| |
"The future masters of technology will have to be lighthearted and intelligent. The machine easily masters the grim and the dumb." -- Marshall McLuhan, 1969 |
|
Helen Thomas retires following controversial remarks |
|
|
Topic: Media |
12:32 pm EDT, Jun 7, 2010 |
Veteran reporter Helen Thomas, who has covered the White House since the John F. Kennedy administration, is retiring immediately following her controversial statements about Israel, Hearst Newspapers reports.
What a lousy way to end an amazing career. Thomas really screwed the pooch... Helen Thomas retires following controversial remarks |
|
PCs, The Internet, and Trucks |
|
|
Topic: Humor |
7:14 pm EDT, Jun 2, 2010 |
Steve Jobs: "PCs are going to be like trucks," Jobs said. "They are still going to be around." However, he said, only "one out of x people will need them."
Former Senator Ted Stevens: And again, the Internet is not something that you just dump something on. It's not a big truck. It's a series of tubes.
Does this make my mobile phone a Bitchen Camaro? These analogies are confusing me.. |
|
Topic: Current Events |
9:08 pm EDT, May 29, 2010 |
Decius: I hope this post looks silly in 24 hours.
The good news is that your post doesn't look silly. Three attempts to pump mud and 16 tries to stuff solid material into a breached Gulf of Mexico oil well failed to stop the flow, top BP executives said Saturday, and engineers and executives with the oil giant have decided to "move on to the next option."
That's the bad news. The next option is to inject lawyers and lobbyists into the breached blowout preventer until a compromise is reached with the oil well. Top Kill, fail. |
|
New King of Technology - Apple Overtakes Microsoft - NYTimes.com |
|
|
Topic: Business |
5:02 pm EDT, May 26, 2010 |
In intraday trading shortly after 2:30 p.m., Apple shares rose 1.8 percent, which gave the company a value of $227.1 billion. Shares of Microsoft declined about 1 percent, giving the company a market capitalization of $226.3 billion. This changing of the guard caps one of the most stunning turnarounds in business history, as Apple had been given up for dead only a decade earlier. But the rapidly rising value attached to Apple by investors also heralds a cultural shift: Consumer tastes have overtaken the needs of business as the leading force shaping technology.
New King of Technology - Apple Overtakes Microsoft - NYTimes.com |
|
Cyberattack on Google Said to Hit Password System - NYTimes.com |
|
|
Topic: Computer Security |
10:19 am EDT, Apr 20, 2010 |
Ever since Google disclosed in January that Internet intruders had stolen information from its computers, the exact nature and extent of the theft has been a closely guarded company secret. But a person with direct knowledge of the investigation now says that the losses included one of Google’s crown jewels, a password system that controls access by millions of users worldwide to almost all of the company’s Web services, including e-mail and business applications. In Google’s case, the intruders seemed to have precise intelligence about the names of the Gaia software developers, and they first tried to access their work computers and then used a set of sophisticated techniques to gain access to the repositories where the source code for the program was stored. They then transferred the stolen software to computers owned by Rackspace, a Texas company that offers Web-hosting services, which had no knowledge of the transaction. It is not known where the software was sent from there. The intruders had access to an internal Google corporate directory known as Moma, which holds information about the work activities of each Google employee, and they may have used it to find specific employees.
This fits with what I've seen of APT's MO. They consider valid user credentials to be their holy grail. Most of their efforts are focused on having a reliable source for valid credentials, which they them use to impersonate users for logging into webmail and using whatever means of remote access organizations provide to users. Cyberattack on Google Said to Hit Password System - NYTimes.com |
|
The Tragedy of Oklahoma City 15 Years Later and the Lessons for Today |
|
|
Topic: Security |
8:23 am EDT, Apr 16, 2010 |
The Center for American Progress Action Fund and the Democratic Leadership Council invite you to a symposium commemorating the 15th anniversary of the Oklahoma City Bombing. This devastating event saw not only the tragedy of domestic terrorism, but in its aftermath, the political leadership in our country come together to heal its wounds. Opening the symposium will be a keynote speech by former President Bill Clinton who will discuss Oklahoma City and its aftermath. Following the speech will be a panel discussion of experts who will discuss Oklahoma City, how the country reacted to it, and what lessons we can lean from it today about our political discourse.
