BLOG

The Seattle Times writes about Soviet maps In a very interesting recent article Eric Lacitis tells about maps he discovered in a Riga bookstore.  They bring back real history of a country that was brutally occupied by the Soviet Union.  Here is the rest of the story and how it relates to the US. Unrolling a historic puzzle from the cold war I enjoy unrolling my 1980 Soviet map to look at streets and houses .

Read More

Late last year on a Friday evening I discovered that logging into our Schwab.com account got lots easier. It was possible to log in without a username and password. Wow, what a vulnerability!  Here is the story. Not expecting this labor-saving bonanza I hadn’t recorded screen shots. Some detail was recovered from browser history and my recollection of an unusual prompt. I called the toll free number an pleaded for nearly an hour repeating to

Read More

A Bluetooth attack just announced last month found vulnerabilities in most major operating systems: Windows, iOS, Android, Linux… This leads to a series of worrisome questions. They are amplified by stories from my friends who have used Bluetooth hacks to turn on a cellphone microphone and listen in to nearby conversations. Are they listening to my Bluetooth phone conversation right now? Does this mean the end-of-life as in our interconnected world? Is my strategic boardroom

Read More

WannaCry news Over the last few days a WannaCry worm/ransomware attack has swept across the planet resulting in headlines.  Forensics of the worm which spreads a ransomware payload is being meshed with political news. It’s likely that the key worm concepts came from stolen and leaked US Government cyber tools.  Here are some observations from the eSleuth crew. An early and accurate analysis from Jake Williams of Rendition Infosec was presented in a SANS webinar — on the same day

Read More

A new accounts payable employee receives an spoofed email from the company president. Send a $20K direct deposit to this bank account… do it right away!  The true crime story is that this is an ongoing fraud effort. Our recent spoofed email cases include: $18K in Kirkland, $20K in Woodinville, $250K in downtown Seattle, $500K in West Seattle. Spoofed emails are so realistic and well timed that they really seem genuine. They include real names and

Read More

The anniversary of the Japanese attack on Pearl Harbor is always a time for reflection. Some reflections are personal. For baby-boomers it was common to know survivors of the attack. My connection was via an uncle who served on the USS Argonne with the Commander Pacific Fleet. He had eyewitness accounts of heroic actions by sailors and marines who reacted to the surprise attack on December 7, 1941. Years later I briefly worked just across

Read More

In the current political focus it is not helpful to have another harangue from an opinion shaper. This blog includes just my personal experiences — and the role of computer forensics. Remember the ’70s? Seattle had become the bomb capital of the US. The government was the focus of much of the hate. I recall a coworker at UW who summed this mood up pretty well. His philosophy was that there is no good in

Read More

Last week a long-time client called to ask for quick cyber risk assessment. No threat of violence — but they wanted to know if their (very good) network security would effectively defend them against a known (very aggressive) cyber threat. An immediate opinion was needed. I was faced with the problem that decision makers live with especially in high-threat or violent situations. Few problems in management are purely quantitative. Even the formulas that are used

Read More

Software from Redmond, Washington always seems newsworthy. This software project was going well and beginning to get national attention. One day the focus turned inward, however. During a test of the project, the boss discovered that the new software was providing links to pornography on the Internet. Ouch! He made solving this problem a high priority and called to provide a forensic investigation of the issue. The investigation Computer forensic imaging and analysis of a server

Read More

The tough job in risk assessment is separating the goofiness of ordinary life from factors that might indicate potential violence. Assessment isn’t prediction — but both have similar uncertainties. In a world with lots of physical variables, each represented by a known stochastic process the job is lots easier. A numerical simulation of the collection, such as a monte carlo analysis, can give credible results. It is even possible with data from trusted opinion polls,

Read More