Monthly Archives: September 2012

Analyzing Threats

Analyzing threats, the goal is to discern the adversary’s intent and beliefs about the state of play. (and either ignore them, defend against them, or counterattack, NEVER comply. Compliance is death, sometimes literally. More on that later.) Smart adversaries rarely make specific threats, and even more rarely do they make threats they intend to carry […]

Top Words Used in Phishing Emails

A security firm’s released an interesting survey of trends in the most popular words used in phishing emails. Trying to get the targets to click on a malicious attachment, crooks went from preferring “label,” “invoice,” and “post” in the second half of 2011 to “DHL,” “notification,” and “delivery” in the first half of 2012. Indeed, […]

How Not to Design an Instant Messenger

One of the most popular IM services for smartphone users appears to be about as secure as a wooden barrel in a vat of termites. See also: further reasons to take responsibility for your security, understand things instead of trusting them, and donate your smartphone to Will It Blend?. Basically, they encrypted nothing until recently […]

Connecting Holography to Security

If you want to make a *really* secure seal — nuclear / highest-level attacker type security — design a device to precisely register a sheet of glass in front of whatever you don’t want disturbed (like a safe dial), and a laser some distance away, perhaps shining down at a 45-degree angle. Have the laser […]

Wiping Samsung Phones in Single Link (and lasers, hotmail)

If someone can get you to open a URL on a Samsung smartphone, they can trigger a factory reset that you can’t stop. Boom, data gone byebye. And your SIM card might be dead too. Band-aid fix is dumping the manufacturer’s version of the OS and getting a standard one (maybe a community-created one). Real […]

More on the micropower TMS

Forgot some additional stuff on the micropower TMS: Overall this has proved to be a ruthlessly effective tool for personal sanity and reasonable thinking. If the world was ending and everyone was panicking, handing these out to everyone would probably make the evacuation so orderly as to inspire envy in the Swiss railway system. I […]

Facebook Disables Facial Recognition in Europe (and lifehacking: more sleep dep)

At least for the moment. After a massive uproar over Facebook’s lack of privacy protection and an EU audit, Facebook’s agreed to disable its face recognition feature after a request from the Irish privacy commissioner. Note they’re disabling public access; the article doesn’t mention whether or not Facebook could still do face recogntion internally. Lifehacking: […]