The world’s most super-designed data center is described as being fit for a James Bond villain. [via]
Located in an old nuclear bunker deep below the bedrock of Stockholm city, sealed off from the world by entrance doors 40 cm thick, it can withstand a hydrogen bomb and has German submarine engines for backup power.
It reminds me however of the data haven that Epiphyte gets involved in building on the island of Kinakuta in Neal Stephenson’s novel Cryptonomicon.
It appears that many users of Facebook will confirm friendships with a person unknown to them.
This coupled with the standard things that people post to their Facebook profile creates the perfect environment for Identity Thieves to ply their trade.
The Guardian reports that Bletchley Park looks set to be saved from extinction after a £330,000 grant from English Heritage.
Current Home Secretary Jacqui Smith says that in order to keep up with technology that the police and security services need new powers and that an expansion of surveillance is necessary.
The proposed database will hold for two years details of all communications, not however the content just data about the communications i.e. who, when and how long.
BBC News: Giant database plan ‘Orwellian’
The Telegraph: Social networking sites to be snooped on by security services
Chris Huhne, Liberal Democrat home affairs spokesman, added: “The Government’s Orwellian plans for a vast database of our private communications are deeply worrying. I hope that this consultation is not just a sham exercise to soft-soap an unsuspecting public.”
Guy Herbert, from campaign group NO2ID, said: “The Home Secretary talks about ‘principles’ but the only principle she appears to be acquainted with is convenience for the stalker state.
I too have concerns about this proposal. Presumably the idea is that criminals and terrorists even if they are smart enough not to discuss their illegal activities over telephones or via email will communicate with their associates. The database will allow investigators to map these networks of associates and open up new areas of investigation and discover new suspects.
But the vast majority of Britons are not terrorists or criminals so the database will mostly consist of data that is of no use to the police or the security services but would be to criminals who could use the data to aid in identity theft. Frankly I have no faith in the government’s ability to safeguard this data.
Michael Kassner of TechRepublic reports on a new and effective DoS attack.
Security researchers Jack C. Louis and Robert E. Lee of Outpost 24 stumbled onto a relatively simple way to implement a Denial of Service (DoS) attack that does not require massive SYN floods. The researchers aren’t releasing many details about the attack, except for those provided in a very interesting interview with Brenno de Winter.
Steve Gibson as part of the Security Now series did a podcast about Sockstress and then talked to Jack & Robert off the record about their exploit and the issue of releasing the knowledge of it into the public domain where it may be used maliciously.
The Security Now show notes include further details and links to all the coverage of Sockstress.
CNET News: PGP, IBM help Bletchley Park raise funds
A campaign will be launched on Tuesday to ask U.S. tech companies to help save Bletchley Park, whose wartime work helped lay the foundations of modern computing and crytography.
The fund-raising campaign will be led by cryptography provider PGP, together with IBM and other technology firms. Phil Dunkelberger, chief executive of PGP, told ZDNet UK in a video interview that the group of companies would be making donations to repair the buildings at Bletchley Park, including the National Museum of Computing, and would be calling for other organizations to get involved.
[via]
Dan Kaminsky revealed his discovery of a DNS flaw that could be exploited to direct unwitting users to malicious web addresses,Now, practically on the heels of that announcement, a hacker team that presented at DEFCON has demonstrated how a fundamental design error in the Internet’s border gateway protocol can be used to invisibly eavesdrop.
The Register exposes a neat hack using Google’s cache that enables access to password protected parts of websites.
The hack was posted on Hack Forums which ironically is itself password protected so using the Google cache hack here is a version you can read.