Skip to main content

Home/ StJulians_ITGS/ Group items tagged 1.2_security;

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
The Zhan

Keeping Your Network Secure : CCTV Security Cameras - 2 views

www.thecctvblog.com/keeping-your-network-secure

1.2_security; 1.3_privacy_anonymity; 1.7_surveillance; 3.3_networks; 3.4_internet

shared by The Zhan on 29 Apr 12 - No Cached
  • The Zhan on 29 Apr 12
     
    A solution to the problem associated to IP security cameras. as seen in: http://www.bbc.com/news/technology-16919664
benjon hamal

BBC News - Hollywood goes to war on pirates - 2 views

www.bbc.co.uk/...technology-14325881

1.4_intellectual_property 1.2_security

shared by benjon hamal on 23 Jan 12 - No Cached
  • Mr Brooke on 24 Jan 12
     
    add those tags Benjon!
The Zhan

Legislation in Portugal - cybercrime - 2 views

www.cnpd.pt/...LEI109-2009-%20CIBERCRIME.pdf

1.2_security;1.9_policies; 2.6_law_control; 3.1_hardware; 3.2_software

shared by The Zhan on 24 Jan 12 - No Cached
  • The Zhan on 24 Jan 12
     
    Some of the points are: 3. information falsitication The intention to cause errors in juridical relations by introducing, modifying, deleting or suppressing data or by producing non-genuine documents can lead to a fine of 120 to 600 days, or 5 years of jail. 4. Damage relative to programs or data Whoever does not have legal permission or the administrator's consent to delete, alter and impossibilitate utilisation of programs or data, will be punished with up to 3 years in jail or a fine. 5. electronic sabotage Whoever does not have legal permission or the administrator's consent to obstruct, interrupt of gravely disrupt the functioning of an information system through introduction of, alteration of, damaging of, or suppression of programs and data will be punished with up to 5 years in jail or a 600-day fine. 6. Ilegitimate access Whoever does not have legal permission or the administrator's consent and tries to access an IT system will be punished with up to 1 year in jail or a 120-day fine. Punishments also true for users who produce, sell or distribute a set of executable instructions destined to cause the aforementioned unauthorised actions. 7.Ilegitimate interception Whoever does not have legal permission or the administrator's consent and tries to intercept the transmission of data  will be punished with 3 years of jail.
Jorge F1

Hackers hit US security company - 1 views

www.bbc.co.uk/...world-us-canada-16330396

1.2_security 2.6_politcal_processes 3.7_databases

shared by Jorge F1 on 26 Dec 11 - No Cached
  • Jorge F1 on 26 Dec 11
     
    The activist hacker group Anonymous says it has stolen thousands of emails, passwords and credit card details from a US-based security think-tank. The hackers claim they were able to obtain the information because the company, Stratfor, did not encrypt it. They say Stratfor's clients include the US defence department, law enforcement agencies and media organisations.
  • Ines Simon on 28 Dec 11
     
    At least it was for a good cause, instead of keeping the money they gave it to charities.
Jorge F1

Israeli hacker retaliates to credit card hacking - 2 views

www.bbc.co.uk/...world-middle-east-16526067

1.2_security 2.6_military 3.7_databases

shared by Jorge F1 on 15 Jan 12 - No Cached
  • Jorge F1 on 15 Jan 12
     
    An Israeli hacker has published details of hundreds of Saudi credit cards online and is threatening to post more in revenge for acts by Arab hackers.
  • ...1 more comment...
  • Ines Simon on 18 Jan 12
     
