On 9/11/12 2:52 PM, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote:
> http://www.nextgov.com/emerging-tech/2012/09/get-ready-computers-worldwide-
> automatically-smother-cyber-strikes/57977/
So we're going to respond, what, six months after the attack by reading
pastebin posts?
___
is to
>> make gasoline-based cars unaffordable as well?
>>
>> Larry Seltzer
>> Contributing Editor, PC Magazine
>> larry_selt...@ziffdavis.com
>> http://blogs.pcmag.com/securitywatch/
>>
>> -Original Message-
>> From: Michael Collins [mailto:mco
on has never sent me anything previously either. Same MO too;
> they sign off directly after they send it (or maybe temporarily
> block me)
> ____
> From: Michael Collins [mcoll...@aleae.com]
> Sent: Thursday, December 10, 2009 4:24 PM
> To: Al
Seltzer
> Contributing Editor, PC Magazine
> larry_selt...@ziffdavis.com
> http://blogs.pcmag.com/securitywatch/
>
> -Original Message-
> From: Michael Collins [mailto:mcoll...@aleae.com]
> Sent: Thursday, December 10, 2009 4:32 PM
> To: Dan Kaminsky
> Cc: Larry
But it's so much more *fun* to protect current business models and
outmoded energy production techniques rather than grab a brave new
future, Dan.
Seriously, I don't understand, even apart from the climate change
issue while people are so happy to keep sending money to the
custodians of t
Mother Earth is a heartless bitch, as any photograph of a cat penis
will inform you.
What's more relevant is that our existence is a brief fragile flash of
coincidence in an infinite universe of hostility, and pretending that
our stability is the natural state of affairs rather than a hard-
Sheer shock, probably. If it shocks you enough to click the link, the
goal is achieved, yes?
On Dec 10, 2009, at 12:35 PM, Alex Lanstein wrote:
> I get a fair amount of MSN messenger spam as I'm sure most do.
> Usually it's something like this:
>
> (8:55:50 PM) aimeebiwil...@hotmail.com: he
Why should a company opt for good, usable secure design when it's
going to delay them to market? After all, nothing truly horrible has
happened to them yet, certainly not as horrible as their competitor
getting a shoddy design out first?
Seriously, next you're going to tell me you expect
Agreed. We'd be well-served when talking about infosec to remember
that we can't quantify terms like 'good' or 'evil' or even 'harmful'
very well. Something to consider when people cry out for universal
remote access to everything.
I used to joke that one of our major headaches is that we
In my more cynical moods, I tell people it's a good thing that our
irrelevance largely matches our incompetence.
On Oct 19, 2009, at 3:29 PM, Paul M. Moriarty wrote:
> On Oct 19, 2009, at 12:25 AM, Paul Ferguson wrote:
>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> On Mon, Oct 19,
On Oct 13, 2009, at 9:02 AM, valdis.kletni...@vt.edu wrote:
> On Sun, 11 Oct 2009 23:31:08 CDT, Dan White said:
>
>> 1) Educating users on proper use of anti-virus and anti-malware
>> tools - and
>> being ADHD about installing OS updates.
