Skip to main content

Weiye Loh's Library tagged Security   View Popular, Search in Google

Apr
14
2012

  • The most significant driving force of any city is its people. It is crucial to have a livable environment for increasingly mobile populations, and to attract a significant workforce. More than one-third of the people in New York and London are foreign-born. Despite their astonishing growth, Asian economic powerhouses fail to reach that level of cosmopolitan culture. New York or London will continue to top the indices, but only if they ensure their strong cultural offers are unmatched and maintain open immigration policies.
  • as soon as a centa-millionaire in Moscow, Beijing or São Paolo makes their fortune, the first thing they do is figure out how they can ferret away large chunks of that wealth to countries that guarantee political and personal freedoms, have sound legal systems, a favorable tax environment, good security and good schools for their kids.
  • 1 more annotation(s)...

Apple may have made the Flashback issue worse, by being slow to patch up security holes on users’ machines.

In this case, the malware targets the Java software that is made by Oracle. But while Oracle has pushed out updates in February to PC and other users after it found out about the security issues, Apple users only got their updates on Wednesday – more than eight weeks later. The reason: Apple had refused to let Oracle push out the updates directly to Mac users.

It does not help either that Apple censures - rather than thanks – its own developers for bringing up security issues on Apple OSes. Last year, an iOS developer had his account banned after he demonstrated security breaches with Apple’s software.

www.techgoondu.com/...pple-macintosh-vulnerabilities
- Preview

Apple Security PC

  • while Windows PCs have been souped up with regular updates in recent years to fight the scourge of malware, many Mac users may now be exposed because they do not have the same timely, pro-active patches from Apple and their growing numbers simply mean they are a more attractive target for malware authors.
Mar
14
2012

As government agencies look to leverage new technologies to communicate with the public, move more citizen services online, share services amongst agencies, share intelligence for national security purposes and collaborate with other nations and private industry, they will need to take a more open stance to secrecy and information sharing.

But to mitigate risks, they need to take a more solid security stance at the same time. It is imperative for leaders at all levels within government (agencies, departments, contractors, etc.) to weigh the risks and benefits of making information more accessible and, once decided, put strong safeguards in place to ensure only those who need access can get access.

Information leaks imply failures across multiple areas, particularly risk management, access control and confidentiality. The ongoing WikiLeaks exposé clearly shows that the threat is not always from external groups; it can be far more insidious when it stems from trusted individuals within an organisation.

www.lowyinterpreter.org/...y-in-the-age-of-WikiLeaks.aspx
- Preview

Open Government Open Information Security Social Media

Jul
13
2011

"Staff secretly dropped computer discs and USB thumb drives in the parking lots of government buildings and private contractors. Of those who picked them up, 60 percent plugged the devices into office computers, curious to see what they contained. If the drive or CD case had an official logo, 90 percent were installed.

“There’s no device known to mankind that will prevent people from being idiots”...

Tactics such as spear-phishing -- sending a limited number of rigged e-mails to a select group of recipients -- rely on human weaknesses like trust, laziness or even hubris.

gssq.blogspot.com/...-security-vs-human-idiocy.html
- Preview

Security Hacking Technology

Jul
10
2011

How do you stop hackers from attacking your network? Build an entirely new infrastructure. That’s the idea behind the new .secure network, which will work just like any other network except for one thing: once you enter, you waive your right to privacy. 

utopianist.com/...ernet-with-no-right-to-privacy
- Preview

Privacy Network Security

  • Popular Science explains the rationale:

     

    China and other regimes around the world inherently have an upper hand when it comes to cyber defense because their lack of civil liberty protections lets the government freely monitor online activity. Things like “deep packet inspection” (which gained notoriety during Iranian election protests back in 2009) that let governments monitor citizens traffic also let them monitor for unusual activity … The U.S. Internet, by virtue of its adherence civil liberties, is more like the wild west. Everyone does everything online anonymously, and while that’s great for liberties, it’s also dangerous when cyber criminals/foreign hackers are roaming the cyber countryside

