News Blog

Understanding the Invasion of Privacy

There are folks that will jump up and down if someone mentions a National ID Card. There are folks that will rant about the NSA tracking American citizen’s movements. Yet the same folks that do not want a National ID card will give their email address to a dozen web sites. The folks that think […]

Attack Libraries

In an earlier post, I wrote about STRIDE — an mnemonic for describing a framework that is used to determine types of system attacks. http://norradcom.ipage.com/stride/ Over the years, properly applying the techniques defined in STRIDE, have proven very successful in defining possible system attacks. But STRIDE is based upon a set of abstract concepts. This […]

STRIDE

  STRIDE is an mnemonic for describing a framework that is used to determine type of system attacks.  I first came across STRIDE a number of years ago when I was preparing for my CISSP exam. I applied it to a few system analysis problems. It helped me get a better view of the issues at hand. Made […]

Apple – Minimizing the Attack Surface

  Remember the submarine movies where you are looking through the periscope of a submarine just as the Captain takes the shot? Chances are, you saw the broad side of a ship about to be attacked.     Now compare the broadside shot to a straight on shot. Clearly cooler and much more dramatic.   […]

Do Permissions Mean Anything?

  Sandbox “SmartPhones” provide an environment called a sandbox. Just as a child is shielded from the world and is allowed to play, a sandbox on a mobile phone is suppose to provide an area that an application can exist, protected from intrusions. The theory is that an application has its own private file space […]

Android Security Architecture and the Attack 1

  I am going to write a series of posts. The posts will cover everything from the security architectues of Android and Apple phones, the flow of data to and from these devices, the collection of this data, the storage large amounts of data that these devices generate and access, and the analysis of the collected […]

Not So Private Smart Phones — Cyber Warfare

  I recently was tasked with writing a paper that described how to hack Android phones. About that same time, numerous articles came out describing rogue cell phone towers within the United States. Both topics dove tailed very nicely. I thought that it might be beneficial to readers if I wrote a post to show […]

Revolution — Evolution — Bildung

A number of years ago, a relative showed me letters written by some relatives that fought in the Civil War. These folks had been educated in a small school house with one room. There were many take aways from the letters: 1. The penmanship was a thing of beauty. 2. The construction of sentences was […]

Dry Fire Part 2

In an earlier post, I wrote about how a smart phone can be utilized to enhance the effectiveness of practicing Dry Firing. You can read that post here http://norradcom.ipage.com/dry-fire-pros-do-it/. Practicing Dry Firing can help enhance the effectiveness of your Live Fire shooting. However, Dry Firing lacks in a two key areas: 1. You never really […]

Dry Fire – Pros Do It. Part 1

Did you ever watch a professional “thinking” through a series of moves? Here we have Mr. Herschel Walker practicing mixed martial arts by slowly executing all the steps that make up a complex move. He has taken the complexity and broken it into a series of simplified moves — each of which can be practiced […]

Categories

  • Categories
  • Recent Post