11 August 2011


I never thought a "free" society would consider something like the UK is currently discussing.
Several MPs in the British parliament want to ban the use of social networking sites, such as Twitter and Facbook, if a person is suspected (not convicted) on charges of instigating unrest and riots. Now, let's set aside the whole "suspected" issue.  The first problem that the UK faces is that this would be a nearly unenforceable law.  I've expressed my opinions on the validity of laws that cannot be enforced before.  They are complete and utter....rubbish.  Add in the fact that they want to ban the use of these type of sites to anyone who is SUSPECTED of contributing to unrest, and now you have a totalitarian state who can suspect mischievous behavior of anyone as an excuse for silencing them.

But wait, there's more!

So not only are they wanting to restrict a person's freedom of speech because they are merely "suspected" of causing unrest via the statements they make online.  They also want to force social media companies to take down any images, statements or other content that the British government deems inflammatory causing said unrest and riots.

I guess United KINGDOM never really shed their totalitarian monarchist views of governing.

05 August 2011

Personal Spy Drones = COOL!

Wired has an article about two security researches who presented their personal hacking spy drone at BlackHat this week. And although the idea of a personal drone with some type of surveillance equipment is not new, some of the tools they equipped this drone with are down right awesome.

IMSI catcher to trick cell phone signals into connecting instead of to a cell tower for calls? Check

GPS receiver for pre-programmed flight plans? Check

WiFi for connecting to networks? Check

340 million word dictionary for brute force attacks? Check

The list goes on...

I personally agree with one of the commenters that I would prefer a rotory wing aircraft, such as a helicopter, because landing and takeoff would be easier and require less space, and because you would have much better maneuverability.

Regardless it is a cool concept, just wish I had the cash lying around to make it a weekend project!

04 August 2011


As a big zombie culture geek, I love seeing more zombie culture hitting the mainstream.

Navy Times has a great article about how to survive a zombie attack. h/t SayUncle

Back in May, the CDC posted Zombie Preparedness 101, in response to the hype about the predicted rapture.

The Colorado Springs Gazette has an article about the popularity of zombie culture.

In addition to the pop culture trend, zombies have fully infiltrated a segment of the RKBA community with companies offering zombie related stripped AR-15 lowers, zombie targets (h/t TFB), and tons of other gear.

I, for one, am excited to see zombies become big in pop culture!

Update: A good friend pointed me to this Wired article talking about reseach on the neuroscience of zombies and how to protect yourself with Science (cue Weird Science theme song from Oingo Boingo).

Israel Security Coming Soon...

Saw it over at SayUncle first. The TSA seems to be completely out of touch with reality here in America. 

As the article linked at SayUncle states, the first enormous problem is that Israel's only international airport handles approximately 10 million passengers per year.  Bring that to America and any one big city airport handles twice that traffic each year on its own.  That means longer waits in line while each individual person is "screened".

The second problem is that Americans, especially while travelling domestically, don't tolerate "invasive" questions quite the same as international travelers going to another country.  Add in that if you get picked out of the line because you didn't respond just right to their questions, people will become even more defensive and intolerant of the process.

That brings me to the next issue, which is that the agents the TSA will be using for this $1 billion program (yes I said 1 BILLION DOLLARS) are receiving a whopping 4 DAY training to be able to detect people who have a "nefarious" agenda.  Now, as an auditor you learn very early on in your career that you will NOT be conducting fraud interviews on your own for several years. Why? It takes a lot of interviewing experience to start to be able to detect actual "tells".  People are diverse in behavior, and although certain types of behavior can be indicative of a lie, there are more false positive that there are actual true results. 

Take, for example, an male agent asking a young woman, "where have you been?" (one of the standard questions apparently).  She doesn't look the "agent" in the eyes when she answers clumsily "I have been visiting my grandmother".  Now, in 4 days of training this will likely cause this "agent" to flag her as requiring a full pat down, body scan, and further interviews.  In reality, she is originally from Japan where it is respectful to avoid prolonged eye contact with people in authority positions.

I think this whole thing is going to be a $1 billion waste of tax payer funds that will not make us any safer and will only cost this country in time and money.  Hopefully it falls flat on its face and someone is held accountable for wasting $1 billion in taxpayer money.

03 August 2011

Massive Security Breaches

From Dmitri Alperovitch, VP of Threat Research over at McAfee: Operation Shady RAT.

Also, and article from the BBC.

I am almost shocked at the sheer scope of the attacks and successful intrusions (after all, IT security is still not a priority on many people's list).  Not only were several US government (Fed and local) entities successfully breached, but so were several US companies.  Defense contractors, a real-state firm, an accounting firm, an electronics company, several IT companies, and a construction company were among the known targets that were breached. Some of these breaches lasted for over a year!

Speculation focuses on China as the most likely source of the attacks, which means there would be a high likelihood of State involvement. If this is the case, I wouldn't be surprised if several firearms manufacturers were also breached and don't know it yet.  China's military has been searching for ways to gain a strategic advantage, other than the sheer size of their military, for years.  Being able to obtain new gun designs and schematics that are being engineered for the US military would be a huge competitive advantage, both to the Chinese military, as well as any Chinese arms manufacturers.

Just some food for thought.