Archive for Education
Author: Dave Lewis
May 13, 2008 at 6:40 am · Filed under Education, Hacker, News
Apparently reporters at NBC San Diego have discovered that kid can get hacker tools from the internet. This is another case of kids hacking in to change grades. Sure, this is bad behaviour but, you do have to admire their creativity. I wish I thought of that when I was a kid. Mind you, my parchment and quill didn’t have an internet connection.
From NBC San Diego:
The hacking incident resulted in the changing of grades and acquiring teachers’ tests, according to the release.
The computer breach was discovered when a staff member in a computer at school found a flash drive. An initial investigation revealed that the hacking occurred as a desktop security breach.
Students apparently hacked into the computer using stolen passwords and downloaded hacking tools found on the Internet.
The students will appear before district administrative hearing panels
Article Link
Author: Dave Lewis
April 23, 2008 at 7:02 am · Filed under Education
Yet another certification has hit the news. McAfee has announced that they will be offering an ethical hacker certification.
From Network World:
A division of McAfee is teaching IT professionals how to think like hackers and attack their own networks in a new course that lets network managers earn a popular certification for ethical hacking.
McAfee’s Foundstone Professional Services is responding to a market need by offering the Certified Ethical Hacking course, says Bill Hau, the head of Foundstone, noting that clients have been asking McAfee to provide this certification.
The course is intensive, lasting five days from 8:30 a.m. to 7:00 p.m., with an exam on the sixth day. IT pros learn the basics on how to hack into a system in a hands-on lab environment.
“If you want to know how to protect networks, you have to be able to think like a hacker, think outside the box. What do hackers think about when they try to break into a system,” Hau says.
No word yet on whether or not the EC-Council will declare a thumb war.
Read on.
Article Link
Author: Dave Lewis
April 22, 2008 at 7:58 am · Filed under Access Control, Education, Privacy
In the world of bad ideas we have seen a remarkable array. There was hair in a can, the car-b-q and the pocket fisherman to name a few. Sure they have camp value but, you wouldn’t rely on any of them as a matter of practice. So, why then do people hand over their passwords for chocolate? Or, as in this case, for convenience of an online service.
Maybe that’s just it.
People have so many passwords that they are falling out of their ears in a lot of cases. Passwords are frequently viewed by the average user as little more than an irritant. They’re not given the importance that people might assign to the banking PIN number. This type of thinking inevitably leads to sticky notes on computers and inane passwords such as “password”, “letmein” and “secret”.
Today (Monday) I read about a service called Clipperz on the Web Worker Daily. This is an online service that will store your passwords for you. Maybe my professional paranoia of the last decade+ as a security operator has rotted my brain but, how is this realistically a good idea?
No ill will intended to the folks at Clipperz. I’m sure they have all the right intentions and have taken proper steps to ensure security.
From Web Worker:
Obviously, security and privacy are a consideration when using such a service. I liked that no personally identifying information is required for registration, not even an email address. On the security side, Clipperz says that all data is encrypted or decrypted locally at the browser level and that even your secure passphrase is never saved or sent to the server. They make the source code available for security review and I found no indication from anyone who questioned their methods.
That isn’t the part that gets me. It’s the message that this conveys to the user. Sure, you don’t know me but, trust me.
I’ll store your password for you.
Want some chocolate?
Article Link
Author: Dave Lewis
April 7, 2008 at 8:13 pm · Filed under Education
Very nice. It would appear that common sense is starting to catch on! The Commonwealth of Virginia (one of my my former stomping grounds) has come out as the first US state to mandate internet safety lessons in schools. While I find this to be a bang up idea I just hope that it doesn’t fizzle out.
From WDBJ7:
Virginia’s requirement initially stemmed from concerns about sex offenders preying on children online and a general increase in Internet-based crime. It took effect this school year.
In a recent presentation at a suburban Richmond high school, Virginia assistant attorney general Gene Fishel flashed an online social-networking profile a 15-year-old who says she enjoys being around boys and wants to meet new people. The real profile user turned out to be a 31-year-old man convicted of sexually abusing 11 children he met online and sentenced to a 45-year prison term.
Throw away the key.
I am very pleased to see that child education is going to include this type of curriculum. I hope that more education systems follow suit *cough* Canada *cough*
Article Link
Author: Dave Lewis
March 26, 2008 at 7:28 am · Filed under Education
More good news on the interweb safety education front. This time from Google. They have posted an online safety guide for families.
From Tech.co.uk:
In an attempt to teach parents how to keep their children safe online and help them make the best decisions when confronted with privacy and safety issues, Google on Tuesday launched a new resource called Family Safety Guide to take a more proactive role in child safety.
According to Google, it has realised that children are not nearly as safe online as they should be and has introduced the Family Safety Guide to educate parents on the safety tools Google already offers and give some basic ideas on how to make web browsing a bit safer.
“When it comes to child safety,” Google wrote in the Family Safety Guide, “we aim to empower parents with tools to help them choose what content their children see online; educate children on how to stay safe online and protect children through partnerships with law enforcement and industry.”
Nicely done.
Article Link
Author: Dave Lewis
March 20, 2008 at 7:52 am · Filed under Education, Humour, Information Security
Bruce Schneier has a great commentary on Wired this morning that tackles the security practitioners mindset.
Here’s a snippet from Wired:
Uncle Milton Industries has been selling ant farms to children since 1956. Some years ago, I remember opening one up with a friend. There were no actual ants included in the box. Instead, there was a card that you filled in with your address, and the company would mail you some ants. My friend expressed surprise that you could get ants sent to you in the mail.
I replied: “What’s really interesting is that these people will send a tube of live ants to anyone you tell them to.”
Security requires a particular mindset. Security professionals — at least the good ones — see the world differently. They can’t walk into a store without noticing how they might shoplift. They can’t use a computer without wondering about the security vulnerabilities. They can’t vote without trying to figure out how to vote twice. They just can’t help it.
A thoroughly entertaining read.
Article Link
Author: Dave Lewis
March 14, 2008 at 7:36 am · Filed under Education
From The Financial Post:
You may think that your online information is safe but in reality, it’s only as safe as the password you use.
That handful of characters is all that stands between an online criminal and the contents of your eBay, Amazon or online banking account. How can you make sure that it doesn’t get compromised?
Short passwords are possibly the worst kind to use, because they are relatively easy to crack in what security experts call a brute force attack.
Even the most basic modern desktop computers have enough processing power to guess passwords simply by trying different combinations of letters repeatedly. The fewer letters there are in a word, the more likely it is to be cracked.
Using real words (rather than random collections of letters and numbers that don’t mean anything) is also dangerous. Software exists that uses ‘dictionary attacks’ against passwords, running through hundreds of thousands of words in the English language on the assumption that people want to use a word they will remember.
Somehow, ‘8uiklg5ybs’ just doesn’t stick in a person’s memory, whereas the name of their pet does.
Article Link
Tags: Passwords, Password Security, User Education
Author: Dave Lewis
March 5, 2008 at 10:29 am · Filed under Education
Finally some good news from the education world. Not that there hasn’t been but, too often I have read stories about teachers balking at teaching computer security to children. Mainly, because they didn’t understand it themselves. Fair enough. Now the Australian government is coming out with a federal program to help teach kids how to be safe online.
From Australian IT:
Under the program, e-security education modules aimed at students in years 3 and 9 that will address key aspects of safe online behaviour, as well as the use of appropriate computer defence systems.
Students will also be taught to recognise the legal and other consequences of sharing software, music, movies and other copyright information.
“Children are recognised to be the heaviest users of the internet, and most comfortable using new technologies,” a Digital Economy department spokesman said.
“Given this, e-security education within schools would provide children with the knowledge they need to protect themselves. It is envisaged that students will use the skills they learn at school to improve the e-security measures taken at home.”
Education such as this is a great idea in my book. I’m still a little leery of the “legal” consequences education aspect. Will it be RIAA induced or actual proper lessons? At any rate it’s better than a kick in the head.
Article Link
Tags: Child Safety Online, Kids Safety, Computer Safety
Author: Myrcurial
January 23, 2008 at 10:41 am · Filed under Conventions, Education, SCADA Security
I’m not going to attempt a liveblog - I’m actually mostly focused on the event.
Currently watching the Wurldtech discussion on Safety and Security and how to use knowledge that you’ve developed about safety to drive how security is done.
Should I see something interesting - I’ll be sure to post about it. In the mean time, at least people are paying attention to what matters - a few physical people (based on what I can see on the feed) and lots of us virtually (webex sucks, but it’s better than having someone from TSA fooling about with my shoes and touching all my stuff with the ridiculous wand-of-sniffery.
Tags: S4, SCADA, Conferences
Author: Dave Lewis
January 21, 2008 at 8:03 am · Filed under Apple, Education
With just over two days left I wanted to make sure that I put this out to our Mac visitors as I’m a supporter of charitable causes. The MacHeist is on again this year and there are some very nice apps included this time. For those of you who might not be aware as to what MacHeist might be it’s a bundle of software for Macs that is offered as a bundle at a steep discount. The (very positive) catch is that 25% of the proceeds goes to charity. You can choose to have your purchase count to one charity or to be evenly distributed to all as I did. Here is the list of the charities that are benefiting from this endeavour.
Action Against Hunger
AIDS Research Alliance
Alliance for Climate Protection
Direct Relief International
Humane Society International
The Nature Conservancy
Save the Children
Save Darfur
Prevent Cancer Foundation
World Wildlife Fund
About MacHeist:
The MacHeist bundle was introduced last December, 2006, to huge success within the Macintosh community. The software bundle offered 10 of the Mac indie development community’s best offerings, and was available at the end of the MacHeist promotion for one week.
The bundle was called the greatest Mac software deal in history, and has never been available since then. Customers snapped up over 16,000 copies, and donated 25% of their purchase to various charities.
After over $190,000 was raised by customers by the end of the sale, MacHeist topped it off and $200,000 was raised in total.
This year MacHeist has raised $275,628 so far. Get in on the heist.
Article Link
Tags: MacHeist, Apple Software, Mac Software, MacHeist Charity
Next entries »