Kelly Martin, 2005-09-14
If there's one thing I've learned in the past few years as editor of SecurityFocus, it's that there is absolutely no saving grace in the security world. Everyone is a target, everyone is vulnerable and exposed, and no one is safe from, well... anything.
Colapse all |
Post comment
Thanks mom! ...but...
2005-09-15
Oofus Funnybutt III (4 replies)
Oofus Funnybutt III (4 replies)
This article bores me. It's a bunch of whining. I don't like whining. Everyone is *not* vulnerable and exposed. Everyone is *not* a target...only the whiners.
The "I remember using telnet to play nethack" nostalgia is immaterial to the article and sounds very egotistical.
Yes, it could be ...
[ more ] [ reply ]
The "I remember using telnet to play nethack" nostalgia is immaterial to the article and sounds very egotistical.
Yes, it could be ...
[ more ] [ reply ]
Re: Thanks mom! ...but...
2005-09-15
Anonymous (1 replies)
Anonymous (1 replies)
"why ... do you even need online funds transfer capabilities for an account with your life savings?!?"
Ummm, because maybe you need to transfer some money to checking to pay your power bill? Or would you prefer having some utility company directly pulling the money from your savings account? A ...
[ more ] [ reply ]
Ummm, because maybe you need to transfer some money to checking to pay your power bill? Or would you prefer having some utility company directly pulling the money from your savings account? A ...
[ more ] [ reply ]
Re: Re: Thanks mom! ...but...
2005-09-16
Oofus Funnybutt III (1 replies)
Oofus Funnybutt III (1 replies)
Ummmm, she needs online bill pay, not funds transfer. Why would you have your life savings in a checking account anyway? She's practically stealing her own money.
No matter, everyone knows that little old ladies write checks and put stamps on envelopes to leave for the postman....
[ more ] [ reply ]
No matter, everyone knows that little old ladies write checks and put stamps on envelopes to leave for the postman....
[ more ] [ reply ]
Re: Re: Re: Thanks mom! ...but...
2005-09-16
Anonymous (1 replies)
Anonymous (1 replies)
Online bill pay against a savings account? I don't think so. The idea, last I checked, for having a savings account is so that you can have "liquid" funds which earn interest (not very much nowadays, but better than nothing). You then transfer money in small increments from savings to a checking ...
[ more ] [ reply ]
[ more ] [ reply ]
Re: Re: Re: Re: Thanks mom! ...but...
2005-09-28
Oofus Funnybutt III
Oofus Funnybutt III
I said nothing about a savings account. You went off on a tangent about checking vs. savings but that wasn't the point. There are plenty of investment options with a far better return and security than checking/savings accounts.
I agree we need safer methods of conducting transactions on-line. ...
[ more ] [ reply ]
I agree we need safer methods of conducting transactions on-line. ...
[ more ] [ reply ]
Re: Thanks mom! ...but...
2005-09-16
Anonymous (1 replies)
Anonymous (1 replies)
You are a moron. You missed the point of the article completely. What about personal responosibility and ethics!
People are not lemmings that you can exploit at will and they don't care. People are just like you and I and have a right to be respected. Yes, people do stupid things and don't ta...
[ more ] [ reply ]
People are not lemmings that you can exploit at will and they don't care. People are just like you and I and have a right to be respected. Yes, people do stupid things and don't ta...
[ more ] [ reply ]
Re: Re: Thanks mom! ...but...
2005-10-01
Oofus Funnybutt III
Oofus Funnybutt III
I'm not a moron, nor do I exploit lemmings. Hell, you can't even finish a level without them. Anyway, people do not have a right to be respected according to me. No one is entitled to my respect, nor do I blindly expect that people should automatically respect me. Respect is something to be earn...
[ more ] [ reply ]
[ more ] [ reply ]
times have changed
2005-09-22
Kelly Martin (1 replies)
Kelly Martin (1 replies)
The NetHack reference isn't egotistical. If I recall correctedly I was telenetting around looking for free NetHack servers simply because I enjoyed playing NetHack games so much. I've never finished the game. The telnet games are just a small example of how open servers were back then.
Nowadays ...
[ more ] [ reply ]
Nowadays ...
[ more ] [ reply ]
Re: times have changed
2005-09-26
Oofus Funnybutt III
Oofus Funnybutt III
Hmmm...online kung-fu battles could be interesting if you don't butcher the article with (sentimental) nonsense like this one. You should spend time thinking up better articles and topics instead of playing overrated Rogue rip-off text games.
My opinion aside, you enjoyed nethack so much that..i...
[ more ] [ reply ]
My opinion aside, you enjoyed nethack so much that..i...
[ more ] [ reply ]
Crime? What crime?
2005-09-15
Anonymous (1 replies)
Anonymous (1 replies)
"Would these same people break into their neighbor's home and rob an old lady at gunpoint? Or smash her head in with a sledgehammer?"
