Archive for January, 2006

Jan 31 2006

Network Security Podcast, Episode 12

Published by under Podcast

Now brought to you at 128kbps sound.  I upped my Libsyn account so that I could play with a higher quality recording.  Let me know if this makes a noticable difference to you, or if you prefer the smaller file size.  I am so looking forward to the RSA conference in San Jose in two weeks.  Even though I’m going to be in San Jose over Valentine’s Day, my wife is graciously letting me go to the convention.  Could be the fact that her parents will be here the weekend before.  Either way I’ll take it.

Tonight’s music was Corporate Graveyard by BB Chung King and the Buddaheads

Network Security Podcast, Episode 12, January 31, 2006

EFF Sues AT&T to Stop Illegal Surveillance
AMD forums laid low by Windows exploit
Winamp Computer Name Handling Buffer Overflow Vulnerability
Checklist:  11 things to do after a hack
State Laws Governing Security Breach Notification
Keeping Secrets

Technorati Tags: , , ,

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

No responses yet

Jan 31 2006

Testing Flickr

Published by under Site Configuration

A Picture Share!

A Picture Share!,
originally uploaded by mmckeay.

I finally got around to playing with Flickr. I’m doing this in anticipation of the RSA Conference next month, in the hopes that I can make some uploads from the showroom floor. Sorry about the quality, by the way.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

No responses yet

Jan 30 2006

Cisco VPN DoS attack

Published by under Hacking,Security Advisories

According to this article on the eSentire site, it’s possible to take down a Cisco VPN 3000 concentrator if you have the WebVPN service enabled.  Luckily, this is only an annoying attack, not a serious one.  Hopefully no one finds a way to make this more effective.  Thanks, Paul.

Technorati Tags: , , ,

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

One response so far

Jan 27 2006

My off-site storage is … the trunk of my car

Published by under General,Simple Security

You know what, this story wouldn’t scare me if I wasn’t fairly certain that this is the second most common off-site storage strategy for many businesses.  The most common answer to the storage of back-up tapes is “Off-site storage?  What’s that?’  And to make matters worse, I’ve been guilty of using the same strategy myself when I worked at my first major IT job. 

Technorati Tags: ,

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

No responses yet

Jan 27 2006

That’s it?

Published by under Hacking,PCI

ChoicePoint is being fined $15 million for their 2004 security breach.  And they have to have an independent, third-party audit every other year until 2026.  For a company the size of ChoicePoint, that’s a drop in the bucket, especially since they willfully disregarded the Payment Card Industry (PCI) Data Security Standards and kept data they never should have had in their databases to begin with.  The semi-annual audit sounds good, unless you realize that they should be undergoing an annual audit for PCI compliance anyways.  I guess I’m just frustrated by this slap on the wrist.  At StillSecure, the author is hoping this will send a message to other companies, but I’m afraid that this may be the wrong message.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

4 responses so far

Jan 27 2006

Now on the Podcast Roundtable: Google vs. Uncle Sam

Published by under Government,Podcast,Privacy

Take a trip over to the Podcast Roundtable and listen to the conversation between Dan Sweet, Dennis McDonald and myself.  We talk about the federal government’s efforts to get their hands on Google’s search records and possible repurcussions. 

Or you can just download the MP3 file directly.

Podcast Roundtable:  Google vs. Uncle Sam

Technorati Tags: , ,

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

No responses yet

Jan 26 2006

(In)Secure Magazine, Issue 5 is out

Published by under General

(In)Secure Magazine, Issue 5

I started reading (In)Secure, an online security magazine, last year, when they sent me an email letting me know my site was one of the security blogs they were highlighting in their first issue.  I keep going back because they have articles that are relevant and well written.  I’m one of those people that still needs to print out longer articles to read them, but I appreciate being able to access the magazine online.  They had two articles I’m reading immediately, ‘Writing an enterprise handheld security policy’ and ‘Hardening Windows Server 2003 platforms’.

Technorati Tags: ,

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

One response so far

Jan 26 2006

Asking Microsoft Security Questions

Published by under Microsoft

Over at Slashdot, Mike Nash, Security VP over at Microsoft answers questions from the readers.  I found the justification for the continued coupling of Internet Explorer especially interesting.  I thought they had a court order specifically prohibiting that? 

Technorati Tags: ,

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

One response so far

Jan 25 2006

They did good!

Published by under Government

insomnia: Future American lawyers to be proud of.

I applaud these law students and hope they don’t end up on a terrorist watch list somewhere.

Technorati Tags: ,

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

One response so far

Jan 24 2006

Network Security Podcast, Episode 11

Published by under Podcast

Episode 11 is in the can.  I had a scare in the middle of the podcast when a ‘Disk out of Space’ error popped up on my screen, so I had a  few moments of panic there.  Luckily I was able to delete some patch uninstall files, which I probably had no need for anyways.  I hope.  It was a bit slow in the news department this week, so the podcast came in at just under thirty minutes.

Tonights music was Godspell by Single 7

Network Security Podcast, Episode 11, January 24th, 2006

San Francisco Podcast Meetup Group
PDFCreator (Thanks Rob)
Illusions of Security; wrap-up for Mac OS X
Podcasting a conversation
Amy Gahran:  The Right Conversation
The Human Factor and Security
FBI:  Most Companies Get Hacked
FBI says attacks succeeding despite security investments
Hollywood’s MP denounces “users,” “EFF members”
Undervolting a laptop

Ps, had another slight scare at the end of the recording.  Apparently there was some sort of corruption in the wav file, and LAME choked a little on the conversion.  Please let me know if you hear anything out of the ordinary.

Technorati Tags: , , ,

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

4 responses so far

Next »

7ads6x98y