via Steven J. Vaughan-Nichols
The only thing “new” about Firesheep is that how it easy makes it to do. I’m unimpressed. Anyone who was serious about grabbing your personal information has already been doing it for years. Trust me, if someone really wanted your data and you’ve been using open Wi-Fi networks, they already grabbed it.
No, the real worry isn’t about some jerk grabbing your Twitter password in a coffee house.
The real worry has always been that your office Wi-Fi is easy to compromise and then someone can use a
packet-sniffer to get something that really matters like your your Accounts Payable password. (
more)
Need a Wi-Fi Security Audit and Compliance Inspection? (you do) Please call me. (more)
11/4/10 – UPDATE: IBM researchers are proposing an approach to WiFi security they call Secure Open Wireless in light of the release of the Firesheep tool. (more)
11/5/10 – UPDATE: 10 Ways to Protect Yourself from Firesheep Attacks (more)
I give spy coins to my clients.It is a reminder that information loss is mostly a people problem, not an electronic problem. Filing cabinets of information can walk out the door in pocket change!
Careless people often blab information, forget to secure it, toss it in the garbage can, or otherwise lose it—hundreds of laptops are lost every day. People also steal it when they become greedy, spiteful, conned, blackmailed, or caught up in a “cause.”
Investigating an information loss, however, begins with an electronic surveillance detection audit.
Here’s why…
• Serious espionage will include electronic surveillance.
• The possibility must be resolved before accusing people.
• Bugging is the easiest spy technique to discover.
• Electronic surveillance evidence helps prove your case.
Best advice… Conduct audits on a regular basis. Uncover signs of espionage during the intelligence collection stage, before your information can be abused. (more)
A client reports back…
“I think of all of the trinket type things we’ve accumulated over the years, the spy coin is *by far* the coolest, and is made even cooler with the background story provided on the chip!!
I took mine with me to the FBI building today and had the guards there X-ray it along-side of a normal quarter to see if its secret contents could be seen on an “airport quality” X ray machine. They printed out a copy of the scan image, I’ve attached it to this email for your amusement as well.
Several agents commented on how well it was made, and how hard it would be to detect such a thing.“
“300” writer Michael Gordon has sold a spooky surveillance project to NBC. The idea was spawned by the controversial U.S electronic eavesdropping apparatus ECHELON, a program that supposedly captures virtually all data signals for analysis at a central hub in West Virginia.
These millions of video, audio and data files are then disseminated to various federal and local law enforcement agencies for further investigation.
Now here’s the twist from the show’s logline: “There is, however, less than 1% of the data that nobody wants to touch. These are the classified video files that seem to have captured the unexplainable.”
The show will center on a fictional team called G.H.O.S.T. (Global Hierarchical Observation Strategy Taskforce) whose assignment it is to investigate this paranormal data. (more)
No, the real worry isn’t about some jerk grabbing your Twitter password in a coffee house. The real worry has always been that your office Wi-Fi is easy to compromise and then someone can use a packet-sniffer to get something that really matters like your your Accounts Payable password. (more)
