« PCI DSS v1.2 in a Nutshell | Main | Survived a Class with Rodrigo Gracie »

Some Random Security Thoughts

lulz! Pirate iz d4 b0mbz!

If you need a good chuckle, please go read my friend Pirate's blog. He has a "1337" AIM SN that draws all sorts of interesting random babble. A good way to laugh your day away. :) There is, incidentally, some security tidbits to glean from here... in particular, some first-hand observations of (weakly) attempted social engineering...

This quote reminds me of the security programs for many large orgs... :

Putt's Law: "Technology is dominated by two types of people: those who understand what they do not manage, and those who manage what they do not understand."

Security Focus has an article up, "Man-in-the-middle attack sidesteps SSL", talking about how changes in default browser behavior have resulted in a less secure posture that facilitates MITM attacks.

In an homage to resourcefulness, this reformed felon is looking to apply his high-end skills, including in security and computers, in his post-confinement life/career.

In a tribute to more shoddy Science... it turns out that the National Snow and Ice Data Center (NSIDC) has botched their measurements by using an obsoleted method in estimating Arctic ice/snow coverage... from a security perspective, this really highlights the importance of good data... look at the current financial meltdown on Wall Street... by most accounts, the crisis was largely due to very poor risk management decisions thanks to poor risk evaluations... this is very much a case of "garbage in, garbage out"... we must all learn to put a critical eye on numbers - particularly statistics...

Speaking of getting things right... it seems that the tide is turning a bit on the notion that we should live in fear of terrorists... The Bruce has a post up this week titled "Terrorism Common Sense from MI6" where a former big wig from Britain's MI6 spy agency talks about how there are far worse things to be concerned with than the random terrorist attack.

TrackBack

TrackBack URL for this entry:
http://www.secureconsulting.net/MT/mt-tb.cgi/846

Post a comment

About

This page contains a single entry from the blog posted on February 19, 2009 3:49 PM.

The previous post in this blog was PCI DSS v1.2 in a Nutshell.

The next post in this blog is Survived a Class with Rodrigo Gracie.

Many more can be found on the main index page or by looking through the archives.

Creative Commons License
This weblog is licensed under a Creative Commons License.