Ramblings & ephemera
From Aaron Margosis’ “Why you shouldn’t run as admin…” (17 June 2004):
But if you’re running as admin [on Windows], an exploit can:
install kernel-mode rootkits and/or keyloggers (which can be close to impossible to detect)
install and start services
install ActiveX controls, including IE and shell add-ins (common with spyware and adware)
access data belonging to other users
cause code [...]
Posted on September 26th, 2008 by Scott Granneman
Filed under: Uncategorized | No Comments »
From Claudia Roth Pierpont’s “The Florentine” (The New Yorker: 15 September 2008): 92:
… the rules by which conspirators must proceed: confide in absolutely no one except when absolutely necessary, try to leave no one alive who might be able to take revenge, and, above all, never put anything in writing.
Related posts
How Venice protected [...]
Posted on September 19th, 2008 by Scott Granneman
Filed under: Language & Literature, art, business, history, security | No Comments »
According to this announcement, a Linux client for Dropbox should be coming out in a week or so:
http://forums.getdropbox.com/topic.php?id=2371&replies=1
I’ve been using Dropbox for several months, and it’s really, really great.
What is it? Watch this video:
http://www.getdropbox.com/screencast
It’s backup and auto-syncing done REALLY well. Best of all, you can sync between more than one computer, even if one is [...]
Posted on September 1st, 2008 by Scott Granneman
Filed under: Tech Help, Technology, business | No Comments »
From “Report: China’s botnet problems grows” (SecurityFocus: 21 April 2008):
Computers infected by Trojan horse programs and bot software are the greatest threat to China’s portion of the Internet, with compromises growing more than 20-fold in the past year, the nation’s Computer Emergency Response Team (CN-CERT) stated in its 2007 annual report released last week.
The response [...]
Posted on April 21st, 2008 by Scott Granneman
Filed under: law, security | No Comments »
From Charles Glass’ “The New Piracy: Charles Glass on the High Seas” (London Review of Books: 18 December 2003):
Ninety-five per cent of the world’s cargo travels by sea. Without the merchant marine, the free market would collapse and take Wall Street’s dream of a global economy with it. Yet no one, apart from ship owners, their [...]
Posted on April 20th, 2008 by Scott Granneman
Filed under: business, history, law, security | No Comments »
From Victor Bogado da Silva Lins’ letter in Bruce Schneier’s Crypto-Gram (15 May 2004):
You mentioned in your last crypto-gram newsletter about a cover that makes a license plate impossible to read from certain angles. Brazilian people have thought in another low-tech solution for the same “problem”, they simply tie some ribbons to the plate or [...]
Posted on April 20th, 2008 by Scott Granneman
Filed under: Webster U: InfoSec Management, security | No Comments »
From Bruce Schneier’s “Crypto-Gram” (15 August 2005):
At DefCon earlier this month, a group was able to set up an unamplified 802.11 network at a distance of 124.9 miles.
http://www.enterpriseitplanet.com/networking/news/…
http://pasadena.net/shootout05/
Even more important, the world record for communicating with a passive RFID device was set at 69 feet. Remember that the next time someone tells you that it’s [...]
Posted on April 15th, 2008 by Scott Granneman
Filed under: Technology, Webster U: InfoSec Management, security | No Comments »
From Foreign Policy’s interview with Richard A. Clarke, “Seven Questions: Richard Clarke on the Next Cyber Pearl Harbor” (April 2008):
I think the Chinese government has been behind many, many attacksâ€â€penetrations. “Attacks†sounds like they’re destroying something. They’re penetrations; they’re unauthorized penetrations. And what they are trying to do is espionage. They’re engaged in massive espionage, [...]
Posted on April 13th, 2008 by Scott Granneman
Filed under: business, security | No Comments »
From Bruce Schneier’s “The Strange Story of Dual_EC_DRBG” (Crypto-Gram: 15 November 2007):
This year, the U.S. government released a new official standard for random number generators, which will likely be followed by software and hardware developers around the world. Called NIST Special Publication 800-90, the 130-page document contains four different approved techniques, called DRBGs, or “Deterministic [...]
Posted on April 12th, 2008 by Scott Granneman
Filed under: security | No Comments »
From Atul Gawande’s “Final Cut: Medical arrogance and the decline of the autopsy” (The New Yorker: 19 March 2001):
… in the nineteenth century … [some doctors] waited until burial and then robbed the graves, either personally or through accomplices, an activity that continued into the twentieth century. To deter such autopsies, some families would post [...]
