Monthly Archives: September 2014

Brandis boosts vetting of APS staff to prevent insider threats

Posted on by

Australian Government agencies will be required to vet their staff on an ongoing basis in order to protect sensitive government data against the kind of "insider threat" posed by the likes of Edward Snowden and Bradley Manning.

Attorney-General George Brandis this morning unveiled revised mandatory requirements for how agencies should screen employees, which could potentially see periodic staff security assessments replaced by dynamically pushed information, to keep tabs on staff on an ongoing basis.

Brandis recently directed his department to review the existing personnel security policy under the Australian Governments protective security policy framework (PSPF), which sets out the controls government agencies are expected to take to protect their people, information and assets.

The changes to the personnel security policy aim to reduce the risk of loss, damage or compromise of Commonwealth resources by providing assurance about the suitability of personnel authority to access those resources in response to risks posed by insider threats such as Edward Snowden and Bradley (now Chelsea) Manning, Brandis said.

They aim to minimise the potential for misuse of those resources either by inadvertent or deliberate disclosure, he told delegates at the Security in Government Conference today.

To address the risks that could arise from a trusted insider, the importance of security vetting, contact reporting and ongoing monitoring of our employees suitability to access information should never be underestimated.

Brandis also asked the Attorney-Generals department to explore vetting in a paradigm of evolving threat, specifically dynamic vetting in which information about an employee requiring clearance is pushed to the vetting agency, rather than being provided by the employee themselves.

There is a need to change our focus from point-in-time suitability assessments to continuous monitoring and assessments of each persons ongoing suitability, Brandis said.

The new and emerging threats we face require Government to constantly revisit and revise our approach to national security. This should be extended to personnel security and vetting, where it is not enough to simply tick and flick an application every few years.

We must take a dynamic, not a static approach, to the assessment of suitability."

Read the original:
Brandis boosts vetting of APS staff to prevent insider threats

David Klann Talks About Using Open Source Software in Broadcast Radio (Video)

Posted on by

Tim Lord: David, what is community radio and how did you first get involved with that?

David Klann: Yeah, thats a great question. There are lots of different kinds of radio stations out there, the most common of course is the commercial radio station where they sell time. It is kind of like with Google the product is not the Gmail the product is youthe user. In radio, the product is the listener. And then theres public radio. In my home state, we have Wisconsin Public Radio, theres National Public Radio. And then theres community radio. Community radio stations are typically independent. They are typically run almost completely by volunteers. Ours has three part-time paid staff members, and the rest of the station is run by volunteers.

Tim: Tell everyone the name and the frequency of your community radio.

David: Oh sure. The radio station that I am associated with is WDRT. It is in the Driftless region of Wisconsin and we are on 91.9 FM and wdrt.org.

Tim: How big a radio does that actually take in?

David: Compared to some it is a small station. We are 480 watts and we cover about a 25-mile radius around the tower. So it is a pretty small geographic footprint but we like to think that we are making a huge impact in the community.

Tim: Running a radio station is a lot different from people doing person-to-person communication, as in HAM radio.

David: Yeah, right.

Tim: What are some of the complications? What are some of the equipment that you use for instance? How do you get a signal from soup to nuts, how do you actually put a signal out on an FM station?

David: Sure. I think the main thing is that the FCC is heavily involved. I think it is partly because these things are such high powered. Even at 500 watts we are far more powerful than a lot of HAM radio outfits and certainly more powerful than the old CB radios, more powerful than the cell network, individual radios on the cell network, I think partly because of the large power output and also because of the limited spectrum that was originally allocated for FM radio. Radio stations, unlike other over-the-air wireless communications, radio stations first of all, they are one way. It is all being sent out from a source. So at our stationand this is pretty typical of radio stationswe have all the input devices, microphones, turntables, tape players, CD players, computers, iPods, whatever people bring to the station, all that gets funneled through what we call the audio chain. At some point, right before it leaves the station, we digitize it, and we send it to two places: We send one half, not really half, but we send one copy of it up to the transmitter. We use a leased Ethernet line for that. And then we send another copy of it out to the stream on the internet. And so our internet stream, and our FM broadcast are identical. In the chain from the studio to the transmitter, youve have got an encoded piece of audio that gets sent up over the Ethernet. At the other end, at the transmitter end, it gets decodedit turns back into analog audio and then is sent to the transmitter just via coaxial cable.

The rest is here:
David Klann Talks About Using Open Source Software in Broadcast Radio (Video)

What is cryptography? – Definition from WhatIs.com

Posted on by

Cryptography is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it.

Cryptography is closely related to the disciplines of cryptology and cryptanalysis. Cryptography includes techniques such as microdots, merging words with images, and other ways to hide information in storage or transit. However, in today's computer-centric world, cryptography is most often associated with scrambling plaintext (ordinary text, sometimes referred to as cleartext) into ciphertext (a process called encryption), then back again (known as decryption). Individuals who practice this field are known as cryptographers.

