The Nexus S Android phone is capable of reading and emulating RFID. An application called Farebot demonstrates how the phone could be used to emulate RFID fare cards. This apparently could make it cheaper and more convenient for transit riders. However, the software's author also points out how many of these cards keep records trip information in clear-text. This creates a bit of a privacy issue since it is so easy for this software to read cards from people who merely happen to walk close enough to you.
Currently FareBot can parse and display balance and trip history information from Seattle’s ORCA card, and can dump raw data from any other MIFARE DESFire card including San Francisco’s Clipper card. FareBot is open-source and designed to be flexible so that hopefully other developers will add support for other types of cards.
Tuesday, March 8, 2011
Friday, March 4, 2011
The HBGary story keeps getting more and more interesting
Another PDF file today - But well worth the read. The more we witness the fallout from Anonymous' exploits, the more interesting it gets.
According to a letter signed by 20 members of congress, HBGary and a law firm conspired to sabotage critics of the US Chamber of Commerce - namely U.S. Chamber Watch, Change to Win, the Center for American Progress, the Service Employees International Union, and others. In their attempt to halt free speech, it seems HBGary and their crew of goons may have carried out, or at least conspired to carry out actions that violate Federal law: Forgery, Mail and Wire Fraud, and Fraud and Related Activity in Connection With Computers.
According to a letter signed by 20 members of congress, HBGary and a law firm conspired to sabotage critics of the US Chamber of Commerce - namely U.S. Chamber Watch, Change to Win, the Center for American Progress, the Service Employees International Union, and others. In their attempt to halt free speech, it seems HBGary and their crew of goons may have carried out, or at least conspired to carry out actions that violate Federal law: Forgery, Mail and Wire Fraud, and Fraud and Related Activity in Connection With Computers.
During a recent password audit
During a recent password audit, it was found that someone was using the following password:
"MickeyMinniePlutoHueyLouieDeweyDonaldGoofySacramento"
When asked why she had such a long password, she said she was told that it had to be at least 8 characters long and include at least one capital.
I don't usually post jokes, but I think this is the first infosec joke I've ever heard. Feel free to post or send along some more if you know a good security joke.
"MickeyMinniePlutoHueyLouieDeweyDonaldGoofySacramento"
When asked why she had such a long password, she said she was told that it had to be at least 8 characters long and include at least one capital.
I don't usually post jokes, but I think this is the first infosec joke I've ever heard. Feel free to post or send along some more if you know a good security joke.
Wednesday, March 2, 2011
Apparently all today's Infosec news is a result of Anonymous' exploits
The servers at Morgan Stanley were broken into. I bet you already guessed it was the Chinese yet again.
It's getting very fashionable to blame the Chinese for most hacks against American computer systems these days. But this is news for an actually interesting reason. We would not have known about it if it wasn't for the emails Anonymous exposed from a company humorously referred to in media as "a cyber-security company working for the bank." Whoever they might have been.
Leaked emails seem to be the current source of daily news these days. It sure is more interesting than watching CNN.
It's getting very fashionable to blame the Chinese for most hacks against American computer systems these days. But this is news for an actually interesting reason. We would not have known about it if it wasn't for the emails Anonymous exposed from a company humorously referred to in media as "a cyber-security company working for the bank." Whoever they might have been.
Leaked emails seem to be the current source of daily news these days. It sure is more interesting than watching CNN.
Subscribe to:
Posts (Atom)