Tag: security

You’re Getting More Secure

IMAG1400In case you don’t read the geek press, everything you touch digitally will soon have new encryption schemes built in. That lessens the chance anyone but you will ever see your stuff.

It’s the new world where JLa’s pics stay private.

But everyone knows it’s really about keeping the government out.

Apple and Google’s next operating systems are toughened against spying. It’s my understanding Apple is removing a ‘feature’ iPhones now have which enabled much of this.

More and more websites are https not http. They’ve added layers of encryption. Your transactions are hidden from prying eyes.

Businesses have been hurt by government’s massive spying efforts. Cloud companies, meaning Google, Amazon and a bunch of others, need to reassure nervous clients in our global economy. This is a sector where US companies have had great success.

Businesses and people want to flesh out ideas without later answering for early notes. We should be allowed to think in private.

In the end, by spying too invasively, the NSA and others made their own jobs more difficult. Is this how checks and balances work in the 21st Century? Maybe. Probably.

The NSA’s On The Wrong Side Of Heartbleed

Since this entry was published the NSA had denied any part in knowing the Heartbleed flaw existed. Their adherence to the truth has been less than exemplary in the past. Let’s let this play out. – Geoff

heartbleedYou’ve probably heard about the Heartbleed bug by now. It’s a flaw introduced to to SSL (Secure Sockets Layer); a mistake as code was updated.

Simply put, Internet data transmissions we thought were secure were not. Things like passwords, financial information, anything private was easily cracked.

The bug languished mostly unknown for years. That’s called security by obscurity. Never a good idea. We’re seeing that now.

As far as I can tell Heartbleed’s never been exploited for nefarious commercial purposes. It has that potential. However, it has been exploited by our government’s spies!

The NSA knew Heartbleed existed. They had a choice, tell the maintainers of the code to fix it or exploit it themselves and leave us vulnerable. They chose the latter.

Now, because the NSA felt their ability to soak up data trumped our collective security, Heartbleed is a big deal! Leaving this security hole open for years is reprehensible.

More and more it seems America’s intelligence agencies, beginning with the NSA, are out-of-control. They have lost sight of their actually mission–protecting us. Instead we are more vulnerable and our international partners know we can’t be trusted with their precious secrets.

This story was broken by Michael Riley at Bloomberg News.

“It flies in the face of the agency’s comments that defense comes first,” said Jason Healey, director of the cyber statecraft initiative at the Atlantic Council and a former Air Force cyber officer. “They are going to be completely shredded by the computer security community for this.”

It’s time we have a come to Jesus meeting with our spies. Is everyone in Washington that scared of them?

The Bomber Will Be Found

“We will go to the ends of the earth to find the subject or subjects responsible for this despicable crime.” – Richard DesLauriers, special agent in charge FBI Boston office.

I am not a Polyanna. I am certain the Patriot Day bomber will be found. He will be found thorough technology.

face-recognitionThe state of the art on facial recognition has advanced greatly over the past few years. There are commercial systems for sale which find individual faces and track them over time from video! Law enforcement has been buying this stuff like crazy.

There is no doubt the finish line for the Boston Marathon will produces hours, maybe days, of video. In the past that would have presented a daunting task. No more. Beefy computers will ingest that data and ask for more!

Most of us are unaware of the daily surveillance we undergo. Personally, I find it creepy. Walk the streets of Manhattan, look up and you’ll find cameras nearly everywhere. It’s less here in the hinterland, but there’s still plenty.

Here’s what the FBI and Boston Police have going for them: The bombs (inside pressure cookers, inside backpacks) could not have been on the ground long. Someone will be spotted walking with them.

Once they pick up the scent the FBI will be able to go to other, more distant, cameras to find where the suspect went. I assume suspect images will be cross matched against customs and other photo databases. Remember, your digital photograph is held at the DMV.

This type of technology was in use in 2001 at Super Bowl XXXV in Tampa.

Wired.com: Face-recognition software surreptitiously scanned everyone passing through turnstiles and flashed probable matches with the mugs of known criminals on the screens of a police control room.

There are few technologies in real life that work like CSI. This is one of them.

I pray I’m right.