It is well known, not only among community, that after 9⁄11 AT&T allowed surveillance for law enforcement agencies, especially NSA. Many lawsuits after that were filled claiming illegal cooperation with National Security Agency.
Of course it is not only AT&T, that allowed such activities, Already before 9⁄11 there were signs of cooperation between NSA and big companies. Just to remind you, in year 1999 and 2000 there was great debate about so called _NSAKEY.
Misusing emergency services can be sometimes quite expensive. Sometimes you can be jailed for it. Randall Ellis, 19-years old from Mukilteo, Washington is accused from hacking into the county’s 911 system from his home and placing a false emergency call, prompting a fully armed response to the home of an unsuspecting people, OC Register informed.
This technique, known as “SWATting” was seen in U.S. by law enforcement agencies already before. Attacker breaches into emergency system calling for help, then as response SWAT team is called on site. In this case, Ellis pretended to be a teenager shot into shoulder by someone and cocaine overdose case. SWAT with helicopter and dogs responden to this false call in Lake Forest house.
Below you will find list of top 10 web vulnerabilities classified by OWASP, here is also description of the problem and some examples.
I will just give you the list in case you missed it before, i will not comment on any of these as there is already hot discussion about this matter on several sites/forums.
So here it starts:
We all heard about companies spending cash on security audits, following very strict security polices, hiring security specialists etc. And all that to feel safe and whats more important to look safe outside as this starts to be important vector in war for customers. Study shows that companies started to realize that remote workers are dangerous for them, so everything what can be done is being done to minimize this danger.
From deploying virtual private networks, implementing token authorization and training staff in matter of potential harm, that can be done by hackers, if they succeed, to takeover a single home machine that is used to “get work done”. IT department is often helpless to warn about what is getting to be installed (i.e. updates of operating systems or antivirus software) and who got access to those home desktops. People responsible for security in companies know that hacker who manages to steal login information using some sort of virus, could cause havoc in company’s network not even knowing where the building of company is located, so workers that demand remote access from their employers often gets “work-laptops”.
The unbelievable security failures of 9⁄11 exposed, among many other issues, the effects of more than two decades of cutting resources to the public sector and outsourcing government functions together with essential security services to profit-driven private corporations.
It clearly came out that, while everything seems fine and dandy when business is as usual, this way of managing security crumbles to pieces as soon as something goes wrong.
As an example, think of the North American air transit system, which was privatised, deregulated and downsized, with the vast majority of airport security jobs performed by underpaid, poorly trained, unmotivated, barely English speaking workers.
On September 10, when flying was as easy as taking a bus and airports looked like a mix between a mega shopping centre and a Luna Park, none of that seemed to matter: business was good, profits were as high as possible, and the perceived risk was close to zero.
But on September 12, putting 6-dollars-an-hour contract workers in charge of airport security seemed an unforgivable foolishness — which, in fact, it is.