== Story Time With Twitchy ==
== Stories for Discusion ==
[http://www.theregister.co.uk/2006/09/04/wi-fi_warnings_legislated/ Wifi guidance becomes law in Cali] - [
PaulDotCom, Larry] - Check out Schenier's comments [http://www.schneier.com/blog/archives/2006/09/securing_wirele_1.html here]. ...stickers need to be on wiresles devices (among other solutions) to warn end users. I like one of the comments: "By removing this sticker, you acknowledge this product does something you don't (and probably never will) understand.". I mean, stickers are not the way to secure a wireless network!
[http://www.f-secure.com/weblog/#00000962 Mobile Spy Tool] - [
PaulDotCom] - Cool concept and demo video from F-Secure.
[http://www.techworld.com/mobility/news/index.cfm?newsID=6787&pagtype=samechan WiFi fingerprints could end MAC spoofing] - [? and Larry] - fingerprint the radio (not the driver)
[http://www.engadget.com/2006/08/28/rfid-bugs-found-in-the-bottom-of-british-wheelie-bins/ RFID Bugs found in British trash cans] - [
PaulDotCom] - Look, look, he's taking out the trash!
[http://www.mckeay.net/secure/2006/09/kismet_running_on_my_nokia_770.html Kismet on a Nokia 770] - [
PaulDotCom] - Yes, it is cool, and yes I bought one pretty much just so I can run kismet on it :)
[http://www.schneier.com/blog/archives/2006/09/microsoft_and_f.html M$ patches DRM faster then vulnerabilities] - [Larry] - Why, becasue DRM makes them money.
[http://www.securityfocus.com/news/11411?ref=rss Security "pro" pleads guilty in USC attack] - [Larry] - Wierd, a "pro" hacking without permission, then performing appropriate disclosure, then pleading guilty. There were some apparent ulterior motives....
[http://www.securityfocus.com/columnists/415 Disclosure Survey] - [
PaulDotCom] - ''"Federico Biancuzzi surveys statements from some of the world's largest software companies about vulnerability disclosure, interviews two security companies who pay for vulnerabilities, and then talks with three prominent, independent researchers about their thoughts on choosing a responsible disclosure process."''
[http://www.msnbc.msn.com/id/14687677/site/newsweek/ Boardroom Spying at HP] - [Larry and Joe] (slashdot)- Chairwoman Patricia Dunn utilizes communications spying and even pretexting to investigate an internal leak..of information. This could have an impact on pretexting legislation (apparently there already is some)
[http://www.tomsnetworking.com/2005/03/08/how_to_bluesniper_pt1/ Building a Better BT Sniper Rifle] - [
PaulDotCom, Larry] - This link made an appearance in my presentation and certainly worth discussing. They used the rifle to snarf people in the next building over.
[http://news.com.com/Websense+Samsung+site+hosts+Trojan/2100-7350_3-6113611.html?part=rss&tag=6113611&subj=news Samsung website hosting Trojan] - [Larry] - whoops, who missed this one? Websesne found it, why didn't Samsung? Why didn't the attacker modfy the Samsung pages to deply? Click-kiddie?
[http://www.insecuremag.com/archive.html Insecure Mag 1.8 out] - [Larry] - Some good reading, and free.