Comments Posted By Sir Henry
Displaying 1 To 30 Of 145 Comments
Being a US citizen, I can only confirm what Pantagruel stated in that the US customs and TSA employees are definitely not the brightest bulbs. What is unfortunate is that these employees are the equivalent of a night shift security guard, but has the power to do very bad things to you and your name. The attitudes and ignorance and intense power trips exhibited by these individual is nothing less than infuriating. Unfortunately, there is not much that can be done. If you protest, they have been known to gang up on you and take you off to non-descript rooms where you can be held for no reason, but will be treated as if you are a criminal (or, dog forbid, a terrorist). So, it comes as no surprise to see the details in this post.
I agree with the sentiments here. Preparation needs to be made with disk encryption tools that obfuscate or simply hide the data you want to keep personal. On my corporate laptop, there is full disk encryption, but it looks as though just not inputting the password would not help get you on your plane.
Absolutely maddening. If you want to find out more about the abhorrent TSA, just hop on over to Schneier’s blog. He has interviewed the head of the TSA and really pokes holes in their validity and value in the security of airports and the “war on terror”.
sorry for the diatribe. This is something that infuriates me on a constant basis.
» Posted By Sir Henry On February 13, 2008 @ 5:11 pm
Apple iPhone Unlocked Again – 1.1.2 and 1.1.3 Firmware
lol…I love Apple for different reasons. The iPhone and being solely available to AT&T customers is a bit unnerving, but it would appear people who have a similar loathe or disdain are doing wonderful things in the efforts of subverting this union.
» Posted By Sir Henry On February 18, 2008 @ 3:14 pm
January Commenter of the Month Competition Winner!
@goodpeople:
Excellent! Congrats!
» Posted By Sir Henry On February 13, 2008 @ 3:03 pm
@Darknet:
The GFI pens are pretty awesome for being your run of the mill ball-point. Yes, I am excited about a pen. lol
@goodpeople:
The new job is pretty cool. I am currently sitting in a training in Ottawa where I am refreshing all of my PKI knowledge. It should not be hard to figure out the company, but let us not speak of the entity here.
» Posted By Sir Henry On February 11, 2008 @ 9:32 pm
@goodpeople:
I am glad the wrist is getting better. I think I may be falling apart, as well. I will be 31 on Friday and am beginning to think that there may be something to this degeneration concept.
» Posted By Sir Henry On February 11, 2008 @ 7:52 pm
@goodpeople:
Nor was there any expectation on my part. Hopefully it was not conveyed in my comment that I was expecting anything mentioned. Just more of a statement. In reality, receiving what I did was just a nice-to-have on top of the phenomenal discussions that we have had.
» Posted By Sir Henry On February 11, 2008 @ 7:36 pm
@goodpeople:
Sounds like you and I received the same package, save for I only got one key cord. No psp/ipod, either, but did not envision that I would get one, anyway. Not sure why. Congrats, again.
How is the wrist?
» Posted By Sir Henry On February 11, 2008 @ 6:44 pm
@goodpeople:
Congrats! Sorry for not adding to the discussions as of late. My new job is under way and I am all over the place. Next week I will be in Ottawa in the event that any of you is located there.
» Posted By Sir Henry On February 5, 2008 @ 11:05 pm
Perl.com Sends Visitors to Porn Site!
Indeed, the first thing I noticed was the mention of IE. I just do not understand why people still use IE. Then again, my soon-to-be previous employer builds applications that only run in IE, thus securing their insecurity. Digression noted, I do find their lexicon of geek to be impressive for the sake of domain naming.
» Posted By Sir Henry On January 21, 2008 @ 3:41 pm
GFI Survey – 4 in 10 US Companies are NOT Secure!
@J.Lion:
If your company has sensitive data, or a need to keep some portion of its data private or secure, then security it not only for big companies. I really do not think security it only for big companies, simply for the fact that data, regardless of the company size, has commensurate value to someone out in the wild.
» Posted By Sir Henry On February 11, 2008 @ 11:10 pm
@James:
I am sure that such a machine would be extremely boring, too. I am such an addict when comes to being online.
» Posted By Sir Henry On January 9, 2008 @ 6:46 pm
@Pantagruel:
Your real world example just illustrates how companies still think that all the threats are coming from the outside. What they do not realize is that security needs to be equally strong on the inside, as it is on the outside. That and the thought process needs to change from the assumption that if anything occurs on the inside of the company, that is is simply a nefarious individual who always had malign intent. The latter is an ignorant stance that does not take into consideration that end user education is simply not happening; that if you allow devices from the outside to be indiscriminately used without some type of security check point, you are failing your security policy.
One thing I have seen in regard to device control is that the checks are becoming more intelligent. No longer do you simply have to block all removable media devices. Now there are fingerprints for each type of USB device that, in turn, can be white or blacklisted depending upon the security policy. That would help immensely on the inside by way of the company telling the end user that only x type of USB devices will be allowed and/or provided by the company. I think, in addition to this, a valuable function would be to store serial numbers or some type of identifier for the USB device so that, in the event of a breach or outbreak, it can be quickly and easily identified within the system as to the origin.
» Posted By Sir Henry On January 9, 2008 @ 4:50 pm
@Patrick:
That would be the better question to ask. At that point, you could then figure out the rough statistics and probabilities based upon their lack of knowledge.
@Pantagruel:
I agree with you on this completely. Either they do not know, or they are not in full disclosure.
» Posted By Sir Henry On January 9, 2008 @ 3:02 pm
Uber Spammer Alan Ralsky Back In The News
@Ian:
Specifically my thoughts regarding the $3 million. Such a paltry sum when you think about it from a scam point.
