Nihilistic Security Questions

From McSweeney’s by way of Facebook.  This very nearly killed me.  For those who don’t know me, basic user security for staff where I work is one of the things that keeps me up at night …..




– – – –

What is the name of your least favorite child?

In what year did you abandon your dreams?

What is the maiden name of your father’s mistress?

At what age did your childhood pet run away?

What was the name of your favorite unpaid internship?

In what city did you first experience ennui?

What is your ex-wife’s newest last name?

What sports team do you fetishize to avoid meaningful discussion with others?

What is the name of your favorite canceled TV show?

What was the middle name of your first rebound?

On what street did you lose your childlike sense of wonder?

When did you stop trying?

One avenue of pursuit

UT Researchers Launch SpamRankings to Flag Hospitals Hijacked by Spammers
eWeek (06/08/11) Fahmida Y. Rashid

Researchers at the University of Texas at Austin’s Center for Research in Economic Commerce recently launched SpamRankings, a Web site that identifies the names and addresses of organizations that are helping send out spam.

The site will publicize spam havens–organizations that have been taken over by spammers.

The site’s creators are hoping the publicity will pressure organizations to improve their security and spam-prevention efforts. The researchers’ initial focus will be on health-care providers that have been infected by spam bots, with future versions of the project including banking and Web hosting providers.

Last month SpamRankings identified Belgium’s WIN Authonomous Systems as the biggest spam sender in the world.

“Nobody wants to do business with a bank or hospital or Internet hosting company that has been hijacked by spammers,” says center director Andrew Whinston. The researchers worked with Team Cyrmu, which tracks cybercrime activity to analyze and correlate Internet protocol addresses with organizations.

And they didn’t have to steal a laptop …

In one of the larger medical data thefts reported, personal health data for about 1.7 million New York City patients, hospital staffers and others was stolen on Dec. 23 from an unlocked van in Manhattan, the New York Times reports.

The electronic record files, which were stored on 20 years worth of magnetic tapes, contained personal information, protected health information or personally identifiable employee medical information on patients and workers, including names, addresses and Social Security numbers, according to the Wall Street Journal and the New York City Health and Hospitals Corporation. The van belonged to GRM Information Management Services, the city’s medical records vendor.

Those affected by this patient privacy breach include patients, contractors and vendors who were treated by and/or provided services over the last 20 years at Jacobi Medical Center, North Central Bronx Hospital or their offsite clinics which make up the North Bronx Healthcare Network.

“The loss of this data occurred through the negligence of a contracted firm that specializes in the secure transport and storage of sensitive data,” New York City’s Health and Hospitals Corporation wrote in its data theft notification. So far, there is no evidence that the patient information has been inappropriately accessed or misused. Accessing the files would require technical expertise, officials said, according to the Wall Street Journal.

Last Wednesday, HHC began mailing notification letters to victims in 17 languages including Bengali, Albanian and Urdu. It is offering free credit monitoring and fraud resolution services.

HHC has ended its relationship with GRM and filed a lawsuit Thursday against the company seeking to hold the vendor responsible for the costs of notifying those affected and any related damages.

Something new to worry about

Malware Aimed at Social Networks May Steal Your Reality
PC World (10/13/10) Darlene Storm

Researchers at Ben Gurion University, the Massachusetts Institute of Technology, and Deutsche Telekom Laboratories collaborated on “Stealing Reality,” a paper that predicts a new generation of malware based on social-networking data.

The researchers say the malware will target and extract information about relationships and record patterns of behavior in real-world social networks, a technique that will be more dangerous and harder to detect than traditional malware. A malware behavioral pattern attack can harvest a victim’s “rich identity” profile, which could be more valuable than the demographic information such as gender and age, according to the researchers.

“A Stealing Reality type of malware attack, which is targeted at learning the social communication patterns, could ‘piggyback’ on the user-generated messages, or imitate their natural patterns, thus not drawing attention to itself while still achieving its target goals,” the researchers write.

