Search This Blog

Thursday, July 21, 2005

Crosswalk hacking and more from BBspot


NETWORK WORLD NEWSLETTER: M. E. KABAY ON SECURITY
07/21/05
Today's focus: Crosswalk hacking and more from BBspot

Dear security.world@gmail.com,

In this issue:

* Spoof site BBspot
* Links related to Security
* Featured reader resource
_______________________________________________________________
This newsletter is sponsored by Nokia
Nokia Secure Access System - Continuing the Legacy of Leadership
with SSL VPNs

VPN solutions based on IP Security (IPSec) have been widely
deployed to securely connect multiple office and campus sites,
and Nokia has been offering award-winning IPSec VPN solutions
for several years with deployments around the world. Until
recently, the same IPSec VPN technology has been used for
enterprise remote access solutions. These solutions were
generally limited to enterprise-supplied equipment, such as
laptop PCs. The emergence of SSL technology employed in Nokia
Secure Access System, however, has significantly changed the
landscape for remote access solutions. Learn more!
http://www.fattail.com/redir/redirect.asp?CID=108517
_______________________________________________________________
FREE NETWORK WORLD PRINT SUBSCRIPTIONS - SIGN UP NOW!

Security is one of the most pressing issues in all of IT, and
you need to stay on top of it. Network World delivers the
hottest security news. Network IT Executives depend upon Network
World for the information they need to keep their networks
secure! SUBSCRIBE TODAT AT:
http://www.fattail.com/redir/redirect.asp?CID=108473
_______________________________________________________________

Today's focus: Crosswalk hacking and more from BBspot

By M. E. Kabay

A student breathlessly wrote to me with news of yet another
hacking exploit. "A shadowy group of pedestrian hackers called
Cross Anytime announced their discovery of several back doors or
'cheats' using crosswalk buttons at many intersections. The
3,658-item list has been released on their Web site."

Hmmm. Over three thousand ways of hacking streetlight buttons?
When the buttons have always seemed to be single-state automata
(that is, pressing the button turns it on; if it's on, pressing
it has no effect)? Sounded fishy to me. Seemed even less likely
when I found that the Web site does not exist.

I immediately found that the article was originally posted on
BBspot.com. The spoof included paranoid claims such as, "There
have always been rumors that these codes existed. Mostly,
they're used by politicians and city officials to get an edge in
crossing the street. Now, we've freed the codes to the world,
and everyone can walk without oppression."

The author added, "Municipal officials across the country worry
that the release of these hacks could result in traffic jams and
pedestrian confusion. Roger Gorman, Mayor of Kansas City,
pleaded for pedestrians to stop using the hacks, 'For the love
of humanity, can't you people just jaywalk?'"

What should have made the spoof obvious was the line, "The FBI
has shut down the button hack site citing violations of the DMCA
and fears that terrorists might use the hacks to 'cross the
streets of America at will.'"

Other amusing articles on the site include "Top 11 Ways to Make
Your Wireless Network More Secure," which includes the priceless
advice to "Wrap your house in tin foil," "Set landmines for war
drivers," and "Block open ports with peanut butter."

The site describes itself as follows: "Called 'the world's
greatest tech humour site' by The Register, BBspot creates
entertainment for the geekier side of the world. BBspot produces
a variety of features like fake news stories satirizing the tech
and political worlds, the BBspot Mailbag which pokes fun at the
Believers (people who believe our fake news) and much more."

I think that spoofs of security articles can be useful for
security awareness programs, especially if there's a second
section in a different part of the newsletter or a link to
another part of the awareness site that shows readers all the
reasons they should have spotted the fakery. Too many of us are
ready to believe anything we see in print, regardless of whether
it makes any sense. The BBspot fun and games can provide a
welcome chuckle as well as training our users to be on their
toes in resisting hoaxes.

Here's the crosswalk story:
<http://www.bbspot.com/News/2005/06/crosswalk_button_hacks.html>

RELATED EDITORIAL LINKS

How to prevent pharming
Network World, 07/18/05
http://www.networkworld.com/nlsec3553

Sun grows open source offerings
Network World, 07/18/05
http://www.networkworld.com/news/2005/071805-opensso.html?rl

The top 5: Today's most-read stories

1. Future-proof your network
<http://www.networkworld.com/nlsecuritynewsal3482>

2. Appliances replace DNS, DHCP software
<http://www.networkworld.com/nlsecuritynewsal3483>

3. Microsoft sues Google, former employee over hiring
<http://www.networkworld.com/nlsec3554>

4. The ROI of VoIP
<http://www.networkworld.com/nlsecuritynewsal3323>

5. Investors target systems management
<http://www.networkworld.com/nlsec3555>

Today's most forwarded story:

Investors target systems management
<http://www.networkworld.com/nlsec3555>
_______________________________________________________________
To contact: M. E. Kabay

M. E. Kabay, Ph.D., CISSP, is Associate Professor in the
Division of Business and Management at Norwich University in
Northfield, Vt. Mich can be reached by e-mail
<mailto:mkabay@norwich.edu> and his Web site
<http://www2.norwich.edu/mkabay/index.htm>.

A Master's degree in the management of information assurance in
18 months of study online from a real university - see
<http://www.msia.norwich.edu/>
_______________________________________________________________
This newsletter is sponsored by Nokia
Nokia Secure Access System - Continuing the Legacy of Leadership
with SSL VPNs

VPN solutions based on IP Security (IPSec) have been widely
deployed to securely connect multiple office and campus sites,
and Nokia has been offering award-winning IPSec VPN solutions
for several years with deployments around the world. Until
recently, the same IPSec VPN technology has been used for
enterprise remote access solutions. These solutions were
generally limited to enterprise-supplied equipment, such as
laptop PCs. The emergence of SSL technology employed in Nokia
Secure Access System, however, has significantly changed the
landscape for remote access solutions. Learn more!
http://www.fattail.com/redir/redirect.asp?CID=108516
_______________________________________________________________
ARCHIVE LINKS

Archive of the Security newsletter:
http://www.networkworld.com/newsletters/sec/index.html

Security Research Center:
http://www.networkworld.com/topics/security.html

Instant sign-up for Security News Alert:
http://www.networkworld.com/isusecna

Instant sign-up for Virus & Bug Patch Alert:
http://www.networkworld.com/isubug
_______________________________________________________________
How well do you know your customers?

Accurate customer data directly impacts loyalty and business
planning, yet few companies update data regularly. Experts
address the challenges of ensuring a consistent, coherent
customer view across the enterprise.
http://www.fattail.com/redir/redirect.asp?CID=108493
_______________________________________________________________
FEATURED READER RESOURCE
THE NEW DATA CENTER: SPOTLIGHT ON STORAGE

This Network World report takes a look at storage trends such as
virtualization, encryption and archiving. Here you will also
find seven tips for managing storage in the new data center, how
storage encryption can help ease the threat of identity theft,
why one exec believes its all about the information and more.
Click here:
<http://www.networkworld.com/supp/2005/ndc4/>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2

International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>

To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>

Subscription questions? Contact Customer Service by replying to
this message.

This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________

Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>

Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772

For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>

Copyright Network World, Inc., 2005

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)