Security: Georgia’s Ethics Commission Website, Same as Sutherlin City, Oregon

Iranian hacker collective the Ashiyane Digital Security Team hijacked the website of the Georgia Government Transparency and Campaign Finance Commission (ridiculous long name, right?!)

The sophistication of the attack most likely wasn’t impressive.

Some of Ashiyane’s other exploits: defacing the cities of Amity and Sutherlin City, Ore’s websites.; and the British website of the Wells Skittles League (the sport is an obscure European Lawn Game,) among other low-level targets

That probably says something about the state’s priorities when it comes to IT: defacing a government website isn’t very high on the list.

Some background on Ashiyane (from Wikipedia):

[The group] is an active Iranian hack and security team and claimed to be the oldest one in Iran. Founded by Behrooz Kamalian in the early 2002, Ashiyane focused on improving the security of Iranian websites. Since then, Ashiyane held several seminars and courses for beginners with the aim of demonstrating the importance of online security.[2] Ashiyane currently has more than 30 official members and their office is located in Tehran. Ashiyane ranked first in Zone-H‘s list of notifiers for a while.

Advertisements

DEAR NSA: Fuck Off, Signed Silicon Valley (An Explainer)

Why The Bay hates the NSA…

This is a magazine piece that I wrote in February. For various reasons, none of which had anything to do with the article itself, it never got published. I’m posting it here in an effort to empty my notebook.

The NSA made them out to look like liars.

For at least the past decade, technology companies — specifically Google, LinkedIn, Yahoo and Microsoft — promised hundreds of millions of users that their personal information was safe.

But, after a series of revelations, beginning this past summer, that turned out not to be true.

The U.S. National Security Agency, outed by Edward Snowden in an 8-month-long PR campaign against government snooping, had been routing those efforts all along.

Continue reading

Accenture Study Breeds MasterCard Blow Back

From an @AmerBanker story about U.S. Bank (By Mary Wisniewski) in which an Accenture study was cited:

… a recent study from fintech vendor Accenture predicts that U.S. banks could lose 35% market share by 2020 to new competitors ranging from small payments firms to Internet giants, like Google, to retailers.

That one line (in a much larger story not even about the report) caused Theodore Iacobuzio, who is the vice president in charge of Global Insights at MasterCard’s interdisciplinary thought leadership organization, to strike back :

… what the Accenture study points to is real, and a real competitive dynamic: “Another 20 percent could shift to retail-driven players with a mass-market focus—under partnerships between big-box retailers and banks, and potentially independent ventures by retailers.”

Nuclear winter gets reduced to a “potentially”. So much for the big bad 35 percent. And the original American Banker story was about a payment app from….U.S. Bank.

All of this heat and noise in my opinion unintentionally obfuscates the real situation, which is less a threat than a fact of life: competition is increasing pricing pressure, pushing margins down across the payments ecosystem. The question these predictive stories need to answer is: what are we going to do about it?

You can read the Accenture release and find the larger study, here.

Snowden: The NSA is ‘Setting Fire’ to the Internet

In an hour long missive, moderated by an ACLU official at #SXSW, NSA whistle blower Edward Snowden derided government efforts to break the safeguards behind our digital communications.

He railed against critics saying, more than once, that undermining the encryption standards that users’ rely on for privacy is weakening the foundation of the internet.

The conversation was his first in front of an audience since his disclosures became public over the summer, according to the ACLU.

Continue reading

Live Blogging: Snowden @ SXSW

I’m listening in to Edward Snowden at SXSW; Follow along on Twitter on #AskSnowden, also watch @ACLU and @ACLUlive.

I’m watching live on the Texas Tribune website.

From ACLU:

In his first conversation in front of an audience since his disclosures began making global headlines last year, Edward Snowden will appear via live video next Monday at SXSW Interactive, the festival that brings together tens of thousands of technology professionals and enthusiasts every year in Austin. He’ll be talking to the ACLU’s Ben Wizner and Christopher Soghoian

Soghoian bio (from Wikipedia):

Christopher Soghoian is a Washington, DC based privacy researcher and activist. He first gained notoriety in 2006 as the creator of a website that generated fake airline boarding passes. Since that incident, he has continued to engage in high-profile activism related to privacy and computer security. He is currently the principal technologist and a senior policy analyst with the speech, privacy and technology project at the American Civil Liberties Union.

