Pen testing vs security assessment.

A couple of weeks back while traveling I had an opportunity to spend some time with an old colleague from my penetration testing days.  Once upon a time we used to spend much of our time on the road, living out of suitcases, probably giving the TSA fits and generally living la vida Sneakers.  I'm out of that particular game these days because it's just not my bag anymore.  The colleague in question is more or less on the management side of things at that particular company.  Contrary to what one might reasonably assume, however, we didn't spend a whole …

Read more...

Neologism: DC AC

DC AC - noun phrase (humorous) - The primary mechanism of air conditioning inside the DC Beltway.  Notionally, the movement of air due to revolving doors caused by the never-ending cycle of contractors becoming civil servants, civil servants becoming lobbyists, and lobbyists forming startups and becoming government contractors once more.

Neologism: Proper channels excise tax

Proper channels excise tax - noun phrase - The markup paid on commonplace things when you go through proper channels at work to do something rather than going rogue, buying it yourself and filing an expense report.  For example, a flight from Chicago to Boston might cost $176us if you paid for it yourself, but by using your employer's internal processes and vendors the cost of the same flight is closer to $630us.

Stratfor's dirty laundry and open source intelligence.

The latest revelation by Wikileaks of what happens behind the scenes in the twenty-first century began publication on Monday. Called the GI Files (for Global Intelligence), it is said to be made up of approximately five million e-mail messages and associated documentation copied from the e-mail servers of Strategic Forecasting, Incorporated (Stratfor) by adherants of the Anonymous meme and passed on to Wikileaks some time last year. Due to the gargantuan volume of data Wikileaks has opted to release smaller quantities of information every day rather than overwhelm everyone with information. Predictably, spin control efforts on all sides started up …

Read more...

Living on the run: Camping in airports.

Given what happened with the wedding of 'lex Pendragon and Marlise this past weekend with some of the attendees and celebrants having problems attending due to delayed airplane flights or layovers due to weather, I think it'd be a good idea to post something about camping out in airports: Why you might have to do, how to do it, and what to look for.

While there are some people who actually plan to camp out in airline terminals for various reasons, most people don't. Those of us that do are usually constrained by transportation to the airport to begin with …

Read more...

There once was a BBS tagline that read...

.."Old virus detected - contact your hacker for an update." It seems that malware authors have taken this joke seriously, and are offering subscriptions to website operators that make use of their software. Malware tends to evolve fairly rapidly to get around the cleaner software, which means that sites that deliberately infect web browsers have to keep up to date to keep as many systems as possible infected. Prices tend to start around $66us and climb from there, depending upon how many systems a particular website is able to infect.

It has become apparent that it is possible to not only …

Read more...