It’s 11 o’clock. Do you know where your data is?

I’ve been keeping track of interesting stories about security over the past couple of months for my intersession course, mostly ones that I have found through Slashdot, BoingBoing and/or Digg. As part of the process of selecting which ones will make it into the final week of the course and which ones will not, I thought I would put the whole list here, mostly without comment. If you notice anything that seems particularly interesting (especially if you happen to be in my course!) let me know and it will probably move up my list of things to discuss.

One thought on “It’s 11 o’clock. Do you know where your data is?

  1. Excellent post. I remember hearing about many of these things over the course of the year. The following is just an explosion of short ideas.
    Tor is a great utility which aids to the privacy of Internet users and personally I’ve been using it for about 2 years now coupled with Privoxy. However I started not using it for sensitive data connections, due to the exit nodes being unencrypted. Nowadays I rarely use it at all, since the connections are so slow.
    The Maxtor hard drives — Brad and I actually did a 10 minute podcast segment that never made it into a blog post, but I thought this was a new step into malware. Then the digital picture frame malware came out, and I realized that the digital progression of the world is starting to walk a very dark path. It’s going to get to the point where any piece of digital equipment you plug into the computer is going to need formatted in some way as precaution.
    In regard to the Flash ads, I’ve completely forgotten about ads with the combination of AdBlock Plus and NoScript in Firefox. I also keep the Netcraft toolbar installed which checks URL’s for phishing attempts and stops and warns you before going to a website which looks like it contains a phished URL.
    I want my computer to sing to me when it’s about to blow up. I was amused when I discovered this, but I don’t think it should play something happy, it obviously needs something like a funeral dirge.
    The malware industry is booming and is being used globally by anyone who needs a computer network to send spam or DDOS attacks. It’s extremely profitable, and also highly unlikely to be taken down or busted by authorities due to the jurisdiction. The people running the botnets more than likely live overseas where the governments could case less, and the computers are infected worldwide. This makes thing incredibly difficult. Not to mention that the person has the complete control over the computers, and can change servers the botnet reports to, etc. to conceal activities. Malware and botnets are the new black market in digital form.
    I remember reading about Coverity and I was very happy with what they are doing, and I hope they continue on, validating the idea that open source software is just as good as any, if not better.
    Whois and DNS lookups constitute hacking? Sounds like someone needs to figure out what those terms actually mean, then figure out what hacking is, then find their ass from a hole in the ground. That information is out there for a reason — as a point of contact if something looks wrong. If the activists believed this guys servers were sending spam, then they had every right to whois and DNS lookup him and expose it. That’s what it’s there for. Sounds like someone got caught doing something wrong and now is crying foul with a lawsuit, and sadly won.

Leave a Reply

Your email address will not be published. Required fields are marked *