The event starts at 9:30am EST. You can watch the live stream at the link below. The Tragedy of Oklahoma City 15 Years Later and the Lessons for Today |
|
It’s Cyberwar! Let’s Play Bingo! | Threat Level | Wired.com |
|
|
Topic: Computer Security |
12:19 pm EDT, Apr 8, 2010 |
While it’s clear from the cyberwar news that we are living in a war zone when we turn on our computers, we at Wired.com refuse to surrender — even at the risk of taking an e-bullet in the name of Freedom. So strap on your iFlak jackets and use this Wired.com CyberWar bingo card the next time you go to read a Cyberwar story.
Wonderful! It’s Cyberwar! Let’s Play Bingo! | Threat Level | Wired.com |
|
Yet even more ranting about Damballa and APT... |
|
|
Topic: Computer Security |
3:45 pm EDT, Apr 1, 2010 |
This post was just brought to my attention. I don't know how much more I'm going to share my thoughts about Damballa's take on this stuff, because it's just getting frustrating... I don't take enjoyment from sitting around telling people they are wrong when they clearly are not listening to anyone. Does anyone really believe that the botnet operators behind the Aurora attacks chose to use the most basic and amateurish malware they had on hand because they didn’t need anything more advanced? That sounds about as silly as a bank robber choosing to leave his gun at home in favor of taking an 18 inch wooden baton along because he hears that the guards are only armed with 16 inch batons.
When these guys get caught, they step up their techniques and tools. I've seen it play out at least three times in the past year. It's a key aspect of the Sino-APT groups' MO. Ask Mandiant.. Ask FBI.. Ask someone at ShadowServer.. Many people have seen it play out. You should stop ignoring people who have dealt with these specific groups. (Update: See the bottom of the full post for more details about this.) I’ve also heard a few people say that the botnet operators were so smart that they may have created the malware to look like it was developed by a bunch of amateurs. It’s all beginning to sound like a conspiracy theory – next we’ll hear that aliens have landed and are subtlety infiltrating online businesses as they proceed with their plan for world domination…
You are totally locked into the mentality that attackers need advanced botnets to get the job done. Get over it. Sino-APT has nothing to do with advanced botnets. Your product has to do with advanced botnets... From a distance, the comments coming from Damballa amount to "if our product can't help with battling Sino-APT, than Sino-APT doesn't exist as you define it." One question I’ve got to ask though is “Why didn’t they just use a DIY kit?” Malware generated using one of the kits would have offered greater functionality, armoring, and would generally have had less likelihood of detection. Some possible reasons for not using a DIY kit: They didn’t trust the kits that are out there. Many of the free and pirated kits are backdoored – meaning that any malware created from them have hidden CnC’s built in, and report back to the kit author/pirate.
Again, Sino-APT doesn't use (or need) botnets. At any given time, Sino-APT uses less than five hosts to receive beacons and c&c connections per-victim. Using DYI kits increases the likelihood of detection, as eventually every DYI kit is going to get some analysis done on it by a security vendor if it becomes even remotely widespread. Crafting tools specific to the victim, o... [ Read More (0.5k in body) ] Yet even more ranting about Damballa and APT... |
|
SANS - Computer Forensics - Community |
|
|
Topic: Computer Security |
12:31 pm EDT, Mar 31, 2010 |
The SANS SIFT Workstation is a VMware Appliance that is pre-configured with all the necessary tools to perform a detailed digital forensic examination. It is compatible with Expert Witness Format (E01), Advanced Forensic Format (AFF), and raw (dd) evidence formats. The brand new version has been completely rebuilt on an Ubuntu base with many additional tools and capabilities that can match any modern forensic tool suite.
SANS - Computer Forensics - Community |
|