Search Results for "Privacy"

DEFCON - Modding Stuff

Podcast: The Art Of Hiring Hackers

The Black Hat and DEFCON security conferences wrapped up last week in Las Vegas. Most of the media attention was (naturally) focused on the content of the presentations – including talks on the security of consumer electronics, automobiles and, of course, on the privacy implications of the recently revealed NSA surveillance program PRISM. But for the companies that pay money to send staff to these shows, the content of the talks is only one draw. Black Hat and DEFCON also serve a lesser known, but equally important role as magnets for some of the world’s top talent in obscure disciplines like reverse engineering, vulnerability research, application security analysis and more. Come August, any organization with a dog in the cyber security fight (and these days, that’s a lot of organizations) is in Las Vegas for a chance of meeting and hiring that top cyber security talent. What do companies that […]

Continue Reading
Gen. Alexander - Black Hat

U.S. Cyber Chief Says “Trust Us” On NSA Spying

The head of the U.S. Cyber Command, Four-Star General Keith Alexander, told an audience of skeptical and sometimes hostile security experts and hackers that they should have faith that the U.S. National Security Agency (NSA) isn’t abusing its access to cell phone meta data and other online communications in its pursuit of terrorists who “live among us.” Speaking before a packed audience that included some of the country’s top computer security and privacy experts, Alexander spoke in measured tones about PRISM, the omnibus data collection program that was exposed in documents leaked by a former Booz Allen Hamilton contractor, Edward Snowden, saying that it had directly led to the disruption of 53 of 54 discrete “terrorist related activities” in the U.S., Europe, Asia and Africa since the September 11, 2001 terrorist attacks on New York and Washington, D.C. Adopting images and a tone common in the years immediately following 9/11, […]

Continue Reading
General Keith Alexander

PRISM Watch: US Cyber Command Chief Addresses Black Hat

I’m here at the Black Hat Briefings in Las Vegas, the U.S.’s most prominent “hacker con.” I’ll be bringing you news and updates from the show and (a bit) from DEFCON for the remainder of the week.   As for the Briefings – the long and short of things is that all the buzz right now is about General Keith Alexander’s keynote speech this morning. Of course, keynotes are always a big deal, but its not even 8:00 AM and there’s a bit of a crush in the press room, with TV crews from major media outlets setting up in the Augustus ballroom, where Alexander will speak. Why? This speech is big because its one of the first – if not the first – post-PRISM public address by Gen. Alexander, who is the Commander of U.S. Cyber Command (USCYBERCOM) since the leaks by former NSA contractor Edward Snowden burst into the […]

Continue Reading

Six Hours, $4500: The Short Life and Quick Death Of A Facebook Bug

A security researcher based in Indonesia disclosed yet another Facebook bug this weekend – one that would allow an attacker to obtain the primary e-mail address associated with any Facebook account. Hours after informing the social network about the bug, however, it was closed and the researcher, Roy Castillo, was $4,500 richer. Castillo, a white hat vulnerability researcher based in The Philippines, disclosed the bug in Facebook’s Developer Application Roles Page in a post on his blog on Saturday.  When exploited, it allowed an attacker to discover the primary Facebook email address of any account – even those with the email privacy setting on “Only Me,” Castillo wrote.   Attackers would need a Facebook Developer account and some basic programming knowledge to take advantage of the vulnerability, in which Facebook mistakenly disclosed the e-mail address associated with a unique Facebook user ID. After discovering the buy on June 25th, Castillo […]

Continue Reading
Facebook Graph Search

Security Must-Do’s For Facebook Graph Search

Facebook finally pulled the covers off its much-anticipated (or dreaded) Graph Search feature on Monday, after about six months in beta. The new search feature greatly expands the kinds of information Facebook users can access on other users of the social network, making it easy, for example, to cross reference data stored in Facebook profiles. For example, users can easily call up a list of their “friends who live in Boston” and like the show “Arrested Development.” Fun! But, as has been noted, Graph Search is also a social engineer’s dream, because it lays bare lots of information – data – that Facebook users shared, casually, and without a thought of how it might be used in combination with other data they shared. For example, researchers have shown that they can use knowledge of a Facebook user’s “Likes” to “automatically and accurately predict a range of highly sensitive personal attributes including: […]

Continue Reading
1 84 85 86 87 88 91