This makes yet another year I didn’t make it to DEFCON, the longest-running hacker conference now in its 15th year. Which is unfortunate, because I really would have loved to have been at the opening speech at the Black Hat Briefings, held just prior to the main event this weekend, and at which the National Security Agency got up and asked the hacker community for help.
Windows
DHS computer security still sucks
Posted: June 28, 2007 5:06 pm
Government auditors told a Congressional committee last week that computer security at the Department of Homeland Security still needs improvement, even after years of work to remedy the problems.
If spyware is outlawed, only outlaws will have spyware
Posted: April 19, 2007 8:36 pm
A bill to outlaw certain forms of spyware is making its way through the House of Representatives. But if you think it will actually prevent spyware from getting on your computer, you have a lot to learn about government.
Daylight Saving Time begins this weekend
Posted: March 8, 2007 5:32 pm
This year, Daylight Saving Time begins in the United States this weekend. You’re probably ready, now that you know about it, but your computer probably isn’t.
NSA provided security help for Windows, Mac OS X
Posted: January 9, 2007 5:11 pm
Updated: January 10, 2007 11:53 am
The National Security Agency has provided assistance to Microsoft and Apple in securing their Windows and Mac OS X operating systems, according to a report published Tuesday.
The cover-up of Homeland Security’s virus infection
Posted: November 7, 2006 4:24 pm
Last August a Windows virus infected over 1,300 computers which Customs and Border Protection uses to screen foreign travelers visiting the U.S. The bureau almost immediately tried to cover up the incident.
In “The Virus That Ate DHS,” Wired reporter and former hacker Kevin Poulsen illustrates that the Department of Homeland Security’s grasp on computer security is tenuous at best.
Hacking Democracy on HBO
Posted: October 19, 2006 3:25 pm
Premium access channel HBO will release a documentary film entitled Hacking Democracy on November 2, five days before elections are held across the United States. The 80 minute documentary follows Seattle writer Bev Harris on a frightening investigation into the security of America’s electronic voting systems.
Chinese hackers target Commerce networks
Posted: October 10, 2006 8:10 pm
Chinese hackers have targeted computers at the U.S. Department of Commerce’s Bureau of Industry and Security, prompting an almost unprecedented move to restrict Internet access across the bureau, officials said.
Government employees gamble, view porn online at work
Posted: October 9, 2006 6:38 pm
Computer users at the U.S. Department of the Interior rack up an estimated 104,221 hours of lost productivity in a year surfing online auction and gaming sites, and even more time spent on gambling and pornography web sites, according to an inspector general’s audit released last week.
Circumventor: Getting paid to fight censorship
Posted: September 6, 2006 1:57 am
We all know that countries like China, Singapore, North Korea, as well as organizations such as the U.S. military, the State of Kentucky, and various corporations, local school districts and public libraries censor their Internet users’ web surfing. Bennett Haselton of Peacefire has a solution he calls the Circumventor.
And to bring in more Circumventor users, Peacefire is paying $10 per IP address to anyone who installs the anti-censorship software and leaves it running for at least a week.
Free software, the hacker community, and libertarianism?
Posted: July 21, 2006 5:53 pm
Updated: July 30, 2006 6:05 pm
Richard Stallman launched the GNU Project in 1984 to create an operating system and utilities and make it possible for people to use computers in freedom, that is, free from the power and control proprietary software vendors exert over their users.
Stallman spoke Friday at the Hackers On Planet Earth conference in New York City on free software and the hacker community, explaining how free software arose from hacking and how computer users benefit from hackers hacking free software. He also surprised many in the audience with a number of distinctly libertarian statements.
26,000 USDA employees warned of personal data theft
Posted: June 22, 2006 11:29 am
Updated: June 22, 2006 11:53 am
The U.S. Department of Agriculture said Wednesday that a hacker broke into one of its databases during the first week of June and may have accessed personal records for up to 26,000 Washington, D.C.-based USDA employees, former employees and contractors, about one fourth of the department’s work force.
HDTV and HD-DVD encryption not intended for security
Posted: April 22, 2006 12:37 am
The Digital Millennium Copyright Act, passed in 1998 at the behest of the music and movie industries, has done little to benefit anyone except a select group of companies who have used its provisions to establish, maintain and expand a virtual stranglehold on the entertainment industry. The cartel which has arisen after this act does not benefit consumers at all; rather, it gouges them for as much money as they can possibly suck out, corrupts modern technology, and sets back the state of the art.
