A security consultant based in New Zealand has released a tool that can unlock Windows computers in seconds without the need for a password.
To use the tool, hackers must connect a Linux-based computer to a Firewire port on the target machine. The machine is then tricked into allowing the attacking computer to have read and write access to its memory.
With full access to the memory, the tool can then modify Windows’ password protection code, which is stored there, and render it ineffective.
“If you have a Firewire port, disable it when you aren’t using it,” Ducklin said.
“That way, if someone does plug into your port unexpectedly, your side of the Firewire link is dead, so they can’t interact with your PC, legitimately or otherwise.”
The moral of this story is: don’t let unauthorised people have physical access to your computer and shut off the Firewire port unless you are actually using it.
I just found this:
“WikiLeaks.org is developing an uncensorable version of WikiPedia for untraceable mass document leaking and analysis.”
I’m not sure how I might use this site, but it does have some very interesting instructions on how to submit material anonymously.
Handwritten documents are important to any Investigator or Researcher as they are either creating them, or reading them. Archives throughout the country are full of original handwritten documents of value to researchers.
The age of the ubiquitous ballpoint pen began in the 40’s and this has caused some problems for archivists as so many companies strove to create inexpensive ballpoint pens. The problem has become one of education. The pen may write, but the ink may fade over time, or be vulnerable to water and other solvents. UV light and poor quality paper also do a fine job of obliterating cheap ink from poor quality ballpoint pens. The forgers art of cheque-washing in the following examples illustrate what can happen to documents that encounter solvents. Continue reading ‘Cheque Washing and Pens’
I found this interesting article on Gwen Harris’s blog, Internet News.
Manipulation of search results
Is Search A Lie? Can You Really Believe Google? Bruce Nussbaum, Business Week (February 08)
Can a PR firm manipulate results at Google (and other search engines) to the degree that this man claimed?
“I sat next to a a guy I’ve know for years from a major public relations/media relations firm at the World Economic Forum in Davos two weeks ago and he told me how his company manipulated search to improve the image of its clients.”
One commenter advised, “… growing need for people to understand the difference between legitimate search results and PR-fueled, or otherwise manipulated, search results.”
Yes, but identifying these results usually takes a fair amount of subject knowledge and awareness of techniques to notice the signs of the gamed results. No wonder people trust search results less .
The last link leads to an article about search atheism, a term I could learn to love.
To quote Phil Bradley, “Of course companies and individuals try and game the search engine, and anyone who blindly accepts results without analyzing them deserves what they get.”
Ecological search engines use a black background rather white. Black backgrounds apparently uses less energy than white, though Google’s research tends to contradict this. Here is a list of some of these strange looking search engines:
Blackle
Eco-Find - Ecologic Search
Darkoogle
Nigel Stanley, at Bloor Research article entitled Ounce Labs weighs into rogue code about the dangers of outsourcing software development. The most interesting part of the article follows:
Industrial espionage, or good old fashioned spying, is as alive and well today as it has ever been. In fact, a lot of time and effort from the security agencies is tied up in dealing with this issue, and contacts have assured me it is worse now than it has ever been as developing countries try to steal a march (maybe even literally) against the developed world. Spying between developed nations is also a problem, with some larger European countries having a dreadful reputation for trying to obtain industrial secrets from so called allies. Software development is an obvious target…
The downside of this approach is that decision makers get seduced by green lights whilst their developers look for even more creative ways of inserting malicious code. No sensible person will ever declare that a product such as Ounce 5 will guarantee that your code is 100% secure…
Wikipedia maintains a long list of social networking websites. The links are to other Wikipedia articles about the listed sites so that you can get a feel for what the sites might offer.
I don’t know how I so skillfully miss a good blog when I’m searching. Ian Smith’s blog, aptly named Ian’s iBlog, has been going since December 2006. Ian is a graduate of Concordia University in Montreal.
His article entitled FI: Facebook Intelligence attracted my attention as it provides a good explanation of the value of searching this social network site.
This is something that makes me think, “why didn’t I think of that?”. I found it on the Sources And Methods blog.
Newsroom101.com. This site has a ton of easy to do exercises to improve your grammar, spelling and punctuation. Designed for journalists (with the AP style in mind) the site is almost just as useful to intelligence analysts who have to learn to write in the concise style of a journalist. I also like the way the exercises are put together. If you get the right answer, the site doesn’t bore you with the details. If you get the wrong answer, however, the site lets you know what you did wrong and why immediately.
