Saturday, April 21, 2012

Chances of Dying (InfoGraphic)

This is an interesting infographic that is floating around that depicts the statistical likelihood of dying from any given event.

It's a commonly known fact that societies tend to focus irrationally on certain threats over realistic ones, and this infographic just might help dispel some irrational fears that you hold.

For example, I was surprised to see that skydiving is less risky behavior than driving a car in traffic, which I do quite regularly.  Looks like it may even be roughly as dangerous as flying commercially (well, except you probably won't have to deal with the TSA when you get on that prop plane at a small rural airport prepping for your skydive).

Note how dangerous any mountaineering is in Nepal.  Ouch.  Not great odds.

Tuesday, April 17, 2012

White Lies Affect Your Behavior

This is an interesting article about recent studies in the psychology of honesty and lies.  Turns out that it's possible for a clever person to determine lies based on predictive human behavior under certain social obligations.  In other words, the presence of the lie is leaked information, divulged by other events-- a great read for those curious of information flow theory as it implies to security.

Monday, April 16, 2012

Free OWASP .NET Development E-Book

For your developer friends (or you), Troy Hunt made his book about the OWASP Top 10 web security flaws as implemented in .NET available as a free e-book PDF.  Plenty of good information in there to share with developers who need more clarification or a refresher in what it takes to build defensible web applications.

Friday, April 13, 2012

How To Send Digital Messages using HAM Radio

This is a bit of a stretch from the normal topics, but in a severe disaster scenario (think Hurricane Katrina or third world country), it may be desired to send real time digital text communication when there is no communication infrastructure in place any longer (i.e. telephone lines are down and the Internet "tubes" were all clogged up).

Here is a clever, low budget way to accomplish digital text communication over significant distances with very inexpensive components, namely a HAM radio, a netbook, an open source software application called FLDIGI, and a low tech way of connecting them together.

A clever improvement to this might be to encrypt the text data before its transmitted, which should be possible using a variety of tools, possibly even GnuPG (if the transmission medium is reliable enough to send the complete block of encrypted text without drops).

Wednesday, April 11, 2012

Measuring Wallets' Contents with Metal Detectors

Turns out it may be more than RFID protection you may need for your wallet. New Scientist reports how some academics at University of Washington - Seattle can exploit some of the metallic features of dollar bills to count the money in your wallet. An excerpt:
They found an ordinary handheld metal detector was able to pick up a dollar bill from 3 centimetres away, and placing the notes behind plastic, cardboard and cloth did little to block the signal. Adding further bills in $5 increments increased the strength of the signal, making it is possible to count the number of bills, though converting this into an actual dollar value would be difficult as notes of different denominations contain the same amount of magnetic ink.
Using larger metal detectors such as those found in airports should also increase the range of sensing, though detecting banknotes in such situations would be trickier as many other sources could interfere with the signal.

Saturday, April 7, 2012

Visa's New Data Center

We just covered the NSA's new data center, so it seems appropriate to mention Visa's new data center, complete with a moat!

Notice how castle features are still king for physically securing our data in the information age.

An excerpt:
The 8-acre facility looks like any other industrial park in a sleepy suburb. But the serene setting masks hundreds of cameras and a crack team of former military personnel. Hydraulic bollards beneath the road leading to the OCE can be quickly raised to stop an intruding car going 50 mph. Any speed faster, and the car can't navigate a hairpin turn, sending it into a drainage pond that functions as a modern-day moat.

The data center resembles a fortress, with dogged attention to detail. It can withstand earthquakes and hurricane-force winds of up to 170 mph. A 1.5-million-gallon storage tank cools the system. Diesel generators onsite have enough power, in the event of an outage, to keep the center running for nine days. They generate enough electricity for 25,000 households.

Once you get clearance from a guard station, get an OK from a roving security guy in a golf cart, and surrender a photo and fingerprint inside, the adventure begins.
Here is the exact location of the data center.  So much for trying to hide from Google Maps!

View Larger Map