The remainder of this message is encrypted using an algorithm which provides virtually no security, but which (if I were so inclined) would open you up to lawsuits if you decrypted it without my permission.
Windows less secure than Linux: The FSM proof
Posted: April 17, 2006 6:09 pm
The Flying Spaghetti Monster has proved, once and for all, that Windows is less secure than Linux.
Advanced online privacy protection
Posted: April 17, 2006 3:51 pm
Updated: April 17, 2006 5:06 pm
The U.S. government seems to have a dizzying array of programs, both already running and in the pipeline, to gather vast amounts of data on virtually everyone, store that data for who knows how long, and do who knows what with it. One thing they’re doing is data mining, looking for “suspicious” patterns in the data trying to find potential threats. Not only does data mining not work, there’s a chance it could identify you, even if you aren’t doing anything wrong.
Other countries are already putting in place even more Orwellian surveillance on their own citizens. And some countries, as we all know, arrest, torture and kill dissidents or anyone they just don’t like.
Fortunately, there are things you can do to protect yourself from all of these threats.
Customs system left open to virus threat
Posted: April 15, 2006 9:02 am
Last August, Customs and Border Protection computers responsible for processing international travelers entering the U.S. failed for several hours due to a Windows computer virus, resulting in long delays in processing visitors. Now it comes out that the Department of Homeland Security could have prevented it, but decided to let it happen.
Muslim extremists deface U.S. websites
Posted: February 13, 2006 1:02 pm
After a newspaper in Denmark published cartoons which Muslim extremists found offensive, they began rioting in the streets, destroying property and even killing people. They’ve also been defacing Danish websites, and now they’ve moved on to defacing U.S. websites. And the frightening part is that website administrators, and large U.S. companies, are not paying nearly enough attention to computer security.
National Consumer Protection Week
Posted: February 3, 2006 9:02 pm
Generally I try to ignore President George W. Bush when he makes proclamations. But when he came out today and urged everyone to “use and regularly update their anti-virus software and firewall,” I felt I had to say something.
The role of assurance in security
Posted: December 13, 2005 4:05 pm
Updated: December 14, 2005 10:46 pm
When someone from the National Security Agency talks, I listen. The NSA is one of the government’s most secretive agencies. It has to be, as it deals in SIGINT — signals intelligence. Specifically it has the dual mission of intercepting the communications of other countries while devising methods of protecting U.S. government communications from interception. And recently, someone from the NSA not only talked, but talked a lot.
What’s the government doing on the Internet?
Posted: November 23, 2005 8:15 pm
Updated: January 8, 2006 11:46 pm
Some 300 million people live in the United States of America, and the federal government is spying on an unknown number of them, who have done absolutely nothing wrong, prowling through their most sensitive personal data, and keeping it on file forever. Today I’m going to turn the situation on its head, and show you just how easy it is to gather information on the government, and some amazing bits of stupidity that came out of this experiment.
I pulled the server logs for this site from October 1 to yesterday, November 22, and analyzed them to find anyone from a U.S. government agency who visited the site. Even I was startled by what I found. Let’s take a look at what government bureaucrats were doing when they crossed paths with homeland stupidity, or in a few cases, exhibited it.
Sony BMG sued in California and Texas over CD spyware
Posted: November 21, 2005 9:08 pm
Two separate lawsuits filed in California and Texas on Monday allege that Sony BMG distributed spyware on 52 music CD titles, which compromised the security of buyers’ computer systems when the CDs were inserted into Windows PCs, and transmitted data on the computer users’ listening habits back to the company.
Is your computer endangering homeland security?
Posted: November 17, 2005 5:03 pm
Though you may be entirely unaware of it, there could be software on your computer which endangers your security — and that of the whole country. What software is out there? How safe are you online? And how do you protect your computer and yourself from the latest security threats?
FBI to control what software you can run?
Posted: September 30, 2005 10:35 am
Updated: September 30, 2005 11:17 am
In an obscure policy decision published last Friday, the FCC decided that the FBI would have veto power over what software Americans can run on their computers.
Mad as Hell, Switching to Mac
Posted: September 13, 2005 8:21 am
Updated: November 4, 2009 8:16 pm
Security expert Winn Schwartau finally got completely sick of Windows. “Things used to work,” he said, referring to the pre-Windows days of the 1960s through the 1980s. “And this is exactly why I am coming to subscribe to the view that indeed, the WinTel hegemony is a threat to the national economic security of any organization or nation-state that relies [on] it.”
