Category: InfoSec

  • The Not-So-Scientific Process

    [This was originally published on attrition.org.] During a recent trip to New York to attend HOPE 2000, I was introduced to a new project underway to help “dispel the myths about hackers”. Founded by a four person team at the Laurentian University School of Commerce, they have devised a survey to help “further Hackerdom’s growth by enabling […]

  • Hacker attacks welcomed…

    [This was originally published on attrition.org, and reprinted on Linux Security.] Hacker attacks welcomed.. I’m sure they are. The new article reads: Openhack data will help e-businesses develop the appropriate balance of Net security, opennesshttp://www.zdnet.com/eweek/stories/general/0,11011,2593631,00.html Does this bring flashbacks of any previous contest? Does for me. I seem to recall the same group running a […]

  • Another brick in the wall: Fighting a losing battle on the front lines of security

    [This was originally published on IBM Developer Works.] You sacrifice convenience for security and security for convenience. For which goal was your computer network built? Security? Oops! In the realm of human endeavor, there is usually a simple logic applied to the process of building things. This logic is seen in the way houses, computers, a even […]

  • Hacking: A Game for the 90’s?

    [This was originally published in Ex-Game Vol 1, a print magazine in Japan. Exact publish date not known, just the year.] Friday night, you’ve been at it for three hours. Typing away at your computer, hitting one web site after another. Every ten minutes that passes, some large corporate network’s web page has been replaced […]

  • Social aspects of the Love Bug virus

    [This was originally published on SunWorld and IDG, and mirrored on attrition.org.] Social aspects of the Love Bug virusEmail clients and operating systems must better protect the end user SummaryThe latest and not-so-greatest computer virus — the Love Bug — was no isolated event, and because of the widespread damage it caused and the media […]

  • Securing your network; Your startup’s survival depends on it

    [This was originally published on IBM Developer Works and is mirrored on attrition.org.] Collecting customer demographics is good, and collecting payments online is good. But it isn’t good if this information is stolen from your company’s computers. Brian Martin examines how — and how often — this really happens, and what you can do to […]

  • CERT Rides the Short Bus

    [This was originally published on attrition.org.] One of the resources Attrition.org provides is mirroring defaced web pages. One of the related services is running three mail lists revolving around defaced web pages. We offer three different mail lists to accommodate people wishing to stay abreast of the latest defacements: defaced – this list receives one […]

  • “It Is Good Beating Proud Folks..”

    [This was originally published on attrition.org.] “It is good beating proud folks, for they will not complain“ William Knowles pointed me to www.realspy.com today, as they had apparently changed their web page after a recent defacement. Below is the message currently up on their server: Due to hackers rewriting my pages from others websites, we will be […]

  • Full Disclosure – Effective or Excuse?

    [This was originally published on attrition.org.] A comprehensive look at the practice of Full Disclosure, problems associated with it for vendors and security companies, and examples of full disclosure put to the test. (3300 words) The world of computer security has developed a wicked game of politically correct ‘cat and mouse’. This game is played […]

  • Ex-Game: (Untitled)

    [This was the second article I did for Ex-Game magazine (print mag in Japan). It was titled as my name and labeled “Original Document”. It was subsequently mirrored on attrition.org.] In the past few years, Japan has seen very few incidents of web sites being defaced. From 1995 to January of 2000, there were only […]