Mongoose: Security flaw gave researcher the power to erase every video on YouTube

Mongoose

Mongoose

Security flaw gave researcher the power to erase every video on YouTube

Today’s tale of apocalyptic internet near-misses comes from software developer Kamil Hismatullin, who discovered a security flaw in YouTube that allowed him to delete any video he wanted—or all of them, if he so desired. Fortunately, he did not so desire (although he apparently had some thoughts about doing a number on Justin Bieber’s channel), and instead he reported the bug to Google and collected a $5000 reward.

Read the rest of this entry »

Comments Off
Apr 5

Hal Berghel: Noirware – RFID/GPS

Categories: Design,Security
Hal Berghel

Hal Berghel

Noirware

Are we just going to sit here while the unintended consequences of bad design wreak havoc on our lives? A retrospective about RFID creep and GPS abuse is called for.

EXTRACT

…absent a robust security model, commercial GPS is currently untrustworthy with no antidote on the horizon.

PDF (6 Pages)

Comments Off
Feb 20

Jean Lievens: Tim O’Reilly on Open Data and Best (Open) Security

Categories: Data,Security
Jean Lievens

Jean Lievens

Opening up open data: An interview with Tim O’Reilly | McKinsey & Company

The tech entrepreneur, author, and investor looks at how open data is becoming a critical tool for business and government, as well as what needs to be done for it to be more effective. A McKinsey & Company article.January 2014

Interview transcript

Read the rest of this entry »

Comments Off
Jan 16

Patrick Meier: #Westgate Tweets One Hour Before Attacks to Two Hours Afterwards — Who, What, When, Where…

Patrick Meier

Patrick Meier

#Westgate Tweets: A Detailed Study in Information Forensics

My team and I at QCRI have just completed a detailed analysis of the 13,200+ tweets posted from one hour before the attacks began until two hours into the attack. The purpose of this study, which will be launched at CrisisMappers 2013 in Nairobi tomorrow, is to make sense of the Big (Crisis) Data generated during the first hours of the siege. A summary of our results are displayed below. The full results of our analysis and discussion of findings are available as a GoogleDoc and also PDF. The purpose of this public GoogleDoc is to solicit comments on our methodology so as to inform the next phase of our research. Indeed, our aim is to categorize and study the entire Westgate dataset in the coming months (730,000+ tweets). In the meantime, sincere appreciation go to my outstanding QCRI Research Assistants, Ms. Brittany Card and Ms. Justine MacKinnon for their hard work on the coding and analysis of the 13,200+ tweets. Our study builds on this preliminary review.

The following 7 figures summarize the main findings of our study. These are discussed in more detail in the GoogleDoc/PDF.

Figure 1: Who Authored the Most Tweets?

Figure 2: Frequency of Tweets by Eyewitnesses Over Time?

Read the rest of this entry »

Comments Off
Nov 19