Difference between revisions of "Episode61"

From Security Weekly Wiki
Jump to navigationJump to search
 
Line 1: Line 1:
 
 
== Stories for Discussion ==
 
== Stories for Discussion ==
 
[http://www.infoworld.com/article/07/02/26/HNblackhatrfid_1.html Chris Paget of IOActive doing an RFID Hacking Presentation at Blackhat] - [Joe] - "Secure card maker HID Corp. is objecting to a demonstration of a hacking tool at this week's Black Hat Federal security conference in Washington, D.C. that could make it easy to clone a wide range of so-called "proximity" door access cards."
 
[http://www.infoworld.com/article/07/02/26/HNblackhatrfid_1.html Chris Paget of IOActive doing an RFID Hacking Presentation at Blackhat] - [Joe] - "Secure card maker HID Corp. is objecting to a demonstration of a hacking tool at this week's Black Hat Federal security conference in Washington, D.C. that could make it easy to clone a wide range of so-called "proximity" door access cards."
 +
 +
[http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9011283 Reverse hacker wins $4.3M in suit against Sandia Labs] - [Joe] - "Shawn Carpenter was awarded a $4.3 million award — more than twice the amount he sought and money he thinks he'll never see. Carpenter worked for Sandia National Labs as an intrusion detection analyst. He anayzed. He detected. He reported. He was fired — in Janurary 2005 after sharing his results with the FBI and the U.S. Army. Computerworld asked him what he hoped to achieve in that investigation. Answer: 'In late May of 2004, one of my investigations turned up a large cache of stolen sensitive documents hidden on a server in South Korea. In addition to U.S. military information, there were hundreds of pages of detailed schematics and project information marked 'Lockheed Martin Proprietary Information — Export Controlled' that were associated with the Mars Reconnaissance Orbiter. ... It was a case of putting the interests of the corporation over those of the country.' Ira Winkler, author of  Spies Among Us , said the verdict was 'incredibly justified. Frankly, I think people [at Sandia] should go to jail' for ignoring some of the security issues that Carpenter was trying to highlight with his investigation."

Revision as of 17:47, 27 February 2007

Stories for Discussion

Chris Paget of IOActive doing an RFID Hacking Presentation at Blackhat - [Joe] - "Secure card maker HID Corp. is objecting to a demonstration of a hacking tool at this week's Black Hat Federal security conference in Washington, D.C. that could make it easy to clone a wide range of so-called "proximity" door access cards."

Reverse hacker wins $4.3M in suit against Sandia Labs - [Joe] - "Shawn Carpenter was awarded a $4.3 million award — more than twice the amount he sought and money he thinks he'll never see. Carpenter worked for Sandia National Labs as an intrusion detection analyst. He anayzed. He detected. He reported. He was fired — in Janurary 2005 after sharing his results with the FBI and the U.S. Army. Computerworld asked him what he hoped to achieve in that investigation. Answer: 'In late May of 2004, one of my investigations turned up a large cache of stolen sensitive documents hidden on a server in South Korea. In addition to U.S. military information, there were hundreds of pages of detailed schematics and project information marked 'Lockheed Martin Proprietary Information — Export Controlled' that were associated with the Mars Reconnaissance Orbiter. ... It was a case of putting the interests of the corporation over those of the country.' Ira Winkler, author of Spies Among Us , said the verdict was 'incredibly justified. Frankly, I think people [at Sandia] should go to jail' for ignoring some of the security issues that Carpenter was trying to highlight with his investigation."