Archive for the ‘Notes to Myself’ Category
The country has drafted a UN convention designed to stop regime change being incited externally through cyberspace.
Developed together by Russia’s Security Council and the Ministry of Foreign Affairs, the draft states that “using information technology as a means of aggression and destruction,” and “the mass psychological brainwashing of the population aimed at destabilization of the society and the state,” represent major security threats.
The draft stresses that countries have the right to establish their own rules in their own cyberspace and control it according to their national law. At the same time, the document obliges the states to protect the freedom of speech on the Internet. All the control measures, the officials say, are aimed at maintaining national security.
Once the controversial document leaked to general public, human rights activists around the world immediately dubbed it a violation of people’s right to freedom. Moscow, however, does not agree with such statements.
BART Stifled Free Speech just Like Middle East Dictator.
We hear about it in the Middle East but never though it would happen here in America. Middle east dictators like Gaddafi in Libya tried to shut the voice of the people down and here in the land of the free our police state just does what it wants and denies freedom to it’s own people and then complain it’s justifiable.
In S.F one of the most open cities in the world the government disallow basic free speech to its citizens before they even commit a crime. In other worlds your are GUILTY until proven innocent, that’s a sad day for America and all people that believe in freedom and the American dream.
BART said that organizers were planning to disrupt BART services on Aug 11,2011 so they took it upon themselves to shut off cell phone repeaters in 4 stations. BART police ordered it switched off, after receiving permission from BART interim General Manager Sherwood Wakeman.
I hope this never happens again in America if it does people will revolt and may even join them. I do not like what you say, but I’ll defend your right to say it. This is America and cyberspace belongs to the people not the government.
Today someone questioned if the military needs to be involved in protecting American citizens. My answer is yes, loud and clear, proud and strong.
The corporate world protects only themselves, unless they have a contract to protect you. I’m not sure you understand how the corporate world works, they are de facto capable of protecting themselves but won’t, that costs money. Sure, in a perfect world they have the spare cash to protect themselves, but reality is they don’t have the money to protect everything. They owe it to their investors or their stockholders to make money, not spend it. It is a calculation that they won’t lose money by not investing in proper cybersecurity. It will usually take a very large boot to the teeth and continuing down the throat before they get energized. Good cyber protection is costly and they won’t spend the money until that time to fully protect their own system. We’re not talking about any exchange of information, so far I’ve only discussed an oasis in the desert. Now say, for instance, that a new exploit has been found. We have the wonderful folks at Symantec who earn the big bucks by selling that information via updates and bulletins. Again, that costs money. The problem corporations have with sharing information with another firm or with the government is that this is considered proprietary information which can be used against them. Example: ‘This corporation is not as good as we are, their computer networks were penetrated x amount of times last year, we weren’t penetrated at all’. Also, in many corporate minds, the perception that their corporation is not secure may affect future contracts, they stand to lose millions, if not billions of dollars.
Experts say one of the biggest flaws in cyber security is human error, spurred by a lack of basic computer security training for executives and high-ranking officials.
Photograph by: Getty Creative Images, xx
Cyber spies trying to infiltrate governments and mega-companies have some unwitting agents on the inside, experts say.
One of the biggest flaws in security networks, as exposed with revelations this week about a global wave of online espionage, is human error, they say, spurred by a lack of basic computer training for executives and high-ranking officials.
Hard-Coded Password and Other Security Holes Found in Siemens Control Systems | Threat Level | Wired.com
The newly discovered vulnerabilities go a step further than Stuxnet, however, in that they allow an attacker to communicate directly with a Siemens PLC without needing to compromise, or even use, the Step7 software.
One of the most serious security holes is a six-letter hardcoded username and password — both “Basisk” — that Siemens engineers had left embedded in some versions of firmware on its S7-300 PLC model. The credentials are effectively a backdoor into the PLC that yield a command shell, allowing an attacker to dump the device’s memory — in order to map the entire control system and devices connected to it — and reprogram the unit at will.
“I was able to log in via telnet and http, which allowed me to dump memory, delete files and execute commands,” says Dillon Beresford, the security researcher with NSS Labs who discovered the password, and at least a dozen more subtle security holes.
Beresford had planned to discuss a few of the vulnerabilities at TakeDownCon in Texas in May, but pulled the talk at the last minute after Siemens and the Department of Homeland Security expressed concern about disclosing the security holes before Siemens could patch them.