Symantec and commercial spyware
I have no sympathy for the consumers of Solid Oak as discussed, if that is the right word, in the well circulated Chloe Albanesius article dramatically entitled “Update: Symantec Screwup […]
Category Archives: Information Security
Politics in system security
I’m surprised that some of these behaviors that I mentioned a year ago haven’t changed. Yesterday many Apple users were installing a system security update. Depending on what article you […]
Bruce Schneier Facts
It is always great when people make old memes new again. Like the Chuck Norris Facts morphing into a way more entertaining Bruce Schneier meme. I guess someone noticed that […]
ITCi 2007
This is a presentation that I gave earlier this week at the ITCi Conference in San Diego, California. It was requested that I speak about security and compliance metrics, and […]
Truecrypt on OSX
I’m tired of waiting for a cross-platform whole disk encryption solution that isn’t garbage and/or highly proprietary.The Truecrypt people have been talking about and promising it for years. It’s been used by lots and lots of alpha-nerds on Windows and Linux.Perhaps these guys that seem like they’re scamming on FD will get it done.
Security Information Management [SIM]
This is no simple task as there is a lot of sales material that will promise anything, but from the presentation of the architecture and real-world benchmarking, a clear image may present itself.Two of the large commercial research firms authored materials were also gathered to assist in this mater, though one of them was shockingly inaccurate, unfamiliar with the history and utility of the tools in practice, and offered some very poor advice in its conclusions. Unfortunately this is all too common in my experience with commercial research, so the wise buyer of capital investment level hardware and software would be best served to spend the time evaluating each architecture, dependancies, and challenges if they are able.That being said, I will begin my presentation: A SIM implementation has the ability to solve a variety of problems at once due to its evolution from a log management platform.
Traffic analysis and internet scams
A talk given at Google by Professor Ross Anderson entitled Searching for Evil on August 23, 2007.
More wifi, more problems
So my DWL-G550 arrived today.”D-Link DWL-G550 High-Powered Wireless-G PCI Adapter” (D-Link Systems, Inc.)I threw it into the system and it powered up and loaded the correct Atheros drivers…. (Personal meaning you’re not running a authentication service like RADIUS, EAP or LEAP (which is just another kind of LEAP by Cisco), or 802.1x, but using PSK [Pre-shared Key] or a certificate.Second, now that you have your /etc/wpa_supplicant.conf configuration figured out from reading the instructions or from that link I mentioned.
WabiSabi is hilarious
With much press release fanfare, WabiSabiLabi has announced that it is to be a marketplace for exploit development.Some particularly funny mentions:Q: I don’t want to give you my personal data. Is there any other way I can partecipate to the marketplace?A: No.
SEO blog defacements
Jeremy Schoemaker asked me to write up a little something regarding the recent string of SEO web defacements for a non-technical audience which he posted in his blog.The SEO industry is very focused on being SEOs.Like many professionals, many attempt to avoid time consuming activities that are not core to their business…. This is a perennial theme of information security writings and I myself have touched on itWeb defacements are nothing new, but the media attention to SEO superstars is notable and makes their online presence an attractive high-value target. The recent mass defacement of SEO wordpress blogs that was launched from a technical adversary using tor is an example of what has become a not uncommon occurrence.What can SEOs, and bloggers in general, do to lessen the risk of public embarrassment from defacements, hacktivism, and information leakage?… (For example, the bugfix for Wordpress v2.0.6 addressed a correction for those webservers that had left register_globals set to “on.” Not recommended in the first place.)Hardening the web services themselves with security modules.Use of a NIDS or HIDS that will actively block or alert upon detection of questionable behaviors.All of these methods involves time and resources that could best be applied to doing what they do best, in this case, being a SEO.
Bad Penny 