In my fourth column for the Guardian last Thursday, I talk about information security and liabilities: Last summer, the House of Lords Science and Technology Committee issued a report on "Personal Internet Security." I was invited to give testimony for that report, and one of my recommendations was that software vendors be held liable when they are at fault. Their...

In this article about British speed cameras, and a trick to avoid them that does not work, is this sentence: As vehicles pass between the entry and exit camera points their number plates are digitally recorded, whether speeding or not. Without knowing more, I can guarantee that those records are kept forever....

Clever: Thieves took a legitimate paper Farecard with $40 in value, sliced the card's magnetic strip into four lengthwise pieces, and then reattached one piece each to four separate defunct paper Farecards. The thieves then took the doctored Farecards to a Farecard machine and added fare, typically a nickel. By doing so, the doctored Farecard would go into the machine...

A high-level British government employee had his Blackberry stolen by Chinese intelligence: The aide, a senior Downing Street adviser who was with the prime minister on a trip to China earlier this year, had his BlackBerry phone stolen after being picked up by a Chinese woman who had approached him in a Shanghai hotel disco. The aide agreed to return...

Who can not feel a little chill of fear after reading this: "Britain on alert for deadly new knife with exploding tip that freezes victims' organs." Yes, it's real. The knife is designed for people who need to drop large animals quickly: sharks, bears, etc. I have no idea why Britain is on alert for it, though....

This report, "Assessing the risks, costs and benefits of United States aviation security measures" by Mark Stewart and John Mueller, is excellent reading: The United States Office of Management and Budget has recommended the use of cost-benefit assessment for all proposed federal regulations. Since 9/11 government agencies in Australia, United States, Canada, Europe and elsewhere have devoted much effort and...

I sure want to know more: Giants have very strange sexual behaviour where the male has a metre-long muscular penis that he uses a bit like a nail gun and shoots cords of sperm under the skin of the female's arms and she carries the sperm around with her until she is ready to lay her big jelly mass of...

By Mitchell & Webb....

Did you know that, in some jurisdictions, police can inject midazolam into suspects to subdue them? "There is no research guideline. There is no validated protocol for this. There's not even a clear set of indications for when this is to be used except when people are agitated. By saying that it's done by the emergency medical personnel, they basically...

Together with Tadayoshi Kohno, Steve Gribble, and three of their students at the University of Washington, I have a new paper that breaks the deniable encryption feature of TrueCrypt version 5.1a. Basically, modern operating systems leak information like mad, making deniability a very difficult requirement to satisfy. ABSTRACT: We examine the security requirements for creating a Deniable File System (DFS),...

They do: Hobby groups throughout North America have cracked supposedly unbeatable locks. Mr. Nekrep, who maintains a personal collection of more than 300 locks, has demonstrated online how to open a Kensington laptop lock using Scotch tape and a Post-it note. Another Lockpicking101.com member discovered the well-publicized method of opening Kryptonite bike locks with a ball-point pen, a revelation that...

This is an excellent paper by Ohio State political science professor John Mueller. Titled "The Quixotic Quest for Invulnerability: Assessing the Costs, Benefits, and Probabilities of Protecting the Homeland," it lays out some common send premises and policy implications. The premises: 1. The number of potential terrorist targets is essentially infinite. 2. The probability that any individual target will be...

Tomorrow, in Australia. EDITED TO ADD (7/16): More news. EDITED TO ADD (7/22): A final note: ...the poor museum volunteers, the hardy souls who showed the members of the public around, explained what was going to happen, and led them to their seats. Raise your glass to ... the super calamari giblet exhibition docents....

Trusted insiders can do a lot of damage: Childs created a password that granted him exclusive access to the system, authorities said. He initially gave pass codes to police, but they didn't work. When pressed, Childs refused to divulge the real code even when threatened with arrest, they said. He was taken into custody Sunday. City officials said late Monday...

The U.S terrorist watch list has hit one million names. I sure hope we're giving our millionth terrorist a prize of some sort. Who knew that a million people are terrorists. Why, there are only twice as many burglars in the U.S. And fifteen times more terrorists than arsonists. Is this idiotic, or what? Some people are saying fix it,...

By a California court: The designer, Carter Bryant, has been accused by Mattel of using Evidence Eliminator on his laptop computer just two days before investigators were due to copy its hard drive. Carter hasn't denied that the program was run on his computer, but he said it wasn't to destroy evidence. He said he had legitimate reasons to use...

Last week's dramatic rescue of 15 hostages held by the guerrilla organization FARC was the result of months of intricate deception on the part of the Colombian government. At the center was a classic man-in-the-middle attack. In a man-in-the-middle attack, the attacker inserts himself between two communicating parties. Both believe they're talking to each other, and the attacker can delete...

Impressive. Be sure to watch the video....

From his blog: Future presidents can learn a lot from all this -- do exactly what the Bush Administration did! If the law holds you back, don't first go to Congress and try to work something out. Secretly violate that law, and then when you get caught, staunchly demand that Congress change the law to your liking and then immunize...

The popular media conception is that there is a coordinated attempt by the Chinese government to hack into U.S. computers -- military, government corporate -- and steal secrets. The truth is a lot more complicated. There certainly is a lot of hacking coming out of China. Any company that does security monitoring sees it all the time. These hacker groups...