In case you were thinking that Man In the Middle (MITM) attacks are a modern phenomenon unique to the internet, think again. Bruce Schneier has this article about Aspidistra. Aspidistra was a World War II man-in-the-middle attack. The vulnerability that made it possible was that German broadcast stations were mostly broadcasting the same content from [...]
Archive for November, 2008
Old school MITM attack
Posted: November 30, 2008 in professional, securityTags: Aspidistra, Man In the Middle Attack, MITM, World War II
0
7 Lessons SMBs can learn from big IT redux
Posted: November 30, 2008 in professional, securityTags: backup, firewall, IT, NAC, pc, SMB, standard, test plan, UNP, UTM, VoIP, VPN, windows
David Strom has an interesting article in Network World about 7 Lessons That SMBs Can Learn from Big IT. It’s basically sound and definitely worth checking out. But there are some important gotchas and caveats that didn’t make the cut. So I thought I’d just stuff in a few extra ideas and warnings into the [...]
Prophecy for 2009
Posted: November 29, 2008 in general, professional, securityTags: 2009 Predictions, e-discovery, electronic discovery, litigation, market collapse, prophecy
Last week Dr. Anton Chuvakin posted this succinct blog entry inquiring “Which Blogger Will Post 2009 Predictions First?” Since almost immediately Michael Janke posted “Janke’s Official 2009 Technology Predictions”, I guess I’m a little late (curses foiled by Janke again!). But not to be outdone and dying to try on my old testament prophet hat [...]
Symantec finds the underground cyber economy
Posted: November 24, 2008 in general, professional, securityTags: Casablanca, cyber criminals, stolen credit card numbers, Symantec, underground cyber economy, underground forums
The Security for all “I’m Shocked, Shocked!” award goes to Symantec, who according to this article in MacWorld has uncovered an underground cyber economy. In case you are very young or not into classic movies, the award name comes from this classic dialog in Casablanca. Rick: How can you close me up? On what grounds? [...]
Get Safe Online
Posted: November 23, 2008 in general, securityTags: Get Safe Online, Online security, privacy
Last week was the fourth annual Get Safe Online Week in the UK. Like most Americans, I wasn’t paying attention and didn’t hear about it until after the fact. But, better late than never. That’s because the Get Safe Online folks, whose founding members include CSIA, HSBC, Microsoft and SOCA, have an excellent site with [...]
Is suing your customers for fun and profit unconstitutional?
Posted: November 22, 2008 in general, UncategorizedTags: Charles Nesson, David Draiman, Harvard law, lawsuit, Music theft, Piracy, Recording Industry Association of America, RIAA, unconstitutional
The entertainment industry has always baffled me. That’s probably why I never became a pop star. Well that and lack of talent. Actually, I understand the entertainment part of the industry, it’s the copyright policing groups like the Recording Industry Association of America (RIAA) that confuse me. This group is infamous for their Gestapo-esque tactics [...]
OLPC G1G1 2008
Posted: November 14, 2008 in general, UncategorizedTags: Amazon, Europe, G1G1, Give One Get One, OLPC, One Laptop Per Child
The One Laptop Per Child (OLPC) organization, creators and purveyors of those cute green and white XO laptops, have announced another Give One, Get One (G1G1) program for 2008. In case you are unfamiliar with last year’s G1G1 program, its a deal where buyers pay for two XO laptops, get one machine for themselves and [...]
Stay safe holiday shopping online
Posted: November 11, 2008 in general, securityTags: Holiday Shopping, Online Shopping, VeriSign
Just in time for the holiday season, VeriSign, the main guys responsible for issuing digital certificates have launched a web shopping security guide, targeted to UK consumers. VeriSign is dedicated to helping you shop smartly, safely and stress-free in the run up to Christmas. Because of the credit crunch, more Britons will be hunting for [...]
Wherefore art thou TCG IF-MAP?
Posted: November 11, 2008 in professional, securityTags: IF-MAP, NAC, Network Access Control, TCG, TNC
This all started, as many things do, with an article by Hoff wherein this idea was posed. I’m really interested in how many vendors outside of the NAC space are including IF-MAP in their roadmaps. While IF-MAP has potential in convential non-virtualized infrastructure, I see a tremendous need for it in our move to Infrastructure [...]
Eligible American voter? Do it. Vote. Now.
