| |
|
RE: Schneier on Security: Forge Your Own Boarding Pass |
|
|
|---|
| Topic: Society |
7:09 pm EST, Nov 23, 2006 |
The message coming out of the security community seems to unanimously contain the same basic ideas: The TSA needs to fix the problem and not shoot the messenger.
Actually, the TSA needs to acknowledge that they DO NOT KNOW WHAT THEY ARE DOING!!! Come on... are we really ANY SAFER since 9/11? (I'll give you a hint, I just bought another 1,000 rounds of ammunition) RE: Schneier on Security: Forge Your Own Boarding Pass |
|
RE: Top Democrat: Bring back the draft - CNN.com |
|
|
|---|
| Topic: Current Events |
11:39 am EST, Nov 22, 2006 |
Umm... As I understand it, Rangel's draft maneuverings have more to do with forcing the more hawkish members of congress to go on record as having voted for or against a draft. Part of his point is also that these same elected officials would be less likely to vote for armed conflict if they knew that their children could be called up to serve in the event of said conflict...
Sounds like a case of the man simply having NO BRAINS then... That's a stupid way of "making a point". Our Military would be weakened by a forced conscription and draft, as it is today, our Military is ALL VOLUNTEER. Which means, that each and every person that HASN'T served our country, needs to take a moment, find one who has, and THANK THEM for their commitment and sacrifice. REGARDLESS of the "conflict", war, or action they were/are involved in, these people believe in the "American Way of Life" so strongly, that they are willing to sacrifice their time, and in some cases, their life, to be the strong force of our Government. (Regardless if you feel the particular action is right or wrong.) Please, take a moment to thank your nearest sailor, airman, soldier, marine, and coast guard. If you don't know any, here are a few links to find a way to say "Thanks". http://www.uso.org/whatwedo/specialprograms/ http://www.military.com/Content/MoreContent1/?file=support_troops http://www.usocares.org/src/uso_home.htm Thats my 2¢, YMMV. dc0de. RE: Top Democrat: Bring back the draft - CNN.com |
|
RE: He built a WHAT?!?! His parents are mad! |
|
|
|---|
| Topic: Science |
8:10 am EST, Nov 22, 2006 |
Dagmar wrote:
Dear god I just can't see how he pulled this off but some 17-year old has built a fusion reaction device in his freaking basement. I know exactly how far that would have gotten with my mom, encouraging soul or not. "There is no way you're blowing up the house."
And they all called me and my boyhood best friend crazy for building robots that could chase cats, follow light beams, and for playing with chemistry sets after school... Ahh, theres nothing like the smell of chlorine gas to make you remember what it was like... filling the house with a deadly cloud, and trying to figure out if you should call the Fire Department to evacuate the fumes, or simply open the doors and let it "air" out itself... (we called the Fire Dept. and wow, did that make for an interesting week of being grounded...) But of course, trying to find a true chemistry set is getting harder... I'm surprised that this young man and his family didn't get a visit from the DHS Nazi's... RE: He built a WHAT?!?! His parents are mad! |
|
BigBruin.Com Forum :: Ballmer: |
|
|
|---|
| Topic: Technology |
4:01 pm EST, Nov 19, 2006 |
Ballmer: "Linux Users Owe Me Money" Finally Microsoft pulled the expected rabbit called 'FUD' all the way out of the hat. Redmond had been hinting for a few years that the rabbit was hiding in there, but VOILA here it is! Ballmer now boldly claims that Linux "uses our intellectual property". It had been widely suspected in the open-source community that Redmond would pull the "Linux infringes on Microsoft's intellectual property" caper one day, and they were right. It happened in a Q&A session after Ballmer's keynote at a Seattle SQL Server conference. He said he thought it was a good idea to sign a deal with Novell (which distributes SUSE Linux) because Linux "uses our intellectual property" and he wanted to "get the appropriate economic return for our shareholders from our innovation." So the deal with Novell makes Windows and SUSE play nice together. Redmond will pay Novell $440 million for coupons that provide one year SUSE support and maintenance, with MS pushing SUSE. But the other bit was Novell paying MS 40 Mil 'protection money', so they will not get sued for infringement. Pretty much everyone using and contributing to SUSE is free from prosecution. Makes Redmond look pretty good in court if they try to sue other Linux distros. FUD ALERT: "Novell pays us some money for the right to tell customers that anybody who uses SUSE Linux is appropriately covered," Ballmer said. This "is important to us, because [otherwise] we believe every Linux customer basically has an undisclosed balance-sheet liability." Interesting perspective came from Pamela Jones, editor of the Groklaw site. "My reaction is that so far, what he [Ballmer] said is just more FUD [fear, uncertainty and doubt]," "Let him sue if he thinks he has a valid claim, and we'll see how well his customers like it." Obviously open-source advocates want Redmond to show exactly which lines of Linux kernel code are the culprits and rip them out, or work around them. Ballmer continued with the following pretty clear message: "Only customers that use SUSE have paid properly for intellectual property from Microsoft," he said. "We are willing to do a deal with Red Hat and other Linux distributors." The deal with SUSE Linux "is not exclusive,"
