Parallel Paths, Security and DevOps →
Well crafted screed, via RSA Security blogger Tony Bradley, detailing the necessity of coexistence...
Apologies to the good ship Peter Iredale...
Dread Pirate Roberts, Leaking Data...
Today's MustRead - via the inimitable Brian Krebs at Krebs on Security - targets the nefarious Dread Pirate Roberts. Allegedly the Master of the Silk Road, and the ramifications to the configuration of the sites' conceptually flawed CAPTCHA configuration (utilizing data from the open interweb, rather than the apparently less-than-dark web). Enjoy!
Le Affront du Journée: Target Claims No Liability
via the Office of Inadequate Security, comes news [reported by Tom Webb of the Pioneer Press in Minneapolis, MN] of Target Corporation's [NYSE: TGT] attempt to transfer risk to it's clientele [and others, with potentially deeper pockets]; mon dieu! après le fait, as it were...
New National-eID-card [PHOTO: amediaagency]
MasterCard Assists Nigeria, New National IDs Mandated →
Perhaps a good idea for the Nigerians. Nevertheless, it is doubtful the Nigerian spammers will be hampered by the newly implemented national ID system... The interesting news, of course was announced via a press release, is the assistance bestowed on the Federal Republic of Nigeria by MasterCard Incorporated (NYSE:MA) .
DARPA, The Open Catalog
DARPA has updated it's six month old : An astounding, curated compendium of fascinating data and phenomenal projects. Highly recommended, from Big Data initiatives - Detection and Computational Analysis of Psychological Signals (DCAPS), to Probabilistic Programming for Advanced Machine Learning (PPAML).
Line in the Sand
Apparently, Microsoft Corporation (NasdaqGS: MSFT) has drawn a proverbial line in the sand...
DARPA's Therapeutic Implantable Memory →
The Defense Advanced Research Projects Agency has announced an astounding project targeting implantable memory prosthetics to assist service-members and other patients whose memory has suffered degradation due to PTSD. Outstanding.
Miscreant UAV
George Leopold, writing for Defense Systems, regales us with the notion of the new in-security platform of choice - namely, drone-based surveillance systems capable of the usual bad behaviors - sniffing, rogue network creation, air/war driving and what not.
Feet of Clay
Municipalities just as private corporations, engage in seemingly mad, long dashes for revenue; to what end? In this case, speeding and red light traffic infraction generated income is the goal, whilst minimizing law enforcement hands on in the process. Unfortunately, the corporate entity that facilitates that revenue stream with traffic recording devices and cameras apparently possess clear-cut, if you will, evidence of proverbial feet of clay...
Traffic Infrastructure, Security of
via the SCADASEC mail list, comes this well crafted paper entitled, appropriately enough: Green Lights Forever: Analyzing the Security of Traffic Infrastructure, authored by Branden Ghena, William Beyer, Allen Hillaker, Jonathan Pevarnek, and J. Alex Halderman [all members of the University of Michigan's Electrical Engineering and Computer Science Department]. Detailing the both the obvious, and necessarily, the not so obvious nature of the movable feast we have created on our nations, and the world' streets. Today's' Must Read.
The Shaming →
Evidently, Public Shaming, a la 16th Century European public pillorying and taunt, is the vogue, when targeting mindless, and therefore vulnerable, web deployments. The latest body incarnate example of this manouevre, is HTTP Shaming, a Tumblr blog dedicated to exposing the less-than-well-planned-sites floating around our interweb.
NIST, IAPP Privacy Workshop Slated →
Maybe, just maybe, there is scientific hope for the Right to Privacy. At once, ruminating upon the Declaration of Universal Human Rights*** and the United State's 4th Amendment to the Constitution** , hope doth, truly spring eternal...
The National Institute of Standards and Technology has announced the second co-sponsored Privacy Engineering Workshop, slated for the 15th and 16th of September, 2014 in San Jose, California. Co-sponsored with the International Association of Privacy Professionals, the Workshops mandate is a focus on engineering objectives (in draft) and the necessitated Risk Model (that model was a key output of the first Privacy Workshop).
Constitution of the United States, Amendment IV**
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
Universal Declaration of Human Rights, Article 12***
No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.
DARPA's 7 →
In which, the magickal number seven is the sum total of methods utilized to authenticate under considerable contemplation at DARPA.
Spiked, The Litany of BGP
AnandTech's Brett Howse on the latest debacle of Border Gateway Protocol [BGP] and the spike's effect on our beloved Interweb. Go figure...
Art credit: Bio Engineering
MonsterMind
via the inimitable Kim Zetter, Senior Staff Writer at Wired, comes this staggeringly well crafted piece on the United States National Security Agency / Central Security Service's work to create a tool known as MonsterMind. The natural progeny of encompassing surveillance, is the capability to detect and mitigate malware in the wild.
Net Commentary →
Fascinating Infographic of public commentary, this time, focusing on the interweb , as it were.