Welcome to ASFN Fan Forums! We're glad to have you here. Please feel free to browse the forum. We'd like to invite you to join our community; doing so will enable you to view additional forums and post with our other members.
Registered Members don't see these ads. Register now it's free!
I subscribe to a couple sites that provide updates on new state-of-the-art security issues, technology, and lapses. From time to time I'll post items here of relevance; others please do the same. (Probably some of this stuff could go on the tech thread, too, but this is such paranoid fantasy fodder it seems best here on P & R.)
Quote:
122 Federal Aviation Administration safety inspector badges have been stolen or lost in the past five years. The credentials are one of the few forms of identification that give complete and unfettered access to airport facilities, including the cockpits of planes in flight.
"The FAA badge is probably of all the badges just as dangerous if not more so than any other," aviation expert Denny Kelly said.
Kelly, a former commercial pilot and a private investigator, said the badge can give a person free access to nearly every secure area of an airport.
"The FAA badge allows you not only on one airline, plus getting through security, it allows you to get on any airline, any airplane, anyplace," he said.
Then I found this:
Special Offer for FAA Employees only
Located in the Holiday Inn Airport, is offering FAA employees a 15% discount on their ALL-YOU CAN EAT Lunch Buffet. Just show your ID badge for discount. Lunch hours are 11 a.m. to 2 p.m. on the dates indicated on the calendar.
Call the Holiday Inn for more information.
Registered Members don't see these ads. Register now it's free!
__________________
oderint dum metuant (Latin for 'let them hate, so long as they fear').
Well, in truth I'm actually not a total hawk, but I'm not a dove either -- I'm more like an angry pigeon flying over the political arena after a really big meal. -Abba Gav
"I reprogrammed a car fob, Mr. Cheney. Now I control you."
by Chris Soghoian
A team of respected security researchers known for their work hacking RFID radio chips have turned their attention to pacemakers and implantable cardiac defibrillators.
The researchers will present their paper, "Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses," during the "Attacks" session of the 2008 IEEE Symposium on Security and Privacy, one of the most prestigious conferences for the computer security field.
By reading between the lines (millions of remotely implanted medical devices, able to administer electrical shocks to the heart, can be controlled remotely from distances up to 5 feet, and are designed by people who know nothing about security), it is easy to predict the gigantic media storm that this paper will cause when the full details (and a YouTube video of a demo, no doubt) are made public.
I couldn't choose which smiley to use...
__________________
oderint dum metuant (Latin for 'let them hate, so long as they fear').
Well, in truth I'm actually not a total hawk, but I'm not a dove either -- I'm more like an angry pigeon flying over the political arena after a really big meal. -Abba Gav
Hannaford breach raises new fears
Associated Press WritersThu Mar 20, 5:22 PM ET
At first, it sounded like another in a long line of credit card breaches: Up to 4.2 million account numbers were stolen by thieves who cracked computers at Hannaford Bros. Co., an Eastern supermarket chain. 1800 cases of credit card fraud have already been identified.
But the specifics of the crime, revealed this week, included some troubling twists that might expose big holes in the payment industry's security standards. For one thing, Hannaford said this sensitive data were exposed when shoppers swiped their cards at checkout line machines and the information was transmitted to banks for approval.
While thieves have commonly pilfered payment card data sitting in databases maintained by merchants or card processors, the Hannaford episode appears to represent a new line of attack: the first large-scale piracy of card data while the information was in transit over state-of-the-art fiber-optic networks.
Another intriguing facet is that Hannaford was found — while the hack was still going on last month — to be in compliance with the security standards required by the Payment Card Industry (PCI), a coalition founded by credit card companies. Hannaford would not discuss specifics of its security system, so it was unclear to what extent its stores encrypted payment data throughout the transmission process.
But in practice, encryption often goes unused at certain points in a data-processing chain because the computing power it requires can slow down transactions, especially on older hardware. (And per one analyst, because it is wrongly believed by PCI to be in an already-secure system.)
A malicious software program, written by the thieves, intercepted the information as it went back and forth over a cable to a transaction processor in Denver. It was then transmitted to an Internet service provider somewhere outside the U.S. The software, known as malware, was planted on computer systems in every store in the two chains, the company says.
...it took a team of about 30 forensics experts and information technologists more than 10 days of round-the-clock troubleshooting to discover the malware.
__________________
oderint dum metuant (Latin for 'let them hate, so long as they fear').
Well, in truth I'm actually not a total hawk, but I'm not a dove either -- I'm more like an angry pigeon flying over the political arena after a really big meal. -Abba Gav
Linear Mode
