Expire my data

Like milk, when data is stored in our refrigerated data storage facilities it should have an expiration date. Imagine a milk that degraded in your fridge and disappeared after the expiration date. The perfect solution to taking out the trash and having to deal with milk that has gone off.

In the same fashion would it be wonderful to be able to have the ability to submit your information on a form and set an expiration date on them. This way you know that the information will only live for the required time-period set.

From a legal point of view this is very well justified and supported. The Data Protection Act clearly states that data must only be kept for its intended purpose and deleted afterwards. And many organizations do not adhere to it or have very relaxed regulations about when data shall be deleted.

The article by the BBC [2] also talks about fading data. This is looking at data from another perspective. This is one that data is not deleted but abstracted to other forms of information i.e,generalized.


The current restrictions that I can see are:

  1. Database engines will need to be engineered in such a way to facilitate the storage of such information
  2. Will operating systems need to implement the expiration of data?
  3. What happens if someone copies the information e.g.backup ? Will the expiration details follow the information?
  4. It is a very data intense exercise if data is to be transform into an abstract set of the original data, then what are the rules, inputs and outputs that define this process. This can be very tedious and I would imagine very few organizations would implement it unless it was automated in some way.

There are probably many more, certainly I can imagine a number of people who would love this feature of having data that expires. We must be careful though because once it is gone then there will be no way to retrieve it again and in some very rare occasions forgotten information can be handy.

Links Used

[1] – Harold van Heerde – http://www.vanheerde.eu/

[2] – Fading data could improve privacy – http://news.bbc.co.uk/1/hi/technology/10324209.stm

Posted in Computer Security, News Articles | 5 Comments

New hosting, twitter feed and stay connected

As mentioned on the old blog we have moved to our new system (faster and no loading errors). A new feature of interest is the twitter feed on the right which is in sync with any tweets the group makes. This does not include any re-tweets. You can follow the ISRG at http://www.twitter.com/isrgUniGlam

We have also setup a Facebook group (http://www.facebook.com/group.php?gid=115019145200805 ) for Alumni Postgraduate students that have successfully finished any one of the following Postgraduate degrees (past and present):
MSc Computer Systems Security
MSc Computer Forensics
MSc Information Security and Computer Crime
MSc Information Security and Corporate Intelligence

Keep in touch,

ISRG @ Uni. of Glamorgan

Posted in Uncategorized | Tagged | 2 Comments

InfoSec Europe 2010

Uni. of Glamorgan’s ISRG group will be at #InfoSec10 Europe located at Stand R93 or at the Uni. Pavilion: http://goo.gl/blZk


My Twitter on Security

Hey everyone,

I have finally found a reason to have twitter. It aint the best medium but it is the fastest way to say something, which can be followed by an article on a blog etc.

For now I will maintain my own twitter, so if you want to track anything I track or write (tweet) that is security related checkout: https://twitter.com/kxynos

Leave a comment

Research PhD Studentship

Network Attack Impact Analysis and Counter Measure Deployment via the Application of Behavioural Engines

University of Glamorgan – Faculty of Advanced Technology
Programme of Research:

Behavioural engines are a new and more effective approach than the traditional, large, rule-based engines. In particular they are far more effective at eliciting tacit knowledge and maintaining internal self-consistency, which in turn produces a system that is easier to adapt as systems change. This makes behavioural engines an attractive proposition for analysing CNA, as attacks are becoming more complex and are continually adapting. However the application of such engines to this area has not been researched. Instead basic rule-based systems is the nearest available technology.

The aim of this PhD project is to research the basic methods by which such engines can be applied and based on the best of those methods examine the feasibility of real-time computer network attack impact assessment and response being performed via the application and extension of a multi-attributed based heuristic behavioural engine.

This PhD project will seek to create a system that is capable of receiving computer network defence and computer network management data in real time and perform an impact analysis calculation of for the selection and deployment of a policy driven security countermeasure via the Application of Behavioural Engines. Thus the goals are:

oTo extend the core behavioural engine to support the policy-directed assimilation and analysis of multiple data sources across multiple security domains.

oTo utilize a policy engine for the selection and deployment of security countermeasures across multiple security domains.
oTo validate the feasibility of such an approach will via the construction and execution of a proof of concepts demonstrator.
Please note: the studentship is open to persons holding UK/EU passports only.

Applications are invited, from highly motivated individuals with a good first degree in a computing related degree (2.1 or higher), for a full-time PhD position in the Faculty of Advanced Technology at the University of Glamorgan. Relevant subject expertise in computer network attack / computer network defence / behavioural engines would be beneficial, but not required. The student will be required to undergo a UK government security check.

A bursary amount of £13,290 (tax free) and UK/EU fees will be paid.

The closing date for applications is 19th February 2010 and interviews will be held on week beginning 22nd February 2010.

Contact details

Name: Dr. Huw Read
Address: Faculty of Advanced Technology, University of Glamorgan, CF37 1DL
Telephone: 01443 654287
Email: isrg [at] glam.ac.uk (replace [at] with @)

Original reference: http://www.jobs.ac.uk/job/AAQ821/research-phd-studentship/

Posted in Computer Security, Network Security | 1 Comment

Decaf COFEE put me to sleep

Decaf[1] is the hackers reply to Microsoft’s COFEE tool set. Once again creating a tool to combat a set of tools as old as Sysinternals is nothing new or surprising. If it did not happen we would have been surprised.