    One of the main social and ethical issues in this article is surly privacy. Privacy has been a main issue for our society, not only about credit card details, yet also other personal information. As technology is increasing, the less privacy we have as there are more ways in obtaining this information. And in this case, as technology is increasing, hackers are also as there are easier and more ways in order to get the information they want. There are various ways the hacker can get access to these thousands of credit card numbers, here is one step-by-step of one of the ways of how this IT system works: Firstly, the hacker (or hackers) go around lots of banks and put a small video camera pointing to the bank machine keypad. This video camera is well hidden so that people cannot see them. When someone goes to the machine, they put their credit card number and this analogue information converts to digital information and is recorded in the memory in the video camera. After a few hours/days, the hackers remove the video cameras and upload the data in the memory card via a USB cable and save the data on their servers. The hackers then watch the video and record the credit card numbers on a paper/other computer. With this information, they can obtain more personal information such as names, phone numbers, post codes etc with specialized programs. Finally, when they have all the information they have, they post the personal information including the credit card numbers, on the internet. Yet, in order to maintain the hacker anonymous and not being able to be found via the IP address, he uses another proxy server when uploading this information on the internet. There are also other ways to get the credit card information such as: - Intercepting emails containing passwords - Popups infected by viruses - Spyware - Spam - Keyloggers etc. Some possible solutions for this issue is: - When typing your credit card number in the bank machine keypad, hide the keypad coveri
  • Morten Nielsen on 18 Jan 12
     
    Well yes, I agree with Ines. This is to some extent about privacy. However, I doubt that they obtained that much information by use of cameras in banks. I'd find it much more likely if they have obtained the data from a database in the private sector. I do not think privacy is the most important issue here though. By far and large the most important issue in the article - is how cyber warfare could start to affect the conflict in the Middle East. We've seen how valuable the Internet was in the Arab Spring. The cyber warfare is going to be, and to some extent I imagine, is already an essential tool for the different factions in the Middle East. As this was a breach in the private sector, the security there must be improved with f.ex. stronger firewalls.They must improve their security, if not they are sure to lose money because of the reliability issue.
  • Ines Simon on 19 Jan 12
     
    I agree with you, Morten. However, I gave one example of how it would be possible to obtain the credit card numbers, where I gave in the end more examples of how it would be possible to do so.
Jorge F1

Zuckerberg Facebook photos hacked - 2 views

www.bbc.co.uk/...technology-16067383

1.2_security 2.5_social_networking 3.4_internet

shared by Jorge F1 on 23 Dec 11 - No Cached
  • Jorge F1 on 23 Dec 11
     
    A series of private pictures of Facebook founder Mark Zuckerberg have been posted online by "hackers" to highlight a bug in the social network. In total 14 pictures of Mr Zuckerberg were posted to image site Imgur under the headline: "It's time to fix those security flaws Facebook".
  • Fiche Galinha on 05 Jan 12
     
    Although some people have no problem whatsoever with flaunting themselves on facebook, effectively giving up on their right to privacy, some people do appreciate their privacy something that lately seems to be inexistent for facebook users. As mentioned in the following article: http://www.thenational.ae/thenationalconversation/comment/facebook-having-devoured-your-privacy-wants-more, facebook are slowly implementing a new feature that will suggest events your friends are attending even if you were not invited. This latest facebook bug goes to show how easy it is for someone to lose their privacy on the internet as even facebook founder and creator Mark Zuckerburg is susceptible. Hopefully this "small" incident will increase facebook's concern for protecting their users' privacy and increase its security after complaints that privacy settings are not functioning properly and various users being victims of phising attacks.
Isy :)

'Anonymous' targets German far-right with Nazi-leaks.net - 7 views

www.bbc.co.uk/...technology-16424987

1.2_security 1.3_privacy_anonymity 3.4_internet 2.4_political_processes

shared by Isy :) on 10 Jan 12 - No Cached
  • Tranny Franny on 10 Jan 12
     
    The social and ethical issues that relate to this article are that privacy and security and reliablility to a certain extent. What the Anonymous group are doing is basically taking people's personal information such as name, age, adress etc. and putting online for everyone to see, simply becuase they favoured nazi views. This is essentially the invasion of people's privacy as people's information is free for everyone to see. IT is also a security issue as people who feel very strongly against people who favour nazi views, have access to these peoples' adresses and could impose a danger. Reliability is also an issue, as it's mentioned in the article that none of the people that were mentioned in the website were actually confirmed to share Nazi ideals, meaing they are unjustly putting people in danger.
  • ...1 more comment...
  • Mr Brooke on 11 Jan 12
     
    One of the problems here is the authenticity of data being released. ""This is a lot of data, but there are already some names where it's clear the people are not right-wing extremists." Some people identified in the data had merely been contacted by right-wing publications seeking interviews, she added." Some of the people on the list are not Nazis. What could be a solution to this?
  • Morten Nielsen on 11 Jan 12
     
    The article does raise some rather interesting social and ethical concerns. The main thing here is of course "Anonymous" breaking the Data Protection Act 1998 with their unlawful obtaining of personal information. While one can admire "Anonymous" fight against neo-nazism, the results they are producing are in fact not reliable. Though, as we've seen in the past, "Anonymous" are skilled proper encryption and security should have been able to fend them off and safeguard all information. Looking back, this would have the ideal to avoid the situation the websites are in now. I cannot see a plausible way of undoing this, and again give privacy to those who had it broken, as the information has been linked to multiple other sites - so perhaps this is only to serve as a lesson for others websites containing personal information.
  • joey <3 on 11 Jan 12
     
    Well, to be honest the best solution would just to not post any private information online but seeing as that option wouldn't be considered by the 'anonymous' hacker group they could at least find a way and make sure that the only personal information posted online its authentic and from the main followers and contributors to this Nazi supporting website… but I don't really know how they would be able to do this, sooo if anyone knows please share because now I'm curious aha As much as I don't agree with the Nazi ideals and as much as I believe that supporting them is (sorry for being improper here) idiotic. I still don't agree with posting this private information online because as mentioned above, this does pose a major danger to the people whose information has been posted online by the people who have very strong feelings against these Nazi supporters.
Jorge F1

DNA link led to sex attack arrest - 4 views

www.bbc.co.uk/...uk-england-essex-15923444

1.2_security 2.6_law_control 3.7_databases

shared by Jorge F1 on 05 Jan 12 - No Cached
  • Jorge F1 on 05 Jan 12
     
    The national DNA database proved "uniquely crucial" in an investigation that led to the conviction of a sex attacker in Essex. But police fear the service that helped to link Lawrence Button to the sexual assault of a former University of Essex student, in 2009, may be scaled back.
  • ...3 more comments...
  • The Zhan on 06 Jan 12
     
    This article compromises the privacy of British citizens, as well as the reliability and integrity of the DNA database. I will focus my comment on the latter. It was a matter of fortune that Button's DNA had been collected due to his arrest for a domestic assault in May 2010. This is because according to the Protection of Freedoms Bill, biometric material can only be retained if the holder consents it formally. This consent "can be withdrawn at any time". There are also strict regulations on the amount of time that a DNA profile can be retained by authorities according to the new Bill. In addition to that, what way is there to ensure the 62 million(http://en.wikipedia.org/wiki/United_Kingdom) British citizens have their DNA profile taken and input in the database? This compromises the integrity and completeness of the DNA database. According to the article itself, "The national database is believed to hold over five million DNA profiles". The new Bill also "requires schools to get parents' consent before processing children's biometric information" (http://services.parliament.uk/bills/2010-11/protectionoffreedoms.html) The full official bill on the regulation of biometric data can be found at: http://www.publications.parliament.uk/pa/bills/lbill/2010-2012/0099/lbill_2010-20120099_en_2.htm#pt1-ch1-pb1-l1g1 Hence the sweeping statement "The odds, we were told, were over a billion to one, so we were quite confident we'd got the right man", is certainly misleading, because the database is likely not to include a fraction of the British population. The most disturbing thing is that the responsible chief Richard McNamara states "it was the DNA alone that convicted the man, because we never had any other evidence". Is it really ethical to convict a criminal solely based on a potentially incomplete database? A solution to this problem would be to enforce surveillance systems and active police monitoring in order to obtain more plausible evidence.
  • The Zhan on 06 Jan 12
     
    This article regards the compromising of the privacy of British citizens, as well as the reliability and integrity of the DNA database. I will focus my comment on the latter.
  • Mr Brooke on 06 Jan 12
     
