Pretty solid thinking/analogy, AT&T. I, as a young man, worked on a truck helping AT&T/Baby Bells in the mid-west, to re-equip (logistically). It was a complete mess. Before, it had been relaxed, the division of "turf" and the compartmentalization of departments/districts bred distrust. No one knew any of the "new guys". With confusion comes opportunity. So we now have this new infrastructure and AT&T is having a reunion. The case for necessary monopolies, could be made, but like any absolute power, needs strict oversight
U.S. vs Them, I'd pick us. Every. Time. Though, Germany would be a hell of a good choice.
WOW, I can hardly figure out where to start here. HOSTS? "When was the last time terrorists killed someone over the internet?!" That feature is in beta - coming soon !!! "It isn't about terrorism at all. It is about control and about policing the rest of the world." If you repeat a word over and over enough (terrorism), it loses meaning, is trivialized. It IS about control. DNS is part of that control. (think bypass, sieve) What if you HAD to pull the plugs? Think about that, I'll wait.
(God, I love the internet:-) "Should U.S. DHS be trusted?" Better question is about the policies of the Bush (v2.1b) administration. Question authority. Talk to power, carry a big stick, etc. Ummmm, what was the topic? DNS (Mockapetris-Postel), right. Defeat? With your own invention? (ARPANET) http://www.dei.isep.ipp.pt/~acc/docs/arpa.html Talk about shooting yourself in the foot and having a name such as "Smith" or "Wesson". Apathy, lack of awareness and naivety is the greatest enemy. We're (U.S.) so good at picking up the pieces. Education, prevention, awareness - not so good. Some need to understand you can use the internet to harm people - physically. It's called a malicious Logic Bomb. It IS rocket science. Ask your ex SysAdmin about them. Bios, Firmware, Flash memory, chip crowding, reconfigure with malice, and watch it burn. Been there, seen that. Do that on a National scale and you have a society meltdown right in front of your eyes, wait two days - stir. People were writing these things for hardware in the 80's and 90's, X-platform. Remember all that talk of "hardware eating viruses" that would crop up occasionally, and how that person would be flamed out of the thread? Ridicule and denial... the American way. Fingers in ears -la-la-la-la-la-la-la-la. There are no unbelievers on the battlefield. "The truly powerful signing key is for Windows Update" Why would you want any of that when you own the hardware? Think (rouge) Eastereggs: Microcode: Disguised Bugs:
Really, people have no idea what's going on now. I've been banging this drum since 1997. The NSA/CIA/DHS is starting to trickle out awareness of this very thing. Joel Brenner - The National Counterintelligence Strategy of the United States 2007, speaking last Thursday at the American Bar Association. (He speaks about the hardware problem near the end)
CLARKE:... China is building cyber warfare units. The Chinese general said publicly that if we get into hostilities with the United States, we will reach out through cyber space and turn off the American electric power grid. From what I can tell and what I learned when I was in government, that's possible. Not just China. I'll play Chicken Little, you... think about it. I'll wait.
It almost appears that we'd run in to the the "loving" arms of DRM (etc.) to escape future, more powerful variants. These "guys" (in general) are PhDs/Engineers and are not competing anymore, they're leading the "innovators", (look at AV Companies and the all struggling) OpenSource has been the only real response.... tap, tap, tap,... what to do, what to do.
This is a HUGE problem, that, seemingly no one cares about. A generation of pictures, information and general "stuff" becomes unrecoverable, worthless. I stills shoot film for important subjects just for this reason (I'm so smart/broke - huh?) I believe Hollywood had this problem with "nitrate" film, (most of that era's film is now dust) that's how we got "safety' film
I read something a while back about storage on crystals, I archived the info, a.pdf, oh-wait, it was on that DVD that.... nevermind. - maybe it was this.
"So what did swearing off Microsoft entail? We looked at all the alternatives. We looked at Apple, but that's owned in part by Microsoft. (Editor's note: Microsoft invested $150 million in Apple in 1997.) We just looked around..."
Microsoft has never owned any part of Apple, that stock they bought in '97 was non voting, a "DOJ good faith" effort, trying to dodge a bullet.
Mr Becker, the c|net's articles writer, glosses over this obvious fact with a link, "investment cannot be sold for three years and covers non-voting shares in the company."... but does not *truly* correct.
Ernie Ball was misinformed by his IT vendors, team, but, no matter, at least he got away from The Problem(TM). A damn sight better than having to do business with thugs.
I don't know about you guys, but ever since the Boy Scouts of America (BSA) took over this whole software enforcment stuff, I think it's tarnished their image, I wouldn't let my boys join - going around to strange businesses, strong-arming IT departments, scaring old ladies and children.... I thought there'd be more camping.
Elite Network Counter Strike Force pwn Teens (translated version)
In the annual Mid-Atlantic Regional Collegiate Cyber Defense Competition (CCDC), held at a secret location, a Network Counter Strike Force Team, consisting of seasoned veterans from several security technology firms and academia, PWNed several teams of IT students in a stunning display of 1337-ness. In summary, the students are handed a small network with various services, most of which are outdated, vulnerable, and pre-exploited (rigged). They, the students, then, have a few hours to get everything patched and secure, at which point the RED Team (a.k.a. the haxorz) are set loose to pwn them all. However, as IT professionals know very well, it isn't just the hacker you have to deal with!
