Re: [funsec] Virus that 'makes humans more stupid' discovered
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 11/10/2014 11:52 AM, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote: > http://www.independent.co.uk/news/science/virus-that-makes-humans-more-stupid- > > discovered-9849920.html > > Should probably check for algae around all machine rooms and user > work areas ... Too late -- it has already reeked havoc in the U.S. - - ferg - -- Paul Ferguson VP Threat Intelligence, IID PGP Public Key ID: 0x54DC85B2 Key fingerprint: 19EC 2945 FEE8 D6C8 58A1 CE53 2896 AC75 54DC 85B2 -BEGIN PGP SIGNATURE- Version: GnuPG v2 iF4EAREIAAYFAlRhHQgACgkQKJasdVTchbL9cwEA018Q/vu4fhdVkAPsbILkxGFy f9Idm0xEM+Fqaovq+ugBAI3H1aN8EBbHoa9z8EGxnVmD5JSoJYw9IA0AiTbF+OaV =6L3M -END PGP SIGNATURE- ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] US capitol not in US, according to TSA
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 > The average TSA worker earns $12-$17/hour. And you get what you pay for. - - ferg On 7/18/2014 9:28 AM, Bill Terwilliger wrote: > The average TSA worker earns $12-$17/hour. In Florida, where this > guy was from, he was probably closer to the $12 end of the scale. > This agent is probably in his early 20s and is only making slightly > more than someone working at a fast food restaurant. That is about > as “most people” as you can get. And given that most Americans > don’t understand confusing status of The District of Columbia, I > stand by my assertion that it is completely reasonable for someone > not to trust a license from some place that is not an state. > > This whole situation reminds me of countless experiences I’ve had > working with entry level IT/security people. Entry level people > are generally very passionate about their jobs, probably like this > TSA guy is, but they are still filling in knowledge gaps, so it is > reasonable to expect silly mistakes. For instance, how many of us > have been told that that a client connecting to a server has an IP > address of 169.254.1.2 but they are *certain* that the issue is > with the server? It would be easy to criticize an over zealous > newbie but that doesn’t help anyone in the long run. And that is > why I feel that this reporter is making a mountain out of a > molehill. Does he reasonably believe that no one at the TSA knows > that the District of Columbia issues their own licenses? If not, > then shouldn’t the story should be “1 TSA employee out of 50,000 > doesn’t know that District of Columbia issues their own licenses.” > > —bill > > On Jul 18, 2014, at 11:25 AM, Blanchard, Michael (InfoSec) > wrote: > >> Sorry, this guy is supposedly a trained professional he's >> not "most people" he should have known that DC issues their own >> license... > > > ___ Fun and Misc > security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec > is a public and open mailing list. > > - -- Paul Ferguson VP Threat Intelligence, IID PGP Public Key ID: 0x54DC85B2 Key fingerprint: 19EC 2945 FEE8 D6C8 58A1 CE53 2896 AC75 54DC 85B2 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iF4EAREIAAYFAlPJTkwACgkQKJasdVTchbK+VwD7BP8js5prVkkeSEsseV5xmbBK Vhb7ZmW6wGt5OL95ppsA/3Q1MQucRqzhh0HxLOLG9sCuHkQtoJipFrb5i8BnVRAc =/2dY -END PGP SIGNATURE- ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] US capitol not in US, according to TSA
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 "And it's not the first time. USA Today reports that, according to the Washington Post, a woman flying out of Phoenix in February that her D.C. driver's license was not acceptable, and asked her to show a passport. She was also allowed to board after asking to speak to a supervisor." http://www.aero-news.net/index.cfm?do=main.textpost&id=fc479042-6939-47a7-b4d9-9624ad70daf2 'Murica! *sigh* - - ferg On 7/17/2014 8:47 PM, valdis.kletni...@vt.edu wrote: > On Thu, 17 Jul 2014 23:23:37 -0400, Bill Terwilliger said: > >> The comment about smart people being involved is a bit >> presumptive. Geography knowledge may or may not be an indicator >> of intelligence but I somehow doubt that lack of it is an >> indicator of stupidity. > > OK. I admit *I* don't know what a DC driver's license looks like > either. > > But give me a *break*: > > When Gray handed the man his driver's license the agent demanded to > see Gray's passport. Gray told the agent he wasn't carrying his > passport and asked why he needed it. The agent said he didn't > recognize the license. Gray said he asked the agent if he knew what > the District of Columbia is, and after a brief conversation Gray > realized the man did not know. > > OK? The TSA guy *did not understand that DC is part of the US*. > > Which means the TSA's vetting process for employees is so weak that > they'll hire *people who don't know where the fuck the capital of > their own country is*. > > Now think *real* hard - would *you* hire a security guard who > didn't even understand that Washington DC is our nation's capital? > > > > ___ Fun and Misc > security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec > is a public and open mailing list. > - -- Paul Ferguson VP Threat Intelligence, IID PGP Public Key ID: 0x54DC85B2 Key fingerprint: 19EC 2945 FEE8 D6C8 58A1 CE53 2896 AC75 54DC 85B2 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iF4EAREIAAYFAlPJH2QACgkQKJasdVTchbJ7SgEAzNtwSFRn853bbCNwAwdGm9PH B7bR1ybx1Spgdbtp3tgBANNJ/2NeX6P4h8nkf+ruCxD8Sd0Hc6s0ningxlZxdpZQ =n6TW -END PGP SIGNATURE- ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Play Store Permissions Change Opens Door to Rogue Apps
Well, that's a little disturbing. :-/ I didn't think that I could actually trust my Android mobile phone less... congratulations, Google. - ferg On 6/11/2014 5:33 AM, Jeffrey Walton wrote: > http://www.xda-developers.com/android/play-store-permissions-change-opens-door-to-rogue-apps/ > > XDA is normally about the latest and greatest. Whether we’re talking > about the latest firmware revision or device, most people in the > Android tech community favor being on the bleeding edge. Sometimes, > however, the latest isn’t necessarily the greatest or the best way > forward. As we recently covered here on the XDA Portal, Google > released a new version of the Play Store, which among other things, > allows the use of PayPal to purchase apps and simplifies the > permissions interface shown to users. > > Under this happy facade, however, is a somewhat more sinister change. > The permissions system in Android, which has protected users since > Android hit consumer devices in 2008, was significantly (and fairly > quietly) watered down by Google in this Play Store update. Previously, > when an application update requested additional permissions, users > would be notified and have to accept the change before updating. This > continued when automatic updates were introduced, as applications with > permission changes would require a manual update and approval of the > new permissions. > > This system worked fairly well. If an app changed its permission > needs, you’d be notified, and could choose whether to accept the > update. With the most recent Play Store update, however, users are not > told about certain permission changes if they don’t result in the > addition of permissions to a new group. Given the sheer breadth of > permissions a group now covers, this effectively leaves Android with > only 13 permissions. An application can quietly update itself in > future, to grant itself access to further permissions within a group, > with the user left none the wiser. > > Once an app is granted an individual permission within a group, that > application has the ability to add any other permissions from the > group in a future update, without users being notified of the change. > To quote Google: > > You won’t need to manually approve individual permissions > updates that belong to a permissions group you’ve already > accepted. > > For example, contacts and calendar permissions are now grouped into > one. An app with the ability to read your contacts could, without you > receiving clear and prominent notices, add calendar permissions to the > group. This would allow the application full access to snoop through > your calendar, and even send Emails to calendar appointment guests, > without your consent. > ... > > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > -- Paul Ferguson VP Threat Intelligence, IID PGP Public Key ID: 0x54DC85B2 ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Has anyone had this day:
On 4/2/2014 5:57 PM, Ben April wrote: > https://www.youtube.com/watch?v=BKorP55Aqvg > I have been in that meeting many, many times. :-) - ferg -- Paul Ferguson VP Threat Intelligence, IID PGP Public Key ID: 0x54DC85B2 ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Fallout from leak prosecution prompts Microsoft promise to stop snooping
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Too little, too late. If they hadn't been caught publicly violating this journalist's privacy, would they have been so (public) quick to change their "tactics"? Also: "If you are not paying for a product, you *are* the product." Free webmail is simply a stellar example of this maxim. - - ferg On 3/29/2014 6:07 PM, Jeffrey Walton wrote: > http://www.seattlepi.com/local/article/Fallout-from-leak-prosecution-prompts-Microsoft-5358047.php > > A former Microsoft Corp. worker accused of leaking Windows 8 to a > blogger appears poised to cut a plea deal as Microsoft swears off > the investigative techniques it used to catch him. > > As first reported here, federal prosecutors in Seattle claim > software architect Alex Kibkalo stole Microsoft trade secrets while > working for the company. Investigators contend Kibkalo was also > caught bragging about leaking Windows 7 program files, as well as > an internal system meant to protect against software piracy. > > The prosecution highlighted Microsoft’s internal investigation > into the matter, which saw Microsoft security dig through the > unidentified blogger’s Hotmail account in an effort to unmask him. > > That revelation prompted Microsoft on Friday to pledge not to comb > through user’s email if investigators suspect the user stole from > Microsoft. The Redmond corporation has instead promised to refer > its suspicions to law enforcement. ... > > ___ Fun and Misc > security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec > is a public and open mailing list. > - -- Paul Ferguson VP Threat Intelligence, IID PGP Public Key ID: 0x54DC85B2 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iF4EAREIAAYFAlM4KF4ACgkQKJasdVTchbKsvwD/dXy3GPyjmaCNMV+ARHdt8M+N yh73IDMk4ryukYikR0QBAL7vYVngu5xplw4aROIPRv6EwVaRohoXR5cnp+gU6IFN =ifoK -END PGP SIGNATURE- ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] FBI wants your malware
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 The URL for this article is here: http://www.nextgov.com/cybersecurity/cybersecurity-report/2014/02/fbi-market-malware/78218/ More appropriate excerpt here: "The specific organization in need is the FBI Investigative Analysis Unit of the Operational Technology Division, a team of specialists providing on-the-scene tech support and "employing innovative, custom developed analytical methods" to analyze digital evidence, according to the solicitation." That doesn't sound so scandalous. VirusTotal's parent company, Google, could easily apply for this... or ShadowServer, or any number of organizations which maintain libraries of malware. - - ferg On 2/5/2014 10:30 AM, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote: > The FBI has sent out a call from malware, spam, and other unwanted > digital trash. > > They want to build a repository in order to ... well, actually, > they don't, and won't, according to the lack of response to a > number of media requests, say why. > > Of course, don't bother sending in your daily allotment of odio > lectus decipio urinatio (or spam trap diving). > > They want it bundled in a neat package, organized and categorized. > (I'm not sure why the existing repositories aren't good enough for > them.) > > Good luck, FBI. > - -- Paul Ferguson VP Threat Intelligence, IID PGP Public Key ID: 0x54DC85B2 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iF4EAREIAAYFAlLyibEACgkQKJasdVTchbIcjwEAweCYAl/REHCgWqVx5DP0MQIW 3yZd0/HGgCLXnn4gRjwBALcEijFOmhUVqm2Ad9Y5GrZwvmUXENw3HRV6NLEn4Kes =2Jzp -END PGP SIGNATURE- ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Nostalgia? Ethics in the Computer 'Virus' Era
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I just ran across something recently that I wrote back in 1992: http://www.textfiles.com/virus/virethic.txt I think I was one of the first (not "the" first, of course) people who used the tagline: "I love my country, but I fear its government." :-) Go Seahawks! - - ferg - -- Paul Ferguson VP Threat Intelligence, IID PGP Public Key ID: 0x54DC85B2 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iF4EAREIAAYFAlLudRMACgkQKJasdVTchbJyTAD/ffBkiAW+9YIE4n71DP1xp+V4 v5L7qnKb+sfWGZWnd+sBANbHttDuPgVErBwqjxFBKN4uWI4bG8uq+i9LYXVbWL6n =goQ2 -END PGP SIGNATURE- ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Windows 8 and wifi
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 1/23/2014 7:33 PM, Jeffrey Walton wrote: > Holy shit I can already imagine the fun Marlinspike or Kaminsky > is going to have abusing the validation mechanisms in programs for > X509 certs. > > Mozilla is going to have to start another list like the ccTLD > banned suffix list. > The fun is just starting. Even after 30 years we are just in our infancy. That is fantastic and horrifying at the same time. - - ferg - -- Paul Ferguson PGP Public Key ID: 0x54DC85B2 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iF4EAREIAAYFAlLh6DYACgkQKJasdVTchbLkdQD/SOPTB6JAYCP76+AndIFQwJTd sHeOxQgYk/7AMxqjwLIA/0zAG8YV5lnH2clMSRg5LAGVj4LqW4l85a8KIVFIl4H8 =AZye -END PGP SIGNATURE- ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Windows 8 and wifi
On 1/23/2014 6:35 PM, Richard Golodner wrote: > On Thu, 2014-01-23 at 18:01 -0800, Paul Ferguson wrote: >> What is this "Windows 8" you speak of? > > Paul, rumor has it is is an non-operating system, as Rob has just found > out. > Rich > I must have paused out while watching OMG newness: http://newgtlds.icann.org/en/program-status/delegated-strings - ferg -- Paul Ferguson PGP Public Key ID: 0x54DC85B2 ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Windows 8 and wifi
What is this "Windows 8" you speak of? - ferg On 1/23/2014 4:50 PM, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote: > Discovered today that, once you turn wifi off on a Windows 8 (or 8.1) > machine, it > is almost impossible to turn it back on. For example, on a laptop with a > wifi > toggle key (toggling the key off to save power or stop broadcasting on a > plane), > toggling the key back on doesn't necessarily re-enble the wireless network > > In fact, initially I couldn't even remember how I eventually did it. (And > Windows > Help was, as usual, no help.) > > (And, yes, I know that Win8 has an "airplane mode" setting, but that isn't > immediately accessible all the time.) > > Finally found that if you go to "Network and Sharing Center," then choose > "Change adapter settings," then the "Wi-fi" will show up, and if you > right/information/context menu-click on the *icon* (not the box), then you > can > get to re-enable wifi. > -- Paul Ferguson PGP Public Key ID: 0x54DC85B2 ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Exclusive: Secret contract tied NSA and security industry pioneer
Whoa, Nelly. "As a key part of a campaign to embed encryption software that it could crack into widely used computer products, the U.S. National Security Agency arranged a secret $10 million contract with RSA, one of the most influential firms in the computer security industry, Reuters has learned. "Documents leaked by former NSA contractor Edward Snowden show that the NSA created and promulgated a flawed formula for generating random numbers to create a "back door" in encryption products, the New York Times reported in September. Reuters later reported that RSA became the most important distributor of that formula by rolling it into a software tool called Bsafe that is used to enhance security in personal computers and many other products. "Undisclosed until now was that RSA received $10 million in a deal that set the NSA formula as the preferred, or default, method for number generation in the BSafe software, according to two sources familiar with the contract. Although that sum might seem paltry, it represented more than a third of the revenue that the relevant division at RSA had taken in during the entire previous year, securities filings show." More: http://www.reuters.com/article/2013/12/20/us-usa-security-rsa-idUSBRE9BJ1C220131220 - ferg -- Paul Ferguson PGP Public Key ID: 0x63546533 ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Friday social engineering
Couple that with: http://www.macrumors.com/2013/12/18/software-allows-hackers-to-activate-macbook-webcams-without-green-warning-light/ ...well, you get the picture (no pun intended). :-) - ferg On 12/19/2013 9:07 AM, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote: http://online.wsj.com/news/articles/SB10001424052702304403804579264272004 583860 "When women are present or when men are prompted to think about women, they act differently, research shows." "Sex-related cues like these have been found to make men more prone to take risks while playing blackjack, to discount the future when making economic decisions and to spend on conspicuous luxury items (but not on mundane expenses). Typically, the effects are strongest in single men. By contrast, these studies uniformly report that cues about males have no such effects on women." Male infosec professionals: don't think about woman when planning. Female infosec professionals: you can think about anything you want. -- Paul Ferguson PGP Public Key ID: 0x63546533 ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] The Sad Decline of '60 Minutes' Continues With This Week's NSA Whitewash
Wow, where to begin... I love the subject line above, which I used from this 'The Nation' article: http://www.thenation.com/blog/177598/sad-decline-60-minutes-continues-weeks-nsa-whitewash I was unsurprisingly stunned tonight that CBS had sunk even lower than Fox News in their reporting on the NSA tonight -- nothing less than pro-NSA propaganda. Here are a few initial thoughts that came out tonight -- and they will assuredly continue to roll in: 'How we know the 60 Minutes NSA interview was crap' http://blog.erratasec.com/2013/12/how-we-know-60-minutes-nsa-interview.html '60 Minutes': NSA Good, Snowden Bad http://www.thewire.com/national/2013/12/60-minutes-nsa-good-snowden-bad/356174/ 'Shame On Feinstein' Coalition Warns Of Silicon Valley Economic Impact From NSA Spying http://www.siliconvalleywatcher.com/mt/archives/2013/12/shame_on_feinstein_co.php One can only scratch their heads & wonder what CBS is doing here. Are they really this incompetent, or are they maneuvering somehow to support the Obama administration's attempt to only make 'cosmetic changes' to the NSA and FISA Court operations, and whitewash the NSA overreach? I've already seen several main stream U.S. news organizations 'interpret' the leaked recommendations from the 'oversight board' as 'sweeping' when they are nothing more than cosmetic & business as usual. See also: http://www.theguardian.com/world/2013/dec/13/nsa-review-to-leave-spying-programs-largely-unchanged-reports-say http://www.newyorker.com/reporting/2013/12/16/131216fa_fact_lizza?currentPage=all http://www.pogo.org/blog/2013/12/20131213-has-political-spending-defanged-intel-watchdogs-in-congress.html No pun intended, but the NSA and the Obama Administration are pulling a "Snow Job" on the American People. - ferg -- Paul Ferguson PGP Public Key ID: 0x63546533 ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Quote of the Day
"It can be a security conference anywhere around the world and, after a few beers with the attendees, you can guarantee the topic of CISSP will come up. Very rarely will it be positive. You see, CISSP has become the cockroach of the security community and it just wont die." - Gunter Ollmann http://technicalinfodotnet.blogspot.com/2013/12/the-cissp-badge-of-security-competency.html Enjoy! - ferg -- Paul Ferguson PGP Public Key ID: 0x63546533 ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Good grief, what *else* are they surveilling ...
On 12/2/2013 7:40 AM, Blanchard, Michael (InfoSec) wrote: Why **should** she be denied entry for depression that she’s been treated for anyway? If people get banned from travel because of depression, a large majority of Americans would be denied the ability to travel [1]. :-) - ferg [1] Actually, a "large majority" of Americans don't travel internationally anyways because they are slugs. -- Paul Ferguson PGP Public Key ID: 0x63546533 ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] "Identity Thief"
*rimshot* :-) On 10/9/2013 10:43 AM, Chester Wisniewski wrote: Maybe it wasn't funny because it was so far in the future? 20013 humour can be a touch strange. cw On 10/09/13 13:25, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote: I really should know better. Last night, hoping that, in two hours, Hollywood might provide *some* information on an important topic, even if limited, I watched "Identity Thief," a movie put out by Universal in 20013, starring Jason Bateman and Melissa McCarthy. It is important to point out to people that, if someone phones you up and offers you a free service to protect you from identity theft, it is probably not a good idea to give them your name, date of birth, social security/insurance number, credit card and bank account numbers, and basically everything else about you. This tip is provided in the first thirty seconds of the film. After that (except for the point that the help law enforcement might be able to give you is limited) it's all downhill. The plot is ridiculous (even for a comedy), the characters somewhat uneven, the situations crude, the relationship unlikely, the language profane, and the legalities extremely questionable. (The best line in the entire movie is: Sandy - "Do you know what a sociopath is?" Diane - "Do they like ribs?" I know this may not seem funny, but trust me: it gives you a very good idea of how funny this movie really is.) == (quote inserted randomly by Pegasus Mailer) rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org Madness takes its toll. Please have exact change ready. victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links http://blogs.securiteam.com/index.php/archives/author/p1/ http://twitter.com/rslade ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. -- Paul Ferguson Vice President, Threat Intelligence Internet Identity, Tacoma, Washington USA IID --> "Connect and Collaborate" --> www.internetidentity.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Don't mess up your Web people ...
On 10/7/2013 10:19 AM, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote: http://nycfreshmarket.com/ Ha! - ferg -- Paul Ferguson Vice President, Threat Intelligence Internet Identity, Tacoma, Washington USA IID --> "Connect and Collaborate" --> www.internetidentity.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Adobe: Important Customer Security Announcement
I'm guessing you haven't seen this: https://krebsonsecurity.com/2013/10/adobe-to-announce-source-code-customer-data-breach/ - ferg On 10/3/2013 3:15 PM, Jeffrey Walton wrote: Sigh It would be nice if there was a full accounting of what precisely was egressed. I wonder if the key to the data was egressed from the file system with the rest of the data. Or maybe the bad guy decrypted the data first before egress. http://blogs.adobe.com/conversations/2013/10/important-customer-security-announcement.html ... Our investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on our systems. We also believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. -- Paul Ferguson Vice President, Threat Intelligence Internet Identity, Tacoma, Washington USA IID --> "Connect and Collaborate" --> www.internetidentity.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] The ultimate illegible PowerPoint slide!
Holy crap. - ferg On Thu, Jun 20, 2013 at 11:49 AM, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote: > http://www.gartner.com/technology/research/digital-marketing/transit-map.jsp > -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] On the Internet, the NSA Definitely Knows You’re a Dog (Comic_
Enjoy: http://allthingsd.com/20130617/then-and-now-comic/ - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] "1984" sales spike
There's this one too. https://petitions.whitehouse.gov/petition/repeal-whole-or-part-usa-patriot-act-order-stop-secret-warrantless-collection-data/pmTnXNw8 On Jun 14, 2013, at 5:31 AM, Vic Vandal wrote: > While on the NSA surveillance / PRISM topics, if you take issue with the > rampant invasion of citizen privacy by the U.S. government, then make your > voice heard by adding your name to one or more of these petitions. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Edward Snowden: the whistleblower behind the NSA surveillance revelations
Also: http://www.npr.org/blogs/thetwo-way/2013/06/10/190320993/daniel-ellsberg-nsa-leaker-showed-battlefield-courage - ferg On Mon, Jun 10, 2013 at 8:07 AM, Jeffrey Walton wrote: It looks like Edward Snowden gets to join the ranks of Jesselyn > Radack, Thomas Drake, William Binney, Bradley Manning. Best of luck to > him > > > http://www.npr.org/blogs/thetwo-way/2013/06/10/190293209/who-is-edward-snowden-the-nsa-leaker > > Edward Snowden, the 29-year-old former CIA technical assistant who has > of explosive leaks about was among "thousands upon thousands" of such > analysts hired to manage and sift through "huge amounts of data," > NPR's Tom Gjelten . > > He's "what we'd normally call a geek," Tom added. > > Indeed, about the young man who it says was behind last week's leaks > concerning National Security Agency programs that sweep up data on > phone calls and Internet activity. It paints a portrait of a mediocre > student with a GED degree who joined the Army in 2003, but was > discharged after breaking his legs in a training accident. Snowden > says he later wound up working with the CIA and then a contractor > because he's skilled at computer programming. > ... > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] US CERT: Washington, DC Radio Station Web Site Compromises
I don't recall seeing a US-CERT advisory when a particular website has been compromised. I think that it is only "of government interest" because these particular watering hole attacks used comprised websites in the Washington, D.C., area which are highly popular with people living in that area -- namely government employees and government contractors. See also: http://www.invincea.com/2013/05/k-i-a-wtop-com-fednewsradio-and-dvorak-blog-site-serving-malware-media-sites-compromised-to-push-fake-av/ - ferg On Tue, May 21, 2013 at 12:36 PM, Jeffrey Walton wrote: > Thanks Paul. > > Have you ever seen US CERT issue against a website? Or is this new > reporting introduced with the recent email procedure change. > > Jeff > > On Tue, May 21, 2013 at 2:26 PM, Paul Ferguson wrote: >> No conspiracy theories here -- just "yet another" watering hole attack. >> >> See also: >> >> https://en.wikipedia.org/wiki/Watering_Hole >> >> It has become a fairly common attack/victimization methodology. >> >> - ferg >> >> >> On Tue, May 21, 2013 at 10:46 AM, Jeffrey Walton wrote: >> >>> This is kind of interesting I've don't believe I have ever >>> received a US CERT bulletin calling out a website for distributing the >>> flyby goodness. >>> >>> I wonder if the radio station does not fully support the current >>> regime. Could it be more tactics like we have recently seen at the >>> IRS? >>> >>> https://www.us-cert.gov/ncas/alerts/TA13-141A -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] US CERT: Washington, DC Radio Station Web Site Compromises
No conspiracy theories here -- just "yet another" watering hole attack. See also: https://en.wikipedia.org/wiki/Watering_Hole It has become a fairly common attack/victimization methodology. - ferg On Tue, May 21, 2013 at 10:46 AM, Jeffrey Walton wrote: > This is kind of interesting I've don't believe I have ever > received a US CERT bulletin calling out a website for distributing the > flyby goodness. > > I wonder if the radio station does not fully support the current > regime. Could it be more tactics like we have recently seen at the > IRS? > > https://www.us-cert.gov/ncas/alerts/TA13-141A > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Oh, please, I thought we were past this kind of thing ...
