m Quec.lim's republished posts.http://quec.li/~m /The NO-NAME vuln: <tt>wget</tt> mess patched without a fancy brandhttp://go.theregister.com/feed/www.theregister.co.uk/2014/10/30/no_poodle_for_you_wget_vuln_patched_without_fancy_brand/tag:theregister.co.uk,2005:story/2014/10/30/no_poodle_for_you_wget_vuln_patched_without_fancy_brand/Wed, 29 Oct 2014 20:39:00 -0400<h4>Directory overwrite bug threatens all *nix boxen</h4> <p>Sysadmins: another venerable and nearly-ubiquitous *nix tool, wget, needs patching because of a bug first reported by HD Moore.?</p><!--#include virtual='/data_centre/_whitepaper_textlinks_top.html' -->http://quec.li/EntryComments?feed=http%3A%2F%2Fwww.theregister.co.uk%2Fheadlines.rss&entry=tag%3Atheregister.co.uk%2C2005%3Astory%2F2014%2F10%2F30%2Fno_poodle_for_you_wget_vuln_patched_without_fancy_brand%2FDeanonymizing Taxi Passenger and Fare Datahttps://www.schneier.com/blog/archives/2014/10/deanonymizing_t.htmltag:www.schneier.com,2014:/blog//2.6373Wed, 22 Oct 2014 06:54:00 -0400<p>Interesting <a href="http://research.neustar.biz/2014/09/15/riding-with-the-stars-passenger-privacy-in-the-nyc-taxicab-dataset/">essay</a> on the sorts of things you can learn from anonymized taxi passenger and fare data.</p>http://quec.li/EntryComments?feed=http%3A%2F%2Fwww.schneier.com%2Fblog%2Fatom.xml&entry=tag%3Awww.schneier.com%2C2014%3A%2Fblog%2F%2F2.6373NSA Classification ECI = Exceptionally Controlled Informationhttps://www.schneier.com/blog/archives/2014/10/nsa_classificat.htmltag:www.schneier.com,2014:/blog//2.6365Thu, 16 Oct 2014 07:22:00 -0400<p>ECI is a classification above Top Secret. It's for things that are so sensitive they're basically not written down, like the names of companies whose cryptography has been deliberately weakened by the NSA, or the names of agents who have infiltrated foreign IT companies.</p> <p>As part of the <i>Intercept</i> <a href="https://firstlook.org/theintercept/2014/10/10/core-secrets/">story</a> on the NSA's using agents to infiltrate foreign companies and networks, it published a <a href="https://firstlook.org/theintercept/?p=6630">list of ECI compartments</a>. It's just a list of code names and three-letter abbreviations, along with the <a href="https://en.wikipedia.org/wiki/National_Security_Agency#Structure">group</a> <a href="http://www.matthewaid.com/post/58339598875/organizational-structure-of-the-national-security">inside</a> the NSA that is responsible for them. The descriptions of what they all mean would <i>never</i> be in a computer file, so it's only of value to those of us who like code names.</p> <p>This designation is why there have been no documents in the Snowden archive listing specific company names. They're all referred to by these ECI code names.</p>http://quec.li/EntryComments?feed=http%3A%2F%2Fwww.schneier.com%2Fblog%2Fatom.xml&entry=tag%3Awww.schneier.com%2C2014%3A%2Fblog%2F%2F2.6365