The Secret Service was on hand to make sure the competition went a lot like last year, as well as many other unplanned events ("interviews"). Welcome to the "Real World" -- CCDC style!!!
The students' goal: lock down rigged Windows and Linux systems and secure their networks. The Hackers' goal: to pwn the students' networks, steal important data and embarrass them in front of their Mothers. Hylas Ipsum (not_hylas( )) read about the 2007 real-world competition and reported on the event from the perspectives of Slashdotters and first year Umpires everywhere.
Last Year's Event
This was the second year for the CCDC. I wasn't invited to last year's event, like this year, which turned out to be a very amusing experience for the haxorz. As with any first time adventures, unexpected "anomalies" played a very big role in the outcome of the event. Despite minor hiccups, the Secret Service benefited most by walking away with all the chicks.
This Year
Prior to attending the 2007 event, we were fairly certain the RED Team was going to have a more difficult time gaining access to the students systems. Perhaps the most amusing and educational aspect to this years Mid-Atlantic CCDC was how the RED Team managed to surprise everyone involved by cheating again, with no one saying a thing. Since the Prize Cups' disappearance the night before, this contest was for "sport". With the air of sportsmanship renewed, the game was afoot.
As previously mentioned, each network contained a wide range of operating systems and services. In summary, the core network contained three computers:
A Windows 2003 computer running an Exchange Server, telnet, DNS, and Active Directory A Fedora Core 4 server on a DMZ running Apache, telnet, PHP, MySQL, and osCommerce A Windows XP workstation running syslog, VNC and telnet In addition, two of the teams had a PIX firewall w/telnet and the other six had a Linux-based system running telnet on Smoothwall.
Prior to the physical intrusion, the RED Team had the most success by exploiting default configurations and default accounts. Once they were let loose, the team members quickly found and "pwned" routers, osCommerce sites, and Linux servers simply because the systems were still using default accounts. Unfortunately, this is a "real world" problem that has turned more than one company into a victim. Or to put it another way, why attempt to locate and exploit a DCOMRPC vulnerability when the password to the Administrator account is blank! Why indeed? The RED Team then commenced to "trash talking" the students, seeing blood in the water. All this said, the event is much more than just a competition. It is a test of how well a person can perform under serious pressure. In fact, there was an unofficial "bonus" to the first hacker who could make a student cry.
Default configurations and accounts were bound to be located and fixed within minutes. The RED Team would not be able to simply walk in, connect to a system, and login. However, CCDC predicted this and provided a few "unknowns" to assist the red team with their work.
Since the "corporate network" was not truly connected to the internet for "security reasons", all patches and updates ha
Seth Weintraub is a global IT management consultant specializing in the technology needs of creative organizations, including The Paris Times, Omnicom and WPP Group. He has set up and managed cross-platform networks on four continents and is an expert in Active Directory/Open Directory PC and Macintosh integration.
Tools: Everything is not a hammer just because all you have is nails.
This is not a cookie cutter world, Companies are like the Circus,
circus |?s?rk?s| noun ( pl. -cuses ) a traveling company of acrobats, trained animals, and clowns that gives performances, typically in a large tent, in a series of different places
Circuses with really big tents (nudge, nudge, wink, wink;-).
When we all run away to join the Circus, (I know *I* did) we end up noticing that they all do performances but have different ways of presenting the SHOW.
Now, when you take the show on the road (internet - tubes - intarwebs) you'll notice that the cages for the Beasts are functionally the same, (that's where the hammer comes in) but the animals have personalities - that unknown quantity that all the people at the SHOW have to contend with.
It's all in the way YOU (the company) wants to go about running the show and protecting your audience from the performers (man and beast alike).
Teun: "Haratio, is he related to that famous character called Horatio? '
I bet you're right, and I bet you pretty much know what I meant. Have you got anything to contribute, as per the subject? Or, are you just checking hall passes?
Everyone makes mistakes,... don't you agree? Don't feel bad - It' a human condition, you'll get over it, I did.
Joanna Rutkowska's research is catching up to a truth few realized until just recently, This is just the tip of a whole can of worms that has been wiggling right under our noses for years.
If you check the comments below, (to a very good article) some commenters are rather hysterical, (in a bad way) and for good reason, but reflect the truth.
After reading this, if you don't have experience in these matters please refrain from commenting. Rather, go read more of what Ms. Rutkowska has so expertly revealed:
We're so good... after the fact. Cleanup on isle 9.
A lot of our security people and experts in critical fields are now writing "thrillers" to get their messages across so they don't have to fend off the legions of second rate gun-slinging pundits. (See comment about "chapter two" - PRICELESS)
OLBERMANN: Joining us now with his own intelligence assessment Richard Clarke, top counter-terrorism adviser to presidents of both parties, chairman of GoodHarborReport.com, and now author of the new techno thriller "Break Point."