    "The Zhan" you raise some interesting points on the privacy issues of DNA databases. However I think you may have misunderstood the reliability issue of the DNA test. When two DNA samples are found to be the same then it is 99.99% certain that it is in fact the DNA of the suspect and is a very reliable indicator that it was that person. There are forensic issues involved in the collection and contamination of DNA samples from a crime scene but that is another issue. The main social and ethical issue here that you have rightly pointed out is the collection and storage of DNA from people. This article outlines some of these issues from 2008: http://news.bbc.co.uk/2/hi/uk_news/7177152.stm Here the issue of innocent peoples data being stored has come because ....."following a change in the law in 2001, all DNA collected by forensics - for whatever purpose - can be stored permanently. " It was promised in the recent election in the UK to destroy old data but it appears to be one of the many U turns that the current government has made: http://www.telegraph.co.uk/comment/telegraph-view/8659968/A-Bill-to-curtail-our-liberty.html
  • The Zhan on 06 Jan 12
     
    I agree with your first point to some extent, but I think that implying that it DNA profiling is 99.99% accurate is when in fact it is 99.9999999999% accurate (one to a trillion sir, get it right), is not acceptable - according to this http://www.guardian.co.uk/commentisfree/henryporter/2009/may/25/dna-database-false-positive I think that retaining DNA samples in databases and profiling an individual in a pervasively detailed manner could lead to extremes such as that of convicting criminals for pre-crimes, as portrayed in the film Minority Report. That would heavily compromise a citizen's privacy. http://3.bp.blogspot.com/-I7tBjrA8Mj0/TWPfWNY9-0I/AAAAAAAAADg/QTXlFpTtNvM/s1600/MINORITY+REPORT.jpg "The US government has come up with a Big Brother-esque machine that senses if an individual intends to do harm". The system, "Future Attribute Screening Technology (FAST), determines if a person intends to do harm by using a mal-intent algorithm that uses data from sensors that monitor a person's physiological and behavioral changes." http://news.techworld.com/security/3309928/tom-cruise-pre-crime-minority-report-machine-brought-to-life/
  • Mr Brooke on 06 Jan 12
     
    Good find Zhan! Would be interesting to see what the bods in the maths department have to say about "adventitious matches" and statistical probability. Maybe any of you who do HL maths can follow it up and add to this? Nice to see a reference to some classic sci-fi as well. This is a favourite read of mine. Also one of my all time top ten films! http://en.wikipedia.org/wiki/Do_Androids_Dream_of_Electric_Sheep%3F http://www.imdb.com/title/tt0083658/
Morten Nielsen

BBC News - Valve's online game service Steam hit by hackers - 3 views

www.bbc.co.uk/...technology-15690187

1.2_security 1.1_reliability_integrity 3.7_databases 3.4_internet

shared by Morten Nielsen on 05 Jan 12 - No Cached
  • The attackers used login details from the forum hack to access a database that held ID and credit card data
  • The initial investigation showed that the attackers gained access to a Steam database that held "user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information".
  • Tranny Franny on 06 Jan 12
     
    This article further increases the already notorious fear of databases containing people's details being accessed by undesired people, who could potentially use this data to cause harm. This raises a serious privacy issue, as, although it has not been confirmed, these hackers have accessed the Steam database which holds up to 35 million people's credit card data and email addresses, posing a threat to a large amount of people. Although it is not known if any harm came of this attack, security measures such as changing password and transferring credit card data to a more secure service (Steam Guard security service) were suggested to Steam users. This is a solution that doesn't undo the harm that has already been made, but is still a positive measure as it can help prevent potential future attacks from hackers on this database.
  • The Zhan on 11 Jan 12
     
    "Valve has officially rolled out its new Steam security system, Steam Guard, which allows users to lock their accounts to a single PC if they so choose. Steam Guard essentially blocks all attempts to access a protected Steam account, then sends verification emails to a registered email address which allow the account owner to monitor account activity and grant access on a single PC at a time. " http://www.bit-tech.net/news/gaming/2011/03/17/valve-launches-steam-guard-security/1 This ensures the 35 million users "the account security they need as they purchase more and more digital goods", especially if they use Steam in public spaces such as cibercafés. http://www.joystiq.com/2011/03/03/valve-introduces-steam-guard-to-fight-acount-phishing-and-hijack/
joey <3

