[funsec] Your car is out to get you
McAfee has released a new study on malware in cars: http://www.mcafee.com/autoreport Although some may see this as mere fear-mongering, without much substantiation, it is actually an outgrowth of a much earlier work on the topic: http://www.amazon.com/four-weekend-Belmont-Science- Fiction/dp/B0007FCDJY/ref=sr_1_8?s=booksie=UTF8qid=1315499979sr=1- 8 or http://is.gd/gUsgkI == (quote inserted randomly by Pegasus Mailer) rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org There is only one thing more painful than learning from experience, and that is not learning from experience. - Archibald McLeish victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links http://blogs.securiteam.com/index.php/archives/author/p1/ http://twitter.com/rslade ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Sony Just Hired a Chief Information Security Officer (CISO)
On Thu, 08 Sep 2011 01:40:23 EDT, Jeffrey Walton said: Philip Reitinger, former director of the United States National Cyber-Security Center, a division of the Department of Homeland Security, will be joining Sony as a chief information security officer, Sony said Sept. 6. Horses and barn doors... Security experts and industry watchers criticized Sony for not having had a CISO prior to the breaches. How can a worldwide company with billions in revenue and an even larger market cap not have a CISO? It boggles the mind, Phil Blank, an analyst in the security, risk and fraud practice area at Javelin Strategy Research, wrote on the market research firm's blog in May. If you spend more on coffee than you spend on IT security, then you will be hacked. What's more, you deserve to be hacked. -- Richard Clarke Anybody want to guess what Sony's coffee/itsec ratio was? pgpT12YyvxFVi.pgp Description: PGP signature ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Sony Just Hired a Chief Information Security Officer (CISO)
On 9/8/2011 4:01 PM, valdis.kletni...@vt.edu wrote: Anybody want to guess what Sony's coffee/itsec ratio was? Black-hat or White-hat? It took some nontrivial effort to create the now infamous Sony rootkit... Jeff ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Sony Just Hired a Chief Information Security Officer (CISO)
Jeff Kell to Valdis: Anybody want to guess what Sony's coffee/itsec ratio was? ...or still is? Do you really think making one high-profile (and presumably rather overpaid) C-level executive will greatly impact that ratio? Black-hat or White-hat? It took some nontrivial effort to create the now infamous Sony rootkit... That was outsourced. Some Pommie outfit from memory... Regards, Nick FitzGerald ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Sony Just Hired a Chief Information Security Officer (CISO)
On Thu, Sep 8, 2011 at 4:01 PM, valdis.kletni...@vt.edu wrote: On Thu, 08 Sep 2011 01:40:23 EDT, Jeffrey Walton said: Philip Reitinger, former director of the United States National Cyber-Security Center, a division of the Department of Homeland Security, will be joining Sony as a chief information security officer, Sony said Sept. 6. Horses and barn doors... Security experts and industry watchers criticized Sony for not having had a CISO prior to the breaches. How can a worldwide company with billions in revenue and an even larger market cap not have a CISO? It boggles the mind, Phil Blank, an analyst in the security, risk and fraud practice area at Javelin Strategy Research, wrote on the market research firm's blog in May. If you spend more on coffee than you spend on IT security, then you will be hacked. What's more, you deserve to be hacked. -- Richard Clarke Anybody want to guess what Sony's coffee/itsec ratio was? Its amazing a company with chronic security problems was able to operate without a CISO for so long (cf, http://attrition.org/security/rants/sony_aka_sownage.html). ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.