That's a year old? - ferg On Tue, Apr 23, 2013 at 10:39 AM, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote: > FBI Uses ‘Sledgehammer’ to Seize E-Mail Server in Search for Bomb Threat > Evidence > > http://www.wired.com/threatlevel/2012/04/fbi-seizes-server/ > > "In addition to Mixmaster’s remailing service, which helps human rights > activists > and others prevent their communications from being traced to them, the server > was used by the Seattle-based digital activist group Riseup Networks, as well > as May > First/People Link, a politically progressive internet service provider. The > server > was operated by European Counter Network, an ISP based in Italy. > > "The seizure silenced more than 300 e-mail accounts, between 50 and 80 e-mail > lists, and several websites, according to a statement about the seizure > released by > Riseup on Thursday. The seized hardware had served academics, artists, > historians, > feminist groups, gay rights groups, community centers, and free-speech groups, > among others." > > (It doesn't seem to be an actual sledgehammer, just a "sledgehammer > approach.") > > "As a result, Liquid Motors, which provides inventory management and marketing > services to national automobile dealers and was not part of the > investigation, was > unable to fulfill its service contracts with customers. It was just one of > about 50 > companies that were put out of business by the raid." > > So now, is "finding out who might be using the same physical server" part of > your > risk management strategy? What about someone who is using the same NFS > server? > > > == (quote inserted randomly by Pegasus Mailer) > rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org > .::.::.::. >:: :. > -:.' : > :: :. >.:: :: >.:. :: >.:. :: >. :. > ;.;;,,.;;;.,, > ;. > ;. > :. > ::=!:=!!=:!=:==:=!:=!!=:==:==. > ::.::.:: :::.:: :: :: > ::.::.:: ::.:.::.::.::.:.::.: > ::.:: :: :: :.::.:: :: :: :.: > :. > :. > :. > > This lock means you can trust me with > your credit card > victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links > http://blogs.securiteam.com/index.php/archives/author/p1/ > http://twitter.com/rslade > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] EFF: Nobody Expects the Cyber Inquisition
"The House Subcommittee on Cybersecurity released a report Tuesday blasting the United States' cyber-preparedness for a wide range of cyber-tastrophes. "Though Senators and Congressmen have discussed an impending 'Cyber-Pearl-Harbor' literally hundreds of times, U.S. cyber-preparations have been in-cyber-adequate for a host of possible disasters, such as a cyber-Vesuvius, a cyber-Teapot-Dome-Scandal, or most alarmingly, a cyber-Bicholim-Conflict." The report goes on to recommend a nearly threefold increase for the annual spending on the Cyber-Department of Cyber-Prefixes." https://www.eff.org/pages/04/01 Enjoy! - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] New IETF Draft: Direct Random Access File Transfer
Enjoy! https://tools.ietf.org/html/draft-draft-draft-00 - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] ICANN announces Uniform Blocking Review Panel
http://jl.ly/ICANN/ubrp.html Enjoy, - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Mobile location data 'present anonymity risk'
tes." > > Dr Hidalgo notes that additional information would still be needed to > connect a mobility trace to an individual, but that users freely give > away some of that information through geo-located tweets, location > "check-ins" with applications such as Foursquare and so on. > > But the authors say their purpose is to provide a mathematical link - > a formula applicable to all mobility data - that quantifies the > anonymity/utility trade-off, and hope that the work sparks debate > about the relative merits of this "Big Data" and individual privacy. > > Sam Smith of Privacy International said: "Our mobile phones report > location and contextual data to multiple organisations with varying > privacy policies." > > "Any benefits we receive from such services are far outweighed by the > threat that these trends pose to our privacy, and although we are told > that we have a choice about how much information we give over, in > reality individuals have no choice whatsoever," he told BBC News. > > "Science and technology constantly make it harder to live in a world > where privacy is protected by governments, respected by corporations > and cherished by individuals - cultural norms lag behind progress." > > But Mr de Montjoye stressed that there is far more to location data > than just privacy concerns. > > "We really don't think that we should stop collecting or using this > data - there's way too much to gain for all of us - companies, > scientists, and users," he said. > > "We've really tried hard to not frame this as a 'Big Brother' > situation, as 'we know everything about you'. But we show that even if > there's no name or email address it can still be personal data, so we > need it to be treated accordingly." > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Spoofer Project
Hi, funsec people. :-) This kind of goes hand-in-hand with a much larger community project, but I'd like to encourage you to participate in the Spoofer Project, and share the results: http://spoofer.csail.mit.edu/ Please take a moment to download the software (it is safe, I promise!) -- there are software packages available for Mac OSX, Windows, and Linux. The source code is also available if you care to inspect it. I am simply curious to see if any of your home ISPs allow spoofed packets to originate from within their downstream customer networks. As some of you may (or may not) know, I co-authored BCP38 [1], which was published in May 2000, and yet there are an astounding number of ISP networks on the planet that still allow traffic with spoofed source addresses to originate from within their networks. This is the primary culprit in generated DNS Amplification Attacks, an issue which several of us are currently engaged in, and will be talking about for the months (and years?) to come in our community outreach. So if you have a few free moment, please take a few moments when you are at home and let me know the results. Thanks, - ferg [1] https://tools.ietf.org/html/bcp38 -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Open Recursive DNS Resolver Project
On Tue, Mar 26, 2013 at 11:16 AM, Gary Buhrmaster wrote: > On Tue, Mar 26, 2013 at 5:28 PM, Paul Ferguson wrote: > ... >> If you are hosting an Open DNS Recursive Resolver, or not doing some >> favor of BCP38 [3], please stop/start. :-) > > It would be nice to imagine that this will cause BCP38 to be widely > implemented, and for the Tier providers to add language to their > contracts to enable them to stop routing those downstreams that do > not implement it (and/or require BCP38 of their downstreams). But > you will say I am a dreamer > > Gary Well, DNS Amplification attacks are not going away -- if anything, they are getting worse and more intense: http://blog.cloudflare.com/the-ddos-that-knocked-spamhaus-offline-and-ho - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Open Recursive DNS Resolver Project
This is an important project -- one in which I plan to spend a lot of time this year (and into the future) evangelizing these problems (at the APWG CeCOS in Buenos Aires [1] next month & the MAAWG meeting in Vienna in June 2], for starters): Open DNS Resolver Project http://openresolverproject.org/ If you are hosting an Open DNS Recursive Resolver, or not doing some favor of BCP38 [3], please stop/start. :-) FYI, - ferg [1] http://apwg.org/apwg-events/cecos2013 [2] https://www.maawg.org/events/upcoming_meetings [3] https://tools.ietf.org/html/bcp38 -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Keep Google Reader Running!
Yeah, I saw that. Fingers crossed. :-) - ferg On Fri, Mar 15, 2013 at 10:53 AM, Paul M. Moriarty wrote: > > http://www.wired.co.uk/news/archive/2013-03/15/digg-reader > > On Mar 13, 2013, at 6:48 PM, Paul Ferguson wrote: > > As you may have heard, Google is planning on killing off it's stalwart > Reader on July 1st. > > I am really kind of bummed about this, because I think Reader is the > best damned RSS Reader out there, and regardless of what Google > thinks, there are quite a lot of us using it daily. > > If you care: > > https://www.change.org/petitions/google-keep-google-reader-running > > Google may damned well ignore it, but sign it anyways. :-) > > - ferg > > > -- > "Fergie", a.k.a. Paul Ferguson > fergdawgster(at)gmail.com > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > > -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Keep Google Reader Running!
http://www.wired.co.uk/news/archive/2013-03/15/digg-reader On Mar 13, 2013, at 6:48 PM, Paul Ferguson wrote: > As you may have heard, Google is planning on killing off it's stalwart > Reader on July 1st. > > I am really kind of bummed about this, because I think Reader is the > best damned RSS Reader out there, and regardless of what Google > thinks, there are quite a lot of us using it daily. > > If you care: > > https://www.change.org/petitions/google-keep-google-reader-running > > Google may damned well ignore it, but sign it anyways. :-) > > - ferg > > > -- > "Fergie", a.k.a. Paul Ferguson > fergdawgster(at)gmail.com > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Keep Google Reader Running!
Seriously -- you should see the comment storm on /. http://tech.slashdot.org/story/13/03/14/0033230/google-reader-being-retired :-) - ferg On Wed, Mar 13, 2013 at 6:58 PM, Steve Pirk wrote: > Hahahaha! Change.org... I love it. I bet they will notice it :) > Signed and shared. > > -- steve > > > On Wed, Mar 13, 2013 at 6:48 PM, Paul Ferguson > wrote: >> >> As you may have heard, Google is planning on killing off it's stalwart >> Reader on July 1st. >> >> I am really kind of bummed about this, because I think Reader is the >> best damned RSS Reader out there, and regardless of what Google >> thinks, there are quite a lot of us using it daily. >> >> If you care: >> >> https://www.change.org/petitions/google-keep-google-reader-running >> >> Google may damned well ignore it, but sign it anyways. :-) >> >> - ferg >> >> -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Keep Google Reader Running!
As you may have heard, Google is planning on killing off it's stalwart Reader on July 1st. I am really kind of bummed about this, because I think Reader is the best damned RSS Reader out there, and regardless of what Google thinks, there are quite a lot of us using it daily. If you care: https://www.change.org/petitions/google-keep-google-reader-running Google may damned well ignore it, but sign it anyways. :-) - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] NSLs, Other Privacy Issues
I'm assuming you have seen this? http://news.cnet.com/8301-1009_3-57572634-83/google-offers-data-on-fbis-national-security-related-requests-for-user-identities/ http://www.wired.com/threatlevel/2013/03/google-nsl-range/ - ferg On Tue, Mar 12, 2013 at 3:05 PM, John Bambenek wrote: > I'm working on a quick study on the use of NSLs and other aspects of > federal law/policy that impact computer privacy. Since, among other > things, this tends to be a pretty "libertarian" leaning group, I figured > I'd get your input on the things the US Gov't does that negatively > impacts privacy and recommendations for alternatives (besides the > obvious "stop it"). > > j > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] I'll believe corporations are people when they let them drive in the HOV lane ...
The first *best* step is to take the money out of politics altogether. - ferg On Tue, Feb 5, 2013 at 9:57 AM, Conrad Constantine wrote: > On 2/5/2013 12:46 PM, Dan White wrote: >> >> >>> e. General election will decide the president (or whatever office) >>> >>> f.No more electoral college >> >> >> Yes please. >> > > I still think my solution is the best. > > Parties do not elect their presidential candidates, only nominate them. The > population votes for all the presented candidates from all parties. > > with the Top three highest voted candidates (party irrelevant) now entering > the ring, gladiatorial combat ensues - to the death. Four years later the > president must again defend his title from a new batch of challengers. > > house and senate remain pretty much the same, however any citizen has the > right to challenge them in single combat for their position once every three > months. terms are otherwise unlimited. > > Hey, it might not be a perfect form of government, but at least it will have > rich privileged people dying for their beliefs, instead of poor folks > sacrificing themselves for the same. > > > > > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] I'll believe corporations are people when they let them drive in the HOV lane ...
