Irregular Expressions


March 19, 2012  2:14 AM

Some PB updates

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

No not peanut butter, Pirate Bay.

http://thepiratebay.se/blog/210

I have been waiting to get my hands a on Raspberry PI, and it appears they have too.

I have to admit their idea of system redundancy is amusing, also I am not saying they cannot make it work.

March 18, 2012  11:42 PM

Syrian Trojan?

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

http://www.cnn.com/2012/02/17/tech/web/computer-virus-syria/index.html

I missed this the first time around, I can say I did not think they would use something like this.  I am a little surprised.


March 12, 2012  12:21 AM

Bad press for OWASP

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

http://www.reuters.com/article/2012/03/09/us-cyber-arrests-martyn-idUSBRE82807M20120309

I don’t think this case would be highly unique, I am sure there is more then one SP that has been or is involved in something less then morally correct.  I have been asked before if these skills are so dangerous why are people being taught them?

To paraphrase the link, it’s all about ethics.  You could make the same argument about martial arts ( This was relevant at the time of the conversation ) .  Anyone can walk up to you and lay one right in your face, so what do you do?  Well you can try to avoid those types of people but sometimes that is not possible. Or you can learn how to defend yourself, also the bad guys can do that too.  Either way there is still going to be a jerk that will punch you in the face, and it’s all about passing along an excellent moral compass to those you can.


March 12, 2012  12:13 AM

USCC Report on China’s Information Warfare Capabilities

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

Link;

http://www.uscc.gov/RFP/2012/USCC%20Report_Chinese_CapabilitiesforComputer_NetworkOperationsandCyberEspionage.pdf

Warfare is warfare, I don’t think changing the field of battle changes what it is.  One of my personal hobbies is ancient warfare and tactics, I find it incredible interesting and I cannot help but think of information security and warfare when I read about these things.  I also think the Art of War should be mandatory reading for anyone. Here is a few of my favorites.

He will win who, prepared himself, waits to take the enemy unprepared.

To secure ourselves against defeat lies in our own hands, but the opportunity of defeating the enemy is provided by the enemy himself.

You can be sure of succeeding in your attacks if you only attack places which are undefended.


March 11, 2012  11:53 PM

Passphrase Security

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

How do you like them apples, well these apples.

http://www.lightbluetouchpaper.org/2012/03/07/some-evidence-on-multi-word-passphrases/

This is the first analysis of passphrase security I have come across.  The short version is that there is insufficient entropy English to provide a system to resist offline attacks >30 bits.  My thought on what I recommend is something with a bit of gibberish in the middle or at multiple points, but that starts to slide back to the realm of having users remember impossible passwords again.


March 11, 2012  11:36 PM

Why I really hate QR and tinyurl’s

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

So some source material.

http://isc.sans.org/diary/An+Analysis+of+Jester+s+QR+Code+Attack+Guest+Diary+/12760

https://th3j35t3r.wordpress.com/2012/03/09/curiosity-pwned-the-cat/

I tremble at these on twitter feeds and smart phones.  But hey it’s the Internet whats the worst that could happen.

Where does it go? does it really matter is it really worth clicking? I mean really really?

The whole situation just makes me smile, the irony of the boondock saint kinda makes it sink in.  I have not been following his feed for a while, but if that was just added for this, that would be pretty amusing.

The attack it self, with out going in to the technical details is more then elegant for what it accomplished.  The amount of effort alone to setup and modify the exploits alone deserves recognition.

While some of the others may not want to report this to the FBI to have their phones examined, I am sure Mr.Gordon will.  Long term I don’t see a happy ending for this, but you never know.


February 27, 2012  11:23 PM

Crytome.org serving up bad

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

Full details here, can’t say that I am a regular to this one.

http://cryptome.org/2012/01/cryptome-virus.htm


February 27, 2012  10:50 PM

Internet usage stats (with Facebook)

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

I just kind of stumbled on this.

http://www.internetworldstats.com/america.htm

It appears that facebook has half of the US and Canada as users, the other thing I found interesting was the Internet penetration of Liechtenstein %81.
This site will be handy.


February 26, 2012  9:56 PM

Another CTF game

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

I have not had a chance to log in, but it looks good.

https://stripe.com/blog/capture-the-flag

I love these games.


February 26, 2012  9:47 PM

How do you prepare to travel

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

I thought I did this pretty well but I never have been to China.

http://www.nytimes.com/2012/02/11/technology/electronic-security-a-worry-in-an-age-of-digital-espionage.html

No mater where you go loaner material is by far the best way to go.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: