Burglars target 'out of office' emails
Thieves are using information contained in 'out of office' auto-reply emails and cross-referencing it with publicly available personal information to target empty houses.
Thursday, December 05, 2002
Ethics in Data Mining and Cryptography
In recent years, computer science has become more of an applied science than a pure discipline. It is true that much of the driving force behind proliferation of computing devices is commercial. However, over-commercialization has begun cultivating products that give rise to ethical issues.
In this brief article, I shall mention two such areas which require our immediate attention in both making the public aware and warning the future researchers of the implications.
In recent years, computer science has become more of an applied science than a pure discipline. It is true that much of the driving force behind proliferation of computing devices is commercial. However, over-commercialization has begun cultivating products that give rise to ethical issues.
In this brief article, I shall mention two such areas which require our immediate attention in both making the public aware and warning the future researchers of the implications.
KisMAC, a wireless stumbler for MacOS X
KisMAC is a stumbler application for MacOS X, that puts your card into the monitor mode. For that purpose we are using the viha driver. Unlike other applications we are completely invisible and send no probe requests.
KisMAC is a stumbler application for MacOS X, that puts your card into the monitor mode. For that purpose we are using the viha driver. Unlike other applications we are completely invisible and send no probe requests.
Secure Interaction Design
Criticizing bad user interfaces is easy. Designing good ones is tough. The paper tries to give some new ideas on how to think about secure interaction design and some positive design suggestions, not just criticism. (I'm sure some readers will think the design principles are obvious. That's great; then the question is: why are they so often ignored in software and how can we improve? Others will disagree with the principles. That's great too; let's start talking about it, because this topic desperately needs more thought and attention!)
Criticizing bad user interfaces is easy. Designing good ones is tough. The paper tries to give some new ideas on how to think about secure interaction design and some positive design suggestions, not just criticism. (I'm sure some readers will think the design principles are obvious. That's great; then the question is: why are they so often ignored in software and how can we improve? Others will disagree with the principles. That's great too; let's start talking about it, because this topic desperately needs more thought and attention!)
IDE RAID round-up
AS IDE HARD DRIVE manufacturers squeeze more and more storage capacity onto new drives, they're hacking the warranty coverage for standard drives down to one year. You get more data to use, but manufacturers seem less and less willing to guarantee the integrity and safety of all those extra bytes. RAID can help you take back some of that reliability, but that's not all. A RAID array can also dramatically increase your overall hard disk performance. In some cases, IDE RAID can even offer you the best of both worlds: redundancy to protect against drive failure and better overall storage performance to pry open the bottleneck.
AS IDE HARD DRIVE manufacturers squeeze more and more storage capacity onto new drives, they're hacking the warranty coverage for standard drives down to one year. You get more data to use, but manufacturers seem less and less willing to guarantee the integrity and safety of all those extra bytes. RAID can help you take back some of that reliability, but that's not all. A RAID array can also dramatically increase your overall hard disk performance. In some cases, IDE RAID can even offer you the best of both worlds: redundancy to protect against drive failure and better overall storage performance to pry open the bottleneck.
Wednesday, December 04, 2002
DansGuardian - True Web Content Filtering for All
DansGuardian is a web content filter which currently runs on Linux, FreeBSD, OpenBSD, NetBSD, Mac OS X, and Solaris. It filters the actual content of pages based on many methods including phrase matching, PICS filtering and URL filtering. It does not purely filter based on a banned list of sites like lesser totally commercial filters.
DansGuardian is designed to be completely flexible and allows you to tailor the filtering to your exact needs. It can be as draconian or as unobstructive as you want. The default settings are geared towards what a primay school might want but DansGuardian puts you in control of what you want to block.
DansGuardian is a web content filter which currently runs on Linux, FreeBSD, OpenBSD, NetBSD, Mac OS X, and Solaris. It filters the actual content of pages based on many methods including phrase matching, PICS filtering and URL filtering. It does not purely filter based on a banned list of sites like lesser totally commercial filters.
DansGuardian is designed to be completely flexible and allows you to tailor the filtering to your exact needs. It can be as draconian or as unobstructive as you want. The default settings are geared towards what a primay school might want but DansGuardian puts you in control of what you want to block.
Tuesday, December 03, 2002
Forensicsweb Online Services List
The following list is updated about once a month and posted monthly. This list contains a variety of ISPs and similar information services, specifically, contacts at the legal departments for service of subpoenae, court orders, and search warrants.
The following list is updated about once a month and posted monthly. This list contains a variety of ISPs and similar information services, specifically, contacts at the legal departments for service of subpoenae, court orders, and search warrants.
Reptile
Reptile is a P2P (peer to peer) application designed to locate and filter the best news on the Internet. Reptile provides a distributed and decentralized mechanism to search, cache, subscribe, and publish news and other content. Reptile also provides an infrastructure for increasing information diversification and reducing censorship and bias.
Reptile is decentralized. No single point of failure should deny a user from quality news. To this end, we also to 'bind' across multiple network architectures. Reptile runs over the conventional "web" (HTTP) but also runs over more modern and distributed P2P architectures (JXTA).