On Tue, Feb 5, 2013 at 10:26 AM, John Bambenek wrote: > On 2/5/13 11:54 AM, Paul Ferguson wrote: >> On Tue, Feb 5, 2013 at 9:39 AM, John Bambenek >> wrote: >> >>> It never gets old seeing the statement "voting contrary to their own >>> self-interest" because someone doesn't vote as you would have them do so. I >>> harbor no illusions that both major parties are pretty worthless, but the >>> unmitigated gall of that statement alone is appalling. You want to know why >>> our political system is screwed up, it's that exact mentality. >>> >> Spoken like a true Republican. :-) >> >> - ferg >> >> > Republicans say shit like that too. I may have run as one, but I'm an > equal opportunity partisan hater. That's probably not accurate, my most > heated bile is reserved for Republicans. I agree with you there, and there is enough to complain about involving all parties, incumbents, etc. - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] While we're all trying to fix politics, economics, etc.
Very strong, for whatever your definition of "strong" is. ;-) - ferg On Tue, Feb 5, 2013 at 9:49 AM, Rich Kulawiec wrote: > I have a question. Please to consider the following candidate password: > > S.3-t=2ga+Zilg59CEkp4 > > I'm curious as to how y'all would classify that on a scale of weak-to-strong. > > Yes, I have a reason for asking, but I'd like to withhold that for the > moment in order to gather opinions based on the merits. > > (And fixing politics, economics, etc.? Simple. When I am Supreme > Emperor and Lord of the...what?! Oh man...y'all are no fun at all. > Fine. *Fine*. You ingrates will have to do it the hard way.) > > ---rsk > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] I'll believe corporations are people when they let them drive in the HOV lane ...
On Tue, Feb 5, 2013 at 9:39 AM, John Bambenek wrote: > It never gets old seeing the statement "voting contrary to their own > self-interest" because someone doesn't vote as you would have them do so. I > harbor no illusions that both major parties are pretty worthless, but the > unmitigated gall of that statement alone is appalling. You want to know why > our political system is screwed up, it's that exact mentality. > Spoken like a true Republican. :-) - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] NetSol Website???
Try using the GeekTools WHOIS instead -- it is better, and always does proper rWHOIS recursion: http://geektools.com/whois.php Enjoy! - ferg On Thu, Jan 31, 2013 at 5:20 PM, Jeffrey Walton wrote: > Hi All, > > I've been trying to use Network Solution's WHOIS via their website for > a few days now. > > The website is not available. Instead, all I get is a plain text > message stating "Our Site is Temporarily Unavailable". > > Is anyone aware of a breach? > > Jeff > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Portable SDK for UPnP Devices (libupnp) contains multiple buffer overflows in SSDP
UPnP is a security nightmare. Period. - ferg On Tue, Jan 29, 2013 at 7:19 AM, Jeffrey Walton wrote: > Its too bad many folks are too l33t to use things like FORTIFY_SOURCE > or safer string/memory functions. > > There's a reason companies like Microsoft and Apple maintain banned > function lists (http://msdn.microsoft.com/en-us/library/bb288454.aspx > and > https://developer.apple.com/library/mac/#documentation/security/conceptual/SecureCodingGuide/Articles/BufferOverflows.html). > > How many home routers are vulnerable? > > http://www.kb.cert.org/vuls/id/922681 > > Overview > The Portable SDK for UPnP Devices libupnp library contains multiple > buffer overflow vulnerabilities. Devices that use libupnp may also > accept UPnP queries over the WAN interface, therefore exposing the > vulnerabilitites to the internet. > > Description > Universal Plug and Play (UPnP) is a set of network protocols designed > to support automatic discovery and service configuration. The Portable > SDK for UPnP Devices (libupnp) has its roots in the Linux SDK for UPnP > Devices and software from Intel (Intel Tools for UPnP Technologies and > later Developer Tools for UPnP Technologies). Many different vendors > produce UPnP-enabled devices that use libupnp. > ... > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Poor programming, app design bolster data breaches
I would argue that is even worse than that -- tens of thousands of website owners install Joomla or Wordpress (and their respective extensions and plugins) and then never bother to update them when there is a security patch upgrade. *This* is one of the primary problems. And it is *not* okay "itsoknoproblembro". :-/ - ferg On Tue, Jan 8, 2013 at 5:23 PM, Jeffrey Walton wrote: > http://www.infosecurity-magazine.com/view/30106/poor-programming-app-design-bolster-data-breaches/ > > With data breaches on the rise and the costs stemming from them > escalating exponentially, human error is often the culprit. But > there’s a deeper issue: poor application design and faulty programming > are all too common. > > It’s more important than ever to create secure applications during the > development phase, but very few strides have been made along that > path, according to Pieter Danhieux, an instructor at the SANS > Institute and co-founder of the security and hacking conference BRUCON > in Belgium. The teaching of application design and programming needs > to undergo a substantial change because students are not taught and > have not practiced secure design processes at an early enough stage, > he asserted. > > “Programming students will typically attend a single module on > security during a course and it often comes in the later part of the > educational cycle,” he explained. “The result is often a class of very > talented developers but they don’t think with security in mind.” > > That leads to poor security practices such as building applications > with buffer-overflow and SQL injection vulnerabilities that are widely > exploited by hackers. Danhieux also said that many of the fundamental > mistakes that he was exploiting as a penetration tester 10 years ago > are still the most common issues today. > > Approaches for combatting data breaches, from development to client > password policies, need to be supercharged in the face of a growing > threat, he said. “The US is one of the only countries with a > well-developed disclosure culture around security breaches, so the > assumption might be that there are relatively few incidents and that > America is the epicenter,” Danhieux said. “I can tell you for a fact > that the scale of the attacks is at epidemic proportions and it is > organized, well-funded and global.” > > Thus, website designers, architects and developers must understand and > learn web app vulnerabilities in-depth with tried-and-true techniques > for finding them using a structured testing regime. “The goal is to > learn the skills of an attacker so that students can become better > defenders,” Danhieux said. > > That’s not to say human error isn’t still a big part of the problem. > “You can’t say it’s just down to insecure program design,” he noted. > “The bigger problem is still due to insecure passwords, > over-privileged users and poorly patched systems.” > > Danhieux is familiar with the reality on the ground in his work for > BAE Systems Detica, an information intelligence company. “We deal with > incidents and security assessment results every day, and when you look > at the root cause analysis, 80% of the time it was one of these > issues,” he said. > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Problems with H-Online Security?
Loads fine for me. - ferg On Mon, Dec 31, 2012 at 4:43 PM, Jeffrey Walton wrote: > Hi All, > > Is anyne else having trouble connecting to H-Online? I have not been > able to read articles from their last 3 emailings (2 or 3 weeks). > > I tried to track the problem down with their webmaster, but we could > not find anything wrong. Pings and mail went through fine. It appears > it lmited to HTTPand HTTPS (I did not try other protocols). > > Here's a link that can be used to test if you have a morbid curiosity: > https://www.h-online.com/security/news/item/29C3-successful-attack-on-encrypting-hard-drives-1775111.html. > > Jeff > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Black Swans and the Challenge of Mitigating the Unknown
On Mon, Dec 24, 2012 at 9:56 AM, Conrad Constantine wrote: >> >> http://securitymanagement.com/article/black-swans-and-challenge-mitigating-unknown-0011332?page=0%2C1 > > > [In the interest of putting the 'Fun' back into this 'Sec' thread.] > > The author of the linked article keeps talking about this dude called Nissan > Taleb - is that Nassim's brother? Sounds like he owns a car dealership. > Yep -- Nassim has two brothers -- Nissan and Toyota. :-) - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Black Swans and the Challenge of Mitigating the Unknown
this case, the possibility of arming > adminstrators or teachers, or as was debated several years ago, arming > pilots). I think these run a high risk of lowering the bar for attackers, > because they reduce the problem set. To wit: "how do I get a gun and bring > it into X?" becomes "how do I take away the gun that you brought into X > for me?" and of course in some situations the latter is a much easier > problem to solve. > > I note with interest that this is the strategy that the NRA is advocating: > add more people with more guns. Unsurprising. But it won't work, > because it has never worked, e.g.: > > http://citypaper.com/news/columns/nothing-changes-1.1418123 > > "If being heavily armed and willing to shoot back was the only > thing keeping us from mass shootings, then there'd be an empty > wall in Washington where it lists all the police officers killed > in the line of duty." > > A gun does its possessor no good in these kinds of situations unless > the holder (a) has it loaded (b) has it in their hand (c) has the > safety off (d) sees or hears the attack coming (e) has the ability > to quickly figure out which target to shoot at (f) has the ability > to hit the target under duress (g) has the ability to miss non-targets > (h) manages to do all of the above before running out of bullets > (i) manages to do all of the above before being shot enough times > to be incapacitated or dead. > > Outside of Hollywood fantasies, this is a VERY low-probability sequence > of events. Even very, very well-trained professionals often can't pull > this off, viz.: > > http://citypaper.com/news/columns/nothing-changes-1.1418123 > > "I used to work for and with a guy who was shot in the head by a > guy who was trying to kill the president of the United States; > you know, a guy who is surrounded almost 24-7 by some of the > most heavily armed, best-trained law enforcement officers in > the world. Didn't stop Jim Brady or Ronald Reagan from taking > a bullet." > > [4] http://www.childstats.gov/americaschildren/tables/pop1.asp reports a > 2012 estimate of 76 million children in US, ages 0-17. The F-22 program > cost estimate was $62B in 2006, and no doubt that number has gone up > significantly since. So, roughly speaking, that's $1K/child just from > one program. > > Also note that the combined cost of the pointless military adventures > in Iraq and Afghanistan is somewhere in the $4T ballpark (see > http://www.reuters.com/article/2011/06/29/us-usa-war-idUSTRE75S25320110629) > which comes out to something like $50K/child. > > Estimates of the cost of the equally pointless "war on drugs" vary, > but it's also in the trillions range over the past several decades. > (See: http://www.mattgroff.com/questions-on-the-1315-project-chart/ > for one look.) > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Fwd: [DNSOP] RFC 6781 on DNSSEC Operational Practices, Version 2
Big fun. ;-) FYI, - ferg -- Forwarded message -- From: Date: Fri, Dec 21, 2012 at 5:30 PM Subject: [DNSOP] RFC 6781 on DNSSEC Operational Practices, Version 2 To: ietf-annou...@ietf.org, rfc-d...@rfc-editor.org Cc: dn...@ietf.org, rfc-edi...@rfc-editor.org A new Request for Comments is now available in online RFC libraries. RFC 6781 Title: DNSSEC Operational Practices, Version 2 Author: O. Kolkman, W. Mekking, R. Gieben Status: Informational Stream: IETF Date: December 2012 Mailbox:o...@nlnetlabs.nl, matth...@nlnetlabs.nl, miek.gie...@sidn.nl Pages: 71 Characters: 161581 Obsoletes: RFC4641 I-D Tag:draft-ietf-dnsop-rfc4641bis-13.txt URL:http://www.rfc-editor.org/rfc/rfc6781.txt This document describes a set of practices for operating the DNS with security extensions (DNSSEC). The target audience is zone administrators deploying DNSSEC. The document discusses operational aspects of using keys and signatures in the DNS. It discusses issues of key generation, key storage, signature generation, key rollover, and related policies. This document obsoletes RFC 4641, as it covers more operational ground and gives more up-to-date requirements with respect to key sizes and the DNSSEC operations. This document is a product of the Domain Name System Operations Working Group of the IETF. INFORMATIONAL: This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. This announcement is sent to the IETF-Announce and rfc-dist lists. To subscribe or unsubscribe, see http://www.ietf.org/mailman/listinfo/ietf-announce http://mailman.rfc-editor.org/mailman/listinfo/rfc-dist For searching the RFC series, see http://www.rfc-editor.org/rfcsearch.html. For downloading RFCs, see http://www.rfc-editor.org/rfc.html. Requests for special distribution should be addressed to either the author of the RFC in question, or to rfc-edi...@rfc-editor.org. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. The RFC Editor Team Association Management Solutions, LLC ___ DNSOP mailing list dn...@ietf.org https://www.ietf.org/mailman/listinfo/dnsop -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Three Wise Men
