Security quotes of the week

Popular pet names Rover, Cheryl and Kate could be a thing of the past. Banks are now advising parents to think carefully before naming their child’s first pet. For security reasons, the chosen name should have at least eight characters, a capital letter and a digit. It should not be the same as the name of any previous pet, and must never be written down, especially on a collar as that is the first place anyone would look. Ideally, children should consider changing the name of their pet every 12 weeks.

[...] We tried to call Barclays’ security expert R0b Ste!nway for a comment, but he was not available for 24 hours, having answered his phone incorrectly three times in succession.

A group of researchers led by Professor Todd Humphreys from the University of Texas at Austin Radionavigation Laboratory recently succeeded in raising the eyebrows of the US government. With just around $1,000 in parts, Humphreys’ team took control of an unmanned aerial vehicle owned by the college, all in front of the US Department of Homeland Security.

After being challenged by his lab, the DHS dared Humphreys’ crew to hack into a drone and take command. Much to their chagrin, they did exactly that.

Just like the huge black eye that _every major US telecom company_ got when they got caught colluding with the NSA to spy on Americans in obvious violation of US law? You'll recall that it was such a *huge* PR disaster... that they're all still doing it today(!), that Congress retroactively changed the law(!), and that the whistleblower was indicted for espionage(!).

I agree that Intel's hardware is very probably not backdoored, but that's simply not a standard by which threats should be measured in this field. Treating a backdoor scenario as outside the realm of possibility based on appeals to reputation given such obvious, massive, and recent precedent to the contrary is... not a typical security mindset, to put it mildly.