Grecs’ Weekly Infosec Ramblings for 2010-02-11

• BLOGGED: Grecs’ Weekly Infosec Ramblings for 2010-02-04 http://bit.ly/apkYCo #
• IN CASE U MISSED IT: Grecs’ Weekly Infosec Ramblings for 2010-02-04 http://bit.ly/apkYCo #
• RT @danphilpott Due 2 impending snowpocalypse decided 2 stay onsite. Good news, rates went fr $179 earlier this week 2 $149 ($134 w/AAA). #
• RT @falconsview hey @securitytwits – I still have a ShmooCon ticket available!! #
• RT @taosecurity TaoSecurity blog makes list 4 “best non-tech sec blog” http://bit.ly/dnLvOV a/f winning last yr http://bit.ly/abfxXc #
• RT @cktricky Snow is the NEW Advanced Persistent Threat #shmoocon #
• Schools 2 consider; get NSA’s stamp of approval. RT @InfosecCareer 106 Universities Stand Out for IA Programs
  http://bit.ly/8n54xd #
• Lol. RT @dallendoug @cktricky Reaction to the snow: Advance Precipitation Threat? I should stop now. #
• CALENDAR UPD: InfraGard NCMA Meetup http://bit.ly/aoW8uI http://j.mp/nispcal #
• CALENDAR UPD: OWASP VA Meetup http://bit.ly/dfHBgC http://j.mp/nispcal #
• RT @hacdc New post: Hacker’s Lounge CANCELED http://tinyurl.com/yjj9jt9 #ShmooCon #
• BLOGGED: Top 3 NoVA Infosec Blog Posts of the Week http://bit.ly/ap14Ds #
• More Twitter in news re password reset. RT @DarkReading Twitter gives details on phish: http://j.mp/b81YDi #
• Guess where I’ll b this weekend. Fr #blackhatdc. RT @DarkReading Hotels hit by the most hacks in ’09: http://j.mp/9i1dUj #
• Nother nice #PR article. RT @DarkReading Security vendors: “Brand” your employees.http://j.mp/ba5sxY #
• Most companies seem to want to hire them vs developing on own. So it’s up to U to market yourself I guess. #
• Waiting for taxi to metro. Next stop Shmoo! #
• On metro. This is the longest metro ride I’ve ever had. Or at least it seems that way. #
• Hey, some stuff slips through unfort. RT @regsecurity Mozilla overlooked malware-laced Firefox add-ons http://bit.ly/8XfMFf #
• Watching Windows File Pseudonyms… #
• RT @jaysonstreet #ShmooCon news update @syngress tweetup will now be at 8pm in lobby lounge get warmed up before the fire talks RT plz #
• Woot! RT @dave_rel1k Don’t miss the firetalks at #shmoocon ..speaking at 830…releasing SET v0.4…big release don’t want to miss! #
• One presenter won’t b able to give #firetalks. Alternates b ready. Looking for others too. #shmoocon #
• Getting ready for @dallendoug talk. He’s seems chatting today, no. #
• Sweet, a central place with all the open source broken web apps. #shmoocon #
• And even diff versions of various apps. #shmoocon #
• Holy crab. It took @dallendoug 10mins to get thro a 30min preso. & he even took a few breaths. Now he’s just taking questions. #
• Site for talk. RT @danphilpott For the new OWASP project @dallendoug is presenting visit http://owaspbwa.org #shmoocon #
• Ok, been waiting to see the VM talks. Starting in 8mins or so… #shmoocon #
• Helpers for #firetalks, we’ll be meeting up at 7:30 to get things set up. #shmoocon #
• #firetalks helpers.. will meetup in Wilson rooms. #shmoocon #
• RT @Shpantzer If you see @rybolov he’s distributing firefly (vodka tea) at #shmoocon . But you must get a barcode tattoo first. #
• Gueststealer .. Perl script to steal guest VMs. #
• Time for live demo of Gueststealer. The demo gods are not being nice today. On to filler info .. future enhancements. #shmoocon #