@eM3rC:
I would think that certain banks in the Caribbean would be perfect for this type of transaction. They normally will eschew any attempts by law enforcement to regain the money gained from the scams. This is why it is so easy for the spammers (and other nefarious types) to get back into business upon release from prison.
» Posted By Sir Henry On January 8, 2008 @ 4:50 pm
The First Reported Facebook Worm/Malware Pops Up – Secret Crush
I have never understood the draw of facebook (or myspace, for that matter). But, it would seem that both places would be rife with opportunity to infect the users of each. Admittedly, I do use LinkedIn and wonder what types of opportunities are available there. I tend to only get emails for connections, but wonder if someone has been able to work in phishing attempts that would lead to the enumeration of data. Given, there is not much that they could get, but would still be worth investigating.
» Posted By Sir Henry On January 15, 2008 @ 2:36 pm
UK Government Set to Make ‘Hacking Tools’ Illegal
There needs to be more technical people in higher places who can clearly explain how this would affect things for the UK (or Germany, for that matter). Then again, even with technical people in place, it is that same lot of stodgy bastards who still think the kettle is a modern invention. The same goes here in the US. A fat lot of bloated and ego-maniacal bureaucrats who care not for security, not the ramifications of making such a law. They only care about the lobbyist who is lining their pockets.
Now, I would like to think that, given the number of companies in the US who provide services that, under this law, would be considered “hacker services”, the US would never attempt to pass a law of this sort. But, given that it appears ISPs are blatantly ignoring the FCC and simply stating that they are going to start filtering traffic, who knows what will happen. I do know that if something like this goes into effect in the US, the response will likely be nefarious and brutal. The latter, of course, will not help but to illustrate why the law should be in place.
/rant
» Posted By Sir Henry On January 11, 2008 @ 2:32 pm
I am sure that, given your experience and knowledge, there would be some opportunities. I will have to check their EU openings.
» Posted By Sir Henry On January 9, 2008 @ 6:39 pm
At the beginning of the month, I can run whatever OS I want.
» Posted By Sir Henry On January 9, 2008 @ 6:30 pm
Thanks, goodpeople, I am really excited about the new position. My previous (well, current until the end of the month) position was not advertised correctly and my skills were underutilized or blatantly ignored. Talk about a reason to start looking into the internal security.
» Posted By Sir Henry On January 9, 2008 @ 6:10 pm
Not so much the Boss’s daughter but what he has on his hard drive.
» Posted By Sir Henry On January 9, 2008 @ 5:57 pm
They pay me the big bucks, too, but for a different reason. >:)
» Posted By Sir Henry On January 9, 2008 @ 5:33 pm
@trejox:
I am going to have to second what goodpeople has stated. Reactionary defenses as a means of security are not going to eliminate the threats and will most certainly not do anything to anticipate the new attacks that are out there. To fight the good fight, people need to anticipate what could potentially happen and form an offensive. Of course, I pity the security engineer who is in charge of that task.
» Posted By Sir Henry On January 8, 2008 @ 5:20 pm
@goodpeople:
I, too, felt the same regarding our discussions. I have found immense intellectual enjoyment and stimulation here.
» Posted By Sir Henry On January 2, 2008 @ 5:03 pm
This is one of the reasons I stopped reading articles posted on Reddit (not that I will stop reading here, of course); There is a bleak outlook in regard to what is currently going on behind the scenes and only a small portion of the internet population who knows about and understands any of it. I think goodpeople will agree when I say that this is where education about these matters becomes paramount.
In a similar vein (yes, this will remain dichotomous), I once read a question on linkedin about whether to hire “hackers” for your security work. What surprised me was the overwhelming response at how hiring a person who has “hacking skills” is like asking the fox over for tea in the hen house. Such an unfortunate outlook and one wrought with emotional insecurity and a fear for the unknown. My stance is this: In order to fully understand the people who create malware of this calibre, we have think like them and do the things they do. Only then, can we have any sort of chance in creating an offensive to battle such works of intense brilliance. I know, it is a razor thin line and I am certain that thoughts of “The Force” and “The Dark Side” come to ming. The latter is rather apropos, I feel.
I would like to know what others think of the latter ideas.
» Posted By Sir Henry On January 2, 2008 @ 3:40 pm
Happy New Year – Best Wishes from Darknet!
Velkomen tilbake! Gratulerer med nyt år!
» Posted By Sir Henry On January 3, 2008 @ 1:17 pm
Happy new year, all. I am happy to have found such a phenomenal community here and look forward to more discussion and learning over 2008.
» Posted By sir Henry On January 1, 2008 @ 2:37 pm
December Commenter of the Month Competition Winner!
@Sarah:
Thank you. I look forward to receiving the goodies.
» Posted By Sir Henry On January 8, 2008 @ 4:52 pm
@Darknet
Do you want me to send a pic of me and my rar files from the hacker kit? heh.
» Posted By Sir Henry On January 4, 2008 @ 3:47 pm
@Pantagruel
Thanks!
@goodpeople
Thanks, but I would be loathe to have people mistake my zeal for commenting as a gesture to simply win a contest many times over. Here is to your name being lauded for the month of January!
» Posted By Sir Henry On January 4, 2008 @ 3:39 pm
Storm Worm Spreading Some Holiday Cheer
«« Back To Stats Page@eM3rC:
Compatibility is a paradigm and a state of mind for Mac users, especially if they have switched from Windows. The problem with the idea of compatibility is that one associates the Mac with Windows and how applications they once used in Windows cannot be run on Mac. The paradigm shift is when the Mac user realizes that it isn’t about the applications that do not work in Windows, it is about the applications on Mac that have a similar end result as with the Windows applications. For me, having switched to Linux a while ago, but more recently using the Mac OS, I have found that I can do anything and more than that of my Windows OS days of use.
» Posted By Sir Henry On January 9, 2008 @ 5:28 pm
| 246,190 views |
