Quantcast

Archive: Mar 2013

Understanding CAPTCHA-Solving Services in an Economic Context 6: Q&A Part at USENIX

Drawing a line under the presentation, Marti Motoyama takes questions from the USENIX audience about CAPTCHAs proper and the related solving services. Question: You said that one of your goals when you were doing this research was maybe to figure out something about the workforce that you can take advantage...

Understanding CAPTCHA-Solving Services in an Economic Context 5: Do CAPTCHAs Actually Work?

Delving into human solver backends and moving on to the summary, Marti Motoyama provides retrieved statistics and draws general conclusions on the subject. Now we’re going to take a look at the human solver backends to get a sense of the worker experiences. We signed up as a solver on two sites, knowing...

Understanding CAPTCHA-Solving Services in an Economic Context 4: Labor Demographics

Outlined here are a number of experiments conducted by Marti Motoyama and his colleagues in order to figure out the demographic patterns for CAPTCHA solvers. By looking at the labor demographics, we can better understand the cogs that operate within these CAPTCHA-solving machines; perhaps new CAPTCHAs can...

Spamhaus DDoSed to Death

The Spamhaus Project reported a super powerful DDoS attack which has been lasting since mid-March. The company indicated that the attack comes from the Dutch hosting provider CyberBunker, which is suspected of providing services to spammers. Spamhaus is a nonprofit organization based in London and Geneva. It...

Understanding CAPTCHA-Solving Services in an Economic Context 3: Evaluation of the Human-Based Services

Having singled out the key metrics, Marti Motoyama now proceeds with an evaluation of the 8 major human-based CAPTCHA-solving services by these criteria. We just went ahead and signed up as a customer on each of those 8 human solver services, and then we submitted a CAPTCHA every 5 minutes over the course...

Understanding CAPTCHA-Solving Services in an Economic Context 2: Software and Human-Based CAPTCHA Solvers

Marti Motoyama now focuses on the detailed comparison and features of automated CAPTCHA-solving solutions out there and third-party human-based solvers. Software CAPTCHA Solvers Let’s delve down further into the challenges facing software solvers. First of all, they require skilled programming labor, and...

Understanding CAPTCHA-Solving Services in an Economic Context, by Marti Motoyama

Participating in the USENIX Security Symposium, software engineer and security researcher Marti Motoyama presents an in-depth study of automated and human-based CAPTCHA-solving services on the market. Good afternoon, Ladies and Gentlemen. My name is Marti Motoyama. The title of my talk is Understanding...

Cybernetics for the Masses 6: Questions and Answers

At the end of her talk at 27C3 event, Lepht Anonym answers questions from the conference attendees about nuances of using sensory subdermal devices. Anyway, that’s about everything, so ask me questions. Conference Host: So, after all of these very well advised warnings about doing this, raise your hand if...

Cybernetics for the Masses 5: The Southpaw Project

This fragment of Lepth Anonym’s talk is entirely dedicated to her Southpaw initiative as a subdermal counterpart of the Sensebridge’s Northpaw project. The Sensebridge hackerspace – they’re a couple of colleagues of mine – have the Northpaw, which is a haptic compass I’ve talked about earlier....

Cybernetics for the Masses 4: Experimenting with Neodymium Implants

In this part Lepht Anonym gets into detail about neodymium implants, including the use of Sugru for bioproofing, and the results of her own experiments. Successfully installed implants just function like any other sense you’ve got. They’re just there in the background. They’re not intrusive; they just...

Cybernetics for the Masses 3: Using Thermistors and Neodymium Implants

Lepht Anonym now shares her experience with thermistor devices to determine the level of body heat, and dwells on a cheap way of going about neodymium implants. I’m on a lot of medications, as you can probably tell, so one of the side effects is occasionally my sense of temperature just blips in and out...

Cybernetics for the Masses 2: Nerve Stimulation and RFID Tagging

The main emphasis Lepht Anonym makes in this part of her presentation is on implants for nerve stimulation and experiments with RFID identification. This is my main principle: nerve stimulation (see image). Anything can stimulate nerves, as I said. This has been known to medical science for a very long...

Cybernetics for the Masses by Lepht Anonym

Lepht Anonym, a self-taught British subdermal electronics experimenter calling herself an underground biohacker, takes the floor at 27th Chaos Communication Congress to talk about sensory extension via haptic implants, as well as other things where technology merges with the human body. Hi, first of all...

Securing the Campaign 7: More Questions Answered

This section covers the final Q&A part of Ben Hagen’s talk at 29th Chaos Communication Congress in Germany, getting further into election campaign security. Question: It would be interesting to know what kind of technologies you were using for your web applications, like Python, Ruby, .NET, or...