Such attacks could be particularly problematic because “the victim of a ‘behavioral pattern’ theft cannot easily change his or her behavior and life patterns.”

It’s a Party

Join TV geek Adam Savage, and a cast of EFF legends and luminaries at EFF’s 20th birthday party! Our birthday fundraiser on February 10th will celebrate two decades of digital freedom-fighting in San Francisco’s world-famous DNA Lounge.

Adam will present a unique look back and forward to the founding and the future of digital rights. DJs Adrian & the Mysterious D, the duo that founded the seminal, globe-trotting mashup party “Bootie,” will get people moving with their genre-mashing blend of tracks, with guest DJs dropping sets throughout the evening. It’s a once in a lifetime event for those who love freedom, technology, and celebration!

EFF’s 20th Birthday Fundraiser
with Adam Savage and Surprise Special Guests!

Wednesday, February 10, 2010, at 8 PM
DNA Lounge
375 Eleventh Street
San Francisco, CA 94103

We’ll be asking for a $30 donation at the door to fund our work defending your digital freedom. Purchase tickets in advance from the DNA Lounge!

This is an all ages event. Please RSVP to


VIP Event with Adam Savage, John Perry Barlow, Mitch Kapor, John Gilmore, Mark Klein, Steve Jackson and more!


Join EFF for a special VIP event with Adam Savage, and EFF founders and lumanaries! For a special donation of $250, you’re invited to attend our VIP event before the birthday party, where you can meet many of the amazing people who helped EFF reach this historic milestone. Special VIP donors receive free admission to the birthday party, which starts immediately afterward, as well as a commemorative EFF 20th Anniversary poster. The VIP event begins at 7 PM.

For access to this special reception, visit the VIP Event page.

And another dumb thing

My credit union has a Facebook page.  Wants me to be a fan, because it’s good policy to tell everyone on the internet where you bank (especially if you do a lot of quizzes that have personal info on them).

Feh.  What are they thinking?

My Paranoiaz, watch them grow

Researchers Take Over Dangerous Botnet
Dark Reading (05/04/09) Higgins, Kelly Jackson

University of California-Santa Barbara (UCSB) researchers temporarily commandeered an infamous botnet known for stealing financial data and found that the threat it represents is even greater than had been originally assumed.

The Torpig/Sinowal/Anserin mini-botnet targets organizations and users to steal bank account information or other sensitive personal data. It is considered more dangerous than big-name botnets because of its small scale and stealthiness. Torpig uses drive-by download attacks as its initial mode of infection, and upon infection the botnet can unleash crafty phishing attacks that produce bogus but authentic-looking Web pages and forms that trick users into exposing their credentials.

The UCSB researchers accumulated approximately 70 GB of data for the 10 days they were in control of Torpig, and in that period the botnet stole banking credentials of 8,310 accounts from more than 400 financial institutions, including PayPal, Capital One, E-Trade, and Chase. Nearly half of the 1,660 stolen debit and credit card accounts the researchers counted belonged to victims in the United States.

“The level of sophistication, the amount of data that it is able to steal, and the fact that it has been active for more than three years is truly remarkable,” says UCSB researcher Brett Stone-Gross. The researchers’ disclosures provoked debate on whether the information they exposed about Torpig, its workings, and its victims could compromise efforts to eventually undo the botnet. “This [research] does create a road map … for the [botnet] criminals to fix, and not just for others to exploit,” says RSA’s Sean Brady.

I like their attitude

Mob of Britons blocks Google-cam

Posted: 03 Apr 2009 02:33 PM PDT

The thing that amazes me about my homeland isn’t its willingness to live under state surveillance, but the way we freak out whenever anyone else uses cameras in public. “I was determined to make a stand,” said one local, who helped block a Google Street View car from heading into a Buckinghamshire village.