Between 2009 and 2010, he worked for the US Federal Trade Commission as the first ever in-house technical advisor to the Division of Privacy and Identity Protection.[1] While at the FTC, he assisted with investigations of Facebook, Twitter, MySpace and Netflix.

1:01 p.m. (EST):

Was it worth it?

Snowden responds:

“When I came public with this it wasn’t so I could single-handedly change the government tell them what to do.. What I wanted to do is inform the public so they could make a decision.”

Snowden makes the point that the government has never said any one of these stories has risked a human life.

“Every society in the world has benefited.”

Would he do it again?

“The answer is absolutely, ‘yes’.’

“I took an oath to defend the Constitution, and I saw the constitution was being violated on a massive scale.”

[Behind Snowden is Article 1 of the Constitution]

Continue reading

Google Evaluates Atlanta Area for its brand of (Insanely Fast) Broadband — Fiber

Google Fiber Expansion Map

tl;dr

  • Google is evaluating Atlanta, as well as the surrounding suburban communities of Avondale Estates, Brookhaven, College Park, Decatur, East Point, Hapeville, Sandy Springs and Smyrna, for an internet and television service that could let you surf the web as quickly as you change the channel.

  • The average speed you get in your house is about 9.8 megabits per second, according to Akamai Technologies. Google is offering more than 100-times that — a 1,000 megabits per second, a gigabit.

  • The service is called Fiber and it’s already available in Kansas City and Provo, Utah for $70 a month, or $120 with TV. There are also plans to extend it to Austin.

From @AJC:

Atlanta and eight other local cities are candidates for Google’s new, ultra-fast fiber optic Internet and television service, the Silicon Valley giant announced Wednesday.

The service, called Fiber, operates at 100 times the speed typically delivered by cable companies today, and at a competitive price. That makes it possible to seamlessly stream HD content or download a feature-length movie in a few seconds. The more devices you’ve got running in your home, the more likely you’d be to notice a big improvement in performance with Google’s 1-gigabit-per-second service.

The company’s timing is either lucky or highly strategic: It comes amid hand-wringing over Comcast’s bid to acquire Time Warner Cable, further collapsing the already slim number of cable Internet providers. By going public with its plans to evaluate 34 key markets nationwide as sites for Fiber, Google also creates buzz around what some onlookers have hailed as a serious challenge to existing providers like Comcast.

Why The TSA (Probably) Doesn’t Give a Fuck: @Vice ‘Terminal Insecurity’ Video

vice

In a Vice produced video, a security researcher demos how to, well, blow up airline security.

Bombs created out of Axe body spray, lighters and toy airplanes; Gun-like contraptions created from magazines, pringles cans and other items you can buy from any convenience store in the terminal.
The how-to is meant to illustrate just how unsafe we are at the airport, despite the uptick in pat downs, body scanners and shoe-less passengers endlessly weaving through serpentine lines.

On its face, this shit is terrifying. Yet the Transportation Service Authority probably doesn’t care.

In a Q&A interview with the Atlanta Journal-Constitution two years ago, John Pistole, administrator of the Transportation Security Administration and a former deputy director of the FBI, said as much.

(From AJC ‘New TSA chief wants ‘more informed’ screening‘)

I see my job and really TSA’s job as one of really managing risk. So my goal is to ensure that we provide the best possible security for the traveling public but doing it in a way that provides greater scrutiny to those that need greater scrutiny, and so we don’t use a cookie cutter approach for everybody. Right now we use somewhat of a blunt instrument to screen virtually everybody the same away. And my goal is to use intelligence in a more informed fashion so we can apply greater scrutiny to those who need it and keep up with throughput in that fashion.

That’s evidenced through TSA’s efforts with pre-check and general focus on intelligence, it most likely just doesn’t see these type of explosive devices as a priority.

In fact, it’s argued that the longer the lines are at TSA, the more time that under-manned airport security details have to focus on potential threats.

That doesn’t mean that I’m trying to make excuses for the TSA.

But, there are just too many physical holes in an airport to plug. I’d imagine that the TSA would posture that you could create as much chaos on an aircraft with your hands (choking a stewardess to death) as one of the IEDs that Vice displayed.