By Brendan Ziolo, Kindsight

With use of smartphones, tablets and other mobile devices exploding, these devices are becoming the next targets of cybercriminals. Mobile malware is escalating having increased 400 percent over a three-month period in late 2011, as measured by Kindsight Security Labs.

Despite the increases in mobile malware, many mobile operators and subscribers continue to be virtually blind to the full extent of the problem—they simply react to incidents as they occur and have no proactive processes in place to address malware. As more and more applications come to mobile devices, this reactive approach becomes increasingly risky—and will ultimately result in service issues, outages and lost data. Here’s what could happen (or you can watch a video).

Read More…

By Tim Dees. Tim is a retired police officer and the former editor of two major law enforcement websites who writes and consults on technology applications in criminal justice. Check out his blog:  http://www.timdees.com/blog/. He’s also the editor of the 2^nd issue of LifeTalk ezine.

The Striker vehicle at CES 2012 (image by Denise Panyik-Dale)

Police, fire and emergency services use video when and where they can get it. That usually means a recorder on a patrol car or a fixed security camera at a store or industrial site. 4G/LTE networks bring video capabilities to wherever they’re needed, without the necessity for cable, fiber, or an expensive vehicle. In the new issue of LifeTalk the advantages and challenges of large-scale video surveillance in public safety organizations around the world is examined.

We talk to the technology manager for Brazil’s largest police and fire operation and see how they are leveraging Alcatel-Lucent’s LTE network solution to increase the effectiveness of its officers. Also the president of a law enforcement software company discusses the social impact of living in a watched society and a technology consultant in London provides her views on how public and private industry organizations can realize a return on investment in expanded video surveillance resources.

Read More…

Cartoon by XKCD http://xkcd.com/844/

The writing of programming code is like many other technical challenges, there are good and bad ways to do it, sort of like cooking.  We have all done it but some folks can do it really well.  For the rest of us, we only do it well enough to stay alive.

In the code business, one occasionally comes across statements like the cartoon above that refer to “spaghetti code”.  Basically this is what can happen to you if you are sloppy with your technique or have a piece of code that has been edited and modified to pieces.  An example of spaghetti code is given below (in Basic)*:

10 i = 0

20 i = i + 1

30 PRINT i; ” squared = “; i * i

40 IF i >= 10 THEN GOTO 60

50 GOTO 20

60 PRINT “Program Completed.”

70 END

Even in this simple piece of code you see a lot of jumping around and references to line numbers.  Such code is likely to be unstable and is not elegant.  A better, more structured programming way to do the same thing is given below:

FOR i = 1 TO 10

PRINT i; ” squared = “; i * i

NEXT i

PRINT “Program Completed.”

END

A large piece of code written in the first style would be an organizational mess with it quite difficult for someone else who did not write it to follow while the second piece of code is clean and it is easy to figure out what is going on.

Read More…

Someone is watching you!

I assume everyone realizes that when you access a website, the owners of that site track who you are and what you are doing there.  Some will use that information to try to sell you more stuff but a few of the nastier sites will use that information to try to blackmail you.

At the innocent end of the spectrum, Amazon keeps track of what kinds of books I look at and buy there and uses that information to suggest when I log in that I might be interested in the new Tom Clancy novel.  I might be less thrilled if a medical health site used my inquiry about a particular disease to actively try to sell me some drugs or equipment. At the ugly end of the spectrum, the seedier sites will blackmail you.  If you needed any more reason to not frequent them, here it is.

Read More…

Recently, the wires were burning up with a lot of chatter about a new malware threat called Advanced Evasion Techniques (AET’s).  Three questions come to mind: what are they, how dangerous are they, and what can we do about them.  For the impatient among you, the answers are: a new way to attack us, pretty scary, not much.  For the more patient, the details follow.

AET’s are a new way to attack IT networks and computing systems.  What is different from what we have seen before is not so much the types of attacks, but their quantity and the way they are applied.  First, a little background.

For the last ten years or so, there has been a game of cat and mouse between malware writers and the vendors of applications and defensive tools such as firewalls and virus protection software.  Bad guys find vulnerabilities and then good guys write patches.  Bad guys then find new flaws to exploit, new patches get written, and so on in an endless cycle of attack and defend.  However, what these attacks have always had in common is that they tried to exploit a specific vulnerability in the system or, at most, a couple of them.  If it was patched, nothing bad happened.  If it wasn’t, ouch.

Read More…