Hack The Planet

The CIA has recently invested in Visible Technologies which is a company that specializes in monitoring social networks. These include online forums, Flickr, YouTube, Twitter and Amazon.

Privacy has gone by the way side in hopes that your internet friends will know that you “are going clubbing.” They aren’t the only ones that can see this though. It is easy to find out when people will be home and where they are going. A wily thief could use this information to relieve you of any of your valuables you have left at home.

Your friends are not the only people watching you or your actions. Your future employers, in-laws or law enforcement can all find out more about you than you think from your internet profile. Be careful what you put out on the internet because it is who you are to the world.

In recent weeks Brian Krebs of The Washington Post has been covering a lot of bank account heists that have been done using the Zeus Trojan that steals credentials of authorized users. In a more recent article he goes on to say that you should use a Linux LiveUSB when doing your online banking. It great to see a major newspaper run this story. If you are going to bank online and you use Windows you may as well accept that your credentials are in the wild. Download Ubuntu, and then never go back to Windows. Your life will be much easier (and you bank account more safe).

Recently there was a server outage at Microsoft subsidiary Danger which has ended in a lot of user’s losing their personal data. This is what happens when you don’t do your own backups and leave all of your data in the cloud (internet). There is a discussion about this on Slashdot but what it really comes down to is responsibility. Your data is your responsibility. If you give it to someone else then it is your fault when they fail to keep it safe or even to keep it at all.

I couldn’t have said it better myself so I won’t. Richard Bejtlich wrote “If a file is only readable once it has been decrypted in front of a user, that is where the intruder will attack once his other options have been exhausted. This means that the only way to completely “protect data” is to make it unusable.” The job of your Information Security team is to make it more expensive to get your data than what your data is worth.

So MSE was released and has received a decent amount of press. It was reviewed and found to be about the same as other free services which I think we all expected. I didn’t really see the need to comment until I saw this post and thought it highly relevant….and funny.