My dad, who lives just an hour away from Broughton, suggests that the key to understanding this apparent paradox is in the amused contempt that many Britons have for politics. It’s not that they’re sheep: they just think that no matter what powers are given to the police, freedom is guaranteed by the fundamental incompetence of British police. We trust the authorities because the authorities are too stupid and useless to harm us.

This is why Britons will ignore CCTV cameras, but scream bloody murder at Google.


This is from BoingBoing, which you already figured out if you clicked the link.  I follow Rob, he’s rather amusing.

More scary computer shit

Vast Spy System Loots Computers in 103 Countries
New York Times (03/29/09) Markoff, John

Researchers at the University of Toronto’s Munk Center for International Studies say a massive electronic spying operation has successfully stolen documents from hundreds of government and private offices around the world.

The researchers say the system was controlled from computers almost exclusively in China, but they cannot conclusively say the Chinese government is involved. The researchers were asked by the office of the Dalai Lama to examine its computers for signs of malware and discovered a vast operation that, in less than two years, managed to infiltrate at least 1,295 computers in 103 countries, including computers belonging to many embassies, foreign ministries, other government offices, and the Dalai Lama’s Tibetan exile centers in India, Brussels, London, and New York.

The Munk Center researchers say that in addition to spying on the Dalai Lama, the system, which they named GhostNet, also focused on governments in South Asian and Southeast Asian countries. GhostNet is by far the largest, in terms of the number of countries affected, spying operation to be exposed, and it is believed that this is the first time that researchers have been able to uncover the workings of a computer systems used for intrusions of such magnitude.

The researchers say GhostNet continues to infect and monitor more than a dozen new computers a week. The malware not only “phishes” for unwary victims but also “whales” for specific, important targets. The malware can even turn on the video and audio features of an infected computer, enabling the malware’s operators to see and hear what goes on in front of the computer. The researchers have notified international law enforcement agencies of the spying operation, which they believe exposes shortcomings in the legal structure of cyberspace.

April Fools, Internet

Fears of a Conficker meltdown greatly exaggerated

With 60 Minutes airing a report on Sunday, some people are panicking, but researchers don’t expect anything dramatic
By Robert McMillan , IDG News Service , 03/27/2009

Worries that the notorious Conficker worm will somehow rise up and devastate the Internet on April 1 are misplaced, security experts said Friday.

Conficker is thought to have infected more than 10 million PCs worldwide, and researchers estimate that several million of these machines remain infected. If the criminals who created the network wanted to, they could use this network to launch a very powerful distributed denial of service (DDOS) attack against other computers on the Internet.

April 1 is the day that the worm is set to change the way it updates itself, moving to a system that is much harder to combat, but most security experts say that this will have little effect on most computer users’ lives.

Nevertheless, many people are worried, according to Richard Howard, director of iDefense Security Intelligence. “We have been walking customers down from the ledge all day,” he said. Often, the problem has been that company executives have read reports of some April 1st incident and then proceed to “get their IT and security staffs spun up,” Howard said in an e-mail interview.

That hype will probably intensify when the U.S. TV newsmagazine 60 Minutes airs a report Sunday on Conficker, entitled “The Internet is Infected.”

Conficker “could be triggered, maybe on April 1st … but no one knows whether on April 1st they’ll just issue an instruction that says ‘Just continue sitting there’ or whether it will start stealing our money or creating a spam attack,” CBS reporter Lesley Stahl said in a preview interview ahead of the show. “The truth is, nobody knows what it’s doing there.”

April 1 is what Conficker researchers are calling a trigger date, when the worm will switch the way it looks for software updates. The worm has already had several such trigger dates, including Jan. 1, none of which had any direct impact on IT operations, according to Phil Porras, a program director with SRI International who has studied the worm.

“Technically, we will see a new capability, but it complements a capability that already exists,” Porras said. Conficker is currently using peer-to-peer file sharing to download updates, he added.

The worm, which has been spreading since October of last year, uses a special algorithm to determine what Internet domains it will use to download instructions.