Sir, great pleasure to have you here. Pleasure to meet you.
RICHARD CLARKE, FORMER COUNTER-TERRORISM ADVISER: Great to be on. I love your show.
OLBERMANN:... The book, your new thriller is called "Break Point," set in the year 2012, a kind of asymmetrical warfare is prophesied here, dismantling of global communications, information systems. How about this, just out of the blue, a week ago China shot one of its old satellites out of orbit. Is this a cautionary tale or is it informed fantasy, or how would you describe it?
CLARKE: It's meant to project us forward into 2012 so we can start thinking about the issues that I think we'll be facing then. China blowing up a satellite occurs in chapter two. I think we need to think seriously. There's a whole series of issues, Keith, that the administration is ignoring because it's playing hardball, and 99 percent of the time is worrying about Iraq. And that's sucking all of the Oxygen out of the room.
One of the many things that it's ignoring is cyber security. And everything we do depends on the security of cyber space. The administration is doing nothing to secure it.
OLBERMANN: Are these easily managed problems right now, that you address?
CLARKE: They're not easily managed. China is building cyber warfare units. The Chinese general said publicly that if we get into hostilities with the United States, we will reach out through cyber space and turn off the American electric power grid. From what I can tell and what I learned when I was in government, that's possible.
OLBERMANN: If we don't do it first with another blackout.
--------
Former U.S. Cyber Security Czar Richard Clarke Discusses Data Security Richard A. Clarke, Chairman, Good Harbor Consulting, LLC
Featured speaker Richard Clarke, the internationally recognized expert on security - including homeland security, national security, cyber security, and counterterrorism - shared his views on IT security threats faced by Fortune 500 companies today and new threats on the horizon. Among Mr. Clarke's key observations were:
Today's IT security threats are increasingly focused on stealing valuable data. In this environment, relying on outdated measures like focusing exclusively on perimeter security is insufficient.
Corporations vastly underrate the value of data within the enterprise. While much of the media has focused on consumer credit card data and social security numbers, the theft of proprietary company information can be just as damaging. Organizations must begin to recognize the value of sensitive data stored in a corporate database like pricing models, customer billing and payment information, trade secrets, and valuable R&D intellectual property.
The risks from data leakage, cyber terrorism, and industrial espionage are real. To stay ahead of these threats, corporations must act quickly and decisively to know what risks exist within their enterprise; harden their existing IT infrastructure; and monitor ag
What we *had* here was a failure to communicate. That seems to be clearing up, somewhat.
If you remember just a few, scant years ago, this discussion would be full of: * "Your a moran" "How about that tin foil hat" "You watch too much TV" "I guess you are a leet hacker dude:-P"
and so on.
Perhaps Kevin (TM) has helped us understand what has been perpetrated on us for years (witting or unwitting social engineering).
The Art of Deception: Controlling the Human Element of Security
For example: The Kennedy assassination made the word "conspiracy" a knee jerk, almost unconscientious reaction to discount whatever followed as ludicrous.
As an exercise let me roll this past you.
If the Japanese in WWII could have attacked every home in the US by way of their radio set top box (a "brown note" for electronics), to start fires in every home...
This is what I've been talking about. The ramifications are chilling. This is not new, I first saw this in '97 when they were using hidden-persistent RAM disks (on 68k Macs) accessing VRAM space (NuNV N^NuNV (... ) _DATAINIT etc.) and swapping it in and out like a poor mans GPU. Yes, Macs.
I would add, get a Lawyer, as in, have a Lawyer (anyway). If you're in the USA, you should know by now, mostly morons make the "rules" of conduct, try not to participate. Pay the Man:
Sub contract an IT tech (team) from a good firm. Interview for a qualified partner in crime (PIC) that has skills that fill the bill. Hire, then train him/her.
The subcontractor will cost you plenty but will allow you to play catch up and snag the accounts. Be up front with your customers about this, either they will support you in this, or you find out what you're really up against early. It's all about being "reasonable". Spend money - make money.
We do need to hold ISPs responsible to police their own neighborhoods (fat chance really). For you that say this will infringe on your privacy... check your TOS, your DSL/cable contracts are written by people that make mazes seem straightforward.
Brave New World Corporations, ISPs, Spammers, Crackers - think: circlejerk No ones gonna do nothing about anything and they'll inforce it too. ref: scewed-blued-tattooed, NO CARRIER joke
I hope I'm wrong, this internet thingy could be really cool if we could just find a really good "front door" of sorts and quit chaining down ALL THE FURNITURE, Something we could run *anything* - completely unpatched behind, tele-commute with bunnie slippers on - like God intended. That freedom alone would contribute to ending dependence on oil.
Incidentally, by reading this you're agreeing to:
just kidding.
"it's only after you've lost everything that you are free to do anything" Fight Club
"Even in the latest issue (September 2006), they persist in assessing the rate of Mac OS X spyware and virus infections by conducting a survey, an annual gaffe on their part. Rather than checking around and discovering that no such malware exists in the wild, they assume that computer users are able to judge for themselves the cause of computer difficulties."
