« July 2008 | Main | September 2008 »

August 2008 Archives

August 5, 2008

Vegas

I will be in Las Vegas for the Blackhat and Defcon conferences this week. I hope to see you all there!

Defcon TCP/IP Drinking Game

I will be hosting the Defcon TCP/IP Drinking Game again this year. Drop by Friday night to see your favorite information security experts make fools of themselves.

August 9, 2008

Dispatches from Blackhat/Defcon: Facebook/MySpace "Worm"

I have been at BlackHat/DefCon since Tuesday, and I have been slightly out of the loop on some recent security events. Coincident with the presentations on social network security and new XSS attacks against MySpace, reports of a worm hitting MySpace and Facebook started trickling in via SMS messages from our team back at the office. My initial concern was that this was a full-blown Samy-style worm hitting both social network sites, and some of my comments were oriented towards this threat.

It turns out that the MySpace/Facebook worm was less a worm and more a standard malware-push technique. Rather than having malware infect a system to send spam to other users that enticed them to install the same malware, the authors had the malware hijack MySpace and Facebook profiles on login by the user, spamming their friends with a malware download pitch. Basically this ends up being a hybrid worm, that requires more than just pure browser support, like XSS and CSRF attacks, to propagate. Good show, spammers.

The interesting part of this incident is that attackers, the media, end users, and vendors are focusing on this as a social networking story and not a desktop malware story, when it is equal parts of both. It is further evidence to me that desktops are being considered by home users to be nothing more than browser containers, with their activities being almost completely focused around a handful of major (social) web properties.

August 10, 2008

Dispatches from Blackhat/Defcon: PayPal Token


PayPal token
Originally uploaded by Adam J. O'Donnell
Paypal placed this item in everyone's BlackHat backpack. This second-factor authentication token, which really should be far more common for consumer websites, has to be the best piece of swag I have ever received in the conference fun bag.

August 11, 2008

What a difference a word makes.

I enjoy talking with reporters, and I do so quite frequently. It is part of my responsibilities at Cloudmark. Thankfully, most of the guys I talk to on a regular basis are extremely responsible, detail oriented, and diligent about the facts; a single omitted word can radically alter the meaning of a phrase.

Chris Hoff, a very well seasoned speaker and media contact, is now experiencing the repercussions of such an error. By dropping the word "security" from the phrase "Virtualizing security will not save you money, it will cost you more.", a reporter changed Hoff's statement from a negative statement about the security to a negative statement about his employer. As you can imagine, this has caused a massive headache for Hoff and his employer.

The only way to fix any misquote in the current media climate is to generate corrective content early and often, as I am doing with this post.

August 12, 2008

Twitter "Following" Limits: Smart.

The web has started commenting on twitter's decision to limit the number of accounts that a given user can follow. Having a hard limit is a smart move for multiple reasons. Not only does it allow you to more finely bound the computational load of the message passing architecture, it negatively impacts only two groups, namely spammers and the obsessive-compulsive.

This is a good first step that I have pointed out in an interview once before. I suspect that Twitter will also be working on a throttling policy as well as an IP and content blacklisting technology as follow-on mechanisms to continue to battle spam.

August 14, 2008

Recent sightings of friends in the media.

About August 2008

This page contains all entries posted to NP-Incomplete in August 2008. They are listed from oldest to newest.

July 2008 is the previous archive.

September 2008 is the next archive.

Many more can be found on the main index page or by looking through the archives.

Powered by
Movable Type 3.33