jrtom: (Default)
http://it.slashdot.org/story/10/11/16/0347231/Stuxnet-Was-Designed-To-Subtly-Interfere-With-Uranium-Enrichment

*sigh*

Fortunately, there are people at Google who are (demonstrably) far more versed in dealing with this kind of problem than I am. And they're welcome to it.

That said, there's unfortunately more than enough related work to go around.

But seriously, I find this kind of threat actually considerably more alarming than the threat of terrorists blowing themselves up on airplanes. Not only because I don't find the latter to be something that is apparently that hard to prevent, but because there's a lot more to be _gained_ by a lot more people that don't have to die in order to carry out the former sort of attack.

And, you know, honestly we've got a lot more interesting problems to solve than figuring out how to keep people from hacking into our electrical grid. Or nuclear launch authorization systems. And so forth. I hate working on problems that I feel wouldn't exist as tasks if some people weren't jerks.

Interesting times, indeed.
jrtom: (Default)
http://www.wired.com/politics/security/commentary/securitymatters/2008/03/securitymatters_0320

My mind works a lot like this. I don't have any particular (professional) interest in security problems per se, but I'm good at tracking down holes in arguments, and (other people's) bugs, and generally picking things apart. I think of it as being related to my general reflexive tendency to take the Devil's Advocate stance.
jrtom: (Default)
http://www.boingboing.net/2007/11/15/tsa-warns-tsa-to-be.html
referencing
http://www.latimes.com/news/printedition/front/la-na-screeners15nov15,1,784508.story?coll=la-headlines-frontpage&track=crosspromo

Can anyone point to a single concrete improvement in either security or in traveler convenience that has appeared since the TSA took over security checks? Anything at all?
jrtom: (Default)
http://www.schneier.com/blog/archives/2007/10/new_tsa_report.html

Summary: TSA employees have been approaching real actual travelers and asking them to accept something that looks like a bomb into their luggage, as a check on the functioning of the system.

Schneier brings up several good reasons why this is a bad idea, but misses what may arguably be the most significant (IMO).

Hint: does anyone remember that question that used to be asked at the airline counter: "has any person unknown to you given you an item to carry with you?" We've been trying to train people for years to report this sort of thing.

Let's suppose that this program becomes widely known. This negates the effects of the above-noted training.

How long do you suppose that it would be before we get a report of a plane being taken out by a bomb that was given to someone to carry...who believed that (a) the person who gave it to them was a TSA employee and (b) the bomb was a convincing fake?

(One of the commenters on the post says essentially that it's silly to suppose that the TSA would not authenticate their employees (that is, present convincing evidence that the employee is genuine before asking the passenger to accept a fake bomb). That misses the point, though...because the passengers won't know what the procedure is supposed to be...and recent events have been teaching civilians that the authorities can and will pop up in all sorts of unexpected ways and with unusual requests.)
jrtom: (Default)
(I thought it was kinder than spamming my friendslist with 10 or 15 posts in a row. Going to make the tags interesting, though...)

The Redistricting Game: http://www.redistrictinggame.com/

Haven't played it yet, but the concept--teaching about redistricting and gerrymandering by making a game out of it--is very interesting.

Kinetic Sculpture: http://www.glumbert.com/media/kineticsculpture [video]

Very cool. Actually, "kinetic" doesn't really convey it: think "auto-mobile".

Singing Tesla Coil: http://www.hauntedfrog.com/gt/movies/2007/duckon/SingingTeslaShow.html

What else need I say?

US States "renamed" for countries with similar GDPs: http://strangemaps.wordpress.com/2007/06/10/131-us-states-renamed-for-countries-with-similar-gdps/

A very interesting and informative visualization: it actually tells me about as much about the US as it does about the respective countries. The table at the bottom may be useful to give some context.

Gay Bomb: The Porno Flick [safe for work]: http://blog.wired.com/defense/2007/06/gay-bomb-the--1.html

Gay Bomb will take us into the future and the year 2012. George the Second has refused to step down as leader of the "free world", and the nations of Europe have banded together to fight the new American military dictatorship. Desperate to fend off its attackers, the US launches the experimental "gay bomb", designed to make the enemy forces drop their guns and turn fag. But the winds of fate blow in a different direction, and soon America is brought to its knees.


This is the best part: it appears that this has been seriously proposed...

Recent news headlines revealed that Pentagon insiders admitted to having truly considered the "gay bomb" as an example of non-lethal chemical warfare in the Iraq War. The Air Force asked for a $7.5 million grant to develop the idea, which was proposed to the government's highest scientific authority.


("Some people you don't need to satirize--you just quote 'em.")

http://www.airspacemag.com/issues/2007/june-july/Seti.htm

A dedicated SETI effort, i.e., one with its own facility.

http://www.makezine.com/blog/archive/2007/06/binary_marble_adding_mach.html

A mechanical binary adder, with a video of it at work. Very nicely done.

http://www.schneier.com/blog/archives/2007/06/second_movieplo.html

The winner of Bruce Schneier's second annual Movie-Plot Threat Contest...which makes a plausible case for banning water from airplanes.

http://www.milkandcookies.com/link/63329/detail/

A very silly music video. Requires a bit of patience; wait until it's about a minute in before you give up on it, and about 2 minutes in it gets impressive.
jrtom: (Default)
http://www.ranum.com/security/computer_security/editorials/dumb/

A bit facile--#3, for instance, suggests that if we would just design our software right in the first place, that we wouldn't have any security problems--but thought-provoking. Also, it includes this gem:

On the surface of things, the idea of "Educating Users" seems less than dumb: education is always good. On the other hand . . . if it was going to work, it would have worked by now.

Profile

jrtom: (Default)
jrtom

May 2011

S M T W T F S
1234567
891011121314
1516 1718192021
22232425262728
29 3031    

Syndicate

RSS Atom

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated 22 July 2017 06:50
Powered by Dreamwidth Studios