The proof that commercial and open source encryption has surpassed the technologies to police it, or the idea that privacy and business growth as top priorities would ruin the whole initiative?
"The Government has launched a public consultation into a draft code of practice for a controversial UK law that critics have said could alienate big business and IT professionals. Part III of the Regulation of Investigatory Powers Act 2000 (RIPA) will, as it stands, give police the authority to force organisations and individuals to disclose encryption keys. The Government issued the public consultation on the code of practice for Part III, which will regulate how police and the courts use powers under the legislation, on Wednesday."
It would be interesting to see how they would initiate the response from individuals, without raising the the eyebrows on the majority of civil liberties watch dogs out there and, of course, businessess. That's of course, assuming they use encryption at the first place. Could be much more "wiser" to take advantage of covert practices to obtain the necessary information, instead of "forcing" this measure -- detecting encrypted/covert communication channels is another topic. Moreover, compared to the Australian police whose capabilities of obtaining information on criminals include the use of spyware is a bit contraversial, but adaptave approach.
If national infrastructure security matters, have individuals and enterprises personally take care of their security and encryption keys, promote data encryption, instead of dictating the vibrations by slowing down the basics through such laws.
Saturday, June 10, 2006
All Your Confidentiality Are Belong To Us
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Friday, June 09, 2006
Brace Yourself - AOL to Enter Security Business
In the re-emergence of the Web, AOL got the attention it never imagined it would get, Microsoft and Google fighting for a share of its modest, but strategic amount of eyeballs. After being an exclusive part of Time Warner's balance sheet since its early acquisition, and with a $510M fine, dial-up business that was profitable by the time telecoms started offering cable connections, due to the years of infrastructure renovation, the though to be mature online advertising model is what saved it. Now, AOL is basically putting half its leg into the red hot security market and wisely playing it safe as :
"AOL plans to expand into security services with the release of the Active Security Monitor, expected on Thursday. The program would also check to make sure Internet Explorer is properly configured to prevent security holes. "ASM determines a security score for your PC, and for all other PCs in your home network, by evaluating the status of all the major components needed for a robust system: Anti-Virus software, Anti-Spyware software, Firewall protection, Wireless Security, Operating System, Web Browser, Back up software and PC Optimization."
After the scoring, I presume it would "phone back home" and let AOL know what end users are mostly missing, then a solution provided by AOL, or a licensee would follow. Benchmarking against AOL's understanding of application based security is tricky, and I bet you already know the programs necessary to establish common sense security on your PC/network. Who's next to enter the security industry besides Microsoft and AOL, perhaps DoubleClick?
CNET has naturally reviewed the Active Security Monitor.
"AOL plans to expand into security services with the release of the Active Security Monitor, expected on Thursday. The program would also check to make sure Internet Explorer is properly configured to prevent security holes. "ASM determines a security score for your PC, and for all other PCs in your home network, by evaluating the status of all the major components needed for a robust system: Anti-Virus software, Anti-Spyware software, Firewall protection, Wireless Security, Operating System, Web Browser, Back up software and PC Optimization."
After the scoring, I presume it would "phone back home" and let AOL know what end users are mostly missing, then a solution provided by AOL, or a licensee would follow. Benchmarking against AOL's understanding of application based security is tricky, and I bet you already know the programs necessary to establish common sense security on your PC/network. Who's next to enter the security industry besides Microsoft and AOL, perhaps DoubleClick?
CNET has naturally reviewed the Active Security Monitor.
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Thursday, June 08, 2006
An Over-performing Spammer
Th3 4r7 0f $3nd!ng spam messages is evolving like never before, and while spammers are still catching up with the newest technologies such as VoIP, WiFi, Cell phones -- newest at least in respect to spamming -- trying to avoid the now mature indystry's practices, and taking advantage of the growing economies and their newbie users as victims, is what keeps it going.
I simply couldn't resist not to share this, seems like this spammer is totally overperforming himself. How would I fell a victim into this, given I cannot read what I'm about to get scammed with?
