* Posts by InfoSecuriytMaster

8 posts • joined 13 Dec 2012

Sad fact of the day: Most people still don't know how to protect themselves online

InfoSecuriytMaster

Its good that this is being discussed. Here's a short list over the last week or so:

EFF Self Defense https://ssd.eff.org/

Schneier: Countering DOXing

https://www.schneier.com/blog/archives/2017/03/defense_against.html

B.S. has several more relevant over the recent past too.

Schneier on Digital Security Exchange

https://www.schneier.com/blog/archives/2017/03/digital_securit.html

(DSE is at https://medium.com/@levjoy/building-a-digital-security-exchange-d392ad2f4982#.uefklg2nq

)

ZDNet: keep Smart TV from spying

http://www.zdnet.com/article/how-to-keep-your-smart-tv-from-spying-on-you/

WIRED: excerpt from Kevin Mitnicks new book on how to go invisible

https://www.wired.com/2017/02/famed-hacker-kevin-mitnick-shows-go-invisible-online/

ZDNet: lock down in 60min

http://www.zdnet.com/article/how-to-lock-up-your-digital-life-in-less-than-an-hour/

Wired: protect all your /dev

https://www.wired.com/2017/03/easiest-way-protect-devices-hacks-keep-updated/

ZDNet: protection from thumb drives

http://www.zdnet.com/article/this-usb-firewall-protects-against-malicious-device-attacks/

C|net: VPN

https://www.cnet.com/how-to/understanding-vpns-and-how-to-choose-one/

regards

_/)_ B:ISM

0
0

I was authorized to trash my employer's network, sysadmin tells court

InfoSecuriytMaster

Re: Inappropriate charge

Fraud probably doesnt apply since he didnt do anything he wasnt authorized to do and didnt do anything for any monetary gain.

2
0
InfoSecuriytMaster
Megaphone

Law, authorization and rules of behavior

The law is only effective if the company has specific Rules of behavior AND Administrator RoBs. the Admin isnt going to get a separate permission every time they want to delete an extra file. The Admin RoB must specify 1 Thou shall do no evil; 3 You shall compy with Admin Policies and then 3- 25 (or 100) the rest of the specifics to do and other things that do need specific authorization (e.g. deleting all backups). And that any violation of can include termination, civil and criminal action against them. The wording may vary from state to state, but this is the basic premise. The RoB must be done because some employees are not on contractual obligation or may be unionized. Also the Admin RoB specifies adherence to Change|Configuration management s policies and procedures (i.e. nobody changes anything without written approval). And also compliance with Admin's policies noted above (the RoB may be a summary of the Admin's Policy manual). That is how to get a general or vague law to be effective.... And my guess is that this guy is going free if the employer company didnt do the policies and RoBs.

0
0

Why Tim Cook is wrong: A privacy advocate's view

InfoSecuriytMaster

Apple is not being asked to install or utilize a backdoor. Apple is being forced to turn iOs into a Backdoor. Or better, the remove security from iPhone. Upgrade becomes a degrade. Now upgrades and patches are actually the FBI trojan. So now no one can trust Apple's upgrade/patch. And next, MS and Google. So now we, because of the FBI, are tossed back to 1984 technologically - and politically.

0
1

Chrome, Firefox blab your passwords in a just few clicks: Shrug, wary or kill?

InfoSecuriytMaster

Saved Passwords

Saving passwords? should get a warning from browser. Master Password (which encrypts local store) is a real simple solution, so why not default? better yet, use a password manager.

0
0

Dear gov cyber-ninjas, try NOT to KILL PEOPLE. Love from the lawyers

InfoSecuriytMaster
Pirate

A Start, Finally

The main media uses terms like cyberwar and cyber weapons without realizing that there is no definition of these. Cyberwar by most opinions has never occurred. Cyber weapon is a silly term mostly; IT uses 'trojan" and "bot:" to the point. The supposed activity in the Iranian nuke plant wasn't cyber war - it was espionage. War is defined (as best possible) in existing international law and agreements (Hague conventions, Geneva conventions for examples), and there is even a general Law of the Seas (e.g. UNCLOS). But there is no such code in Cyber. We need such before nations or non-state actors act inadvisably (e.g. 1-hack a nuclear plant; 2-boom). This approach from CCD COE is much more intelligent that say, US Cyber command, US DHS's cyber involvement (oh no no no) and much else the US has officially stated.

0
0

Win7 hotspot hackers kick-funded - now they're network bondage pros

InfoSecuriytMaster
Mushroom

Connectificationtivity

Hurrray! But it seems most are missing the point. OF COURSE you 'could' bind your wireline with your cellphone to really move - by why? simpler to upgrade. But how about you are sitting at a bus stop between a Hooters, Staples, a MacDonalds and a Starbucks? Now THATS WHAT I'M TALKING ABOUT!! gather them together and smoke the internet!!!

1
0

It pays to study the habits of your email users

InfoSecuriytMaster
Devil

Pile much, File once

Piling is better if you need to find mail. Filing/foldering means memorizing a hierarchy and probably having multiple copies of emails in various topical folders. Pile until the mailbox reaches its limit, then archive oldest out of inbox (topical archives may be better than piled archives). Categories function is slicker in recent release, just not exactly better. Google improved theirs with a hierarchal tagxonomy (at least 2 levels nested). When outlook allowed text for categories, you could pseudo-nest. Now it seems you cant - only 1 level in Outlook.

0
0

Forums

Biting the hand that feeds IT © 1998–2017