27 June, 2008

McAfee Hacker Safe in the news again

Not hacker safeThis is just ridiculous. Displaying a banner that says this site is safe is NOT a good business model. Although, being Nate McFeters certified is pretty awesome.

Posted by Jens "jdm" Meyer at 3:56 PM 0 comments
Labels: , ,

24 June, 2008

Insider threat exaggerated??

from: http://dutcherstiles.blogspot.com/2007/02/plural-of-anecdote-is-boring.htmlAccording to Verizon's 'Data Breach Investigations Report,' the insider threat is exaggerated. I'm not really sure I understand what they're trying to say, but I'm with Schneier on this; there are a lot more outsider attacks, so naturally the number of incidents directly attributed to outside attacks is higher, but really you can't quantify this type of thing. The insider threat is a serious one, and even though the article states, "When internal hacks occur, they tend to be nastier..." that hardly does the issue justice.

I get the sense that this report diminishes the severity of the insider threat, something I really don't understand. The biggest difference is that an insider already knows something about what he/she is attacking, and presumably already has access to the network. Those are two _huge_ advantages right there. I remember looking at the main SAN for a former employer and finding all sorts of very sensitive financial information out there for the taking. The only things I needed were access to the network and very general knowledge of where this info might be.

Companies still follow the 'crunchy on the outside...' idea right? For me, it boils down to defense in depth again and again. If an organization prepares awesome boundary defenses, great! But if/when someone does get in, the internal environment should be locked down as well. There's a problem with this though: having high confidentiality, integrity, and availability is tough. Tradeoffs must be made, so I guess Verizon's report is advocating trading the insider threat for a more secure boundary. The more I think about this, the more I think this is more complex than I initially thought. In any event, I question the usefulness of this report since it doesn't really say anything useful or even interesting.

Posted by Jens "jdm" Meyer at 9:05 AM 2 comments
Labels:

20 June, 2008

I've been streetviewed!

Google streetview has been gradually moving outward from NYC and today I see that the google mobile drove through my area. From the looks of it, a few months ago too. I think streetview is a cool idea, but after seeing my residence, car, and neighborhood on streetview, I must admit it's a bit creepy. It's easy to understand the privacy implications when you can virtually drive down your own street to your driveway.

Posted by Jens "jdm" Meyer at 9:12 AM 0 comments
Labels: ,

19 June, 2008

A window into SIGINT

rwnin posted up a video I had not seen before. I've always been fascinated with the NSA and general SIGINT. Pretty intriguing.

Posted by Jens "jdm" Meyer at 9:00 AM 1 comments
Labels: ,

18 June, 2008

Hacking electronic locks

Via Schneier, hacking electronic locks with magnets.

Posted by Jens "jdm" Meyer at 1:48 PM 0 comments
Labels: ,

17 June, 2008

Two interesting tools

Here are two interesting tools that I'd like to try out in the near future:

SIPVicious -- For auditing SIP-based VoIP systems
OSWA Assistant -- For hands-off auditing of (smaller) wireless networks

Posted by Jens "jdm" Meyer at 11:23 AM 0 comments
Labels:

Sometimes it's good to laugh at your mistakes...

...but sometimes you should learn from them. The TSA is being pretty ridiculous. After recently traveling abroad and being able to closely compare Newark Intl vs. other major airports, Newark is the worst in my book. In fact, Newark is one of the worst airports I have ever flown into or out of. Take for example the full 45 minutes it took for our luggage to start descending to the international baggage claim. That's 45 minutes AFTER going through immigration and physically standing by the little carousel. That's not the fault of the TSA though, I just wanted to complain. I did get to see a cute little bomb-sniffing beagle trotting around though :) When will the madness end?

Posted by Jens "jdm" Meyer at 10:12 AM 0 comments
Labels: ,

The human CAPTCHA market

RSnake posts links to human CAPTCHA breaking services; one of which, imagetotext.com, I have heard of before. Both RSnake and I argue that one of the problems with improving CAPTCHA is that it only encourages using cheap human labor to solve them all day. We still don't have a solution for this, although there are some interesting alternatives popping up. Still, CAPTCHA is inherently flawed in this regard. CAPTCHA must be (relatively) easy for a human to solve, yet difficult to solve algorithmically. The more effective CAPTCHA becomes at keeping real bots out, the more organized crime syndicates and spammers are obliged to use human bots to get the job done.

Posted by Jens "jdm" Meyer at 9:40 AM 0 comments
Labels: ,

Catching up on feeds is a bitch...

When you take a break from reading, you come back and have 180 new posts to catch up on...

Posted by Jens "jdm" Meyer at 9:38 AM 0 comments

Long hiatus from posting!

You may have noticed I haven't posted in a while. I've been outside the country taking in the sights, but now I'm back (for a week). Google reader has 174 posts queued up for me, so I've got some reading to do. Okinawa is great!

Posted by Jens "jdm" Meyer at 4:21 AM 0 comments

01 June, 2008

PDF Evilness

F-Secure posted on a seemingly innocuous PDF file that looks like the DHS immigration form that does some pretty serious evilness if you open it. The site the rootkit calls back to is nbsstt.3322.org, out of China, and seems to have some connection to the Chinese military or people involved with the Chinese military. Pretty crazy.

Posted by Jens "jdm" Meyer at 11:50 PM 0 comments
Labels: ,
Subscribe to: Posts (Atom)