Security guide to customs-proofing your laptop | The Iconoclast – politics, law, and technology – CNET News.comDeclan writes a witty and informative piece on securing a laptop against legals searches without cause at border crossings. 

No tags

Yahoo and MSN helping to root out Tibetan rioters | The ObserversYahoo China posted pictures of “most wanted” Tibetan protestors on Yahoo! China’s home page. Cooperation with lawful process in a repressive country is bad enough, here they are actively collaborating. Yahoo!’s claim that this was done by Yahoo! China, not by the Yahoo! mother-ship, seems disingenuous at best.Active support of censorship and oppression is clearly unethical. If this is not clearly on the wrong side of the line, then what in the world is?

No tags

Tool Physically Hacks Windows – Desktop Security News Analysis – Dark ReadingI am not sure how this has been true for years, yet has received so little attention. This article discusses the fact that Firewire connections enable direct read and write to a computer’s RAM. In many ways, this is even better than the RAM persistence I blogged about a while back. It appears to be easy to write a script that would run on an iPod or other Firewire device which will allow you to grab passwords from memory, bypass login screens, and gain access to the local drive. The amazing thing about the memory access is that it actually bypasses the CPU entirely. Normal security software will not pick this up at all. PCMCIA and Firewire are designed to work this way. It is a “feature” not a “bug”. Never the less, it is a huge security issue. If your computer is under the physical control of another person, you are in trouble. Hard drive encryption is the solution, but only if the computer is OFF. If it is on, then the password can be grabbed from memory. There is really no solution to that problem.There are two actions one can take. First, you can physically disable your Firewire capability if you need to leave your computer running unattended. Second, you can make sure you never leave your computer running unattended in an insecure location, and that the hard drive is encrypted securely. This second suggestion is the same solution as for the RAM persistence attack.

No tags

Web Site Criticizing Quran Curbed – WSJ.comA Dutch lawmaker has a website promoting a short film critical of the Quran. It appears that the site and article are extreme and unreasonable, but what is really shocking is the policy of Network Solutions against “objectionable material of any kind or nature.” Most of the interesting thought, literature, and art is objectionable to someone. This is clearly a license to remove anything they want. To me, it is a compelling reason to avoid using Network Solutions.

No tags

David Brin Rebuts Schneier In Defense of a Transparent Society Here is David’s own rebuttal to the Schneier article on the Transparent Society I blogged about earlier.

No tags