ITT was fined $100 million for illegally exporting classified technical data relating to night vision equipment overseas. In addition to being fined, they must "invest $50 million over five years to accelerate development of night vision technology, and [...]
Posted by Marcin on Saturday, March 31, 2007 in
Defense,
Politics,
Security and
Tech.
I was watching an episode of It Takes a Thief on the Discovery Channel the other day that featured two skateboard shop owners. The hosts had scouted the shop a day before, looking for video cameras and other security equipment. The next day, they return [...]
Posted by Marcin on Friday, March 30, 2007 in
Security.
While at ShmooCon, I saw a fair share of rogue ap's pretending to be shmoocon ap's. We worked to pull down these access points, but you can never be sure. To help keep yourself from getting pwned, disable wireless upon startup by commenting out your [...]
Posted by Marcin on Sunday, March 25, 2007 in
Linux and
Security.
I wanted to ask Dan Kaminsky, who btw is a brilliant presenter (more below), about doing grammar and writing style analysis to determine who wrote a paper. I can see the techniques as potentially having forensic uses. Don't ask me what his talk was [...]
Posted by Marcin on Sunday, March 25, 2007 in
Intelligence and
Security.
We got our NOC up and running. Critical services have been set up for the most part, and we'll be doing some tuning today. Not new to us all, things don't always work the way you want, so that's what we're currently going through today. To anyone here at [...]
Posted by Marcin on Friday, March 23, 2007 in
Security.
Tonight I had a great time hanging out with Michael Santarcangelo of Security Catalyst, Andre Gironda, Erich Newell and Adam Muntner. There were a bunch of other guys (and Grace!) there, but I apologize for not remembering your names. It was fun talking [...]
Posted by Marcin on Tuesday, March 20, 2007 in
Security.
While chatting in #snort-gui today, somebody noticed Gizmodo was showing off their ticket to Apple NAB. You can see they blurred the Name, Company and barcode on the ticket. Whoever did this, did a poor job because they didn't blur the name on the [...]
Posted by Marcin on Tuesday, March 20, 2007 in
Privacy and
Security.
The OpenBSD IPv6 Remote DoS vulnerability has striked debate and strong reaction on whether denial-of-service is a security vulnerability or not. Let's go back to the fundamentals we all learned early on: C-I-A, Confidentiality, Integrity and [...]
Posted by Marcin on Sunday, March 18, 2007 in
Security.
Thanks to the amount of feedback on Ideastorm, Dell is seriously considering pre-installing Linux on desktop systems. Having had the chance to play with the Core 2 Duo systems Dell puts out, I can definitely say they are pimpin'. I want one, but my main [...]
Posted by Marcin on Thursday, March 15, 2007 in
Linux and
Tech.
I laughed when I saw the Worst Captcha Ever and just had to show the one I came across a couple months ago that was featured on the DailyWTF (now known as Worse Than Failure). Too funny!
Posted by Marcin on Tuesday, March 13, 2007 in
Other.
Last night I attended my first Phoenix-OWASP meeting hosted at UAT. There were around 30 people in attendance from all backgrounds, including independent researchers, government agencies, private sector, and academia. Andre Gironda had a cool [...]
Posted by Marcin on Friday, March 9, 2007 in
Security.
The folks at nCircle Blog have posted a VERT Challenge, and hopefully more to come. You can check out the details at their blog, but I'll be posting my progress here and we'll see how far I can get before I either a.) give up, or b.) someone else gets [...]
Posted by Marcin on Wednesday, March 7, 2007 in
Security.
From the Owasp-phoenix mailing list: This month we have an exciting technical talk discussing the Same-Origin Policy and attacks that attempt to break/circumvent these controls by security researcher Andre Gironda. The details of this month's meeting are [...]
Posted by Marcin on Tuesday, March 6, 2007 in
Security.
The list of speakers and schedule for ShmooCon has been posted. A lot of interesting topics to check out, it's so hard to choose. My friend Ryan Clarke is speaking on "Extend your Code into the Real World," a look at electronics and hardware hacking. [...]
Posted by Marcin on Sunday, March 4, 2007 in
Security.
If you haven't heard, a keygen was released that brute-forced the correct CD key for Windows Vista. Martin McKeay did the math and let's just say, it'll take a really long time for anybody to brute force a key with available processing power we have [...]
Posted by Marcin on Sunday, March 4, 2007 in
Security and
Tech.