Tag Archives | Security

Vice’s NSA Spam Generator

Wishing the government would pay you some extra attention? Vice’s Motherboard has a handy device for generating tweets, messages, and status updates packed to the brim with NSA-alert-raising keywords, overwhelming surveillance with false positives. They’ve dubbed this terrorism spam generator Hello, NSA:

The government is listening to your internets. Generate a sentence with some of the keywords they’re looking for. Tweet or share and you could earn a new follower in Washington.

NSA spam generator

 

Read the rest

Continue Reading

Here’s Your Chance To Apply For NSA Whistle-Blower Edward Snowden’s Old Job

Want to be a cog in the military-industrial surveillance apparatus? Via Buzzfeed, defense contractor Booz Allen Hamilton is apparently taking resumes to replace certain individuals who didn’t perform as desired:

Edward Snowden, the man who leaked top secret information about government surveillance, is currently in hiding in Hong Kong after revealing himself. His old employer has a listing posted for a job similar to the one Snowden held.

Defense contractor Booz Allen Hamilton, Snowden’s former employer, has a job opening for an information security engineer in Honolulu, Hawaii. A Booz Allen spokesman would not confirm that the job posting was to fill Snowden’s job. The job requirements include “top secret clearance.”

booz allen hamilton

Read the rest

Continue Reading

Motorola Aiming To Replace Smartphone Passwords With Electronic Tattoos

biostampsIf you’re concerned about the mark of the beast, this has to be worrying. Via the Telegraph:

Initially designed for medical purposes, Motorola hopes the ‘Biostamps’ could now be used for consumer authentication purposes.

The technology, which aims to remove the need to enter passwords and replace them simply with a phone being close to a user’s body, was one of the suggestions by Dennis Woodside, Motorola’s chief executive, at California’s D11 conference yesterday.

Nokia has previously experimented with integrating tattoos into mobile phones, and Motorola’s senior vice president of advance research, Regina Dugan, a former head of the US Pentagon’s Defence Advanced Research Projects Agency, demonstrated the silicon-based technology that uses bendable electronic circuits.

The tattoos have been developed by Massachusetts-based engineering firm MC10, and contain flexible electronic circuits that are attached to the wearer’s skin using a rubber stamp.

Read the rest

Continue Reading

875,000 People Are On America’s Terrorist Suspect List

terrorist suspect list

They’re all around us — the number of people being tracked as suspected terrorists will soon cross the one million mark, Reuters reports:

The number of names on a highly classified U.S. central database used to track suspected terrorists has jumped to 875,000 from 540,000 only five years ago, a U.S. official said. Among those was Boston Marathon bomber Tamerlan Tsarnaev, whose name was added in 2011.

Maintained by the National Counterterrorism Center, the highly classified database is not a “watchlist,” but a repository of information on people whom U.S. authorities see as known, suspected or potential terrorists from around the world.

The “Terrorist Identities Datamart Environment” is a master database which agencies use to build other catalogs of possible terrorists, like the “no-fly” list which prevents people on it from boarding airplanes.

Karen Greenberg, an expert in counter-terrorism policy at Fordham University, questioned whether the growth in the database’s size made it easier for officials to spot threats before they materialize.

Read the rest

Continue Reading

A Guide To Protecting Your Privacy Online With Browser Extensions

browser extensionsLifehacker has a rundown of recommendations for simple browser add-ons (such as Disconnect, Do Not Track Me, and the adorably-mascotted Ghostery) for keeping your online browsing and communications safe from tracking:

Anti-tracking and anti-cookie extensions have exploded recently. Disconnect (Firefox/Chrome/IE/Safari) is our pick because it continues to add useful features and improve its database, and its secure Wi-Fi and bandwidth optimization features aren’t available in other tools. It blocks third party tracking cookies and gives you control over all site scripts and elements from a simple-to-use toolbar menu. It also protects you from tracking by social networks like Facebook, Google, and Twitter, which use your browsing even off-site to collect data about you.

