Skip to main content


Showing posts from May, 2010

Stop the lies! The day that Microsoft saved Apple

Stop the lies! The day that Microsoft saved Apple | ZDNet.

An interesting article from ZDNet about the days when Microsoft bought 150M of non-voting stock shares and committed to producing MS Office for the next 5 years. A lot of people claim that Apple would have died if not for MS saving Apple back then. That may be partially true, but only because MSFT had to pay them a considerably large amount of cash for the patents.

Check out the article above.

Reminder to update PulledPork and Oinkmaster URLs

As you may know, about 30 days ago, we announced the new rulepack download method for users.

Today is that day that we talked about back on April 26th, and if you haven't already, you need to update your URL's within PulledPork, Oinkmaster, or whatever script you are using, to download the correct rulepacks by their correct names.
If you are using, and you are a registered (non-subscriber) user, your name should read:

If you are using, and you are a registered (non-subscriber) user, your name should read:

If you are using, and you are a subscriber, your name should read:

If you are using, and you are a subscriber, your name should read:

If you are running legacy versions of Snort, take the opportunity to now update to the current version (2.…

Mark Zuckerberg - From Facebook, answering privacy concerns with new settings

Mark Zuckerberg, in an article on answers some of the privacy accusations that have been thrown in his direction about Facebook.  It reads like PR copy, so take it for what it's worth, but at least he came out and said something about it.

Kudos for him to at least acknowledging it.

Mark Zuckerberg - From Facebook, answering privacy concerns with new settings. is still alive.

Today I posted a quick "Yes, we're still here" over at  We received an email from a user/contributor saying that we haven't updated the blog in awhile, we haven't been very noisy about what's going on in the background. is a community, it's here for you guys to submit pcaps to, exchange pcaps, and use those pcaps for analysts, testing of employees, testing of IDS/IPSs, whatever you can see to use pcaps for, that's why it's there.  We'd like more of your pcaps, and we're willing and able to use them at the site.

Please contribute!

Educating our fellow Humans

I wrote this post in conjunction with my last "Top 10 hints" post, but somehow it disappeared.  So I thought I'd try and write it again, trying to remember the key points I hit.

Many of the people that read this blog are security professionals like me, my peers.  We learned about our profession, mostly on our own.  Self-taught individuals with a penchant for curiosity and the likeness to break things.  There are very few schools and certifications to be "professional" at what we do for a living, and it's because of that, that our community is so small.

Take a look at something like Defcon or Blackhat.  You can throw a stone at one of those conferences and usually hit about 4 people you know on a first name basis, and 10 people that you know by their online name.  Think about it.

Along the growth of our careers we've probably had a few mentors, four or five people during our professional growth that have pushed us in the correct direction.  Gave us hints, w…

The perspective of a 3 year old, waiting with Dad

My daughter, the photographer, while waiting for Dad and Mom at the store.  A perspective.

Facebook privacy, why you should be careful, and what I'm doing personally.

It seems everyone has been jumping on the "Facebook is evil" bandwagon lately, some of it being fair, some of it not.  I thought I'd try and jump on the bandwagon too, but this time, let's lay out the facts and reflect on them and see how they are changing my outlook on Facebook and why it might be good to change yours too.

<bear with me, it's a long one, but it's a real one, and it's meant for you to read>

Facebook is a social networking site.  Two words.

Social -- relating to or designed for activities in which people meet each other for

Networking -- a group or system of interconnected people or things

A place where people come together to be interconnected and share things and activities.  Facebook.  Exactly what it does, so why is everyone so up in the air about it, why are people complaining about it?

Privacy.  Those of you that signed up for Facebook in the beginning, and are like me, take the world on the Internet with the assumption that everythi…

Alligators are stupid

y3GpS.jpg (600×397).

From Twitter.  Picture is awesome.  Thanks @CunningPike

Java for Mac OS X 10.6 Update 2 released by Apple

Apple, yesterday, released a bunch of security patches for Java OSX 10.5 and 10.6.  Patching a ton of CVE's.  These little updates sometimes don't get the press that the big 10.6.x updates do, however, all the security updates are important, so be sure, if you use an Apple computer version 10.5 and 10.6, go ahead and run Software Update.

About the security content of Java for Mac OS X 10.6 Update 2.

6 Tech Certifications That Will Get You Hired as a Security Pro

I'm not a gigantic fan of Security Certifications, but this is interesting, as it allows you to know your audience, and it allows the audience to know what to look for.

Why am I not a Gigantic Fan of Certifications?

Anything that can be bootcamp'ed is worthless.
Anything where all the answers can be found in the book for the classware, and you are allowed to take the classware book with you to the test.. worthless
Anything that does not require a practical exam.  (Either written or physically typing something) is worthless.  Which is why I am a slightly larger fan of the Gold GIAC certifications.  As they require you to write a practical.  Or the harder Cisco ones, or the Redhat exams.

