The SF Chronicle has reported an interesting case of a teenager arrested by police for a string of bank robberies and an attempted homicide. Although the 17-year old suspect went to great lengths to jam electronic signals while in a stolen luxury car, he apparently did not take very much precaution against simple video surveillance. It might be fair to say an obsession with avoiding capture did not mix well with what sounds like vanity and jealousy.

The detectives started only with reports from witnesses that a black-clad motorcyclist had been seen waiting at a nearby gas station before five shots were fired into a pickup truck parked on Evergreen Avenue in Mill Valley. Landon Wahlstrom and his 17-year-old girlfriend were sitting inside and ducked, according to the report.

Surveillance video at two gas stations where witnesses said they had seen the motorcyclist showed the apparent suspect. The helmet had “Bilt” written on it. That led investigators to a Cycle Gear retail store in San Francisco, which sells that model helmet. Surveillance video and transaction records showed the suspect buying not only the helmet but a dark visor, a black cloth face and neck protector, a black leather vest and black gloves.

The female victim was shown the video and identified Wade, from whom she had admitted buying fake identification cards and counterfeit driver’s licenses.

Americans are so used to labels being displayed on the outside of everything that the suspect probably did not even notice the BiLT sticker or realize it’s a unique form of identitication. Cracking the case is related to the luxury car, which was stolen from a dealership last year. Ironically it had been stored with the dealer by its owner, a celebrity cheft who was concerned it might end up in a chop-shop in San Francisco. Ok, pun intended. Once police identified the suspect on the motorcycle and realized the connection with the car they engineered the suspect into revealing the location of a 2008 bright yellow Lamborghini Gallardo. They simply used the girl’s identity to ask for a date in the car. He fell for it and invited police to a storage locker in Richmond where they found everything they could want stored together.

The cache in the steel locker was a potpourri of gadgetry, disguises and guns. Investigators found a dismantled AK-47 assault weapon, an assault-type shotgun, electronics that can interfere with cell phone frequencies and a list of scanner codes for a variety of California law enforcement agencies. Inside the Lamborghini were three UHF signal jammers for cell phones and two radio signal jammers.

Most troubling of all, though, was the discovery of a full San Francisco Police Department uniform, including a badge and duty belt and some bags, containers and a mask.

“The mask resembled one which was reportedly worn by a suspect or suspects in a series of recent, unsolved bank robberies in Northern California,” stated the report, which was prepared by Marin Sheriff’s Detective Greg Garrett.

The uniform is definitely troubling and likely will bring charges of impersonation. The mask, however, is an odd detail. I leave it to you to figure out why he would store a used mask instead of destroy it, let alone put it with the evidence from other unrelated crimes to make it easy to link them all together.

VMware Security has posted an announcement that patches are being made available immediately.

VMware has accelerated the delivery of a set of software patches for specific product releases that may be exposed to increased risk. We encourage all customers to view the following links to determine if appropriate patches are available for products in their environment: http://kb.vmware.com/kb/2019941 and http://www.vmware.com/security/advisories/VMSA-2012-0009.html.

For example, ESXi 5.0 P3 has a Security Patch Needed.

Apply security patch available at http://www.vmware.com/patchmgr/ download.portal under Bulletin ESXi500-201205401-SG.

That patch has the following explanations:

Due to a flaw in the handling of NFS traffic, it is possible to overwrite memory. This vulnerability may allow a user with access to the network to execute code on the ESXi/ESX host without authentication. The issue is not present in cases where there is no NFS traffic.

[…]

Due to a flaw in the virtual floppy configuration it is possible to perform an out-of-bounds memory write. This vulnerability may allow a guest user to crash the VMX process or potentially execute code on the host.

[…]

Due to a flaw in the SCSI device registration it is possible to perform an unchecked write into memory. This vulnerability may allow a guest user to crash the VMX process or potentially execute code on the host.

Their announcement also has a FAQ with reference to recent events:

In light of the current circumstances, we have accelerated our most recent security patches and applied them to all affected currently supported products.

500pix is a photo sharing site with an interesting approach to a terms of service (TOS) page. On the left side they have a bunch of legal language.

Content Submitted Or Made Available For Inclusion On The Service

Please read this section carefully before posting, uploading, or otherwise submitting any Content to the site. By submitting content to the site you are granting 500px a worldwide, Non exclusive license to use the content and are representing and warranting to 500px That the content is owned or duly licensed by you, and that 500px is free to publish, Distribute and use the content as hereinafter provided for without obtaining permission Or license from any third party…

Yada, yada, and then on the right they say this:

Basically, Your photos will preserve whatever copyright they had before uploading to this site. We will protect the copyright and will not sell your photos without your permission.

Under the store section they give this concluding sentence:

Your photos will be kept safe.

Safe? That is bold. I would understand if they said they would do their best or practice diligence but this statement is absolute. Then again, note their summary under Release and Indemnity.

Basically, We are not liable if something goes really wrong.

Uh, ok, really safe.