Elmo is right, Britain really is the 51st state. I’ve noticed the very strange and one-sided relationship with the US before but this article on Britain’s nuclear weapons put that in a whole new light.
Britain has just been blessed with a system of threat levels. Bruce Schneier isn’t impressed and I can’t help but wonder what should we do now that the threat level is SEVERE?
RFID seems to be the rave at the moment for securing things, which means it’s the rave in circles that break stuff. Here’s an interesting story on how secure signal-emitting chips in car keys are. It seems the RFID in passports has been cracked as well.
To end on a lighter note, you can now get your computer to do useful stuff by hitting it.
Episode 45 of the Security Now! podcast mentions a sneaky use of the
hosts file—ad blocking. By listing well-known adsites in
hosts and forcing them to resolve to 127.0.0.1 (or 0.0.0.0) the irritating ads aren’t displayed. A quick search on Google and I found a site offering a list of adsites specifically for this use.
So far it works really well, despite the list not seeing any updates since 2004. I’ve added one single entry in the two weeks that I’ve used it. Fairly good I think. I’ve also noticed that a few commercial websites, that I used to visit earlier but stopped hitting due to irritating popup windows, have started behaving better
I found the podcast Security Now the other day. (Actually it was before I listened to episode 139 of TLLTS which contains an interview with SecurityMonkey. Well, back to Security Now.) It’s a rather good show which offers good explanations, though rather basic sometimes, on security related topics. Episode 38 was on browser security and the latest, 39, discussed buffer overruns. I found it to be a little too basic at times, but it’s a good starting point for someone who’s interested in security but is finding reading about it difficult. Anyone with a genuine interest should go to Google and do some searching after listening to the podcasts.
Oh, for episode 39 I’d recommend having pen and paper nearby, visualising the stack on a paper will make the explanation so much clearer.
Alan Cox delivered a talk at OSCON Europe titled Computer Security–The Next 50 Years. IT Conversations has made it available online. It’s well worth listening to. Computer Security–The Next 50 Years
Caught a glimpse of an old Sherlock Holmes show on the tele yesterday. The part I saw was very amusing. Homes had just recovered a priceless pearl. When handing it back to the museum he asked that it wouldn’t be put on display because the master thief had promised to steal it back again. The museum manager wouldn’t hear of it, of course, because they had an infallible security system. When the system was demonstrated Holmes commented:
Electricity—the high priest of false security.
(An absolutely brilliant comment!)
Then they went into the manager’s office to discuss the system. The wiring was concealed, and everything in the office was secured by it as well. Holmes birlliantly deduced the wiring was concealed behind the only curtain in the office. Creating a diversion he then disabled the security system. To demonstrate his cleverness he then asked Dr. Watson to take down one of the paintings in the room. He lifts it down and the alarm doesn’t go off of course. Now for the twist, the thief, in disguise, is already in the museum. He watched the demonstration of the alarm system before and realised he couldn’t steal the pearl without finding out more about the security system. Listening through the door he hears about Holmes’ cunning disabling of the system and while it’s still disabled he proceeds to steal the pearl.
Security is tricky business, you shouldn’t be too clever about it!