Decertifying "Terrorist" Pilots

November 23rd, 2009 admin

This article reads like something written by the company’s PR team. When it comes to sleuthing these days, knowing your way within a database is as valued a skill as the classic, Sherlock Holmes-styled powers of detection. Safe Banking Systems Software proved this very point in a demonstration of its algorithm acumen — one that resulted in a disclosure that…


Originally posted on Schneier

 
  Related Posts
The Chaocipher
The Chaocipher is a mechanical encryption algorithm invented in 1918. No one was able to reverse-engineer the algorithm, given sets of plaintexts and ciphertexts — at least, nobody publicly. On the other hand, I don’t know how many people tried, or even knew about the algorithm. I’d never heard of it before now. Anyway, for the first... 
Every Software Vendor Must Read and Heed
Every Software Vendor Must Read and Heed
Matt Olney and I spoke about the role of a Product Security Incident Response Team ( PSIRT ) at my SANS Incident Detection Summit this month. I asked if he would share his thoughts on how software vendors should handle vulnerability discovery in their software products. I am really pleased to report that Matt wrote a thorough, public blog post... 
Back Door in Battery Charger
Amazing: The United States Computer Emergency Response Team (US-CERT) has warned that the software included in the Energizer DUO USB battery charger contains a backdoor that allows unauthorized remote system access. That’s actually misleading. Even though the charger is an USB device, it does not contain the harmful installer described in the... 
Internal April Fools joke…
Internal April Fools joke…
Yes, it’s April Fools day today (see coverage from our Safe and Savvy blog ). Labdev is the team within F-Secure Labs that developes and maintains our internal systems that (among other things) import, scan, analyse and categorize all incoming samples. As it happens, Labdev had put in a subtle change to our sample management system ’s... 
Feds Warn Small Businesses to Use Dedicated PC for Online Banking
In the wake of a rash of hacks on computers owned by small businesses, the FBI and the American Banking Association have issued an alert advising businesses to use only a dedicated PC for online banking, according to USA Today . The alert was issued after numerous small businesses, universities and local governments have been targeted by hackers... 
TacSat-3 "Hyperspectral" Spy Satellite
It’s operational: The idea of hyperspectral sensing is not, however, merely to “see” in the usual sense of optical telescopes, infrared nightscopes and/or thermal imagers. This kind of detection is used on spy satellites and other surveillance systems, but it suffers from the so-called “drinking straw effect” —... 
Deadly Russia Train Derailment Was Terrorist Attack, Officials Say
Earlier we reported speculation that a Russian train derailment was an act of terrorism. That early speculation has now been confirmed by officials. A homemade chemical bomb planted on the tracks resulted in the derailment of a high-speed train in Russia carrying hundreds of people Saturday, killing at least 26 and injuring scores more. The head This... 
Bejtlich on Security Justice Podcast
Bejtlich on Security Justice Podcast
After I spoke at the Information Security Summit in Ohio last month, the guys at the Security Justice podcast interviewed me and Tyler Hudak . You can listen to the archive here . It was fairly loud in the room but you’d never know it listening to the audio. Great work guys. We discuss open source software, vulnerability research and disclosure,... 
SnapScouts
I sure hope this is a parody: SnapScouts Keep America Safe! Want to earn tons of cool badges and prizes while competing with you friends to see who can be the best American? Download the SnapScouts app for your Android phone (iPhone app coming soon) and get started patrolling your neighborhood. It’s up to you to keep America safe! If…... 
SCADA System’s Hardcoded Password Was Circulating Online For Years
SCADA System’s Hardcoded Password Was Circulating Online For Years
A sophisticated new piece of malware that targets command and control software installed in critical infrastructures uses a known default password that the software maker hard coded into its system and that has been available online since at least 2008 when it was posted to product forums in Germany and Russia. The password protects the database... 
  Related Tweets from Twitter
mindwarp (mindwarp)  : An excellent talk by Bruce Schneier on privacy and the individual, at EWI Cybersecurity Summit 2010: http://ur1.ca/1hgfa (8-minute YT video)..
Updated : 2010-09-04T01:33:33Z   |  Reply  |  View Tweet
vie_privee (Vie Privée Infos)  : Friday Squid Blogging: Squid Car: Squid car. http://bit.ly/dakvNG..
Updated : 2010-09-04T00:47:40Z   |  Reply  |  View Tweet
AlexBowman (Alex Bowman)  : Reading: UAE Man-in-the-Middle Attack Against SSL - Interesting: Who are these certificate authorities? At the begi... http://ow.ly/18Rhtg..
Updated : 2010-09-04T00:31:14Z   |  Reply  |  View Tweet
jfaughnan (John Faughnan)  : UAE Man-in-the-Middle Attack Against SSL: Interesting: Who are these certificate authorities? At the beginning of ... http://bit.ly/9hdHqP..
Updated : 2010-09-04T00:27:00Z   |  Reply  |  View Tweet
security (Security)  : Friday Squid Blogging: Squid Car: Squid car.... http://bit.ly/cScghn..
Updated : 2010-09-04T00:00:03Z   |  Reply  |  View Tweet
  Related News from Digg
No comments yet.
You must be logged in to post a comment.
TOP