As more and more of our public and private spaces are equipped with remote sensing and surveillance technology, personal privacy – at least as it has been understood for the last two or three centuries – is endangered. The solution, of course, is through improved privacy legislation and, perhaps, a more expansive reading of the U.S. Constitution’s 4th Amendment protecting against search and seizure. But, with policymakers in Washington D.C. stuck in a rut, and many EU nations as hooked on surveillance as the U.S., the onus falls to individuals to do what they can. That’s the subject of my latest column for ITWorld, where I talk about what is likely to be the next stage in our society’s rapid evolution on matters of privacy and security, what I’ve termed “The Jamming Wars.” Like other social movements, this will be fueled by a growing rift between the law and a […]
Tag: trends
Security Of “Things” Increasingly The Stuff Of Headlines
It looks as if the mainstream media is waking to the security implications of the “Internet of Things,” in the wake of recent demonstrations at the Black Hat and DEFCON conferences that highlight vulnerabilities in everything from home automation systems to automobiles to toilets. Stories in The New York Times and other major news outlets in the last week have highlighted concerns about “the cyber crime of things” as Christopher Mims, writing in The Atlantic, called it. Insecure, Internet connected devices ranging from surveillance cameras to home heating and cooling systems could leave consumers vulnerable to remote attacks and spying. The stories come after hacks to non-traditional computing platforms stole most of the headlines from this year’s Black Hat and DEFCON shows in Las Vegas. A compromise of a Toyota Prius hybrid by researchers Charlie Miller of Twitter and Chris Valasek of IOActive was featured prominently in stories by Forbes and […]
Anonymous Email Services Shutter In Wake Of Snowden
Faced with the prospect of being forced to turn over metadata from their customers’ private correspondence to secret courts in the U.S. or other countries, two prominent secure e-mail services decided this week to cease operation. The secure email service Lavabit – lately the choice of NSA leaker Edward Snowden – announced that it was ceasing operations on Thursday after ten years of operation. The announcement was followed, on Friday, by a similar one from the security firm Silent Circle, which operated Silent Mail. Both companies cited the difficulty of securing e-mail communications and the prospect of secret government subpoenas to obtain information on the activities of their customers as the reason for deciding to stop offering secure email services. In a message posted on the Lavabit.com web site, owner and operator Ladar Levison said that he was being forced to “become complicit in crimes against the American people or […]
Podcast: The Art Of Hiring Hackers
The Black Hat and DEFCON security conferences wrapped up last week in Las Vegas. Most of the media attention was (naturally) focused on the content of the presentations – including talks on the security of consumer electronics, automobiles and, of course, on the privacy implications of the recently revealed NSA surveillance program PRISM. But for the companies that pay money to send staff to these shows, the content of the talks is only one draw. Black Hat and DEFCON also serve a lesser known, but equally important role as magnets for some of the world’s top talent in obscure disciplines like reverse engineering, vulnerability research, application security analysis and more. Come August, any organization with a dog in the cyber security fight (and these days, that’s a lot of organizations) is in Las Vegas for a chance of meeting and hiring that top cyber security talent. What do companies that […]
Are Anti-Mule Ops Breaking The Bank Fraud Kill Chain?
Mules are the “last mile” in many online fraud operations: the unwitting dupes, or witting co-conspirators who lend their legitimate bank account (and reputation) to fraudsters who are looking for a way to cash out funds from a compromised account. Mules – often lured with promises of “work-from-home” riches receive fraudulent transactions, then immediately withdraw the funds and wire them to the fraudsters, minus a healthy “commission.” In recent years, there has been ample coverage in the media of cyber crime and fraud and the role of money mules in scams. (I note Brian Krebs excellent reporting on the mule problem on his blog.) And yet, the supply of mules seems to be endless. Or is it? According to researchers at the security firm RSA, bank account cash-out attacks are becoming less common online, and a sharp increase in busts on money mules may be the cause. Writing on […]
