Archive for September, 2010

High numbers of students turn to hacking

Published by calhoun on September 23rd, 2010 - in Technology

HackerIn a survey conducted by Security Firm Tufin Technologies, it acknoleges that around 1 in 5 students are admiting to hacking. The real intresting question is, are the other 4 being honest? When I was in high school , I knew one guy whom would be considered a hacker. At college I did a small amount – mostly accidental stuff – I tried to log on to an Oracle Database server with the system administrator log on – turns out the IT department had not changed the pasword for it. One of my freinds at that college showed me a technique to bypass a BIOS password, and it worked.

There is two sides to the story as always, ethical hacking, such as that taught at Dundee Abertay college in their Ethical Hacking and Countermessures allows students to develop skills of nessesary evil. If you are unaware of how to hack into a system, how can you possibilly prevent unauthorized access to it?

It is generally a grey area – hacking for ethical sake without the authority of the system in question such as an IT department clearly is wrong no matter what your intentions are. The study found that the vast majority of the students surveyed did agree with this assessment. Combining the remaining 16% whom do not recognize it as being wrong, the ones that have tried hacking from that lot are the ones that we need to worry about – they dont realise or do not understand what they are doing is wrong, and they have the skills to actually do it. These are the kinds of people that are going to cause us the problems.

Strangely, they suggest there is no gender bias but I find that hard to belive unless they actually interviewed equal number of students – generally speaking in computing science courses (at least the courses I have been on) have had a higher number of boys to girls ratio. Therefore less girls would be questioned and make up the ‘guilty’ selection.

On another consideration, the research does not define what they mean by hacking. How  many of the ones that admited it had merely overlooked a shoulder as a password was being typed? Or used completely automatic tools that got in? Neither of these are really major threats, its the ones that can sit down with just a shell and still manage to get in that we really need to worry about.

References
TechWatch

Tags: , , , , ,
No Comments »

Commonwealth Games could be cancelled

Published by calhoun on September 22nd, 2010 - in News

Commonwealth GamesIn Scotland I would not exactly say our streets are the most clean nor our buildings the most spectacular in the world, perhaps the castles. So when you read in the news that Scottish officials were appalled by the state of cleanliness of the accommodation provided by the organizers of this years commonwealth games, it speaks tremendous loads.

The specification for the athletes village set out by Delhi states that the accommodation was to be of  a very high standard – beyond that of anything that previously came before. However it sounds like they managed to achieve sub standard accommodation instead. A Bridge in the vicinity has collapsed, the officials were appalled and negotiated to move to “more complete” albeit still in quite a state accommodation. With anti-corruption investigations into the building standards used to construct the commmonwealth games village, it is not a good time for a bridge to start randomly collapsing!

The Commonwealth Games Federation has been spoken to about the situation specifically over a decision about what circimstances and when a decision about the games – that is to cancell them for this year will take place.

Wales, whom has already went out early to inspect the facilities has had ample time to get things to a more acceptable standard and they fear for countries that have yet to arrive.  They too have made calls for pressure to be put on the Indian government and the organizers for these problems to be resolved as a matter of urgency.

With 6,500 people expected from across 61 countries the games would represent a major financial and economic benefit to the host country the pain of the games being cancelled would quite likely be an incentive for the Indian government to take all necessary steps to resolve the problem.

References
The Times India

Tags: , ,
No Comments »

Twitter users subjected to worms

Published by calhoun on September 22nd, 2010 - in Internet, Technology

Certain twitter users, by which it seems the vast majority have found they were vulnerable to a Cross-Site-Scripting XSS vulnerability in the twitter software. It allowed the site to generate a self replicating worm that spread very rapidly across many users at the peak of it around 100 replications a second were being generated.

The result varied from harmless messages to more dubious redirects. The most amusing of these would perhaps have been former prime minister’s wife Sarah Brown’s twitter account redirecting people to pornographic accounts.  She has around 1.1 million followers. I would not be in the slightest surprise should 1.05 million of those actually took up the vulnerability spreading it further whilst visiting the Japanese Porn sites. I am sure we really don’t want to know what she ended up linking to! She updated her feed shortly afterwords to say sorry, I wonder if she took the opportunity to have a nosey herself.

This kind of security breach is relatively straight foward to resolve and given the size and popularity of Twitter, it is a surprise that no one ever considered the security aspects of user input! In the security world, users should never be trusted, they are out to get you!