• Woot! Someone scraficed something to the demo gods. It worked! All the VMs were stolen. Woot! #shmoocon #
• Onto right thing 2 do. How 2 protect yourself against this vuln. Patch, lock down configs, & all the usual defense in depth stuff. #shmoocon #
• Setting up for #firetalks now in Wilson rooms. #shmoocon #
• #firetalks are in Wilson I/II/III past the elevators. Please RT and tell your neighbors!!! #
• #firetalks in 10 mins!!! Wilson A/B/C past the elevators. #
• #firetalks have started. #shmoocon #
• #firetalks are streaming too. Seen IronGeek.com for link. #shmoocon #
• RT @Shpantzer Secmaniac.com launched; Social Engineering Toolkit: SET v0.4 codename “pink pirate” talk at firetalks #shmoocon #
• Sweet, new Java attack in SET 0.4. #firetalks #shmoocon #
• Spear phishing as well. SET 0.4 #firetalks #shmoocon Snow ball attack! #
• Please, Shmooballs only! #firetalks #shmoocon #
• #firetalks num 2 started. Shotan for pen testers. #firetalks #shmoocon #
• RT @capsecdc If you wanna go play in the snow, come meet up outside Harry’s in like 15. #shmoocon #
• RT @danphilpott RT @bug_bear: RT @irongeek_adc: ok, may be live #firetalks stream at http://irongeek.com #shmoocon #
• Default passwords continue to be a problem. #firetalks #shmoocon #
• RT @Shpantzer #shmoocon firetalk: Shodan 4pen testers. Banner grabbing search engine. Schearer has ex’s of big cisco routers w/ no auth. #
• #firetalks num 3. @marcusjcarey on Influencing Security. #
• #firetalks num 4 going on. #shmoocon #
• RT @Shpantzer #shmoocon #firetalks speaker @marcusjcarey recommends the book Influencer for case studies in changing culture #
• Thanks to Trusted Signal, Hurricane Labs, nVisium for sponsoring #firetalks at #shmoocon. #
• Also @rybolov, IronGeek, Justin Monroe, and Chris Wheeler for props and helping out. #
• RT @Shpantzer #shmoocon #firetalks by irongeek.com on honeypotting and messing with lamers. Hysterical! #
• #firetalks is done for tonight. 4 awesome talks! Same place, same time Sat (8:30 in Wilsons). Thanks to everyone for coming! #
• Heading to grab bite to eat/drink IN hotel. Tweet if want to meetup. #shmoocon #
• At Harry’s with @marcusjcarey and @cyberhiker talking security. #
• Hey, man – @ralphbroom … Need you talk title and description to add to alternates list. #
• Fixed #ShmooCon #Firetalks post w/ room info/time, swapped in @cmlh, & added new alt speaker. http://bit.ly/cJDBkE #firetalks #shmoocon #
• Finally made it up for #shmoocon and in GSM talk. Just background info for now.. #
• RT @CSOonline: #ShmooCon | P2P Snoopers Know What’s In Your Wallet: http://bit.ly/dleyYw #Shmoocon #cybersecurity #databreach #IDtheft #
• RT @CSOonline: #Shmoocon podcast w/ @BillBrenner70:The Bigger the Infosec Arsenal, the Harder Ya Fall:http://bit.ly/bemeZ1 #
• Become famous! RT @ThisIsHNN: HNN is setup at #schmocon front entrance come by and by on camera! #
• RT @StrongwaterSec: In @GoldbergLawDC’s legal cloud risks presentation -cloud agreements only protect providers #shmoocon #
• Nice. RT @cyberhiker: RT @amrittsering: Reports at #shmoocon of Chinese responsibility for broken roof glass. #ChineseSnow #
• Chris Paget is much, much smarter than me. #shmoocon re GSM talk. #
