Posts tagged: security
Tim Maly on self-defense in the security state:
This may well be the defining motto of our times. No one is to be trusted; it’s a dangerous world out there and if you can’t be bothered to take basic steps…
Well, everyone gets what’s coming sooner or later.
The watchword is self-reliance. They’re coming to take what’s yours, so you’d better be ready. Federate your email, buy a generator, make sure you’ve got good locks, and for God’s sake, carry a handgun. There are monsters in the streets and some idiot is arming them.
But how to defend against the errors of the masses unwilling to take care of themselves? Every message in my outbox is in some fool’s inbox; plain as day, as if I’d sent it straight to PRISM myself. NSA-proof? Not without a massive shift of collective action undertaken by a society of people who’ve spent the past decade or so dumping as many photos, feelings, and fantasies online as time and bandwidth would allow. Why not? I certainly did. It’s nice to have friends.
USA Today reports:
“After the scandal with the spread of secret documents by WikiLeaks, the revelations of Edward Snowden, reports of listening to Dmitry Medvedev during his visit to the G20 summit in London, the practice of creating paper documents will increase,” an unidentified FSO source tells Izvestia.
One key reason for using typewriters is that each creates its own unique “signature” that can be traced, the newspaper says.
Cryptogasm has found thousands of unsecured, publicly accessible webcams via Google. Lots of them are doggie day cares, some are pointed at public spaces, some are at work places and quite a few are of private residences. He’s aggregated them all, excepts ones that are pointed at children’s rooms, on a giant page.
You can also filter them by location. Here’s Oregon.
This reminds me of a thread from the William Gibson forum a few years ago, where someone discovered a publicly accessible remotely controllable webcam pointed at someone’s office. The forum poster tried, unsuccessfully, to communicate with the guy.
Spencer Ackerman writes:
Some people are into spelunking through the urban ruins and crevasses of unfamiliar cities. The National Counterterrorism Center has a term for these sorts of people: terrorist dupes.
“Urban Explorers (UE) — hobbyists who seek illicit access to transportation and industrial facilities in urban areas — frequently post photographs, video footage, and diagrams on line [sic] that could be used by terrorists to remotely identify and surveil potential targets,” warns the nation’s premiere all-source center for counterterrorism analysis. […]
Urban exploration is not typically the reconnaissance mission of al-Qaida. While it’s not crazy to think that terrorists might be interested in studying an urban landscape, the vanishingly few cases of domestic terrorism in the post-9/11 era typically involved shooting up places like Fort Hood or leaving a would-be car bomb in Times Square, rather than recon from the top of a bridge or the depths of a subway tunnel. Such tips aren’t even a part of the DIY terrorism advice column in al-Qaida’s English-language webzine.
From Ars Technica:
WikiLeaks remains under a near financial blockade, its founder under effective house arrest after having been granted asylum in the Ecuadorian Embassy in London. The group has yet to release anything as substantial as last year’s “Detainee Policies”—Balkanleaks remains one of the few “leaking sites” still going strong. Its recent insurance-key move comes precisely out of the WikiLeaks playbook.
More than two years ago, a flurry of new WikiLeaks clones sprung up around the world inspired by the world’s most famous transparency-driven organization. They had all kinds of names: QuebecLeaks, BaltiLeaks, EnviroLeaks, and more. PirateLeaks (based in the Czech Republic), BrusselsLeaks (Belgium) and RuLeaks (Russia) all did not respond to Ars’ requests for comments. […]
So how does Balkanleaks thrive where others haven’t?
Tchobanov, the site’s co-founder, boils it down to one word: Tor. It’s the open-source online anonymizing tool that’s become the de facto gold standard for hiding one’s tracks online. Balkanleaks provides instructions in Bulgarian, Serbian, Macedonian, and English, and the submission website is only available on its Tor-enabled server.
Full Story: Ars Technica Whither whistleblowing: Where have all the leaking sites gone?
The article goes on to detail the state of some other projects, including OpenLeaks and GlobalLeaks.
Deeply weird piece by Mark Ames and Alexander Zaitchik on the murder of CIA operative/godfather of the goldbug movement Nicholas Deak, which uncovers some possible connections between the homeless woman who killed him, Lois Lang, and the CIA’s MK-ULTRA program:
Police responding to the motel room took Lang to nearby Santa Clara Valley Medical Center. For the next month, she was put under the care of Dr. Frederick Melges, a psychiatrist associated with the Stanford Research Institute. One of Dr. Melges’ main areas of research: drug-aided hypnosis. A few years after Lang was put in Melges’ care, the New York Times exposed the Stanford Research Institute as a center for CIA research into “brain-washing” and “mind-control” experiments in which unwitting subjects were dosed with hallucinogenic drugs and subjected to hypnosis. Melges, who died in 1988, is today remembered in the field for his research on the relationship between perceptions of time and mental illness.