Chinese Hackers Blamed for Huge South Korean Database Theft - CSO Online - Security and... - 2 views

www.csoonline.com/...ge-south-korean-database-theft

1.2_security 3.7_databases 2.5_social_networking

shared by joey <3 on 05 Jan 12 - No Cached
  • the main worry is that the data theft will fuel a rise in spamming, phishing and social engineering attacks.
  • joey <3 on 05 Jan 12
     
    "Hackers have stolen the personal data of 35 million users of the South Korean social network Cyworld and search engine Nate, the company that runs them SK Communications has admitted."
  • Isy :) on 06 Jan 12
     
    This article talks about the theft of personal details such as email addresses, phone numbers and passwords, despite having been encrypted. This article brings up the ethical issues of privacy, reliability and security, showing that even though precautions such as encryption were taken to avoid such incidents, private and confidential information was still hacked. It questions the reliability and the security of online systems which store private data in databases, and will no doubt discourage people from using or providing personal information to such websites. Though the incident can be overcome by asking users to "reset those credentials", the theft presents the possibility of increased amounts of spamming and phishing, therefore actions should be taken to inform and protect users from becoming victims of such scams. The following website gives suggestions on how to protect yourself against phishing: http://www.focus.com/fyi/44-ways-protect-phishing/
El Mexicano Pastiche

Hackers expose defence and intelligence officials in US and UK - 4 views

www.guardian.co.uk/...defence-intelligence-officials

3.4_internet 1.2_security 1.3_privacy_anonymity 2.6_military 3.7_databases

shared by El Mexicano Pastiche on 10 Jan 12 - No Cached
  • benjon hamal on 10 Jan 12
     
    This article presents intellectual property theft of civil servants. The article raises many ethical issues such as of privacy, anonymity, security etc. The hackers have accessed private information of government officials, (some of them who work in sensitive areas) their details and emails. Some officials fear that their e-mails can be quickly cracked using off the self software. Some companies client's credit card numbers and addresses were also hacked. The hackers, who are an anonymous groups have clearly violated the privacy rights of individuals. Exposing civil servants data can turn out to be of serious problem for the government. New methods should be developed to secure these confidential data.
  • ...2 more comments...
  • Mr Brooke on 11 Jan 12
     
    Good overview of the issues there Benjon. Intellectual property is not the issue here however so be careful using terminology correctly. You have stated one of the problems can anyone be more specific about that problem and provide a solution?
  • Jorge F1 on 11 Jan 12
     
    The article depicts how the personal information of various government organisations have been illegally accessed, furthermore these details have been posted on a vast amount of websites and details such as email passwords etc can be easily cracked using off the shelf software. This means that anyone who has seen the exposed data can easily gain further access to credit card details etc. Furthermore, this puts lives at risk for MI6 agents especially as their cover is supposed to maintain secret, if that sort of information gets into the wrong hands the cover of many agents will be blown and their lives will be at risk.
  • Fiche Galinha on 11 Jan 12
     
    There are various different ways in which security could be improved to prevent a similar incident from happening. It is mentioned in the article, and by Benjon that simple of the shelf software would be capable of decrypting the passwrords stored on the Stratfor database. This in my opinion is quite shocking as Stratfor offers its service to government officials all around the world, most likely for a monetary fee, and seem to not care whether or not the information they are MEANT to secure is infact secure. This issues could be easily solved by improving their encryption technology to or close to military grade encryption. It is most likely that the company's reputation has been severely damaged and rightly so.
  • Mr Brooke on 11 Jan 12
     
    Nice link here explaining basics of military encryption: http://searchsecurity.techtarget.com/definition/Advanced-Encryption-Standard Also I follow this guy's blog and he always has some interesting stories on security and has done a lot of work in the world of cryptography: http://www.schneier.com/
Fiche Galinha

Kaspersky Warns of New Facebook Chat Phishing Attack - eSecurity Planet - 2 views

www.esecurityplanet.com/...book-chat-phishing-attack.html

3.4_internet 1.2_security 2.5_home_leisure 2.5_social_networking

shared by Fiche Galinha on 16 Jan 12 - No Cached
  • Kaspersky Warns of New Facebook Chat Phishing Attack
1 - 20 of 68 Next › Last »
Showing 20 items per page