The most interesting thing about these kinds of problems is they are relatively straightforward to deal with by assuming from the outset of the project by simply presuming that your users will go out of their way to destroy your system. Its true, users sooner or later will find ways to break the system either deliberately and maliciously or through sheer accidental foolishness. As a developer you need to think about these problems. Think about encoding raw input should you not need to do any processing on it that’ll easily prevent a sql injection. Or verify before inserting that it is in an expected format like a date should have 3 parts to it separated by a separator such as “/” so if you get 3 “/” and 4 sets of numbers then it cant possibly be a valid date now can it?

References
The Independant
xkcd

Tags: , , , , , , ,
No Comments »

Mi6 considered using semen to transmit messages

Published by calhoun on September 21st, 2010 - in Politics

MI6 Headquarters BuildingIntelligence Services needed Personal Security (literally?)

British Inteligence Service during world war I considered using semen to produce invisible ink. That would not be detected by ordinary detection methods.

Secrecy is of course the most important principle of the intelligence gathering community. The problem however is that your enemy knows that your data is as useful to them as it is to you, perhaps more important actually. This is the main reason cryptographic technology was invented.

A Diary belonging to a senior official, Walter Kirke at GHQ in France during the First world war reveals that the chief of the Security Service, Mansfeild Cummings more affectionately known as “C” (not M, as James Bond films seem to want to refer to) had been making enquiries with London University to develop invisible ink.

This would be an excellent break through – you could write in plain text knowing that without knowing what kind of equipment or technique had to be used to read the letters your enemy could not interpreter the letter. The solution it seems was to start using bodily fluids in the form of semen to write the letter. The technique would allow one to disguise the fact that invisible ink was there as it is likely that writing on top using normal ink or writing offer the normal ink would not effect the readability of the letter. So anyone intercepting the letter would see say a letter from someone on the front lines to their parents about how much they miss them – it is unlikely a genuine sounding letter would be investigated further.

However there were some side effects one agent was informed he should only use fresh supplies of the ink after officers receiving the letter started to notice an odd smell coming with each letter. The guy who came up with the idea also became subject to jokes and had to be transferred.

References
The Guardian

Tags: , , , , ,
No Comments »

Mobiles to go down the tube

Published by calhoun on September 21st, 2010 - in News, Technology

London UndegroundFor once perhaps Boris Johnston in his role of Mayor of London has actually done something or at least attempting to do something which could have a decisive benefit to the people of London. Getting involved in plans to put mobile phone antenna into the underground network in time for the 2012 Olympics.

London would not be the first city in the world to recive a mobile phone signal in underground public transport. Many European cities that have underground services already have this in place.

What the mayor will do however is iorn out deals with the Mobile Phone industry meaning that the multi million pound project will be funded by the industry equally, 3, Vodaphone, Orange & T-Mobile, and O2 will all get involved in the project meaning that tax payer’s money will not be used to fund the expensive project.

Long term this may make London even more attractive as a business city than it allready is – communications is a key part of business and if people cant communicate for long times whilst on underground transport it means they are likely to be unproductive. The economic benefits are likely difficult to calculate however given the large scope of the underground’s user base.

The project will apparently extend to cover Eurostar services as well. Discussions have been in place for a very long time about the prospect of installing mobile signals into the underground, which in principle is a very straight foward system: install transmitters along the top of the tunnels and recivers on each carrige of the train allowing signals to be picked up and redistributed to mobile phones. The cost however has always been a problem but with some strong negotiation the mayor may have finally struck an agreement within the industry for them to put it in place.

References
Hexus
The Telegraph

Tags: , , , , ,
No Comments »

Solar flare could plunge us into the Dark Ages

Published by calhoun on September 21st, 2010 - in News

Satellite and SunIn a spectacular sign of wisdom, the Defense secratary has stated that Britain could be vulnerable from a Nuclear Attack. Well gee Sherlock did it take all your brain power to figure out that a Thermo Nuclear Detonation cant really be sheilded against? He continues to explain that the resulting ElectroMagneticPulse(EMP) would destroy sensitive electronic systems – well, yes we know this allready.

He compares the threat of a nuclear attack to the result of a super solar flare which scientiests at NASA belive could errupt in 2013.  He does raise some relevent points, more consideration of this threat must be made with the likelyhood being that should an event occur it is likely to cripple critical systems such as communications and power.

References
The Telegraph

Tags: , , , , , , ,
No Comments »

Papal 2010: What the people think.

Published by calhoun on September 20th, 2010 - in News, Politics

demon popeSo the Pope has returned back from whenst he came. Now the news might go back to something other than watching his every move. Now we see the things that happened in the last four days beyond the pope being rapidly read on the news so they may catch up with today’s news.

The guardian has put together some quotes bey key figures involved in the popes visit.