• RT @packetwerks: Slides will be up later today. Stay tuned 2 Twitter & our blog http://bit.ly/9SJi3F hopefully video will be online one day. #
• Re GSM talk at #shmoocon. Details of bunch of weaknesses in GSM. Talk was little too tech 4 me but tweeting whole time doesn’t help. #
• At least for me the summary slide pulled it all together. Chris is an awesome speaker though. #shmoocon #
• Sum of zombie talk. RT @CSOonline Latest fr #ShmooCon, via @BillBrenner70: Inside FarmVille’s Sinister Underbelly: http://j.mp/98AcRi #
• In UAV talk. Started off with a cool vid taken yesterday of Wardman. #shmoocon #
• Cool tidbits fr drone talk.. DIYDrones.com. Detailed look into ardupilot. Config via Google Maps – Cool! #shmoocon #
• Nice. RT @Shpantzer: “Dear Adobe, I still love you but I’m not IN love with you” The title of my talk if I had one for #shmoocon #
• This’ll come in handy. Latest fr #ShmooCon via @BillBrenner70:Your iPhone’s Dirty Little Security Secret: #iPhone #Apple http://ow.ly/14CDL #
• Movie time at #shmoocon and drone. #
• $450 for the UAV plane; ground station is another $500 #shmoocon #
• for those interested .. if wind conditions good, he may fly model UAV again this weekend #
• Really enjoyed the UAV talk. Wish I had time to get into model airplane. #
• RT @jaysonstreet: RT @jgarcia62: RT @agent0x0 RT @bettersafetynet: The Shmooball launcher contest has been rescheduled for 6 PM RT #shmoocon #
• In BlueTooth Keyboard talk.. #shmoocon #
• btaptap tool to pull BT keystrokes .. everything is communicated in the clear #shmoocon #
• of course this is when the BT device is in boot mode; avoid it or Ossmann will have your keystrokes. #shmoocon #
• Nice. Most of his little demos are actually live. No Camtasia here. #shmoocon #
• Now talking about difference ways to discovered BT addresses. Many diff ways. Several plug-ins for Kismet to help out! #shmoocon #
• BTW … Now turning BT on my phone off. I think it’s addy was just displayed in the demo. #
• Getting BT link key. Another demo; another tool (bthidproxy) to do MITM attack. Sweet! #shmoocon #
• Modifying BT keyboard firmware to contain malicious payload. Wow. Now, breezing through pairing attacks. #shmoocon #
• slides, links, code for BT keyboard talk at http://ossmann.com/shmoo-2010 #
• RT @quine: honeyM supports user profiles like “corporate user”, “university user”, “my mom”, and high security (pki, etc.) #shmoocon #
• RT @ThisIsHNN: At #shmoocon & not using SSL on WiFi? Lots Twitter accounts being popped, you are at a hacker con after all #
• RT @quine: Relied on “expressed consent” or “trespasser consent” for monitoring on mobile honeypots #shmoocon #
• Will have to read up on later. RT @danphilpott: For a live twitter of evidence recovery fr VMware session follow @jorgeorchilles. #
• Ur at #shmoocon a/f all. RT @cyberhiker: Last night – evil twin attack on BlackBerry wifi. 2day – some1 attempted bluetooth pair. #
• RT @cyberhiker: RT @bug_bear: http://bit.ly/c1w4tZ for scott moultons slide deck #schmoocon <- its a good deck. <- It always is. #
• #firetalks tonight at 8:30 in Wilsons – where the #bringiton track is. All the details here – http://bit.ly/cJDBkE. Please RT #
• RT @mubix: RT @indi303: Podcasters meetup is at 7:30 in the east salon #shmoocon plaza RT! #
