attacks
BlackHat 2009, Day 2
The Thursday keynote was given by Bob Lentz, a Deputy Assistant Secretary of Defense for the United States. His main point was the paradigm shift from network-centric security to what he called content-centric security, and the fact that this devalues the protections around network perimeters. Static defenses don’t work when all the services [...]
BlackHat 2009, Day 1
The annual Vegas security conference is upon us again, and there have been plenty of interesting presentations. Last year, it felt like WiFi was the “theme” of the year — this year, the most interesting (and well-attended) briefings were on SSL and mobile devices.
The Wednesday keynote was presented by Douglas Merrill, the COO of [...]
Hotel Internet and ISP Paywalls
So, I’m currently in a hotel, to remain nameless here, for BlackHat 2009 and DefCon 17. As is usual for expensive hotels, Internet access is available — both wired and wireless — for a substantial fee ($13.99/day here.) This is enforced via a paywall.
For anyone who has never tried to use Internet in [...]
False Expense Service Reveals the Trouble With Documents
There’s been some news coverage lately about FalseExpense.com, a service that produces fake receipts to order “for novelty use only.”
The obvious purpose of this is to help people scam their companies’ expense reporting system by “padding” receipts. People who are reimbursed for hotel, meals, etc. can create receipts for slightly more than they actually pay [...]
Conficker Mostly a Dud
After tons of breathless media coverage about how April 1st might be the latest “cyber-catastrophe,” the date has come and gone and… nothing happened.
There was, admittedly, some cause for concern. With 250,000 known machines infected with Conficker.C (and estimates of the full number of infected machines as high as 15 million before antivirus software started [...]
