Spliced feed for Security Bloggers Network |
| New Blog Part Deux [Random Thoughts from Joel's World] Posted: 05 Jul 2008 10:28 PM CDT Right, so I started this new blog. Things were going great. Then, out of nowhere... I get put on Gizmodo. Which, I'm not going to complain about, don't get me wrong. But I went from 5 hits to 6000 hits in less than 24 hours. I wanted people to write in with suggestions. So what do I get? 100's of emails. Of course I had the site over on .mac's servers, and my monthly download stats went from about 60 Mb/s a month (on .mac's servers) to well over 3 Gig's in less than 24 hours. So I had to do something quick. I moved the whole blog over to blogspot, where I don't have to pay for bandwidth --thank you Google-- and now everything is fine. Oh wait, I have to get everyone over here from .mac's servers. So I had to play url redirection and dns games for the past hour until I got it right. Anyway -- http://blog.dearcupertino.com is where it's at.  Subscribe in a reader |
| Award up for grabs [IT Security: The view from here] Posted: 05 Jul 2008 08:49 PM CDT Obviously Schneier's going to win this, he's older and wiser and more bearded than I. On top of that he's written about 20 books on security and has 4 billion people reading his blog. Personally I think he's over-rated. :) I remain fully seated in controversy of course, winning friends and influencing people wherever I lay my hat. Tonight my hat is in Chicago, I am exhausted, and I'm going to bed. Goodnight America, god bless. Oh yeah, VOTE FOR ME! |
| Hacked Security future consultants securityfc.be [belsec] [Belgian Security Blognetwork] Posted: 05 Jul 2008 06:18 PM CDT
 and so this happened to their site - they had a new client  |
| Mass hack of the day thejudge.be [belsec] [Belgian Security Blognetwork] Posted: 05 Jul 2008 06:13 PM CDT
and than goes to http://www.lastprophet.info/en/index.php?lang=en and so this server hosts tens of other sites and subdomains that are all redirected, so is it so wise to have shared hosting ? |
| Posted: 05 Jul 2008 03:53 PM CDT |
| Google Ordered To Deliver All YouTube Use Data to Viacom [Infosecurity.US] Posted: 05 Jul 2008 01:12 PM CDT Google (NasdaqGS: GOOG) has been ordered by the Federal Court of the Southern District of New York to hand over all user activities on YouTube to Viacom (Nasdaq: VIA). From Ryan Singel’s posting at Wired’s Threat Level: “The Electronic Frontier Foundation (EFF) has already reacted, calling the order a violation of the Video Privacy Protection [...] |
| Posted: 05 Jul 2008 11:37 AM CDT
One of the things that I've always disliked about politics is the polarizing nature of how each side takes sides, making arguments win-lose when a combined solution is really what's needed. Americans are getting hit below the belt right now with the one-two-punch of high gas prices (along with the associated rise in food and other prices) and a struggling economy. Rather than take a sensible approach, Obama and McCain are framing the debate as energy alternatives vs. more drilling, turning the argument into yet another polarizing debate.
