Tag: Rebuttal

  • Rebuttal: The Pyrrhic Benefit of FUD

    [This was originally published on attrition.org. This is a rebuttal piece to The Benefits of FUD (2011-07-07) by Emmett Jorgensen.] I wrote an article about Fear, Uncertainty and Doubt (FUD) back in 1999, after dealing with it in different capacities for years prior. The FUD we deal with as part of life and society is one thing; it is so…

  • Rebuttal: Microsoft, Unhackable and Ridiculous

    [This was originally posted on attrition.org. This is a rebuttal piece to Microsoft: We’re not vulnerable to DDoS attacks (2011-07-06) by Ms. Smith. More to the point, this is intended for John Howie, senior director in the Online Services Security & Compliance (OSSC) group at Microsoft.] Microsoft: We’re not vulnerable to DDoS attacks Microsoft’s John Howie claims…

  • Rebuttal: The Curious Case of Sam Bowne

    [This was originally published on attrition.org. This is a rebuttal piece to Sam Bowne, the person, Twitter personality (@sambowne), City College San Francisco professor and self-proclaimed whitehat hacker.] Background: I was first introduced to Sam when noted charlatan Gregory D. Evans accused Bowne of being one of the “world’s biggest cyber bully’s” (sic). I was briefly involved in an e-mail…

  • Rebuttal: Paul C Dwyer, ICTTF and LulzSec

    [This was originally published on attrition.org. This is a rebuttal piece to “Lulzsec Hits ICTTF?” (June 26, 2011) by Paul C. Dwyer.] Apparently, the now-notorious group “LulzSec” attacked the International Cyber Threat Task Force (ICTTF), despite no mention of the attack on their Twitter feed or their various pastebin.com releases. I certainly hope the attack really did happen, and…

  • Rebuttal: Ponemon on Network Breaches [Richmond/Ponemon]

    [This was originally published on attrition.org. This is a rebuttal piece to “Security Professionals Say Network Breaches Are Rampant” (2011-06-22) by Riva Richmond (@rivarichmond) of the New York Times.] The Ponemon Institute does not command much respect in many InfoSec circles. Like other ‘research analysis’ firms (e.g., Gartner), their reports rarely provide any insight or information that hasn’t been known for…

  • Rebuttal: Northrop Grumman, Cyber-gangs, APT and 0-day [Messmer]

    [This was originally published on attrition.org. This is a rebuttal piece to “Northrop Grumman constantly under attack by cyber-gangs” (June 21, 2011) by Ellen Messmer (@EllenMessmer), Senior Editor at Network World. Warning: Due to Northrop Grumman, Timothy McKnight and Ellen Messmer’s use of inflammatory words like “Advanced Persistent Threat” and the mis-use of “zero day”, the witnesses will be…

  • Rebuttal: The difference between curmudgeon and curmudgeon [@shrdlu]

    [This was originally published on attrition.org. This is a rebuttal piece to “The difference between curmudgeon and curmudgeon.” (May 27, 2011) by shrdlu, which is itself a reply of sorts to my reply to Bill Brenner’s “Take the word curmudgeon and shove it” rant. Blockquoted material is from @shrdlu.] “It’s about maturity, which is a very different beast.” According to the dictionary, mature is defined as…

  • Rebuttal: LulzSec Ups The Ante

    [This was originally published on attrition.org. This is a rebuttal piece to “Lulzsec Ups The Ante” (June 16th, 2011) by Brian Honan.] Reading Honan’s article will set the stage and provide backstory as to the topic at hand. Honan goes on to offer his opinion and commentary on the events surrounding LulzSec and their activities of breaking into…

  • A Curmudgeonly Reply to an Anti-Curmudgeon Rant (in two parts)

    [This was originally published on attrition.org.] Bill Brenner wrote an article titled “Take the word curmudgeon and shove it” in which he makes relatively sweeping statements about the “people in security [that] call themselves curmudgeon”. As one of the long-time security curmudgeons, I took offense to his article, calling it pathetic. Brenner was intrigued by that response and others…

  • Adobe, Qualys, CVE, and Math

    [This was originally published on the OSVDB blog.] Elinor Mills wrote an article titled Firefox, Adobe top buggiest-software list. In it, she quotes Qualys as providing vulnerability statistics for Mozilla, Adobe and others. Qualys states: The number of vulnerabilities in Adobe programs rose from 14 last year to 45 this year, while those in Microsoft…