In an episode of Community a couple of week ago Brita was laughed at for pronouncing bagel with with two Gs. (bag- gle) As in, rhymes with “haggle.” I found it hard to believe that anyone could possibly pronounce it that way and think it was right. (although I’ve sense read a NY Mag recap …
Eric Cole he told a story of an engagement where a security bigwig was showing off on a tour of their facility. The bigwig was very proud of his biometric iris readers that protected access to the data center. That is until Eric put his eye up to the reader and was provided access. It …
People’s sense of entitlement about things they are stealing.
Adobe Reader 9.3.1 is a msp file that can only be applied to Adobe Reader 9.3. So what to do about the users that hadn’t installed 9.3 yet. I really didn’t want them to install 9.3 then have 9.3.1 install immediately after that. That sort of thing sets user revolt in motion. So I searched …
Today’s SANS Diary reminded me of something that happened a while back. The SANS entry New Risks in Penetration Testing was concerned that reputation scoring for an IP could be effected by pen testing from that IP address. I guess someone is taking the old Senderbase concept and applying it to all traffic. The helpdesk received an …
Today’s Dear Abby contained a letter about passwords. It’s the third letter at this link The letter writer warns against sharing your passwords with anyone. The writer recounts instances where a password shared at one point in a relationship becomes a weapon when the relationship turns sour. People, after the divorce is finalized you need …
Another Christmas gift from a software vender. Mozilla has released updates for Firefox. The current version is now 3.5.6 and 3.0.16. Their security advisories are here. There are three updates rated as critical.
“Are on the Internal network where the following IP addresses are reachble?” How’s that again? The funny thing is when I glanced at this question on my blackberry I didn’t even notice anything was wrong.
I’m at Shmoocon 5 this weekend. Its my third time down there (missed 1 and 3). Always a good time. This year’s event has 1500 attendees, 40% larger than last year. 30ish talks chosen from 100 submitted. The opening remarks kind of paralleled what I’ve been thinking lately. The stakes are high. Yet any sort …
I’ve seen reports from venders and fellow users about MS08-067 worm infestations. If you’re not patched, what are you doing here?