You are currently browsing the category archive for the 'Question of the Day' category.
It looks and functions like a Blackberry 8830 but it sure is NOT a regular Blackberry. It is locked down by NSA. I am not really sure if it is a good idea at all. NSA is installing the SecurVoice software on it for both voice and messaging as one of the ways to secure the phone. I am sure that there is a whole infrastructure that is required to run his handset services. Even considering all that, I Still believe that a mobile-phone-carrying president opens so many doors for hackers.
Can NSA and Obama get away with using a (persumably) secure mobile phone service and handset? That is the question of the day!
Read more here:
http://blog.wired.com/gadgets/2009/04/obama-to-get-ba.html
An interesting article about pedophilia and ’sexting’ in the mobile age. Sexting means sending nude or semi-nude pictures of oneself on mobile phones to others. Two cases are discussed in the article.
In my opinion, lawmakers should consider the changes in technology and evolve the laws to deal with the new issues emerging from the proliferation of cell phones in our societies and changes to the ways mobile phones are used.
Intersting article involving a child porn case:
Apparently, it is easier than you think. A penetration tester said “It turned out to be one of the easiest penetration tests I’d ever done!”
To read more about it go to:
A simple idea that resulted in big fireworks! Just take the IP address information from wiki posts and cross it with DNS information from IP range owners and walla!
Still don’t know what this means? It means you can now find out if someone is editing their own wiki information (like deleting the bad stuff!… For shame!).
Good on you Virgil Griffith. I hope that you don’t edit your own wiki entry either 
Here are the links:
- An MP3 interview with Virgil: http://www.abc.net.au/melbourne/stories/s2017196.htm?backyard
- http://virgil.gr/ his website
- WikiScanner http://wikiscanner.virgil.gr/
This tool answers the question: who really edits wikis? Now you know!
Here is something to get your appetite going. WIRED Magazine’s list of salacious edits:
After the Super SIM and Turbo SIM methods, we have a hardware unlock method. Follow the links below for more details:
- http://www.reghardware.co.uk/2007/08/24/iphone_unlocked/ Contains the video
- http://iphonejtag.blogspot.com/ The instructions site
- http://www.tech.co.uk/gadgets/phones/mobile-phones/news/new-instructions-for-iphone-hardware-unlock?articleid=1348296214
- http://blogs.pcworld.com/staffblog/archives/005210.html
I would not try this at home… Super Sim simply works and it is CHEAP! Why bother with anything else, it is simply not worth the time or effort. Not to mention the risk of damaging the phone!
Whould you attempt this on your phone?
Take the poll on marwan.com:
http://www.marwan.com/2007/08/will-iphone-be-unlocked-within-45-days.php
I Predicted 45 days for the iPhone to work with other than AT&T! Have your say at marwan.com 
What’s this:
- A USB Memory stick.
- A solar powered device.
- An MP3 Player.
- A VoIP device.
- All of the above
- 1,2, and 4 only.
For the answer, go to:
http://www.engadget.com/2006/11/29/a-datas-solar-disk-and-voip-disk/
Need we say more? My only comment is that I have seen many ATMs with telephone cables in plain sight just begging for a bugging device!
The question of the day is: When will banks understand the importance of ATM device security? (please don’t answer 
).
Many thanks to Times Online for the story.
Please read it in full by visiting:
http://www.timesonline.co.uk/article/0,,29389-2453590,00.html
Man meets Prince Charles and passes royal security with no problems at all. Makes you question security at events. The question of the day is: While all the security measures are taken into considration at airports and other transportation means and bucket loads of money thrown at them, are events security and royal security overlooked?
Watch the Video Here:
http://ninemsn.video.msn.com/v/en-au/v.htm?g=4c2daec9-dc61-4c65-9307-93c37c24220d&f=39&fg=copy
Links:
mirror.co.uk
itv.com
If you thought that “Snakes on a Plane” was scary, then read this:
Australia’s national carrier Qantas has announced that from 2007, passengers will be able to use their mobile phones to make voice calls send text messages and even email on some of its domestic flights. Users will need to have roaming enabled though and pricing was not announced yet. The trial is expected to last for three months.
The question is, what are the security issues that are involved here. What about safety issues, like mobile phone signal interference with flight instruments.
Link:
http://networks.silicon.com/mobile/0,39024665,39161877,00.htm
Codeen is a proxy server system created at Princeton University. I felt that I needed to tell you about it in relation to my paper on Tracing E-mail Headers. CoDeeN operates in the following manner:
- Users connect to a proxy server nearest to them (or any proxy server in the codeen network).
- Requests are then forwarded to a network node that has cached the file and that has sent recent updates showing that it is still alive (in the form of heartbeats). The file is then forwarded to the proxy and from there to the client.
Interesting for caching purposes but has the potential of becoming a nightmare for network forensics including web and email tracing. Abuse was addressed by CoDeeN in the following statement:
All accesses via CoDeeN are logged, mostly to aid in identifying abuse and other forms of damage control. We sometimes monitor these logs, report abuse, and release entries to aid in investigations. In case of suspicious traffic, we may access URLs from the logs to determine what kind of content is passing through our network. We are also using these logs in our own research, so they may be examined as needed for non-abuse reasons. For normal users, we do not expect that we will intentionally release any personally-identifying information. To prevent abuse, some sites have requested we pass along the client IP addresses, and these are included with every request forwarded to those sites.