"... no such malware exists in the wild"
Or has been detected in the wild, this is key. Is it so tough to wrap your mind around this, in the era of DRM?
Speaking of Macs... and viruses, malware and exploits, the OS X Server list has some folks that make some wild claims on immunity (because of architecture, etc.). Don't even waste your time installing AV and the such. I'm a Mac guy, but this is just asking for it. - When some "genius" finds a hole, not to mention passing the files downstream to your Win folks. Remember the.img file permission problem on 10.2?
Yeah, AV SW sucks. (and they need to start doing their jobs) Whistling through the graveyard.
Slashdot Mirror
Pretty solid thinking/analogy, AT&T.
I, as a young man, worked on a truck helping AT&T/Baby Bells in the mid-west, to re-equip (logistically). It was a complete mess.
Before, it had been relaxed, the division of "turf" and the compartmentalization of departments/districts bred distrust.
No one knew any of the "new guys".
With confusion comes opportunity.
So we now have this new infrastructure and AT&T is having a reunion.
The case for necessary monopolies, could be made, but like any absolute power, needs strict oversight
U.S. vs Them, I'd pick us. Every. Time.
Though, Germany would be a hell of a good choice.
WOW, I can hardly figure out where to start here.
:-) ... the American way. Fingers in ears -la-la-la-la-la-la-la-la.
... China is building cyber warfare units. The Chinese general said publicly that if we get into hostilities with the United States, we will reach out through cyber space and turn off the American electric power grid. From what I can tell and what I learned when I was in government, that's possible. ... think about it.
HOSTS?
"When was the last time terrorists killed someone over the internet?!"
That feature is in beta - coming soon !!!
"It isn't about terrorism at all. It is about control and about policing the rest of the world."
If you repeat a word over and over enough (terrorism), it loses meaning, is trivialized.
It IS about control.
DNS is part of that control. (think bypass, sieve)
What if you HAD to pull the plugs?
Think about that, I'll wait.
http://www.youtube.com/watch?v=EYGKV1MaIaY
(God, I love the internet
"Should U.S. DHS be trusted?"
Better question is about the policies of the Bush (v2.1b) administration.
Question authority. Talk to power, carry a big stick, etc.
Ummmm, what was the topic?
DNS (Mockapetris-Postel), right.
Defeat? With your own invention? (ARPANET)
http://www.dei.isep.ipp.pt/~acc/docs/arpa.html
Talk about shooting yourself in the foot and having a name such as "Smith" or "Wesson".
Apathy, lack of awareness and naivety is the greatest enemy.
We're (U.S.) so good at picking up the pieces.
Education, prevention, awareness - not so good.
Some need to understand you can use the internet to harm people - physically.
It's called a malicious Logic Bomb.
It IS rocket science.
Ask your ex SysAdmin about them.
Bios, Firmware, Flash memory, chip crowding, reconfigure with malice, and watch it burn.
Been there, seen that. Do that on a National scale and you have a society meltdown right in front of your eyes, wait two days - stir.
People were writing these things for hardware in the 80's and 90's, X-platform.
Remember all that talk of "hardware eating viruses" that would crop up occasionally, and how that person would be flamed out of the thread?
Ridicule and denial
There are no unbelievers on the battlefield.
"The truly powerful signing key is for Windows Update"
Why would you want any of that when you own the hardware?
Think (rouge) Eastereggs:
Microcode:
Disguised Bugs:
http://en.wikipedia.org/wiki/Easter_egg_(media)
http://en.wikipedia.org/wiki/Hidden_track
http://www.acm.org/classics/sep95/
Really, people have no idea what's going on now.
I've been banging this drum since 1997.
The NSA/CIA/DHS is starting to trickle out awareness of this very thing.
Joel Brenner - The National Counterintelligence Strategy of the United States 2007, speaking last Thursday at the American Bar Association.
(He speaks about the hardware problem near the end)
http://www.abanet.org/natsecurity/multimedia/2007/ breakfasts/joel_brenner_transcript.pdf
http://www.abanet.org/natsecurity/multimedia/2007/ breakfasts/joel_brenner.mp3
http://www.abanet.org/natsecurity/
Richard Clarke on Countdown with Keith Olbermann
Jan 22, 2007
http://www.msnbc.msn.com/id/16771741/
CLARKE:
Not just China.
I'll play Chicken Little, you
I'll wait.
Me too.
3 72/33500/threaded#33500
e us/
... tap, tap, tap, ... what to do, what to do.
Speaking of Evil Genius(TM):
Researchers: Rootkits headed for BIOS
http://www.securityfocus.com/comments/articles/11
Arhiveus Ransomware Trojan Analysis
http://www.secureworks.com/research/threats/arhiv
It almost appears that we'd run in to the the "loving" arms of DRM (etc.) to escape future, more powerful variants.
These "guys" (in general) are PhDs/Engineers and are not competing anymore, they're leading the "innovators", (look at AV Companies and the all struggling) OpenSource has been the only real response.