Modern cryptography concerns itself with the following four objectives:

1) Confidentiality (the information cannot be understood by anyone for whom it was unintended)

2) Integrity (the information cannot be altered in storage or transit between sender and intended receiver without the alteration being detected)

3) Non-repudiation (the creator/sender of the information cannot deny at a later stage his or her intentions in the creation or transmission of the information)

4) Authentication (the sender and receiver can confirm each other?s identity and the origin/destination of the information)

Procedures and protocols that meet some or all of the above criteria are known as cryptosystems. Cryptosystems are often thought to refer only to mathematical procedures and computer programs; however, they also include the regulation of human behavior, such as choosing hard-to-guess passwords, logging off unused systems, and not discussing sensitive procedures with outsiders.

The word is derived from the Greek kryptos, meaning hidden. The origin of cryptography is usually dated from about 2000 BC, with the Egyptian practice of hieroglyphics. These consisted of complex pictograms, the full meaning of which was only known to an elite few. The first known use of a modern cipher was by Julius Caesar (100 BC to 44 BC), who did not trust his messengers when communicating with his governors and officers. For this reason, he created a system in which each character in his messages was replaced by a character three positions ahead of it in the Roman alphabet.

In recent times, cryptography has turned into a battleground of some of the world's best mathematicians and computer scientists. The ability to securely store and transfer sensitive information has proved a critical factor in success in war and business.

More here:
What is cryptography? - Definition from WhatIs.com

How to Convert a Positive Integer in Modular Arithmetic – Cryptography – Lesson 3 – Video

Posted on by


How to Convert a Positive Integer in Modular Arithmetic - Cryptography - Lesson 3
In this video, I explain how to convert a positive integer to a congruent integer within a given modulo. Donate - http://bit.ly/19AHMvX.

By: Learn Math Tutorials

Read more here:
How to Convert a Positive Integer in Modular Arithmetic - Cryptography - Lesson 3 - Video

Cryptography – From Black Art to Popular Science (CSCAN | PlymUniInfoSec) – Video

Posted on by


Cryptography - From Black Art to Popular Science (CSCAN | PlymUniInfoSec)
Prof. Fred Piper looks at some of the significant changes that have taken place in cryptography since the Second World War. The discussion concentrates upon ...

By: PlymUniInfoSec

Go here to see the original:
Cryptography - From Black Art to Popular Science (CSCAN | PlymUniInfoSec) - Video

How to Convert a Negative Integer in Modular Arithmetic – Cryptography – Lesson 4 – Video

Posted on by


How to Convert a Negative Integer in Modular Arithmetic - Cryptography - Lesson 4
In this video, I explain how to convert a negative integer to a congruent integer within a given modulo. Donate - http://bit.ly/19AHMvX.

By: Learn Math Tutorials

Read more here:
How to Convert a Negative Integer in Modular Arithmetic - Cryptography - Lesson 4 - Video

Jennifer Lawrence Nude Photos Leaked by Hackers

Posted on by

It is the hottest leak since Bradley Manning got busted. An anonymous hacker claims to have hacked iCloud accounts for a number of celebrities, including Jennifer Lawrence, Kate Upton, Victoria Justice, Ariana Grande, Mary Elizabeth Winstead, and several other stars. The hacker clims he has nude photos from these iCloud accounts, and is starting to leak them online.

While some of the celebs he claims to have nudes of have come forward to say that the pics are fakes, not everyone is so lucky, including Jennifer Lawrence.

A spokesperson for Jennifer Lawrence gave a statement to Huffington Post, saying, This is a flagrant violation of privacy. The authorities have been contacted and will prosecute anyone who posts the stolen photos of Jennifer Lawrence.

However, something seems to be amiss since the L.A. Police Department claims to have no knowledge of the whole situation. It might all sound like a case of a hoax, with Lawrences reps playing along for the publicity, but we can confirm that the pics have indeed been posted on Imgur.

Another celeb is also confirming her own pics authenticity, Mary Elizabeth Winstead.

To those of you looking at photos I took with my husband years ago in the privacy of our home, hope you feel great about yourselves, she said. Knowing those photos were deleted long ago, I can only imagine the creepy effort that went into this. Feeling for everyone who got hacked.

And that is how this sort of thing happens. People take nude pictures, then delete them from their devices, not realizing that their devices are uploading them to iCloud accounts or syncing them across other devices. This is not a flaw, it is how iCloud and other such sync services are designed to work.

The moral of the story here is simple: never take a nude photo with any device that can be connected to the Internet in any way. In fact, the better course is to do what The Boss suggests.

Bruce Springsteen tells the story of a photographer girlfriend who was shooting a private photo session with him. Jokingly, Bruce started peeling off his clothes. His girlfriend stopped him with a warning: Never strip for photos, no matter how much you trust the photographer. As the years go by, you never know where those shots may end up, and how.

Go here to read the rest:
Jennifer Lawrence Nude Photos Leaked by Hackers