I’ve got a close mate. He works for a large US/Global “security” vendor. I may have mentioned him before.

He’s been working in the security industry for 10 years. (Sales).

He doesn’t know anyone we know in the security community. Never has. Never had a need to. Can’t see a reason to.

What he sells is the best! He tells me. He tells his clients. They buy from him.

He gets disenchanted with his company and moves on every 2 years.

Now the new company sells the best shit! He tells me the last place was the worst and their offerings were crap.

Goto 2 sentences above.

He tells me the company “doesn’t care about security”. He doesn’t care. He’s honest….with me. “Meet my targets and life is good!” :)

You’ve probably met him. He’s a top bloke. You’ve probably bought from him because his stuff is the best.

He doesn’t care I post this stuff. He doesn’t read my stuff. Why would he?

He knows it’s here and it doesn’t stop us sharing a beer or 10.

He’s happy.

———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.

Posted in: UFOs, Uncategorized


Stay tuned….

Getting asked by people all the time why I do things like “Twitter” for example. As if it is something not so worthy. Background: here and here.

So have decided I would look at some of the real benefits of such applications in relation to our industry (and wider) in a much longer post. Who’s wasting their time or missing out? Is it that uncool? LOL……we’ll see.

DD



This terminology, acronym or whatever you want to call it, is nothing more than a vendor marketing tactic from the 90’s. It is BS and deserves no more from me now. It’s been done here in this post:
Cloud Computing is for Wankers

Our “industry” should be killing it (again) :-) – with clients and within ourselves. It is taking us backwards! Arghh!!!



From idea to concept, to proof of concept, almost anything to break the Net and systems on it is plausible. It’s been done over and over but because it’s been done as one offs so to speak, and dealt with as one offs, everything doesn’t seem as doomsdayish.

The DNS stuff has some wondering if the Net could potentially cope with this vuln. It will because it will be addressed as a one-off. One of a million such stories:
http://www.theregister.co.uk/2008/07/21/dns_flaw_speculation/

Is this latest DNS one a really bad one? I don’t know enough about it to comment.

All I know is that based upon the history of the Internet and what could happen, nothing can be discounted and anyone who thinks that the whole Net is eternally safe from a real big hit is probably optimistic.

End of the day, it’s the nuts we have to worry more about than the Net criminal elements. Everything going to crap is bad for business – for everyone. Just my 2c.



Tell all your friends….bad things are actually happening on the Internet:

http://www.theregister.co.uk/2007/09/11/online_threat_report/



The rantings of Craig Chapman, Computer Forensics Geek.

Now I don’t know about you, but this latest story on moths being bred with inbuilt remote sensing chips is bordering on the ridiculous, for a whole lot of reasons.

When I grew up watching Star Trek, the nasty ‘cyborgs’ were the ugly dudes with flesh growing around computer parts. The Cyborgs certainly weren’t moths (how uncool would that have been?). But, a mob of big-brained, cutting edge defence scientists, known as The Defense Advanced Research Projects Agency (DARPA) is apparently growing computer chips around insects for use in warfare surveillance. An ‘insect-cyborg’, they’re calling it.

Now I know what you’re thinking. You’ve gotta be kidding, right ?
No way, my cyborg friends. This is science-reality, not science fiction. The big-heads at ‘DARPA’, as they are known, are implanting computer chips in moths while still in the pupa stage. The moth grows around the chip and its nervous system can be controlled by a remote control.

Trotting out yet another sexy, defence techie acronym, the project is affectionately called the ‘Hybrid Insect Micro-Electro-Mechanical Systems’ (HI-MEMS) and it also includes outfitting other insects with miniscule sensors and a wireless transmitter which could send data from places inaccessible to humans.

“It is hoped by DARPA, that one day, a sensor-enabled insect with a 100-yard range could be placed within five meters of a target using electronic remote control and, potentially, Global Positioning System technologies.” From: http://government.zdnet.com/?p=3189

Now for the best bit: “Ultimately, the moth will be able to land in enemy camps in remote locations undetected and be able to beam video and other information back via what its developers refer to as a “reliable tissue-machine interface.” I say, stuff the enemy camps – I can think of a *far* greater application of this technology. Lets just say that I hope Paris Hilton’s bedroom windows have lousy flyscreens.

According to zdnet: “This latest development will allow the moth cyborgs to spy on enemy insurgents, and is the most advanced robotic technology ever conceived by DARPA.” Latest technology? Perhaps. A great idea doomed to failure ? I believe so.

In line with (much loved) rantings of Bruce Schneier http://www.schneier.com, the most advanced technology can often be defeated by the simplest and cheapest of means. So I have two words for the big tech-heads and their multi million dollar Hi-Mems cyborg insect project at DARPA….. ‘Pea-Beau’.

More articles on moth cyborgs:
http://www.foxnews.com/story/0,2933,276182,00.html



SecurityFocus has one of the better stories on; US Agency Security.

Its always been a source of amazement for me how bad some of these guys can be. Makes you wonder what hope others have if these guys with their enormous budgets and “world-leading” expertise just can’t get the basics right.

Don’t tell me what this guy did was rocket science: Gary McKinnon Story.

Posted in: Dumb Security, UFOs