When I teach, I explain how most of the breaches and problems you hear in the world aren't about clever hackers or sophisticated attackers, but instead about weak security. This has just become my new go-to example.
Basically after you logged into your account as a Citi customer, the URL contained a code identifying your account. All you had to do was change around the .... [Click here to read the rest of this post]Tags: Account Security, Banks, Continual Stupidity, Negligence, Utter Failure
I've always thought that prisoners should be made to work to support themselves and others. Maybe the Chinese have hit on something with this:
"Prison bosses made more money forcing inmates to play games than they do forcing people to do manual labour," Liu told the Guardian. "There were 300 prisoners forced to play games. We worked 12-hour .... [Click here to read the rest of this post]Tags: Prisons
A Yahoo article says that because women's cloths sizing is hard, they're going to nude scan them to figure out what they can wear. Seriously!?
Tags: 4th Amendment, For Families, For Parents, Nudie Scanners, Police Search, Utter Failure
Ms. Shaw, the entrepreneur, is chief executive of a company called MyBestFit that addresses the problem. It is setting up kiosks in malls to offer a free 20-second full-body scan — .... [Click here to read the rest of this post]
As anyone who reads much of my site knows, I'm not a fan of how RFID is being implemented. However, I'm not against the technology itself as it has many practical uses. For example, some hotels have begun putting washable RFID in the towels and bathrobes to keep people from stealing them.
Since the RFID towels have no privacy invading purpose at all and serve .... [Click here to read the rest of this post]Tags: Hotels, RFID, Theft
Sony has been going crazy trying to keep clever users from unlocking the PS3 to run homebrew (like the Wii hack which I love!).
First of all, companies are trying everything they can, but in the end it won't amount to much. Consider that all it takes is one person anywhere in the world to figure out the encryption codes (not the real name, but .... [Click here to read the rest of this post]Tags: Homebrew, PS3, Sony
awesome terrible. Apparently a UK immigration officer added his wife to the no-fly list when she was out of country effectively stranding her.
Based on the lack of details and the fact that she could have just taken a ferry not an airplane, this story doesn't really seem that likely, but it's making the rounds and the most important issue here is that .... [Click here to read the rest of this post]Tags: Accountability, No-Fly List, TSA
I'm fairly ambivalent about the whole Wikileaks issue. I've long been a supporter of whistleblowing in general as companies and the governement should be held accountable for abuses and wrong-doing and often it's only fully public scandals that allow that to happen (though sometimes not even then).
Anyway, as to whether Wikileaks has done anything wrong, one must first ask if there was anything posted .... [Click here to read the rest of this post]Tags: Bank of America, Banks, Easter eggs, Money, Wikileaks
If you read this site much, you probably know I have a "guilty till proven innocent" attitude when it comes to new technology, particularly wireless technology. That's why it's no surprise to me (and hopefully no surprise to you), that they've discovered they can break into and steal cars that use wireless entry and ignition.
The researchers tested a few scenarios. An attacker could watch .... [Click here to read the rest of this post]Tags: Cellphone, Japan, Keyless Entry, Keyless Ignition, Oops, Physical Security
You know a good way to spot a terrorist? Look for someone who looks and acts like one (like they do in Israel)!
I know this ridiculous concept of banning profiling came out of the dark days of racism where people were profiles on things that didn't matter like the color of your skin. But that doesn't mean that profiling is wrong.
People profile all .... [Click here to read the rest of this post]Tags: Airports, Israel, Nudie Scanners, Physical Security, TSA
So last night I get a phone call saying they're my bank and asking to verify information. As you should always do under such circumstances, I refused and asked for a number where I could call her back. When she provided it, I looked it up online, but found nothing. So I called the bank at a known number and they were able to confirm .... [Click here to read the rest of this post]Tags: Credit Card Fraud, Credit Cards, Easter eggs, Money