A recent article posted on slashdot (http://slashdot.org/article.pl?sid=08/02/03/173241) talks about the possibility of software on electronic voting machines being open source. One claimed benefit is that open source will provide transparency and lessen the distrust that the public have for e-voting. But the article concludes that as of now there is no person or group working on it.
Continue reading
Electronic voting?: How about OpenSource?
Posted in Current Events
Comments Off on Electronic voting?: How about OpenSource?
Website Defacing Example
A while ago I wrote a post about having stumbled across a site on the uwnews domain that had been attacked. Yoshi reported the problem after determining it to be genuine and uwnews fixed the problem promptly. At the time, I took a snapshot of what the hacked site looked like and wanted to share it here for the curious.
Posted in Miscellaneous
1 Comment
Bush Order Expands Network Monitoring
The article is about the recent directive that was signed by President Bush to expand the intelligence community’s involvement to monitor against computer attacks on government systems. The reason for this intiative is because the increasing attacks to government sytems, particularly from China. The government agencies could have used tighter security standards, as well as standardizing those policies to make weaknesses more consistent and easier to find. However the monitoring of internet traffic causes privacy issues to arise. Allowing a federal department responsible for both communication and intelligence can cause the agencies to use information from both sides to invade privacy of US citizens. I think that many pro-privacy groups will take this negatively as the privacy rights of individuals may be compromised due to the broad nature of the agencies’ roles.
Posted in Current Events
Comments Off on Bush Order Expands Network Monitoring
Taking Down the Internet
Recently I read an article about how undersea cables were cut, causing internet outages around the middle east. This has revealed how physically fragile the network is. Since so much of the traffic is routed through so few cables, it doesn’t seem particularly difficult for an organized group to attack them. Therefore I thought it would be interesting to do a security on the physical infrastructure of the internet.
Continue reading
Posted in Security Reviews
1 Comment
Security Review: Traffic Lights
As i’m sure everyone already aware of, one way our country (and many others) directs traffic is with these things call traffic lights. We place them at intersections, at about a one to one ratio of oncoming lanes to traffic light boxes. A box has three states, green, yellow, red. Green means you can go, yellow means red is imminent, and red means don’t go. Of course.
Now, how are these lights choosing which state do display? A set of lights at an intersection should display a setting that does not give multiple lanes the right of way to crossing paths. But when do we change states? In the beginning, it was all done off timers. At set intervals the right of way was changed from one lane to another, ect. However, then people realized that depending on the time of day, we might want different settings. And then people were like, hey lets put in sensor’s to figure out if there is car waiting! These things are usually are metal detects, but weight detectors exist also. All these strategies used the idea that each intersections should be independent of all the others. But then humans got the idea that if we could get ‘waves’ of green lights to happen, we could get even more efficiency. This requires intersections to talk to other intersections, as well as the ability to program in this information, and maintain/reset it as needed.
Many intersections also have buttons for pedestrian’s to push if they wish to walk across. This would give another signal to the lights, and the lights would queue up this request, and execute it eventually. Emergency vehicles also have a similar ability (and in some cases public transportation such as buses and light rail), which is called traffic signal preemption. Depending on the implementation, it can use radio waves, infrared, strobe lights, and audio signals from a siren to trigger. This will switch only the emergency vehicle’s path to green, and everyone else to red.
Continue reading
Posted in Miscellaneous, Physical Security, Security Reviews
7 Comments
Electronic Voting in India
Given the upcoming elections, it seems like an appropriate time to cover an electronic voting system that is not our own, a system that has a significantly different view on security, usability and design.
Posted in Current Events, Physical Security
1 Comment
Security Review: Cell Phone GPS
With the increasing popularity of auto-enabled GPS features in cell phones, a group at UC Berkeley is experimenting with using the phones as a means to gather real-time traffic information. The phones will broadcast their locations back to a central server at three-second intervals as students drive along a predetermined route. As speeds are aggregated, it is hoped that a model will emerge allowing for traffic statistics to be gathered in real time.
While such an ability would undoubtedly be of use to a variety of organizations and benefit those stuck in traffic, this usage of GPS data from private cell phones is indicative of a developing change in the type of personally identifiable data available in the public realm. As such, it poses significant privacy concerns as long as steps to mitigate such threats go unimplemented.
Posted in Privacy, Security Reviews
3 Comments
Security Review: Bodyguards
Security Review: Bodyguard
Overview:
Bodyguards are people who protect their clients from various treats such as assaults, assassination, and kidnapping. Depending on the importance of the client who is being protected, some clients might have a team of bodyguards while another might just need only one. The general minimum requirements for bodyguards are trained to use firearms, unarmed combats, tactical driving, and first aid to ensure the safety of the client. In addition, for bodyguards who need to protect more important person or who are working in teams, they tend to have specializations for various skills like crowd control, protective escort, and finding electronic threats.
Posted in Miscellaneous, Physical Security, Security Reviews
Comments Off on Security Review: Bodyguards
Security Review: Blinger?
I’m going to guess that you, like me, have just found out about this device. According to news reports and their website (https://www.blingerstore.com/0/vnc/), BlingNation’s Blinger is a new, portable ATM device. It has a magstripe card reader on the back, and a wireless link to their network. It will let you transfer funds, get your account history and everything else you can do with online banking, all without a laptop/desktop. Continue reading
Posted in Security Reviews
Comments Off on Security Review: Blinger?
Search with a little help from your friends (on social networks)
As most of you know, social networks are rapidly becoming ubiquitous, with hundreds of millions of users between Facebook (62 million), Myspace (>100 million), and Linkedin (>17 million). Naturally, many companies are trying to take advantage of this fact by letting users leverage their social networks, and now we’re starting to see search engines join the mix. Delver is one of these.
Continue reading
Posted in Current Events, Privacy
2 Comments