• RT @jad_va: #shmoocon RT @DCist_Updates: Metro has canceled above-ground rail and Metrobus service for tomorrow too: http://is.gd/7Qct0 #
• Anyone want to meetup up for quick dinner? I’ll prob just hit Harry’s. #shmoocon #
• Any1 know.. Do you need wrist bands to get in or does it only get you free drinks? #shmoocon #
• Heading down to Harry’s for dinner with @security4all. We’ll get table for 4 in any1 wants to join up. #shmoocon #
• Hey @packetwerks @dallendoug @GoldbergLawDC @transzorp I brought recording gear & was thinking of doing some interviews 4 NovaInfosecPortal. #
• Let me know if you’re interested. @packetwerks @dallendoug @GoldbergLawDC @transzorp #
• Need bracelet for party tonight. Anyone got any extra? #shmoocon #
• Having dinner with @TheCustos and @security4all. Paying bill and heading to setup #firetalks. #shmoocon #
• Reminder #firetalks at 8:30 after podcasters meetup. In Wilsons like last night. Please RT. #
• Hey #firetalks helpers. Need some help! #
• Need projector for #firetalks. Can any #shmoocon staff help out. Please RT. #
• Woot! Getting projector now. #
• #firetalks just started. Aricon talking on browser fingerprinting using a stop watch. #shmoocon #
• #firetalks num 2 started Zero Chaos getting belted with ShmooBalls. #shmoocon #
• Watch out Backtrack, Pentoo is after you. #firetalks #shmoocon #
• #firetalks num 3 starting. Sleephacking 101 by @security4all. #shmoocon #
• #firetalks num 3. @cmlh on PA-DSS. #
• #firetalks over. Will announce winner tomorrow. All presenters please find me for participant gifts! #shmoocon #
• Thanks to Trusted Signal, Hurricane Labs, nVisium for sponsoring #firetalks at #shmoocon. #
• Also @rybolov, IronGeek, Justin Monroe, and Chris Wheeler for props and helping out. And last but not least, the #shmoocon team. #
• RT @BillBrenner70: Last year’s podcast meetup at #Shmoocon: a group around a campfire. This year’s: Motley Crue concert with drunk rioters. #
• #NOVABLOGGER: Im on a boat http://bit.ly/b70ki8 http://j.mp/nispblog #
• #NOVABLOGGER: APT Presentation from July 2008 http://bit.ly/aBXtSd http://j.mp/nispblog #
• #NOVABLOGGER: Review of The Book of Xen Posted http://bit.ly/9uftH3 http://j.mp/nispblog #
• #NOVABLOGGER: Top 3 NoVA Infosec Blog Posts of the Week http://bit.ly/ap14Ds http://j.mp/nispblog #
• #NOVABLOGGER: ShmooCon 2010 – Day 1 http://bit.ly/91st4C http://j.mp/nispblog #
• Lol. RT @Shpantzer Someone just told me that there are talks at #shmoocon. Here I thought it was one big tweetup… #
• RT @CSOonline Sunday latest from #ShmooCon via BillBrenner70: Why Your BlackBerry Isn’t Secure: http://j.mp/aTJ4rW #ShmooCon #Infosec #
• RT @CSOonline Podcast: #ShmooCon | Why Your BlackBerry Isn’t Secure: Yesterday, a researcher revealed security.. http://bit.ly/duQv6R #
• In Friendly Traitor talk. First stop Flash. #shmoocon #
• RT @quine: RT @chriseng: Source code and demo video from @txs_ presentation now online at http://veracode.com/blog #shmoocon #
• RT @quine: Mobile malware detection methods: more prompts (rm “trust app” option); signatures (AV, ew); sandboxes; static analysis #shmoocon #
• Well Flash is totally broken. Next target … Firefox add-ins. #shmoocon #
• Don’t try to secure your MiFi; it may lead to an authentication bypass. #shmoocon #
• Ok, now onto HTML 5 … Cool new features … for the attackers as well. Overall very entertaining talk. #shmoocon #
