AES = XOR = Secure? WTF!?!

By Space Rogue 1 comment

I don’t have time for all of the stupidity out there but this is just to stupid to let pass by. Easy Nova a German company that makes a variety of computer storage accessories, recently released a hard drive case with hardware data encryption with 128-bit AES and access control via an RFID chip. Which […]

Responsible disclosure for vendors?

By Space Rogue No comments

If a vendor finds a vulnerability in a competitors code are they obligated to tell them? What exactly is ethical and or responsible disclosure when it comes to competing vendors? Among security researchers the general consensus these days is to notify the vendor and then wait a reasonable amount time for a patch to be […]

Most Security is Useless

By Space Rogue No comments

Looks like I missed this the first time around but there is an article about a speech recently given by Peter Tippet, a VP at Verizon and a scientist at ICSA labs, who talks about how useless most security actually is. Most of his points are ones that I have been making for years like […]

Uncle Sam Needs You (Geek!)

By Space Rogue 3 comments

Thats right the US Air Force is looking for a few good geeks. And evidently they are willing to relax a few of the requirements of military service to get them. According to this quote in Wired Major General William Lord of the US air Force’s Cyber Command said “So if they can’t run three […]

Feds Use Spyware

By Space Rogue No comments

Ever hear of CIPAV? It is some pretty bad-ass spyware that tracks every website, every chat, every email that you send from your computer. Maybe you know it by its more common name Computer and Internet Protocol Address Verifier. Sounds pretty official for a piece of nefarious software. Guess what, it is the software used […]

PWN to Own Take 2

By Space Rogue 1 comment

The folks over at CanSecWest will once again be hosting their popular PWN to OWN contest at this years con. I wrote about last year’s contest that was won after a spl0it was found in Quicktime that allowed the attacker to PWN the Mac laptop. This year they are also putting up an Ubuntu and […]

Quickies and L0pht News

By Space Rogue 3 comments

There have been a lot of things happening in the security world lately that I have wanted to write about like Geekonomics, the half million pictures pilfered from MySpace and the accompanying torrent file, how the NSA has wrestled control of the nations cyber-security away from DHS, how the recently proposed Protect America Act won’t, […]

L0pht reunion? Source 2008

By Space Rogue No comments

Well it looks there may be a mini reunion of old L0pht folks. We are still trying to round everyone up but there will more of us together on one stage than there has been for over ten years. (Damn, has it really been that long?) Anyway it will be at the Source 2008 conference […]

MS Security War Room

By Space Rogue 1 comment

This is neat, sorta, Microsoft evidently has their very own Security War Room. Complete with snacks, a global clock and oooo, a motivational picture of Harvey Keitel! I suppose this sort of thing makes sense for governments but just how many security events does it take for your company to devote an entire room to […]

Who trusts you and who do you trust?

By Space Rogue 1 comment

For some reason I am constantly reminded of the old Schwarzenegger movie Running Man where the game show host Damon Killian yells out “Who loves you and who do you love?” to rousing applause. Except when I think of that scene I often replace the word love with the word trust. They mean about the […]