* Posts by InfoSecuriytMaster

9 posts • joined 13 Dec 2012

Smut-watchers suckered by evil advertising



Potentially MUCH greater distro. I discovered this attack being spread from (US) ABC News' Good Morning America (GMA) Yahoo-based site last week (FAIRLY certain not from abcnews.go.com).

I can only hope that more watch the TV and not www.yahoo.com/gma !

Sad fact of the day: Most people still don't know how to protect themselves online


Its good that this is being discussed. Here's a short list over the last week or so:

EFF Self Defense https://ssd.eff.org/

Schneier: Countering DOXing


B.S. has several more relevant over the recent past too.

Schneier on Digital Security Exchange


(DSE is at https://medium.com/@levjoy/building-a-digital-security-exchange-d392ad2f4982#.uefklg2nq


ZDNet: keep Smart TV from spying


WIRED: excerpt from Kevin Mitnicks new book on how to go invisible


ZDNet: lock down in 60min


Wired: protect all your /dev


ZDNet: protection from thumb drives


C|net: VPN



_/)_ B:ISM

I was authorized to trash my employer's network, sysadmin tells court


Re: Inappropriate charge

Fraud probably doesnt apply since he didnt do anything he wasnt authorized to do and didnt do anything for any monetary gain.


Law, authorization and rules of behavior

The law is only effective if the company has specific Rules of behavior AND Administrator RoBs. the Admin isnt going to get a separate permission every time they want to delete an extra file. The Admin RoB must specify 1 Thou shall do no evil; 3 You shall compy with Admin Policies and then 3- 25 (or 100) the rest of the specifics to do and other things that do need specific authorization (e.g. deleting all backups). And that any violation of can include termination, civil and criminal action against them. The wording may vary from state to state, but this is the basic premise. The RoB must be done because some employees are not on contractual obligation or may be unionized. Also the Admin RoB specifies adherence to Change|Configuration management s policies and procedures (i.e. nobody changes anything without written approval). And also compliance with Admin's policies noted above (the RoB may be a summary of the Admin's Policy manual). That is how to get a general or vague law to be effective.... And my guess is that this guy is going free if the employer company didnt do the policies and RoBs.

Why Tim Cook is wrong: A privacy advocate's view


Apple is not being asked to install or utilize a backdoor. Apple is being forced to turn iOs into a Backdoor. Or better, the remove security from iPhone. Upgrade becomes a degrade. Now upgrades and patches are actually the FBI trojan. So now no one can trust Apple's upgrade/patch. And next, MS and Google. So now we, because of the FBI, are tossed back to 1984 technologically - and politically.

Chrome, Firefox blab your passwords in a just few clicks: Shrug, wary or kill?


Saved Passwords

Saving passwords? should get a warning from browser. Master Password (which encrypts local store) is a real simple solution, so why not default? better yet, use a password manager.

Dear gov cyber-ninjas, try not to kill people. Love from the lawyers


A Start, Finally

The main media uses terms like cyberwar and cyber weapons without realizing that there is no definition of these. Cyberwar by most opinions has never occurred. Cyber weapon is a silly term mostly; IT uses 'trojan" and "bot:" to the point. The supposed activity in the Iranian nuke plant wasn't cyber war - it was espionage. War is defined (as best possible) in existing international law and agreements (Hague conventions, Geneva conventions for examples), and there is even a general Law of the Seas (e.g. UNCLOS). But there is no such code in Cyber. We need such before nations or non-state actors act inadvisably (e.g. 1-hack a nuclear plant; 2-boom). This approach from CCD COE is much more intelligent that say, US Cyber command, US DHS's cyber involvement (oh no no no) and much else the US has officially stated.

Win7 hotspot hackers kick-funded - now they're network bondage pros



Hurrray! But it seems most are missing the point. OF COURSE you 'could' bind your wireline with your cellphone to really move - by why? simpler to upgrade. But how about you are sitting at a bus stop between a Hooters, Staples, a MacDonalds and a Starbucks? Now THATS WHAT I'M TALKING ABOUT!! gather them together and smoke the internet!!!

It pays to study the habits of your email users


Pile much, File once

Piling is better if you need to find mail. Filing/foldering means memorizing a hierarchy and probably having multiple copies of emails in various topical folders. Pile until the mailbox reaches its limit, then archive oldest out of inbox (topical archives may be better than piled archives). Categories function is slicker in recent release, just not exactly better. Google improved theirs with a hierarchal tagxonomy (at least 2 levels nested). When outlook allowed text for categories, you could pseudo-nest. Now it seems you cant - only 1 level in Outlook.

Biting the hand that feeds IT © 1998–2019