FaberBrent Security Blog

The birth of the mobile phone and PCI payment

2009-09-27T10:58:00.003+01:00

The BBC today released several archived clips from Tomorrow's World (their long running future technology program).

I was so taken with a couple of these clips I thought i would post them.

The first one from 1979 is a new technology called a 'radio mobile telephone' sending 'digital packet data' that I felt the need to post it. See the video here.... We have come a long way but in some regards full circle with this 'analog' dial app for the iPhone.

The second video is of the first PCI type payment system from 1969. Observations of vulnerabilities please form an orderly queue. See the video here...

Nearly half of Brits use the same password for all accounts

2009-09-03T08:50:00.002+01:00

In a new password/log-on survey of 1,661 Britons for CPP there have been some very poor (but perhaps not surprising) findings.

46% use the same password for their banking, shopping and social networking
54% use a variant of the same password
The average person visits 23 sites per month that require a password
40% admit that someone else knows their password, of these 39% believe these people may have logged in using their credentials!
18% use their pet's name for a password
12% use memorable dates for a password
10% use their children's names for a password
9% use their mothers maiden name for a password

A good way to look at electronic security is to make the analogy with physical assets. You would not use the same key for your office, car, home, parents house and safe-deposit box etc. so probably very wise not to use the same password!

One method of risk reduction is to take out and use a single credit card for all your on-line purchasing. Keep the limit on this card low and make sure you check the statement in detail. This can significantly reduce your on-line fraud exposure.

One must consider that if you are using the same password for multiple systems and platforms your risk of being compromised goes up exponentially.

If you and your company are lost in a sea of inappropriate password practices and don't know the way out contact FaberBrent now.

FaberBrent Security Blog

The birth of the mobile phone and PCI payment

Nearly half of Brits use the same password for all accounts

$27 billion lawsuit could fold due to $50 covert surveillance device

Shocking - The DWP do not keep records of how many times your data has been abused

Met Police report shows CCTV costs £20,000 per single conviction - how many would an extra officer get per year?

Charity offices bugged

Mobile-phone handset complexity - the criminals friend.

The security lessons from Britian's largest jewellery robbery

Labour MP and Dutch VIP's suffer website data leaks found by a Google search

Black-hatter shows how to utilise memory in Apple keyboard to create a hardware key-logger

How to be a Corporate Mole ...and how to spot one

UK Govt spied on more that one in every seventy eight adults in 2008!

Nine Local Authority workers sacked for illegally accessing records on Govt customer Information System database

UK ID cards - hacking debate rages on - is it just a super-database by stealth?

Half of UK firms have redundancy plans - why is this a security challenge?

How to unshred a document

Skype - spy vs spy and how the uncrackable service may be dismantled

Clampi - the biggest Trojan virus yet?

iPhone SMS vulnerability patched in less than 24hrs

Do you believe everything you read - was MI5's website really hacked?

Hollywood comes true..again - VideoJak demos hacking and spoofing IP video feeds including cctv and video conferencing

David to Delores - MI5 whistleblower transforms into transvestite Jesus incarnate

How to set up a spoof wireless Access Points - if you use wifi you need to know this

The Times publish guide to new scams

Upto 570,000 credit-card records breached at Network Solutions

SMS to be trailed by Visa as a means of payment verification

FSA fine HSBC £3M over data breaches

Lucid Intelligence live with database of 120 million stolen records

SMBs can't keep up with ITSec in tough times

Laptop repair shop exposed - essential viewing

London Borough of Wandsworth has as many cctv cameras Dublin City Council, Johannesburg Police Dept, Boston Police Dept Sydney city Council combined!

UK Phone Tapping plans prove unworkable under current legislation

£3 Million scam rocks the Royal Protection Police

Chateau Pétrus, Lafite-Rothschild and what you need to know about your alarm system vulnerabilities

ID's for sale - 4 million UK to the highest bidder

Australian cops treating unprotected wifi networks as crime risks - plod-driving is born

Watch out for unknown and spoof wireless hot-spots

UAE BlackBerry update full of Spyware!

IronKey USB Drives - the best just got better

SMS TXT message phishing - next big scam, you need to know about this.

New threat claimed, Keylogging via mains voltage emissions.

Shocking drive-by reading of RFID tags on passports, drivers licences, credit cards and more...

SpyPhone Software released for iphone 3GS

Connectivity, the controversial mobile directory, is down but not out....apparently

70% of UK orgs hit by a data breach in the last 12 months

Trading system secrets stolen by former Goldman Sachs employees

UK ID cards to be optional for UK Nationals - govt U turn

The biggest single point of failure with laptop security - people

Paris Hilton's Dubai hotel room bugged

Russians accused of corporate espionage in Germany

What happens to your old computers, they end up in a West African market stall.

FaberBrent's groundbreaking solicitors CPD infosec course gets glowing approval from the SRA

Shock horror - SpyPhone software exposed

Understanding insider risk

20% of IT professionals admit to cheating on security audit figures

Parcelforce website reveals customer data

56% of employees frequently see confidential documents on office printers

Shock horror - wireless keyboards are a security risk

LSE are critical of Home Office Internet surveillance proposal

Majority of Employees admit to breaking infosec rules

IT pros almost as bad as general public when it comes to mobile passwords

Robotic one-eyed snake cam

UK mobile phone directory, opt-out or be listed

British Consulate-General sets good InfoSec example in New York

36% of IT pro's have used their position to view sensitive company data

Undercover investigation discovers sensitive military technology can be easily purchased

NY State Court judge allows surreptitiously obtained emails as evidence - does not constitute a 'wire-tap'

Claimed hack of entire T-Mobile US network data

The first British Standard on management of personal data has been published, say hello to BS10012

Business Software Alliance asks 1,000 London companies to provide a software audit

US Govt accidentally releases secret nuclear list

Watch out for the Men in Black - just like the films, only real.

65,000 employee records compromised

Update - $50,000 reward offered for missing White House disks

Massive NYC ID and banking scam busted - Bank insiders to blame

109,000 Pensions Trust records lost

"Screensavers" is the web's most dangerous search, also watch out for "Jonas Brothers"

Stolen RAF hard drives contain senior staff vetting data including drug use, debt and use of prostitutes!

Information Commissioner threatens NHS over thousands of lost medical records