Security – Page 35 – A Geek With Guns

Another Demonstration of Why You Can’t Rely on the Police

Jay over at MArooned posted yet another example of why you can’t rely on the police to protect your life. A woman had to resort to defending herself with a vacuum while she waited 35 minutes for the police to arrive:

A Williamson County woman fought off an intruder with a vacuum cleaner. She was desperate for help, waiting for almost 35 minutes for law enforcement to arrive.

The single mom described that 35 minutes like the scene of a horror movie as she watched a man walk from windows to doors doing anything to break in to her home.

Yes it took 35 minutes for the police to finally arrive at her home. This is why you should always have a plan for defending yourself. Obviously I recommend using the best tool for the job which is a firearm but that’s not the only means of defense at your disposal.

Your life is far more valuable than the life of some scumbag who is willing to bring harm against your person. People out there clamoring for laws restricting firearms are only trying to make it more difficult for you to obtain the best tool to defend the most important thing you have, your life. When these same people claim you should just call the police remember that the police are not legally obligated to protect you and can’t instantly teleport to your location. There will always be travel time required for the police to get to your location and an officer must be available to send to your aid. You need to have a plan to fend for yourself until the police arrive (if they arrive).

Bruce Schneier on Airport Security

I came across a good half-hour talk by Bruce Schneier on airport security. It’s a good watch for anybody interested in the failure of the Transportation Security Administration’s (TSA) method of “securing” airplanes.

Security Done Right

One thing I do like about the major credit card companies is the fact their security setup works by individual transactions instead of users. When you purchase an item on a credit card (or debit card issued by one of the companies) the company checks the transaction to see if it seems valid.

The other day I received a call from my credit card company informing me that they saw some apparent fraudulent activity. Needless to say it was fraud and the card has been canceled and a new one is in the mail. Credit card companies are doing it right in this regard by making it so each transaction is looked at as well as assuming trust with the customer when they call and claim something on their bill was not purchased by them.

Why I Ban URL Shortened Service Links

It’s no secret to anybody who knows me but I absolutely hate URL shortening services. My problem with them stems from the fact when you click on a shortened URL you haven’t a clue where it will actually take you. This gives you a great vector for an attack by linking somebody to a bit.ly link which sends an unsuspecting user to a malicious website that uses a browser exploit to infect their machine.

What I never thought about was using a URL shortening service to perform distributed denial of service (DDoS) attacks. Hit the link to details (which are actually pretty trivial).

Wisconsin School Hostage Situation

If you haven’t heard there was a hostage situation in a Wisconsin school. Some punk kid came in packing two firearms and held his class hostage. Thankfully nobody was killed and the kid turned one of his firearms onto himself when the police arrive.

I’m glad to report the situation ended with nobody of consequence being injured or killed (a punk who takes a classroom hostage is not a person of consequence in my book). What’s interesting is how the situation is being reported. This was a hostage situation yes some news sites are still calling it a school shooting.

I think this story exemplifies the fact that crazy is crazy and makes a case yet again for allowing teachers to be armed in the classroom. This situation ended as well as could be hoped but most of the time we don’t hear such good news. Crazy people are dangerous and this story once again demonstrates the fact that people in our schools are helpless when one of these crazies come into the “gun free-zone” with firearms and an intent to cause harm. This crazy ended up holding 23 helpless people hostage with no real threat of retaliation should he decide to start killing those hostages (yes the police will eventually retaliate but if the crazy is planning on killing himself anyways it matters not). The best way to end a hostage situation is to prevent it from happening in the first place and the best way to do that is having a populace that can defend itself against the crazies.

Terrorism Cost Benefits Ratio

Bruce Schneier has a nice post up on his site talking about the cost benefits ratio of terror attacks. Ultimately terror attacks can be done on the cheap while costing us billions in wasted security measures aimed and preventing that same attack next time. Think the TSA for a second, every time some yahoo gets through with a few bucks with of poor explosives in their britches the TSA spend millions on new technologies that allow them to see through your clothing.

The terrorists have won ladies and gentlemen (well they won the second the PATRIOT Act was passed now that I think about it). If you can bleed your opponent dry of resources you really can hold out longer than they can and thus will win the war.

Online Privacy

Facebook revealed a new messaging service yesterday and today when rolling into work I heard some guy on the radio talking about the privacy implications (sadly although I have an FM transmitter attached to my iPod there is a split second between the time I turn my iPod off and when I turn my truck off that exposes me to regular radio).

I thought I’d take a second to remind everybody about the golden rule of Internet privacy. If you don’t want everybody in the world to know something don’t post it online. The Internet was never developed with privacy in mind and although websites often try to make data private eventually that data becomes public through human error or system compromise.