Unfortunately (and thank god) systems are open and when they are closed (-source) people can still reverse-engineer and break them. This is the nature of the system, be that a PC, Apple, hardware, software or a mobile phone.

In other news an Xbox 360 thief was caught when the original user’s account automatically signed in [2]. Proving that with some effort it is possible to track and catch thieves that keep and connect Internet-capable systems. Hear that UK!

Links used:
[1] – http://www.theregister.co.uk/2009/12/14/microsoft_cofee_vs_decaf/
[2] – http://www.theregister.co.uk/2009/12/30/x_box_theft_suspect_racked_down/

Posted in Digital Forensics | 3 Comments

GSM encryption attack lowers privacy to zero

In Europe mobile phones use the GSM standard to communicate with the carries. Encryption was and still is used to protect the calls and special intercepting abilities are built-in to the standard to assist law-enforcement.

Early versions of GSM use a weak encryption algorithms (e.g., A5/1) that are out of date and everyone now (hopefully) should be using UMTS (3G) (i.e. USIM) which include newer and better encryption algorithms.

What Karsten Nohl [2], his team and contributors have achieved is to utilise the advances in processing power (e.g., CUDA) to pre-calculate a code book[2] that will enable real-time decoding. Obviously the attacker will have to have access to the encrypted packets. This can achieved by setting-up a fake base station.

If you are thinking of doing this in the UK you will need special licence or permission from Ofcom or face the possible consequences [3].

Once again the weaknesses are known and the fact that this type of attack has emerged just demonstrates that relying upon incomputable algorithms is not always the best option. The only way to staying ahead of the game is with new encryption implementations.

Links Used:
[1] – http://news.bbc.co.uk/2/hi/technology/8429233.stm
[2] – http://events.ccc.de/congress/2009/Fahrplan/events/3654.en.html
[3] – http://www.ofcom.org.uk/radiocomms/ifi/enforcement/illegalbroadcast/
[4] – http://www.ofcom.org.uk/radiocomms/

Posted in Uncategorized | 7 Comments

Interception of video feeds from US drones in Iraq

“Shia fighters are said to have used off-the-shelf software programs such as SkyGrabber to capture the footage.”[1]

Why the BBC calls this a hack [cause it sounds cool I guess] I have to idea. This is a classic interception case. Get a program (SkyGrabber in this case) and start receiving the broadcasted satellite communications. The US should not have had insecure satellite communications in the first place.

[1] Iraq insurgents ‘hack into video feeds from US drones’ – http://news.bbc.co.uk/2/hi/middle_east/8419147.stm


PhD Studentship

PhD Studentship
Job Reference No. PhD FAT2
Salary: Stipend of £20,000 per year, minimum. Plus payment of enrolment fees
Closing Date: December 13, 2009
Interview Date: PM Wednesday 16/12/09
Terms: Permanent
Job Type: Support Staff
Job Class: External
Location: Treforest

Title of Research
QoS and Routing in Encrypted Networks

Programme of Research
This industry funded research project is in partnership with QinetiQ Ltd. The company is a leading international provider of technology-based services and solutions to the defence, security and related markets; and work with government organisations, predominantly in the UK and USA including defence departments, intelligence services and security agencies.

This PhD project will be an investigation of quality of service and routing implications over all encrypted networks (AEN), based on different traffic types ands structures, scenarios and use cases for use in experimentation and demonstration.

This research is to be carried out mindful of the specific security constraints in the field of traffic management. In particular, this work will involve the following work packages:

1. Requirements Analysis
2. Solution Analysis
3. Implementation
4. Exploitation and Realisation
5. Experimentation
6. Demonstration

Applications are invited, from highly motivated individuals with a good first degree in a computing related degree (2.1 or higher), for a full-time PhD position in the Faculty of Advanced Technology at the University of Glamorgan. Significant experience in a major programming language is required (C++, C#, .net), with knowledge of web services such as SOAP/REST preferred. Relevant subject expertise in computer network attack / computer network defence / QoS and relevant certifications (e.g. CHECK / CREST / TIGER) would be beneficial, but not required. The student will be required to undergo a UK government security check. The PhD position is open to UK nationals only.

Closing time and date: 12 midnight Sunday 13/12/09.
Interviews to be held pm Wednesday 16/12/09.
Applicants will be informed if they are selected for interview by email on Monday 14/12/09

How to Apply
Please submit the university postgraduate research application form http://www.glam.ac.uk/apply/156/research.

Contact details
Name: Dr. Huw Read, Prof Andrew Blyth, Dr. Iain Sutherland
Address: Faculty of Advanced Technology, University of Glamorgan, CF37 1DL
Telephone: 01443 654287
Email: isrg@glam.ac.uk

Posted at: http://inform.glam.ac.uk/jobs/details/591/

Posted in Computer Security, Network Security | Leave a comment

Your data selling for $30 to $40 USD by US companies

What do you mean you don’t live in the US. Do you not use any of these companies services over the Internet?

Want an insight to what US companies do with their customer data? Check the documents data retention policies, surveillance capabilities and lawful data-interception guides posted at cryptome.org [1]. In the UK we hope that the Data Protection Act protects us to a point, but we still have to pay to see what is held about us. An expensive exercise.

Any sight of Google’s policies?

[1] Cryptome.org
[2] http://www.wired.com/threatlevel/2009/12/yahoo-spy-prices

Leave a comment