Category Archives: Security

RFDUMP

RFDUMP is a handy utility that claims to work with any RFID tags. I hope to get a chance to test early next year. A CTO from a security company just mentioned that he has perfected his T-Mobile scanner and now gets free wi-fi access at any of their hotspots. One can only imagine the incentives of gathering RFID passport information, compared to credentials for free bandwidth.

Correspondence Patterns

I like the conclusions in this study:

“Darwin and Einstein correspondence patterns: These scientists prioritized their replies to letters in the same way that people rate their e-mails today.”

Not only does it vindicate my habit of attending to some communication instantly, while letting other things wait for eons, but it also raises interesting implications for confidentiality and data retention.

Preacher killed by baptism

I know this is more about safety than security, but I just found the story somewhat shocking:

“Rev Kyle Lake, 33, was standing in a small pool used for baptisms at the University Baptist Church when he was electrocuted on Sunday morning. Rev Lake reached out to adjust a nearby microphone, which produced an electric shock, said church pastor Ben Dudley.”

Sad but true.

SCADA systems come into focus

SecurityFocus reports today that US SCADA systems are finally getting the attention they deserve:

“Wary of the increasing number of online attacks against industrial control systems, the U.S. government has begun a major push to secure the systems used to control and monitor critical infrastructure, such as power, utility and transportation networks.”

I did some consultative/audit work with a utility company in the late 1990s and was surprised that networked systems had become so commonplace with so few controls. Fail-safes were everywhere for the critical infrastructure (most of which was heavily engineered and influenced by ideas that probably went back to the beginning of utilities themselves) so disasters seemed unlikely without some knowledge or access, but simple network devices (routers) and Microsoft software were spreading like crazy to “increase efficiency” for remote management and control systems.

To be fair, that all was before the Critical Infrastructure Project (CIP) was even started. I just checked their online files and it seems that progress is slow but steady.