Jun 12 2011

Shades of grey

Tag: (i)realidad,Informática LegalJoaquim Anguas @ 11:05 am

The feds are so comfortable in this ethically-challenged landscape in large part because they are also the largest single employer… on both sides. One in four U.S. hackers is an FBI informer, according to The Guardian. The FBI and Secret Service have used the threat of prison to create an army of informers among online criminals.

While security dudes tend to speak in terms of black or white hats, it seems to me that nearly all hats are in varying shades of gray.”

I, Cringely: “When Enginyeers Lie”.


Jun 07 2011

RSA to replace SecurID tokens

Tag: (i)realidad,Informática LegalJoaquim Anguas @ 11:59 pm

Against this backdrop of increasingly frequent attacks, on Thursday, June 2, 2011, we were able to confirm that information taken from RSA in March had been used as an element of an attempted broader attack on Lockheed Martin, a major U.S. government defense contractor. Lockheed Martin has stated that this attack was thwarted.

As a result, we are expanding our security remediation program to reinforce customers’ trust in RSA SecurID tokens and in their overall security posture. This program will continue to include the best practices we first detailed to customers in March, and will further expand two offers we feel will help assure our customers’ confidence:

  • An offer to replace SecurID tokens for customers with concentrated user bases typically focused on protecting intellectual property and corporate networks.
  • An offer to implement risk-based authentication strategies for consumer-focused customers with a large, dispersed user base, typically focused on protecting web-based financial transactions.

…”

Open Letter to RSA SecurID Customers.

Via arstechnica.


Jun 01 2011

Choose your weapon

Tag: (i)realidad,01,Informática LegalJoaquim Anguas @ 3:25 pm

Under the new framework, the use of a weapon such as Stuxnet could occur only if the president granted approval, even if it were used during a state of hostilities, military officials said. The use of any cyber-weapon would have to be proportional to the threat, not inflict undue collateral damage and avoid civilian casualties.

WP.