I also believe we could use our oil reserves to help fund the creation of our energy independence. I flippantly said one day, "Lets drill offshore, sell the oil to China, and use the proceeds to fund the creation of hydrogen cars." Not such a crazy idea after all, eh? |
| Indian DoT vs. RIM’s Blackberries: Further Commentary [Infosecurity.US] Posted: 05 Jul 2008 11:13 AM CDT In kowtow to the will of the now nearly ubiquitous Blackberry, the Indian DoT has relented in their quest to force RIM into submission…. The Indian Department of Telecommunications wouldn’t have a hope in hell anyway, of decrypting transmitted data over BIS pipes…predicated on the known level of expertise in such matters within their public sector [...] |
| Snuggly the Security Bear [Network Security Blog] Posted: 05 Jul 2008 11:11 AM CDT All I can say is hahahaha! And then I cry because of how true this sarcastic little video is. He’s not scary, he’s snuggly and secure. |
| A bloggers network to be proud of [StillSecure, After All These Years] Posted: 05 Jul 2008 10:54 AM CDT I started blogging about 2 and half-years ago because I felt like it would be fun to add my two cents to the public debate. When Brad Feld introduced me to the Feedburner guys I was given an insiders view into the quickly developing blogging world. When Feedburner started networks, I thought it would be interesting to start a network of all the security blogs that I was reading. I also inherently knew in my gut that eventually there would be some common good that would benefit all of the members of the network by aggregating our content and buying power for ads. I also believed and still do believe that there are other ways that a network such as the Security Bloggers Network can be a force for good. However, reading the SBN feed tonight I was just blown away! From being on the road, I had not read the SBN feed in my Newsgator reader for almost 2 days. I had over 160 articles cued up in the feed. Forget for a moment that the Security Bloggers Network now has over 160 blogs and a combined feedburner subscriber base of almost 67,000 readers! The content is king. Going through the articles I could not believe the total coverage, the ongoing commentary and give and take, but most of all it was the quality. There are so many great members of the network who are just so damn smart and are writing about such important stuff. I am humbled and incredibly proud of the what the Security Bloggers Network has become. If you are interested in security, whether it be the technical aspects of security, the business of security or the security industry, you cannot afford to miss this SBN feed. We are kicking around a lot of new activities and ways to publicize the member blogs of the network over the coming months. Stay tuned for details, but in the meantime keep reading, you won't be sorry!  |
| The Website is Down [An Information Security Place] Posted: 04 Jul 2008 04:16 PM CDT |
| Attack Of The Killer Segways [Liquidmatrix Security Digest] Posted: 04 Jul 2008 03:18 PM CDT  Sometimes you stumble across something that is just too damn funny when it certainly isn’t meant to be. This is a picture of an anti-terrorist drill being conducted on segways ahead of the summer Olympic games in Beijing. This just amuses me to no end. The bad guys can die in a hail of bullets while giggling. An interesting psychological tactic. |
| Math [Random Thoughts from Joel's World] Posted: 04 Jul 2008 11:34 AM CDT Apparently, this person thinks that they will never get a date, and actually did all the statistical analysis to figure it out. I don't think the problem is that you won't find a date, I think the reason that you can't find a date is because you spend all your time doing complex math about why you can't find a date ;) Now THAT'S probably the reason. Subscribe in a reader |
| New Blog [Random Thoughts from Joel's World] Posted: 04 Jul 2008 10:37 AM CDT I've started a new blog. Don't worry, I am still keeping this one, and will dedicate the same amount of time to this one, however, I've started a new one over at DearCupertino.com. As much as I enjoy Apple Products, I really wanted a place to throw some ideas that I've had for Apple. Suggestions as it were. New Projects, Products. Suggestions or ideas, feature enhancements as it were. Also, a place to write gripes. Hopefully someone from Apple, who has influence, will see it and read it. But, I'm a realist. I doubt that will happen. In other words, I'm just having fun. Subscribe to the RSS feed here. Subscribe in a reader |