Full Story: Salon: James Bond and the killer bag lady
It goes deeper than that, with Ames and Zaitchik speculating that it may have been Argentine gangersters with knowledge of MK-ULTRA who ordered the hit:
If Lang was tapped to whack Nicholas Deak, she was part of a long tradition. In mobster literature, insane assassins are regular characters. “Nuts were used from time to time by certain people for certain matters,” explains Jimmy Hoffa’s former right-hand man, Frank “The Irishman” Sheeran, in his memoir, “I Heard You Paint Houses.” Chuck Giancana, brother of Chicago mob boss Sam Giancana, writes that he once heard his brother say that “picking a nutcase who was also a sharpshooter” to carry out an assassination was “as old as the Sicilian hills.”
I found this bit interesting as well, though it’s more of a side note:
Meanwhile, the sunny side of Deak’s business thrived. Its retail foreign currency operation, now reconstituted under new ownership and known to the world as Thomas Cooke, became a staple at airports, its multi-packs of francs and marks symbols of every American family’s European vacation. Deak’s retail precious metals business dominated the market after the legalization of gold sales. After a series of sales and reconstitutions, it is today known as Goldline, a major sponsor of Glenn Beck and subject of a recent fraud settlement.
(via Abe Burmeister)
If you’ve not heard, John McAfee, founder of McAfee Antivirus, is on the lamb in Belize, wanted for murder. Joshua Davis has been covering McAfee’s time Belize has published a short ebook about the fiasco:
McAfee picks a bullet off the floor and fixes me with a wide-eyed, manic intensity, his light blue eyes sparkling. “This is a bullet, right?” he says in the congenial Southern accent that has stuck with him since his boyhood in Virginia.
“Let’s put the gun down,” I tell him. I’d come here to investigate why the government of Belize was accusing him of assembling a private army and entering the drug trade. It seemed implausible that a wildly successful tech entrepreneur would disappear into the Central American jungle and become a narco-trafficker. Now I’m not so sure.
But he explains that the accusations are a fabrication. “Maybe what happened didn’t actually happen,” he says, staring hard at me. “Can I do a demonstration?”
He loads the bullet into the gleaming silver revolver and spins the cylinder.
“This scares you, right?” he says. Then he puts the gun to his head.
My heart rate kicks up; it takes me a second to respond. “Yeah, I’m scared,” I admit.
“We don’t have to do this.”
“I know we don’t,” he says, the muzzle pressed against his temple. And then he pulls the trigger.
Yeah, I know this is really old by internet time, but I’ve been really busy with work and I’m still catching up:
A team of security researchers from Oxford, UC Berkeley, and the University of Geneva say that they were able to deduce digits of PIN numbers, birth months, areas of residence and other personal information by presenting 30 headset-wearing subjects with images of ATM machines, debit cards, maps, people, and random numbers in a series of experiments. The paper, titled “On the Feasibility of Side-Channel Attacks with Brain Computer Interfaces,” represents the first major attempt to uncover potential security risks in the use of the headsets. […]
Emotiv and NeuroSky both have “app stores,” where users of the devices can download third-party applications. The applications use a common API for access to the EEG device. […]
“We simulated a scenario where someone writes a malicious app, the user downloads it and trusts the app, and actively supports all the calibration steps of the device to make the software work,” said Frank. In these seemingly innocuous calibration steps, which are standard for most games and other applications using the headsets, there could be the potential to harvest personal information.
The paper is available on Scribd.
I wonder if this could be used to determine passwords that users don’t consciously remember?
I’ve said before: steganograph your brain before it’s too late!
The Office of Naval research wants to fund more research on intuition:
esearch in human pattern recognition and decision-making suggest that there is a “sixth sense” through which humans can detect and act on unique patterns without consciously and intentionally analyzing them. Evidence is accumulating that this capability, known as intuition or intuitive decision making, enables the rapid detection of patterns in ambiguous, uncertain and time restricted information contexts, that it informs the decision making process and, most importantly, that it may not require domain expertise to be effective. These properties make intuition a strong candidate for further exploration as the basis for developing a new set of decision support training technologies. The proposed topic will lead to new insights into intuitive decision making, and develop new approaches for enhancing this process.
(via Adam Flynn)
Justin Boland offers a post-mortem for Fifth Generation Warfare and a brief history of lone wolf/spree killings.
"Fifth Generation Warfare" is not catchy. Consumers need something relatable, something visual and visceral. That’s why “5GW” has devolved from the critical theory of the warrior class into the crude shock and awe of "Lone Wolf" domestic terrorism. The dumbing down process is irreversible and immune to reason, so this isn’t written as a defense of the concept so much as a post-mortem for the field. […]
So with “Cyberwar” getting a bored response from the body politic, we’ve got some product testing underway in 2012 and the “Lone Wolf” angle is a promising pitch. […]
Be sure to read the whole thing, and the first comment from “Eric.”