SCOTUS: No Warrant, No Phone Search!

I’ll be focusing more on the implications of the decision. For a more news-y article about it, refer to WIRED or the Chicago Tribune.

"Unlock this... for safety?"

“Unlock this… for safety?”

This morning, the United States Supreme Court made one point perfectly clear: Arresting officers are to stay out of suspects’ cell phones until such time as they get a warrant. Interesting about the decision is that it involved two cases, one involving a basic flip “feature” phone, and the other involving a smartphone.

Previously, warrantless searches of an arrested person’s cell phone were considered lawful under the Search Incident to Arrest (SITA) doctrine.

The Court found that a cell phone is a very intimate device and the average phone contains a very detailed digital record of it’s owners entire (private) life. Given 10 minutes with someone’s smartphone, you can learn more about them than you ever could with full reign of their house. And that’s what the decision was about.

While this decision is very important for your privacy, it’s also very important that you realize what it does and does not do, specifically, and what you can do to enhance your privacy.  Continue reading

AutoGripe for Fail2Ban Screws Skids Back!

Example AutoGripe Email

Example AutoGripe Email

Fail2Ban is a nice piece of software that detects SSH brute force attempts and locks out offending hosts for a predetermined length of time. It can also be outfitted with new and exciting ways of handling these attacks.

Banning script kiddies that are trying to brute their way into your box is nice, but what if you could also take that detection and help clean up the Internet a bit?

Action scripts already exist for Fail2Ban that take the offending IP address and dispatch an email to the abuse email listed in the WHOIS for that IP range. But, it relies on sendmail. With the advent of increasingly aggressive spam blocking solutions, it’s entirely possible that unless you install a full-blown mail server, your mail won’t get through to those who can actually process your complaint. What a drag!

That’s why I took it upon myself to write AutoGripe. AutoGripe is a Python tool that accepts an IP address (automatically, from fail2ban) and dispatches an email with logs to an abuse email address. You can get a copy for yourself at AutoGripe’s GitHub repo.

Julius Kivi-Kant-Stop-Getting-Rooted

Wild SKITTY used POOR SECURITY PRACTICES!

Wild SKITTY used POOR SECURITY!

It’s been a while since script kiddie extraordinaire Julius Kivimaki (zee/zeekill/RyanC) got so thoroughly 0wned. The “super dooper hax0r” committed rookie infosec mistakes and a close friend popped his # cherry. Lots and lots of evidence of lots and lots of illegal things were revealed and released. You should totally check that out.

Since then, he was (finally!) taken in by the Finnish police, who sent him to a European prison. You know, the kind that has better accommodations than most U.S. college dorm rooms. Anyway, Julius couldn’t handle his all expenses paid getaway, so he misbehaved. He misbehaved so badly that they had to send him to a more restrictive facility, but that facility was full. Do you know what the Finns do when they don’t have a place to put a misbehaving prisoner? They sent him home, on the promise that he’d stay off the Internet. He didn’t stay off the Internet.

He’s been popping in and out of the Finnish criminal “justice” system ever since, the FBI twiddling their thumbs all the while. But that’s not why we’re here. Something a tad more interesting happened last night…  Continue reading

3 Ways Piracy Numbers May Be Inflated

See, yeah, I'm going to have to call bullshit on this one

See, yeah, I’m going to have to call bullshit on this one

We hear quite a bit about copyright infringement on the Internet and how it hurts (or doesn’t) the economy and the entertainment industry. It’s usually expressed in near astronomical numbers, billions of dollars annually because Spiderman was downloaded a few times. But I think the numbers may be inflated.

The Institute for Policy Innovation gave a thoroughly detailed (but REALLY biased) report on the losses to the U.S. economy due to piracy. They give some pretty big numbers, but most importantly they list a few “multipliers” that enhance those numbers, reflecting the economic velocity of a dollar that’s spent on, say, a DVD of, or a ticket to see, a movie.  Continue reading