A German computer security consultant has shown that he can clone the electronic passports that the United States and other countries are beginning to distribute this year.

"The whole passport design is totally brain damaged," Grunwald says. "From my point of view all of these RFID passports are a huge waste of money. They're not increasing security at all."

Although countries have talked about encrypting data that's stored on passport chips, this would require that a complicated infrastructure be built first, so currently the data is not encrypted.

Grunwald's isn't the only research on e-passport problems circulating at Black Hat. Kevin Mahaffey and John Hering of Flexilis released a video Wednesday demonstrating that a privacy feature slated for the new passports may not work as designed.

As planned, U.S. e-passports will contain a web of metal fiber embedded in the front cover of the documents to shield them from unauthorized readers. Though Basic Access Control would keep the chip from yielding useful information to attackers, it would still announce its presence to anyone with the right equipment. The government added the shielding after privacy activists expressed worries that a terrorist could simply point a reader at a crowd and identify foreign travelers.

In theory, with metal fibers in the front cover, nobody can sniff out the presence of an e-passport that's closed. But Mahaffey and Hering demonstrated in their video how even if a passport opens only half an inch -- such as it might if placed in a purse or backpack -- it can reveal itself to a reader at least two feet away.

Using a mockup e-passport modeled on the U.S. design, they showed how an attacker could connect a hidden, improvised bomb to a reader such that it triggers an explosion when a passport-holder comes within range.

Wired News: Hackers Clone E-Passports

A social networking Web site for Americans aged 50-plus went live on Monday -- complete with an online obituary database that sends out alerts when someone you may know dies and that plans to set up a do-it-yourself funeral service.

Instead of career and school sections, Eons.com has interactive games to build brain strength, news on entertainment and hobbies for older people, a personalized longevity calculator and tips to live longer.

It also has a nationwide database of obituaries dating back to the 1930s to which people can add photos and comments.

"The death business is growing," Taylor told Reuters, offering figures showing the number of deaths in the United States rose to 2.4 million in 2005 from 2.2 million in 2000, and was projected to rise to 4.1 million by 2040.

In addition to adding photos and videos to obituaries, members of Eons.com can sign up to receive an alert when someone from a particular area dies or in response to pre-defined keywords such as a company or school name.

First, the wiseass comment.. DeathSter is an idea that's time has come.

This is actually a brilliant idea. I can envision this becoming extremely popular. Current social network sites don't do anything to record history in a useful manor. There is a niche here. Watching the social effects of this will be interesting... 10 years from now, how many boomers will be checking this for their daily dose of death? How many interesting stories and pictures will find their way there, that otherwise would have been lost? How much drama will ensue after someone dies and facts previously known to most start to surface?

I wonder what their troll problem will be like... How many results for "good riddance" will a search bring up?

CNN.com - Site offers death alerts for baby boomers - Aug 1, 2006

I flew into SFO (San Francisco) from Asia in May 2006.

I went straight to the customs agent as I had no luggage.

The agent asked to go through my only bag.

I gave him my bag.

The agent took out my laptop and turned it on.

He then asked for my password

He said that he wanted to verify that I had no illegal content on my hard drive...

While operating my laptop he said that we was tasked with preventing illegal pornographic material from entering the United States

Travis Kalanick
Red Swoosh, Inc.
Founder, CEO

I can't think of anything that could destroy by mood when returning to the country more throughly.

I don't think the problem here is people are thinking pre-9/11, versus post-9/11. I think the problem is that they are not thinking trans-9/11. I'm starting to feel my freedoms and liberties are under far more threat from our government, than terrorists. And this really pains and distresses me..

Every time I came through SFO customs when returning to the US, after going over my paperwork, the customs agent always say something along the lines of "welcome home" as they sent me on my way. I always replied with something like "I'm happy to be home", and left the airport with a warm happy fuzzy feeling fitting of arriving home in San Francisco. If this is the "welcome home" of today, home is becoming far less welcoming.