• Cool. @quine had some good live tweeting on the BB spyware talk. #shmoocon #
• RT @jaysonstreet: RT @agent0x0: RT @ChrisJohnRiley: Updated: MonkeyFist tool (PoC Dynamic CSRF Tool) http://hexsec.com/labs #shmoocon #
• In 0wn the Con.. Interesting look at all the behind the scene stuff. #shmoocon #
• Next yr, #shmoocon may be going to flat price ticket & 1 ticket per transaction. #
• 1300 peeps this yr versus 1565 last year. Pretty good considering the “white death”. #shmoocon #
• In the black by ~70K. Startup $$$ for next year. #shmoocon #
• Hey @GoldbergLawDC @sdwilderson @dallendoug @transzorp @packetwerks .. trying to meet up at the right of where HFC table a little a/f 1:00. #
• If time is tight we can meet up after con close. I’m staying 2night as well. @GoldbergLawDC @sdwilderson @dallendoug @transzorp @packetwerks #
• uStream live streaming of #shmoocon worked great overall; had few hiccups as expected. Next year will also have IRC to tk virtual questions. #
• Call to visit #shmoocon site & leave feedback so they can improve 4 next year. Also accepting via email – feedback@shmoocon.org. Please RT. #
• RT @TheCustos: Bar tab last night was 28,000 bucks. #shmoocon #
• RT @jaysonstreet RT @security4all: At 0wn the Con… Respect for the Potters! #shmoocon #
• RT @jaysonstreet RT @irongeek_adc: if anyone finds my n810, please pwn me gently, also please retreat this and contact me if found #shmoocon #
• Still around at table. I’ll b skipping tamper talk to prep 4 closing so come join if you’re not going. @dallendoug @transzorp @packetwerks #
• #firetalks winners list & prizes given to Team Shmoo. Now I can relax. #
• In end of tamper talk. Interesting stuff. #shmoocon #
• Watching closing at #shmoocon. Wow, the badge contest was really tough. #
• Woot! Awesome time at #shmoocon. 4 all those staying 2night, I’ll b at hotel thro tomorrow morning. Although I’m going to nap 1st. #
• Reminder: NoVA Hackers Association Meetup @ Mon Feb 8 4:30pm – 7:30pm (NovaInfosecPortal.com Calendar) #
• RT @Shpantzer #shmoocon is over. Tweetup at stone’s throw. Look for the black cowboy hat #
• This seems like an error. Need to look into. RT @grecs Reminder: NoVA Hackers Association Meetup @ Mon Feb 8 4:30pm – 7:30pm #
• RT @CSOonline Why CSOs Should Care About ShmooCon (BillBrenner70 column): http://bit.ly/9XVH2a #ShmooCon #ITsecurity #
• Forgot to post the #firetalks winners to Twitter. 3 @security4all, 2 @rel1k, and 1 @theprez98. Congrats! #
• For @rel1k & @theprez98, the #Shmoocon folks have your prizes. Guess we’ll have to work something out. #
• RT @ksignal9: RT @hackernewsbot AmEx: “We discourage use of special characters b/c..”.. http://bit.ly/bqjZwD <– WTF? <- WTF 2 #
• Mmmm? Looks like we were suppose 2 have NoVA Hackers dinner meetup on Mon. But I guess with Shmoocon & weather, it won’t be happening. #
• Geez, stop making it so freaking complicated. RT @FSLabs #Blog New FB Home Page, Important New Privacy Setting http://bit.ly/9Ey3d8 #
• RT @cyberhiker How many logs fit in a cave? “Depends on the scalability of the cave” – @anton_chuvakin #
• RT @cyberhiker RT @shrdlu: “PCI: The No Merchant Left Behind Act” – @rybolov (4 @joshcorman) #
• RT @cktricky RT @pentestit: MSNPawn – Footprinting, Profiling & Assessment with MSN Search http://digg.com/u1MkFv #
