Get a grip. You don’t have to explain how to do something when you want to warn people about a problem. Tell them about the effects because that is what is important to everyone. Only a minority of users would even understand what was being discussed if you waste time covering the cause. The cause is a bunch of jerks – every time that covers the cause. Tell people there is a problem and what they can do to protect themselves.
]]>Looks like someone is willing to put money where mouth is regarding all the WP security problems recently. 🙂 I personally think this is a good idea worth trying.
ManageWP’s Vladimir Prelovac has proposed a crowd-sourced white hat security effort to clean up WordPress. After the Slider Revolution security scare, Prelovac says “The perception of WordPress being insecure is the greatest threat to the WordPress project today” and the solution is a white hat security program, stricter code reviews, and investment in the education of WordPress developers. To get the ball rolling, he’s committed $10,000 for an education fund.
An Open Letter to the WordPress Community: Let’s Solve Security Once and For All
Yeah… Well, I dunno about solving it “once and for all”! LOL But if they make it better than it is, that will be a start! 😀
Still, read the above to see an endemic problem to security issues! Ie. “Keep your mouth shut!” That does *NOT* help!
As Vladimir says:
]]>…
The major problem is the current mindset and approach to security in the global WordPress community. After the Slider Revolution incident, its developers released a statement that among other things said:The problem was fixed 29 updates back in 4.2 in February. We were told not to make the exploit public by several security companies so that the instructions of how to hack the slider will not appear on the web.
“We were told to keep our mouths shut” makes me scream. It also seems to be on the border of being legally pursuable. And cases like this – a major one almost each month – have really hit a point of no return, at least for me.
…
Steve, that was really my point at your place – if the military is doing it, it won’t look like a cell tower. With all of the stuff that is tested on my local base, I guarantee that they have the ability to block and otherwise interfere with all radio traffic that enters the base. You waive your Fourth Amendment rights if you enter a military installation, and there are signs telling you that at every entry point. This isn’t new, it has always been that way.
What is new is the fact that a lot of things that only used to happen on or around military bases is now happening everywhere, and that isn’t Constitutional or legal. It needs to stop and the people who approve it need to go.
]]>There have been many comments to this story from people who are assuming that these ‘towers’ are physical installations. There’s no reason to assume this is the case: it’s far likelier that they are mobile installations of the kind used not only by law enforcement and government agencies, but also by scammers and other criminals.
Sounds possible to me, but what do I know…
]]>Just goes to prove… Politicians are stupid. Have no clue about anything. And as well as being the enemy of the public, are their own worst enemies also! 😀
]]>Steve Bates brought those towers up earlier, Badtux, and I explained that the military doesn’t allow cell tower construction on base, so there a lot of towers just off base to provide coverage. Whatever they are using is located on base and probably does not look like a cell tower for security reasons. The other problem is that it is totally legal and always has been for the military to monitor on-base communications for security purposes. That may be what is being detected, because radio signals don’t obey property lines.
]]>They’re near military bases so it doesn’t surprise me at all. If sh*t goes down on a military base, the military needs to shut down cell phone communications immediately to hinder communications between attackers, and the easiest way is for them to control the tower that provides cell service to the military base to begin with. Since they don’t have to comply with all the various FCC rules (something we have found out to our annoyance here on the West Coast when they continue blatting out noise on the ham radio 70cm band despite no reason to do so given that they have plenty of bandwidth on other bands), they don’t have to limit power — they can give enough power to insure that no “civilian” cell towers can serve the military base.
]]>“Interceptor use in the U.S. is much higher than people had anticipated,” Goldsmith says. “One of our customers took a road trip from Florida to North Carolina and he found eight different interceptors on that trip. We even found one at South Point Casino in Las Vegas.”
Some of the bogus cellphone towers were discovered in proximity of U.S. military bases and this circumstance alarm intelligence and security experts that has no idea of who has installed and currently maintain a so expensive and complex apparatus.
“What we find suspicious is that a lot of these interceptors are right on top of U.S. military bases.” says Goldsmith. “Whose interceptor is it? Who are they, that’s listening to calls around military bases? The point is: we don’t really know whose they are.”
It is troubling on several levels! HTF could anyone erect a massive cell tower next to a military base, and nobody know anything about it??! Seriously?
]]>OTOH, it could be Verizon getting ready to attack its competitors by taking down the cell service to non-Verizon phones. I don’t trust any of them any more. The telcoms are as bad as the new diseased NSA when it comes to hacking and cracking.
]]>Major cyber attacks hit 5 US banks including JPMorgan
Pentagon confirms that missile defenses are vulnerable to cyber attack
ICREACH program, NSA Search Engine for communications analysis
]]>…
ICREACH is the name of a Google-like search engine designed by the National Security Agency (NSA) that provides metadata related to individuals living in US to more than two dozen US government agencies.The Intercept has revealed the existence of ICREACH, a platform used to share data on more than 850 billion communications records detailing e-mails, phone calls, instant messages, and phone geolocation. The revelation is based on classified documents, dated 2006 and 2007 and disclosed by whistleblower Edward Snowden, which describe ICREACH as a “federated query” engine that would search “across all data sets for information relating to a target identifier.”
The knowledge of a so huge amount of metadata shared through ICREACH program allows agencies to track people in real life and online, map out their networks of associates and predict future actions.…
The FBI and the Drug Enforcement Administration are referred as the “key participants” in the ICREACH program, but the documents confirm that the platform has been accessible to more than 1,000 analysts at 23 US Government agencies involved in Intelligence activities.
According to The Intercept the large-scale of ICREACH represents a serious threat to citizens’ privacy, it seems that also individuals not accused of illegal activities were monitored by the system.
“Legal experts told The Intercept they were shocked to learn about the scale of the ICREACH system and are concerned that law enforcement authorities might use it for domestic investigations that are not related to terrorism.” reports The Intercept.
“To me, this is extremely troublesome,” “The myth that metadata is just a bunch of numbers and is not as revealing as actual communications content was exploded long ago—this is a trove of incredibly sensitive information.” said Elizabeth Goitein, co-director of the Liberty and National Security Program at the New York University School of Law’s Brennan Center for Justice.
…