What the hell is going on? This is the direct equivalent of going through and reading someone's papers.

One thing our nation has a great history of, is coming out in force whenever freedoms and liberties are not what they should be. Many of the events that have driven people in large numbers to rally around The Mall in DC have surrounded civil rights movements, anti-war movements, et cetera. Now, I just wonder how many years before a point of critical mass is hit, and the masses come to the conclusion in concert that things are not going in the right direction. Just because this is a slow erosion taking place, doesn't mean it's going to go unnoticed and unopposed. It just means it will be a straw that breaks the camel's back...

Yes they ARE doing random laptop searches at borders

I might be completely crazy, but this kinda sounds like fun to me..

At 3 a.m. I get the call. Shortly after, I meet the man in the lobby. I'd been expecting an ex-Green Beret -- somebody with a thick neck, steel grey eyes, a tattoo saying "He Who Dares Wins," an aged Dolph Lundgren type, all business and mysterious past. We're expecting a midnight drive in a flatbed truck, maybe hidden under a tarp. Bribes at the border. A next-day rendezvous with a blacked-out helicopter. The man I meet is a short, nebbishy type -- he looks like someone you'd meet at an office supply convention. He has two cars out front -- his, and another driven by a woman associate. We load out quickly and race through empty streets, blowing through traffic lights -- no directionals, last-minute turns -- to the other side of town, to Le Royale, a mammoth hotel on a hill in the Christian section, fairly close to the American embassy. This, as it turns out, will be our home for the next week.

Nearly a week later, they've brought in a polka band to play in the dining room of the "Mexican"-themed restaurant at Le Royale. Outside, on the pool deck, though the bar is unattended, they keep the radio cranked up to drown out the sounds of bombing -- so as not to scare the kiddies. We wake up to molar-vibrating percussions and go to sleep to distant thunder. Afternoons, we watch as Beirut is dismantled. Bit by bit. First the sound of unseen jets flying overhead. Then silence. Then a "Boom!" Then a distant plume of smoke. Black, brown, white ... the whole city south of us slowly growing more indistinct in the midday light under a constant, smoglike haze.

It's called "Kwik-Clot," Mr. Wolfe tells us. And in case of arterial bleeding, it's essential gear. He's thinking of issuing us some -- in case one of us should catch a bullet or shrapnel to the femoral artery. Mr. Wolfe has lived in Fucked-Up Country One and done work in Fucked-Up Countries Two and Three. He lives in the Most Legendarily Fucked-Up area of Lebanon -- where they have a Hezbollah gift shop, for chrissakes. So we take him seriously -- though this is not the kind of morale-boosting patter we want to hear. "Just pour in wound!" he tells us cheerily. It's not, however, that harsh a segue from the "Know Your Exits" lecture, in which we are advised to "casually" explore all the nooks and crannies and "avenues of egress" from all points in the hotel.

Or the "Vary Your Routines" briefing, where we are instructed to use a different elevator or service stairway when going to breakfast or meetings or heading to the pool. We are to eat, drink, swim at unpredictable times as we wait for news. "It takes three days of planning and surveillance to set up a kidnapping" says Mr. Wolfe, lowering his voice suddenly when a lone gentleman in casual clothes enters our area of the balcony and sits at a nearby table. "Amateur," says Mr. Wolfe. "Look at how he's got his face pointed straight out at sea, his... [ Read More (0.2k in body) ]

Watching Beirut die | Salon Life

Security researchers have found a way to use JavaScript to map a home or corporate network and attack connected servers or devices, such as printers or routers.

The malicious JavaScript can be embedded in a Web page and will run without warning when the page is viewed in any ordinary browser, the researchers said. It will bypass security measures such as a firewall because it runs through the user's browser, they said.

"We have discovered a technique to scan a network, fingerprint all the Web-enabled devices found and send attacks or commands to those devices," said Billy Hoffman, lead engineer at Web security specialist SPI Dynamics. "This technique can scan networks protected behind firewalls such as corporate networks."

