Monthly Archives: January 2013

The Biggest Fraud, Ever

If you want to steal a small amount of money, walk into a bank and hand the teller a note. If you want to steal a fairly large amount of money, rob an armored car. If you want to steal a tremendously, uncountably massive amount of money… start a bank and do it a fraction […]

Finding Gay Men in Iran with Facebook Graph Search

Also single women who like men, getting drunk, and who live near you; Falun Gong aficionados in China; Italian Catholic mothers who like Durex… Behold, the power of Big Data! I can’t help but feel this kind of data should never be compiled. http://actualfacebookgraphsearches.tumblr.com/ http://nakedsecurity.sophos.com/2013/01/28/privacy-facebook-graph-search/ Earlier this month, Facebook announced an upcoming new feature that […]

Porno Scanners Coming To A Street Corner Near (Some of) You

Remember the millimeter wave scanners endemic to Big Brother-certified airports? They’ve developed a version that works some distance away, and have decided to start putting them on streetcorners to check random passerby for concealed weapons. … Just remember: Titanium dioxide (a component in sunblock) looks just like a metal object in your pocket to these […]

Provable Security (and lifehacking, Anonymous)

The crypto people have a wonderful concept called “provable security.” It’s not quite as wonderful as you’d think, since rather than proving that a given system is actually secure — few are, other than the famous One-Time Pad — it merely proves that the system is as secure as another system. Where’s the use? Well, […]

Spam Levels Dropping (and politics / science fiction)

Good news for a change: there’s less spam! Better spam filters (backdoored or otherwise) and botnet disruptions have dropped global spam levels 8%, so spam now only accounts for 72% of all email sent… some observers also say (otherwise-legal) Internet advertisers are shifting to more legitimate ad platforms. Politics and science fiction: the spectre of […]

Backdoors in Barracuda Applainces (and Anon “warheads”)

Your web or email traffic has likely passed through a Barracuda appliance at one point or another. As it turns out they all have great big gaping backdoors. Might as well put hello.jpg as the MOTD. These were official backdoors, permitting access both from Barracuda IPs and a mysterious set of IPs linked to domains […]

How Not To Use Github (and many magnetic secrets in one easy PDF)

What’s wrong with this picture, showing results from GitHub’s new search engine? https://twitter.com/brianaker/status/294228373377515522/photo/1 Let me quote the first result: “paypal_production_key_private.pem” Apparently credentials for the Google Chrome source repository were also exposed. Github has since blacklisted these results from their search engine, but (IMHO) needs to tell developers during the upload process, “you may not want […]