So he switched his entire company to Macintosh.
DRM is not your friend: Online music stores restrict, not enable
Posted: September 1, 2005 4:04 pm
If you really want your music “any way you want it,” you’re best off buying a CD.
Trusted computing? Not with Microsoft
Posted: August 31, 2005 8:43 pm
A while back I wrote about trusted computing and how Microsoft’s implementation, the Next Generation Secure Computing Base, was set to impose onerous restrictions on computer owners, such as preventing them from playing legally purchased media with a player not approved by Microsoft. The post got some scathing criticism from some trusted computing practitioners who missed the point. Trusted computing is not the problem; Microsoft is.
Customs Service computers shut down
Posted: August 19, 2005 10:06 am
Updated: August 20, 2005 5:18 pm
A U.S. Customs computer system used for processing passengers arriving on international flights shut down for several hours Thursday, resulting in lengthy delays for arriving travelers.
Bad Behavior 1.2 Release Candidate 3
Posted: August 11, 2005 12:30 am
Updated: August 20, 2005 9:00 pm
Bad Behavior 1.2 Release Candidate 3 has been posted. Bad Behavior stops link spam at the front door by denying spammers the ability to access your PHP-based web site at all.
Windows Vista under control of Hollywood
Posted: August 10, 2005 10:31 pm
The DRM (digital rights management) technology to be included in Microsoft’s Windows Vista is set to give Hollywood movie studios unprecedented level of control over consumers’ PCs, according to a Microsoft white paper.
Home users don’t pay enough attention to disaster recovery
Posted: August 8, 2005 1:15 am
Consumers rarely have a disaster recovery strategy for their computer systems, and the few who do find it a frustrating experience, according to Larry Seltzer.
The Flock has landed: Round Two launches new social networking tool
Posted: August 5, 2005 3:56 am
Updated: August 5, 2005 3:46 pm
Round Two, sponsor of well-known Firefox extensions such as the Tabbrowser Extension, FlashGot, TinyURL Creator, and several others, has released Flock, a unified social networking tool, for Mac OS X, Linux and Windows.
Windows Vista Beta 1 review and screenshots part 1
Posted: August 2, 2005 2:08 am
Updated: August 5, 2005 4:58 am
Microsoft has announced that their next version of Windows, codenamed Longhorn, will be named Windows Vista. I now have screenshots and an initial review.
Don’t trust trusted computing: Microsoft’s Next Generation Secure Computing Base
Posted: July 28, 2005 9:39 pm
Updated: July 28, 2005 11:40 pm
Microsoft has begun implementation of its Next-Generation Secure Computing Base with the introduction of Secure Startup and Full-Volume Encryption in Windows Vista, though other components of the plan are too late to be included.
Microsoft presses Windows Genuine Advantage, locks out pirates
Posted: July 26, 2005 7:03 pm
Updated: August 7, 2005 12:22 am
Microsoft’s Windows Genuine Advantage program, aimed at preventing pirate copies of Windows from receiving updates and other downloads, took effect Monday.
Windows Vista a wasteland
Posted: July 23, 2005 2:07 pm
Updated: July 23, 2005 10:11 pm
Microsoft recently announced the name of its next version of Windows, to be called Windows Vista. Previously codenamed Longhorn, it has been a huge disappointment to reviewers who obtained advance copies.
Homeland Security can’t even keep its own computer running
Posted: July 15, 2005 12:08 am
It seems the Department of Homeland Stupidity can’t even keep its own web site up.
Which is more secure, Windows or Linux?
Posted: July 13, 2005 8:55 pm
The debate rages over whether Windows and proprietary applications or Linux and open source applications are more secure, but is it the right question to ask?
Government computer security still sucks
Posted: July 10, 2005 1:46 am
For most of us who know anything about computers or the Internet, it’s been no secret that security on government computer systems has never been much good. Now finally the rest of the world is finding this out as well.
Fox News reports that the President’s Information Technology Advisory Committee released a report (PDF) on government [...]
Windows XP users: why haven’t you installed Service Pack 2?
Posted: July 9, 2005 10:39 am
Updated: July 9, 2005 11:06 am
Microsoft reports that only one in three Windows XP installations has been upgraded to Service Pack 2.
Information security best practices
Posted: July 9, 2005 1:31 am
Updated: July 9, 2005 11:08 am
Security is not a program, it’s a process.
Longhorn disappointing
Posted: July 6, 2005 6:53 am
Updated: July 9, 2005 11:24 am
The next version of Microsoft Windows, codenamed Longhorn, is long on flashy graphics and short on real improvements, according to a review by PCWorld.
