Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Fwd: n3td3v has a fan
From: n3td3v <xploitable () gmail com>
Date: Mon, 14 Apr 2008 20:04:37 +0100

On Mon, Apr 14, 2008 at 6:54 PM, G. D. Fuego <gdfuego () gmail com> wrote:
On Mon, Apr 14, 2008 at 12:56 PM, n3td3v <xploitable () gmail com> wrote:


Security Threater: reader comment from n3td3v

Posted on: April 10, 2008, 9:17 AM PDT
Story: Bruce Schneier's new view on Security Theater

Security threater is good because it scares potential terrorists from
being caught. It keeps the terrorists on their toes and worrying all
the time. You've got to have security threater in place to deter
terrorists or people thinking about it, or in the middle of plotting
it.


Do you understand the point of terrorism?  The end goal is not to kill
people.  There are plenty of more effective methods to kill people than
they've been using.  No, the end goal is to cause TERROR.  They want us to
be afraid to live our lives.

Security Theater does more to cause terror in the minds of the people than
it does to deter terrorists from committing these crimes.  People in the US
are starting to believe its reasonable to prevent tourists from taking
pictures from a moving train.  As though taking these photos are somehow
going to threaten our lives.

How does this help?


I have to contest, at Yahoo--- Mark Seiden and others said Sunnyvale
isn't MI5/MI6 and that people shouldn't be stopped on premises without
permission for taking photos.

And I was angry that Mark Seiden and others at Yahoo weren't going to
take my e-mail seriously, athough later on it turns out that Yahoo
non-cyber staff who patrol the grounds of Sunnyvale have stopped photo
taking without permission, this has to be a good thing.

The case of mine was highlighted by "ycantpark". of which flickr
photos were published of the parking lots of Yahoo of employees who
couldn't park, although that sent off triggers for me to send the
multiple e-mail to their cyber security e-mail address to stop this
happening.

There are many ways the parking setup could be used against Yahoo
adversaries, think car bomb, or truck bomb? It was hugely
irresponsible of Yahoo to allow such photos to be taken by on-the-fly
employees.

The photos ended up being a major publicity event on employee blogs
who thought it was funny to make fun and take photographs of the
carpark, and employees number plates of those cars without the
explicit permission of the owners of those cars or automobiles.

However---n3td3v had other ideas, n3td3v was straight on the e-mail to
Yahoo's cyber security team to make sure policy was changed in the
real world ground staff team, so that, cameras and mobile phone snaps
were taken more seriously as a threat towards the corporation of
Yahoo.

The identify of cars belonging to employees, partners and others
connected could be used against them, be followed off-site for thier
devices to be technically eavesdropped on, or company documentation to
be obtained, by stolen laptop, by breaking into car, by breaking into
personal home space of employee.

Mark Seiden thinks Yahoo campus known as Sunnyvale isn't MI5/6 but
that doesn't say such agencies wouldn't find that kind of photography
useful to plan and carry out surveillance operations to determine
what's going on, especially in times of big business deals between
Microsoft and Yahoo.

Through my protests of the Ycantpark, Yahoo has taken photography and
other suspicious activity more seriously, although they have failed to
rip down Ycantpark. This is probably because the intelligence services
and state enemies have probably obtained and capatured the
intelligence electronically and fed it back to their operation center,
so it would make no difference if the information is publically
available, although it _still_ offers insight to amateur hackers and
terrorists who stumble upon it through casual or purpose built
reconnaissance operations.

http://www.flickr.com/photos/ycantpark

n3td3v

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault