The Spy Who Shagged Me
When I was a kid I had only two friends. They were imaginary and as I remember it, they would only play with each other. I would spy on them when they weren’t looking and listen to them talk about me.
For some reason, I was reminded of this when I read this month that the Son-of-A-Bush administration just approved a plan to give domestic access to data obtained from their spy satellites. We’re talking about the output from the ones that see through cloud cover and penetrate buildings and underground bunkers - not the Google “show me my neighbour’s wife sunbathing” crap.
The “programme” approved by the Office of the Director of National Intelligence and the Department of Homeland Security (that should tell you something right there) will now give access to state and local law enforcement officials for “operational use”. What?! This just goes to prove the old adage: “Two wrongs are only the beginning”. No scratch that. I think it was “Two wrongs don’t make a right, but three lefts will do it”. Er - I’ll get back to you on that one.
Anheuser-Bush administration officials say the program will give local enforcement agencies a new tool to deal with “a wide range of threats, from illegal immigration and terrorism to hurricanes and forest fires”. (Note to self: “illegal immigration” is now a “threat” akin to terrorism).
What really puts a bee in my bonnet though is that this move crosses a well-established line against the use of military assets in domestic law enforcement. Not to mention, you just don’t use your binoculars to look at your kids. What is it exactly that local police need to see in Chippewa Falls, Wisconsin that they need the ability to penetrate buildings? “Hey look Norm, they just took a fresh batch out of the oven over at the Krispy Kreme on State Street! Let’s roll!”
I can understand using spy-satellite imagery for scientific purposes such as creating topographic maps, monitoring volcanic activity or tracking Lindsay Lohan, but this looks very suspicious. Either this is a brilliant marketing move to counter Google or just another brick in the wall in building a police state.
Top 10 Signs You May be Drinking Too Much Coffee
10. The last time you had a good night sleep, Madonna was a virgin.
9. You grind your coffee beans in your mouth.
8. The only time you're standing still is during an earthquake.
7. You can take a picture of yourself from ten feet away without using the timer.
6. You lick your coffeepot clean.
5. Your eyes stay open when you sneeze.
4. You can jump-start your car without cables.
3. Starbucks underwrites the mortgage on your house.
2. You're so wired, you pick up FM radio.
1. Instant coffee takes too long.
Sometimes, Late at Night When I’m Alone, I Google Myself
Did you notice last week Google executed the next phase in their plan for world domination by launching its Google Maps “Street View” option for Southern California. You should have.
The additions of San Francisco, Los Angeles, San Diego and some Orange County cities expands an online service that has thrilled digital-map buffs and amateur voyeurs but freaked out privacy advocates when it launched in May for New York, Las Vegas, Denver and Miami. Hey, everybody repeat after me: “We’re all individuals!”.
Literally within hours of the first release, bloggers found and posted photographs of southern Californication, public urination, sunbathers in bikinis, motorists being ticketed by police, people walking into adult bookstores, people sitting on park benches picking their noses and even people walking into adult bookstores while picking their noses (I’m not proud of that).
Google says the option is “useful”. They say real estate shoppers can now “inspect potential homes and neighbourhoods” (translation: yuppies can look for minorities on the streets where they want to buy condos) or that “Friends can pinpoint a meeting place” (translation: stalkers can look for victims without having to leave their bedrooms).
I can understand using this type of imagery for oh - I don’t know maybe scientific purposes such as creating topographic maps, monitoring volcanic activity or tracking Britney Spears, but this looks very suspicious. Either this is a brilliant marketing move to counter that Son-of-a-Bush giving local law enforcement access to spy satellite imagery or just another brick in the wall in building a voyeuristic state.
Heard Around the Office
“The other day golfing, I finally broke 80. That’s a lot of clubs.”
David Burton, Orthus Project Manager
The Missing Link
My mother must have told me a thousand times: “Never repeat yourself”. And for those of you who read this publication (thanks Mom) you know that we have been whingeing about little or no proof of the link between cyber crime and terrorism (with the possible exception of Amy Winehouse’s hair). Well, “careful what you wish for” because last month the link was proven.
No I’m not talking about Winehouse (although I feel we’re close to something there soon...). Last month the Washington Post ran a story about three terrorist suspects on trial here in the UK detailing how they financed their terrorist cell off the proceeds from on-line identity thefts. This is a bigus dealus.
The story unravelled from the prosecution of 3 men: Tariq al-Daour, Waseem Mughal, and Younes Tsouli convicted here last month for inciting terror acts. Prosecutors said the three amigos used viruses and stolen credit card accounts to set up a network of chat and Web sites hosting everything from tutorials on computer hacking and bomb-making to videos of beheadings and suicide bombing attacks in Iraq.
On a computer seized from the group investigators found over 37,000 stolen credit card numbers along with detailed personal information associated with each cardholder such as address, phone number, date of birth, credit balances and limits. All told, prosecutors said they made more than $3.5 million from the scam and used the monies to buy supplies such as: GPS devices, night-vision goggles, sleeping bags, survival knives, tents and the new Amy Winehouse brand hair gel for their fellow jihadists. Not to mention hundreds of prepaid cell phones, and more than 250 airline tickets using 110 different credit cards at 46 airlines and travel agencies. That’s some retail therapy baby.
The disgruntled Boy Band apparently laundered their take through online gambling sites like AbsolutePoker.com, BetFair.com, BetonBet.com, Canbet.com, Eurobet.com, NoblePoker.com and ParadisePoker.com, among others (God only knows I’ve laundered my take there...).
