[ale] Slashdot article on UAV/satellite surveillance
Mike Harrison
meuon at geeklabs.com
Fri Apr 18 11:31:17 EDT 2008
On Thu, 17 Apr 2008, Jim Kinney wrote:
> Only 39 of the quarters were sterilized. One was a tracking device.
Actually, two of them were.
I powered up my 1931 Coolidge Tube (I really own one) with my plasma torch
and used my night vision goggles (via a front surface mirror so I was out
of the beam path) as an image intensifier to make sure they were 'just'
quarters.
One of them was placed in your pocket, yesterday.
Any heavily tinted windowed vehicles nearby?
-------------------------------------------------------------------------------------------------------
ON TOPIC:
Seriously though, sometimes we need to be this suspicious. I am getting
back into the payment processing business, and have setup a webserver
with a demo that looks like it is taking utility payments. (It's a
semi-working demo.. ) After google found it (not sure how, but
they did), I seeing an amazing onslaught of what seems to be scripts poke
at this thing. It's -not- what I see on other webservers with non payment
related forms. I'm guessing I don't see this kind of traffic on my
e-com/shopping cart sites because a payment screen does not become
available until things are added into the shopping cart.
It's not what I saw years ago when I was working for an ACH processor either.
Seems to have evolved.
I'm about to setup another site/server with generic payment forms
(ccnum, expiration dates, amount, etc.. ) just to watch the exploit
attempts to make sure the real things I am doing don't succumb.
And it gets harder when you have to detaint againt UTF-8. You can't just
strip out all the non-ascii characters.
More information about the Ale
mailing list