Saturday, July 11, 2009

Bejtlich Asks - "You down with APT?"

I can appreciate the lame 90's Hip Hop reference, and I agree with Bejtlich that there is a lack of awareness, understanding, and appreciation for the Advanced Persistent Threat (APT) in the security field in general specifically outside the Defense Industrial Base (DIB). However, that is a for a very good reason...the nature of the threat.


Thursday, July 9, 2009

Clown Quote of the Day - Alan Paller


"I don't think this is a high priority, because it doesn't deliver a big enough payoff" for hackers, he said. "You do identify theft so you can steal money, but it's easier to steal money by taking over someone's computer." -Alan Paller

Once again, Paller shows his true misunderstanding of all things security. "It's easier to steal money by taking over someone's computer"?? Mr Paller, I would love to hear your explanation of how this is so.

Sure, you can steal their credit card # and use it to buy some stuff...but how long will that last? It's only a matter of time before that credit card gets disabled, right? And has Paller ever actually used an online bank? I don't know about you, but every online bank I use doesn't allow me to transfer money to an another bank online. But if I have your social security #....the possibilities are endless.

Unless of course Paller has another agenda. *GASP* I don't know about you, but this looks like a classic slight of hand trick to me. I'll let you in on a little secret, Paller can't make money if people aren't paranoid about security. So he downplays a REAL (non computer) security related issue and inserts FUD about a how "easy" it is to "steal money by taking over someone's computer".

Get a clue Paller. Why don't you practice working this quote into your repertoire: "No comment." Then use it next time a reporter calls you to pontificate on all things security.

Wednesday, July 8, 2009

It's go time

Are you sick of the FUD? Then you've come to the right place.