Maybe. Just a couple of weeks ago, we were assaulted with very ugly scenes of how a massive hurricane can, at least locally, completely destroy civilization in a ...
[ more ] [ reply ]
Maybe. Just a couple of weeks ago, we were assaulted with very ugly scenes of how a massive hurricane can, at least locally, completely destroy civilization in a ...
[ more ] [ reply ]
Crime? What crime?
2005-09-15
Anonymous
Anonymous
"Inside a company of 1,000 employees, it's not uncommon to find just one or two security staff."
I am in a compamy of approx 1,000 people and I am one of 3 IT staff. Yes, our IT dept is a total of three people. Database administration, network administration, application develoment, end user supp...
[ more ] [ reply ]
I am in a compamy of approx 1,000 people and I am one of 3 IT staff. Yes, our IT dept is a total of three people. Database administration, network administration, application develoment, end user supp...
[ more ] [ reply ]
Check the chard on The "Badness Gap"
2005-09-15
Anonymous (1 replies)
Anonymous (1 replies)
The inflection point is 1993.
Q: Guess what happened in 1993?
A: Windows 3.1/3.11...
[ more ] [ reply ]
Q: Guess what happened in 1993?
A: Windows 3.1/3.11...
[ more ] [ reply ]
Re: Check the chard on The "Badness Gap"
2005-09-21
Anonymous (1 replies)
Anonymous (1 replies)
yes, when people started using Windows, that is the point when people were actually able to use their comptuers and get some actual work done.
Or do you think we were really all better off using standalone MS-DOS apps?...
[ more ] [ reply ]
Or do you think we were really all better off using standalone MS-DOS apps?...
[ more ] [ reply ]
Re: Re: Check the chard on The "Badness Gap"
2005-09-26
Anonymous
Anonymous
"that is the point when people were actually able to use their comptuers and get some actual work done"
... unlike the prior 15 years, which saw thousands of university students telnetting into random unix machines to play nethack, right? I suppose sending email and reading usenet don't count as...
[ more ] [ reply ]
... unlike the prior 15 years, which saw thousands of university students telnetting into random unix machines to play nethack, right? I suppose sending email and reading usenet don't count as...
[ more ] [ reply ]
Crime of the mind...
2005-09-16
Alexey Vesnin
Alexey Vesnin
Welcome to the desert of reality... It's just a question of time, but everyone faces with the sad fact you've mentioned - this world isn't nice, and it's creation - Internet - can't be nice too just by the parenting logic law... Sad, but true. And about smoke brakes - yes, we take 'em. And it's a go...
[ more ] [ reply ]
[ more ] [ reply ]
RE: The Six Dumbest Ideas in Computer Security
2005-09-17
Anonymous (1 replies)
Anonymous (1 replies)
exerpt:
"Running a "penetration test" for Apache bugs is completely pointless against a server that is running a custom piece of C code that is running in a locked-down portion of an embedded system"
I'm no expert but isn't advocating securuity thru obscurity and suggesting that we program cust...
[ more ] [ reply ]
"Running a "penetration test" for Apache bugs is completely pointless against a server that is running a custom piece of C code that is running in a locked-down portion of an embedded system"
I'm no expert but isn't advocating securuity thru obscurity and suggesting that we program cust...
[ more ] [ reply ]
Re: RE: The Six Dumbest Ideas in Computer Security
2005-09-21
Marcus Ranum
Marcus Ranum
Security Through Obscurity is when your system's ONLY security is because the holes in it are secret. I.e.: you leave the door unlocked and hope nobody notices. Building your system to resist attack AND denying your attacker useful information is just good strategy. I.e.: you lock the door but don't...
[ more ] [ reply ]
[ more ] [ reply ]
Security? What Security?
2005-09-19
Anonymous
Anonymous
I wonder what publicly traded companies are doing? Are they paying attention to their security office (if they even have one), or are they simply paying lip service? I bet most CEO's have no idea what their security is lacking, due to inept/incompetent CIO's covering up the real issues....
[ more ] [ reply ]
[ more ] [ reply ]
Hackers vs Criminals
2005-09-19
Anonymous (2 replies)
Anonymous (2 replies)
This is a great article, but I have one problem with it... It pains me to see the word Hacker constantly associated with digital mayhem (identity theft, spam, virus creation, etc.) By definition a Hacker is essentially a computer/technology enthusiast...not a criminal. I sincerely wish people woul...
[ more ] [ reply ]
[ more ] [ reply ]
Re: Hackers vs Criminals
2005-09-21
Anonymous
Anonymous
Strangly enough is that the *normal mundane plebs* (speak non techies) managed to form the language and in their simplistic mind only "Hacker == EVIL" exist, they dist. between Cracker (whom we have to grant some skill) or low script-kiddy which just downloads some script and runs it (resulting in t...
[ more ] [ reply ]
[ more ] [ reply ]
Never has been morals...
