Category Archives: Security

Security

Pigeon Accused of Spying

Leave a comment

My joke about surveillance seagulls is more relevant than I could have ever imagined. An amusing story called “Pak pigeon has police in flutter” has been published in the Hindustan Times

In an era of spy planes and satellites, the Amritsar (rural) police have detained a white pigeon that could have been — the police claim — used as a Pakistani spy.

The pigeon was reportedly spotted in Ramdas, a tiny town close to the Indo-Pak border, with a Pakistani stamp imprinted and a Pakistani phone number written on its feathers.

What happens if you call the number?

Sailing, Security

US Navy Sea Mammal Training

Leave a comment

A curious-looking sea lion approached a boat I was sailing the other day. I had a good laugh with the crew on board about how it must represent the latest Naval surveillance technology…”look out, a seagull-drone also is watching”. It turns out the joke was really on us, according to a report this week by CNET.

At Pier 48 in San Francisco, the city’s police and fire departments, along with its Emergency Operations Center, conducted a drill demonstrating the ability of dolphins and California Sea Lions to help protect coastal areas from maritime attacks.

No word on seagulls but they fit nicely into this picture. Could an octopus could be trained? They would be able to operate without a mechanical clasp like the one required for a sea lion:

I have to wonder how mammals are evaluated for this job. It is not very clear from the story.

Using highly trained dolphins and sea lions selected for their quickness, intelligence, detection capability, and mobility, officials demonstrated the unique ability of these animals to identify and neutralize threats in cooperation with human teammates.

Selected? Obviously they do not enlist. Does this rule out monkeys? What about chimpanzees, pigs or birds? Are dogs the only other animal that has been drafted for US military training? How does the military account for the cost and time of training a dolphin or sea lion? An artificial shark robot seems like a more humane approach, maybe more cost-effective, to this kind of underwater explosive detection and removal operation.

Remember Roboshark2? I have not heard anything since the big splash in 2003.

History, Security

History at LSE ranked #1

Leave a comment

I was just informed that my Alma Mater, the International History department at LSE, has been ranked #1 in the 2011 Complete University Guide.

It was given an overall score of 100 out of 100 possible points. Congrats LSE. Go Beavers!

Oxford was second with a score of 99.8. Hard to understand how Durham ended in third with higher graduate prospects and student satisfaction compared to Oxford, but perhaps research assessment and entry standards have more weight?

LSE was an excellent experience for me, as I studied international security during the Cold War in Asia, Africa and Europe. My thesis was on defense ethics strategy, (dis)information warfare, and long-term global security impact from military occupation of the Horn of Africa:

Anglo-Ethiopian Relations 1940-1943: British military intervention and the return to power of Emperor Haile Selassie

When asked about my transition from a history background to information security, I highlight two key points:

  1. Taxonomy of Authority: At its core, security is about tracking and analyzing events – who did what, where, and when. This mirrors the historical method of studying and interpreting past events. As a historian, I analyzed written accounts to construct coherent narratives. In security, I apply the same analytical skills to computer logs and digital data. Both fields require critical thinking to assess risks based on past vulnerabilities and threats. It’s no coincidence that many security professionals, especially in the military, have a keen interest in history.
  2. Case Study: Ethiopia 1940 and British invasion/occupation offers valuable lessons for modern complex security challenges. This mission aimed to establish stability while respecting Ethiopia’s sovereignty — a delicate balance given Britain’s imperial past and substantially weakened future. The outcomes of this intervention provide insights relevant to recent Western operations in countries like Afghanistan and Iraq. The post-WWII Western policy in the Horn of Africa ultimately failed to ensure regional security. Instead, it precipitated revolution, invited territorial war (with Somalia) and fueled an anti-American military party (the Derg) rise to power. The resulting instability and reduced Western influence continue to create security challenges today, such as piracy and terrorist safe havens. This historical case study demonstrates how understanding past events can inform current security strategies and risk assessments. It illustrates the transferable skills between historical analysis and information security: the ability to analyze complex situations, identify patterns, and draw actionable insights from past events.

In essence, my background in international history at LSE honed my skills in event analysis and reporting — capabilities fundamental to information security and risk management, which form the bedrock of computer security.

Security

XLlpX&submit_button=Search

Leave a comment

This seems to be a popular search:

XLlpX&submit_button=Search

Sometimes it is just this:

XLlpX

Could this be meant for XLSX; the flaw in Microsoft decompression of XLSX files?

The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user.

The problem was from a lack of validation on the ZIP header when the XML was decompressed. This allowed memory space to be exploited and then remote code could be executed. The vulnerabilities were reported (seven of them) in July of 2009 and Microsoft released a fix in March 2010 with MS10-017

Not XLlpX, but similar.