HM Queen Elizabeth II:
“Your Holiness, in recent times you have said that religions can never become vehicles of hatred, that never by invoking the name of God can evil and violence be justified.
“Today, in this country, we stand united in that conviction. We hold that freedom to worship is at the core of our tolerant and democratic society.”

Religions should indeed never become vehicles of hatred, yet every holy war that has ever taken place has been both a religious vehicle of hatred and in the name of God. Freedom to worship is definitely at the core of democratic society. However that ability has yet to spread to the Vatican city – non catholic worship does not exist legally in the Vatican.


David Cameron, PM:

“You have really challenged the whole country to sit up and think, and that can only be a good thing.
“Because I believe we can all share in your message of working for the common good and that we all have a social obligation to each other, to our families and our communities.

The prime minister is wise in observing that it is good that the whole country sit up and think. However the message is not necessarily that following along with the catholic church is a wise nor good thing. There are other religions and those may be more worthy than catholicism. Each individual must look inside and think about what is important and what they believe in and none shall face persecution for doing so.

Federico Lombardi, Vatican:

“If there are critics and protests, this is normal for us and the Pope and it is a positive sign of freedom of expression in this society.”

It is good to see that an official of the vatican is recognising the right of freedom of expression as a good and just element of modern society. If there were more of his kind in the Vatican then surely the future would look bright for them.

Archbishop of Westminster Vincent Nichols:

“The church has made a mess of its response to incidents of child abuse, and there is nothing that can be said that excuses the crimes committed by members of the clergy against children.”

Nothing good can be said about it, but what are they going to do about it? Nothing I expect.

References:
The Guardian

Tags: , ,
No Comments »

No discount for ID Card Trial Holders

Published by calhoun on September 20th, 2010 - in Politics

ID Card for Mr ElephantIn parliament on Wednesday discussions took place about the concept of compensating the few people whom bought an ID Card under Labours terrible ID Card plans. The minister responsible for heading up the scheme proposed a discount of future purchase of a passport to ID Card Holders.

However widespread opposition to the proposals have seen the concept rejected. Every party other than labour made it clear the intention was to scrap the scheme if they came to power. Now that has been done, and government wants to destroy the data collected under the ID Card scheme within two months. Consequently, they will be unable to offer such a discount as the data will not be on record to inform Passport agencies of the eligibility for a discount.

I must agree with the Government policy on this one buy into a trial of a contreversial program and you have to understand the consequencies of it – it could go down the drain as was the case here. I once bought shares in a newly floated company on the AIM exchange and it collapsed I cant exactly expect a discount on my next set of shares now can I?

Really does bring in to question the competency of the department that overseen the program having an unlimited budget they spent £330 Million and did not even manage to come close to a percent of that from the scheme. They would have required at least 1/6Th of the population of the UK to sign up to come close to breaking even – and that doesn’t take into account the on-going costs of maintaining the system.

One protester against the system suggested buying one as a memorabilia for the success against the system.

References
ZDNet
Public Service

Tags: , , , , , , ,
No Comments »

Girl banned from Internet after 21K Party invite

Published by calhoun on September 20th, 2010 - in News

Facebook PictureIn what many would see as a comical party invite, a young girl has managed to generate a 21,000 guest list by inviting people to her birthday party on facebook.

The young girl had not understood the privacy settings on the site causing her to generate an open public event instead of a private one for her friends. Her mother had allowed her to invite 15 people so they got slightly more than they bargained for.

Her mother in classic bad parenting style has removed her access to the internet so she cant make the mistake again. Is that really learning if you are unable to make the mistake again you’ll never learn from the previous mistake.

The 21,000 or so attendees would nearly double the town’s population and consequently the police have stepped up operations in the area to prevent any trouble occurring should any of the attendees turn up – the address was detailed in the public event.The event has since been deleted to prevent any more people coming.

References
The Telegraph

Tags: , , ,
No Comments »

Cant get onto Facebook, perhaps your on orange?

Published by calhoun on September 20th, 2010 - in Technology

Facebook Picture Reports of troubles accessing Facebook by Orange Mobile customers suggest that Facebook has started to ban a significant a mount of IPs from the Orange ISP IP Pool. This highlights the problems associated with using IP as a means to block trouble makers – quite often the IP used belongs to others not just the abuser.

The general user base showing ignorance of the technical abilities of the two companies have already been complaining to Orange. Yet quite clearly Facebook is the one with the power to block access to its site by IP.

The two companies are however working together to hopefully restore connectivity to the service.

References
ZDNet

Tags: , , ,
No Comments »
© Copyright (c) 2011 Whitebunnywabbit
Web design manchester Textmimedia
Digital Photography at Digitcal