2005-09-19
Anon Security Researcher (1 replies)
Anon Security Researcher (1 replies)
Honestly, the vast majority of guys out there have no morals whatsoever. They talk about "victims", instead of "targets", and they don't care if some old lady is hacked or if it is a terrorist group -- it is all the same to them.
So, the old ladies get hacked... the weakest get hacked. People who...
[ more ] [ reply ]
So, the old ladies get hacked... the weakest get hacked. People who...
[ more ] [ reply ]
Re: Never has been morals...
2005-09-22
Bononymous
Bononymous
Is there someplace a universally-approved list of ideologies, perversions, ways of life that are moral to harm? Please, do post a pointer.
Last time I checked, there were no universal morality, unfortunately. Even no universal criminal codex, either. Better don't mention Neo-Nazis - UN qualifies ...
[ more ] [ reply ]
Last time I checked, there were no universal morality, unfortunately. Even no universal criminal codex, either. Better don't mention Neo-Nazis - UN qualifies ...
[ more ] [ reply ]
Crime? What crime?
2005-09-20
Network Security Proffesional (3 replies)
Network Security Proffesional (3 replies)
The term "Hacker" should not be so losely used in place of the more accurate term of computer criminal.
In the radio world, we have proffesional broadcasters, ham radio operators, and illeagal broadcasting stations, does that make them all radio pirates? The FCC says no.
There are amature loc...
[ more ] [ reply ]
In the radio world, we have proffesional broadcasters, ham radio operators, and illeagal broadcasting stations, does that make them all radio pirates? The FCC says no.
There are amature loc...
[ more ] [ reply ]
Re: Crime? What crime?
2005-09-20
Anonymous
Anonymous
"The term "Hacker" should not be so losely used in place of the more accurate term of computer criminal. "
Talk about accuracy. If you murder someone, your a criminal, if you rob a bank, your a criminal, if you wander into your neighbor's house, uninvited, your a criminal. It doesn't matter how...
[ more ] [ reply ]
Talk about accuracy. If you murder someone, your a criminal, if you rob a bank, your a criminal, if you wander into your neighbor's house, uninvited, your a criminal. It doesn't matter how...
[ more ] [ reply ]
Re: Crime? What crime?
2005-09-20
Anonymous
Anonymous
Oh get over it. The term Hacker is now and always will be used loosely. There is nothing anyone can do about it. Just like SPAM is used to describe any unsolicited email regardless of how legitimate it might be. Think about it, how many times have you asked someone to send you an email compared to...
[ more ] [ reply ]
[ more ] [ reply ]
Re: Crime? What crime?
2005-09-24
Anonymous
Anonymous
You know the term "Hacker" is too losely used nowadays. The term people should be using is "Cracker" or computer criminal. I can't believe that I'm on a website where security professionals post and they don't even use the right terms. We're professoinals, learn to use the right language. ...
[ more ] [ reply ]
[ more ] [ reply ]
They hurt us twice
2005-09-21
Marcus Ranum (1 replies)
Marcus Ranum (1 replies)
Here's a mind-bender that everyone seems to miss. The bad guys actually cost us TWICE. Not only do they do a tremendous amount of damage to innocent victims, they victimize everyone by forcing us to spend time, money, and effort trying to defend ourselves. So, not only does your system get whacked w...
[ more ] [ reply ]
[ more ] [ reply ]
Re: They hurt us twice
2005-09-21
Richard Rees
Richard Rees
Nope, it's not the bad guys hurting us twice, it's the inventors who never learn. They're the danger. Look at the Monad exposure - Microsoft knew in 1995 that there was a huge potential exposure in adding scripting capabilities to applications (concept macro virus). However, they didn't THINK and...
[ more ] [ reply ]
[ more ] [ reply ]
Crime? What crime?
2005-09-21
Pork
Pork
Basically, I agree with your opinion...
I would like to quote Kevin Mitnick: "...Maybe we're brought up not to lie to people, but we're not taught computer ethics." (Art of intrusion, p.135)
I think this is very true. People have to realize that rules of the real world apply to the digital world ...
[ more ] [ reply ]
I would like to quote Kevin Mitnick: "...Maybe we're brought up not to lie to people, but we're not taught computer ethics." (Art of intrusion, p.135)
I think this is very true. People have to realize that rules of the real world apply to the digital world ...
[ more ] [ reply ]
Crime? What crime?
2005-09-22
Anonymous
Anonymous
I take issue with the author's assumption of who these people are.
I do not think we are talking about people like you or me hacking "for the fun of it" and stealing money. We are much more likely talking about someone in another country, to whom grandma's purse contains "more" than it does to t...
[ more ] [ reply ]
I do not think we are talking about people like you or me hacking "for the fun of it" and stealing money. We are much more likely talking about someone in another country, to whom grandma's purse contains "more" than it does to t...
[ more ] [ reply ]
[ more ] [ reply ]