• RT @ebellis RT @dinodaizovi: Hackers on a Train (with @katiecouric): http://twitpic.com/121el5 #
• RT @pauldotcom P2P Snoopers Know What’s In Your Wallet http://bit.ly/arN6QV #ShmooCon (Go Larry & Mick!) #
• RT @IBMFedCyber RT @threatpost: Researcher @ ShmooCon demo’ed spyware prgrm that can intercept & record data on BB. http://bit.ly/b4qJYj #
• RT @dave_rel1k RT @humanhacker: Podcast 6-Shmoo Edition-Released:
  http://bit.ly/8ZrAsk #ShmooCon #
• Few nice articles on DarkReading re #ShmooCon. #
• RT @rgaucher RT @jeremiahg: Re: Scanner Rev. Vendors begin responding: HP WebInspect http://bit.ly/9G3Ke2 / Acunetix -http://bit.ly/ajYPPO #
• Nother Shmoo summary. RT @pauldotcom New short story: “What I Learned At Shmoocon 2010″ By Paul Asadoorian http://is.gd/7X2Xq #shmoocon #
• Good 2 know 4 website owners. RT @derekcslater RT @emediavitals SEO, porn, bounce rate and you http://goo.gl/fb/cDgS #
• RT @packetwerks RT @digininja: Don’t forget to fill in the #Shmoocon presentation feedback http://j.mp/bhZCth #
• Home fr #shmoocon thanks to Mrs @rybolov. Nice nap and now to dig out. #
• All dug out. Ran few errands & eating dinner. Next stop .. grocery store to stock up for next storm. #
• RT @DrInfoSec ENISA: 17 rules to combat risks w/ online mobile social networking http://bit.ly/anVJzG [rept at http://bit.ly/ba2rxZ #
• It was designed 20 yrs ago; what can we expect. RT @cyberhiker @hdmoore: DECT has been cracked: http://bit.ly/aOApb6 (via Int0x80) #
• RT @dallendoug .@sintixerr RT @DCist_Updates: OPM: Fed. govt. is CLOSED on Tuesday http://j.mp/9IbABJ #
• Thanks for adding me. RT @GovTwit Like to learn about infosecurity? Follow @Grecs, now in GovTwit directory: http://bit.ly/bm3GxJ #
• RT @baltimorenode This Saturday @ 9am Techno-Swap-Fest at Natl Electronics Museum! http://ow.ly/15gy6 #meet #
• RT @securitytwits Hiya. Some changes re: Security Twits R in order. Please check http://security-twits.com for more info. Thanks. ^Q #
• RT @hacdc HacDC’s Monthly Meeting for February has been cancelled due to the closure of the federal government tomorrow. #meet #
• #NOVABLOGGER: The Importance of Protecting Your Search History http://bit.ly/az7IG6 http://j.mp/nispblog #
• #NOVABLOGGER: So Much for China’s “Peaceful Rise” http://bit.ly/csbOoC http://j.mp/nispblog #
• #NOVABLOGGER: New Webcam Audio Visualizing Compositions Available for Download http://bit.ly/cdVoaT http://j.mp/nispblog #
• #NOVABLOGGER: Making Progress Matters Most http://bit.ly/aCSyA4 http://j.mp/nispblog #
• Interesting. RT @manicode Could Larry Soto scanner report just be a big NTO scam? http://j.mp/dpiXdW #
• Another “day.” RT @regsecurity Safer Internet Day fights online foolhardiness http://bit.ly/aok5iV #
• RT @baltimorenode Arduino Workshop part 1: Learn to Solder Feb 27th @ 1pm. Build @adafruit Protoshield! http://ow.ly/15qmw #meet #
• Reminder: ISACA CM Meetup @ Wed Feb 10 11:30am – 4pm (NovaInfosecPortal.com Calendar) #
• RT @baltimorenode This Saturday @ 9am Techno-Swap-Fest at Natl Electronics Museum! http://ow.ly/15gyi #meet #
• Probably a few around DC. #job RT @wadew RT @Mandiant: MANDIANT is hiring Security Consultants and Associates http://bit.ly/dbAzzy #
• Interesting analysis. RT @pauldotcom Great post from Shack: “Who Should Infosec Report To?” http://is.gd/813TE #
