Quick reminder to acquirers — just one month remains until the deadline.
Visa warned in 2008 that to avoid “appropriate risk controls, up to and including fines” you must provide them a PCI DSS Attestation of Compliance for all Level 1 merchants by the end of September 2010.
Sprites mods has a very nice in-depth hardware security review of the Disk Genie hard drive. The first problem seems to be how easily the device is opened. The next failure comes from how it indicates failures to the attacker. Spoiler alert: here are the conclusions.
If you’re just a generic Joe Blow who wants to make sure your private pictures don’t get viewed by your collegues or kids, you’re golden. The fact that the there’s no way a software-only attack can get the pincode means that some hardware-experience is needed to start hacking the device, and that will deter casual onlookers enough to make the device completely safe for curious neighbours or collegues, even if they are smart enough to, for example, install a keylogger on your PC.
If you’re a business-person with actual info to hide, info that could financially benefit other parties… you can still use this, but make sure to pick a strong pincode. More than 11 digits should do, depending on how badly others want the data.
If you’re, say, the president of a nuclear country and want to use this to carry around the launch codes of your nukes, I wouldn’t recommend this device. While the thing is safe for a casual hacker like me, someone with money or the resources to de-cap chips can probably get to the data fairly easy: the PIC which contains the keys to the HD is not a secure device and when decapped under a microscope in a laboratory can probably be made to give up that key fairly easily.
Is that a qualified hint to the Pentagon or just an example?
The California Attorney Jerry Brown has filed charges against e-waste recycler’s execs
In late 2008, CalRecycle auditors contacted investigators at the California Department of Toxic Substances Control after noticing discrepancies in the claims submitted by Tung Tai and the records kept by Golden State Records and Recycling, a company that collected and transferred materials to Tung Tai, Brown said in the release.
In July 2009, state agents searched the Tung Tai facility and discovered two separate sets of records, Brown said. Those records showed that Tung Tai had significantly inflated the pounds of recycled material it submitted for reimbursement to CalRecycle between January and September 2008, Brown’s office said.
Two separate sets of records? That is pretty bold.
The Cathode Corner site has a nice writeup of the design considerations for the Nixie Watch
As I pondered the perplexing problem of what to do with the back of the watch, I decided to study the mechanical watches I had lying around. They all seemed to have the same general design – a big turning with the strap lugs formed by punching out the material between them and from the sides of the watch. I had to approach it a bit differently, since I had an o-ring seal to get in the way of milling away material from the front. So I had the material milled from the rear. But I used the idea of turning the strap lugs, which is what gives it that watch-like look.
Although they figured out how to seal the case and make it attractive, battery life is still far below the paltry one-year that was planned. Hello, solar? What is that other wrist for anyway? Ironically it has a sensor built-in to save battery life by only displaying the time when viewed from a certain angle. Why not also generate energy from movement? This becomes a great example of how dependent a system is on energy, yet how little engineering is spent on solving the problem of input versus aesthetics.