Category: Security

  • ACLU challenges Suspicionless Laptop Border Searches

    Today, the ACLU and related parties filed a class-action lawsuit challenging the U.S. Government’s policy of allowing suspicionless searches and seizures of laptops and other electronic devices at the border. The allegations include violations of the First and Fourth amendments. It is seeking a declaration that the Department of Homeland Security policies, which are restatements […]

  • What does “search incident to arrest” mean today?

    A good article over at the Wall Street Journal on the recent controversy over warrantless searches of laptops was pointed out to me by Venkat Balasubramani. Thanks, Venkat! The article is worth reading as it discusses the recent cases involving searches of electronic items at the border (based upon a “reasonable suspicion” test), and contrasts […]

  • So why is it difficult to properly legislate for Cyberspace?

    Ryan Blitstein asks this question in a great article at the Mercury News, here is the link. To summarize, the difficulties include legislators who don’t understand the technology, as well as companies that fight good laws because the proposed law hurts their bottom line. Special interests, as usual, appear to have more sway than implementing […]

  • Detecting government spyware

    Here’s an interesting article, written by Declan McCullagh and Anne Broache, entitled “Will security firms detect policy spyware?” There are currently no rules that specifically require companies to comply with requests for government spyware to be installed on users’ machines. There similarly is no current requirement for anti-spyware vendors to write software that doesn’t detect […]

  • Be Proactive: Know Your Systems and People Before Facing a Lawsuit

    The following is an article I wrote about the recent changes to the Federal Rules of Civil Procedure and its impact on record keeping responsibilities and issues. —- As of December 1, 2006, the Federal Courts have adopted new Federal Rules of Civil Procedure that explicitly acknowledge the fact that information that may be relevant […]

  • Arrogant hacker tracked down through Metadata

    Here’s a funny development I’ll be watching closely. This week, a hacker who claimed to operate a remote ‘bot network of thousands of computers was interviewed in the Washington Post. That in itself wasn’t newsworthy enough for me to blog about it, as sadly there are many users who allow this to happen to their […]

  • Reviewing the FBI Computer Crime Survey 2005

    The FBI’s Computer Crime Survey 2005 has been released. Thanks to BeSpacific for the link. At the time of this writing the survey itself is not accessible, but the summary of the findings can be found from the above link. In relevant part, the important findings are as follows: Frequency of attacks. Nearly nine out […]

  • Truly Anonymous Web Surfing: Realized on a CD?

    In Wired News, Quinn Norton has an interesting article on an open source CD that contains a self-contained operating system. The purpose is to never actually use the hard drive of the machine while still allowing internet access, thereby leaving no fingerprints that the machine was used. The CD runs OpenBSD, but it disguises the […]

  • Out of the Box with Wireless

    I’m writing this now on OpenOffice 2.01 with my new Acer Travelmate C200. Opening the box was cool, I was up and running within minutes. The only big hiccup came with the built-in power management software misinterpreting tablet mode as being the standard “Lid’s closed, let’s power down” mode. Luckily I was able to diagnose […]

  • Victory declared: But is it really?

    Mark Russinovich, over at Sysinternals, has declared victory over the rootkit embedded in the CD’s Sony has distributed. And, as Bruce Schneier points out in his excellent analysis, Mark has reason to be happy. It’s David v. Goliath. However, it’s not a total victory. There are untold numbers of machines still infected with the Sony […]