I don’t know if you guys have seen the ATT ad that feature KITT ( https://youtube.com/watch?v=bRxGu7Yy5rA ) . The one thing that got me curious was the VA state inspection and Decal in the window. I did a little googling and came up with this

https://www.knightrideronline.com/phpbb/viewtopic.php?t=8628&postdays=0&postorder=asc&start=0&sid=44c687a692b2ef7c5c47be15976aade3

It turns out the car is a replica someone built

There seems to be a whole load of people building replicas
https://youtube.com/watch?v=6p01ahzrVNg
https://youtube.com/watch?v=5oVxdcUXzoI
https://youtube.com/watch?v=KOZTk7MmRK8

Famous sort of

I was interviewed for a security magazine a little while back and one of my co workers read it. I also hear my photo is in there as well 🙂 I am not subscribed to the magazine so my co worker has promised me his copy.

US-Visit computers failed due to a virus.

To me this is crazy that computers could be affected so badly by a virus. Lets assume that you haven’t installed the patch because you are testing it. That is a reasonable enough situation, but in security you don’t just rely on just one layer of protection instead you use multiple layers. For a moment lets assume that these machines are not used for reading email, surfing the web and only have the software needed to perform the US-visit program.

1) Virus software.
Any reasonable virus software will protect computers from known viruses. Some vendors will also give you the ability to block buffer over attacks and perform some behavioral blocking. All the machines should be managed from a central location that allows the machines to all be updated to the latest virus definition files.

2) physical or logical separation.
In this example they are running machines that have a single purpose, to collect and valid passports. This allows you to put the computers on a firewalled segment that only allow the specific traffic needed to run the us-visit machines. If they they are connected to an untrusted network then tie them back to a central secured network using a vpn connection.

3) Hostbased Firewall
Windows XP includes a very simple firewall that allows you to block traffic going to the machine. When dealing with a machine that is there to serve a single purpose it should be a fairly simple to create a set of firewall rules that blocks most traffic to the machines.

3) Hostbased application control
Again since these are single purpose machines you can install a security application that controls which applications are allowed to run and what types of network connections those applications are allowed to make.

What is even more amazing is that wired has published a copy of there Network Architecture

And this is reported on a UPI feed
A U.S. Embassy spokesman in Baghdad diplomatically told The Mirror that the pair’s sleeping arrangements were “a private matter which I couldn’t comment on.”

And the head line from the Daily Record “FINAL STRAW WAS JUMPING INTO CONDI’S BED”