[funsec] CanSecWest 2008 PWN2OWN - Mar 26-28

Calendar Notes: === PacSec 2008 will be on November 12/13 in Tokyo at Aoyama Diamond Hall. EUSecWest 2008 will be on May 21/22 at a fun new venue in central London. (We cooked this schedule up so it will enable people to fly to Berlin on the 23rd and make FX's ph-neutral on Saturday the

Re: [funsec] Breach of Obama's Passport Information Leads to Firings at U.S. State Dept.

Similarly for most police access to the federal NCIC (National Crime Information Center) database. I was involved with an investigation and later firing of a police officer who tripped the alarms by looking up driving records of some actresses. /* Colin Rognlie [EMAIL PROTECTED] 831-440-896

Re: [funsec] Breach of Obama's Passport Information Leads to Firings a t U.S. State Dept.

t; http://www.washingtontimes.com/apps/pbcs.dll/article?AID=/20080320/NATION/5 41139809/ - - ferg -BEGIN PGP SIGNATURE- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFH4xyAq1pz9mNUZTMRAnELAKDZrYRVgGTJgzdP+xg7f8Borkgk2ACeLftp O/wlwTf+ZTHCmrD9s/oGPpw= =p2dw -END PGP SIGNATURE---

Re: [funsec] Breach of Obama's Passport Information Leads to Firings at U.S. State Dept.

On Fri, 21 Mar 2008, Paul Ferguson wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Via MSNBC.com. [snip] Two contract employees of the State Department were fired and a third person was disciplined for accessing passport records of Sen. Barack Obama "without a need to do so," State Depart

Re: [funsec] Breach of Obama's Passport Information Leads to Firings at U.S. State Dept.

Didn't this happen to Bill Clinton before he became president also? - Colin Paul Ferguson wrote: > Via MSNBC.com. > > [snip] > > Two contract employees of the State Department were fired and a third > person was disciplined for accessing passport records of Sen. Barack Obama > "without a need to

[funsec] Breach of Obama's Passport Information Leads to Firings at U.S. State Dept.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Via MSNBC.com. [snip] Two contract employees of the State Department were fired and a third person was disciplined for accessing passport records of Sen. Barack Obama "without a need to do so," State Department officials confirmed to NBC News. The t

Re: [funsec] FBI CP sting

Rich Kulawiec wrote: > This entrapment approach is off-the-scale stupid. Not to mention > probably unconsitutional, but IANAL. [...] > Good thing there are actually no serious issues to investigate, > like, oh, I dunno, massive corporate looting of the country or > high-level government corrupti

Re: [funsec] FBI CP sting

This entrapment approach is off-the-scale stupid. Not to mention probably unconsitutional, but IANAL. It presupposes that all accesses of the URL are human-generated, moreover, that they're deliberately human-generated. And of course, neither of those things are true. For example, an HTTP prox

Re: [funsec] FBI CP sting

- Original Message - From: "mark seiden-via mac" <[EMAIL PROTECTED]> >i think i can answer this question. > > they submit clicking on the link as an attempt to download porn and > say this in a probable cause affidavit for search warrant. I can see this as becomming the new vengance wea

Re: [funsec] FBI CP sting

i think i can answer this question. they submit clicking on the link as an attempt to download porn and say this in a probable cause affidavit for search warrant. they consider this as similar to an attempt (even one which fails) to purchase CP using a credit card. i worked on a case where so

Re: [funsec] FBI CP sting

ing the computer with the IP address >in question. Does that stand up in court? If so, why does it stand up? >Where's the presumption of innocence? Oh, wait -- it gets better. A CSRF booby-trapped URL can frame you: http://ha.ckers.org/blog/20080320/click-a-link-go-to-jail/ Enjoy.

Re: [funsec] FBI CP sting

> On Thu, 20 Mar 2008, Alex Eckelberry wrote: > > > The FBI has recently adopted a novel investigative technique: posting > > hyperlinks that purport to be illegal videos of minors having sex, > and > > then raiding the homes of anyone willing to click on them. > > That's just weird. Since the "

Re: [funsec] FBI CP sting

On Thu, 20 Mar 2008, Alex Eckelberry wrote: > The FBI has recently adopted a novel investigative technique: posting > hyperlinks that purport to be illegal videos of minors having sex, and > then raiding the homes of anyone willing to click on them. That's just weird. Since the "video" files con

[funsec] Anti-Virus Firms Scrambling to Keep Up

http://www.washingtonpost.com/wp-dyn/content/article/2008/03/19/AR2008031901 439.html?hpid=sec-tech The sheer volume and complexity of computer viruses being released on the Internet today has the anti-virus industry on the defensive, experts say, underscoring the need for consumers to avoid relyi

[funsec] FBI CP sting

http://www.news.com/8301-13578_3-9899151-38.html?tag=nl.e703 The FBI has recently adopted a novel investigative technique: posting hyperlinks that purport to be illegal videos of minors having sex, and then raiding the homes of anyon

[funsec] Spam mail "authentic validation verified" :-)

I received this little "gem" yesterday... Jeff > -Registered and USDA/FDA apprvoved- > > You're invited to purchase! > > We are pleased that you were referred to us. > We would like to invite you to our special > website only available to existing customers. > As a referral we are extending th