Posts Tagged ‘security’


Android App Aims to Allow Wiretap-Proof Cell Phone Calls « The Firewall –

In Links on 2010-05-27 by Kyle Maxwell Tagged: , , , , , ,

On Tuesday, an independent hacker and security researcher who goes by the handle Moxie Marlinspike and his Pittsburgh-based startup Whisper Systems launched free public betas for two new privacy-focused programs on Googles Android mobile platform: RedPhone, a voice over Internet protocol VoIP program that encrypts phone calls, and TextSecure, an app for sending and receiving encrypted text messages and scrambling the messages stored in their inbox.

via Android App Aims to Allow Wiretap-Proof Cell Phone Calls « The Firewall –


FBI details surge in death threats against lawmakers

In Links on 2010-05-25 by Kyle Maxwell Tagged: ,

There may have been more threats — the FBI won’t release information on investigations that are still open — and there will likely be more this year; Senate Sergeant at Arms Terrance Gainer says threats against members of Congress were up 300 percent in the first few months of 2010.

via Exclusive: FBI details surge in death threats against lawmakers – Erika Lovley –


via Bruce Schneier

Ex Gang member turns Computer Hacker

Tagged: on 2010-05-25 by Kyle Maxwell

Leave a Comment


LifeLock CEO’s Identity Stolen 13 Times | Threat Level |

In Links on 2010-05-18 by Kyle Maxwell Tagged: , , ,

Davis’ history as an identity-theft victim would seem to call into question the company’s ability to protect consumers from a similar fate.

via LifeLock CEO’s Identity Stolen 13 Times.


Breach game code theft at PAX East ends in arrest — Joystiq

In Links on 2010-03-30 by Kyle Maxwell Tagged: , , ,

I really want to know why they had source code at a convention. And how (or why) they managed to do live, on-the-scene computer forensics. And what work they do “for military and intelligence organizations”. Providing training simulations shouldn’t lead to possible compromise of their clients’ networks.

Something doesn’t add up here, unless they just have no idea of how to handle restricted / confidential data and have exaggerated things for publicity’s sake. Surely, no game developer would ever fall into those categories…

Breach game code theft at PAX East ends in arrest — Joystiq.


OAuth and OpenID everywhere

In Uncategorized on 2010-02-08 by Kyle Maxwell Tagged: , , , , , ,

One of the reasons I have two sites here on Posterous and only one on Tumblr stems from my opposition to giving out my Twitter password to everybody that asks for it. We have OAuth now so that I can authorize your app to talk to Twitter for me without you actually needing my credentials directly. While my thoughts on passwords as a broken mechanism don’t really belong on this particular blog, I do want OAuth and OpenID (or something like them) everywhere. Not only do I not want to share my Twitter (and Gmail and whatever else) password with you, I’d really rather not have to create a whole new account for your site, complete with yet another password and profile setup and whatever.

It might take some extra effort, but I don’t know that that effort necessarily comes out to less than the effort required to create a secure authentication and authorization setup for your site. (Not to mention that many sites fail at the “secure” bit of that.) And it rapidly becomes a differentiator: I can use your site without having to jump through a gazillion hoops that benefit you the developer instead of me the user? Oh, and maybe that means you can easily connect me to my existing friends on your site? That drives more traffic and usage for you and keeps me interested because of the community, by the way, so everybody winds.

Please, won’t somebody think of the users?