Friday Jan 15, 2010

Last Days at Sun Microsystems

The Sun is setting - so an Oracle has told me - and my days at this company, one of the best I have ever worked for are nearing their end.

I will be moving my blog over to http://bblfish.net/ as soon as I get the right software set up there. You can follow me on twitter or identica for updates.

Sun will continue to pay me for the next 8 month at a salary very close to the one I am earning now, so in gratitude to them, I will essentially just keep doing what I have been doing while here. I will keep working on foaf+ssl and securing the social web. As I won't be getting any travel money, I will be happy for anyone willing to sponsor those costs for me.

So to all a happy new 2010.

Chaos Computer Club reveals massive airport security hole

The Chaos Computer Club yesterday revealed on German Television, in a program entitled "Data theft via wireless - security risks at German airports", a massive security hole, that could easily allow intelligent terrorists - if such a being is possible - to gain access to the secure parts of many airports, thereby bypassing any of the more and more restrictive and intrusive measures being introduced to scan normal citizens, and which led the pirate party to demonstrate in underpants as I reported earlier this week.

The trick is simple. Employees at many airports use badges that are read wirelessly by scanners. Using a trick similar to that described by Chris Paget's RFID cloning presentation - a massive security scandal in the US - it is possible to capture the signals emitted by these cards and use that to produce fake ones. Having created one such card, the CCC members were able to gain access to secure parts of the Hamburg airports without going through any of the security checks imposed on the passengers.

It is not surprising that such a hole and many more should be found of a similar nature. Increasing security in one part of the airport will not make anything more secure if not all parts are secured equally. But since the threat of terrorism is so minute - you are 8 times more likely to be killed by a cop in the US than by a terrorist - any security measures will end up creating more danger than that posed by the terrorists themselves. Add more police and the danger of accidental killing by the police can only go up faster than the terrorist threat itself.

About

bblfish

Search

Archives
« January 2010
MonTueWedThuFriSatSun
    
1
2
3
4
6
7
10
11
14
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
       
Today