I recently wrote a couple of to-be-published articles basically laying out
all the reasons why we as security professionals should not be running away
from so-called "new" technology. Essentially I am asking that we take the
time to really understand what's so new about this stuff. SmartPhones, the
"cloud", etc these are all repackaged versions of old technology. We're
terrified of them because we think we don't understand them. The sad part is,
We seem to be under the impression that all new technology is bad and
inherently insecure, it isn't. It's not any more insecure than the stuff we
have now. We need to consider what we sound like to users when we run around
screaming how terrible the stuff they want is when we can't secure the stuff
we think is okay to deploy. The truth is the new technology is no more
vulnerable to attack than the systems we "bles... (more)
Government Hackers – Party in the NSA
By: Tristan Jones
Last week in Las Vegas, the hacker convention Defcon 20 had a bit of a high
profile speaker. The aforementioned speaker was none other than General Keith
Alexander, of the National Security agency (read: in charge of US cyber
command). A top ranking government official has never been seen giving a
keynote speech at a hacker convention before.
The message that General Alexander had was for hackers to help out the US
government – that private sector Information security, hackers, exploit
developers, etc had to share informatio... (more)
Here I am at ShmooCon 2010 right in the middle of what people here in
Washington DC are calling Snowpocalypse 2010. The Metro, busses, and taxis
are all closed down and essentially the city has shut down. Being from
Cleveland I find it a little laughable but it’s still a pretty bad storm.
Well that hasn’t stopped ShmooCon from going strong.
This being my first hacker con it took me a little while to get acclimated to
what kind of talks would be interesting and relevant to me as a
network/firewall security guy. The first talk I found interesting was about
an OWASP project called O... (more)
Yesterday we started getting floods of malware alerts for machines on many
different networks that we manage going out to a site that was identified a
while ago for MS08-067 type activity. So we did our due diligence and
notified our clients that we were seeing this traffic attempting to leave
their network. As of now the alerts are still coming in.
If you've watched the news at all over the past couple of days you've heard
about the events in Austin, TX involving a plane being intentionally flown
into an IRS building there. Thankfully only the pilot was killed and our
thoughts g... (more)
Alternative Search Engines for the Contemporary User
by Michael Yanovich
When on the Internet, how do you find things? Many use a search engine.
Currently the most popular search engines that people flock to are Google,
Yahoo, Baidu, and Bing. As of January 2011 approximately 98% of all web
searches are done on these sites. However, there are quite a lot of other
search engines that make up the smaller 2%. Some with many features that
aren’t available from the big four. Here are a few that tend to come up
often in Internet discussions for being unique with features and results.