Archive for Hellman

Episodes 110 and 111- February 14, 2010

Posted in Breach, Conference Coverage, Court Cases, darkweb, Legislation, Podcast, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , , , , , on February 13, 2010 by Habeas Hard Drive

su root edition: Episode 110 is the full-length, unedited version of our interview with Dr. Martin Hellman. It is 26 minutes long.  We discuss Dr. Hellman’s early work on public key encryption, and his new project, applying security risk assessments to measure the threat posed by the nation’s nuclear weapons stockpiles.

Read Dr. Hellman’s latest paper here.

Here are the show notes for Episode 111, the whole show, which also  has a version of Dr. Hellman’s interview, during the final 10 minutes of the show. Episode 111 is exactly one hour long, and here are the show notes.

The Zeus banking attacks are multiplying like rabbits, and there are new victims everywhere. Read about a Los Angeles businessman who’s out $50 thousand dollars, and can’t get recourse from his bank. This story illustrates the state of general ignorance that exists about the Zues attack (which we suspect is the culprit). The bank says its procedures preclude online theft, and the customer says the bank must have crooked employees. The customer has filed a lawsuit, and each party is pointing its finger at the other.

Meanwhile – adding insult to injury – a new variant of Zeus not only steals money out of the accounts… it carries a hidden message that taunts the anti-virus makers.

And another one – New Banking Trojan Targeting ACH and Wire Payment Sites is Discovered

Alert – Zeus Campaign Targeted Government Departments.

What was Google thinking when it launched Google Buzz, pulling gmail users into the social networking site without their permission, and exposing all the user’s frequent email contacts to public view? It was Google’s attempt to leapfrog Facebook in the social networking arena, creating instant follower and friend lists from people who are alread part of the gmail users’ own social networks. This caused an uproar. After four days of online rage from angry gmail users and privacy advocates, Google cried uncle, and apologized for forcing their product on the customers.

This was the first story about Google Buzz. There are probably hundreds more that posted in the next few days.

The TPM (trusted platform module) chip can be hacked. This hack was demonstrated at Black Hat D.C.

Macy’s trash cans full of customers’ personal information. Actually the papers containing the information had been fished out of the dumpster and were being used for a bed by a homeless man.  But don’t worry, Macy’s has started putting lids on the trash bins now.

XP patching problems – some people have experienced total system failure after applying last week’s Microsoft patches. Microsoft reports the problem may have a different source. “Root kits” stored on some systems. F-secure offers a root kit elimination application, It’s called Black Light and it’s free

Question: Do I really want someone with an iPhone taking my credit card info?

New law enforcement tool makes fingerprinting obsolete. Arapahoe County, Colorado is using an iris scanner.