| EPIC FAIL FOR ALL [Vitalsecurity.org - A Revolution is the Solution] Posted: 04 Jul 2008 02:50 AM CDT "The reality is though that in most cases, an IP address without additional information cannot (identify you)." Google Public Policy Blog Wow, that came around and bit everyone on the ass, didn't it? Such a cacophony of disasters, I'm not sure what to roll my eyes at first - the mass treasure trove of data hoarded under the stairs, Viacoms grab for the cookie jar (they want everything including material copyrighted by *others* and deleted material that for all they know might have been illegal? Can someone do Viacom for possession and copyright infringement please)? Maybe it's the fact that the Judge ruling over this case is about six thousand years old and clearly wouldn't know what an Internet was if it hit him in the face, which I strongly suspect is about to happen. The EFF blog has an update where Viacom claim they don't intend to go harassing individual Youtube users, but we've seen stuff like this enough times to know everything has a huge potential to go entirely tits up further down the line. Samwell sums this up far better than I ever could: |
| US Army Network Warfare Battalion Activated [Infosecurity.US] Posted: 03 Jul 2008 05:28 PM CDT The United States Army has activated it’s new Network Warfare Battalion, during a ceremony at Fort George G. Meade, Maryland. The Battalion’s mission is mandated to provide support to the Army and the DoD. According to Maj. Gen. David Lacquement, Commander, U.S. Army Intelligence and Security Command, “This battalion formalizes and centralizes the Army’s mission to [...] |
| Google Releases New Web Security Software [Infosecurity.US] Posted: 03 Jul 2008 05:26 PM CDT Google (NasdaqGS: GOOG), has just released internally developed web security software monikered RatProxy. The product, (essentially a web sniffer) performs in-depth analysis on specific html, and other web objects for security assessment and generates reports for privileged users to examine. Interested users can download RatProxy from the Google Code site (via VNUNET) WooHoo! Google’s description: “A [...] |
| Survey warning [IT Security: The view from here] Posted: 03 Jul 2008 05:24 PM CDT My dear chum Walt has something to say on PCI surveys today. He puts his questions in a very understated way, such is his low-key manner. I can reveal that it was I that was the straw which broke the camel's back however. You might recall my recent whingeing about a NetIQ survey which said that PCI in Europe wasn't being taken seriously, and they could prove it from a pretty small sample. I was approached by their marketing manager afterwards, and whilst my back was up initially, I have to say he has won me over with his patience and more importantly, his desire to learn what would make it better. We are going to try and increase the sample size in the coming weeks with a new survey, more targeted and less commercially orientated. Hopefully this will have some real value, and maybe even more coverage in The Register again. Walt has been very helpful in pointing me in the right direction about how to make this survey objective, but something he did say in a mail to me, he didn't put in his post. The gist was that now PCI awareness has been achieved, everyone wants to know what everybody else is doing. This is subtly different from "wanting to learn from each other", which is a very nice way of looking at it. Maybe that's because it assumes too much and he knew I'd get what he was saying, but it kind of put things in a nutshell for me. What IS everyone else doing. It seems that the more we talk about PCI, the less we want anyone else to know what we've done. Are we afraid that our solutions aren't as good as next door's? Are we afraid they will try and copy our homework? Come on retailers and banks, let's have a bit of care in the community, share the knowledge! |
| If you can't beat 'em, join 'em [IT Security: The view from here] Posted: 03 Jul 2008 05:23 PM CDT I have to be careful what I say here, but this annoyed me. No, not because they are promoting firewalls, which suck, and will always suck, and should be shot, but because of this: Firewalls are underrated, but only by an industry which is perpetually looking at selling you the next new thing.Again, not because it's a lie, firewalls are not underrated, they couldn't be. No, because it's hypocritical crap. Sorry Matasano, you may have some of the finest security minds in the business, who could knock me into a cocked hat, but this is spin. If you don't like being part of an industry that is perpetually trying to sell the next new thing, don't build new things and try to sell them whilst pretending to be a research company. You guys are supposed to be teaching people about security, not dragging it back into the 20th Century. No wonder "Firewall adoption is huge, and what most companies struggle with is with managing their rules and making sure they get the most out of their existing deployment" - when even the most stand-up, hands-on-hearts, honest to goodness pure security folks are trying to hawk them bloody firewall enablement software! This is the most circular, hypocritical and ridiculous argument from a bunch of otherwise extremely clever and normally responsible people that I've read in a long time. And I've been reading PCI surveys. |