So, if you see a CoDeeN server IP in your logs, you know who to contact!
Links:
http://codeen.cs.princeton.edu/
http://en.wikipedia.org/wiki/Codeen
My Paper on Tracing E-mail Headers:
http://scissec.scis.ecu.edu.au/publications/forensics04/Al-Zarouni.pdf
I first heard about this on Off The Hook:
http://www.2600.com/oth-broadband.xml
I looked it up on the Internet and I found the following readings for your enjoyment:
http://delineneo.com/2006/08/14/big-brother-is-watching-your-garbage-bins/
http://www.northerndistricttimes.com.au/article/2006/08/09/560_news.html
http://www.pc.gov.au/inquiry/waste/subs/subdr176.pdf#search=%22microchip%20garbage%20bin%22
Does anyone see how this could be abused?
Universal Music announced that it will offer all of its music for download on an Internet site for free. The catch is that revenues will be generated by means of targeted advertising.
The questions of the day are:
- How will Apple’s eTunes react to this?
- How will Napster and Yahoo react?
- How will music pirates react to this?
- How will this effect advertising on the Internet?
- How will the artists get/calculate their share of revenues?
- Last but not least, how will the average consumer react to this? Will people still download music illegally?
We have from now till December to find out.
Link:
News Article
Did I read this right?
Then there’s Idokorro, which means whereabouts in Japanese. That company found itself providing software to the U.S. Air Force, the National Guard and the FBI. The software — originally developed for the BlackBerry, but also compatible with other mobile devices — allows users to access computer servers remotely.
It doesn’t take a genious to figure that one out. Look at it this way: If you have diabeties and you carry your glucometer with you all the time and you carry your mobile with you all the time as well… The thought of merging the two must have crossed your mind at some point, right? Well it did for HealthPia and LG and they came up with this device. It is basically a hardware device that attaches to an LG mobile phone (called Glucopack) and some software that needs to be installed on the LG phone. There… Now you have yourself a “GlucoPhone”. I wonder what the smartphone will merge with next. Here is the list of things we already merged with mobile phones:
- Digital Cameras.
- Polaroid Cameras.
- Image and video editing software
- Other productivity and business related software. (including word processing, spread sheet and presentation tools)
- Personal Digital Assistants (PDA)
- Global Positioning Systems (GPS)
- Wallets, signatures and keys (Digital wallets, encryption keys and signatures)
- Glucometer
- Biometric readers (fingerprint and voice recognition at least)
- Web browsers
- Email clients and push email
- Services (such as check-in hotels and ordering stuff from ringtones to pizzas)
- Other connectivity related devices (Wi-Fi, bluetooth and infra-red)
- TV and radio including terrestrial, satellite and Internet based
- Media recorders and players (Music and video)
- Data storage devices
- Video Games (Engage and Java games to name a few)
- Sex related hardware, software and content (yes they are out there!)
- Etc…
If you can think of anything more, or if you know of a link to some of the above, let me know by commenting or emailing me.
Link:
http://www.gizmodo.com/gadgets/health/glucophone-a-cellphone-for-diabetics-194711.php
I really don’t know what to think of current world events. It seems though that people will always look at things as a reflection of themselves. You have the optimist, the realist and of course the over dramatic!
Here are some links:
http://www.threeworldwars.com/world-war-3/ww3.htm
http://en.wikipedia.org/wiki/World_War_III
and some videos on WWIII:
http://www.cnn.com/video/player/player.html?url=/video/moos/2006/07/21/moos.world.war.three.cnn
http://www.youtube.com/watch?v=pLKFKbQCqa8
Remember the stolen laptop incident? “Which one?” you might ask! Well, there have been many of them lately. Search google news for “laptop stolen” and you are sure to find some news:
http://news.google.com.au/news?q=laptop+stolen
The question of the day is: If there are many protection machinisms against laptop and mobile device theft, then why isn’t anybody using them?
Some links:
Articles on the issue:
http://www.networkworld.com/news/2006/071706-mobile-users-security.html
http://www.dermatologytimes.com/dermatologytimes/article/articleDetail.jsp?id=100055
Hardware encryption option for laptops:
http://www.securesystems.com.au/pages/02_technology/01.htm
Tracking options for laptops:
http://mylaptopgps.com/
http://www.lojackforlaptops.com/
http://www.ztrace.com/
http://www.xtool.com/
While searching for “Mobile Phone Forensics”, I came across the “Security & Forensics wiki” site. I was pleasantly surprised. It was inline with what I was already doing in my research. I was sad though at the fact that no site that I knew of linked to them! I know that Wiki is not considered by many as a good source for information but so aren’t blogs, are they… We still consider blogs as legitimate sources of information and always link to them. We even link to forum posts too, and ‘ahum… bugtraq posts’… so why not wikis? Links:
SecuriWiki Main Page:
http://polya.computing.dcu.ie/wiki/index.php/Main_Page
Mobile Phone Forensics Page:
http://polya.computing.dcu.ie/wiki/index.php?title=Mobile_Phone_Forensics
Email Analysis Page:
http://polya.computing.dcu.ie/wiki/index.php/Email_Analysis
In warfare nowadays , when a campaign is won with little or no efforts and without physical confrontation, do you think the winner could feel greater the need to inflict body injuries to loosers just to perceive better and depeer the victory?