HTTPS Everywhere (Firefox/Chrome) is a must-have regardless of what other security tools you opt to use. Once installed, the extension will shunt your connection to SSL whenever possible, and will try to find secure versions of the sites you visit.

Read the rest

Continue Reading

Researchers Successfully Use Subjects’ Brain Waves As Personal Identifiers

brain wavesIn coming years, allowing a machine to momentarily observe your mental activity may be the key to open your email account or front door. Via Dark Reading:

It sounds like something straight out of science fiction: brainwaves taking the place of passwords in the name of authentication. A new study by researchers from the U.C. Berkeley School of Information examined the brainwave signals of individuals performing specific actions to see whether they can be consistently matched to the right individual.

Participants were asked to imagine performing a repetitive motion from a sport of their choice, singing a song, watching a series of on-screen images and silently counting the objects, or choose their own thought and focus on it for 10 seconds.

To measure the subjects’ brainwaves, the team used the NeuroSky Mindset, a Bluetooth headset that records Electroencephalographic (EEG) activity. In the end, the team was able to match the brainwave signals with 99 percent accuracy.

Read the rest

Continue Reading

Hacker Demonstrates Android Smartphone App To Hijack A Plane Midair

hijack a planeOn your next flight, you may want to look over your shoulder at what the person next to you is doing. Help Net Security reports:

An extremely well attended talk by Hugo Teso, a security consultant at n.runs AG in Germany, galvanized the crowd attending the Hack In The Box Conference in Amsterdam. Teso showcased an Andorid app, PlaneSploit, that remotely controls airplanes on the move.

Teso has been working in IT for the last eleven years and has been a trained commercial pilot for a year longer than that. By creating an exploit framework (SIMON) and an Android app (PlaneSploit) that delivers attack messages to the airplanes’ Flight Management Systems (computer unit + control display unit), he demonstrated the terrifying ability to take complete control of aircraft.

His testing laboratory consists of a series of software and hardware products. But the connection and communication methods, as well as ways of exploitation, are absolutely the same as they would be in an actual real-world scenario.

Read the rest

Continue Reading

Brazilian Doctor Arrested For Using Silicone Fingers To Fool Fingerprint-Based Biometric Check-In

Our key-less and password-less future will hinge on being identified via our fingerprints, irises, and vocal tones. The problem is, someone else may have a copy of your finger. Via the BBC:

A Brazilian doctor faces charges of fraud after being caught on camera using silicone fingers to sign in for work for absent colleagues, police say.

Thaune Nunes Ferreira, 29, was arrested on Sunday for using prosthetic fingers to fool the biometric employee attendance device used at the hospital where she works near Sao Paulo. She is accused of covering up the absence of six colleagues. Her lawyer says she was forced into the fraud as she faced losing her job.

Police said she had six silicone fingers with her at the time of her arrest, three of which have already been identified as bearing the fingerprints of co-workers.

Read the rest

Continue Reading

The Dangers Of The Growing Malware-Industrial Complex

Via the MIT Technology Review, Tom Simonite writes:

A freshly discovered weakness in a popular piece of software, known in the trade as a “zero-day” vulnerability, can be cashed in for prices in the hundreds of thousands of dollars from defense contractors, security agencies and governments. This trade in zero-day exploits is poorly documented, but it is perhaps the most visible part of a new industry that in the years to come is likely to swallow growing portions of the U.S. national defense budget.

It became clear that this type of assault would define a new era in warfare in 2010, when security researchers discovered a piece of malicious software known as Stuxnet. Now [known] to have been a project of U.S. and Israeli intelligence, Stuxnet was carefully designed to infect multiple systems needed to access and control industrial equipment used in Iran’s nuclear program.

No U.S. government agency has gone on the record as saying that it buys zero-days.

Read the rest

Continue Reading