• RT @derekcslater RT @twailgum: RT @meridith: “Personal Branding: IT Professionals Four Pain Points” http://bit.ly/dq9NFi #
• RT @packetwerks Just posted my slidedeck from #Shmoocon http://bit.ly/baGB34 #
• #NOVABLOGGER: Don’t Disregard the Insider http://bit.ly/9WyBk9 http://j.mp/nispblog #
• Or 4X if U R @anton_chuvakin RT @GoldbergLawDC Brk down in2 parts, est those, & mult x2 – How Do U Est Prog Time? http://bit.ly/atsAlu #
• Focusing too much on open gov. RT @DarkReading Federal CTO’s job description needs come clarification: http://tinyurl.com/yzevnzg #
• $500 for your own crimeware. RT @regsecurity Upstart crimeware wages turf war on mighty Zeus bot http://bit.ly/bFpSU0 #
• For all #shmoocon #firetalks presenters, plz pass along link to your presos on your sites. so I can link to them. Thanks! #
• Sweet! RT @mubix: RT @jordansissel: #hackorhalo VM images will be going up to bittorrent. I’ll post when they are online. #shmoocon #
• RT @IBMFedCyber: Rational’s Paul Ionescu on Benchmarking App Security Scanners: http://bit.ly/9khtLn – Response to Larry Suto report. #
• RT @jaysonstreet: RT @secureideas: Social Zombies II demo video’s: Facebook App Autopwn w/BeEF http://bit.ly/bNqEM5 KrieosC2 v3… #shmoocon #
• Saw this #job on NovaHackers mailing list .. Google in Reston. http://bit.ly/cFhGyy #
• RT @mubix: RT @securitycfp: Call for Volunteers @BruCON 2010: http://bit.ly/bGW4LI #
• Whoa! RT @mubix @hdmoore: @hernano ‘s MEGA advisory for predicting/exploiting weak NTLM Challenge Keys (MS0-012) http://bit.ly/csnJCS #
• #NOVABLOGGER: Thor vs Clown http://bit.ly/9cpgRn http://j.mp/nispblog #
• Interesting. Kaspersky uploads fake malicious files 2 VirusTotal. Later those sigs turn up in other AV products. http://bit.ly/cr7lV9 #
• RT @irongeek_adc: As promised, Shmoocon Firetalks 2010 videos:
  http://bit.ly/cYWLlw @grecs @heidishmoo @gdead #
• How to get a security budget. “Grab Your Company by Its Proverbial Balls” http://bit.ly/cN0uOE #
• #evfail RT @ebellis: EV’s Green Cert is Breached (of course) (SNAFU) – http://bit.ly/cTwWU3 #
• 123456 & 1234567 numbers 2 and 3. RT @rgaucher @wascupdates waschoneypots – Top 10 targeted passwords .. http://bit.ly/9KTXDp #
• In case you missed it .. RT @cyberwar: Mudge joining DARPA. http://bit.ly/cffKJ7 #
• Thursday’s OWASP VA #meet will be virtual-only due to the snow storm. See http://bit.ly/bNZRhl for all details. #
• So true RT @dallendoug @michaelawsutton Sutton’s Law: When procrastinating on shitty proj, create shittier project & 1st will seem appealing #
• RT @cyberhiker @patrickcmiller: Cyber attack insurance. How wld ths work in critical infra space? http://bit.ly/aREPha <- Blog Post Coming #
• Wow, ‘Aurora’ attacks still underway. At least we’re getting “close” to determining creators. http://bit.ly/9mI7bt #
• RT @rybolov: For those of you who want more of my evil sweet tea vodka: @fireflyvodka or http://bit.ly/X0OzL and look for locations. #
• RT @mckeay: RT @ncircletweets has FREE RSA Conference Expo Passes! Pre-register using code: SC10NCR before February 26! #RSAC #
• Reminder: OWASP VA Meetup @ Thu Feb 11 6pm – 9pm (NovaInfosecPortal.com Calendar) #
• Hold on.. WTF! RT @regsecurity One month later, Google still censors China search http://bit.ly/aiK50f #
