A Little Bit About Being Plane Stupid

Sorry, I couldn't resist the title. Earlier, I wrote a bit about the events that took place this week in the UK. Let's look at the group responsible for the Parliament actions - Plane Stupid.

According to The Guardian, "Plane Stupid was created three years ago after a group of anti-Iraq War protesters found common cause in the government's expansionist aviation policy.

The group conducts what are known as "direct action" operations. These require no overhead support and require no upper leadership approval when a target of opportunity has been discovered. Some of their ops have included the storming of the BAA's appearance at the transport select committee last November and chaining themselves to the gates of Farnborough airport – the main UK hub for private jets. 27-year-old Richard George is said to have co-founded the group with 34-year-old Greenpeace employee Graham Thompson in 2005.

The Guardian report also notes the group is made up of five members who are educated, middle class, and young. It operates on anarchist principles and describes itself as a "devolved network of autonomous groups" numbering around 150 dedicated activists. It has no designated leader and reaches all decisions by consensus.

Does this sound familiar? I'm beginning to see a lot of duplication when it comes to celluar structures of nonconformist organizations like this and others. What makes their statements about how they carried out the Westminster op so realistic is their age and education level. They're are all very smart and young enough. I bet at one point they even used student ID's to get past security. When protecting government institutions, we must look at all areas of vulnerabilities. This includes but does not exclude students and young people. If your too lackadaisical and think they're just kids, remember most of the 9/11 hijackers were all in this profile except they weren't white.

Big Ben, Heathrow, and Climate-Change Terorrists

Today, I read a news report from Great Britain's newspaper, The Guardian, which reminded me of all the times I said, "I'm sure glad I wasn't working yesterday." Ladies and gents, over the past few days, our great ally has been besieged by "climate-change terrorists." Okay, so I'm exaggerating a bit. But there were some serious security breaches both at Heathrow and at the Houses of Parliament.

Yesterday, five protesters from a group calling themselves "Plane Stupid" climbed atop the roof of the Houses of Parliament. The displayed two banners reading "No third runway" and "BAA HQ". Okay, I know there's a ton of speculation as to how this could have happened. Well, the police speculate they had an insider who provided them with access and who offered to store the signs. How else could they have gotten past security especially at Parliament? The protesters, of course, claim they brought the signs in past security and merely told the guards they were there to hear a debate on the floor. Either way it goes, somebody is in a lot of you-know-what.

According to SkyNews, Greenpeace protesters gained access to the roof of a Boeing 777 outside of Terminal 1 on Monday. For what? They were protesting Heathrow's planned expansion. For those who have traveled through Heathrow, you might agree climate change aside it could use the expansion. And maybe some maps and arrows that made sense. I digress. To say the least this was a major breach of security for an airport that has repeatedly been targeted by terrorists of all types to include Al-Qaeda and the IRA. Police and security units were able to respond and remove the protesters who posed no significant threat except to Heathrow's PR image. The protesters did carry signs which denounced the changed. It should be noted Virgin Airlines flew out of this same airport on the same day flying a bio-diesel jet which is supposed to reduce greenhouse gases from commuter jets.

Welcome and Encryption Key Madness

Welcome to my first post for this blog. I hope you can tell from my lengthy bio that we'll have plenty to talk about. So lets get started with todays topic: Encryption Keys.

For those of you still stuck in the Paleolithic Age of computing, encryption keys were thought to be some the most secure and efficient means to protect data stored on computers. In essence, you would store whatever data you wanted safe from prying eyes on a computer which would then encrypt the storage medium with a very difficult key secured be an even more difficult algorithm. Without the the right pass code, the data could not be decrypted and the key could not be used. According to the American Society of Industrial Security's publication, Security Management "the game has changed".

The Electronic Frontier Foundation, a non-profit electronic goods consumer advocacy group, along with Princeton have come with an ingenious way to get those keys without having to crack the algorithm. They freeze the medium and then extract the code. It appears because most keys are stored in DRAM where the keys are stored temporarily. Once your computer goes "idle", these keys are vulnerable to this "hack" because the memory takes a while to leave the chip upon shutdown and the freezing method of course slows this process down giving our intruder enough time to grab what he/she needs.

This "hack" effects TrueCrypt as well as other to include BitLocker, FileVault, and dm-crypt. Check out the Security Management website for further details.

Click here for video footage.

Incredible! Once you think you have it made with encryption, somebody not only cracks it but posts it on the Net.