Darlene Storm (not her real name) is a freelance writer with a background in information technology and information security. It seems wise to keep an eye on new hacks and holes, to know what is possible and how vulnerable you might be. Most security news is about insecurity, hacking, cybersecurity and even privacy threats, bordering on scary. But when security is done right, it's a beautiful thing...sexy even. Security is sexy.
This is a weblog of Darlene Storm. The opinions expressed are those of Darlene Storm and may not represent those of Computerworld.
Speaking via video at SXSW, Ed Snowden said NSA mass surveillance is “setting fire to the future of internet” and tech people are “all the firefighters.” Snowden and the ACLU talked about surveillance, encryption and ways to better protect online privacy.
If the powers-that-be have their way, then the media sharing news about national security leaks as well as people sharing hyperlinks to hacks could become criminal offenses in the USA. The CIA, however, can alledgely hack Congress to spy on spy documents without it being a crime.
Politically motivated hackers have been exceptionally busy. Anonymous OpUkraine hackers attacked the Russian government and then leaked the digital dirt. Russia Today website was hacked and defaced with Nazi in headlines about Russia/Ukraine conflict. The Syrian Electronic Army threatened to topple U.S. Central Command (CENTCOM) like a “house of cards.”
RSA CEO Art Coviello tackled the “trust” issue during his RSA keynote presentation, telling conference attendees that the NSA exploited its position of trust. He also proposed four principles that should guide the security industry . . . with the RSA as an 'agent of change' potentially heading up this march toward cyber utopia.
Mobile malware has evolved into a big dirty business run as a major operation by many cybercrooks instead of lone hackers, but Android is still the most targeted platform.
In April, the law requiring REAL ID driver's licenses goes into effect, but 13 states are not ready. The Coalition for a Secure Driver's License has warned that Americans without a REAL ID license may need "acceptable" ID like a passport to get through TSA security screenings . . . even if U.S. citizens are not flying outside of the USA.
If you feel like you're being watched at Terminal B in the Newark Liberty International Airport, then that's real and not paranoia. It's not the TSA this time, but covert airport surveillance via LED light fixtures capable of taking video, identifying suspicious activity, as well as collecting and data-mining mountains of data about 'ordinary citizens.'
The newly discovered nation-state espionage malware “The Mask” managed to go undetected for seven years and includes such very sophisticated hacking tools, capable of pwning any OS, that some security experts expect it’s the mother model of future cyber weapons for advanced persistent threat (APT) campaigns.
A drone operator turned whistleblower alleges the NSA is geolocating SIM cards for drone strikes, but 'death by unreliable metadata' can mean that the wrong person is assassinated.
If you use ‘password,’ one the worst passwords, as your password, fail to keep antivirus protection updated and don’t bother to deploy security patches to close critical vulnerabilities, then maybe you should consider working for the cybersecurity-clueless federal government; you’d fit right in, according to Senator Tom Coburn's cybersecurity and critical infrastructure report.