In other words, because of pesky things like the Constitution in the United States and instead of just using existing, vast international resources to prosecute criminals and terrorists, we’re going to be expanding broken ISP filters against the advice of pretty much everybody. Granted what is deemed “extremist” will likely be entirely arbitrary, and as we’ve seen with the porn filters, there’s probably no limit to the number of entirely legal and legitimate websites UK citizens will find suddenly inaccessible.

— Karl Bode on expansion of the UK’s “porn” filters

Billy Rios, director of threat intelligence at Qualys, here [Kaspersky Security Analyst Summit] today said he and colleague Terry McCorkle purchased a secondhand Rapiscan 522 B X-ray system via eBay and found several blatant security weaknesses that leave the equipment vulnerable to abuse: It runs on the outdated Windows 98 operating system, stores user credentials in plain text, and includes a feature called Threat Image Projection used to train screeners by injecting .bmp images of contraband, such as a gun or knife, into a passenger carry-on in order to test the screener’s reaction during training sessions. The weak logins could allow a bad guy to project phony images on the X-ray display.

— Kelly Jackson Higgins in Dark Reading on vulnerabilities found in carry-on baggage screening devices

While much of the NSA’s capabilities to locate someone in the real world by their network activity piggy-backs on corporate surveillance capabilities, there’s a critical difference: False positives are much more expensive. If Google or Facebook get a physical location wrong, they show someone an ad for a restaurant they’re nowhere near. If the NSA gets a physical location wrong, they call a drone strike on innocent people.

— Bruce Schneier

via Security quotes of the week [LWN.net].