Bureaucratic Denial of Service and the OPM Breach

Millions of American citizens received letters over the last two months of 2015, advising them that the US Office of Personnel and Management (OPM) experienced a data breach. Although the US Government realized the breach in June, it took nearly 6 months for the letters’ delivery.  Included in the letter were references to identity theft, as in social security numbers of everyone within the government employee/contractor’s family.  An offer for two years of credit monitoring for all involved softened the blow.

Most experts’ concern centers on the applicants for Top Secret or Special Compartmentalized Information (SCI) sensitive information access, commonly referred to as [...]


Data Breaches: Cause and Prevention

This article takes a look at the information uncovered in Verizon’s 2013 Data Breach Investigations Report. According to the report, the most common methods of attack fell into several categories: 1) Hacking; 2) Malware; 3) Physical Attacks; 4) Social Engineering; 5) Misuse; and 6) User Error. The article also outlines some basic responses to data breaches within an [...]


Information privacy Way Back when?

Have you ever visited archive.org or used their Way Back machine? It’s a catalog of the Internet, and in my opinion one of the most ambitious projects undertaken. The privacy and persistence of the Internet, as evidenced by the Way Back Machine will have long term effects on the way legislation and the judicial system treat [...]


Hacking attack targets epileptics

I find ‘America’s Funniest Videos’ entertaining. I get ‘Jackass’… They scare people, gross them out, or generally bewilder. But they don’t intentionally go out and drop toilet bowls on people’s heads or put others lives in danger.

What I don’t get is the recent hack of the Epilepsy Foundation forums, changing posts so that they displayed flashing strobes and trippy patterns. I find this behavior reprehensible. To sully a non-profit’s reputation, and attack unsuspecting seizure disorder suffers, many of whom may be incapcitated by the strobes or patterns. Thankfully most of them probably don’t know what happened, essentially blacking [...]


Hacking "Linked-In": Working around the social part of social networking

Original Post on 14-Jun-06 4:50pm
I use “Linked-In” for a social networking, and online contact management tool. It’s quite convenient, nearly a true peer-to-peer instantiation of a friend of a friend tool (at least in the free version) and pretty indicative of most of these sites. In order to connect with someone, you either must have their email address and send them an invitation, or ask someone you’re already connected with for an introduction, all brokered by Linked-In. I say nearly a true peer-to-peer social networking tool, as there are a couple of ways to bypass their system. Take a [...]