The most recent build of Longhorn–Microsoft’s next Windows–has some impressive visual touches, including the kinds of translucent objects found now in Apple’s OS X, and more powerful ways of finding files. But [...]
Diebold Opti-Scan election hack demonstrated
Posted: June 30, 2005 12:49 pm
Updated: July 2, 2005 11:11 pm
Some months back I let you know that tampering with Diebold election equipment may have altered the outcome of the 2004 election.
Now comes an actual demonstration of the hack against the Diebold Opti-Scan system, via Bruce Schneier.
As it turns out, the hack can be carried out by one person, and the results tampered with in [...]
Partitioning to dual boot Linux and Windows walkthrough
Posted: June 18, 2005 1:13 pm
Updated: July 9, 2005 11:30 am
How to install Linux without getting rid of Windows? A walkthrough with screenshots on preparing your computer to dual-boot Windows XP and Linux.
Copyright this week
Posted: June 3, 2005 5:30 am
Updated: June 3, 2005 6:01 am
First, security expert Bruce Schneier asks why the Department of Homeland Stupidity is enforcing copyright? Shouldn’t they be tracking down terrorists instead of teenagers, or have they run out of terrorists? Or maybe it’s because people who download movies off the Internet are terrorists?
Second, Sony is rolling out new copy-protected music CDs. The discs will [...]
Windows trojan holds your files for ransom
Posted: May 30, 2005 7:29 pm
Stop what you’re doing right now, and go ensure that you have a working backup and recovery process in place for your important files. Make sure that both backing up the files and restoring the files work! It’s useless to take backups if you can’t restore them. Now, if you’re a Windows user, go and [...]
Windows XP almost ready for the masses
Posted: May 27, 2005 11:17 pm
Updated: May 28, 2005 12:21 am
Robin “Roblimo” Miller has posted an excellent review of the Windows XP Home Edition operating system over at NewsForge. A long time Linux user, Miller concludes:
Given Microsoft’s current development rate, it’s entirely possible that within a few years Windows may be almost as good a choice for most users as Linux, . . . and [...]
A year without Windows
Posted: May 21, 2005 4:27 am
Adams-Blake Co. has been running its business completely free of Windows for an entire year. Company president Alan Canton tells the full story.
Our business is not that different from most others. We have products (books), services (consulting), and employees. If we can go Windowless, others can as well.
While the year wasn’t without its technical challenges, [...]
The state of Microsoft today
Posted: May 12, 2005 12:45 pm
The BBC has done an excellent two-part series on Microsoft. Part one gives an overview on Microsoft’s competition, including Linux and Apple, and includes the revelation that Bill Gates has downloaded and used Firefox, while part two shows how Microsoft plans to beat back its growing competition and maintain its dominant place in the market. [...]
BitTorrent IO Error
Posted: April 13, 2005 3:30 am
Updated: December 16, 2005 1:59 pm
People are actually visiting here looking for technical help with BitTorrent. Here’s a nice list of common BitTorrent IO Error messages and the solutions that actually work.
Security options limited for pirate copies of Windows
Posted: February 19, 2005 2:02 pm
Updated: January 14, 2006 4:56 am
It seems about 65% of my readers still use Windows for whatever reason (work, or games). Microsoft has decided that if your copy of Windows is pirated, you will not have access to Windows Update, and the only way you will get security updates for the computer is via Automatic Updates.
Is your pension safe from Microsoft?
Posted: November 26, 2004 5:10 pm
Updated: June 26, 2005 9:40 pm
When will businesses, organizations and governments learn that running anything on Windows is asking for trouble? The UK’s Department of Work and Pensions suffered a nearly complete failure of 80% of its computer systems on Monday, and only today have managed to get most everything back to normal and begin clearing the backlog of 60,000 [...]
Securing your Windows computer
Posted: November 20, 2004 8:01 pm
Updated: June 26, 2005 9:34 pm
I make no secret about my love for Linux, and I make no bones about it either. I understand many of you still run Windows and you have good reasons (and sometimes really bad ones) for doing so. But if you must run Windows and connect it to the Internet, please take some steps to secure it, not only for your own sake, but for the rest of us.
2004 Election Hacked?
Posted: November 7, 2004 5:40 pm
Updated: July 2, 2005 10:50 pm
Diebold delivering the election to Bush? Say it isn’t so! Evidence is mounting that it is, indeed, so.
