Rogue Lid Shuts Grid

Rogue laptops aren't the only rogues out there...
A disgruntled city computer engineer has virtually commandeered San Francisco's new multimillion-dollar computer network, altering it to deny access to top administrators even as he sits in jail on $5 million bail, authorities said Monday.

Terry Childs, a 43-year-old computer network administrator who lives in Pittsburg, has been charged with four counts of computer tampering and is scheduled to be arraigned today.

Prosecutors say Childs, who works in the Department of Technology at a base salary of just over $126,000, tampered with the city's new FiberWAN (Wide Area Network), where records such as officials' e-mails, city payroll files, confidential law enforcement documents and jail inmates' bookings are stored.

Childs created a password that granted him exclusive access to the system, authorities said. He initially gave pass codes to police, but they didn't work. When pressed, Childs refused to divulge the real code even when threatened with arrest, they said. He was taken into custody Sunday. (more)

So, how do you protect yourself against insider hijacking?
One way to start...
• Don't give the keys to the kingdom to only one person.
• "Checks and Balance" "Checks and Balance" "Checks..."
• Establish an admin / root password emergency reset plan.
• Bell your cat(5). Get notified when it hits the fan: Tripwire
• Keep my number handy. Rogues are know for their bug and wiretap tricks, too.

Spybusters Shades - Poop on the Paparazzi

Proof of Concept. Very effective. Murray's Prediction: Look for some sharp sunglass manufacturer to put this into production.
"Spy", perhaps?!?!

Unified Communications - Beware the Dark Side

Unified Communications refers to an umbrella of technologies that are likely already familiar to corporate users: Instant messaging, that lets users chat with others in real-time using a simple client interface; presence, which allows users to see who is available on IM, but also what is active on the network; and unified messaging, the combination of e-mail, voice, and fax in a single in-box that offers users access at any time from any device.

The products come as hardware and software combinations, stand-alone software, software suites, or as a hosted service. When working together, these tools aim to simplify the lives of professionals... (more) (more)

However...
• UC is a bigger, juicer, easier target for spies and hackers than each system individually.
• Court-ordered electronic surveillance of UC systems is easier and more productive.
• UC system breakdowns / sabotage will mean more $$$ lost than with current devices.

SpyCam Story #447 - The Neighbor

Q. "I am being overlooked by a neighbor's camera and was just wondering if there was a anything that could interrupt or jam the filming/picture of a WIRED night/day cctv. Any ideas would be much appreciated. Many thanks."

A. I love easy questions. Once you have tried all the civil things (a polite request to re-aim the camera, threat of filing a voyeurism complaint with the police, etc.) there is always the sharp stick in the eye approach.
Here is what other people are doing...
Ouch #1
Ouch #2
Ouch #3
Ouch #4
Ouch #5
Good luck!
Kevin

"Blank Reg! Is that you?"

UK - Yobs wrecked CCTV cameras outside a Preston community centre just 48 hours after they were installed. But pictures of the vandals have been captured on the cameras they tried to destroy.

The community of Tanterton won government funding to put up four cameras at a notorious troublespot near the row of shops and community centre in Village Green Lane. (more) (video)

"I reprogrammed a car fob, Mr. Cheney. Now I control you."

by Chris Soghoian...
A team of respected security researchers known for their work hacking RFID radio chips have turned their attention to pacemakers and implantable cardiac defibrillators.

The researchers will present their paper, "Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses," during the "Attacks" session of the 2008 IEEE Symposium on Security and Privacy, one of the most prestigious conferences for the computer security field...

By reading between the lines (millions of remotely implanted medical devices, able to administer electrical shocks to the heart, can be controlled remotely from distances up to 5 feet, designed by people who know nothing about security), it is easy to predict the gigantic media storm that this paper will cause when the full details (and a YouTube video of a demo, no doubt) are made public. (more)

What in the World???

Every minute disaster strikes somewhere in the world.
These sites keep track of it all...
GlobalIncidentMap.com
Havari Information Service - AlertMap
Incident1.com
USDA Active Fire Map
Illegal Alien Activity Tracking System
PetFlight Airport Incident Map
Real-Time Earthquate Map
World Disasters
Disaster Resource Network

Sabotage, espionage, coincidence or...

The failure of four undersea cables in less than a week is stoking suspicions that saboteurs want to disrupt internet traffic passing between Europe and the Middle East. (more)

"...and stop saying 'loopy coolie'!"

A Florida woman who believed she was about to get fired has been accused of deleting $2.5m worth of computer files to seek revenge on her employer.

Jacksonville Sheriff's officials say Marie Lupe Cooley, 41, used her own account credentials to access the server of Steven E. Hutchins Architects and delete seven years' worth of drawings.

Cooley went on her silent rampage after finding a help-wanted ad placed by her boss. It described an open administrative assistant position that sounded remarkably similar to hers.

As it turned out, the help-wanted ad listed a position available in the office of Hutchins's wife. Cooley's job was never under threat, though it probably is now. (more)

Disgruntled employees also sneak in and plant bugs to find out who will be sacked. When was your last eavesdropping detection inspection?