Law & Disorder

Facebook Twitter
RSA 2011: Winning the War But Losing Our Soul

RSA 2011: Winning the War But Losing Our Soul

April 4, 2014 , 3:41 pm IE 12 to Support HSTS Encryption Protocol Microsoft confirmed today it will support HTTPS Strict Transport Protocol (HSTS) in Internet Explorer 12, bringing its browser in line with other major vendors in its support of the protocol. Read more... April 4, 2014 , 2:11 pm Microsoft to Block Unwanted Adware July 1
Silicon Valley Congresswoman: Web seizures trample due process (and break the law) Silicon Valley Congresswoman: Web seizures trample due process (and break the law) At 9:30pm PST on February 11, US Immigrations and Customs Enforcement (ICE) seized the domain mooo.com. They ordered the domain name's registrar to redirect all traffic headed for mooo.com to a government IP address, one which displayed a single stark warning that the domain name had been seized for involvement with child pornography. But the mooo.com domain name was shared between 84,000 sites; every one suddenly displayed the child pornography warning. The mistake was soon corrected, but the free domain name provider running mooo.com warned users that removal of the banner from their sites might "take as long as 3 days."
Etsy users irked after buyers, purchases exposed to the world Etsy users irked after buyers, purchases exposed to the world What would you do if you registered on a site to buy something, only to find months later that your user account was searchable and your purchases were exposed? That scenario is currently playing out for Etsy users, who are dealing with the fallout from Etsy's decision to roll out a new People Search tool. The site, dedicated to enabling crafters and artisans to sell their work online, has yet to notify its user base of the change that exposes users' real names and, via their profile pages, anything they have purchased and left feedback on. The controversy began last week when Etsy flipped the switch on People Search as part of its effort to make Etsy feel more like a social network.
Internet vigilante group Anonymous turned its sights on security firm HBGary on Sunday evening in an attempt to "teach [HBGary] a lesson you'll never forget." The firm had been working with the Federal Bureau of Investigation (FBI) to unmask members of Anonymous following the group's pro-WikiLeaks attacks on financial services companies, and was prepared to release its findings next week. HBGary had been collecting information about Anonymous members after the group's DDoS attacks on companies perceived to be anti-WikiLeaks. Anonymous to security firm working with FBI: "You've angered the hive" Anonymous to security firm working with FBI: "You've angered the hive"
How one man tracked down Anonymous—and paid a heavy price Aaron Barr believed he had penetrated Anonymous. The loose hacker collective had been responsible for everything from anti-Scientology protests to pro-Wikileaks attacks on MasterCard and Visa, and the FBI was now after them. But matching their online identities to real-world names and locations proved daunting.

How one man tracked down Anonymous—and paid a heavy price

I think the real lesson of the hack - and of the revelations that followed it - is that the IT security industry, having finally gotten the attention of law makers, Pentagon generals and public policy establishment wonks in the Beltway, is now in mortal danger of losing its soul. We've convinced the world that the threat is real - omnipresent and omnipotent. But in our desire to combat it, we are becoming indistinguishable from the folks with the black hats. by samadhi Mar 15