This is a HUGE problem, that, seemingly no one cares about.
.pdf, oh-wait, it was on that DVD that .... nevermind.
A generation of pictures, information and general "stuff" becomes unrecoverable, worthless.
I stills shoot film for important subjects just for this reason (I'm so smart/broke - huh?)
I believe Hollywood had this problem with "nitrate" film, (most of that era's film is now dust) that's how we got "safety' film
I read something a while back about storage on crystals, I archived the info, a
- maybe it was this.
Holographic Storage
http://physicsweb.org/articles/world/13/7/7
http://www.mobilemag.com/content/100/102/C5313/
Internet Archive
http://www.archive.org/index.php
"So what did swearing off Microsoft entail? ..."
... but does not *truly* correct.
... I thought there'd be more camping.
We looked at all the alternatives. We looked at Apple, but that's owned in part by Microsoft. (Editor's note: Microsoft invested $150 million in Apple in 1997.) We just looked around
Microsoft has never owned any part of Apple, that stock they bought in '97 was non voting, a "DOJ good faith" effort, trying to dodge a bullet.
Mr Becker, the c|net's articles writer, glosses over this obvious fact with a link,
"investment cannot be sold for three years and covers non-voting shares in the company."
Ernie Ball was misinformed by his IT vendors, team, but, no matter, at least he got away from The Problem(TM).
A damn sight better than having to do business with thugs.
I don't know about you guys, but ever since the Boy Scouts of America (BSA) took over this whole software enforcment stuff, I think it's tarnished their image, I wouldn't let my boys join - going around to strange businesses, strong-arming IT departments, scaring old ladies and children.
Elite Network Counter Strike Force pwn Teens
(translated version)
In the annual Mid-Atlantic Regional Collegiate Cyber Defense Competition (CCDC), held at a secret location, a Network Counter Strike Force Team, consisting of seasoned veterans from several security technology firms and academia, PWNed several teams of IT students in a stunning display of 1337-ness.
In summary, the students are handed a small network with various services, most of which are outdated, vulnerable, and pre-exploited (rigged).
They, the students, then, have a few hours to get everything patched and secure, at which point the RED Team (a.k.a. the haxorz) are set loose to pwn them all.
However, as IT professionals know very well, it isn't just the hacker you have to deal with!
The Secret Service was on hand to make sure the competition went a lot like last year, as well as many other unplanned events ("interviews"). Welcome to the "Real World" -- CCDC style!!!
The students' goal: lock down rigged Windows and Linux systems and secure their networks. The Hackers' goal: to pwn the students' networks, steal important data and embarrass them in front of their Mothers.
Hylas Ipsum (not_hylas( )) read about the 2007 real-world competition and reported on the event from the perspectives of Slashdotters and first year Umpires everywhere.
Last Year's Event
This was the second year for the CCDC. I wasn't invited to last year's event, like this year, which turned out to be a very amusing experience for the haxorz. As with any first time adventures, unexpected "anomalies" played a very big role in the outcome of the event.
Despite minor hiccups, the Secret Service benefited most by walking away with all the chicks.
This Year
Prior to attending the 2007 event, we were fairly certain the RED Team was going to have a more difficult time gaining access to the students systems.
Perhaps the most amusing and educational aspect to this years Mid-Atlantic CCDC was how the RED Team managed to surprise everyone involved by cheating again, with no one saying a thing. Since the Prize Cups' disappearance the night before, this contest was for "sport".
With the air of sportsmanship renewed, the game was afoot.
As previously mentioned, each network contained a wide range of operating systems and services. In summary, the core network contained three computers:
A Windows 2003 computer running an Exchange Server, telnet, DNS, and Active Directory
A Fedora Core 4 server on a DMZ running Apache, telnet, PHP, MySQL, and osCommerce
A Windows XP workstation running syslog, VNC and telnet
In addition, two of the teams had a PIX firewall w/telnet and the other six had a Linux-based system running telnet on Smoothwall.
Prior to the physical intrusion, the RED Team had the most success by exploiting default configurations and default accounts. Once they were let loose, the team members quickly found and "pwned" routers, osCommerce sites, and Linux servers simply because the systems were still using default accounts. Unfortunately, this is a "real world" problem that has turned more than one company into a victim. Or to put it another way, why attempt to locate and exploit a DCOMRPC vulnerability when the password to the Administrator account is blank!
Why indeed?
The RED Team then commenced to "trash talking" the students, seeing blood in the water.
All this said, the event is much more than just a competition. It is a test of how well a person can perform under serious pressure. In fact, there was an unofficial "bonus" to the first hacker who could make a student cry.
Default configurations and accounts were bound to be located and fixed within minutes. The RED Team would not be able to simply walk in, connect to a system, and login. However, CCDC predicted this and provided a few "unknowns" to assist the red team with their work.
Since the "corporate network" was not truly connected to the internet for "security reasons", all patches and updates ha
Seth Weintraub is a global IT management consultant specializing in the technology needs of creative organizations, including The Paris Times, Omnicom and WPP Group. He has set up and managed cross-platform networks on four continents and is an expert in Active Directory/Open Directory PC and Macintosh integration.
a ting_Systems/
;-).
