Archive for category: Security

Reminder: HOWTO tunnel http using ssh…

July 16, 2010 | Security | By: Mark VandeWettering

I have a couple of devices at home that provide http servers on my local network. I have them tucked nicely behind my firewall so that they are not accessible from the outside, but occasionally, I would like to login to them to perform some reconfiguration or the like. This is where ssh comes to […]

Compromising Reflections

August 8, 2009 | Security | By: Mark VandeWettering

I’ve been interested in TEMPEST and related technologies for a while. Here’s another link to another paper: This project investigates a novel eavesdropping technique for spying at a distance on data that is displayed on an arbitrary computer screen, including the currently prevalent LCD monitors. Our technique exploits reflections of the screen’s optical emanations in […]

Matt Blaze: Security and Human Behavior 2009

June 14, 2009 | Computer Science, Cryptography, Security | By: Mark VandeWettering

For all the people who’ve come to see this as my ham radio blog, I apologize, but I do have other interests, and computer security is one of them. It’s not that I am any kind of expert, but I have played around quite a bit with various bits of computer security and cryptography over […]

TEMPEST: A Signal Problem – Hack a Day

January 27, 2009 | electronics, Security | By: Mark VandeWettering

I’m not 100% obsessed (more like 98%) with radio topics: this morning, I found this link on Hack a Day which provided a link to several articles having to do with TEMPEST. I’ve blogged about TEMPEST before, but for those who haven’t heard of it before, it’s a way of eavesdropping on electronic signals by […]

Spying on Computer Monitors Off Reflective Objects

May 20, 2008 | Security | By: Mark VandeWettering

I’ve bitched before about CSI and their use of “video enhancement” to read displays and the like using low resolution security cameras reflecting off objects. It’s interesting to see what is actually possible using this basic idea though. Link courtesy of Bruce Schneier’s security blog: Schneier on Security: Spying on Computer Monitors Off Reflective Objects

WordPress Development Blog › 2.0.2 Security Release

March 10, 2006 | Blogging, Security | By: Mark VandeWettering

There is a new security update for WordPress, which I’ve already installed without any serious mishap/problems. If you run WordPress, you might think about giving it an upgrade. Technorati Tags: WordPress, Blogging, Security Addendum: I’ve been having minor problems with the Dashboard in this release not displaying correctly.  I’m still trying to figure it out.

Signaling Vulnerabilities in Wiretapping Systems

December 1, 2005 | Security | By: Mark VandeWettering

Matt Blaze and company have a new paper just out entitled Signaling Vulnerabilities in Wiretapping Systems, which details a number of problems with the methods and equipment normally used by law enforcement to tap phone equipment. These include vulnerabilities that allow the surveilled party to make it appear to call numbers other than the one […]

DocuColor Tracking Dot Decoding Guide

October 17, 2005 | Cryptography, Security | By: Mark VandeWettering

Xerox printers use a watermarking technique to insert codes onto all printed documents from their Docucolor color laser printers. These identify date, time and printer serial number with a grid of yellow dots which appear in the printout. Presumably these codes are inserted to make the job of the Secret Service simpler in tracking their […]

The Hidden Boot Code of the Xbox – Xbox-Linux

August 12, 2005 | Security | By: Mark VandeWettering

Slashdot pointed at this kind of cool article on how the hidden code on the Xbox was hacked. I thought it was pretty cool and illuminating.

Cell service shut off indefinitely in 4 NYC commuter tunnels – UPDATED

July 11, 2005 | Security | By: Mark VandeWettering

Boing Boing documents the quick imposition and then reversal of a cell phone ban in the Lincoln and Holland tunnels in NY. Apparently they were concerned over the risk that remotely detonated devices presented, but (as the NYPD apparently pointed out) the idea of having a place where people cannot use their cell phones to […]

How to REALLY handle spam…

June 10, 2005 | General, Security | By: Mark VandeWettering

Tom sent me a pointer to Jef Poskanzer’s notes on how he handles a million spam messages every day. No, that’s note an exaggeration, Jef gets hit by a million of them every day. Holy crap. Jef is a the author of the really nice thttpd, which I used to run my website for years […]

Internet Explorer Security Plans

June 10, 2005 | Security | By: Mark VandeWettering

Courtesy of Scoble’s blog, here is a post concerning “Low Rights Internet Explorerer”: IEBlog : Clarifying Low-Rights IE Low-rights IE will only be available in Longhorn because it’s based on the new Longhorn security features that make running without Administrator privileges an easy option for users (User Account Protection). When users run programs with limited […]

Minnesota court takes dim view of encryption

May 24, 2005 | Cryptography, Security | By: Mark VandeWettering

Sigh. Things like this really depress me. Minnesota court takes dim view of encryption | CNET A Minnesota appeals court has ruled that the presence of encryption software on a computer may be viewed as evidence of criminal intent. From the PGP FAQ: Who uses PGP? People who value privacy use PGP. Politicians running […]

Tor: An anonymous Internet communication system

December 22, 2004 | Cryptography, Security | By: Mark VandeWettering

This EFF-funded project sounds very interesting. It attempts to provide anonymity by making traffic analysis difficult by using something called an onion router. I’ll have to read more about it. Tor: An anonymous Internet communication system Tor is a toolset for a wide range of organizations and people that want to improve their safety and […]

Evesdropping on CRTs

December 2, 2004 | Computer Science, Security | By: Mark VandeWettering

Boing Boing mentioned a paper by Markus Kuhn on reconstructing the contents of a screen by measuring the reflected light in a room with a fast photosensor. Cool stuff, reminiscent of Ross Anderson’s work with Soft Tempest, which I experimented with briefly.