Security through Obscurity
7.9K views | +0 today
Follow
Security through Obscurity
A system relying on security through obscurity may have theoretical or actual security vulnerabilities, but its owners or designers believe that the flaws are not known, and that attackers are unlikely to find them. The basis of STO has always been to run your system on a “need to know” basis. If a person doesn’t know how to do something which could impact system security, then s/he isn’t dangerous. The technique stands in contrast with security by design.
Curated by Yury Chemerkin
Your new post is loading...
Your new post is loading...
Rescooped by Yury Chemerkin from IT Security Unplugged
Scoop.it!

NBC.com Hacked, Infected With Citadel Trojan

NBC.com Hacked, Infected With Citadel Trojan | Security through Obscurity | Scoop.it

This morning, NBC.com was hacked and embedded with malicious iframe code that spread the Citadel Trojan. It was detected as Backdoor.Agent.RS.


Via IT Security Unplugged
more...
No comment yet.
Scooped by Yury Chemerkin
Scoop.it!

Hiding Data in Hard-Drive’s Service Areas

Hiding Data in Hard-Drive’s Service Areas | Security through Obscurity | Scoop.it
Hiding Data in Hard-Drive’s Service Areas - Free download as PDF File (.pdf), Text File (.txt) or read online for free.
more...
No comment yet.
Scooped by Yury Chemerkin
Scoop.it!

Three quite interesting articles on Facebook Security

Three quite interesting articles on Facebook Security | Security through Obscurity | Scoop.it
  Another Stored XSS in Facebook.com How I Hacked Facebook Employees Secure Files Transfer service (http://files.fb.com ) How I Hacked Facebook OAuth To Get Full Permission On Any Facebook Acc...
more...
No comment yet.
Scooped by Yury Chemerkin
Scoop.it!

Microsoft Backs Oracle’s Crusade Against Google Android

MSFT Oracle Brief - Free download as PDF File (.pdf), Text File (.txt) or read online for free.
more...
No comment yet.
Rescooped by Yury Chemerkin from Is the iPad a revolution?
Scoop.it!

Apps are too much like 1990's CD-ROMs and not enough like the Web - Scott Hanselman

Apps are too much like 1990's CD-ROMs and not enough like the Web - Scott Hanselman | Security through Obscurity | Scoop.it

"I'm starting to resent Apps like I resented CD-ROMs."Writes Scott Hanselman on his blog on Programming, User Experience, The Zen of Computers and Life in General


Via Guillaume Decugis
more...
Guillaume Decugis's curator insight, February 15, 2013 12:03 PM

This post dates back to 2011 but it explains with great clarity the limitations of Apps as a platform. And the ongoing tensions between native Appsand Web Apps that I already addressed here. Interesting read. 

Murray McKercher's curator insight, February 16, 2013 9:10 AM

"Go Somewhere and get functionality as opposed to Bring Something To Me to get functionality" Agreed, this is an interesting look back at the recent past that speaks to the current issues in mobile Application Development..Native Mobile Apps versus Web-based Mobile Apps...going way back in the early mobile internet days we argued aboutthe "walled garden" approach that operator's were using to try and "contain" a subscriber community within their - the operator's - ecosystem..

 

People do not like to be constrained in a "walled garden" approach...

 

Murray

Suggested by Christino Martin
Scoop.it!

Top 20 Worst Passwords that can Hack Private Accounts | All Infographics

Top 20 Worst Passwords that can Hack Private Accounts | All Infographics | Security through Obscurity | Scoop.it
Infographic on Security issue with worst passwords ever into hacking and cracking into social networks & online accounts & mobile apps permission passwords
more...
No comment yet.
Scooped by Yury Chemerkin
Scoop.it!

Know Your JavaScript (Injections)

Know Your JavaScript (Injections) | Security through Obscurity | Scoop.it
HTML injection vulnerabilities make a great Voigt-Kampff test for proving you care about security. We need some kind of tool to deal with developers who take refuge in the excuse, “But it&#82...
more...
No comment yet.
Scooped by Yury Chemerkin
Scoop.it!

What happened when Facebook disabled my account

What happened when Facebook disabled my account | Security through Obscurity | Scoop.it
Editor's note: This is a guest post by Chris Leydon, a freelance videographer and former startup founder. He organises the Tomorrow's Web series of meetups and documents London's tech ...
more...
No comment yet.
Scooped by Yury Chemerkin
Scoop.it!

BULLETIN: #OpRollRedRoll

All the information you need to know about this operation is here: http://www.localleaks.blogs.ru/ If you have a leak involving anything that has to do with ...
more...
No comment yet.
Scooped by Yury Chemerkin
Scoop.it!

Security Through Obscurity: French Ministry of Defense hacked and database leaked by XTnR3v0LT

Security Through Obscurity: French Ministry of Defense hacked and database leaked by XTnR3v0LT | Security through Obscurity | Scoop.it
more...
No comment yet.
Scooped by Yury Chemerkin
Scoop.it!

Hacker’s Cat with Virus Collar `Arrested’ by Japanese Police

Hacker’s Cat with Virus Collar `Arrested’ by Japanese Police | Security through Obscurity | Scoop.it
Japanese police have “arrested” a cat carrying a computer virus that a hacker installed on a memory card attached to the pet’s collar, according to the AF
more...
Elisa Vivancos's curator insight, January 14, 2013 3:41 AM

Ingenieria social y animal!

Scooped by Yury Chemerkin
Scoop.it!