Tools:
Everything is not a hammer just because all you have is nails.
Operating Systems (Tools)
http://www.google.com/Top/Computers/Software/Oper
This is not a cookie cutter world, Companies are like the Circus,
circus |?s?rk?s| noun ( pl. -cuses )
a traveling company of acrobats, trained animals, and clowns that gives performances, typically in a large tent, in a series of different places
Circuses with really big tents (nudge, nudge, wink, wink
When we all run away to join the Circus, (I know *I* did) we end up noticing that they all do performances but have different ways of presenting the SHOW.
Now, when you take the show on the road (internet - tubes - intarwebs) you'll notice that the cages for the Beasts are functionally the same, (that's where the hammer comes in) but the animals have personalities - that unknown quantity that all the people at the SHOW have to contend with.
It's all in the way YOU (the company) wants to go about running the show and protecting your audience from the performers (man and beast alike).
Caption:
WHAT! AND GIVE UP SHOW BUSINESS?
http://www.rbgilbert.com/images/cows.jpg
Job's done (as promised), why not kill it off.
(+-) 3 to 6 percent skew of total units, no paper trail.
Tougher to do a job when so many people are looking over your shoulder.
Teun:
... don't you agree?
9 73182
..."
"Haratio, is he related to that famous character called Horatio? '
I bet you're right, and I bet you pretty much know what I meant.
Have you got anything to contribute, as per the subject? Or, are you just checking hall passes?
Everyone makes mistakes,
Don't feel bad - It' a human condition, you'll get over it, I did.
http://slashdot.org/comments.pl?sid=221826&cid=17
"... claiming their IP is being infringes upon and
Here, check this out, it's pretty fascinating stuff (PC-wise):
The quest for ring 0
http://www.securityfocus.com/columnists/402
Joanna Rutkowska's research is catching up to a truth few realized until just recently, This is just the tip of a whole can of worms that has been wiggling right under our noses for years.
a rticlecomments&op=display_comments&ArticleID=11372 &expand_all=true&mode=threaded
If you check the comments below, (to a very good article) some commenters are rather hysterical, (in a bad way) and for good reason, but reflect the truth.
Rootkits headed for BIOS
Comments:
http://www.securityfocus.com/cgi-bin/index.cgi?c=
After reading this, if you don't have experience in these matters please refrain from commenting.
Rather, go read more of what Ms. Rutkowska has so expertly revealed:
http://invisiblethings.org/papers.html
"There are more things in heaven and earth , Haratio, than are dreamt of in your philosophies."
Almost Forgot ...
... ;-)
Several of these folks talk about the Moon we never knew.
"There is no dark side of the moon really--matter of fact, it's all dark"
Pink Floyd | Black Ops Motto
For your consideration
DL: (222.5 MBs)
http://disclosure.netro.ca/npcc.wmv
Streaming:
http://69.56.146.50/netrostream113/npcc.wmv
Site:
http://www.netro.ca/disclosure/npccmenu.htm
Watch the whole thing.
Navy: Moonrise Calculator:
m l
http://aa.usno.navy.mil/data/docs/LunarEclipse.ht
Red Moonrise. Ain't it cool?
Apply to which ever side you're on.
i teria_personality_antisocial.htm
Voyeurism
http://en.wikipedia.org/wiki/Voyeurism
Antisocial Personality Disorder
Conduct Disorder
http://www.psychnet-uk.com/clinical_psychology/cr
http://www.mentalhealth.com/dis1/p21-ch02.html
Patients Often Deny That They Have Mental Illness
(You poor, sick bastard)
Diagnose Yourself !!!!
http://www.mytherapy.com/features/
A Horse ... of Course
... after the fact.
... The book, your new thriller is called "Break Point," set in the year 2012, a kind of asymmetrical warfare is prophesied here, dismantling of global communications, information systems. How about this, just out of the blue, a week ago China shot one of its old satellites out of orbit. Is this a cautionary tale or is it informed fantasy, or how would you describe it?
We're so good
Cleanup on isle 9.
A lot of our security people and experts in critical fields are now writing "thrillers" to get their messages across so they don't have to fend off the legions of second rate gun-slinging pundits.
(See comment about "chapter two" - PRICELESS)
Countdown with Keith Olbermann
Jan 22, 2007
http://www.msnbc.msn.com/id/16771741/
OLBERMANN: Joining us now with his own intelligence assessment Richard Clarke, top counter-terrorism adviser to presidents of both parties, chairman of GoodHarborReport.com, and now author of the new techno thriller "Break Point."
Sir, great pleasure to have you here. Pleasure to meet you.
RICHARD CLARKE, FORMER COUNTER-TERRORISM ADVISER: Great to be on. I love your show.
OLBERMANN:
CLARKE: It's meant to project us forward into 2012 so we can start thinking about the issues that I think we'll be facing then. China blowing up a satellite occurs in chapter two. I think we need to think seriously. There's a whole series of issues, Keith, that the administration is ignoring because it's playing hardball, and 99 percent of the time is worrying about Iraq. And that's sucking all of the Oxygen out of the room.
