Private Interests

How dangerous is image file metadata?

Unless your digital camera or camera equipped cellphone is more than fifteen (15) years old, the chances are good that any pictures taken with that device contain metadata; which describes the (who, what, where, when and how) conditions under which the picture was taken. The metadata is stored with the picture in an image file, and goes everywhere the file is copied, uploaded or downloaded. But as Catherine (Cat) Schwartz learned in 2003, certain kinds of image file metadata can be rather embarrassing. At the completion of a three (3) month qualitative risk assessment, The Assurer answers the question, “How dangerous is image file metadata?” Some of the more interesting results are that high risk probability for the iPhone 4 decreased 11.5% from the 3gs, while the amount of metadata created by the Droid 2 increased by 16% over the original Motorola Droid…

Updated — MocoSpace reveals private e-mail addresses

Vulnerabilities exist in social networking sites such as MocoSpace that, when exploited, can disclose the private e-mail address of targeted users. These vulnerabilities are caused by the interaction of the site’s internal e-mail system, with the external e-mail system that hosts a user’s private e-mail account.

Caveat on Verizon Droid 2.1-update1 OTA update lock pattern fix

My Motorola Droid finally received the much anticipated Over The Air (OTA) software update (version 2.1-update1) from Verizon Wireless. So, is the Verizon Droid pattern lock bypass fixed? Yes. But there is one little caveat…

Waging Information Warfare over KB971033

For users who allow Windows to automatically download and install changes on their computers, they will not be affected. But if you believe that your explicit knowledge and consent is required, in order to affect changes to your computer; Microsoft has declared Information Warfare on you.

Being “gaslighted” by Windows 7

On February 11th, Microsoft General Manager Joe Williams, discussed the upcoming Windows Activation Technologies Update for Windows 7. While this is considered an “important update,” he went on to “…stress that the Update is voluntary.” So what did Joe mean by important update, but voluntary? I found out this morning.

The dark side of mobile Augmented Reality

As smartphones become more popular, the use of mobile Augmented Reality (AR) applications has increased. But there lurks a “dark side” to Augmented Reality. One that is not being publicly discussed, that affects us on many personal, civil, criminal, and national security levels.

A (temporary) countermeasure for the Verizon Droid pattern lock bypass

It has been observed that, as long as a Bluetooth device is paired, AND CONNECTED, to the Droid; the pattern lock bypass vulnerability does not occur.

Ramifications of smart-phone security problems, Droid or otherwise

In the time since TechCrunch and The Washington Post covered my disclosure of the Droid pattern lock bypass, I have been asked about the implications of this flaw for Motorola Droid owners.

Verizon Droid pattern lock bypass

One of the interesting features of Android smart-phones is the pattern lock screen. Instead of a four digit PIN, the phone is secured with a “pattern” of four to nine dots, arranged in a 3 by 3 square. This results in a possible 3,024 to 362,880 different combinations. Sounds pretty secure, right?

A Personal Security Classification Taxonomy (PSCT)

Learn how to create and use, a Personal Security Classification Taxonomy (PSCT) that is on par with how governments protect their own secret information. Includes real life examples of PSCT in action.