Okay, so I intentionally used a salacious headline to get your attention. It’s Thursday. The NSA didn’t really help make Windows 7. Rather, using their “unique expertise and operational knowledge of system threats and vulnerabilities” the National Security Agency helped shape “Microsoft’s operating system security guide”, according to Richard Sharffer, Information Assurance Director at the NSA. The NSA works with other companies, like Red Hat, Apple, and Sun, too. The NSA started the Security Enhanced Linux initiative in 2003, so it should come as no surprise that they’ve been working to help secure Windows, too.

The Archerfish “Mobile Video Intelligence System” has been renamed to Archerfish Quattro, presumably because “Mobile Video Intelligence” doesn’t roll off the tongue. The unit is on sale now at Amazon.com, making it easy to add one of these to your holiday shopping. For purchases made on Black Friday through Cyber Monday you can get a free camera added to your system!

Designed to work without a dedicated PC, the new Astak Mole was announced today. The Mole is a wireless webcam that can upload video directly to such sites as YouTube, Facebook, or Twitter. It can also record directly to an SD card in the camera.

What BrickHouse lacks in photoshop skills they more than make up for in caring for kids. BrickHouse sells the Child Locator, a little thinger that lights up when your kid moves up to 600 feet away from you, and now they have this. It’s basically a little tracking device that hangs off of your kid’s clothes and allows you to track them anywhere on Earth.

Full-body scanners are being tested in a variety of airports. I didn’t get the pleasure of using one on my recent trip to Japan, unfortunately, so I can’t provide a first-hand account of what it’s like. I suspect it’s quite unremarkable to walk through one of these. That won’t stop people from being outraged over the fact that some TSA goon sitting in a sterile room somewhere where he can’t see the individual walking through the scanner gets to drool over grainy black-and-white images of everyone’s naughty bits!

I mentioned a newly released hardware encrypted USB flash drive last week, and promised a full review. Here it is! The Lexar JumpDrive SAFE S3000 FIPS is a hardware-encrypted USB drive that satisfies U.S. government computer security standard FIPS 140-2 Level 3. “Physical security mechanisms required at Security Level 3 are intended to have a high probability of detecting and responding to attempts at physical access, use or modification of the cryptographic module.”

The SAFE S3000 FIPS accomplishes this by means of a Gemalto .NET V2.2 FIPS smart card, which provides “tamper-resistant storage, isolation of all security-critical computations, and strong authentication through a stringent PKI-based challenge-response process.”

The metal casing is water proof, and the entire thing is filled with “military-grade epoxy compound” to thwart physical access. This drive has some serious heft to it, compared to other USB sticks. In a pinch, you could probably cause modest pain to someone by throwing it at them. Seriously, this thing is solid. Read on for the whole story.

Come on, people. You’re probably aware of the big Hotmail scandal going on right now, what with some 30,000 account names and passwords having been leaked over the past few days. And now Gmail and Yahoo! e-mail accounts appear to have been compromised. The thing is, these leaks aren’t the result of a software glitch or anything, but the result of successful phishing attacks. I have one question: what the heck is wrong with you people?

Passwords suck. A good password is hard to remember, and a weak password is easy to guess. There are lots of attempts at finding ways to solve the problems of passwords, like one-time passwords, biometric authentication, and more. One of the most attractive solutions is two-factor authentication, which requires that you know something (a short passphrase, usually), and that you have something. The thing that you have is most often a little token generator: every 30 or 60 seconds a new set of digits is displayed on a screen. To successfully log in, you need to supply the passphrase that you know along with the digits displayed on the token. Big businesses have been using two-factor authentication for some time. Now it’s being made available for anyone with an Amazon Web Services account.

Are you a privacy-minded person living in the Netherlands with at least $82,000 USD to spare? If so, quantum cryptography can be your’s today, thanks to a new partnership between Siemens and id Quantique! Siemes has a bunch of dark fiber it’s willing to sell to you for use with your shiny new id Quantique Cerberis quantum key distribution system.

As you all know, quantum cryptography key distribution uses light over fiber optic cables. In order to ensure that the key exchange occurs securely, you need dedicated fiber. And if, somehow, someone manages to peek in on your key exchange, the quantum properties of photons ensures that you’ll know about, since the very act of observing quantum events changes their outcomes.

A bit of a corollary to yesterday’s story of an ACLU lawsuit designed to ascertain more information about laptop border searches. The Obama Administration has put a whole bunch of new restrictions on the practice, some of which should may the “don’t search me” brigade.

Researchers in Japan have developed an attack against WiFi Protected Access when using the Temporal Key Integrity Protocol (TKIP) that can successfully break the encryption in less than a minute. If you’re using WPA with TKIP, switch to AES, or step up to WPA2.

The ACLU doesn’t like that the U.S. Customs and Border Protection can search through all your electronic personal effects—laptops, including all the data therein—so it has filed a lawsuit to back up an earlier Freedom of Information request asking, essentially, “what gives?” Is it reasonable for Customs to search you at the border? Sure. But is it reasonable for Customs to search you, then take away your laptop, hold onto it for an indeterminate length of time, all the while rifling through your browser history, photo directory, etc? Are they afraid of my exploding plain text files or something?

Here’s a fun story. Police in Australia thought they were being mighty clever when they took over an “underground hacking forum.” (The forum is r00t-y0u.org, though it seems to be down right now.) One of the hackers on the forum then retaliated by breaking into police computers using a simple SQL injection. Security fail.

It’s been a very long time since I last used a Texas Instruments graphing calculator. I thought it was cool to write programs on the TI-80 I used in college. It seems that in the time since, things have gotten a little more complex: TI calculators now have cryptographically signed operating systems! Ostensibly this is to prevent clever hackers from loading their own operating systems onto the calculators (the horror!). Leave it to the hackers, though, to find a way to do what they want!

Twitter. Twitter? Twitter! TWITTER! Yes, the world’s most important Web site has been co-opted by evildoers, being used to control personal information-stealing botnets.

As we move farther and farther into the digital age, we begin to see some serious problems with an all-digital lifestyle. Take parking meters, for example. As much as a pain as it is to root under your car seat looking for loose change to feed the meter, there aren’t too many ways to avoid actually putting money into a traditional meter. (Or maybe there are. I haven’t bothered to investigate, since I don’t currently own a vehicle.) Newer electronic parking meters, though, can be pretty easily subverted, as demonstrated at the Black Hat conference this week.

SimpliSafe seems like a pretty simple (get it?) home security system for those of us who value our safety, but not enough to get a professional security system installed and, especially, anyone who lives in an apartment or moves around a lot.

An Apple expert and hacker has shown that the iPhone, in all its various forms and moltings, is child’s play to compromise. This comes despite assurances from Apple regarding the 3GS’s encryption feature. Bad news for businesspeople of the 21st century, who have glommed onto the iPhone and its service halo like no other device. The wonder-phone has certainly changed the way smartphones and other devices are made, but this isn’t the first time Apple’s security measures have been described as being seriously lacking.

It seems that with a little creative coding, or access to an insecure computer, the iPhone can be cracked wide open. The encryption doesn’t really even enter into the equation, since you can just have the phone read off the information you want. There hasn’t been much of a reason to hack iPhones yet — you might get a few Facebook passwords, or some contact info, but now that the phone is gaining traction in the business world, there may actually be something worth stealing on them. And it’s not very hard to do.

Japan is one of the safest countries of the world, but this didn’t stop a local company called Shimada to develop a security item of a very special kind: An anti-burglar mat. No joke: The company, which usually produces rat traps and repellents [JP], was asked by the Japanese police to do it.