A successful attack could have significant impact. For example, it could scan your home network, detect a router model and then send it commands to enable wireless networking and turn off all encryption, Hoffman said. Or it could map a corporate network and launch attacks against servers that will appear to come from the inside, he said.

"Your browser can be used to hack internal networks," said Jeremiah Grossman the chief technology officer at Web application security company WhiteHat Security. Both SPI Dynamics and WhiteHat Security came up with the JavaScript-based network scanner at about the same time, he said. The companies plan to talk about their findings at next week's Black Hat security event in Las Vegas.

There have been similar attempts to craft JavaScript-based network scanners, but none as advanced as the SPI Dynamics example, Vaskovich said. "SPI Dynamics deserves credit for a clever attack vector and a solid demonstration of the issue. Their method of fingerprinting servers by checking for default image paths and names is slick."

Again, kudos to Acidus and the rest of the SPI Dynamics crew.

JavaScript opens doors to browser-based attacks | CNET News.com

Remember Iran, it's nuke program, and that incentive package?

Iran said on Sunday it would stop considering international incentives aimed at ending its uranium enrichment program if the U.N. Security Council passes a resolution against its atomic work.

Foreign Ministry spokesman Hamid Reza Asefi also warned a resolution against Iran would create what he called a deeper crisis in the Middle East, but he declined to be more specific.

Asefi said Iran could still reply to the incentives, if the Security Council held its fire.

"We still believe in talks and if Europeans can wait until August 22, they will get an answer to the package," he said.

And what exactly will that answer be? And why the 22nd? Quick, put on your over reaction glasses, and prepare yourself for Apocalypse Iran...

According to the Shiite Muslim tradition, of which Ahmadinejad is a strong follower, the 12th imam, or the so-called “hidden” Imam Mahdi, has miraculously been kept alive since his disappearance in 874 AD.

The revered Imam is set to return at a time of great global chaos, war and bloodshed, after which an era of Islamic justice will be ushered in.

Some believe that Imam Mahdi will be returning some time this August, also the time some military experts predict that Iran will be ready to construct its first nuclear weapon.

Also important to note is that fact that August 22 of the current year also corresponds with the Islamic date of Rajab 28. This day is the same day on which the great Saladin conquered and entered Jerusalem, further evidence of Ahmadinejad’s belief in the regional importance of the date chosen by him to report to the West.

Apparently, Ahmadinejad sees himself as an instrument to pave the way for the arrival of Imam Mahdi as well as an important successor to Saladin in terms of the liberation of Jerusalem. He has reportedly used public appearances on a number of occasions to make clear his confidence that he and other true believers can affect the apocalyptic timetable, urging Iranians to prepare to back him in the momentous endeavor at hand.

Wait, there's more...

Farid Ghadry, the president of the Reform Party of Syria, has offered a provocative explanation for this delay. He asserts that the Supreme National Security Council of Iran chose the August 22 date “for a very precise reason. August 21, 2006 (Rajab 27, 1427) is known in the Islamic calendar as the Night of the Sira’a and Miira’aj, the night Prophet Mohammed (saas) ascended to heaven from the Aqsa Mosque in Jerusalem on a Bourak (Half animal, half man), while a great light lit-up the nigh... [ Read More (0.2k in body) ]

Here is an article round up from Haaretz, one of Israel's leading newspapers. Let's start with Hamas's reaction to the Qana bombing, echoed from Reuters:

"In the face of this open war against the Arab and Muslim nations all options are open, including striking the depth of the Zionist entity," Mushir al-Masri, a senior Hamas lawmaker, told Reuters.

Asked if that meant suicide bombings against Israelis, Masri said: "All options are open. Every means is allowed. This is a crime and state-terror and a crossing of all red lines."

