Monthly Archives: March 2009

Current Event: iTunes Gift Voucher Hacked?

Many online news agencies are reporting that a Chinese group of hackers have broken Apple’s iTunes Gift Voucher code generator. The original story seems to come from Outdustry, a Chinese music industry website, and tells of $200 gift certificates being … Continue reading

Posted in Current Events | Comments Off on Current Event: iTunes Gift Voucher Hacked?

Security Review: Apartment Complex Rent Drop-boxes

Most people renting an apartment use a common drop-box to pay the rent. Most often this is located in an easily accessible common are like the mailboxes or near the manager’s office. The setup to be discussed here is a … Continue reading

Posted in Physical Security, Privacy, Security Reviews | 1 Comment

Security Review: Google Voice

Apologies for reviewing the same technology. The other Google Voice review just appeared for me, which was after I wrote my own. I did check prior to starting this review, and it wasn’t up then. Summary: ComputerWorld had an article … Continue reading

Posted in Current Events, Privacy, Security Reviews | Comments Off on Security Review: Google Voice

Security Review: My Apartment

The apartment complex I live in is comprised of a garage and multiple residential floors. The access points into the building are through the elevator, garage, and a street access door. All three use RFID keycards to restrict the access … Continue reading

Posted in Physical Security, Security Reviews | Comments Off on Security Review: My Apartment

Researchers develop security flaw scanner for use during Development

http://www.sciencedaily.com/releases/2009/02/090224133010.htm Summary Researchers have proposed and started testing a new system for helping to identify potential bugs and security flaws during the development cycle of software development.  It works to help the development team identify and prioritize potential targets and … Continue reading

Posted in Miscellaneous, Security Reviews | Comments Off on Researchers develop security flaw scanner for use during Development

Security Review: Technology’s vulnerability to sniffing keystrokes from electromagnetic emissions.

This vulnerability is one of the most profound in computing.  Every computer has a connection from the keyboard to the CPU, and when signals are sent this connection acts as an antenna, transmitting a characteristic wave for each keystroke.  Each … Continue reading

Posted in Security Reviews | Comments Off on Security Review: Technology’s vulnerability to sniffing keystrokes from electromagnetic emissions.

Current Event: ITunes vulnerability leak user credentials

The recently released ITunes 8.1 closed two major security gaps from the previous version. According to Apple, until the latest release, maliciously crafted podcasts could cause ITunes to ask user for credentials but send the username and password to a … Continue reading

Posted in Current Events, Privacy | Tagged , , , | Comments Off on Current Event: ITunes vulnerability leak user credentials

Security Review: Final Examinations

Final exams are just around the corner (or in some cases may already have been taken if they’re in-class ones)!  I figured I’d write a security review about the system of final exams. Assets and Goals: Pre-knowledge of questions After … Continue reading

Posted in Security Reviews | Comments Off on Security Review: Final Examinations

Security Review: UW Parking Enforcement

The parking at the University of Washington has always been a deadly game of cat and mouse between driver and parking enforcement. There are limited parking resources on campus, and parking enforcement wants to make sure that they are maximizing … Continue reading

Posted in Ethics, Integrity, Miscellaneous, Security Reviews | Comments Off on Security Review: UW Parking Enforcement

Current Event: Kremlin loyalist admits to launching DDoS attack on Estonia

According to an article from Rueters (http://www.reuters.com/article/technologyNews/idUSTRE52B4D820090313?pageNumber=1&virtualBrandChannel=0), Konstantin Goloskokov, a member of a Russian youth movement recently claimed responsibility to organizing a group of fellow supporters and executing a Distributed Denial of Service (DDoS) attack on Estonian internet sites, causing … Continue reading

Posted in Current Events | 1 Comment