Monday, January 2, 2006

Wired News: Hackers Rebel Against Spy Cams And, just for fun, the group created an anonymous surveillance system that uses face-recognition software to place a black stripe over the eyes of people whose images are recorded. Quintessenz members Adrian Dabrowski and Martin Slunksy presented their video-surveillance research at the 22nd annual Chaos Communication Congress here this week. Five hundred hackers jammed into a meeting room for a presentation that fit nicely into CCC's 2005 theme of "private investigations." Slunksy pointed out that searching for special strings in Google, such as axis-cgi/, will return links that access internet-connected cameras around the world. Quintessenz developers entered these Google results into a database, analyzed the IP addresses and set up a website that gives users the ability to search by country or topic -- and then rate the cameras. 11:08:01 PM  PermaLink   / trackback []

Hackers Rebel Against Spy Cams. Hackers Rebel Against Spy Cams. Wired is running an article looking at the little ways in which Austrian technology users are striking back against surveillance. From the article: "Members of the organization worked out a way to intercept the camera images with an inexpensive, 1-GHz satellite receiver. The signal could then be descrambled using hardware designed to enhance copy-protected video as it's transferred from DVD to VHS tape. The Quintessenz activists then began figuring out how to blind the cameras with balloons, lasers and infrared devices. And, just for fun, the group created an anonymous surveillance system that uses face-recognition software to place a black stripe over the eyes of people whose images are recorded." [Slashdot] 11:05:01 PM  PermaLink   / trackback []

Trustworthy Computing. Trustworthy Computing.   Anonymous Coward writes  "This is a first: the Internet Storm Center is recommending trustworthy computing. They want you to trust that the unofficial patch for the Windows Metafile Volunerability that is currently being exploited by an IM worm. No patch from Microsoft at this time, and the exploit is arranged in such a manner that it cannot be detected by most intrusion detection systems (the snort rule will peg the CPU on your router) nor filtered by packet-inspecting firewalls (it spans two or more ethernet frames). Not really a whole lot of choice about this one." [Slashdot] 11:00:06 PM  PermaLink   / trackback []

Linux Netwosix Creator Discusses 2.0 Vision, Future @ LINUXWORLD MAGAZINE The recent announcement of the 2.x branch of Linux Netwosix may prompt LinuxWorld readers to ask why there were two releases--1.3 and 2.0-rc1--of this software within a week. So we contacted its creator, 19-yeard-old Vincenzo Ciaglia (left) of the University of Salerno, Italy to find the answer to this and other questions. "Well, let's start saying that Linux Netwosix is a powerful and optimized Linux distribution for servers and Network Security related jobs. It can also be used for special operations such as penetration testing with its big collection of security oriented software and sources," Ciaglia told us. "It's a light distribution created for the requirements of every SysAdmin and it's very portable and highly configurable. Its philosophy is to give greater liberty for configuration to the SysAdmin." Ciaglia also said that "only in this way the system administrator can configure a powerful and stable server machine. Linux Netwosix also has a powerful ports system (Nepote) similar to thexBSD systems but more flexible and usable." (More information about Nepote is available here: http://nepote.netwosix.org.) 10:49:44 PM  PermaLink   / trackback []

Privacy protection sure to be on lawmakers' tech agenda - 2006-01-02 - Denver Business Journal Privacy, offshoring and the approval process for video franchises will be the big technology and telecommunications issues of the 2006 Colorado General Assembly, say industry observers. "Protecting consumer privacy is going to be a big issue," said Jessica Wright, executive director of the AeA Mountain States Council, a nonprofit trade organization that represents technology companies in Colorado, Wyoming and Utah. Wright expects legislators to address spyware, which attaches to computer hard drives when users visit certain Web sites, click on pop-up ads or view spam e-mail messages. 10:35:22 PM  PermaLink   / trackback []

Financial institutions set dubious record for ID theft - OrlandoSentinel.com: Business A final flurry of computer security breaches marked the end of 2005 -- an unfortunate but not surprising end to a record year for potential identity-theft activity. From banks and hospitals to government agencies, almost 100 breaches were reported in 2005, including a half-dozen in December alone, according to the Privacy Rights Clearinghouse, a nonprofit watchdog group in California. Major institutions such as Bank of America and the Federal Deposit Insurance Corp. were victimized, as were little-known data-technology outfits such as Georgia-based ChoicePoint and CardSystems Solutions Inc. Computer hackers hit many colleges across the country, from Duke to Stanford, stealing thousands of files with account numbers and other personal data belonging to students and school employees. Other perpetrators gained access to personal data by hijacking laptops, setting up bogus corporate accounts, or stealing passwords. Some of the cases were inside jobs. The biggest heist of the year came to light in June, when MasterCard reported that a hacker breach at a transaction-processing company had exposed 40 million credit-card accounts to potential identity theft. The Atlanta-based company processes transactions for cards issued by major banks including SunTrust and Wachovia. 10:25:52 PM  PermaLink   / trackback []

ABN Amro Unit Reveals Electronic Data-Transfer Plan After Tape Snafu. ABN Amro Unit Reveals Electronic Data-Transfer Plan After Tape Snafu. ABN Amro Mortgage Group outlined plans to better secure data after a delivery service lost a tape containing personal information on mortgage holders.   [Computerworld Privacy News] 10:22:09 PM  PermaLink   / trackback []

Privacy Concerns - January 2006 At first, it sounds obvious: If citizens can read public records in the county courthouse, surely those citizens are entitled to read the same information on the Web. But as more governments put public records online, protests from certain quarters prompt public-sector officials to think long and hard about how to balance open government and the right to privacy. For those who need some of the information contained in transactions such as tax payments and real-estate sales, it's much easier to tap an e-government site than appear in person and leaf through paper files. But the thought that people who may want to harm others can, in a few clicks, locate home addresses and Social Security numbers of potential victims turns the stomachs of some public-sector leaders. Among those who feel most alarmed are some government officials who fear that putting their personal details online makes them easy targets for criminals. 10:19:34 PM  PermaLink   / trackback []

RFID Today: RFID: VICS AND AAFA - Worst Foot Forward? he Voluntary Interindustry Commerce Standards Committee (VICS) and the American Apparel & Footwear Association (AAFA) announced this week the release of a report titled, "Moving Forward with Item-Level Radio Frequency Identification in Apparel/Footwear." The report is the result of a four-month study of the impact of RFID on manufacturing, distribution/logistics, inventory management, store operations, finance, loss prevention, and merchandising, to help member companies determine the right starting point for RFID evaluation. 10:16:25 PM  PermaLink   / trackback []