>
> No, you *don't* want them being ADHD about OS update
I'll make a broad philosophical statement here Whee
I think at the heart of our headache is that we're all technologists
on this bus (with the exception of the lawyer, maybe). So we see
these as technological problems - you replace the strut, patch the
code, whatever, and the system
urray wrote:
> Michael Collins wrote:
>> Heh,
>>
>> One of the fun exercises I like to spring on people is to play out
>> the
>> following scenario: assume you've got an embedded system of some kind
>> being controlled by a windows 3.1 box. Let's sa
Heh,
One of the fun exercises I like to spring on people is to play out the
following scenario: assume you've got an embedded system of some kind
being controlled by a windows 3.1 box. Let's say it's doing something
like wrapping candybars or stamping plaques or wahtever, it's
piecework p
I have a paper a few years ago about predicting botnet location, the
next step of the work was to correlate my work with network security
policies and profiles of individual networks to see what the impact of
policy was. As soon as I finish inventing the 300-hour workweek I
wanted to get c
I'm torn on active netsec (AV, FW, IDS) because I'm pretty sure that
it's the least cost-effective place to work on security. At the same
time, from a management perspective you can buy it as a separate
component (am I secure? Well, I've checked off that "I bought a
firewall" box, so I *m
> "Any" security measure is a bit much. The collection of fixes that
> went alongside XPSP2 was pretty epic (firewall by default, massacre of
> SMB's anonymous surface, windows update) and almost entirely killed
> worms -- and their company-wide-compromises -- quantifia
I've done some cursory searching, and I'm in the midst of a deeper lit
review right now, but all signs point to there nit being empirical
evidence for the effectiveness of any security measure. I'll say more
when I've read more
Sent from my iPhone
On Sep 28, 2009, at 3:50 PM, Nick FitzGera
Eh, it's a moot point already. DoD regulation 8570 is probably the
inspiration for the senate order --- pretty much, if you are defense
contracting, everyone's looking at you to have something like a
CISSP. So, in terms of actual dollar figures, it was a done deal 2
years ago.
Since I wa
Bleah, this is what I get for not reading closely enough, the article
explicitly says "western grid". Still, for popular edificaiton, found
the link:
http://www.eere.energy.gov/de/us_power_grids.html
This doesn't also count out regional interesting things - the upstate
NY section of the gr
Interesting, but I'd be a bit curious to see if it's as easy as that
(not that I want to see the whole thing go down, that is).
Historically, the US doesn't have one "Grid", but three - a minimally
interconnected eastern and western grid, and a Texan grid that's
minimally interconnected to
Yes! Let's Cyberattack North Korea right now! Take out their
Commodore 128!
On Jul 10, 2009, at 4:31 PM, Jason Ross wrote:
> *sigh*
>
> I'm sure many have seen this already, but figured I'd
> go ahead and send the link out for those that haven't.
>
> http://www.wired.com/threatlevel/2009/07/s
The technique is generally grouped under Social Network Analysis, and
there've been some interesting research efforts with it. Kathleen
Carley over at CASOS uses the techniques to identify key figures in
criminal networks; I have a paper sitting around here somewhere that
uses SNA metrics
I preferred it when we called it an "Electronic Pearl Harbor".
I also swore I saw someone call it a Cyber-Katrina last week.
So many metaphors, so little time.
On Apr 7, 2009, at 6:05 PM, Paul M. Moriarty wrote:
> Blow up peering points?
>
> Wait, I got it: Rent 100's of backhoes across the co
I'm not surprised that DVD piracy funds terrorism; probably anything
which funds criminal syndicates funds terrorism. I just doubt that
it's a any more significant a funder for the IRA than drug running,
gun running or the Irish Sweepstakes have been.
On Mar 4, 2009, at 2:08 AM, Paul Fergus
Heh; remember Snakes on a Plane? There was a huge amount of internet
buzz around that; I think the movie was a major flop because most of
the buzz was focused on just how doofy an idea the film was.
On Feb 20, 2009, at 5:10 PM, Rob, grandpa of Ryan, Trevor, Devon &
Hannah wrote:
> A new co
Some moons ago, I would sit with a friend of mine from Romania and we
would laugh cynically when reading the usage scenarios in crypto papers.
On Feb 2, 2009, at 4:53 PM, Gregory Hicks wrote:
> http://xkcd.com/538/
>
> -
> Peo
We used to see, with worms, that people would put up rules blocking
that particular port for two weeks, and then pull 'em down. The net
result was that you'd see a spike in the same worm two weeks after the
initial outbreak. I think the problem we're dealing with here is more
of a basic u
I don't know if I'd say that that's as inspiringly insane as Chocolate
Rain.
A hypothesis: I think it's really just a function of marketing. I've
been spending some time over the past year reading "pre-genre" books
--- these are books that existed in a genre before the genre existed
(for e
29 matches
Mail list logo
