Well, from looking at the news and some of the evaluation discussions coming through here in Japan, it appears that at least Japan and the US will be implementing body scanners for boarding processing in the next year. Bruce Schneier touches on this subject a couple times throughout his blog, but in Japan’s case, I have some very reliable insight to some of the considerations by local officials. Of course, Japanese throw the latest, greatest technical solution at something as a CYA move all the time. Nobody wants to be responsible for a bad decision, so little thought goes into … Continue reading Suck Your Guts In – Full Body Scanner Coming To An Airport Near You!

SocietyLeave a comment

Takashimaya Department Stores Going LED

January 20, 2010December 26, 2023 SysRisk

The Nikkei headlines this morning, as I read it on the page facing me in the train, says that Takashimya Department Stores in Japan has announced that they will replace major location lighting with LED. The target is to replace and install some 150,000 units by 2012, reducing electricity costs to one-fifth of current expenditure. This will include locations in Tokyo and Osaka, a total of 18 locations nationwide. The Japanese article I looked up on the web is here. There is also an English headline here but that just links to the Nikkei pay-to-read site. Continue reading Takashimaya Department Stores Going LED

DevelopmentLeave a comment

WorkPapers – Latest Version Now Freeware

January 1, 2010December 26, 2023 SysRisk

This title is a bit misleading since I stopped development of this software back in late 2006. Recent reports indicate that version still runs on the latest OS X and all versions of Windows, so due to an overwhelming number of requests from potential users for me to hurry up and setup a Sourceforge site and pull the registration encryption, we are now offering the software for download (both Mac and Windows) with a free version registration key. Workpapers was designed to be a personal audit software for teams in small to medium sized practices. All of the data calls … Continue reading WorkPapers – Latest Version Now Freeware

Cybersecurity, hackingLeave a comment

German Researcher Cracks GSM Codes – Offensive Security Research Illegal?

December 29, 2009December 26, 2023 SysRisk

This is big news, and falls in line with mobile security research to be executed during the first part of 2010. A German researcher has made eavesdropping on GSM phone conversations post-facto (not real time) as easy as a beefy computer and $3,000 of radio equipment. The key to all of this, however, is the code book that this German researcher has access to. Karsten Nohl, the German scientist, made his presentation available here. The beefy computer is to crack the GSM codes and create the lookup table. The radio equipment is for tracking the spread spectrum signal.The most interesting … Continue reading German Researcher Cracks GSM Codes – Offensive Security Research Illegal?

hackingLeave a comment

The Last 10 Years In Mobile Phones

December 27, 2009December 26, 2023 SysRisk

This is a neat write-up of a timeline of the mobile phone over the past ten years. I wrote a similar timeline for the RSA security conference here is Japan last May, but went much further back to the original mobile phones. Wikipedia also has a great timeline in the history section of the mobile phone category. This is something we take for such granted these days, and was a rich man’s novelty just 20 years ago; but even then it was limited to gadgets installed in vehicles for the most part. My claims to this historical bit are – … Continue reading The Last 10 Years In Mobile Phones

Cybersecurity, hackingLeave a comment

Security Through Obscurity – Word Processor Redaction

December 26, 2009December 26, 2023 SysRisk

A couple weeks ago I had a small rant about the HSBC bankruptcy leak, where I found the bank’s reaction to the issue rather surprising. Then this morning as I go through my reading list (it’s Monday), this article from Network World shows that TSA fell into the same problem. However, this most recent article goes into the problem much deeper, especially on the second page of the article. The problem lies in developers, users, and security managers alike not knowing the process of document redaction, and what will and will not properly redact a document. Many people think that … Continue reading Security Through Obscurity – Word Processor Redaction

Cybersecurity, hackingLeave a comment

Cool Serial Logging Device – Logomatic v2 Serial SD Datalogger

December 24, 2009December 26, 2023 SysRisk

This cool little electronics device from Sparkfun Electronics allows you to log anything you can connect via a serial connection. A friend of mine handed this to me for Christmas, which is a good surprise that fits quite well with all the logging electronics applications that I have been prototyping lately, including some future ideas that I have for enhanced GPS/APRS/Wx logging, hiker emergency communications, and others. Enjoy! Comment – rants, comments, anything except spam. Continue reading Cool Serial Logging Device – Logomatic v2 Serial SD Datalogger

Governance, Risk, and ComplianceLeave a comment

Dissecting Japanese IT Organizations

December 23, 2009December 26, 2023 SysRisk

This posting is a culmination of information about IT organizations in Japanese corporations gathered over the past nine years that I have been working in IT audit, security, and consulting in Japan. Before we start a project at a Japanese company, I always remind myself of the challenges, then we engage the work and I remind myself to write such a blog posting. The details outlined here do not apply to certain globalized Japan firms, but they generally apply to most; including many that are globalized. The only exception are those globalized firms that have recruited foreign talent at the … Continue reading Dissecting Japanese IT Organizations

hackingLeave a comment

Windows 7 Critique By An OSX User

December 22, 2009December 26, 2023 SysRisk

Since the last blog posting I have done quite a bit – so much that I have not had time to blog about the activity. However, for the first catch-up blog, I decided to say a word or two about Windows 7. I joined Deloitte back in May of 2008 and our laptops were upgraded to Vista in November 2008. When the IT Center upgraded our laptops to Vista, they also upgraded RAM from two gigabytes to four gigabytes, which is always a welcome upgrade. Now, after about twelve months of using Vista and enduring 20 minute boot-up times, inexplicable … Continue reading Windows 7 Critique By An OSX User

Cybersecurity, hackingLeave a comment

Active Directory Analysis

December 19, 2009December 26, 2023 SysRisk

A couple of weeks ago I wrote this post because I had just found out that a group of security ‘professionals’ and ‘consultants’ (not from our company) that were assigned to one of my projects did not have the technical ability to download user records, or any other records, from Active Directory (AD) and perform the appropriate ID management analysis. While I am senior management, I do take the pride of being able to do about anything required, including the technical work that is necessary to figure out via Google, MS Support sites, or any other resource – a skill … Continue reading Active Directory Analysis

Blog

Five Hacking Tips

Tag: Tech

Suck Your Guts In – Full Body Scanner Coming To An Airport Near You!

Takashimaya Department Stores Going LED

WorkPapers – Latest Version Now Freeware

German Researcher Cracks GSM Codes – Offensive Security Research Illegal?

The Last 10 Years In Mobile Phones

Security Through Obscurity – Word Processor Redaction

Cool Serial Logging Device – Logomatic v2 Serial SD Datalogger

Dissecting Japanese IT Organizations

Windows 7 Critique By An OSX User

Active Directory Analysis