Yes, Randi Zuckerberg, Please Lecture Us About 'Human Decency'

Yes, Randi Zuckerberg, Please Lecture Us About 'Human Decency' | Security through Obscurity | Scoop.it
Zuck's sister is angry about her photo being shared and would like to teach the world about morality.
more...
No comment yet.
Scooped by Yury Chemerkin
Scoop.it!

Report: BlackBerry hands over PIN to Indian govt | ZDNet

Report: BlackBerry hands over PIN to Indian govt | ZDNet | Security through Obscurity | Scoop.it
Canadian phonemaker is reported to have handed over PIN details of BlackBerry handsets in India, but the government will need unique identification numbers of the phones to monitor messages between users in the country and abroad.
more...
No comment yet.
Scooped by Yury Chemerkin
Scoop.it!

E Hacking News [ EHN ] - The Best IT Security News | Hacker News: Open Redirection Vulnerability in Facebook Mobile website

E Hacking News [ EHN ] - The Best IT Security News | Hacker News: Open Redirection Vulnerability in Facebook Mobile website | Security through Obscurity | Scoop.it
Prakhar Prasad, a Web application security Researcher, has discovered Open Redirection vulnerability in the Facebook mobile website(m.facebook.com).
more...
No comment yet.
Scooped by Yury Chemerkin
Scoop.it!

Six Months Later – A Report Card on Google’s Demotion of Pirate Sites

Six Months Later – A Report Card on Google’s Demotion of Pirate Sites - Free download as PDF File (.pdf), Text File (.txt) or read online for free.
more...
No comment yet.
Rescooped by Yury Chemerkin from 21st Century Learning and Teaching
Scoop.it!

Socialized Learning – Ein neuer Hype oder die Möglichkeit von bewusstem und effizientem Lernen? –

Socialized Learning – Ein neuer Hype oder die Möglichkeit von bewusstem und effizientem Lernen? – | Security through Obscurity | Scoop.it

https://mindhub.de/2013/02/21/socialized-learning-ein-neuer-hype-oder-die-moglichkeit-von-bewusstem-und-effizientem-lernen/#more-451

 

Konzepte des „Social-Learning“ beschreiben, dass Menschen aus Beobachtung anderer Menschen und deren Verhaltensweisen und Ideen eine Anleitung zum Handeln speichern (codieren). Diese Anleitung kann zu einem späteren Zeitpunkt verwendet werden, um eigene Ideen und Verhaltensweisen zu entwickeln.

Diese Theorie von Albert Bandura ist vielleicht die einflussreichste Theorie des Lernens im zwanzigsten Jahrhundert geworden. Während andere in grundlegenden Konzepten der traditionellen Lerntheorie verwurzelt waren, glaubte Bandura, dass nicht nur die Verstärkung für alle Arten des Lernens geeignet ist. Seine Theorie fügt ein soziales Element hinzu, mit dem Argument, dass die Menschen neue Informationen und Verhaltensweisen durch die Beobachtung anderer Menschen erlernen.


Via Kathrin Jäger, Gust MEES
more...
Scooped by Yury Chemerkin
Scoop.it!

Entry to the HITB'2013AMSTERDAM

Yury Chemerkin's insight:

Entry to the HITB'2013AMSTERDAM http://conference.hitb.org/1337.html #HITB1337Giveaway #HITB2013AMS (retweeting is welcome!)

more...
No comment yet.
Scooped by Yury Chemerkin
Scoop.it!

Twitter / tomcoates: Not something I would have ...

more...
No comment yet.
Scooped by Yury Chemerkin
Scoop.it!

Anonymous - Do You Know Your Human Rights ?

Human rights are commonly understood as "inalienable fundamental rights to which a person is inherently entitled simply because she or he is a human being. T...
more...
No comment yet.
Scooped by Yury Chemerkin
Scoop.it!

Make Your Own Android App: Your Unofficial Intro To MIT App Inventor

Make Your Own Android App: Your Unofficial Intro To MIT App Inventor | Security through Obscurity | Scoop.it
Make your own Android App. MIT’s App Inventor is the easiest way to learn how to make an Android app, but if you don’t know how to get started our latest guide can help.
more...
No comment yet.
Rescooped by Yury Chemerkin from OSINT News
Scoop.it!

"Nullcon Goa 2013" Information Security Conference

Dear,

We welcome you for Nullcon’s 5th International Conference on IT security on 26th Feb - 2nd March 2013 at Bogmallo Beach Resort, Goa. <www.nullcon.net>

 Speaker’s @ Nullcon Goa 2013:

 Keynote:             Janardhana Swamy (MP – Lok Sabha) “Security & Politics? “

 Keynote:             Richard Thieme “Staring into The Abyss “

Speaker               Yury Chemerkin “Vulnerability elimination by force of a new device platform”

                :               Rahul Sasi”SMS to meterpreter: Fuzzing USB modems”

                :               Ksenia Dmitrieva” HTML 5 –Attack and Defense “

                :               Ajin Abraham “Detecting & Exploiting XSS Vulnerabilities with Xenotix”

More speakers - http://www.nullcon.net/website/conference/speakers.html

 Training’s @ Nullcon Goa 2013

     1.       Xtreme Android Hacking

        2.     Penetration testing SmartGrid and SCADA         3     Reverse engineering and malware analysis         4     Xtreme Xploitation         5      Mobile Application Hacking – Attack and Defense

6.6         6       Xtreme Web hacking

7.            7     The art of Exploiting Injections Flaws8.            8      Cyber Warfare Intelligence and Intrusion Operations


Via Paulo Félix
more...
No comment yet.