• I like the last part. RT @Shpantzer: RT @SocialMediaSec: How to Do Everything in Google Buzz (Including Turn It Off) http://bit.ly/aZoKPf #
• Of course I’m hoping this whole Google Buzz thing ISN’T on by default. Hopefully you have to at least click on something to enable it. #
• RT @Shpantzer: . @rybolov @shrdlu Fee fi fo fum, I smell snopocalyptic tweetup in Reston/Herndon/Oakton.. @alexhutton Suggestions? #
• RT @rybolov: @Shpantzer @shrdlu @alexhutton Hama Sushi Friday night if they’re open else Centario del Reston Town? #
• CALENDAR UPD: Charmsec Meetup http://bit.ly/9VUoL3 http://j.mp/nispcal #
• RT @jaysonstreet: RT @SecBarbie: Hak5 ep 626 w/ theX1le @ChrisPaget @textfiles @agent0x0 @marcusjcarey http://bit.ly/9LfQK9 #shmoocon #
• Interesting thought. RT @Shpantzer @MarkSilver: “Perfect security is the enemy of good security” http://bit.ly/cibS02 #
• Why the f* do companies keep f*ing w/ R privacy w/ open settings by default. Tx Google Buzz. http://bit.ly/aLTJTD (@jaysonstreet 4 link) #
• Then it takes a genius (well m/b not but it at least takes tons of time) to figure out how to turn everything off. WTF! #
• Everything should default to as*-tight private and then the user chooses to open up what they want to. #
• RT @Shpantzer: @rybolov: @shrdlu @Shpantzer @grecs @alexhutton German Clock tower plaza. Intersect of Cville Rd & Sunrise Valley. 5:30 #meet #
• Every once in a while MS patches cause probs. @briankrebs reports on one fr most recent batch. http://bit.ly/aeeeNV #
• #shmoocon preso RT @quine: (Via @wimremes) — @dan_crowley’s “Windows File Pseudonyms” up at http://bit.ly/aTjRay — Dan showed.. #
• Here is @TenableSecurity ‘s #ShmooCon summary. They talk a/b BT, GSM, etc. http://bit.ly/9Iz305 #
• Turn off Google Buzz: 1 Log into Gmail; 2 Scroll down 2 bottom of page; 3 Click “Turn off Google Buzz” link. http://bit.ly/9XzqYs #
• Stnd stuff but worth a read. RT @InfosecCareer: 5 New Rules for Finding the Right Job http://bit.ly/bCzJ9l #
• RT @baltimorenode: Today’s Openhack with guest Erik Spangler is canceled due to #snowmageddon. #meet #
• Fun! #edu RT @mubix: RootHack Sirens is back up! Info here: http://roothack.org/games/sirens/info #
• Plus his thoughts on few other talks. RT @mubix: RT @packetwerks: Just posted my slidedeck fr #Shmoocon http://bit.ly/9pWnpp #
• Ok.. Procrastinated enough. Time to shovel car out. #
• Wait, U mean my profile is open. Sh*t! #
• Haven’t listened 2 but may be good overview .. re Javelin 2010 Identity Fraud Study – Threats & Trends. http://bit.ly/90Lc36 #
• Mom’s being treated in hospital. What am I going 2 do? Swap room PC net connection w/ my laptop’s so I can surf. WTF. http://bit.ly/b8eW3v #
• Hey, at least the IDS worked. http://bit.ly/b8eW3v #
• RT @cktricky @security4all @purehate_: http://digg.com/security/FireTalks_from_Shmoocon_2010 Every1 digg firetalks. Best new.. #
• 6 slide summary of #shmoocon. Worth a quick looksie. “The sights, sounds (and snow) at ShmooCon” http://bit.ly/9QHK2c #
• Slides fr @GoldbergLawDC ‘s #ShmooCon talk “Flying Instruments-Only: Legal & Privacy Issues in Cloud Computing” http://bit.ly/9YUbo0 #
• Man, another Adobe Flash vuln. http://bit.ly/al0y45 At least there’s a patch. @briankrebs also warns of an upcoming Reader patch. #

No related posts.

Tags: digest, grecs, twitter