"The story of the three wise men got me wondering: What if you did walk towards a star at a fixed speed? What path would you trace on the Earth? Does it converge to a fixed cycle?" http://what-if.xkcd.com/25/ Enjoy! - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Happy Holidays: Grandma Got Infected by a Trojan
Hat-tip to Max Weinstein at StopBadware.org. (To the tune of "Grandma Got Run Over by a Reindeer") https://www.stopbadware.org/blog/2012/12/21/grandma-got-infected-by-a-trojan - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] favor
Ke$ha made the list: http://www.wired.com/dangerroom/2012/12/more-dangerous/ - ferg On Fri, Dec 21, 2012 at 12:49 PM, Mc Guffin II, Tim wrote: > Disturbing because a kid that young is listening to Ke$ha? Against his own > will I'm guessing. Maybe even a form of punishment from his parents. > > http://www.youtube.com/watch?v=CFWX0hWCbng > > -Tim > > -Original Message- > From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org] On > Behalf Of Jeffrey Walton > > 13 in California: http://www.spokeo.com/Peter+Lanza. This is disturbing if > its the same person (kid): > http://www.youtube.com/watch?v=zGoLdPMZMOY > > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Santa Got Hacked: The Aftermath of a Breach Event
Pretty funny: http://www.securitybistro.com/blog/?p=4474 Happy Holidays, - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Black Swans and the Challenge of Mitigating the Unknown
A few days after discussing this with some local folks :-) I figured I would pass this along here -- it is an awesome article, and the principles can directly be applied to the InfoSec landscape: http://securitymanagement.com/article/black-swans-and-challenge-mitigating-unknown-0011332?page=0%2C1 If you are unfamiliar with the "Black Swan" issue as described in Nassim Nicholas Taleb's 2007 book, you should really read that, too: https://en.wikipedia.org/wiki/The_Black_Swan_%28Taleb_book%29 Understanding these issues is of paramount importance in understanding practical security and the evolving threat landscape. Enjoy! - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] In Defense of HTML5
I'll let people make up their own minds, of course, but I predict it will be a security nightmare. A former colleague (and great friend) at Trend Micro, Bob McArdle, did a nice write-up of HTML5 called "HTML5: The Good, The Bad, and The Ugly": http://blog.trendmicro.com/trendlabs-security-intelligence/html5-thegood/ http://blog.trendmicro.com/trendlabs-security-intelligence/html5-the-bad/ http://blog.trendmicro.com/trendlabs-security-intelligence/html5-the-ugly/ He wins my award for presenting this at the most number of conferences in 2012. :-) Also: "HTML5 Overview: A look at HTML5 Attack Scenarios" http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/reports/rpt_html5-attack-scenarios.pdf All are worth reading. - ferg (not at Trend Micro anymore :-) On Tue, Dec 4, 2012 at 12:00 PM, Stephanie Daugherty wrote: > As far as attack surface goes, the comparison between Flash and HTML5 really > isn't a comparison. > > I'll take the HTML5 pain if it replaces the black box of paper thin glass > that is Flash. > > > > > On Tue, Dec 4, 2012 at 2:08 PM, Jeffrey Walton wrote: >> >> >> http://www.thesecuritypractice.com/the_security_practice/2012/11/in-defense-of-html5-1.html >> >> Many of the broad family of specifications commonly grouped under the >> “HTML5” umbrella are scheduled to be completed in 2013, and with the >> release of Internet Explorer 10, the users of every major web browser >> flavor can enjoy rich Web apps written on the open web platform, with >> no need for plugins. >> >> Lots of people are excited about HTML5, but one group I don’t see as >> particularly excited are security experts, or perhaps they’re only >> excited in a rather cynical fashion. Full employment! Browser >> botnets! A lifetime of conference talks! And the malediction against >> HTML5 isn’t just coming from folks with a product to sell or a slide >> deck to submit – HTML5 has become a common boogeyman representing >> out-of-control complexity and vast attack surface for some of the very >> best analysts and researchers in the field. So, although developers >> are racing to embrace it, CISOs, CIOs and enterprise >> security decision makers as a group seem wary. >> >> Frankly this puzzles and distresses me, because from my perspective, >> HTML5 is a key part – perhaps the most important part – in one of the >> greatest security success stories in the history of computing. The >> story of the web browser over the last decade is the story of >> something completely unprecedented – a tremendous increase in >> functionality and use that happened side-by-side with a tremendous >> decrease in vulnerability and attack surface. Don’t believe me? >> Let’s go back a decade… >> >> ... >> ___ >> Fun and Misc security discussion for OT posts. >> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec >> Note: funsec is a public and open mailing list. > > > > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Will the digital cloud lead to a deluge of privacy class actions?
On Mon, Dec 3, 2012 at 7:33 AM, Blanchard, Michael (InfoSec) wrote: > Yah, those TOS's have to change I had no idea Apple's TOS was so bad... > Amazon can wipe your kindle without notice, including wiping all your e-books > with zero compensation or return... > So can Google (to your Android device), and now so can Microsoft (with apps obtained via the Windows App Store), including Windows 8. - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] "Skills gap"?
I agree with you, to certain point. :-) But I've also witnessed way too many instances of people with "Cisco certifications" who had no idea how to build networks. Sure, they could configure a router but... - ferg On Thu, Nov 29, 2012 at 10:32 AM, Gary Buhrmaster wrote: > On Thu, Nov 29, 2012 at 6:20 PM, Paul Ferguson wrote: > >> Short story: As an early Cisco engineer, I (and may other very >> talented people) helped develop the original CCIE program. I wince now >> when I hear people reference Cisco "certifications" because now, they >> are absolutely meaningless. > > It depends on whether you were wise enough to invest in the exam > preparation companies you were about to support. Those tests > are certainly meaning for those companies > > Gary -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] "Skills gap"?
Yes, I actually built real networks. :-) - ferg On Thu, Nov 29, 2012 at 10:28 AM, Blanchard, Michael (InfoSec) wrote: > Don't Cisco certs require you to perform a function on real equipment? Or > did they remove that piece :-( > > The tester would "break" a network in such a complex manner that the testee > would have to dig deep into their practical knowledge to make it work > again... within the allotted time period... > > I always liked that as a valid "test" of knowledge actually... > > Michael P. Blanchard > Senior Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE > Office of Information Security & Risk Management > EMC ² Corporation > 32 Coslin Drive > Southboro, MA 01772 > > > -Original Message- > From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org] On > Behalf Of Paul Ferguson > Sent: Thursday, November 29, 2012 1:21 PM > To: Rich Kulawiec > Cc: funsec@linuxbox.org > Subject: Re: [funsec] "Skills gap"? > > On Thu, Nov 29, 2012 at 5:31 AM, Rich Kulawiec wrote: > >> Certifications are, in practice, crap. >> > > Amen. > > Short story: As an early Cisco engineer, I (and may other very > talented people) helped develop the original CCIE program. I wince now > when I hear people reference Cisco "certifications" because now, they > are absolutely meaningless. > > Curmudgeonly yours, > > - ferg > > > -- > "Fergie", a.k.a. Paul Ferguson > fergdawgster(at)gmail.com > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] "Skills gap"?
On Thu, Nov 29, 2012 at 5:31 AM, Rich Kulawiec wrote: > Certifications are, in practice, crap. > Amen. Short story: As an early Cisco engineer, I (and may other very talented people) helped develop the original CCIE program. I wince now when I hear people reference Cisco "certifications" because now, they are absolutely meaningless. Curmudgeonly yours, - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Great fraud alert poster in bank
+100 - ferg On Wed, Nov 28, 2012 at 9:39 AM, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote: > https://krebsonsecurity.com/2012/11/all-banks-should-display-a-warning-like-this/ > -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Fwd: "Skills gap"?
Throwing gasoline on a blazing fire, eh? ;-) - ferg On Sat, Nov 24, 2012 at 1:30 PM, Steve Pirk wrote: > I think IT workers need to unionize :-) > > On Nov 24, 2012 12:56 PM, "Paul Ferguson" wrote: >> >> Forgot to copy the list... >> >> - ferg >> >> >> -- Forwarded message -- >> From: Paul Ferguson >> Date: Sat, Nov 24, 2012 at 12:49 PM >> Subject: Re: [funsec] "Skills gap"? >> To: Dirt Nap >> >> >> Well, I can't speak to every situation, of course, but I'm finding it >> quite hard to fill open jobs. And it's not really a matter of salary, >> but I *do* find it somewhat troublesome that anyone who has worked in >> Infosec for any significant amount of time expects a "rock star" >> salary... Having said that, I am happy to pay people above "entry >> level", but let's be for real here. :-) >> >> - ferg >> >> p.s. I am hiring. :-) >> >> On Sat, Nov 24, 2012 at 12:41 PM, Dirt Nap wrote: >> >> > The problem I find in my area is when it comes to info sec jobs they >> > have a >> > certain level of expectations. For example they expect someone who has >> > worked info sec for 10 years to accept a salary that is to say the least >> > entry level. When you try to negotiate with them to bump the salary up >> > they >> > refuse. The position doesn't get filled, or if it does it becomes open >> > after 90 days because the person seeks employment elsewhere. >> > >> > On Nov 24, 2012 2:48 PM, "Paul Ferguson" wrote: >> >> >> >> B.S. >> >> >> >> >> >> There *are* significant "wage increases, at least in Infosec. >> >> >> >> - ferg >> >> >> >> >> >> On Sat, Nov 24, 2012 at 9:51 AM, Rob, grandpa of Ryan, Trevor, Devon & >> >> Hannah wrote: >> >> >> >> > I see a lot of companies complaining that they can't get >> >> > skilled/trained >> >> > infosec >> >> > people. >> >> > >> >> > I see a lot of experienced infosec people out of work. >> >> > >> >> > >> >> > >> >> > http://www.nytimes.com/2012/11/25/magazine/skills-dont-pay-the-bills.html >> >> > >> >> >> >> >> >> -- >> >> "Fergie", a.k.a. Paul Ferguson >> >> fergdawgster(at)gmail.com >> >> ___ >> >> Fun and Misc security discussion for OT posts. >> >> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec >> >> Note: funsec is a public and open mailing list. >> >> >> >> -- >> "Fergie", a.k.a. Paul Ferguson >> fergdawgster(at)gmail.com >> >> >> -- >> "Fergie", a.k.a. Paul Ferguson >> fergdawgster(at)gmail.com >> ___ >> Fun and Misc security discussion for OT posts. >> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec >> Note: funsec is a public and open mailing list. -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Fwd: "Skills gap"?
Forgot to copy the list... - ferg -- Forwarded message -- From: Paul Ferguson Date: Sat, Nov 24, 2012 at 12:49 PM Subject: Re: [funsec] "Skills gap"? To: Dirt Nap Well, I can't speak to every situation, of course, but I'm finding it quite hard to fill open jobs. And it's not really a matter of salary, but I *do* find it somewhat troublesome that anyone who has worked in Infosec for any significant amount of time expects a "rock star" salary... Having said that, I am happy to pay people above "entry level", but let's be for real here. :-) - ferg p.s. I am hiring. :-) On Sat, Nov 24, 2012 at 12:41 PM, Dirt Nap wrote: > The problem I find in my area is when it comes to info sec jobs they have a > certain level of expectations. For example they expect someone who has > worked info sec for 10 years to accept a salary that is to say the least > entry level. When you try to negotiate with them to bump the salary up they > refuse. The position doesn't get filled, or if it does it becomes open > after 90 days because the person seeks employment elsewhere. > > On Nov 24, 2012 2:48 PM, "Paul Ferguson" wrote: >> >> B.S. >> >> >> There *are* significant "wage increases, at least in Infosec. >> >> - ferg >> >> >> On Sat, Nov 24, 2012 at 9:51 AM, Rob, grandpa of Ryan, Trevor, Devon & >> Hannah wrote: >> >> > I see a lot of companies complaining that they can't get skilled/trained >> > infosec >> > people. >> > >> > I see a lot of experienced infosec people out of work. >> > >> > >> > http://www.nytimes.com/2012/11/25/magazine/skills-dont-pay-the-bills.html >> > >> >> >> -- >> "Fergie", a.k.a. Paul Ferguson >> fergdawgster(at)gmail.com >> ___ >> Fun and Misc security discussion for OT posts. >> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec >> Note: funsec is a public and open mailing list. -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] "Skills gap"?
