Category Archives: Security

Open voting machines

Senator Debra Bowen of California has introduced Senate Bill 1747, which is meant to open up voting machines to more inspections. She writes:

Current law restricts the ability of people to inspect voting machines, limiting it to county central committees who can send in “data processing specialists or engineers.” My bill expands it to every qualified political party, removes the requirement that they be “data processing specialists or engineers,” and permits up to 10 people from a “bonafide collection of citizens.”

The Tick

Everyone’s favorite crime-fighting superhero, The Tick:

spoooooon

Looks like he is to be available soon on DVD. Funny clips are already available for free.

The Tick on emergency procedures when he finds one of the Breadmaster’s bombs:
“Evacuate the building! This bread’s gonna blow!”

The Tick’s trusty assistant on authentication:
“I know how I can prove I’m Arthur. I’ll tell you something only you and I know…”

Strange how evil villans like the Dynamole look to me today, given the current news, compared to when The Tick first fought him.

FBI working to decipher Italian man’s bible

Remember the story of Bernardo Provenzano? He was the Sicilian mafia boss who was arrested last April. I think many were surprised by the simple Caesar-shift encryption found at the time of his arrest. I figured he only needed to use a simple form of encryption because he was worried more about people who were less likely to crack the code (like his immediate family) than police and security experts trying to track him down.

Well, it turns out now that he was not caught due to the simple encryption and “lack of knowledge of linguistics“, as was often reported earlier, but because of simple old mail tracking. Reuters reports:

Provenzano was found holed up at a farmhouse outside of his hometown of Corleone, made famous by the Godfather movies, after police tracked a package sent by his wife.

While deciphering notes by the Mafia boss helped police figure out the names of the people Provenzano was working with, now they have asked for the FBI’s help with interpreting a copy of the Bible. From Reuters again:

Bernardo Provenzano, the Mafia boss who spent 43 years on the run, had underlined passages in his personal copy of the Bible. Investigators have said these could hold the key to other encoded messages found at his rural hideout.

“The FBI is working with the (Italian) state police to determine whether there are any hidden messages in the Bible,” said a U.S. government official, who asked not to be identified.

Frankly I would be shocked if the FBI doesn’t find any hidden messages in the Bible. More interesting, perhaps, is how many of them will become devout followers after carefully studying the text.

PCI Security Standards Council

Officially launched today:

American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International today jointly announced the formation of an independent council designed to manage the ongoing evolution of the Payment Card Industry (PCI) Data Security Standard, which focuses on improving payment account security throughout the transaction process. The founding of the PCI Security Standards Council, LLC, marks a significant milestone in the payment industry’s efforts to secure payment account data in a globally consistent manner. Ultimately this means that more than a billion global payment card users will benefit from a higher level of security protection against data theft and fraud.

This gives companies a more formal input process to manage the PCI standards and ensure global consistency:

Specifically, the PCI Security Standards Council will:

* Develop and maintain a global, industry-wide technical data security standard for the protection of accountholder account information;
* Reduce costs and lead times for Data Security Standard implementation and compliance by establishing common technical standards and audit procedures for use by all payment brands;
* Provide a list of globally available, qualified security solution providers via its Web site to help the industry achieve compliance;
* Lead training, education, and a streamlined process for certifying Qualified Security Assessors (QSAs) and Approved Scanning Vendors (ASVs), providing a single source of approval recognized by all five founding members; and
* Provide a transparent forum in which all stakeholders can provide input into the ongoing development, enhancement and dissemination of data security standards.