However, a potential deal between those two companies will have to wait until the end of 2009, as Novell and Microsoft signed an exclusivity agreement barring MS from establishing similar agreements with other Linux vendors for the next three years. Imagine that, all Linux open-source users paying Redmond for using that code. I thought the whole open-source idea was trying to get away from that. Echoes of SCO anyone? I'm sure the last word has not been spoken about this issue.
BigBruin.Com Forum :: Ballmer: |
|
|
|---|
| Topic: Current Events |
11:56 am EST, Nov 10, 2006 |
And the credit for the next errant quote goes to: Russ Knocke, spokesman for the Department of Homeland Security, who states at the end of the article:
"Biometric licenses will be "virtually impossible" to fake"
==sarcasm== Yeah, I'm really all over that... because the RFID chip that they are going to use could "Never" be reprogrammed, nor could the "Encryption" on the chip "Ever" be broken... ==/sarcasm==
It seems to me that we are spending billions on a project that will only expose us all to MORE FRAUD, without any calculable risk mitigation.
Some interesting facts about the REAL ID Act:
It mandates (but doesn't budget) that each state is responsible for building a data warehouse to store the information that is printed on the drivers license, and encoded on the "electronically readable medium". These statewide data stores will then be shared amongst all states and the federal government, for "Identification Verification" purposes.(When was the last time your state had an information security breach?) The REAL ID will be your "NEW" drivers license, doubling not only as your proof of driving in the state that you reside, but also it will then be elevated to perform several other functions, primarily as your new National ID, proof of citizenship, proof of voting rights, proof of residence, proof of age, and anything else that the state so desires to encode on the "electronically readable medium". The decision for what type of "electronically readable medium" is left in the "capable" hands of the Department of Homeland Security, who is currently enamored with RFID technology. (Also the state department has moved to Passports with RFID chips in them, and it "seems to be working well", which means they can't yet tell if anyone has stolen or tampered with any of the data on the chip, as there is no way to tell at this time.) Nowhere in the REAL ID Act is there any mention of how any of this data is to be secured, controlled, or tracked, nor are there any stipulations as to who has access to it, and who can see this access list. Meaning, you won't know who has your data, and what they are doing with it. Those without the "new REAL ID" will not be permitted to FLY on any commercial airline, enter any Federal Building, or any other area that the Federal Government deems requires such Identification. This is a direct limitation of constitutional freedom I am all in favor of securing our country, however, I think that this should be reviewed by more than just lawmakers, as the ability for this new "Security" measure introduces much more INSECURITY and RISK than I feel is necessary, and does not conform to common standards of information security practices. More diatribe on REAL ID |
|
How To Fly Without ID - Looking Glass News |
|
|
|---|
| Topic: Society |
4:13 pm EST, Nov 2, 2006 |
Here is another in a long line of information regarding flying in the United States... and the FORCED government identification program... Great article, I also hit pay dirt in a discussion with another, much nicer Northwest agent on the East coast. In a candid conversation, he told me that FAA personnel had held training sessions with all airline agents in the fall of 1996. Agents were informed directly by the FAA that they absolutely could not bar an American citizen from boarding a plane, even if a passenger refused to produce any identification at all! I understand Delta Airline is facing two large lawsuits because employees twice denied this reality, and actually twice kept off a plane a passenger who had only private ID to show. Anyone want to own an airline, courtesy of a judge? I have personally flown Delta with only a private travel card, so I guess they already had their hand slapped. Yet another agent in the Midwest admitted that airline personnel were deliberately and knowingly coercing people into showing government ID by saying "it's the law." According to him the reality is that the companies are simply tired of people selling their frequent-flyer tickets. The airlines wanted to stem this practice by checking everyone's ID, but knew there would be BIG problems if they instituted this procedure as a private corporate policy. It was so much more convenient to say it was federal law and make the government the scapegoat. So this policy meets the airlines' private financial goals, and the government's goal of ever-increasing social control.
Thanks to aestetix for bringing this to my attention... How To Fly Without ID - Looking Glass News |
|
MARKEY: DON'T ARREST STUDENT, USE HIM TO FIX LOOPHOLES |
|
|
|---|
| Topic: Society |
3:46 pm EST, Oct 29, 2006 |
"The best outcome of Mr. Soghoian’s ill-considered demonstration would be for the Department of Homeland Security to close these loopholes immediately."
Now we're talking... how long do security loopholes have to exist, and be discussed in front of people before something is done about them? What Christopher Soghoian was trying to do was simply a way to call out SOMEONE in this country to stop pasting bandaids on "security", and actually THINK. Now if we can only get someone to understand the real ramifications of the REAL ID Act.... MARKEY: DON'T ARREST STUDENT, USE HIM TO FIX LOOPHOLES |
|
|
|---|
| Topic: Society |
1:03 am EDT, Oct 29, 2006 |
The section of law relevant to the fake boarding pass site: Sec. 1540.103 Fraud and intentional falsification of records. No person may make, or cause to be made, any of the following: (a) Any fraudulent or intentionally false statement in any application for any security program, access medium, or identification medium, or any amendment thereto, under this subchapter. (b) Any fraudulent or intentionally false entry in any record or report that is kept, made, or used to show compliance with this subchapter, or exercise any privileges under this subchapter. (c) Any reproduction or alteration, for fraudulent purpose, of any report, record, security program, access medium, or identification medium issued under this subchapter.
The process as according to Senator Charles Schumer's February 13, 2005 press release: 1. Joe Terror (whose name is on the terrorist watch list) buys a ticket online in the name of Joe Thompson using a stolen credit card. Joe Thompson is not listed on the terrorist watch list. 2. Joe Terror then prints his “Joe Thompson” boarding pass at home, and then electronically alters it (either by scanning or altering the original image, depending on the airline system and the technology he uses at home) to create a second almost identical boarding pass under the name Joe Terror, his name. 3. Joe Terror then goes to the airport and goes through security with his real ID and the FAKE boarding pass. The name and face match his real drivers license. The airport employee matches the name and face to the real ID. 4. The TSA guard at the magnetometer checks to make sure that the boarding pass looks legitimate as Joe Terror goes through. He/she does not scan it into the system, so there is still no hint that the name on the fake boarding pass is not the same as the name on the reservation. 5. Joe Terror then goes through the gate into his plane using the real Joe Thompson boarding pass for the gate’s computer scanner. He is not asked for ID again to match the name on the scanner, so the fact that he does not have an ID with that name does not matter. [Since Joe Thompson doesn’t actually exist it does not coincide with a name on the terrorist watch list] Joe Terror boards the plane, no questions asked.
Media coverage other than Senator Schumer's press release: * Bruce Schneier (2003): Link
* Sen. Charles Schumer (2005): Link
* Andy Bowers, Slate.com (2005): Link
* Jacob Appelbaum (2005): Link
We need to ensure that this isn't blown out of proportion... it's gone a "bit" too far already... Facts about TSAGATE |
|
Schwarzenegger Terminates RFID Bill - News by InformationWeek |
|
|
|---|
| Topic: Current Events |
6:22 pm EDT, Oct 14, 2006 |
Another blow to privacy and a potential "blocker" to the REAL ID act. The loss of passage of this bill is a significant step backward in preventing the loss of our privacy and subsiquent adoption of a National ID System based on our Driver's License. Anyone want to throw in and buy an island with me? This is getting ridiculous... dc0de. Schwarzenegger Terminates RFID Bill - News by InformationWeek |
|