Posted on April 12th, 2008 by Scott Granneman
Filed under: Commonplace Book, history, science, security | No Comments »
From Lisa Vaas’ “Are Campuses Flooded with Zombified Student PCs?” (eWeek: 22 October 2007):
Rather, bot herders have sophisticated technology in place that can detect how fast a bot’s connection is. If that connection changes over time - if, say, a student is poking around at her parent’s house with dial-up all summer and then comes [...]
Posted on March 31st, 2008 by Scott Granneman
Filed under: Webster U: InfoSec Management, education, security | No Comments »
From John D. Barrow and John K. Webb’s "Inconstant Constants: Do the inner workings of nature change with time?" (Scientific American: 23 May 2005):
One ratio of particular interest combines the velocity of light, c, the electric charge on a single electron, e, Planck’s constant, h, and the so-called vacuum permittivity, 0. [...]
Posted on March 25th, 2008 by Scott Granneman
Filed under: Technology, Webster U: InfoSec Management, security | No Comments »
I use Amazon’s S3 (Simple Storage Service) to back up files, and I also use OmniGraffle, a diagramming program, on my Mac. This is a letter I sent to OmniGraffle recently that explains a problem with the interaction of OmniGraffle and S3.
Start letter:
OmniGraffle (OG) is a great app, but it has a serious, showstopping incompatability with [...]
Posted on July 26th, 2007 by Scott Granneman
Filed under: Tech Help, Technology, security | No Comments »
From Bruce Schneier’s “How to Crash the Oscars” (7 March 2006):
If you want to crash the glitziest party of all, the Oscars, here’s a tip from a professional: Show up at the theater, dressed as a chef carrying a live lobster, looking really concerned. …
“The most important technique is confidence,” he [...]
Posted on July 26th, 2007 by Scott Granneman
Filed under: Webster U: InfoSec Management, Writing Ideas, security | No Comments »
From Avi Rubin’s “Voting: Low-Tech Is the Answer” (Business Week: 30 October 2006):
Unfortunately, there are three problems with electronic voting that have nothing to do with whether or not the system works as intended. They are transparency, recovery, and audit. …
Electronic voting is not transparent - it is not even translucent. There is no way [...]
Posted on December 11th, 2006 by Scott Granneman
Filed under: Technology, Wash U: Tech in Changing Society, Webster U: InfoSec Management, law, politics, security | Comments Off
From Scott M. Fulton, III’s “Allchin Suggests Vista Won’t Need Antivirus” (BetaNews: 9 November 2006):
During a telephone conference with reporters yesterday, outgoing Microsoft co-president Jim Allchin, while touting the new security features of Windows Vista, which was released to manufacturing yesterday, told a reporter that the system’s new lockdown features are so capable and thorough [...]
Posted on December 11th, 2006 by Scott Granneman
Filed under: Technology, Webster U: InfoSec Management, security | Comments Off
From Bruce Schneier’s “Hacking Computers Over USB” (Crypto-Gram: 15 June 2005):
From CSO Magazine:
“Plug an iPod or USB stick into a PC running Windows and the device can literally take over the machine and search for confidential documents, copy them back to the iPod or USB’s internal storage, and hide them as “deleted” files. Alternatively, the [...]
Posted on December 10th, 2006 by Scott Granneman
Filed under: Technology, Wash U: Tech in Changing Society, Webster U: InfoSec Management, business, security | Comments Off
From Ryan Naraine’s “‘Pump-and-Dump’ Spam Surge Linked to Russian Bot Herders” (eWeek: 16 November 2006):
The recent surge in e-mail spam hawking penny stocks and penis enlargement pills is the handiwork of Russian hackers running a botnet powered by tens of thousands of hijacked computers.
Internet security researchers and law enforcement authorities have traced the operation to [...]
Posted on December 10th, 2006 by Scott Granneman
Filed under: Technology, Wash U: Tech in Changing Society, Webster U: InfoSec Management, business, security | Comments Off
From Christian Seifert’s “Analyzing malicious SSH login attempts” (SecurityFocus: 11 September 2006):
First, we analyzed the login names that were used on the login attempts. During the sample period, there were 2741 unique account names ranging from common first names, system account names, and common accounts to short alphabetical strings captured by the system logger. Of [...]
Posted on November 5th, 2006 by Scott Granneman
Filed under: Technology, Webster U: InfoSec Management, security | Comments Off
On Saturday 17 April 2004, I received the following email from someone I didn’t know:
> Hello,
>
> I am not sure who you are but our security detected a Netsky virus in an
> email that you sent. Whether a personal message or a spam, please make
> attention to the fact that you are spreading viruses and [...]
Posted on November 3rd, 2006 by Scott Granneman
Filed under: Technology, Wash U: Tech in Changing Society, Webster U: InfoSec Management, security | Comments Off