Friday, August 29, 2014

Twelve triple three

Keep this number in mind: Twelve triple three. This is the name given to the key tool for lifting the current US intelligence network.


12333 could have been just another number but instead it gives the name to one of the most controversial executive orders in American law. Thanks to it, it was possible to weave the US global monitoring system and it allowed the government to bypass other previous laws that protect citizens’ privacy rights, according to John Tyde, formerly of the NSA.

Among the strategies used to access both personal and business information, it is the lack of awareness about the importance of IT infrastructure security. Absence of specific controls, automatic scanning systems that are never checked and a serious gap between the knowledge of these systems’ managers and the techniques used by attackers.

This is so leaving apart our lack of interest in how automatic patching for operating systems works, especially for Microsoft’s one. This system could lead to deception (and even to others’ manipulation), tends to operate without any control, and it is a quite more complex issue than it indeed seems to be.

If we had to highlight something from the two major security events held a couple of weeks ago is the critical role of security management for all devices, including some seemingly harmless as a USB pendrive. On Tripwire’s podcast several security experts talk about this case, and how these tools are not usually designed to deploy protective systems while HackPlayers notes how relevance (and ease) is to protect mobile devices charging process using a simple "USB condom" which removed reading and writing pins, leaving only those necessary to fill the battery.

Likewise it is interesting the proliferation of fake girlfriend services. These companies are allegedly intended to create the perfect girlfriend for you... except that it is not real, and only interacts with the user digitally. It is surprising that the market increasingly demands such services, despite the risk of fraud that the consumer faces.

All these stories turn around a main axis: the value of information. In order to keep everybody up to date about the security world, feel free to share this article and give it +1. Thank you very much.

0 comments:

Post a Comment