I watched CSI:Cyber so you don’t have to.

By Space Rogue No comments

CSI has a proven formula for making popular TV shows. Unfortunately that history does not include accurate TV shows. When it comes to tech and things ‘cyber’ this is probably the preeminent example of CSI being bad and wrong at the same time. I thought there was no way they could top this, I was […]

In the Beginning There was Full Disclosure

By Space Rogue 2 comments

Two of the largest companies in the world are bickering with each other about how best to protect users. I won’t get into just how historically hypocritical this is for both Microsoft and Google or how childish it makes them both look but it brings up a debate that has been raging in security circles […]

Four Unnamed Sources

By Space Rogue 1 comment

Or: If a pipeline explodes in the desert and there is no one there to hear it was it really a cyberwar attack? No one questions the importance of keeping abreast of current trends and developments with regards to information security. Whether it is new malware techniques, attack vectors or just the motivation of some […]

All of this has happened before and all of this will happen again

By Space Rogue 1 comment

Two teenagers in Winnipeg Canada somehow got the idea to see if the default password on a Bank of Montreal ATM machine was still valid. The got the default password after finding the operators manual for the ATM online. As is often the case the default had not ben changed and was still valid. Instead […]

Everybody must get stoned

By Space Rogue No comments

Apparently FBI Director James Comey thinks that everyone in the Information Security Industry is a dope-smoking pothead who gets high just before an interview. “I have to hire a great work force to compete with those cyber criminals, and some of those kids want to smoke weed on the way to the interview,” James Comey […]

Is it time for an industry wide MAPP program?

By Space Rogue No comments

As you might suspect, the bad guys have much better exploit notification than the good guys. While there is no central repository of vulnerability information that is only released to the good guys, Microsoft does an excellent job with early notification of its vulnerability information via its MAPP (Microsoft Active Protections Program). Should there be […]

Another BIG hack that wasn’t

By Space Rogue No comments

No time to do a full analysis but the basics are a story out of Israel of a tunnel that was hit by a sophisticated cyber attack that caused a… traffic jam. The story went out on the Associated Press newswire on a Sunday afternoon so by Monday morning it was pretty much everywhere you […]

A Psycho Analysis of Jericho

By Space Rogue No comments

The epic box-o-shit. I don’t know where the tradition started but it has been perfected by Jericho of Attrition.org. Beginning at least five years ago Jericho has boxed up the chotskies, leftover guinea pig fur, random bits of useless tech and whatever else he happened to have laying around and shipped them off to whoever […]

Beyond Hype

By Space Rogue No comments

Sometime an article comes along that is just beyond the traditional sort of hype I usually rant about. In other words its just plain wrong. “How They Popped The Penguin: The Bash Attack And What It Means For Linux Data Security” by Michael Venables, which somehow got posted to Forbes, of all places, is one […]

Anatomy of Hype, Take 2

By Space Rogue No comments

I almost wasn’t going to write about the supposed cyber attack at the New York Times last week as reported by Fox Business because I just haven’t had the time but after the NASDAQ went down today and everyone and their brother started to speculate as to the nature of the ‘technical glitch’ I figured […]