Friday, April 22, 2005

Ameritrade warns clients about potential data breach

Here we go again. A friend of mine compiled an interesting list of numbers yesterday. I will quote him directly on this:

... I've spent some time doing research on ID Theft thats happened since December '04 and came up with the following...

DSW: 1.5 million
LexisNexis: 320,000
ChoicePoint: 145,000
Bank of America: 1.2 Million
San Jose Medical Group: 185,000
California State University: 59,000
Boston College: 120,000
George Mason University: 30,000
Delta Blood Bank: 100,000
UC Berkeley: 98,000
SAIC: UNKNOWN NUMBER
UC San Diego: 3,500

TOTAL: 3,760,500

thanks Glen!

So then we throw in Ameritrade and a professor at UCB and we are approaching 4 million and 1 ID thefts in the first quarter of the year. Guess we can only get better from here. Right?

A Brief Tutorial on Reverse Engineering OS X - OSNews.com

Very interesting article. My penny jar is approaching the overflow which means I will be purchasing my first powebook at the beginning of next month. I have been waiting on my powerbook purchase until Tiger's release. Now it seems I will have to practice some techniques listed here to get back some features Apple has deemed I am unworthy of.

Airlines to deliver video to laptops, says Microsoft blogger | News.blog | CNET News.com

Wow, so where will they keep the IT guy who will need to run around to everyone's seat and configure their wireless card. The stewards will be asking whether you would like coffee, tea, or IT support?

where oh where did my little laptop go

This cartoon puts it the best. After reading the story on Boing Boing yesterday I sat staring at my screen wondering exactly how this gentleman was allowed to teach the youth of tomorrow.

I have a huge respect for college professors. I look to them to be wise and all knowing (hey it's my dream and I can believe what I want.) However, what logic was the professor applying when he thought - hmm let's put all this research I do, and some IPO information, and well anything that is super secret all on this laptop and leave it sitting on my desk after class.

Yes, I know I am a bit biased because I work at security company. I know that I commonly apply to all my laptops, things like, BIOS password, system password, PGP disk. I also don't leave my laptop laying in public places - I fundamentally don't trust people.

Maybe I should call him and see if he wants a security assessment? Or he could just go on the web and find something easy to follow like this: Laptop Security Guidelines. I really like the one about a cable lock the best ;-)

It will be interesting to see how this story plays out.

Thursday, April 21, 2005

Where did my Google ranking go

So I had been telling everyone to find me all they had to do was Google me. I said this because for the last several months my blog was the top reference to who Ward Spangenberg was. Not anymore - what happened? what did I do? where do I go from here?

Another note I have discovered my Technorati ranking is 1,113,718. I am thinking this is probably bad. It also appears that no one cares what I say, because I have no links. A friend of mine Phil Windley, actually the whole reason I found out about Technorati, must be super high on the list as when you search his name you get about a million hits. Does this make me invisible? Do I matter? Am I matter?

I have a couple of new posts in the next day or so. Recaps of two different security meetings I attended. One is on Web Application Security and the other is on Incident Response and Digital Forensics. Maybe someone will care.

I have added a new little ticker on the right - courtesy of Symantec. It is kind of interesting look at what is going on in the security world.

Tuesday, April 19, 2005

Things I have been thinking about...

Internet Traffic Analysis: This has long been a major topic at NANOG. I have heard several interesting discussions concerning tracking where spikes in the infrastructure are coming from, and their destinations. Here and Here. I am more curious about a seismic like data concerning massed DDoS attacks. Symantec has a product called deepsight similar to what I am thinking about, not sure whether there are other vendors with similar products.

I am interested in seeing a database that has remote probes scattered across the internet colo'd at prime target destination subnets collecting and analyzing inbound traffic. The model looks like a worldwide IDS, learning about new traffic and attacks as they are being assembled. The idea needs some more work. Just rolling it around in my head at the moment.