via Steven J. Vaughan-Nichols
The only thing “new” about Firesheep is that how it easy makes it to do. I’m unimpressed. Anyone who was serious about grabbing your personal information has already been doing it for years. Trust me, if someone really wanted your data and you’ve been using open Wi-Fi networks, they already grabbed it.
No, the real worry isn’t about some jerk grabbing your Twitter password in a coffee house.
The real worry has always been that your office Wi-Fi is easy to compromise and then someone can use a
packet-sniffer to get something that really matters like your your Accounts Payable password. (
more)
Need a Wi-Fi Security Audit and Compliance Inspection? (you do) Please call me. (more)
11/4/10 – UPDATE: IBM researchers are proposing an approach to WiFi security they call Secure Open Wireless in light of the release of the Firesheep tool. (more)
11/5/10 – UPDATE: 10 Ways to Protect Yourself from Firesheep Attacks (more)
I give spy coins to my clients.It is a reminder that information loss is mostly a people problem, not an electronic problem. Filing cabinets of information can walk out the door in pocket change!
Careless people often blab information, forget to secure it, toss it in the garbage can, or otherwise lose it—hundreds of laptops are lost every day. People also steal it when they become greedy, spiteful, conned, blackmailed, or caught up in a “cause.”
Investigating an information loss, however, begins with an electronic surveillance detection audit.
Here’s why…
• Serious espionage will include electronic surveillance.
• The possibility must be resolved before accusing people.
• Bugging is the easiest spy technique to discover.
• Electronic surveillance evidence helps prove your case.
Best advice… Conduct audits on a regular basis. Uncover signs of espionage during the intelligence collection stage, before your information can be abused. (more)
A client reports back…
“I think of all of the trinket type things we’ve accumulated over the years, the spy coin is *by far* the coolest, and is made even cooler with the background story provided on the chip!!
I took mine with me to the FBI building today and had the guards there X-ray it along-side of a normal quarter to see if its secret contents could be seen on an “airport quality” X ray machine. They printed out a copy of the scan image, I’ve attached it to this email for your amusement as well.
Several agents commented on how well it was made, and how hard it would be to detect such a thing.“
via http://www.coolpicturegallery.net
A proposed deal between Sprint Nextel, Cricket and two Chinese telecom companies has raised a few eyebrows, with some U.S. senators concerned about security.
The Hill reports a bipartisan group of legislators wrote a letter seeking reassurance about the deal from Federal Communications Commission Chairman Julius Genachowski.
The letter, signed by Susan Collins (R-Maine), Jon Kyl (R-Ariz.) and Joe Lieberman (I-Conn.), contends the two Chinese companies, ZTE Corporation and Huawei, have ties to the Chinese military and are financed by the Chinese government.
The letter raised the specter of the Chinese government or military using the companies to spy on American communications. (
more)
Chicago, IL – It may sound like cloak and dagger fiction, but FOX Chicago News has learned something very odd happened Wednesday night on the fifth floor of the Cook County building. The latest bizarre twist in the ongoing corruption scandal in Stroger’s office involves high-tech surveillance experts caught leaving the office of Cook County Board President’s office.
A deputy sheriff patrolling the building stopped a group of five men leaving Todd Stroger’s office around 9:30 p.m. Wednesday.
One of the men identified himself as the county’s Homeland Security Director David Ramos. The other four men were asked to provide identification.
They did, and at least three of them have experience in surveillance and counter-surveillance… (One of the men) would not comment on what they were doing in Stroger’s office, but there is rampant speculation at the County building they were sweeping the offices for electronic bugs.
Cook County Inspector General Pat Blanchard said his staff visited Stroger’s office Thursday afternoon and removed some evidence related to the ongoing investigation into sham contracts…
David Ramos, the county’s Homeland Security Director who escorted the men into the office, said through a spokesman they were simply
scouting locations for placement of security cameras in the President’s office. (
more)
Solution: Ask the Deputy if the “visitors” were leaving empty-handed. A sweep requires several cases of instrumentation. Conducting a CCTV design layout does not.
No, the real worry isn’t about some jerk grabbing your Twitter password in a coffee house. The real worry has always been that your office Wi-Fi is easy to compromise and then someone can use a packet-sniffer to get something that really matters like your your Accounts Payable password. (more)
