There is an awful lot of malware and spyware that likes to claim to be something it is not. Like Anti-Virus, or Facebook Apps, or even a program to reset your Steam Password.
Remember, a rose by any other name is still a hack.
Monday, January 18, 2010
Sunday, January 17, 2010
The attacks on Google and 33 other companies that were announced this week have been named Operation Aurora by McAfee. The attack was extremely sophisticated using dozens of pieces of malware, encryption and zero-day vulnerabilities to compromise their victims networks.
This is going on all the time. Most civilians probably don’t realize that there is a cyber war going on all time around them.
Sunday, January 17, 2010
Sometimes it is better late than never. Hopefully this is one of those cases. There have been reports all over the internet about China hacking Google and Google’s response by turning off their censoring services.
One of the things that I am taking away from this is the ability for a company/organization to be on equal footing with a country. The power has been shifting for decades from government to corporation. If a corporation is large enough to force a government to bend to its will then it is pretty obvious who is in control.
In this case China isn’t bending but the story isn’t over yet so it will be interesting to see how it ends.
Friday, January 15, 2010
I have been in a team meeting/training all week and have had no time to read let alone write on all of things going on in the big bad world of security this week. I figured I would start off with some data breach news.
Now, data breaches are going to happen. As long as there is information that criminals want to get then they will find a way to get it. But in this case it is really just people being stupid. Apparently there were groups of users sharing user names and passwords to access their portfolio site. Common sense security.
Tuesday, January 12, 2010
If you have worked in security or just read articles on security for any length of time you will realize that all you are trying to do is provide risk avoidance. To this this you have to be good at assessing risk and then working to minimize it. I am constantly bombarded by sites discussing how we as humans are awful at risk assessment. Maybe this is what makes a good security professional, the ability to see through the false positives and find the real threat.
Friday, January 8, 2010
Bruce Schneier posted today about the cracking of a FIPS certified encrypted USB key. The attack from the original article:
“During a successful authorisation procedure the program will, irrespective of the password, always send the same character string to the drive after performing various crypto operations — and this is the case for all USB Flash drives of this type.”
Bruce calls out that “FIPS 104-2 Level 2 certification only means that certain good algorithms are used, and that there is some level of tamper resistance and tamper evidence.”
Does it really matter that these USB keys have been cracked? The reason I ask is that everyone cares so much about the Cloud and having their data secured in the Cloud that it seems like securing removable media is taking a back seat. If the person who has the encrypted USB key also copies their files to the Cloud will they care that the USB is crackable or will they focus on how to protect that data in the Cloud.