One of the many things that it's ignoring is cyber security. And everything we do depends on the security of cyber space. The administration is doing nothing to secure it.
OLBERMANN: Are these easily managed problems right now, that you address?
CLARKE: They're not easily managed. China is building cyber warfare units. The Chinese general said publicly that if we get into hostilities with the United States, we will reach out through cyber space and turn off the American electric power grid. From what I can tell and what I learned when I was in government, that's possible.
OLBERMANN: If we don't do it first with another blackout.
--------
Former U.S. Cyber Security Czar Richard Clarke Discusses Data Security
Richard A. Clarke, Chairman, Good Harbor Consulting, LLC
http://www.goodharbor.net/about-clarke.html
http://www.comnews.com/cgi-bin/story.asp?story=73
Featured speaker Richard Clarke, the internationally recognized expert on security - including homeland security, national security, cyber security, and counterterrorism - shared his views on IT security threats faced by Fortune 500 companies today and new threats on the horizon. Among Mr. Clarke's key observations were:
Today's IT security threats are increasingly focused on stealing valuable data. In this environment, relying on outdated measures like focusing exclusively on perimeter security is insufficient.
Corporations vastly underrate the value of data within the enterprise. While much of the media has focused on consumer credit card data and social security numbers, the theft of proprietary company information can be just as damaging. Organizations must begin to recognize the value of sensitive data stored in a corporate database like pricing models, customer billing and payment information, trade secrets, and valuable R&D intellectual property.
The risks from data leakage, cyber terrorism, and industrial espionage are real. To stay ahead of these threats, corporations must act quickly and decisively to know what risks exist within their enterprise; harden their existing IT infrastructure; and monitor ag
Teach Yourself Programming in Ten Years
i ghlight.html
http://norvig.com/21-days.html
Fred
http://all.net/books/IP/evolve.html
GNU Source-highlight 2.5
http://www.gnu.org/software/src-highlite/source-h
What we *had* here was a failure to communicate.
:-P"
1 237124/ref=ase_mitnicksecuri-20/103-6052457-813506 9?v=glance&s=books
...
That seems to be clearing up, somewhat.
If you remember just a few, scant years ago, this discussion would be full of:
* "Your a moran"
"How about that tin foil hat"
"You watch too much TV"
"I guess you are a leet hacker dude
and so on.
Perhaps Kevin (TM) has helped us understand what has been perpetrated on us for years (witting or unwitting social engineering).
The Art of Deception: Controlling the Human Element of Security
http://www.amazon.com/exec/obidos/tg/detail/-/047
So the internet does make us smarter, eh?
For example:
The Kennedy assassination made the word "conspiracy" a knee jerk, almost unconscientious reaction to discount whatever followed as ludicrous.
As an exercise let me roll this past you.
If the Japanese in WWII could have attacked every home in the US by way of their radio set top box (a "brown note" for electronics), to start fires in every home
http://www.schmarder.com/radios/crystal/
http://en.wikipedia.org/wiki/Brown_note
do you think they would have conspired with College (engineering) students to help them?
Criminals are now MBAs, Engineers and Rocket Scientists.
Your desktop could be mocking you.
* [yes, it's misspelled]
This is what I've been talking about. ... ) _DATAINIT etc.) and swapping it in and out like a poor mans GPU.
/ 33600/threaded#33600
7 06785
8 76421
& comment_id=175413
& comment_id=176371
& comment_id=178043
The ramifications are chilling. This is not new, I first saw this in '97 when they were using hidden-persistent RAM disks (on 68k Macs) accessing VRAM space (NuNV N^NuNV (
Yes, Macs.
http://www.securityfocus.com/columnists/402
http://www.securityfocus.com/comments/columns/402
http://slashdot.org/comments.pl?sid=190931&cid=15
http://slashdot.org/comments.pl?sid=193487&cid=15
http://www.osnews.com/permalink.php?news_id=16282
http://www.osnews.com/permalink.php?news_id=16257
http://www.osnews.com/permalink.php?news_id=16374
You tell me.
http://www.wolfware.dk/intro/welcome.asp
netr00t's got solid advice for you.
e ction=activescout
l
v ery/
http://slashdot.org/~netr00t
I would add, get a Lawyer, as in, have a Lawyer (anyway).
If you're in the USA, you should know by now, mostly morons make the "rules" of conduct, try not to participate.
Pay the Man:
http://www.forescout.com/index.php?url=products&s
http://www.winternals.com/
Useful:
http://www.sysinternals.com/SecurityUtilities.htm
http://www.porcupine.org/forensics/forensic-disco
http://www.fish2.com/tct/help-when-broken-into
Firewalls and Internet Security
http://www.wilyhacker.com/
First Ed. (online)
http://www.wilyhacker.com/1e/
Practical UNIX and Internet Security
http://www.oreilly.com/catalog/puis3/
FWIW
http://exuberant.ms11.net/index.html
http://exuberant.ms11.net/98sesp.html
http://exuberant.ms11.net/links.html
http://www.oldversion.com/
Sub contract an IT tech (team) from a good firm.
