As someone who has had the unenvious job of performing PCI (Personal CardHolder Information) audits for companies in the past, I was a bit shocked when I first heard about the scope of the Target hack, which is reported to possibly reach 110 million card numbers. The problem with this situation is, it simply should never have happened. PCI compliancy exists as a self-policing mechanism for companies to validate their internal infrastructure and insure that everything is setup in such as way as to keep PCI data secure, and inaccessible from the outside world. Now that Target has come out with their initial analysis of the hack, the claim is that the POS (Point of Sales) systems themselves were all compromised via malware.
In the world of network security, it has been generally assumed that private networks were inherently secure, so most all attention is given to securing and segregating internet facing services instead. Unfortunately this is no longer the case, while traditional security measures have been adequate for traditional intrusions, the NSA's reach is far greater than a normal hacker. Because of the technical constraints involved in tapping these private networks, it is now generally accepted that the NSA would have needed to physically intercept the fiber optic cables between Google's data centers in order to accomplish this task, in response to this intrusion, Google has begun encrypting all traffic between data centers on their private networks.
According to following leaked document, It turns out that the NSA has been infiltrating massively-multiplayer online games such as World of Warcraft, as well as the virtual world's platform Second Life from my former employer, Linden Lab. However, even more far reaching is that they also are monitoring all communication across the XBox LIVE network.
The NSA would have us believe that terrorists are planning their intricate operations while p0wning american gamers online...
I have been invited by the LPDC to speak at the DFW Hyatt Regency on December 14th at 8:00pm. The topic for the panel will be the Surveillance State. We will be discussing matters of NSA domestic spying in particular, the recent Edward Snowden revelations, and government snooping in general. Also joining me will be Gregory Foster from the Electronic Frontier Foundation.