B.S. There *are* significant "wage increases, at least in Infosec. - ferg On Sat, Nov 24, 2012 at 9:51 AM, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote: > I see a lot of companies complaining that they can't get skilled/trained > infosec > people. > > I see a lot of experienced infosec people out of work. > > http://www.nytimes.com/2012/11/25/magazine/skills-dont-pay-the-bills.html > -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Twinkipocalypse
On Wed, Nov 21, 2012 at 2:01 PM, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote: > http://readersupportednews.org/opinion2/274-41/14639-vulture-capitalism-not- > unions-killed-twinkies > +100 - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Petraeus
On Mon, Nov 12, 2012 at 6:40 PM, Marc wrote: > > I put Homeland on my 'glad I missed it' list. > Actually, it is an *outstanding* series. Really. $.02, - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Petraeus
See also: http://www.wired.com/threatlevel/2012/11/gmail-location-data-petraeus/ - ferg On Mon, Nov 12, 2012 at 12:17 PM, phester wrote: > > On Mon, 12 Nov 2012, Rich Kulawiec wrote: > >> Upon further review...and since this is *funsec*, I'd like to ask a >> few rhetorical security questions about this. I'm sure there are >> more that haven't occurred to me yet. >> >> 1. How is it that the Director of the CIA does not know how to use >> email (relatively) securely? Did he really compose unencrypted messages >> to his paramour using CIA computers on the CIA network and send them >> via CIA mail servers? Really? REALLY? > > > He used gmail, from cia gear. Thousands of mails over a period of months. > > >> 4. If the internal mechanisms of government aren't sufficient to (quickly) >> catch a very very senior person having an affair -- and doing it >> incompetently -- then why should we believe that they're sufficient to >> catch a well-trained, careful, diligent spy? > > > By reading their personal mails? Should this be done by an algorithm, or > live person? > > > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Fwd: [Infowarrior] - Creepy Kinect Narc potential
Wait... what? - ferg -- Forwarded message -- From: Richard Forno Date: Tue, Nov 6, 2012 at 8:38 AM Subject: [Infowarrior] - Creepy Kinect Narc potential To: Infowarrior List Microsoft Is Turning Kinect Into a Narc Leslie Horn http://gizmodo.com/5958094/microsoft-is-turning-kinect-into-a-narc Kinect is tons of fun. Have you ever played Dance Central 3? Great game. But according to a newly discovered patent, the Xbox add-on is also maybe spying on you, which is totally not cool, man. This very big brother-y piece of intellectual property—Content Distribution Regulation by Viewing User—uses Kinect's camera to count the number of people in the room and in some cases, identify who they are. This "consumer detector" will charge you licensing fees based on how many bodies are present, and could even stop playback to collect on you if it detects more humans than you've paid for. Sorry if you have a baby face, because the tech could also check on ages and cut off mature content if the system doesn't think you're old enough. God, Kinect. Such a tattletale! [USPTO via Geekwire via BetaBeat] --- Just because i'm near the punchbowl doesn't mean I'm also drinking from it. ___ Infowarrior mailing list infowarr...@attrition.org https://attrition.org/mailman/listinfo/infowarrior -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Amazon customer service
Again this is Windows 8. All of the software now falls under the "app" model, allowing Microsoft to remove any content it wants. - ferg On Tue, Oct 23, 2012 at 11:42 AM, Blanchard, Michael (InfoSec) wrote: > So, how doe Microsoft remove content... and what "service" of theirs will I > not be using that gives them the ability to remove (or even SEE) what content > I have on *MY* computer? Unless they have a warrant, and probable cause, > they're only allowed to see two things JACK and SHIT as far as I'm > concerned > > > Michael P. Blanchard > Senior Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE > Office of Information Security & Risk Management > EMC ² Corporation > 32 Coslin Drive > Southboro, MA 01772 > > > -Original Message- > From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org] On > Behalf Of Rich Kulawiec > Sent: Tuesday, October 23, 2012 2:21 PM > To: funsec@linuxbox.org > Subject: Re: [funsec] Amazon customer service > > On Tue, Oct 23, 2012 at 10:34:07AM -0700, Paul Ferguson wrote: >> Not only can Amazon remotely "remove content", so can Apple (anything >> obtained via itunes store), and Google (via Android app store). And now so >> can Microsoft beginning with Windows 8. > > And therefore so can anyone who can successfully spoof these corporations. > > Congratulations, Amazon/Apple/Google/Microsoft, you're shipping systems > that are pre-compromised at the factory. > > ---rsk > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Amazon customer service
Not only can Amazon remotely "remove content", so can Apple (anything obtained via itunes store), and Google (via Android app store). And now so can Microsoft beginning with Windows 8. Enjoy. - ferg - Sent from my Android device. On Oct 23, 2012 10:23 AM, "Blanchard, Michael (InfoSec)" < michael.blanch...@emc.com> wrote: > > ToS's have been shot down in the courts when they've been confronted, not always but they have been. NOTHING prevents you from suing for any reason, even if you have an iron-clad contract... whether or not you'll be successful, that's a different story ;-) > > I would go to the press, I'd make the biggest stink that I possibly could loudly and publicly... the liberal media just LOVES stories like these... "little person against giant corporation" would be the byline I would mention in those interviews that I'm thinking about suing I'd get the EFF involved and anyone else that will listen and help make my story loud and public > > By the sound of it she had thousands of dollars worth of books on there > > I stand by what I said... I will never, nor any of my family members ever, purchase a Kindle, period I had no idea that they *could* remotely wipe my device once I buy a device it's mine to do what I wish with it... that might be using it as designed, or using my conventional item in an unconventional manner :-) > > Mike B > > Michael P. Blanchard > Senior Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE > Office of Information Security & Risk Management > EMC ² Corporation > 32 Coslin Drive > Southboro, MA 01772 > > > -Original Message- > From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org] On Behalf Of Rich Kulawiec > Sent: Tuesday, October 23, 2012 11:50 AM > To: funsec@linuxbox.org > Subject: Re: [funsec] Amazon customer service > > On Tue, Oct 23, 2012 at 02:55:14PM +, Blanchard, Michael (InfoSec) wrote: > > Wow, my next call would be to a lawyer > > Not much point in that. You agreed to their terms-of-service when > you bought the device, and those terms not only include the stipulation > that they can do this to you at will, but that all such disagreements > will be resolved in a manner of their choosing, which does not include > letting you sue them. > > ---rsk > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] [cisspforum] We're *way* beyond Ken Thompson ...
It's called software for a reason -- it is "soft". :-) - ferg On Thu, Oct 4, 2012 at 10:05 AM, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote: > > The BBC has posed the question: "Can we trust the code that increasingly runs > our > lives?" > > http://www.bbc.co.uk/news/technology-19347122 > > a) No. > > b) What makes you think you have a choice? > -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] No-o-o-o-o-o-o-o-o-o!!!
Okay, time to be truly alarmed. - ferg On Tue, Sep 25, 2012 at 2:20 PM, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote: > Forget global warming. > > The world financial crisis? Bah! > > Avian flu is for the birds. > > You wanna know real terror? > > "Global bacon shortage 'unavoidable'" > http://www.cbc.ca/news/business/story/2012/09/25/bacon-shortage-pigs.html > -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Sometimes, you gotta feel sorry for the poor TSA agent...
Maybe they were looking for a feeding tube: http://www.nbcbayarea.com/news/national-international/TSA-Agents-Allegedly-Strip-Search-Woman-Fiddle-With-Feeding-Tube-162985046.html - ferg On Thu, Jul 19, 2012 at 9:37 AM, wrote: > LOL, things he should have done / said: > > ---he should have just dropped his pants and said "... don't touch it too > much, it might explode!" > > --- unzipped and said "...isn't everyone's this big?" > > -- unzipped and said "See? Told you it was my dick..." > > --- done nothing but just said "Your wife will vouch that it's just my dick > in my pants" > > --- Will I live doc? > > Michael P. Blanchard > Senior Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE > Office of Information Security & Risk Management > EMC ² Corporation > 32 Coslin Drive > Southboro, MA 01772 > > > -Original Message- > From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org] On > Behalf Of Valdis Kletnieks > Sent: Thursday, July 19, 2012 11:51 AM > To: funsec@linuxbox.org > Subject: [funsec] Sometimes, you gotta feel sorry for the poor TSA agent... > > http://www.rawstory.com/rs/2012/07/16/tsa-frisks-man-with-worlds-largest-penis/ > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] .BOT
O Hai, Dan. Yay! Thx for the Lulz. kthxbai. :-) - ferg On Wed, Jun 13, 2012 at 11:26 AM, wrote: > Good news no more bots post 2013 as Amazon is applying for .bot gTLD :). > > -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] The Stuxnet worm, Obama, Bush, and Israel
A most excellent article this morning in the MIT Technology Review: "How Obama Was Dangerously Naive About STUXNET and Cyberwarfare" https://www.technologyreview.com/blog/mimssbits/27891/ Also, I really like this commentary by Mikko in Threat Level: "Why Antivirus Companies Like Mine Failed to Catch Flame and Stuxnet" http://www.wired.com/threatlevel/2012/06/internet-security-fail/ FYI, - ferg On Fri, Jun 1, 2012 at 9:04 AM, Vic Vandal wrote: > This isn't quite FUNsec, but it's an interesting article no doubt. We've all > heard suggestions that the U.S. and Israel were behind the Stuxnet attack on > the Iranian nuclear facility. This is the most revealing article I've seen > on it thus far though. > > http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.htm?_r=1&pagewanted=print > > I'll withhold individual commentary, though I do have varied opinions on the > article's content. > > Peace, > Vic -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Flame on!
For what it's worth, my distant cousin Rik has a great picture in his blog post about Flame -- enjoy. :-) http://countermeasures.trendmicro.eu/fighting-the-flames/ While Rik uses the B.S. detector, I use the B.S. Protector: http://www.banderasnews.com/howto/bullshit.htm Enjoy x2. :-) - ferg On Wed, May 30, 2012 at 8:48 PM, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote: > From: > Date sent: Wed, 30 May 2012 22:51:09 -0400 > >> oh and I love the way this is the "new APT" as well... > > Please ... I just got settled down from "Flame" ... mention APT and I'm > likely to > break out in blogs again ... > > http://blogs.securiteam.com/index.php/archives/1503 > -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] As you were ...
I knew it! :-) - ferg - Sent from my Android device. On May 10, 2012 4:10 PM, "Rob, grandpa of Ryan, Trevor, Devon & Hannah" < rmsl...@shaw.ca> wrote: > Apparently the Mayan's were as bad as anyone else changing their minds on > the > date of the end of the world ... > > http://www.sciencedaily.com/releases/2012/05/120510141905.htm > > == (quote inserted randomly by Pegasus Mailer) > rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org > The evening news is where they begin with 'Good evening,' and > then proceed to tell you why it isn't. >- http://twitter.com/judybishop/status/25012495785664512 > victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links > http://blogs.securiteam.com/index.php/archives/author/p1/ > http://twitter.com/rslade > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Happy Friday the 13th
Happy Friday the 13th -- from ISOI 10 in Montreal. - ferg On Fri, Apr 13, 2012 at 10:17 AM, Robert Slade wrote: > For all you non-triskaidekaphobics. > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Fwd: Hey NSA: Intercept THIS!
Hey NSA: Intercept THIS! http://www.veteranstoday.com/2012/03/18/hey-nsa-intercept-this/ Enjoy! - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] US spent USD 25 [million] on internet freedom in Middle East in 2012
Oh, irony of ironies... - ferg On Fri, Mar 16, 2012 at 8:00 PM, Jeffrey Walton wrote: > http://www.kuna.net.kw/ArticleDetails.aspx?id=2227525&language=en > > The US State Department confirmed late Thursday it spent USD 25 > million this year on internet freedom programming tools for activists > in the Middle East and elsewhere. > > In the past four years, the United States has spent USD 76 million on > training and tools for activists to allow them to remain online and > "safely exercise their freedoms of expression, and assembly on the > Internet and via other communication technologies," according to a > statement released by the State department. > > In the Middle East, the US-sponsored programming tools focusing on > aiding hundreds of thousands of pro-democracy protesters from shut > down by their respective governments by allowing them "unfettered > Internet access" and through mobile security software that allows for > posting directly from the phone to online. > > Noting that countering increasingly active internet surveillance and > censorship efforts aimed at suppressing individuals' exercise of their > human rights requires a diverse portfolio of tools and training, the > State Department said it grants support more advanced technologies, > including in Farsi and Arabic. > > To date, the US has also trained over 7,500 activists world wide > including many from the Middle East in cyber-self defense and plans to > expand its efforts in the Middle East and throughout the world. > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] You may already be a terrorist!
Pretty pathetic. - ferg On Sat, Mar 3, 2012 at 3:28 PM, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote: > http://www.takepart.com/article/2012/02/15/you-may-already-be-fbi-terror- > suspect-85-things-not-do > -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Google trying to create vendor lock with Chrome?
