Tag Archives: security

NEWS FLASH!! Pot calls Kettle “BLACK”

From Reuters:

(Reuters) – Facebook Inc Chief Executive Mark Zuckerberg blasted the U.S. government’s electronic surveillance practices on Thursday, saying he’d personally called President Barack Obama to voice his displeasure.

“When our engineers work tirelessly to improve security, we imagine we’re protecting you against criminals, not our own government,” Zuckerberg said in a post on his personal Facebook page.

I use Facebook. I think it is both useful and fun, but … I know every time they do some redesign or launch a new feature I it is a MUST to recheck privacy setting or my data will come gushing out like a fat ladies after birth. (that a is a disturbing image)

IJS

Unacceptable Apple

Apple, and it customers have been trying to deal with there latest and greatest security threat, know as the Flashback malware.  Apple has finally released tool to identify and remove the malware from a system … for Lion users ONLY:

In its ongoing battle to clean up the Flashback malware mess, Apple has now released a standalone removal tool.

The downloadable utility is available exclusively for Mac owners running OS X Lion. It will not run on Mac OS X 10.6 (Snow Leopard) or earlier versions.

A description and download link are available here. The accompanying security bulletin says “This update is recommended for all OS X Lion users without Java installed.”

link

It is bad enough that because Apple controls it update process so much so tightly that when 3rd party security updates are released that they are not pushed to users in a more timely fashion. But when a fix is made available it is ONLY available those running the very latest major release of OS X even when ALL releases of OS X that care Java are effected. Just me but I think that if you are going to spend money software security support should be available to at least the last 2 major releases. Just sayin’

Federal Government wants to wiretap the Internet … the fools

WASHINGTON — Federal law enforcement and national security officials are preparing to seek sweeping new regulations for the Internet, arguing that their ability to wiretap criminal and terrorism suspects is “going dark” as people increasingly communicate online instead of by telephone.

Essentially, officials want Congress to require all services that enable communications — including encrypted e-mail transmitters like BlackBerry, social networking Web sites like Facebook and software that allows direct “peer to peer” messaging like Skype — to be technically capable of complying if served with a wiretap order. The mandate would include being able to intercept and unscramble encrypted messages.

via U.S. Tries to Make It Easier to Wiretap the Internet – NYTimes.com.

I’m not going to comment on the privacy issues. I’m sure that what most people are talking about in regard to this case. But I don’t see how such a law could be effective if interacted enacted. While they could serve order to Facebook or RIM, who provided encrypted communication as a service, software would be immune. Maybe not from a legal standpoint, but from a piratical practical stand point, yes.

What most lawmakers don’t understand is that the power of the Internet is at it edges, not the center. All any suspect would have to do is use an app that makes uses of asymmetric encryption. They could subpoena, data from carriers & ISPs all they want. Unless they buy a couple of years on Cray to decipher data, they won’t know what they got.

If they want the same capability that they have with wire-line phones, then they are going to have to attack the system at the edges, meaning handsets.