security – Changing Way

Beware Malware

“Beware malware” is a friendly reminder to all, and one I should have given to myself when I attempted to download some software for my son yesterday. I was in too much of a hurry to be careful about what I was downloading.

I was after Kodu, the game programming tool. I now know that the file kodu-game-lab.exe is malware “which may bundle additional software offers including toolbars and browser extensions”. The quote is an understatement.

After some more careful Googling and downloading, my PC now seems returned to health. Thanks to Junkware Removal Tool!

Hot Off the (Word)Presses

Three news items about WordPress together seem to justify a post, especially given my intention to increase the quantity (and yes, quality) of posts here in 2011.

The first is about WordPress.com, which hosts this and millions of other blogs. The WordPress.com stats helper monkeys emailed me a summary of 2010 at Changing Way. They did the same for many others. Michael at TechCrunch and Constantine at Collateral Damage each hit the handy “Post this summary to my blog” button.

I’m wondering if every stats summary sent out showed reported that “The Blog-Health-o-Meter™ reads Wow.” Each of the links in the previous paragraph leads to a “Wow.” That doesn’t surprise me about TC or about CD, but it does surprise me about CW. I note that two of my five most viewed posts were about Lala, although only one of them was posted in 2010.

The other two items are about self-hosted WordPress. Version 3.1, Release Candidate 2, has just been, well, released. I should install it at one of my many blogs (how many do I have? I don’t know, but probably should) even though the new features seem more worthy than exciting.

Finally, if you’re running WordPress 3.0, you should install 3.0.4, a critical security release. Hey, that means I should go and do that very thing right now…

It's Always Kafka Day Somewhere

Three of the articles I saw today seem to fit together rather well. One, about unpublished manuscripts by Franz Kafka, is by Mark Tran, writing for the Guardian. I’m being particularly careful to identify authors, lest anyone think that the other stories are from the Kafka archives.

Meanwhile, the Washington Post leads with an investigation of Top Secret America by Dana Priest and William Arkin. I was relieved to find that it’s not behind the same login wall as a lot of WashPost content.

The top-secret world the government created in response to the terrorist attacks of Sept. 11, 2001, has become so large, so unwieldy and so secretive that no one knows how much money it costs, how many people it employs, how many programs exist within it or exactly how many agencies do the same work…

Analysts who make sense of documents and conversations obtained by foreign and domestic spying share their judgment by publishing 50,000 intelligence reports each year – a volume so large that many are routinely ignored.

Last comes a Kafkaesque story by Curt Hopkins at RWW. Blogetry, a WordPress platform, has been closed down by its host, BurstNET, “at the request of an unidentified law enforcement agency.” We know that about 70,000 blogs have been shut down. We don’t know:

How many of these blogs did a bad thing.
What bad thing was done.
Which agency issued the shutdown request.

Happy Kafka Day. Maybe we can celebrate it again tomorrow.

If We Obsess About Terrorists, Then the Poodles Have Won

Today’s Boston Globe has a great headline: 8 flights at Logan delayed as poodle toys with freedom. Here’s the story.

Choochy the poodle broke free after her plane landed at Logan and for the next 17 hours, the tiny white fugitive managed to elude nearly a dozen Massport employees and State Police, holding up runway traffic as she cavorted on the tarmac… a Massport spokesman… said the pup “did create a little havoc.”

One passenger remarked that his plane “sat on the runway for 25 minutes as five Massport vans drove in circles trying to corral Choochy” while others were “a little incredulous that it would take so many men so many hours to catch this little dog.” But caught she was, and the story ended happily.

The State Police dog unit assisted Massport’s fire and rescue staff and operations personnel in corralling Choochy at about 12:40 p.m., enticing her with dog food… A safe but tired Choochy was reunited with her family.

I love this story for many reasons. Here are two two-word reasons.

Security theater. If you aren’t familiar with the term, Bruce Schneier will explain it to you. I hope that Bruce will join me in congratulating Choochy: you went out there a “tiny white fugitive,” but you came back a security theater star. You showed that security theater is farce: security at Logan costs millions, but can’t cope with a poodle.
Boston Globe. Some of the people who work there can write, and the Choochy story is one of the better examples.

James Hall and Perfect Security

Who is James Hall, and what does he have to tell us about security? Here’s one answer (via Glyn).

The chief executive of the [UK] Identity and Passport Service has said the ID cards database will not be completely secure.

James Hall said on Thursday that, after a string of high-profile data breaches in the past year, people should be concerned about the security of their personal information held by the government.

Seeing that, I felt the need to Google “James Hall security.” Several of the top places went to a James Hall I assume to be different.

Beware the end of time has come,
and fear is everywhere,
the mortal world has become cold as ice .
But I have this reassurance…

Those are lyrics from a gospel song called Perfect Security. Google does reveal some strange namefellows…

Security and Privacy in Words and Pictures

Clay Bennett illustrates the relationship between security and privacy.

Bruce Schneier contends that we are being presented with a false dichotomy, and that it: isn’t security versus privacy. It’s liberty versus control.