  • The .secure zone would essentially mimic the way the internet is regulated in more oppressive regimes, creating a space where banks, government contractors and the government can do business without fear of being hacked. Keith Alexander, who has the totally not made-up title of Cyber Command Chief, and several lawmakers are pushing for the new infrastructure, saying it’s absolutely necessary for national security. While the vulnerability of our infrastructure is a major concern, we’d wager a lot of Americans might have a problem with a section of the internet where your right to privacy is nonexistent.
Jun
28
2011

SONY chairman and president Howard Stringer on Tuesday apologised to shareholders and customers over a massive data leak, which helped push its its share price to a two-year low this month.

'In April, we faced a serious challenge in the form of a cyber attack launched against the PlayStation Network, Qriocity and the network systems of Sony Online Entertainment,' Mr Stringer said at a meeting in Tokyo attended by about 5,900 shareholders.

'We are sorry for any concern and inconvenience that the incidents may have caused our shareholders, customers and stakeholders,' he said. The company is expecting its third-straight annual loss this year.

www.straitstimes.com/...STIStory_684849.html
- Preview

Data Security Sony Hacking

  • Sony has worked to strengthen its information security systems, 'placing our highest priority on ensuring the security of our customers' personal information, and regaining their trust.' The Japanese electronics and entertainment giant has faced a series of cyber attacks and said more than 100 million accounts have been affected, making it one of the largest data breaches in the history of the Internet.

       

    Analysts say costs associated with the breach could be as much as US$1 billion (S$1.24 billion), but deeper damage to Sony's brand image could undermine efforts to link its gadgets to an online network of games, movies and music.

Apr
3
2011

several groups of free information advocates have emerged to help educate the latest generation of activists. To that end, one such group, Access, just released its guide to maintaining online and mobile phone security, with versions in Arabic and English.

www.nytimes.com/...03noticed.html
- Preview

Activism Privacy Security Data Spying

  • people often lose sight of security concerns amid the collective euphoria that can accompany swift, large-scale democratization movements like the ones in Egypt and Tunisia. “The eye gets focused on the goal and not the process,” he said, “and during that time, they put their own personal security and their network security at risk.”
  • But it’s not just the fog of enthusiasm that renders people vulnerable; it’s lack of experience.
  • 2 more annotation(s)...
Feb
20
2011

  • The attackers just needed a little bit more information: they needed a regular, non-root user account to log in with, because as a standard security procedure, direct ssh access with the root account is disabled. Armed with the two pieces of knowledge above, and with Greg's e-mail account in their control, the social engineers set about their task. The e-mail correspondence tells the whole story:

      
     
    From: Greg To: Jussi Subject: need to ssh into rootkit im in europe and need to ssh into the server. can you drop open up firewall and allow ssh through port 59022 or something vague? and is our root password still 88j4bb3rw0cky88 or did we change to 88Scr3am3r88 ? thanks
  • From: Jussi To: Greg Subject: Re: need to ssh into rootkit hi, do you have public ip? or should i just drop fw? and it is w0cky - tho no remote root access allowed
  • 3 more annotation(s)...

  • It has been an embarrassing week for security firm HBGary and its HBGary Federal offshoot. HBGary Federal CEO Aaron Barr thought he had unmasked the hacker hordes of Anonymous and was preparing to name and shame those responsible for co-ordinating the group's actions, including the denial-of-service attacks that hit MasterCard, Visa, and other perceived enemies of WikiLeaks late last year.
  • When Barr told one of those he believed to be an Anonymous ringleader about his forthcoming exposé, the Anonymous response was swift and humiliating. HBGary's servers were broken into, its e-mails pillaged and published to the world, its data destroyed, and its website defaced. As an added bonus, a second site owned and operated by Greg Hoglund, owner of HBGary, was taken offline and the user registration database published.
  • 2 more annotation(s)...
1 - 10 of 10
Showing 20 items per page

Selected Tags

Related Tags

Diigo is about better ways to research, share and collaborate on information. Learn more »

Join Diigo
Move to top