The other thing to remember is the simple fact that putting information on a system you don’t completely control may lead to undesirable consequences. You do not control Facebook as you don’t own their servers. This means all information you post on that site is outside of your realm of control making it impossible to know how secure the data is.

Either way if you follow the golden rule of Internet privacy you should never have a problem.

Another Reason to Root Your Android Phone

If being able to use your Android phone for a Wi-Fi hotspot (without paying an additional fee to your service provider), being able to backup your data, and being able to run a stripped down version of Wireshark weren’t enough I have yet another reason, security.

Take for example this security exploit. It’s fixed on Android 2.2 but not 1.6. What’s the big deal? Many carriers and handset manufacturers haven’t pushed out the 2.2 update to older phones meaning many phones are now vulnerable with no hope of a fix in site. Unlike a personal computer a phone generally can’t be updated willy nilly. For example I can’t go to the store and purchase a new copy of Android to install on my phone, I have to wait for the manufacturers and carriers to push updates out to me.

How does rooting help? Rooting (at least unlocking the NAND) allows you to install custom ROMs. ROMs are basically the installation of the operating system. Many phones that have seen obsolescence from their manufacturers and carriers have updated custom ROMs available for them. These custom ROMs are maintained by the Android community and can offer updates that otherwise wouldn’t be available. If you have a rooted phone with an old version of Android you may want to see if there are any updated custom ROMs available out there. Sadly this is the only way you’ll probably see a fix for any current and future vulnerabilities.

When a Fix Isn’t a Fix

A bit back I mentioned Firesheep, a Firefox plugin that allowed you to easily steel session cookies on open wireless networks. Frankly this plugin has exploded in popularity (which is the only reason I heard about it) and now people are trying to fix the problem. The problem is simple, websites use unencrypted channels to send authentication information to clients. The only real fix for Firesheep is websites switching from HTTP to HTTPS. Once web site traffic is encrypted Firesheep no longer works, plain and simple.

Instead of legitimate fixes through people are working on hacks to get around Firesheep. Take for example BlackSheep, a Firefox plugin that informs you if somebody on the network is using Firesheep. The problem here is nothing actually getting fixed. The vulnerability still exists and frankly that’s the whole problem. If you want a better fix to avoid getting your session cookie high jacked by Firesheep you can look into using HTTPS Everywhere. HTTP Everywhere isn’t a perfect solution by any means as it only works with specific websites but it’s far better than using something like BlackSheep that will just inform you if somebody is using Firesheep on your network.

The bottom line is what Firesheep does has always been possible. Firesheep simply made a technical task easy enough for anybody to do it, nothing more. Teaching awareness of the problem was the goal and it’s done exactly that will many websites finally talking about rolling out HTTPS secured sites in lieu of their current unencrypted sites.

Firesheep

Do you log into services such as Facebook from public Wi-Fi hot spots? Are you logging into these services without forcing them to use HTTPS? Well I’ve got bad news for you, there is a Firefox plugin called Firesheep.

What is Firesheep? Well it’s a Firefox plugin that listens to Wi-Fi traffic and looks for authentication cookies for known services. When you log into Facebook an object called a cookie is sent from Facebook’s server to your computer. The Facebook server knows this cookie was sent to you and hence it is used by your computer to authenticate yourself to Facebook when you’re interacting with the website. Here’s the problem, that cookie isn’t sent through a secure tunnel (HTTPS) unless you using something like HTTPS Everywhere or NoScript to force it.

Without the cookie being sent through a secure tunnel anybody listening to your network traffic can grab that cookie. With that cookie they can log onto your account as Facebook only asks for the cookie as proof that you are you. Open Wi-Fi hot spots (such as those at Starbucks) use no encryption meaning everything you sent and receive that isn’t in a secure tunnel can be seen by anybody with a Wi-Fi card.

Scenario time! Let’s say you go to Starbucks and log onto your Facebook account on their free and open Wi-Fi hot spot. The guy sitting across from you has his laptop open and is running Firesheep. When you log in he obtains your cookie and then logs onto your Facebook account, changes your e-mail and password, and starts doing all sorts of malicious shit to your friends. This is what happens ladies and gentlemen when you use unsecured Wi-Fi access points. Don’t do it! If you’re going to be in a situation where you know you’ll be required to use an unsecured Wi-Fi hot spot (such as a hotel) use a VPN service (quite a while ago I reviewed HotSpotVPN which is one of those services).

Firesheep was created to raise awareness of this problem. If you head over to this link you can download a slide show used by the creator of Firesheep for a presentation at Toorcon.