The DailyBreeze tells us about how Lorna Herf discovered South Bay BMW in Torrance’s sales policy of “No fingerprint, no car.” The dealership claims that this is an effort to prevent identity theft, though how this would help the customer is unclear. Additionally, this effort is being actively supported by the sheriff’s office. I think…Read More Thumbing A Ride…
Back in the day, I was a member of FIRST. (Btw, rumor has it Chris and Adam are presenting at their annual conference this summer). At the time, one of the more prolific posters to the mailing list was Robert Hensing from Microsoft (Adam, if you haven’t met Rob, you should look him up). Anyways,…Read More A Different X-Box Hack
I think that a Denial of Service condition is a vulnerability, but lots of other people don’t. Last week Dave G. over at Matasano posted a seemingly very simple explanation that nicely sums up the way I’d always been taught to think about these sorts of issues: The ability to halt or shutdown most modern…Read More DoS == Vulnerability?
Where I’ll be explaining that “Security Breaches are good for you.” Come see me speak at 5 PM on Friday. It’ll be … entertaining.Read More Off to Shmoocon!
A couple of weeks ago, Mike Rothman linked to an article by George Ou about using EFS and BitLocker under Vista. There he made an extraordinary claim: Since BitLocker won’t encrypt additional hard drive volumes, whether they’re logical partitions on the same physical disk or additional disks, you must use EFS to encrypt those volumes…Read More Why BitLocker Won't Help Most Companies
Before Bruce Schneier started using the term, “Security Theatre” was a term I heard from what I call Real Security People. I was designing a security-oriented NOC, and I interviewed people who built secure sites for a couple of governments, banks, and others. They said that what The Adversary thinks you can do is more…Read More From the Heresy Desk
Via Silicon Strategy, we learn that “Pressure grows for UK data loss disclosure:” The UK is in desperate need of revisions to laws that govern the disclosure of information relating to data loss or theft, according to security experts. Currently UK organisations that lose sensitive customer or employee data, or expose it to others, do…Read More Anarchy in the UK?
Matasano’s Thomas Ptacek had a Groucho-like reaction to being included as a “Top 59” infosec influencer in ITSecurity.com’s recent list. EC’s Pre-Blogging Department was initially caught flat-footed on this, but predicted in an update that Tom’s view would gain traction. And it has. Meanwhile, Mark Curphey has stirred the pot by leaving the Security Bloggers’…Read More Ptacek scores, Pre-Blogging Department with the assist!
John Backus, leader of the Fortran team has died at the age of 82, according to The New York Times. Fortran itself celebrates its fiftieth birthday this year, and you can still write it in any other language, even Haskell. Even Lisp. Back in the days when I would rather have died than work for…Read More Backus Having Drinks with Hopper
I never really thought much of Hamilton, either. I’m glad this wasn’t done on one of the New Ten Dollar bills. If it was, the Constellation EURion might have prevented me from scanning it for your amusement. (Today, that “feature” is mostly in copiers, but expect it to spread.) In other looking at money news,…Read More Emerging at the Intersection of Art and Commerce