Morning Security Brief: Intellistreets Debuts, Captcha Problems, Mine Disaster Security Chief Found Guilty, and More
(Originally published in Security Management, October 31, 2011)
To view or download a PDF of this article, click here.
by Carlton Purvis
On Friday, the controversial new intelligent street light created by Intellistreets made its debut on a stretch of road in Detroit. The system was created to make "smart," energy-saving streetlights. The lights, also equipped with wireless transmitters, can be programmed by authorities to show messages or alerts, directions, or even display advertisements through digital signage on the poles. The poles also include proximity sensors and a people counter. "The Intellistreets concept has drawn online criticism from civil liberties and religious Web sites, where posters fear it will be used to track citizens," CBS news reports. In response to negative reactions from blogs last week, Intellistreets released a statement saying the Intellistreets system is designed to "simply make our streets safer, more energy efficient and smarter, while being informative and entertaining." In the same statement, the company also said DHS has showed interest in the technology.
A team of researchers at Stanford say that Captchas, the distorted letters used on Web sites to stop spam and automated attacks, don't work well. "Most Captchas are designed without proper testing and no usability testing," Elie Bursztein, a postdoctoral researcher at the Stanford Security Laboratory, told CNET. Bursztein and a team created a tool called Decaptcha that was able to decode 66 percent of Captchas on Visa's payment site and even higher on other sites. The only tested Captchas that withstood the researchers' attacks were Google's.
The former head of security at Massey Energy's Upper Big Branch Coal Mine in West Virginia, the site of a major explosion in early 2010 that killed 29 workers, was convicted in federal court of impeding the investigation of the disaster, one of the worst mine disasters in U.S. history. A jury found Hughie Elbert Stover guilty Wednesday of lying to investigators and having thousands of security-related documents destroyed. Stover says he didn't know he was committing a crime by having the documents destroyed, the Associated Press reports.
Guidance published by the National Institute on Standards and technology offers tips on implementing a program that supports the goal of maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. A post by LifeHacker gives tips on ways to convince people that you work in their building. "The most important thing to do if you're trying to blend into any environment is to look like you belong there," it reads. And DARPA is offering $50,000 to anyone who can develop a technology to piece together shredded documents to get information from papers that have been destroyed and to assess U.S. national security vulnerabilities.