The Week That Was - 11/26/2012

Here's the week that was.  As always, we have a little bit of everything from encrypted messages from secret societies [18] to Chinese aircraft carriers [9]. The story about the encrypted messages from the Great Enlightened Society of Oculists was my favorite.  [18]  It's a great overlap of history and technology.  And the technology used to decode the message is impressive.  I can't do it justice, so go give it a read.

Speaking of history and technology, the worm attacking Iranian databases seems to be based on malcode first identified in 2010.  [10]  The story is significant for two reasons.  First, it serves as a warning to us that just because a threat is old doesn't mean it isn't still dangerous in the right context.  Second, I feel this is a good example of information warfare's more frequent appearance.  It's a risk that doesn't necessarily loom large for all organizations, but it could be significant for a few.  It's worth thinking about how such an attack would impact you and what the threat communities might look like.

Finally we have the story of Andrea Hernandez who refused to wear an ID card with embedded RFID chip.  [16]  Her home school district, Northside Independent, mandated students wear them to better track attendance.  Northside Independent receives state funding based on the average daily attendance level of its schools.  I see where this is an effective means of tracking attendance, but schools seemed to do OK with a paper-based roll call in home room back when I was a kid.  Why won't paper still work?

Link Dump

[1] G. Thompson, “Are We Ready To Fight The Next Generation Of Threats? New (ISC)2 Survey Lets You Give The Answer,” (ISC)2 Blog, 21-Nov-2012. [Online]. Available: [Accessed: 26-Nov-2012].

[2] S. Ackerman, “Army Sticks ‘War on Islam’ Teacher in Bureaucratic Depths,” Danger Room, 26-Nov-2012. [Online]. Available: [Accessed: 26-Nov-2012].

[3]“Army Wants to Stop Bombs Using Halo-Style Electric Pulses,” Danger Room, 20-Nov-2012. [Online]. Available: [Accessed: 21-Nov-2012].

[4]“Global mobile data traffic doubled in year, Ericsson says,”, 21-Nov-2012. [Online]. Available: [Accessed: 21-Nov-2012].

[5] T. B. Lee, “Google rallies opposition to UN takeover of Internet governance,” Ars Technica. [Online]. Available: [Accessed: 21-Nov-2012].

[6] N. Shachtman, “How Israeli Drone Pilots Made Their Life-and-Death Choices Over Gaza,” Danger Room, 26-Nov-2012. [Online]. Available: [Accessed: 26-Nov-2012].

[7] S. Sharwood, “Human Rights Watch proposes new laws of robotics,” The Register, 22-Nov-2012. [Online]. Available: [Accessed: 26-Nov-2012].

[8] D. Fisher, “New Linux Rootkit Emerges,” ThreatPost, 20-Nov-2012. [Online]. Available: [Accessed: 20-Nov-2012].

[9] D. Axe, “New Naval Era Dawns as China’s Carrier Launches First Jet,” Danger Room, 26-Nov-2012. [Online]. Available: [Accessed: 26-Nov-2012].

[10] J. Leyden, “New table-munching worm ravages Iranian biz databases,” The Register, 26-Nov-2012. [Online]. Available: [Accessed: 26-Nov-2012].

[11] J. Leyden, “Nintendo downplays Wii U ‘hidden control panel’ hack fears,” The Register, 20-Nov-2012. [Online]. Available: [Accessed: 20-Nov-2012].

[12] J. Leyden, “PGP Zimmermann teams with Navy SEALs, SAS techies in London,” The Register, 21-Nov-2012. [Online]. Available: [Accessed: 21-Nov-2012].

[13] B. Donohue, “Researchers Remotely Control Smart Cards with Malware PoC,” ThreatPost, 20-Nov-2012. [Online]. Available: [Accessed: 21-Nov-2012].

[14] M. Mimoso, “Resilient Security Requires Creativity and Intelligence,” ThreatPost, 20-Nov-2012. [Online]. Available: [Accessed: 20-Nov-2012].

[15] E. Chickowski, “Slide Show: 2012 Pastebin Pinups,” Dark Reading, 21-Nov-2012. [Online]. Available: [Accessed: 26-Nov-2012].

[16] D. Kravets, “Student Suspended for Refusing to Wear a School-Issued RFID Tracker,” Threat Level, 21-Nov-2012. [Online]. Available: [Accessed: 26-Nov-2012].

[17] J. Sawyer, “Tech Insight: Better Defense Through Open Source Intelligence,” Dark Reading, 18-Nov-2012. [Online]. Available: [Accessed: 19-Nov-2012].

[18] N. Shachtman, “They Cracked This 250-Year-Old Code, and Found a Secret Society Inside,” Danger Room, 16-Nov-2012. [Online]. Available: [Accessed: 20-Nov-2012].