Securing the Campaign 6: Relevant Discussion with the Audience

Having presented the main material of the presentation, Ben Hagen gets to take some questions from 29c3 attendees regarding security issues at Obama campaign. So, I think that’s all I had for you guys, but I’d be happy to take any questions if we have time. Host: Ok, thank you! If anyone has a question,...

Securing the Campaign 5: Application Assessment

The entry below encompasses Ben Hagen’s perspective on securing the code and highlights some recommendations as well as tools applicable for that purpose. In terms of cloud security, we used AWS for almost everything – that’s Amazon’s cloud solution. I think the most powerful security tool in AWS is...

Securing the Campaign 4: Risk Mitigation

On outlining the prevalent threats at the campaigns, Ben Hagen now proceeds with description of the tools and methods applicable for mitigating these perils. Keeping in mind all the threats we faced, let’s talk about what we did to actually mitigate them at the campaign. In terms of enterprise security,...

Securing the Campaign 3: Types of Technological Threats Being Faced

Ben Hagen’s main focus in this section is on the overview of technological hazards that the election headquarters were facing at the campaign. The role technology played in the election – people often quoted it as being a force multiplier. What that means is somebody who can call 100 people on their...

Securing the Campaign 2: The Role of Technology in 2008 and 2012 Election Campaigns

What Ben Hagen covers here is the way technology impacted the last two US presidential campaigns, and also highlights the problems that occurred along the way. So, getting into the actual campaigns: 2008 – obviously, Obama won that. And he won it by pretty big margin; I’m not sure if everybody is...

Trend Micro Titanium Internet Security 2013 review

$39.95 Trend Micro Titanium Internet Security is a multipurpose suite delivering steadfast protection against online frauds and malware. Usability:  Features:  Efficiency:  Support:  Overall:  Buy Now Clicking through the features of the new Trend Micro Titanium Internet...

Securing the Campaign by Ben Hagen

Ben Hagen, an acclaimed security consultant from the US who ran Application Security for the Obama re-election campaign, delivers a talk at the 29th Chaos Communication Congress event to share his insider’s view of the recent Presidential Election campaigns from a security perspective. Hello everybody!...

Open Source Intelligence 6: Data Validation

Winding up with his keynote at Hacktivity event, Jeff Bardin provides tips on validating the collected data and provides a general summary on the topic. Another thing I’m going to mention is that you need to validate your sources. This can be kind of difficult. Sometimes you find that everybody’s saying...

Open Source Intelligence 5: The Applicable Tools

This section of Jeff Bardin’s presentation is about using some of the open source tools out there to look up different types of data on the adversaries. So, now that you’ve got your sock puppet created, you’ve got your anonymity in place, you’ve got your cultural, social, political background and...

Open Source Intelligence 4: Know Your Adversary

Jeff Bardin is now clarifying the different aspects that need to be thoroughly studied about the adversary, including historical, cultural, and religious ones. I mentioned earlier the historical, linguistic, cultural, political types of aspects. It really pays to know your target inside and out. Sun Tzu said...

Open Source Intelligence 3: Retrieving the Target’s Online Activity Traces

Based on his actual engagements, Jeff Bardin clarifies some methods for looking up online mentions of a target and recommends a couple of tools for doing that. When I first started doing this, this is an example of some of the things out there that I’ve done. One of the targets I was after was Anwar...

Open Source Intelligence 2: Creating and Validating a Sock Puppet

Getting to the core of the subject matter, Jeff Bardin describes the process of creating personas and making those as trustworthy as possible for optimal assimilation with the adversaries. When you create a sock puppet, if you’re having a hard time with this, you can go to fakenamegenerator.com and start...

LastPass Premium review

$12.00 LastPass Premium stores and manages your sensitive credentials efficiently enough to be trusted. Usability:  Features:  Efficiency:  Support:  Overall:  Download We are not going to delve into the importance of appropriate password management for the umpteenth time...

Open Source Intelligence by Jeff Bardin

Jeff Bardin, the prominent cyber security professional and consultant with enormous background in intelligence, risk management and information security, shares his expertise at Hacktivity conference, delving into the methods and tools for open source cyber intelligence. Conference Host: It’s my honor to...

Hackers in Government 6: Questions and Answers

In the final part of the keynote, Nick Farr gets to provide answers to some relevant questions on the subject matter from the audience at SIGINT. I suggest that we start a little bit of a discussion now, so I’m glad or take some questions. Question: That all sounds extremely interesting; the only...

Hackers in Government 5: Addressing the Economic and Climate Change Problems

The issues Nick Farr is dissecting here have to do with economics and environmental protection in the context of how hackers would most likely address them. Economics: Current Problems and Possible Solutions Now we’re getting to another point – economics. The greatest period of economic growth in...