For the average user who chooses crappy passwords and never changes browsers? This is a fantastic idea. On Feb 17, 2012, at 5:37 AM, Patrick Laverty wrote: > How'd that work out with IE6? That's great to create passwords that no > one can remember, but what if you're not using Chrome? > > http://www.pcworld.com/article/250120/google_working_on_password_generator_for_chrome.html > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Fwd: [Infowarrior] - Cyberwar Is the New Yellowcake
Fyi, - ferg - Sent from my Android device... -- Forwarded message -- From: "Richard Forno" Date: Feb 14, 2012 11:29 PM Subject: [Infowarrior] - Cyberwar Is the New Yellowcake To: "Infowarrior List" The last few paragraphs are spot-on rational observations and recommendations. Which means, of course, they'll be marginalised by those in charge. -- rick Cyberwar Is the New Yellowcake, Fueling a Cybersecurity-Industrial Complex • By Jerry Brito and Tate Watkins • Email Author • February 14, 2012 | • 6:30 am | http://www.wired.com/threatlevel/2012/02/yellowcake-and-cyberwar/ In last month’s State of the Union address, President Obama called on Congress to pass “legislation that will secure our country from the growing dangers of cyber threats.” The Hill was way ahead of him, with over 50 cybersecurity bills introduced this Congress. This week, both the House and Senate are moving on their versions of consolidated, comprehensive legislation. The reason cybersecurity legislation is so pressing, proponents say, is that we face an immediate risk of national disaster. “Today’s cyber criminals have the ability to interrupt life-sustaining services, cause catastrophic economic damage, or severely degrade the networks our defense and intelligence agencies rely on,” Senate Commerce Committee Chairman Jay Rockefeller (D-W.Va.) said at a hearing last week. “Congress needs to act on comprehensive cybersecurity legislation immediately.” Yet evidence to sustain such dire warnings is conspicuously absent. In many respects, rhetoric about cyber catastrophe resembles threat inflation we saw in the run-up to the Iraq War. And while Congress’ passing of comprehensive cybersecurity legislation wouldn’t lead to war, it could saddle us with an expensive and overreaching cyber-industrial complex. In 2002 the Bush administration sought to make the case that Iraq threatened its neighbors and the United States with weapons of mass destruction (WMD). By framing the issue in terms of WMD, the administration conflated the threats of nuclear, biological, and chemical weapons. The destructive power of biological and chemical weapons—while no doubt horrific—is minor compared to that of nuclear detonation. Conflating these threats, however, allowed the administration to link the unlikely but serious threat of a nuclear attack to the more likely but less serious threat posed by biological and chemical weapons. Similarly, proponents of regulation often conflate cyber threats. In his 2010 bestseller Cyber War, Richard Clarke warns that a cyberattack today could result in the collapse of the government’s classified and unclassified networks, the release of “lethal clouds of chlorine gas” from chemical plants, refinery fires and explosions across the country, midair collisions of 737s, train derailments, the destruction of major financial computer networks, suburban gas pipeline explosions, a nationwide power blackout, and satellites in space spinning out of control. He assures us that “these are not hypotheticals.” But the only verifiable evidence he presents relates to several well-known distributed denial of service (DDOS) attacks, and he admits that DDOS is a “primitive” form of attack that would not pose a major threat to national security. When Clarke ventures beyond DDOS attacks, his examples are easily debunked. To show that the electrical grid is vulnerable, for example, he suggests that the Northeast power blackout of 2003 was caused in part by the “Slammer” worm. But the 2004 final report of the joint U.S.-Canadian task force that investigated the blackout found that no virus, worm, or other malicious software contributed to the power failure. Clarke also points to a 2007 blackout in Brazil, which he says was the result of criminal hacking of the power system. Yet investigations have concluded that the power failure was the result of soot deposits on high-voltage insulators on transmission lines. Clarke’s readers would no doubt be as frightened at the prospect of a cyber attack as they might have been at the prospect of Iraq passing nuclear weapons to al Qaeda. Yet evidence that cyberattacks and cyberespionage are real and serious concerns is not evidence that we face a grave risk of national catastrophe, just as evidence of chemical or biological weapons is not evidence of the ability to launch a nuclear strike. The Bush administration claimed that Iraq was close to acquiring nuclear weapons but provided no verifiable evidence. The evidence they did provide—Iraq’s alleged pursuit of uranium “yellowcake” from Niger and its purchase of aluminum tubes allegedly meant for uranium enrichment centrifuges—was ultimately determined to be unfounded. Despite the lack of verifiable evidence to support the administration’s claims, the media tended to report them unquestioned. Initial reporting on the aluminum tubes claim, for example, came in the form of a front page New York Times art
[funsec] WTF? Cyber bill to put US in charge of global cyber security
Cyber bill to put US in charge of global cyber security Matthew Hall February 9, 2012 - 12:18PM In the wake of the SOPA outcry, another controversial bill that puts the US in charge of global cyber dealings is simmering. While industry and public uproar has stalled the controversial online anti-piracy bills known as SOPA and PIPA, American legislators are maintaining an aggressive stance on cybercrime, preparing to vote on a new bill that, if passed, will force other countries to play by US rules. The bill - International Cybercrime Reporting and Cooperation Act - is likely to go to a vote in the next few months. It will place the United States at the forefront of the battle against international internet-driven crime by threatening economic sanctions on countries that allow cyber attacks to originate on their soil. "The issue of cyber security is so vital right now to US national security and to the United States economy," said Senator Kirsten Gillibrand, a co-sponsor of the proposed bill. It follows a change of heart from legislators on the earlier Stop Online Piracy Act (SOPA) and its cousin, the Protect International Property Act (PIPA), whose opposers say go too far in giving US law makers the power to bring down websites, effectively censoring the internet. The bill, 18 months in the making, will establish international protocols on the issues surrounding cybercrime, allow the US government to name and shame lax governments, and establish a framework for economic sanctions on uncooperative governments. "Right now, there is no protocol," Gillibrand said. "There is no way to call the Russian government and say 'You've got five guys sitting in a room over there who keep attacking our stock exchange – what are you going to do about that?' "We want to give incentives for countries that need our help, for countries that don't have a way to prosecute cyber crime, or to investigate these cases." Speaking before an audience of law enforcement officials, industry insiders and academics in New York City recently, Gillibrand said a personal fear was for a talented hacker to sell his skills to terrorist groups. "If countries that are players in this issue don't participate or don't actually try to enforce laws against cyber criminals we could have sanctions in terms of multilateral banking finance or we could have sanctions that would limit or suspend preferential trade programs. We could also suspend, restrict, or withdraw foreign assistance." Unsurprisingly, law enforcement officials have welcomed the bill. FBI Special Agent Mary Galagin, head of the agency's Cyber/Special Operations Division, believes technology is in danger of outrunning the legal framework applying to her office. "If we continue to increase the technology in the United States but legislation does not increase, then law enforcement will get to a point where we will go dark," Galagin said. "We cannot get the information we need to stop a terrorist attack, espionage, criminal attacks. "You can do a lot more harm to our country right now with a computer than you can with a lot of other weapons. It is kind of like the Pirates of the Caribbean out there. There are pirate ships. There is lots of gold. People are going for it." While terrorism and espionage is one focus, companies including Facebook and MasterCard support the bill in the face of an added twist – their interest in protecting private customer data from compromise. Chris Sonderby, Facebook's Associate General Counsel who oversees the company's global law enforcement relations, believes it's in the interest of private companies to partner with law enforcement agencies to protect customers as much as themselves. "People demand a level of security," said Sonderby, whose company holds data on over 800 million active users. "Those companies that don't protect information are those that people are going to be uncomfortable sharing with or they're not going to use. "There are powerful market incentives to make sure that companies you entrust information to have taken adequate steps to protect that data." That's a similar philosophy Senator Gillibrand is hoping US lawmakers can apply internationally in the next few months, after the US took the unprecedented step of naming Russia and China as a safe havens for criminal activity in the internet. "We have to elevate the issue," she said. "This bill won't dictate what laws Russia should enforce. It just asks Russia to care." http://www.smh.com.au/it-pro/security-it/cyber-bill-to-put-us-in-charge-of-global-cyber-security-20120209-1rmuk.html - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Teaching reporters infosec ...
While doing something flashy and interesting with your left hand, type your message quickly with your right hand. The keyloggers fall for it every time. :) On Jan 25, 2012, at 4:44 PM, Patrick Laverty wrote: > I thought this line interesting: > > "using Tor for online anonymity, the benefits of no-contract cell > phones, and how to trick keyloggers," > > What does that mean to trick a keylogger? > > > > On Wed, Jan 25, 2012 at 2:49 PM, Paul M Moriarty wrote: >> On Jan 25, 2012, at 10:48 AM, Robert Slade wrote: >> >>> http://www.cjr.org/the_news_frontier/teaching_cyber-security.php >>> >>> Does this provide us with any level of comfort or confidence? (Those two >>> are not necessarily equal ...) >>> >> >> It's a step in the right direction, though clearly it will be a long journey. >> >> - Paul - >> ___ >> Fun and Misc security discussion for OT posts. >> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec >> Note: funsec is a public and open mailing list. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Teaching reporters infosec ...
On Jan 25, 2012, at 10:48 AM, Robert Slade wrote: > http://www.cjr.org/the_news_frontier/teaching_cyber-security.php > > Does this provide us with any level of comfort or confidence? (Those two are > not necessarily equal ...) > It's a step in the right direction, though clearly it will be a long journey. - Paul - ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Google Docs illegal in Norway
Funny you should mention that: http://www.zdnet.com/blog/london/european-commission-8216in-denial-over-patriot-act-loophole/2556 - ferg On Wed, Jan 25, 2012 at 10:20 AM, Robert Slade wrote: > http://www.infosecurity-magazine.com/view/23463/use-of-google-docs-is-illegal-in-norway/ > > This is of particular interest to me right at this moment, because I'm in a > meeting, and one of our exec has mentioned our files directory. Our site is > hosted by Google, and our files are, of course, on Google Docs. ( > www.ismsug.org , in case anyone is interested.) > > However, I've got to say that the only thing that surprises me about > "Inspectorate states that the EU-US Safe Harbor agreement does not adequately > guarantee data protection in the face of the US Patriot Act. The Patriot Act > gives the US government the right and ability to demand personal data on any > person anywhere in the world if that data is held anywhere in the world by a > US company - such as Google" is that it has taken so long for someone to > object. My home province passed legislation a few years back stating that no > American company, or company that stores data in the US, can bid on medical > info systems. For exactly this reason. > -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Dr. Who returns!
Well, I personally doubt. Especially when looking at the date of the page. "Page last updated at 02:05 GMT, Wednesday, 1 April 2009 UK" On Tue, Jan 17, 2012 at 9:40 PM, wrote: > How can they be sure that these are not re-broadcasts of our 50 year old > signals? Would a reflection really be as clear as they state? > > 25 light years away, that's a hell of a skip! > > Michael P. Blanchard > Senior Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE > Office of Information Security & Risk Management > EMC ² Corporation > 32 Coslin Drive > Southboro, MA 01772 > > > -Original Message- > From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org] On > Behalf Of Rob, grandpa of Ryan, Trevor, Devon & Hannah > Sent: Tuesday, January 17, 2012 3:19 PM > To: funsec@linuxbox.org > Subject: [funsec] Dr. Who returns! > > http://www.rimmell.com/bbc/news.htm > > == (quote inserted randomly by Pegasus Mailer) > rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org > __ > || /\ || swiped > || __ | | __ || from > || \ \/ / || Mike > || /\ || Church > ||_][_|| @sfu.ca > victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links > http://blogs.securiteam.com/index.php/archives/author/p1/ > http://twitter.com/rslade > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Whutt teh fog, man ...
On Jan 18, 2012, at 2:29 PM, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote: > For a depressing survey of "average intelligence," see > https://twitter.com/#!/herpderpedia @herpderpedia These are the masses that some say would be much more secure in their use of the internet if they were only more educated about the risks. Good luck with that. - Paul - ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Christmas calls from Santa
Here's a yearly favorite of mine for this time of years -- children's Christmas letters to Christopher Walken. http://brandonbird.com/walken_letters.html Enjoy! - ferg On Mon, Dec 19, 2011 at 11:43 AM, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote: > ... via Google: > > http://www.sendacallfromsanta.com/ > > Interesting. Can appear to make the call come from any number. I'm not > absolutely sure that I want to generate any calls without permission, > although the > privacy statement seems to be pretty fair. > > Interestingly, the first question asked is about you, the user, intended to > find out if > you are old enough to use the service. Goof on that, and you will have to > delete > the cookies from the site "sendacallfromsanta." (Same format as Google domain > cookies, but I initially deleted all that Google and related domain cookies > and still > had problems.) > > Works only for US and Canadian numbers. > -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] All's fair in love and Black Friday shopping ...
