Operation n

I’ve been browsing through a PCI Compliance book. This gives a good approach on how to secure your framework if nothing else. Of course you can get yourself PCI compliant but there have been a few teething problems, changes and some countries can’t keep up with PCI. From a testing point of view, it usually is a scan but testing companies don’t tend to see the overall picture unless they are a Qualified Security Auditor (QSA) company.

We are off to Liverpool now. The home of 2005 European champions of football. There has been recent spate of burglaries to a number of Liverpool of players. So much so they are considering to hire a security company to protect their worldly possessions. All this is happening due to a simple fact that the team were playing away from home and of course the players are not home! That’s all the information needed for this attack!
It begs the question, how much information do you need to harm someone. On this evidence, not very much! Simply knowing someone’s whereabouts and what they have maybe good enough. And that’s nothing much confidential right there!

Wikipedia is the well-known free content encyclopedia, which allows anyone in the world to edit, update and modify data. As a consequence, the information at wikipedia may be wrong and can be misleading as an education resource.

As mentioned anyone can “edit” content. Some can be done anonymously. But there have been situations where controversial content have been modified/removed anonymously. That’s where Wikiscanner comes in. This scanner can identify who/where/how often an IP address is modifying content. Conversely,
Wikileaks claim they can ensure that any content (controversial or not) can be placed anonymously and be protected.

I was interested in hearing on the radio, comments from someone at Cambridge University. Richard Clayton from lightbluetouchpaper claims that databases are too centralised. The impact of data leaks are very high as a consequence. He feels that databases have become too big (e.g. a government database has information of every site/location in one database) and making it secure is impossible. He feels the only solution is to have decentralised databases so that the impact of data leakage is reduced.

Interesting that Facebook is suing a group of Canadians for attempting compromise their site. The article isn’t clear as to how the attempt was made. But once again, you should always be careful if you want to scan your favourite site without permission…