Specialized focus on subject matters, relevant to Information Assurance & personal privacy.
Unless your digital camera or camera equipped cellphone is more than fifteen (15) years old, the chances are good that any pictures taken with that device contain metadata; which describes the (who, what, where, when and how) conditions under which the picture was taken. The metadata is stored with the picture in an image file, and goes everywhere the file is copied, uploaded or downloaded. But as Catherine (Cat) Schwartz learned in 2003, certain kinds of image file metadata can be rather embarrassing. At the completion of a three (3) month qualitative risk assessment, The Assurer answers the question, “How dangerous is image file metadata?” Some of the more interesting results are that high risk probability for the iPhone 4 decreased 11.5% from the 3gs, while the amount of metadata created by the Droid 2 increased by 16% over the original Motorola Droid…
Vulnerabilities exist in social networking sites such as MocoSpace that, when exploited, can disclose the private e-mail address of targeted users. These vulnerabilities are caused by the interaction of the site’s internal e-mail system, with the external e-mail system that hosts a user’s private e-mail account.
For users who allow Windows to automatically download and install changes on their computers, they will not be affected. But if you believe that your explicit knowledge and consent is required, in order to affect changes to your computer; Microsoft has declared Information Warfare on you.
On February 11th, Microsoft General Manager Joe Williams, discussed the upcoming Windows Activation Technologies Update for Windows 7. While this is considered an “important update,” he went on to “…stress that the Update is voluntary.” So what did Joe mean by important update, but voluntary? I found out this morning.
As smartphones become more popular, the use of mobile Augmented Reality (AR) applications has increased. But there lurks a “dark side” to Augmented Reality. One that is not being publicly discussed, that affects us on many personal, civil, criminal, and national security levels.
One of the interesting features of Android smart-phones is the pattern lock screen. Instead of a four digit PIN, the phone is secured with a “pattern” of four to nine dots, arranged in a 3 by 3 square. This results in a possible 3,024 to 362,880 different combinations. Sounds pretty secure, right?
Learn how to create and use, a Personal Security Classification Taxonomy (PSCT) that is on par with how governments protect their own secret information. Includes real life examples of PSCT in action.
Detailed description of the United States security classification taxonomies, in the areas of national security, national interests and homeland security.
The common belief by the public, about Unclassified information; is that it is harmless, general knowledge; available to anyone, and is of little or no strategic value. Contrary to this belief, the term “Unclassified” refers to information that possesses one or more of the following attributes…
Need-To-Know (NTK) is a security concept with military origins. In computer security, it’s called the principle of least-privilege. And in the field of security engineering, it’s called security through obscurity. A less than polite definition; which I’m sure everyone can relate to is: making it your business to ensure that everyone working for, around, or with you, is minding their own business.