for one year.
Aww. How nice. Now it looks like they're doing something. Tags:

Opt Out of Comcast Arbitration While You Can

While I usually throw out anything Comcast sends with the bill, this time I noticed an arbitration notice that says that you only have a little bit of time to opt out before you become bound to an arbitration agreement. What does that mean? It means that you're giving up your right to sue them for incompetence (which is a pretty big deal considering how incompetent they can be). If you continue to use comcast service without opting out, you will automatically be bound by the new arbitration agreement. Fortunately, you can opt out very quickly by going to their website: https://www.comcast.com/arbitrationoptout/default.ashx
Note that you must type your account number EXACTLY as shown on you bill (spaces and dashes included) or it will error with barely any indication of what went wrong (no error message).
This kind of agreement is completely one sided and circumvents the courts and our rights. Fortunately, Public Citizen is working on a bill to remove mandatory binding arbitration for good.

Update: 7/24/07

Here's an article from the Consumerist about how arbitrators can be influenced by credit card companies to rule against consumers.

Update: 7/26/07

And another showing that the top ten Arbitrators rule against the consumer 98.4% of the time. I wonder how they became the top ten? Hmm…

Update: 8/08/07

And the word is spreading. Public Citizen's blog says it seems to be a very fair provision. I still don't like having it rammed down my throat.
Tags: , ,

RIAA Loses Again – Everyone Cheers

There’s too many points to summarize without copying the content directly, but here’s a small post with a lot of links to information about a girl who moved to dismiss a RIAA lawsuit and seems to have won. Tags:

Loading...

If you want to learn more about my professional background, click here to learn more.

Check out one of my guides/tutorials:

internet safety Tutorial
|INDEX|next: Online Addiction

General Safety

Avoid fake and nasty websites with my search engine trick.
Watch out for online addiction. Getting lost in fun online activities can be just as addiction as any drug.
So you want to write, publish, or share information online? Be careful. Things you say may be lost or forgotten, but things put on the Internet never are.
Don't fall for the well-known (or the new scams either) bad guys use to trick you into give away data or money.

Account Protection

Want to make an account with some online service? Read this first!
The newest, biggest risk online? Account hijacking! Don't become a victim by allowing your account to be taken over and learn to recognize when someone else has been.
Be sure transmission security is active before entering a name, password, credit card number, or other important information online.

... or check out any of my other guides and tutorials by clicking here!

How to Avoid Bogus Websites

There are bogus websites out there hoping you'll hit them by accident or using phishing to trick you into coming to them. Learn my simple trick to avoid these sites!

[Click for full description]

Online Addiction

Concerned about online addiction? You should be. Learn the types, the signs, and the preventions.

[Click for full description]

The Consequences of Posting Online

It's fun to post online. What you think, what you feel. But words typed and posted on the Internet can come back to bite you more than anything you could say with your mouth.

[Click for full description]

Tricks and Scams

Just because you won't willing give up data doesn't mean that I can't trick you out of it. Don't fall for these well known tricks!

[Click for full description]

Account Creation Tips

When you create an account with an online site, you should know a few things first.

[Click for full description]

Account Hijacking

One of the newest threats we face is the risk of someone getting control of your online account and using it against you and the people you know. Do everything you can to prevent that from happening!

[Click for full description]

Using HTTPS For Secure Login and Payment Online

Making online accounts is useful and fun, but doesn't mean much if someone can capture your login information and use it against you. Make sure to use this simple trick to prevent that from happening.

[Click for full description]