NSA secure cellphone for Obama? *Updated*

We’ve heard all the talk about Obama giving up his cellphone when he takes over as president.  There are things to worry about such as the data retention and the Presidential Records Act not to much mention privacy and security concerns.

However, there may be a solution for Obama.  The NSA has approved several defense contractors’ cell phones for Top Secret communication.  Read more in this CNET article….

According to this BBC article it appears that Obama has not given up his Blackberry and has no plans to do so.

‘Application Data’ passwords

If you’re running Windows XP or Vista have a look in
C:Documents and SettingsusernameApplication Data
***you may need to show hidden files/folders

This is a warning if you have applications store or remember your username and especially password.  These applications may very well be storing them in plain text and it would be easy for someone to steal your credentials.  Instant messenger applications, games, FTP clients, etc…


The pidgin IM client (formely gaim) has an interesting article about why they do not encrypt their passwords: http://developer.pidgin.im/wiki/PlainTextPasswords

Google for im passwords: http://tinyurl.com/8fnc9t

It’s a bad idea to have any application remember your password!  If you don’t like to remember your passwords then try KeePass or the original Password Safe.

Largest data breach ever?

It’s just being reported that Heartland Data Systems, a credit card processing company, was breached for a large portion of 2008. They’ve just recently discovered the problem. They process CC transactions for millions of merchants and accept Mastercard, Visa, Discover. You may want to watch your statement carefully — but if the culprits have captured god-knows-how-many-numbers what’s the chance they would use yours?

Heartland has created a website about this event here: http://2008breach.com/


If you’re not a member of Bruce Schniere’s CRYPTO-GRAM mailing list I suggest you sign up right now. It’s a wonderful monthly mailing where Bruce talks about everything from security to cryptographyand comments on the latest news.

In the latest CRYPTO-GRAM there’s an interesting story about one of the first well published cases of impersonation, Martin Guerre.  Guerre was a 16th century French peasant who was impersonated for 3yrs — the impersonator living with his wife and kids!!!

Obama’s cyberspace security roadmap?

In Late December the Center for Strategic and International Studies published Securing Cyberspace for the 44th Presidency. It’s a very good read albeit some parts can become long and dry.  It sounds more like a child’s unrealistic Christmas wish list than anything else.  The whitepaper is heavily suggesting creating a new agency to head up cyberspace security and recommends creating a spot in the president’s inner council.

You can find some interesting critiques of the whitepaper here:



Two simple steps to lockdown a Microsoft Windows machine…

Trying to keep your Windows box secure?  Trying to keep your Windows box secure for cheap?  For free?

The quickest, easiest, and most affordable things you can do to lock down your Microsoft Windows PC are:

1) Configure MVPS’ customized hosts file

2) Install Firefox and the NoScript Add-On (ok, ok, this should be 2 steps…)

3) If you have a few more minutes of time to spare you may want to consider a free Virus Scanner: AVG

Nintendo DS Hacking

Back in the day a friend’s father solder a mod chip into my Sony Playstation.  We were then able to rent PS1 games and copy them using a PC and a CD-R drive.  It was amazing — I think I ended up with over 30+ PS1 games — of course these were only for evaluation.  I promptly destroyed these copies once I decided to purchase the game or I didn’t like it.

Fast forward about 10 years…

Low and behold people have been doing the same procedure with more or less difficulty with every console before and after the Sony PS1.

If you own a Nintendo DS and you’d like to download and play games from the ‘net you will need the following:

Here is the M3 DS Card you want to order:


You will need to order a memory card, but I would recommend you order it from Amazon because it’s very cheap from them (see below)


Once you get the memory card you will need to download the “OS” for the
card here:


Once you download it extract it to a folder called system on the memory stick (via
your mom’s PC)

Then you can download game files from here:


Extract them into a folder on the memory stick for each game then boot the DS and you
can play all the downloaded games!