| Maltego for Information Gathering Part I [Carnal0wnage Blog] Posted: 03 Jul 2008 02:47 PM CDT The first part of my article on Maltego for Information Gathering is available on EthicalHacker.net http://www.ethicalhacker.net/content/view/202/24/ "According to their web site, "Paterva invents and sells unique data manipulation software. Paterva is headed by Roelof Temmingh who is leading a light and lethal team of talented software developers." On May 6 2008, they released a new version of a very kewl tool named Maltego. "Maltego, is an open source intelligence and forensics application. It allows for the mining and gathering of information as well as the representation of this information in a meaningful way. Coupled with its graphing libraries, Maltego, allows you to identify key relationships between information and identify previously unknown relationships between them. It is a must-have tool in the forensics.security and intelligence fields!" Chris Gates' talk at ChicagoCon 2008s entitled "New School Information Gathering" touched on many tools and techniques. One of the tools he introduced to the audience is Maltego v2. This first in a two part series expands on this new tool with a basic introduction to Maltego followed by step-by-step personal recon tutorials. Part II will focus on infrastructure enumeration with Maltego." |
I was just getting ready to close down the laptop for the evening when I began thinking about how much my views have changed on our nation's energy policies. It's the 4th of July and I enjoyed a banana split to celebrate. (Long time since I've had one of those.) I was in high school during the 70's oil crisis and enjoyed those many years of driving 55 mph on the interstate (I'm being very facetious here.) I heard on Sirius radio that one of our congressmen proposed bringing back the 55 mph limit. While conservation is a good thing, so is our nation's (and my personal) sanity and bringing back the 55 mph speed limit is one of those ideas I hope we shoot down with a vengeance. I'm one of the biggest offenders of conservation when it comes to my Suburban, but I love to drive and I've enjoyed having a big vehicle. I hope to change that soon and move to a much more efficient vehicle once I decide what to buy. 
I'm glad Obama is strongly for creating energy alternatives. I would love to drive a hydrogen vehicle if they were available at a reasonable price with sufficient fueling stations available. I believe our nation's resources should be dedicated to becoming a new economy of alternative energy and green technologies. Just like John Kennedy ignited the American engineering spirit of the space program with his challenge to put a man on the moon before the end of the decade, we should make a current day challenge of bringing hydrogen cars and fueling stations across the country in less than ten years. Where's our government when we need it? 
If our government made the same kind of investment in becoming energy independent that we made to get to the moon, we'd be fueling a whole new economy of alternative energy businesses that could solve our energy problems and serve to the rest of the world. I believe in our continued investment in NASA but I'd delay everything we have on the table for the next 10 years to redirect that money into celebrating an Energy Independence Day in ten years or less. How about it Obama -- make the challenge: Energy Independence Day in less than 10 years. We do it, not because it is easy, but because it is hard... remember that kind of inspiration? Let's get moving, Washington.
It would be like selling China the oil equivalent of crack. Let them build up their dependence on oil to an even greater extent, and then sell them our green energy technology and products as even higher oil prices squeeze their economy and slow growth down the road. I do believe we have to drill for more oil using US resources to lessen the impact OPEC has on us. That doesn't mean we have to drill in Anwar, but parts of Colorado, Wyoming, South/North Dakota, Montana are sitting on sizable oil reserves. Those along with the oil sitting offshore could create at least a balancing factor against the current out of control oil price situation. Let others buy our expensive oil for a change, or they can buy our alternative energy technology instead. With the alternative energy and hydrogen cars created, the USA would be next generation OPEC 2.0 of alternative energy and oil. In ten years our problem could do a 180 and become our biggest strength. | You are subscribed to email updates from Black Hat Security Bloggers Network To stop receiving these emails, you may unsubscribe now. | Email Delivery powered by FeedBurner |
| Inbox too full? Subscribe to the feed version of Black Hat Security Bloggers Network in a feed reader. | |
| If you prefer to unsubscribe via postal mail, write to: Black Hat Security Bloggers Network, c/o FeedBurner, 20 W Kinzie, 9th Floor, Chicago IL USA 60610 | |
No comments:
Post a Comment