DecryptedTech - Technology News and Reviews Done Right

The National Security Agency has just released a report to the powers that be in the US that expresses concern that the online activist group Anonymous could go after the US power grid in the next 3-5 years (we told you things like this would happen). This report was put together by their counter terrorism group and while it lacked any details in the body of the report (like the axis for attack) and forgot to mention there are other people out there that would like to do this (like foreign countries and real Terrorists) it does raise some real concerns.

If there is one thing that you can say Anonymous has done that has a measurable positive effect it is exposing the level of Corporate and Government Ignorance. Ignorance is not an admissible excuse any longer in this day and age and is often used in court when someone says they did not know they were breaking the law. Since this is generally accepted why is anyone willing to give companies that show massive amounts of ignorance (which is just really lack of forethought or cost cutting) when it is discovered that their systems are not secure? We are shocked that this is at all acceptable considering the data breaches going back as far as 2009. Still we continually hear about this product or that network is suddenly discovered to be insecure. Exactly how is that possible?

The online movement known as Anonymous had a fairly busy weekend and even managed to push their “fun” into Monday. According to several of the Anonymous twitter accounts they are now rather upset at PasteBin. It seems that the owner of PasteBin is unhappy about the uses that Anonymous has put his “code sharing” site to. He laments that it was never intended for the sharing of sensitive information and has even stated he is going to hire additional workers to help remove these types of posts. This had an interesting effect on the collective where tweets saying things like “Srsly Pastebin, f*** you - @Pastebin to hire staff to tackle hackers' 'sensitive' posts” .

We have always been a supporter of certain Internet freedoms as well as individual privacy (no surprise there huh). Bills like PIPA and SOPA showed us a glaring issue with the existing level of knowledge currently held by the people that make our laws (and not just in the US). This is not a big shocker to most people either. It is fairly common knowledge that our law makers get into office based on little more than a popularity contest that is held every few years. Once in office they are like the gullible kid in school that gets talked into things, by the “cool kids”, but in this case the cool kids are lobbyists and are not looking for a laugh they are looking to improve their control and profit.

Earlier today we talked about how AMD’s Rory Read is looking to cloud based services to help overcome the lack of processing power available to AMD’s APUs (and other CPUs moving forward) in that article we talked (very briefly) about some of the concerns that are keeping people out of cloud based services. Although one that is commonly talked about is privacy the other (and perhaps even more important) is security.

As we have been working with Windows 8 and Windows 2012 server we have become increasingly concerned about security. Although Microsoft has claimed that they have improved security through items like the locked UEFI boot process there are still glaring omissions in security that keep popping up very recently it was noted that despite the claims from Microsoft of a more secure login process the password hint is exposed in the SID database and easily recovered remotely. We also found that users’ contact lists are also left in the open (and in plain text) and available to anyone that can gain remote elevated privileges; which is what almost all Viruses and Malware try to do.