Just wonderful. Does this mean a new round of suicide bombing at checkpoints? Onward to some op-ed.

"Days of darkness":

The devastation we are sowing in Lebanon doesn't touch anyone here and most of it is not even shown to Israelis. Those who want to know what Tyre looks like now have to turn to foreign channels - the BBC reporter brings chilling images from there, the likes of which won't be seen here. How can one not be shocked by the suffering of the other, at our hands, even when our north suffers? The death we are sowing at the same time, right now in Gaza, with close to 120 dead since the kidnapping of Gilad Shalit, 27 last Wednesday alone, touches us even less. The hospitals in Gaza are full of burned children, but who cares? The darkness of the war in the north covers them, too.

Since we've grown accustomed to thinking collective punishment a legitimate weapon, it is no wonder no debate has sparked here over the cruel punishment of Lebanon for Hezbollah's actions. If it was okay in Nablus, why not Beirut? The only criticism being heard about this war is over tactics. Everyone is a general now and they are mostly pushing the IDF to deepen its activities. Commentators, ex-generals and politicians compete at raising the stakes with extreme proposals.

Haim Ramon "doesn't understand" why there is still electricity in Baalbek; Eli Yishai proposes turning south Lebanon into a "sandbox"; Yoav Limor, a Channel 1 military correspondent, proposes an exhibition of Hezbollah corpses and the next day to conduct a parade of prisoners in their underwear, "to strengthen the home front's morale."

It's not difficult to guess what we would think about an Arab TV station whose commentators would say something like that, but another few casualties or failures by the IDF, and Limor's proposal will be implemented. Is there any better sign of how we have lost our senses and our humanity?

A bereaved father, Haim Avraham, whose son was kidnapped and killed by Hezbollah in October 2000, fires an artillery shell into Lebanon for the reporters. It's vengeance for his son. His image, embracing the decorated artillery shell is one of the most disgraceful images of this war. And it's only th... [ Read More (0.7k in body) ]

Haaretz Roundup

Mocked by comedian Jon Stewart for calling the Internet a bunch of tubes, U.S. Senate Commerce Committee Chairman Ted Stevens said on Thursday he is open to going on Stewart's popular "Daily Show" for a rebuttal.

Oh, please.. Let this happen.

If you didn't see the segment, it can be found on YouTube. I also suggest watching this remix.

"I have a letter from a big scientist who said I was absolutely right in using the word 'tubes,"' he told reporters. However, Stevens said he had not been invited to appear on the show to respond.

Well, then.. I wasn't aware of that.. That changes things.. I'm a staunch supporter of big science.

Maybe the problem wasn't Ted's usage of the word "tubes", as much as everything that came out of his mouth made him sound like an idiot. It was hard to come up with something specific to focus on. His staff was sending him "internets" on his personal internet which were taking days to arrive and all that. Everyone knows that the Internet is in fact a collection of "pipes", not "tubes". It's an important difference, so it was easier to focus on. [snicker]

Ted Stevens to go on the Daily Show?

From mass targeting of mobile phones with voice and text messages to old-fashioned radio broadcasts warning of imminent attacks, Israel is deploying a range of old and new technologies in Lebanon as part of the psychological operations ("psyops") campaign supplementing its military attacks.

The Israeli newspaper Maariv on Sunday reported the appearance of a website called All 4 Lebanon which offered payment for tip-offs from Lebanese citizens "that could help Israel in the fight against Hezbollah".

On Friday, residents of southern Lebanon reported receiving recorded messages on their mobile phones from an unknown caller.

The speaker identified himself as an Israeli and warned people in the area to leave their homes and head north.

According to US magazine Time, Israel has been targeting SMS text messages at local officials in southern Lebanon, urging them to move north of the Litani river before Israeli military operations intensified.

BBC | Israel steps up psy-ops in Lebanon

My neighbours are stealing my wireless internet access. I could encrypt it or alternately I could have fun.

Upside-Down-Ternet