 New Zealand Herald |
Major flaws in stadium security exposed
Stuff.co.nz SECURITY: Sunday Star-Times reporter Jonathan Marshall gets Chiefs players Sona Taumalolo, left, … NZ paper defends terror investigation Paper publishes security expose Political beat-up detracts from real issue |
 BBC News |
Hot-shot SA security outfit in IPL deal
Independent Online A South African sports security company has landed a lucrative contract with the mega-rich Indian Premier League to provide security for the … Indian Premier League under way amid heavy security IPL strokes Rs 7000 crore security cover drive IPL strokes Rs 7000 crore security cover drive |
|
Leader Parliament security
Scotsman But the announcement that a new security extension – costing a further £5m – is to be added to the building will be seen by many as simply going a step too … Parliament due for security upgrade Scottish Parliament faces £5m bill for new suicide bomber defence Holyrood to spend millions on anti-terror guardhouse to protect MSPs |
|
Scottish Parliament faces £5m bill for new suicide bomber defence
Scotsman SCOTTISH Parliament bosses could spend as much as £5 million on an extension at the front of the Holyrood building for a new security hall, … Parliament due for security upgrade One concrete proposal too many Holyrood to spend millions on anti-terror guardhouse to protect MSPs |
 The Hindu |
Pro-Thaksin demonstrators reach Bangkok
BBC News The government has deployed about 40000 security personnel and set up checkpoints to prevent any unrest. The Internal Security Act has been invoked, … Thousands of Protesters Arrive in Bangkok Red shirts rally against government Thai govt confident to control rally situation: Deputy PM |
 ABC News |
Heavy security in Tibet ahead of protests' anniversary
BBC News The Chinese security forces have launched a "strike hard campaign" ahead of the second anniversary of riots and protests in Tibet against … China Increases Security in Tibet to Prevent Protests Residents report higher security in Tibetan capital on 51st anniversary of … Police, military crackdown in Tibet on anniversary |
|
Twitter aims to push security
Periscope IT In a proactive step to improve security and perhaps cut down on the need for website monitoring, Twitter is taking an innovative approach to the security of … |
 KolkataObserver.com |
Home Ministry asks Kerala police to beef up security in Kochi
Hindustan Times The Home Ministry has asked Kerala police to step up security in Kochi following Intelligence inputs that Lashkar-e-Taiba militants may attempt to strike … Kochi on terror alert, security beefed up Terror alert sounded in Kochi, security stepped up Terror alert in Kochi, security tightened |
|
Humans continue to be 'weak link' in data security
ComputerworldUK Business managers were also more likely to go around security procedures by recording their password on a private document, such as a post-it note (35 … |
 CBC.ca |
Six people have been killed by a suicide bomber at a security checkpoint in …
BBC News It comes a day after twin suicide bomb attacks in the eastern city of Lahore killed 45 people and injured about 100. The attacks follow threats by Taliban … Security installations targeted in Lahore Multiple terror blasts shake Lahore Suicide bombing kills 7 in Pakistan's Swat |
 AFP |
Subjugation of women threatens US security: Clinton
AFP UNITED NATIONS — Calling the subjugation of women a threat to American security, US Secretary of State Hillary Clinton made a vibrant plea to give equal … |
 Reuters |
Bangkok remains peaceful as rally under control
Xinhua Totally, under the ISA law's enforcement there are 50000 security men, who will maintain security during the mass rally. According to Police Major General … Thailand braced for huge demonstrations as protesters seek to bring down … Reporter travels to the heartland of the red shirts Thailand tightens security as opposition plans 'million man march' |
There is a grade changing scandal over at Walt Whitman High School locally in Montgomery County Maryland. A teacher noticed that the grades in the system did not match what he or she entered. Investigation has found 54 changes.
Montgomery County Schools CTO Sherwin Collette said they believe teacher’s passwords were obtained through the use of hardware keystroke logging.
Hardware keystroke loggers are readily available online. Check out this video from irongeek if you aren’t familiar with hardware keystroke loggers. Basically its just like it sounds. A transparent USB or PS2 device that sits between the keyboard and the computer port.
Remember Microsoft’s Immutable Laws of Security number 3. If a bad guy has unrestricted physical access to your computer, then its not your computer anymore.
The best solution to this sort of problem is multifactor authentication. The thinking is that if the password is stolen then it cant be used again later. Of course some systems will allow concurrent logons allowing an attacker to immediately use the learned password. (That wouldn’t work with this device, but keystroke loggers can also use wireless/bluetooth to send the learned information immediately.
People who don’t use multifactor authentication always thinks it costs too much. I wonder how much Montgomery County has spent on this incident. The cost of securing the data should have been part of the original decision to put the grade system online.
Even without strong authentication, other things could be done to protect against this sort of attack. Its not clear if the attackers used the teachers computer. If they didn’t that might get flagged in anomaly detection. Noting that the account was normally used during the day from location A but suddenly was also used from location B at another time.
Displaying last logon and location to the user might have helped. If someone was unusually observant they might notice they didn’t use the account then.
The Post reports that Montgomery County Schools will now have a 120 day password expiration policy. That indicates before they didn’t expire passwords at all. This means a stolen password is only good for one school year. Still a long time.
Some people are taking a “boys will be boys” attitude about this. They dont understand why the police are investigating this as a criminal matter. If they’d stolen a facebook password and vandalized the teachers Facebook page, I might be laughing. With grades they had to know they were doing wrong. And worse yet these false grades were likely used to fraudulently gain admission to college potentially depriving a more deserving person.
Right now all we can do is speculate based on media reports. And worry about whether the businesses we deal with are ready for 21st century attacks.
 India Talkies |
LeT threat prompts security upgrade at Afghanistan and Nepal missions
Economic Times NEW DELHI: Even as an additional ITBP platoon leaves for Kabul on Saturday to further secure the Indian mission there, a security upgrade is also underway … India to send 40 more commandos to Afghanistan Security of Indians reviewed in Afghanistan More security for govt employees in Nepal, Afghanistan |
|
Holyrood to spend millions on anti-terror guardhouse to protect MSPs
Scotsman THE Scottish Parliament – which cost £430 million to build – is to have a multimillion-pound security upgrade, including a new building … Parliament due for security upgrade One concrete proposal too many |
AFP |
Subjugation of women is threat to US security: Clinton
AFP UNITED NATIONS — Calling the subjugation of women a threat to American security, US Secretary of State Hillary Clinton made a vibrant appeal Friday to give … |
 Globe and Mail |
Missions alert, govt fears hot terror year
Hindustan Times ePaper India is ramping up security at its missions in Afghanistan and Nepal, even as it expects 2010 to be a 'hot year' of terror attacks, government officials … Security of Indians reviewed in Afghanistan More security for govt employees in Nepal, Afghanistan India to send 40 more commandos to Afghanistan to beef up security |
This makes no sense to me, even though — I suppose — it’s a squid cryptography joke….
 Globe and Mail |
Thailand braced for huge demonstrations as protesters seek to bring down …
Times Online Up to 50000 security personnel were deployed in and around Bangkok yesterday to prevent demonstrators paralysing the city this weekend and toppling the … Thailand tightens security as opposition plans 'million man march' Bangkok hopes protests won't spark violence Bangkok on alert ahead of rally |
This one on simple-talk.com….