Thursday, March 18, 2010

An interesting day in information security

A Mafia boss was caught because of his using Facebook, while unrelated to that the EFF released the result of their Freedom of Information request for material on how law enforcement uses social networking to investigate suspects. "under cover".

The SEC moved to freeze portfolios and accounts following attacks by a Russian hacker, who manipulated stocks.

InfoSecurity magazine has a story on espionage in sport, mentioning how where there's a motive, cyber-crime follows.

And of course, the leading story (which I discovered thanks to a post on Facebook by Dave Aitel) is how an hacker (if that is a descriptive word in this case) broke into 100 cars to cause inconvenience, such as honking, or immobilizing customer the cars.

He hijacked the remote control system ("web-based vehicle-immobilization system normally used to get the attention of consumers delinquent in their auto payments") by logging on with an account of an employee. He used to be an employee himself, until fired later on.

Also, check out this extremely interesting paper from Cormac Herley at Microsoft Research on why people reject security advice:
So Long, And No Thanks for the Externalities:
The Rational Rejection of Security Advice by Users

Gadi Evron,
ge@linuxbox.org.

Follow me on twitter! http://twitter.com/gadievron

No comments: