Weekly brief, March 29, 2010

CanSecWest, the security conference held in Vancouver, Canada, was the source of much interesting security news last week. The Pwn2Own contest, organized by the conference every year, saw researchers hacking non-jailbroken iPhones, Safari running on Snow Leopard, Internet Explorer 8, and Firefox on Windows 7.

It is fitting that CanSecWest was held in Vancouver, Canada. Edmonton-based Dragos Ruiu, a computer security consultant who is a key organizer of the conference, said that Canada is woefully unprepared for a massive cyber attack that could be orchestrated by any hacker with average skills.

Paranoia over cyber attacks at a national level must be spreading. Senior administration officials said that the US faces a cyber security gap without training and education. Perhaps they could start by securing President Barack Obama's own Twitter account. A 24-year-old was arrested for gaining access to the president's account, along with others, simply by guessing passwords.

Justice was served last week, after TJX hacker Albert Gonzalez was sentenced to 20 years in prison for leading the hacker ring that infiltrated the retail group. And he wasn't the only electronic felon to be sent to the slammer. A 21-year-old former student at Evergreen Public Schools pleaded guilty to criminal charges over a computerized payroll security breach last November. 5000 past and current Vancouver school employees were placed at risk of identity theft, according to reports. The student, Christopher Berge, was sentenced to 10 years in prison.

The University of South Carolina Beaufort emailed people to let them know that a stolen school owned laptop contained the personal information of 480 former students. However, not all of the SNAFUs this week were digital. A computer glitch at the House of Commons in Canada incorrectly mailed tax forms for 697 people to the wrong address.

What’s Hot on Infosecurity Magazine?