--- On Wed, 9/23/09, Dan Kaminsky wrote:
> Yes. Those of us who have a problem with the criminals and terrorists
> and whomever winning should probably stop worrying about
> some in extremis provision that'll never be triggered and worry
> more about the part where some certification authority c
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dan Kaminsky wrote:
> On Wed, Sep 23, 2009 at 6:28 AM, Paul Ferguson wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> On Tue, Sep 22, 2009 at 8:56 PM, Dan Kaminsky wrote:
>>
>>> I'm rather less concerned about 'presidential kill switc
>
> I don't have a problem with certification, per se.
>
I agree that we have a problem with asserting that *any*
certification means anything useful in the real world(*).
At the same time, I understand that trying to determine
what a one really *knows* (rather than what they can
parrot) i
> I'm a touch ambivalent about the certification thing. On the one hand it can
> be a pain (and one more damn course to take), on the other hand I can
> understand how external non-expert regulatory regimes could desire reasonable
> assurance that the folks doing the work are qualified.
Be tha
Why oh why did you already have pictures of Gadi's bum to use for this?
On Tue, Sep 22, 2009 at 8:25 PM, Larry Seltzer wrote:
> >>"Switches", in this context, are as likely as monkeys flying out of
> Gadi's posterior.
>
> Starting up Photoshop...
>
> Larry Seltzer
> Contributing Editor, PC Magazi
glad someone got my point. :)
On Sep 22, 2009, at 11:04 PM, ch...@blask.org wrote:
> On Tue, 9/22/09, Adriel T. Desautels wrote:
>
>> Right,
>> So what happens when someone pwns the switch?
>
> There is no switch.
>
> There never will be a switch.
>
> "Switches", in this context, are as lik
On Wed, 23 Sep 2009, Dan Kaminsky wrote:
> Bottom line: What if the only people allowed to do security work were CISSPs?
Or worse; What if it requires a security clearance?
___
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cg
>From one of his many movies. I'd like to them, but it's a premium site.
Larry Seltzer
Contributing Editor, PC Magazine
larry_selt...@ziffdavis.com
http://blogs.pcmag.com/securitywatch/
From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org]
On Behalf Of Michael Graham
Sen
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dan Kaminsky wrote:
> Be that as it may, the data rather clearly suggests certification in
> the security realm is (very) badly correlated with qualification.
Dan,
Do you have any hard numbers on this, or is this only based upon your experience
wit
Funny, I'm reminded of the book/movie 2010
(http://www.imdb.com/title/tt0086837/), the sequel to 2001 (that had to
suck no matter how good it was, because it couldn't compare to 2001).
They sent out another ship like the one that had failed because HAL went
nuts and they put in a kill switch, a lit
--- On Wed, 9/23/09, Dan Kaminsky wrote:
> Be that as it may, the data rather clearly suggests
> certification in the security realm is (very) badly
> correlated with qualification.
Well, be *that* as it may (and I agree, it certainly may be), we live in a
world where plumbers and lawyers (I'l
Eh, it's a moot point already. DoD regulation 8570 is probably the
inspiration for the senate order --- pretty much, if you are defense
contracting, everyone's looking at you to have something like a
CISSP. So, in terms of actual dollar figures, it was a done deal 2
years ago.
Since I wa
On Wed, 23 Sep 2009 12:59:35 EDT, Larry Seltzer said:
> "2010"... Dude, its' too much to be a coincidence.
>
> I imagine most people figure there's some wire somewhere that could be
> cut. Let's hope Al-Qaeda never finds it!
Interestingly enough, Rick Forno's Infowarrior list had a posting yeste
On Wed, 23 Sep 2009 12:51:43 EDT, Jon Kibler said:
> If you have any hard numbers, I would love to see them published!
Consider the (hopefully) attached .gif. Under what conditions is it funny?
<>
pgpGM9PFGVGMm.pgp
Description: PGP signature
___
Fun
"People stopped by the police in parts of London are having their phones
scanned and instantly checked
against a national database to determine whether they are stolen.
The on-the-spot checks, reminiscent of Police National Computer (PNC) checks
for stopped vehicles,
are being trialled by office
Wednesday OT reading, Google translation here:
"According AZHUR citing the press service of the FSB Border Control in St.
Petersburg and the Leningrad region,
last Sunday just five Afghans were trying "to storm" Russia-Finnish border.
Four citizens Afganistna, filed in Europe, after they lost the
> From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org]
> On Behalf Of Michael Graham
> Sent: Wednesday, September 23, 2009 11:15 AM
>
> Why oh why did you already have pictures of Gadi's bum to use for this?
Date sent: Wed, 23 Sep 2009 12:18:49 -0400
From:
--- On Wed, 9/23/09, Rob, grandpa of Ryan, Trevor, Devon & Hannah
wrote:
> So, I guess comments about broadband access would be out of
> line?
I, for one, am not getting dragged down into this sort of gutter discussion.
Therefore, I want to go on record as having stated in advance that I will
Date sent: Wed, 23 Sep 2009 12:59:35 -0400
From: Larry Seltzer
> I imagine most people figure there's some wire somewhere that could be
> cut. Let's hope Al-Qaeda never finds it!
Actually, per kill switches and Skynet type singularities, I am reminded of an
old
c
--- On Wed, 9/23/09, Adriel T. Desautels wrote:
> glad someone got my point. :)
Right there with you. It was my immediate response to the first Concerned
Inquiry I got from a friend: [sic]"Me, I'd just attack the switch, so you can
rest assured that it isn't ever going to happen."
I really a
> "People stopped by the police in parts of London are having their
> phones scanned and instantly checked against a national database to
> determine whether they are stolen.
> The on-the-spot checks, reminiscent of Police National Computer (PNC)
> checks for stopped vehicles, are being trialled b
21 matches
Mail list logo
