There’s something to be said when sacrifices are made for the greater good. At least that’s what the Department of Justice wants us to think. To avoid having to expose the details in court of a Tor exploit used by the DOJ to snag a child pornography site, the department motioned to dismiss the indictment. I’m not sure how I feel about this. Part of me wants to think that the ‘greater good’ is worth it and that this child porn ring will be shut down eventually anyway. On the other hand, after knowing what our government hackers are capable of, it’s hard to think that the greater good really has anything to do with it. The Tor network can be used for harboring child pornography, but it’s also be used in foreign countries be freedom fighters who work against repressive regimes (think North Korea). Read More →
More than 1 million Yahoo and Gmail accounts – including usernames, email addresses and plain text passwords – are reportedly for sale on the dark web.
According to the dark web vendor SunTzu583, who posted the sale offer, he has 100,000 Yahoo accounts from the 2012 Last.fm data breach and 145,000 Yahoo accounts from the 2013 Adobe breach and 2008 MySpace hack. The accounts are on sale for between 0.0079 bitcoins and 0.0102 bitcoins each. Read More →
At first thought, it might seem impossible to pull data from a computer that’s not connected to the Internet. How can a system be hacked without a Read More →
The concept of Separation of Duties (also known as Segregation of Duties) applies to many different industries. The principle was developed in accounting to avoid errors and fraud but it also applies to general business practices. Although it has its beginnings in the business world, Separation of Duties has become a powerful security principle in IT and information systems.
Edward Snowden exposed the United States government’s actions in spying on its citizens, corporations, and allies. Many of the techniques used by the NSA were successful because of weak cyber security practices. Snowden himself used a loophole in the government’s Segregation of Duties implementation to access the data without being identified (more on that later). In the post-Snowden era, internal information security has now become a priority for everyone. Read More →
Redundancy as it relates to the data center is a relatively simple concept; resources are duplicated in order to provide fail-safe mechanisms. Cloud service providers have taken many traditional data center functions out of the hands of local IT managers but the majority of companies however still maintain local data centers for various reasons. CEOs and CIOs still like to know that they control their data and maintain custodianship. They rely on their data center engineers to ensure that services & data are highly available. Read More →