Reptile is designed around a hybrid infrastructure which supports the advantages of both client/server and P2P systems. For example, one could run Reptile as a P2P system on a laptop. One could also run Reptile as a client/server application from a home computer and access it over SSL from a web browser from an outside location. Reptile also supports rendezvous nodes (supernodes) which bridge this functionality with the rest of the world. For example a major website can run a search request via a stable Reptile node running on a known host (AKA openprivacy.org).
Reptile is a P2P (peer to peer) application designed to locate and filter the best news on the Internet. Reptile provides a distributed and decentralized mechanism to search, cache, subscribe, and publish news and other content. Reptile also provides an infrastructure for increasing information diversification and reducing censorship and bias.
Reptile is decentralized. No single point of failure should deny a user from quality news. To this end, we also to 'bind' across multiple network architectures. Reptile runs over the conventional "web" (HTTP) but also runs over more modern and distributed P2P architectures (JXTA).
Reptile is designed around a hybrid infrastructure which supports the advantages of both client/server and P2P systems. For example, one could run Reptile as a P2P system on a laptop. One could also run Reptile as a client/server application from a home computer and access it over SSL from a web browser from an outside location. Reptile also supports rendezvous nodes (supernodes) which bridge this functionality with the rest of the world. For example a major website can run a search request via a stable Reptile node running on a known host (AKA openprivacy.org).
the Peekabooty Project
The goal of the Peekabooty Project is to create a product that can bypass the nation-wide censorship of the World Wide Web practiced by many countries.
The free, easy and quick exchange of information possible on the Internet is seen as a threat by governments in countries where a free press and freedom of expression are not considered to the parts of their people's rights. Such a government would have two options. The first would be to completely ban use of the Internet. This is an impractical measure, as it would close off that country to business opportunities and technological innovation. The preferred option is to make use of filtering computers and software - called firewalls in technological parlance - that make only those Web pages approved by the government available to their citizens.
In layperson's terms: firewalls act as intermediaries between users and the rest of the Internet. In countries where the Web is censored, the only way to access the Internet is through the firewalls. A user enters a URL - the address of a Web page - into his or her browser. This URL gets passed to the firewall, which checks to see if it is one of those banned by the government. If the URL is not on the list, the firewall forwards the request for the Web page and the contents of the page are relayed back to the user, who can then read it. If the URL is on the banned list the firewall refuses to forward the request and sends a page back to user2
The goal of the Peekabooty Project is to create a product that can bypass the nation-wide censorship of the World Wide Web practiced by many countries.
The free, easy and quick exchange of information possible on the Internet is seen as a threat by governments in countries where a free press and freedom of expression are not considered to the parts of their people's rights. Such a government would have two options. The first would be to completely ban use of the Internet. This is an impractical measure, as it would close off that country to business opportunities and technological innovation. The preferred option is to make use of filtering computers and software - called firewalls in technological parlance - that make only those Web pages approved by the government available to their citizens.
In layperson's terms: firewalls act as intermediaries between users and the rest of the Internet. In countries where the Web is censored, the only way to access the Internet is through the firewalls. A user enters a URL - the address of a Web page - into his or her browser. This URL gets passed to the firewall, which checks to see if it is one of those banned by the government. If the URL is not on the list, the firewall forwards the request for the Web page and the contents of the page are relayed back to the user, who can then read it. If the URL is on the banned list the firewall refuses to forward the request and sends a page back to user2
InvisibleNET - Invisibility is the best defense.
Invisible IRC Project is a three-tier, peer distributed network designed to be a secure and private transport medium for high speed, low volume, dynamic content.
Invisible IRC Project is a three-tier, peer distributed network designed to be a secure and private transport medium for high speed, low volume, dynamic content.
Hacker Log: Pathway to Successful Site Attack
A few fairly simple practices would have prevented my successful attack on eWeek's OpenHack site. The bottom line is that application security can be attained, but it must be consistently applied and methodically checked to be effective.
A few fairly simple practices would have prevented my successful attack on eWeek's OpenHack site. The bottom line is that application security can be attained, but it must be consistently applied and methodically checked to be effective.
Xinetd - Part 1
Xinetd is a secure, powerful and efficient replacement for the old Internet services daemons named inetd and tcp_wrappers. Xinetd can control denial-of-access attacks by providing access control mechanisms for all services based on the address of the remote client that wants to connect to the server as well as the ability to make services available based on time of access, extensive logging, and the ability to bind services to specific interfaces.
Xinetd is a secure, powerful and efficient replacement for the old Internet services daemons named inetd and tcp_wrappers. Xinetd can control denial-of-access attacks by providing access control mechanisms for all services based on the address of the remote client that wants to connect to the server as well as the ability to make services available based on time of access, extensive logging, and the ability to bind services to specific interfaces.
Schneier: No "magic security dust"
Tech entrepreneur Bruce Schneier is one of America's best-known computer security experts. His testimony before Congress helped defeat legal restrictions on cryptography sought by the FBI and the National Security Agency when an appellate court ruled in 1999 that crypto algorithms were a form of speech covered by the First Amendment.
Tech entrepreneur Bruce Schneier is one of America's best-known computer security experts. His testimony before Congress helped defeat legal restrictions on cryptography sought by the FBI and the National Security Agency when an appellate court ruled in 1999 that crypto algorithms were a form of speech covered by the First Amendment.
Subscribe to:
Posts (Atom)