Personally I'd rather hire someone that can do the job, do it well, and if they don't know the answer, know where to find it.

6 Tech Certifications That Will Get You Hired as a Security Pro |

LifeLock CEOs Identity Has Been Stolen 13 Times

Can't say I'm surprised at this one.  Any guy that trapes around putting his name and SSN on the side of a billboard is waiting to be had.  I remember remarking to my wife the first time I saw a LifeLock commercial "I call BS."

Of course, now, LifeLock has been fined 12 Million dollars and called liars.

LifeLock CEOs Identity Has Been Stolen 13 Times - IdentityTheft - Gizmodo.

All you ever needed to know about Tranmissions


This video was sent to me via email by my Dad (as one of those forwards) with this caption:

Several years ago, Rockwell International decided to get into the heavy duty transmission business. They were getting ready to tape a first introduction video, and, as a warm up, the professional narrator began what has become a legend within the trucking industry. This is reported to have been strictly "off the cuff," nothing written down.
This guy is a professional bullshitter.

Chromes Unconventional Speed Tests Are Incredible, oh, and fake.

Chromes Unconventional Speed Tests Are Incredible - googlechrome - Gizmodo.

Okay, so here's Google's Chrome browser being speed tested against a potato gun, lightning, and...well... Paint sitting in a speaker (I guess that's supposed to be fast). It's an incredible commercial, I love the imagery. Oh, and as I posted earlier today Chrome beta 5 is fast as heck.

However the commercial is a lie. Maybe not all of it, but the loading of the pages is certainly bullshit.

Watch the commercial, watch it fullscreen, go ahead, I'll wait here.

Watch it! NOW.

The two url's that you can plainly see are not being loaded live. They are being loaded off of /Users/Kevin/Desktop....

Okay, so maybe it's not Kevin, but it's certainly a local load. I went to with chrome earlier today, and it did load really really fast. But the test is done off of local cache.

If you are going to go to such elaborate "tests", use the real webpage. Not the local cache of …

Chrome 5 is freaking fast.

I've been using Chrome since it came out for the Mac awhile back, off and on, and staying current with the beta builds.  However, this build that came out yesterday is AMAZING.

Chrome 5, as a result of some "tuning" they have been doing with the Chrome rendering and javascript engines is noticeably faster.  There are some lovely bar graphs on Google's blog here.  But, stupid graphs aside, I've noticed a difference this morning when loading my regular webpages (my gmail page, my gmail calendar, my account, etc.)  Anything that can load the whole interface in about 2 seconds is a freaking fast browser.

Nice job on this one Google.

To the readers:  If you have the ability to check it out, do so.  It's pretty impressive.

Internet Explorer web browser use drops below 60%

Now remember, that these aren't specifically browsers, these are representations of rendering engines.  IE's rendering engine is called Trident, Firefox's is called Gecko, etc.  So it's interesting that IE is falling, yes it's still built into every Windows Machine, but the alternative browsers are gaining market in there as well.  Look at Firefox, it's up a bit, but the one that is the biggest uptick is Webkit.  Webkit is the rendering engine behind Safari (Mac's browser), Chrome (Google's browser), Android's browser, the iPhone browser, and the iPad browser.

Now, I don't know if they counted mobile browsers in this mix (iPhone, iPod, and iPad) but it's an interesting graph none-the-less.

AppleInsider | Internet Explorer web browser use drops below 60%.

Verizon to block outbound port 25 for residential customers

For those of you that have Verizon Home Internet (FiOS or other), Verizon is about to start blocking outbound port 25.


Why is Verizon blocking outbound port 25?
The majority of spam (unsolicited email) on the Internet is caused by malicious software viruses that take control of infected computers. These viruses direct the infected machines to send email through port 25. Verizon takes spam very seriously. Verizon blocks outgoing connections on port 25 to prevent infected computers from being used by spammers to send unsolicited email. Outbound port 25 blocking is a standard industry method to control spam.

For more information, click the link below:

Verizon | High Speed Internet - Your Attention Needed: Re-configure Your Email Settings to Send Email.

Social Strata hacked, Ars Technica users being spammed

Ars Technica used to use a service from Social Strata for the their forums, I say used to, because some time ago, they moved off of the platform. But apparently, Social strata did not delete the information from their servers. Hmm.. Okay.

So, as it would come to pass, Social Strata's server (one of them apparently) was rooted, I think the cause of which is still being investigated, but anyway, they got rooted. The only thing that was gotten a hold of was email addresses. So the users of Ars Technica's forums from that long ago started receiving phishing emails.

While it's important that the passwords were not compromised, the moral of this story is that companies and users need to check with cloud-based server provider's license agree to see what the retention clause is on the data, or at least make sure there is one. When you leave a service, you can't immediately assume that your data is leaving that service too.

Be careful out there. Below is a transcript of t…