This story seems to come from the files of “I am ten feet tall and bulletproof.” Many of us have a mixed reaction to those who are able to manipulate computers and code to their advantage for criminal acts. We wonder why they do not use their talents to simply make money the old fashioned way but also are outraged at their actions which disrupt our lives, compromise our security and cost us money. But then you read a story such as the one Robert McMillen of IDG posted over the weekend about the security guard and ersatz hacker who allegedly videotaped his cyber exploits at the clinic he was supposed to be protecting and then posted them to YouTube. He claimed to be adding botnets which would allow him to do a denial of service attack on July 4 just for the fun of it. He did get caught. You really have to read this story which is both funny and sad at the same time.
Michael is the Message Integrity Code adapter by the TKIP standard. Michael is actually a weak code which uses simple additions and shift operation which are computationally less expensive, but strong enough as a intermediate solution from WEP. Michael was chosen as MIC in TKIP, so that the already deployed low end Access Points can also be software upgraded to TKIP without any hardware change. This video explains the working of MIC in TKIP.
Do you believe that IT security in private enterprise is a national security issue? I do and would love to hear your thoughts. You might want to take a look at the Airport WiFi and Financial District wireless vulnerability studies that AirTight performed recently to see just how badly some organizations are following b est practices when it comes to wireless security.
It appears that in some quarters folks felt that the President did not tell us anything we did not know in his speech on Friday about cyber security. I think we need to understand, however, that the key phrase there is “anything WE did not know.” At times we who work in technology live in a bubble and assume that everyone understands what we understand. But technology or cyber security is our business – it is not the core business of the financial institution, the hospital, the school, the utility etc. Read more…