Interview for a qualified partner in crime (PIC) that has skills that fill the bill.
Hire, then train him/her.
The subcontractor will cost you plenty but will allow you to play catch up and snag the accounts.
Be up front with your customers about this, either they will support you in this, or you find out what you're really up against early.
It's all about being "reasonable".
Spend money - make money.
Eh?
(Nice comments dgatwood)
...
8 42224
a ming/index.html
S C&num=10&site=default_collection
Previously on
http://ask.slashdot.org/article.pl?sid=04/08/28/1
Apple (adapt?)
http://developer.apple.com/opensource/server/stre
http://developer.apple.com/cgi-bin/search.pl?q=NT
http://www.opensource.apple.com/darwinsource/
Ref:
http://www.apple.com/quicktime/streamingserver/
http://www.apple.com/xsan/management.html
http://www.apple.com/xsan/videoworkflow.html
http://www.apple.com/server/media_streaming.html
http://www.apple.com/quicktime/broadcaster/
Color Management
http://en.wikipedia.org/wiki/Color_management
What is your time worth?
You mean these seals?
h .cgi?file=/1954/36510.html#
... on Diebold TV:
http://www.bbvforums.org/cgi-bin/forums/board-aut
Previously
http://midnightspaghetti.com/newsDiebold.php
http://www.equalccw.com/dieboldtestnotes.html
http://www.votergate.org/
http://www.securityfocus.com/news/7517
http://www.archive.org/details/TheCageBushKerry
Buried: Creature House Expression 3, Mac/Win Software.
r aphic_designer/previous/expression3_home.aspx
r aphic_designer/previous/expression3_downloadlinks. aspx
... it's (probably) gonna be gone.
The SW (Mac) says Beta, it's not, just re-branded
http://www.microsoft.com/products/expression/en/g
DL
http://www.microsoft.com/products/expression/en/g
Goodies:
http://www.studioe3.com/lessons/index.asp
http://www.graphicxtras.com/products/express.htm
Get it while you can, 'cause after this
My Anniversary present to you.
O-M-G, I see smart people.
... check your TOS, your DSL/cable contracts are written by people that make mazes seem straightforward.
o t=comcast~mode=flat
2 .html
g ement_Letters
We do need to hold ISPs responsible to police their own neighborhoods (fat chance really).
For you that say this will infringe on your privacy
Brave New World
Corporations, ISPs, Spammers, Crackers - think: circlejerk
No ones gonna do nothing about anything and they'll inforce it too.
ref: scewed-blued-tattooed, NO CARRIER joke
http://www.macrovision.com/
http://www.softsummit.com/index.shtml
Old examples (where do you think you stand now?)
http://www.dslreports.com/forum/remark,2122413~ro
http://arstechnica.com/news.ars/post/20030922-285
http://wiki.phoenixlabs.org/wiki/Type's_of_Infrin
I hope I'm wrong, this internet thingy could be really cool if we could just find a really good "front door" of sorts and quit chaining down ALL THE FURNITURE, Something we could run *anything* - completely unpatched behind, tele-commute with bunnie slippers on - like God intended.
That freedom alone would contribute to ending dependence on oil.
Incidentally, by reading this you're agreeing to:
just kidding.
"it's only after you've lost everything that you are free to do anything"
Fight Club
"Even in the latest issue (September 2006), they persist in assessing the rate of Mac OS X spyware and virus infections by conducting a survey, an annual gaffe on their part. Rather than checking around and discovering that no such malware exists in the wild, they assume that computer users are able to judge for themselves the cause of computer difficulties."
t kits-and-digital-rights.html
:-)
"... no such malware exists in the wild"
Or has been detected in the wild, this is key.
Is it so tough to wrap your mind around this, in the era of DRM?
See:
Industrial espionage:
http://en.wikipedia.org/wiki/Industrial_espionage
The Industrious Spies:
http://samvak.tripod.com/pp144.html
"The perpetrators keep quiet for obvious reasons. The victims do so out of fear."
Sony:
http://www.sysinternals.com/blog/2005/10/sony-roo
Jedi mind trick:
Obi-Wan: These aren't the droids you're looking for.
http://en.wikipedia.org/wiki/Jedi_mind_trick
Speaking of Macs ... and viruses, malware and exploits, the OS X Server list has some folks that make some wild claims on immunity (because of architecture, etc.). Don't even waste your time installing AV and the such. .img file permission problem on 10.2?
s &ul=macos-x-server&s=DRP
0 6/Aug/msg00664.html
I'm a Mac guy, but this is just asking for it. - When some "genius" finds a hole, not to mention passing the files downstream to your Win folks.
Remember the
Yeah, AV SW sucks. (and they need to start doing their jobs)
Whistling through the graveyard.
Priceless.
http://search.lists.apple.com/?cmd=Search!&q=viru
http://lists.apple.com/archives/macos-x-server/20