It was foretold: http://talkingpointsmemo.com/archives/2011/11/sh_now_tasers.php Enjoy. :-) - ferg On Fri, Nov 25, 2011 at 11:53 AM, The Security Community wrote: > In this day and age she didn't have a taser-enabled iPhone? > > On Fri, Nov 25, 2011 at 1:51 PM, Rob, grandpa of Ryan, Trevor, Devon & > Hannah wrote: >> Black Friday violence update: woman sprays fellow shoppers at California >> Walmart with pepper spray: >> http://www.cnn.com/2011/11/25/business/money-black-friday-incidents/index.html > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Righard has left the building...
Best of luck, Righard! - ferg On Thu, Nov 3, 2011 at 8:53 AM, Righard Zwienenberg wrote: > Hello to all, > > > > My apologies if you receive this message multiple times, being connected to > many forums this may be inevitable! > > After 16 years working for Norman Data Defense Systems, per 1 November 2011, > this came to an end. > > Currently I am exploring what to do in the (near) future but I will be > looking for opportunities. > > Feel free to contact me if you have an opportunity or if you want to receive > my CV.. > > > > Regards, > > Righard > > +31-6-51303768 > > e-mail: righ...@knoware.nl > > e-mail: righ...@zwienenberg.org > > > > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] 15 Mind-Blowing Facts About Wealth And Inequality In America
On Sun, Oct 16, 2011 at 8:49 PM, Jeffrey Walton wrote: > On Sun, Oct 16, 2011 at 5:40 PM, Ivan . wrote: >> 15 Mind-Blowing Facts About Wealth And Inequality In America >> >> http://www.businessinsider.com/facts-about-inequality-in-america-2011-11?op=1 >> > Don't be fooled: its not rich versus poor (1% versus 99%). Both want > the same thing. > That's not true at all -- most people just want a level playing field, and a future for their children. http://politicsforabetteramerica.blogspot.com/2011/10/letter-to-53.html?spref=fb - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Siri?
On Wed, Oct 5, 2011 at 2:27 PM, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote: > In honour of the announcement of the iPhone 4S: > http://www.youtube.com/watch?v=5FFRoYhTJQQ > Siri-ous? - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] We're not #1
What about Google Weather? ;-) - ferg On Tue, Aug 30, 2011 at 12:23 PM, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote: > I am devastated to report that Vancouver has been judged (by the Economist) no > longer worthy of being the most liveable city on the planet. > > The reason is the shocking condition of the Malahat Highway, which frequently > cuts off access to the city for almost a day at a time. > > (Well, once, anyway.) > > Trouble is, the Malahat is not in Vancouver, or near Vancouver, nor does it > give > any access to Vancouver. It's on Vancouver Island. At closest approach, > about a > hundred km away. Across open water and past a few other islands. > > (Should we tell the Economist about Google Maps?) > -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Fwd: [Infowarrior] - LinkedIn pulls Facebook-style stunt
FYI, - ferg -- Forwarded message -- From: Richard Forno Date: Wed, Aug 10, 2011 at 7:49 PM Subject: [Infowarrior] - LinkedIn pulls Facebook-style stunt To: LinkedIn pulls Facebook-style stunt Privacy invasion by default By Richard Chirgwin http://www.theregister.co.uk/2011/08/11/linkedin_privacy_stuff_up/ Posted in Security, 11th August 2011 02:00 GMT LinkedIn has become the latest social networking site to decide that new features can be added and switched on by default, and users don’t have to be notified. The feature allows LinkedIn to use profile information like names and photos in third-party advertising, and seems to have been first noticed by blogger Steve Woodruff here. The feature – hidden away in the Orwellian-named “Manage Social Advertising” option – has to be switched off through a user’s account settings. Permission for this is tucked away in a new condition in LinkedIn’s Terms of Use, which makes it an opt-out feature. Already, Radio Netherlands Worldwide has reported that the new profile setting may breach Dutch privacy law. The CBP, The Netherlands’ data protection agency, says the use of LinkedIn members’ photographs can only be used in advertising material with the users’ explicit consent. The Radio Netherlands piece notes that the Dutch view is in line with that of the EU Data Protection Working Party, and also states that LinkedIn failed to properly notify users of the change. ® ___ Infowarrior mailing list infowarr...@attrition.org https://attrition.org/mailman/listinfo/infowarrior -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Cybercrime Targets Revealed
On Thu, Aug 4, 2011 at 12:17 PM, wrote: > So, how many requests have you guys received that sounded like this: > > "Does our antivirus software cover this new Shady Rat virus?" > Lots. ;-) - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Phone call
An old fraud, but apparently still going strong: http://www.snopes.com/fraud/telephone/microsoft.asp - ferg On Fri, Jul 15, 2011 at 6:52 AM, Drsolly wrote: > I just got a fun phone call. > > It was, he said, from Microsoft. They've found a virus on my computer! > > "Oh no," I said. > > "Yes," he said. > > He then offered me a free thing for getting rid of it, which I gratefully > accepted. > > He talked me through starting up my computer, running Internet Explorer, > going to his web site, clicking on a link to download his software, and > then running his software, all of which I did eagerly, while finding ways > to get him to tell me what I ought to be seeing, so that I could tell him > that's what I was indeed seeing. > > Then he asked me for the code number that came up, and that's where I > failed. I gave him a seven digit number, as requested, and he said it was > wrong. So I gave it again. No, it's wrong. At that point, I didn't feel > that I could plausibly change the number, and anyway, I didn't know how to > change it to make it right, so I gave it to him a third time. > > He regretfully concluded that he wasn't going to be able to help me, and > we parted good friends. > > I'm guessing that the number encoded my IP address. But this seems to me > to be an apallingly expensive way to plant a bot on spmepne's computer. > What happened to good old-fashioned spam? > > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Fwd: [Infowarrior] - TSA Threatens Congressman For Disclosing 25, 000 Security Breaches
FYI, - ferg -- Forwarded message -- From: Richard Forno Date: Sat, Jul 16, 2011 at 3:45 PM Subject: [Infowarrior] - TSA Threatens Congressman For Disclosing 25, 000 Security Breaches To: TSA Threatens Congressman For Disclosing 25,000 Security Breaches July 16, 2011 in Featured http://publicintelligence.net/tsa-threatens-congressman-for-disclosing-25000-security-breaches/ A complete video of the July 13, 2011 hearing in which Rep. Chaffetz discussed the 25,000 breaches. Homeland Security to Chaffetz: Stop the leaks of sensitive information (Washington Post): The Department of Homeland Security has complained to Rep. Jason Chaffetz (R-Utah) about what it says was an inappropriate disclosure of sensitive security information to the press by the House transportation panel that he chairs. In a letter dated Wednesday, a clearly miffed Department of Homeland Security Deputy Counsel Joseph B. Maher told Chaffetz that “sensitive security information” provided to his subcommittee by the Transportation Security Administration was illegally disclosed to the press. “This document was marked as [Sensitive Security Information],” Maher wrote, “and provided clear notice that unauthorized disclosures of the document violated federal law.” The letter was obtained by the Washington Post from an administration official. USA Today and other news outlets reported this week that “newly released” DHS documents revealed 25,000 security breaches at U.S. airports since November 2001. Maher called the information on past security breaches “a topic of particular interest to our adversaries” and said the law against unauthorized disclosure is designed to protect air travelers. In an angry response directly to DHS Secretary Janet Napolitano late Friday, Rep. Darrell Issa (R-Calif.), head of the House Oversight Committee, called Maher’s assertions “meritless” retaliation for the committee’s efforts to address “TSA deficiencies.” Issa called Maher’s letter a “threat to the entire legislative branch that this administration will seek retribution when non-classified information is shared with the public.” Issa denied that the security breach data was classified information. His staff said lawmakers and open-government groups have long debated whether security classifications are often used to hide embarrassing information. ___ Infowarrior mailing list infowarr...@attrition.org https://attrition.org/mailman/listinfo/infowarrior -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Looks like AZ LE can't catch a break...
FYI: Chinga La Migra Hacks Arizona Law Enforcement for Third Unprecedented Time http://www.databreaches.net/?p=19367 - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Fwd: [Infowarrior] - Hackers are being radicalised by government policy
FYI, - ferg -- Forwarded message -- From: Richard Forno Date: Fri, Jul 1, 2011 at 4:43 AM Subject: [Infowarrior] - Hackers are being radicalised by government policy To: Hackers are being radicalised by government policy LulzSec is not an isolated phenomenon – official efforts to control the internet are increasing online radicalisation • Loz Kaye • guardian.co.uk, Tuesday 28 June 2011 11.00 BST http://www.guardian.co.uk/commentisfree/2011/jun/28/radical-hackers-lulzsec-governments Now that the LulzSec boat has sailed over the horizon, it seems a good moment to take stock of the past weeks' "hacktivism" frenzy. We've been bombarded with images of oddballs lurking in murky chatrooms – geeky teenagers who are simultaneously global cyber-villains. Given the reporting, we'd be forgiven for thinking that it's all about the personal obsessions of a few nerds. This would be to ignore the wider context. LulzSec wasn't an isolated or unique phenomenon. People with passionate beliefs have been using new technological tools to effect change out of a sense of powerlessness. In the last year, I've watched 38 Degrees using the strength of association online to change government policy, WikiLeaks force transparency on those who'd rather run from it, even the amorphous mass that is Anonymous taking a stand on whatever issue they feel deserves their attention. These tools are now themselves under attack. Lord Mandelson's last gift to us, the Digital Economy Act, is just one of a raft of "three strikes laws" worldwide that threaten to cut off households from the web. Buried in the coalition's Prevent strategy is the assertion that "internet filtering across the public estate is essential". Nor is it solely a British issue; Nicolas Sarkozy called for global online governance at the eG8 in his attempt to civilise the "wild west" of the web. We're starting to see what this civilising process entails. Open Rights Group revealed that Ed Vaizey and lobbyists held a secret meeting discussing the future of web blocking powers. There was no public oversight and no one asked the net natives. Vaizey has relented a little via Twitter, consenting to open up the discussion – the Pirate Party and I welcome that invitation. It will take more, however, than getting a few NGOs around a table to ease the real sense of anger poisoning the online community. What even the MoD insists on calling "cyberspace" has become contested territory. Many recent events have been fuelled by a fear that the internet is under siege by governments hell-bent on restricting its subversive potential. Nato has added to this perception with violent rhetoric and an expressed desire to penetrate Anonymous. No surprise the response has been "Well, penetrate you, Nato". We've reached a critical juncture: either we sail headlong into escalating confrontation, or we attempt to change tack and reduce the tension by finding a democratic way forward, one that preserves our right to free association. From anonymous bloggers in Iran, to those using Twitter and Facebook in Tahrir Square and even teenagers in the bedrooms of Essex, there is a common thread. A feeling of persecution and dismay that our freedoms are being suppressed. These concerns haven't gone unnoticed; a recent report by the UN special rapporteur on free expression, Frank La Rue, explicitly criticised legislation including the Digital Economy Act, considering it to be a violation of freedom of speech. This broadside from La Rue has finally spurred our MPs into action. An early day motion calling for a review of the most invasive provisions of the Digital Economy Act has been sponsored by Julian Huppert. It is supported by only 26 of his colleagues, which seems to show that there are only a few in the Commons prepared to stand up for an online constituency. In the days ahead it may prove that the real headline last Saturday was not the disbanding of LulzSec, but the fact that ISP Telstra was pulling out of an agreement with the Australian government to implement web filtering due to worries about hacking. This was portrayed as a significant victory. As long as it seems that direct action is more effective than democratic engagement, it's clear that the former will appear a more attractive option to many. The official line that the internet is a dangerous territory to be subdued is responsible for an alarming radicalisation. This is not just an issue for the tabloids' oddballs and nerds, it's an issue for everyone who believes in the fundamental importance of freedom. It's time for governments to turn their ship around and plot a new course. ___ Infowarrior mailing list infowarr...@attrition.org https://attrition.org/mailman/listinfo/infowarrior -- "Fe