Spammers today are in a world of pain when it comes to the industry's experience in detecting their messages, still, spam continues to represent the majority of email traffic worldwide, and it's getting more creative. Images, "marketing" messages that you can barely read, old psychological tricks, but still, out of couple of million messages, someone still takes it personal, and feels like making a deal online.
Why spamming works? Because of the ubiquity of email, because of the freely available, marketed as fresh, email lists, and at the bottom line, the price for a spammer to send couple of million emails is getting lower with botnets on demand becoming a commodity. End users, end up sending spam to themselves for being infected with malware. What's next? Spamming is still catching up with the technological posibilities, and Chinese telecom operators for instance happen to be the most experienced ones in filtering mobile phones spam -- guess they're also over-performing in between censorship.
I simply couldn't resist not to share this, seems like this spammer is totally overperforming himself. How would I fell a victim into this, given I cannot read what I'm about to get scammed with?
Spammers today are in a world of pain when it comes to the industry's experience in detecting their messages, still, spam continues to represent the majority of email traffic worldwide, and it's getting more creative. Images, "marketing" messages that you can barely read, old psychological tricks, but still, out of couple of million messages, someone still takes it personal, and feels like making a deal online.
Why spamming works? Because of the ubiquity of email, because of the freely available, marketed as fresh, email lists, and at the bottom line, the price for a spammer to send couple of million emails is getting lower with botnets on demand becoming a commodity. End users, end up sending spam to themselves for being infected with malware. What's next? Spamming is still catching up with the technological posibilities, and Chinese telecom operators for instance happen to be the most experienced ones in filtering mobile phones spam -- guess they're also over-performing in between censorship.
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Bedtime Reading - Rome Inc.
If the Baby Business helped you envision the future, "Rome Inc - The Rise and Fall of the First Multinational Corporation" is going to help you perceive the past within today's corporate culture -- and Stanley Bing makes good points on every stage of the empire.
Basically, the book emphasizes on the "first multinational corporation" Rome, selling the ultimate product of its time - citizenship. Moreover, it goes in-depth into the concept of moguls and anti-moguls, and how their tensions indeed create an enterpreneurial and corporate culture in 120 A.D.
Every industry has moguls and anti-moguls, the behind the curtain disruptors at a specific stage. What are some of the characteristics of a mogul?
- Commision their PR
- Exercise power when feeling endangered -- elephants against the mice warfare
- Indirectly control the media that's "winning points" for quotations, and "credible" content
- Generally, tend to believe in being the Sun, when the universe tends to have so many dwarfs, and dimensions altogether
- Hide behind C-level positions
- Talk more than actually listen
- When they sneeze the whole industry gets cold
Certain societies, if not all, get obsessed with superficially creating heroes, so profesionally that at a certain point, the "hero" cannot deny any of the praises, but starts living with them and the load that comes altogether. Get hold of this masterpiece, you're gonna love it!
Basically, the book emphasizes on the "first multinational corporation" Rome, selling the ultimate product of its time - citizenship. Moreover, it goes in-depth into the concept of moguls and anti-moguls, and how their tensions indeed create an enterpreneurial and corporate culture in 120 A.D.
Every industry has moguls and anti-moguls, the behind the curtain disruptors at a specific stage. What are some of the characteristics of a mogul?
- Commision their PR
- Exercise power when feeling endangered -- elephants against the mice warfare
- Indirectly control the media that's "winning points" for quotations, and "credible" content
- Generally, tend to believe in being the Sun, when the universe tends to have so many dwarfs, and dimensions altogether
- Hide behind C-level positions
- Talk more than actually listen
- When they sneeze the whole industry gets cold
Certain societies, if not all, get obsessed with superficially creating heroes, so profesionally that at a certain point, the "hero" cannot deny any of the praises, but starts living with them and the load that comes altogether. Get hold of this masterpiece, you're gonna love it!
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Subscribe to:
Comments (Atom)