Posted December 16th, 2010 by
rybolov
My DDoS presentation at DojoCon on Sunday. A big thanks to Marcus J Carey for organizing the con and Adrian Crenshaw for doing the recording.
Similar Posts:
Posted in Cyberwar, Speaking, Technical, What Doesn't Work, What Works | 2 Comments »
Tags: ddos • infosec • operationpayback • pwnage • scalability • security
Posted December 16th, 2010 by
rybolov
Inspired by Anonymous, Operation Payback, and the “DDoS attacks as a legitimate form of protest?” article at ZDNet
Similar Posts:
Posted in IKANHAZFIZMA | 1 Comment »
Tags: ddos • infosec • lolcats • operationpayback • pwnage • security
Posted December 9th, 2010 by
rybolov
Nope, we’re not going to talk about ego trips, hidden agendas, or complete irresponsible transparency. This blog post is about some of the fallout inside the Government security teams.
The powers that be would like to remind you that downloading classified documents off the Intertubez does not make them unclassified. An anonymous source that I talked to last week gave me the info that they were busy tracking their users’ browsing behaviors so that if you (the hypothetical you) went to WikiLeaks and downloaded a classified document, the InfoSec goon squad would show up outside your cubicle to shred your hard drive because you had just been responsible for a classified spillage–ie, your unclassified desktop now has classified material on it and as per procedure the only way to deal with the situation is to overwrite your hard drive and reimage it. I have a couple thoughts about this:
- Where were the InfoSec goons when their users were getting drive-by malware from questionable sites?
- If it’s on TV, it’s not a “secret” anymore.
- Don’t our InfoSec teams have something better they can spend their time doing other than being the WikiLeaks monitor?
And then there’s the Ambulance Chasing Department. According to a different anonymous source, the vendors have descended upon the State Department hawking their security solutions, including this gem of a webinar. Not quite sure what the webinar is on, except that they’re targeting you to sell something.
From: Prism Microsystems
Sent: Wednesday, December 01, 2010 10:01 AM
To: user@state.gov
Subject: Webinar: Prevent “WikiLeaks-type” Data Loss
Webinar: How to Prevent “WikiLeaks-type” Data Loss in Government Networks
Following the most recent publication of classified documents by WikiLeaks, government agencies are reviewing current provisions for protecting classified and top secret data – they are also researching best practices and alternative methods to monitor, prevent, and document data loss.
Attend this webinar to learn:
- how the leaks happened
- telltale signs of a leak
- what you can do to prevent them
Leak picture by jillallyn.
Similar Posts:
Posted in Rants | 4 Comments »
Tags: government • infosec • pwnage • security