The Stupid, It Burns

There are times where I just marvel at the abject stupidity of some folks. Case in point was the posting on Pastebin over the weekend where a group of "hackers" (wow, I use that term lightly) calling themselves "Wycked" posted a database dump from McDonald's Malaysia. The premise being that they compromised the site. Small problem with that however. You see, the "Havij Injection Project" already posted that same database ...

Continue reading

Privacy under fire: Aaron Sorkin saw it coming in 1999

I've long been a fan of "The West Wing," which follows the drama of fictional president Josiah Bartlet and his senior staff. The series launched well before the privacy debates that are now the norm. But series creator Aaron Sorkin was way ahead of his time all those years ago when he focused on Internet privacy in the season one episode "The Short List." In the episode, Bartlet has nominated ...

Continue reading

No Cyber Experience? Strategy! Um…

Michael Daniel is the person who is on point for shaping cyber security in the US government. I find it rather disquieting that the White House cyber security coordinator espouses his lack of technical knowledge as a plus. From Gov Security: "Being too down in the weeds at the technical level could actually be a little bit of a distraction," Daniel, a special assistant to the president, says in an ...

Continue reading

How About an Award for Sleaziest Vendor Booth?

So here's an idea... Since many of us are in agreement that security vendors should have booth displays at security cons that reflect the strength of their technology instead of resorting to booth babes and trashy signs, why not do a little something to hold their feet to the fire? Let's have a contest at each conference for sleaziest booth. The vendor who wins gets a design-to-be-determined award sure to ...

Continue reading

Black Hat 2014 and Media FUD

I get it. I really do. I used to be an online journalist, and I know how much pressure there is to bring in page views. I'm sure I've even written a few headlines that played up the fear factor to get clicks. I'm human, and humans are often misguided. But if I've learned anything, it's that throwing around words like "terrifying" and "scary" do more harm than good -- ...

Continue reading

To Those Missing Security Summer Camp

I'm seeing a lot of friends online bumming out because they can't make it to Black Hat, BSidesLV and DEF CON this year. I feel for them. I missed four years in a row -- 2008, 2009, 2010 and 2011 -- because of a scheduled family event that landed in the same calendar position as the Vegas events. I don't regret skipping Vegas those years. Not for a second. In my world family comes ...

Continue reading

(ISC)2′s New App Security Council

Truth: I used to think (ISC)2 was one of the most useless organizations on the planet. They never seemed to listen to the people who had invested in their CISSP training. A couple years ago, people even started to brag about letting their certifications expire. But something happened that gave me renewed faith in the organization. A bunch of talented, well-known security professionals started running for seats on the (ISC)2 ...

Continue reading

Why Barnaby Jack Was So Good

The other day I found myself watching a video of Barnaby Jack's famed "Jackpotting" presentation from Black Hat 2010. Truth be told, I forgot how good he was. I know what you're thinking: "You're an idiot, Brenner. Of course he was good. He was one hell of a hacker. You shouldn't have to watch an old video to know that." Here's the thing: None of us will ever forget his showmanship ...

Continue reading

First-Time DEF CON Attendee? Watch This

If you haven't seen it yet, I highly recommend the DEF CON documentary that came out last year. For nearly two hours, you get a detailed history of the event and get a pretty good introduction to the major players who make the whole thing work. If you're going for the first time, the documentary, directed by Jason Scott Sadofsky, is must-viewing. http://youtu.be/rVwaIe6CiHw

What The Hell Just Happened Here?

I never could keep my mouth shut. When a conversation is going on, I can't just mind my business and focus on the work at hand. I have to be the man at the table who injects quips into the discussion; the guy who thinks he's not contributing properly unless he pontificates, no matter how ridiculous his words are. That was the scenario Friday when some of us Akamites (Akamai ...

Continue reading