So last week I got my new Acer Aspire One, awesome little netbook here. First things first, I had to remove Windows XP Home and put Ubuntu 9.04 on it. Everything runs pretty good, the webcam works, and the microphone works properly after setting the sound capture to ‘HDA Intel ALC268 Analog (ALSA)’.

Being so small I wanted to encrypt the hard drive with luks, in case it was stolen or lost. Initially I used the alternative install ISO to do this. The install was complicated due to the installer complaining about the lack of a CD drive, and the performance hit was just too big. So, I decided use the Netbook Remix and do just /home encryption, as that is where most settings and personal files should be stored.
Read the rest of this entry »

Last Thursday wired.com, through the FOIA,  obtained 100’s of pages of  documents that detail seven years of the FBI’s use of malicious software in tracking down hackers, hitmen, extortionists and terrorist suspects. The released documents, available for download here, are of course heavily redacted. The software is called CIPAV, or “computer and internet protocol address verifier.” From the documents it’s capabilities include: reporting a computer’s IP address, MAC address, open ports, a list of running programs, the operating system type, version and serial number, preferred internet browser and version, the computer’s registered owner and registered company name, the current logged-in user name and the last-visited URL. After sending this information to FBI servers via covert channel, the software sits quietly and monitors your internet use, reporting the IP addresses of every connection made while on the Internet.

Read the rest of this entry »

We’ve all read the news about yesterday’s early morning fiber cuts in the San Francisco Bay Area.  The first cut, which was AT&T fiber, happened around 1:30am alongside Monterey Highway near Blossom Hill Road, in San Jose. At 3:30am more AT&T fiber was cut along Old County Road near Bing Street in San Carlos. Two additional lines were also sliced on Hayes Avenue in south San Jose. The cuts affected both landline and cell phone service for tens of thousands of people. Access to e911 services were also affected as far south as Gilroy. Transit at the 200 Paul datacenter in San Francisco was also disrupted. So, no, it wasn’t a backhoe. It was a coordinated and deliberate act of sabotage on our critical infrastructure. AT&T is offering a $100,000 reward for information that leads to the arrest of the perpetrators.

Read the rest of this entry »

Bruce Scheiner is covering an interesting security aspect of Web 2.0 over at his blog: identity theft scams. Though I believe a more apt category would be social engineering, because this vulnerability is not limited to solely ID theft. This demonstrates the need to be vigilant in deciding who to friend on these social networking sites. But not even that will protect you, because your friends or your friend’s friends may not be as security-conscious as you are, and that leaves a way in for the enterprising social engineer. I mean, I’ve been on facebook all of 2 weeks, and every day the site itself asks me to friend some person I don’t know. And how many of us have seen the profiles with 1000’s of friends? Come on, no one knows 1000’s of people well enough to actually consider them friends.

Read the rest of this entry »

I’ve recently returned from a long hiatus from the ‘net. Working in the IT industry and being an all-around computer geek my entire life, a prolonged absence from modern technology (especially the Internet) was a strange experience. Since I’ve always been a strong believer in personal privacy, and in how this privacy can be enjoyed and protected online, my absence presented me with a unique opportunity to view privacy and anonymity on today’s Internet and compare it to that of three years ago. Read the rest of this entry »