Archive for September, 2006
Pirates Vs. Ninjas

PIRATES 

A pirates mission statement is to rape and pillage.  They steal as a way of life.  Morals and values be damn.  A pirate would steal from his own mother if she left her guard down.  He would take advantage of his sister if she had the booty.  New pirates really don’t appreciate anything.  Some pirates steal because they really do appreciate a quality product.  Some of these pirates are activists for individual freedom.  They live by the code and freedom of the sea/nature.  To them ownership and property is an illusion created by man.  These are the most devious types of pirates who usually end up being captains of ships full of pirates.  If these pirates ever get caught it will usually be too late because they will have already exploited, liquidated and stolen so much that most assets they have pilfered will never be recovered.  Furthermore, they are probably completely beyond being rehabilitation by external means such as torture, imprisonment or indoctrination into high society.

 

NINJAS

A ninja, on the other hand, lives and dies by a code because of this they can be very dangerous.  They have a certain belief that they are willing to kill for.  Assassination is what the ninja is trained to do.  They sneak in silently, make the kill and get out quickly without a trace.  A great ninja will only be detected by the absence of evidence.  You will only know that they were there if they want you to know.  To the untrained eye, the ninja’s target died of natural causes.  The ninja’s skill is a thing of deadly grace and beauty like a black widow spider.  The especially good ninjas have an almost spiritual code and mental discipline that gives them seemingly supernatural powers.  To the lay person, ninjas don’t exist, they are just ancient legends.  If someone brags about being a ninja they are more than likely NOT a ninja.  A ninja is so close to the edge that they are love, hated and feared by those who know they exist.  Contrary to popular belief, not all ninja’s are evil.  Some ninja’s are mercenaries, some ninjas only kill bad guys, some ninja don’t kill at all… but they could if they wanted to.      

Microsoft Sues Hacker

“The world’s largest software maker is suing the developer of a program that allows users to circumvent digital rights protection from Microsoft’s Windows Media Audio (WMA) song format.”

If your going to be a pirate, you better develop your ninja skills. A ninja is in and out fast. You never see them coming because they have the element of surprise. Most importantly, you can absolutely never find their tracks because they so good at covering them.

read more | digg story

Howto: use your PC and Webcam as a motion-detecting/recording system

This tutorial will take you step-by-step through setting up your PC and Webcam to act as a motion-detecting and recording security camera system. And the software required to do this is open source (free).

read more | digg story

Your next MySpace friend could be a virus

“Social networking sites offer hackers a rich trove of potential victims and many opportunities to exploit them.”

Just when you thought you had over 100 myspace friends and everything was great, you might want to double check who you “add as a friend” some of them maybe viruses.

read more | digg story

The worst ever 419 scam emails – a practical criticism

“Scammers are many things but it would seem lazy prose writing is their latest crime against humanity. Must try harder… that’s this man of letters’ damning verdict on 419ers’ literary efforts, as he counts down the top five crap scams to limp into his inbox of late… For shame!”

Most of the 419 scammers are third world idiots. Just check out sites like ebola monkey man. These scammers are very easy to scam. They deserve it.

read more | digg story

The Broken Episode 4 Is Done!

David Prager Proclaims On TWiT, “Its Done, Its Done, Its Done!”. Looks Like The Two+ Year Wait Will Finally Be Over.

WTF. its about TIME!

read more | digg story

Security Certifications: DoD 8570

For Government workers doing any kind of computer security/information assurance, the new regulation, DOD 8570 is a very important document.

DOD 8570, Information Assurance Training, Certification and Workforce Management, requires that all government workers (active duty, govt civilian and contractors) doing security work have a security certification. The DoD is really trying to crack down on security.

Among the top security certification that you can get are the CISSP and the CISA

Getting the top certs and then further specializing could give you the edge. For example, CISSP with an CISA (auditor) would cover a lot of ground as would a CISA and an IDS/C&A/Architecture specialists. It would really kick ass to cover ALL ground. This would not be difficult. Not sure if each specialization would require further certifications.

Cost, Renown, Difficulty Comparisons:http://dmiessler.com/writing/infoseccerts/

Includes: GSEC, CISSP, CISA*note: GSEC is $800 and difficult

Security Certs and their levels according to 8570:http://taosecurity.blogspot.com/2006/01/dod-directive-8570.html

Tech level I-III & Management Level I-III*note: GSEC is Tech level II

Future Areas of IA Certification:

 

Certification and Accreditation

IDS and Analysts

Auditors

CND/SP members

IA architectures, engineers

NIST Slide on 8570 

(slide 10)On a recent FISC slide I saw Red team (pentesting/hacking) among these future specializations.

 

 

Top 9 Apps To Help You Avoid The CIA

**Technology On Crack once again provides a Top 10 countdown focusing this time on keeping your information from prying eyes. What makes these freely available applications interesting is that 9/10 of them may be strong enough to help you avoid serious government organizations.**

Warning: The possession of such tools can destroy you if you ever find yourself in court. You are looking for Plausible deniability by destroying or hiding as much questionable data or actions as possible, but the very possesion of such tools can give you a WORSE sentencing than what you were originally charged for. (see Simple Nomad – www.nmrc.org/pub/pdtk/)

read more | digg story

War driving picks up speed

**Typical “mainstream news looks into the world of wardriving by sending a reporter to do a ride along” article.**

I know some good wardrivers. I’ll have to do some serious work in this area soon.

read more | digg story

Security Certification: DOD 8570

Security Certs required for DoD security jobs: DoD 8570.1 will apply to anyone with privileged access (e.g., system administration) to DoD systems, to include uniformed military personnel, civilians, and contractors.

read more | digg story