In a footnote to this story the magistrate overseeing the trial, Justice Peter Openshaw, apparently stunned prosecutors during their opening statements by declaring: “The trouble is I don't really understand what a Web site is.” Well paint me purple and call me Barney, you gotta like the honesty of the Crown these days. So there it is friends - the missing link. Now repeat after me: “Those that forget the pasta are doomed to reheat it”.
Schizophrenia Beats Being Alone
I was sitting getting my hair cut the other day. (I’ve got to go every week - my stylist says that I’m hairier than Chewbacca dipped in Rogaine). Anyway on the radio I heard that Monster.com was hit by an attack that compromised over 1.6 million accounts. My first thought was: Gargling really is a good way to see if your throat leaks. My second thought was: This too - I saw coming.
Seems users received emails claiming to be from Monster encouraging them to download a free recruitment software tool. These ne’er do wells then encrypted their information and demanded a ransom for it to be unlocked. Jiminy Crickets! I fear that this trojany what-cha-ma-call-it thingy will really catch on with these unsavoury types.
Ironically, in a recent statement dripping with so much irony that even ironists like me found it ironical, Monster itself warned that “recruitment websites were prime targets for identity theft and should be on guard”. Yeah. Just a few short weeks ago Monster and their “security consultancy” Cyveillance (no I didn’t make that name up - but I did have a neighbour once named Cy Valanceski) warned everyone to be “vigilant” about giving out their data. Heaven yes! Monster then followed up with the following PR statement: “The statement following is true. The statement prior is false.” (No. Not really).
Not to miss the dinghy, the UK’s Information Commissioner’s Office (ICO) warned that the recruitment industry was a rich target for ID thieves. It said that half of UK recruiters were not registered with it as data controllers, and ought to be by law. Am I ambivalent about that? Well yes and no.
Up Coming Gigs
Who: Morgan Cole Partner: Bruce (Hairy) Potter & Orthus MD Richard (Voldemort) Hollis
What: Compliance Management - Year 2 & Beyond. Breakfast Presentation & Client Case Study
When: October 10, 2007, 8:00 AM to 10:00 AM
Where: Renaissance Chancery Court Hotel, London
Who: MD Get Safe On-Line, Orthus NED (and Former Back Street Boy) Tony (does my butt look big in this?) Neate
What: From Russia With Love: Organised Hacking Groups, Targets, Methodologies & Trends
When: November 28, 2007 14:00 to 15:00
Where: Park Hotel, Amsterdam, The Netherlands
Who: Orthus CEO and President of the London Chapter of Men Who Love Women Who Hate Men Support Group Richard (You Never Call Me) Hollis
What: CISO Summit 2007: Death by PowerPoint: An Excruciatingly Slow, Monotonous, Boring, Over-Stated, Tediously Repetitive and Pointlessly Hyperbolic PowerPoint Slide Presentation on the Current State of Commercial Electronic Eavesdropping
When: November 30, 2007 17:00 to 18:00
Where: Park Hotel, Amsterdam, The Netherlands
Mr Quizly
As always, the winner of our monthly quiz will receive a .001% cotton Orthus Sales Monkey - Witness Relocation Programme T-Shirt (terms and conditions apply):
Question:Which of the following is not a Marx Brothers film?
A. Animal Crackers
B. Duck Soup
C. A Day at the Races
D. An Afternoon at InfoSec
E. A Night at the Opera
F. Pee Wee’s Big Adventure
Answers to quiz@electric-onion.com
Quiz Rules:
1. In a tribute to the Masters, there are no rules for this quiz.
Answer to last Onion quiz: Which one of the following women did not appear in a movie with Elvis? Correct answers: C Haley Mills and F. Dame Judi Dench. Winner of last month’s quiz: CV
The Finest Print We Can Afford
Any way you cut it, the eOnion is still copyrighted to Orthus Ltd. so may not be used to mock, ridicule, tease, scorn, scoff, deride, disrespect or disparage other ICT security service or product vendors unless of course when it’s in our best commercial interest to do so or when it’s done in good clean fun. Either way, it’s our call so suck it up.
The eOnion may cause arrogance or involuntary spasms of smug self righteousness which may lead to public smirking or prolonged bouts of condescending behaviour (sort of like being a Royal). Symptoms include unexplained disdain for information security product vendor marketing managers and an itchy flaking on the scalp. If drowsiness or nausea occurs, try reading SC Magazine. If symptoms persist, you try writing something funny for a cheesy monthly newsletter because it’s the only job you can get after 20 years of formal education. Not laughing now are you funny boy?
To unsubscribe go to the nearest window, stick your head out and yell “I’m not going to take it anymore”. Alternatively, send an e-mail to security-unsubscribe@electric-onion.com. All Information provided shall be processed in accordance with the Data Protection Act 1998 (and we don’t say that just because we have to - but yes, we have to).
Feeling Insecure?
The Electric Onion is an Orthus publication. If you're feeling a little lonely, vulnerable, exposed or insecure, tell us about it.
Contact us at: +44 (0) 20 3170 8955 for information security consulting services, therapy, advice or assistance.
Thoughts, feedback, comments, questions, veiled or unveiled threats? Send an e-mail to getalife@electric-onion.com
“Where we enjoy using the comedy technique of self-deprecation
- but we’re not very good at it.”
©2007 Orthus Ltd. All Rights Reserved
