I just read Bruce Schneier’s Beyond Fear.  It was classic Schneier and by classic Schneier I mean very good and thought provoking.  He sets forth a methology to analyze and evaluate security systems, technologies and practices.  Below are the five questions that he set forth in the book which are the bassis for this methology.  [...]

I enjoyed Kingpin. It gives real insight to credit card fraud and government “cyber” investigations. This case (the conviction of Max Vision) really symbolizes the movement of hacking prosecutions into a new realm. This new realm is really just plain old crime by other means.

Mark Russinovich is a windows Ninja and he has been for a long time.  He is bona fide.   This does not mean that he is necessarily able to write a good novel, develop characters, or articulate convincing scenarios about cyber-terrorism. Fortunately, he is able to do all three. Zero Day was fun to read, [...]

When I saw that The Cuckoo’s Egg was on Richard Bejtich’s top ten Infosec books for 2010, I decided to give it a re-read.  I had fond memories of the book and I was not disappointed.  There are still some good security lessons to be learned from the book.  It is a well presented story [...]

All devices need to be sanitized of information before disposed of.    I recently acquired a 2950 switch for small project off of ebay..  As expected, the configs were still intact with a treasure trove of information.  Yes a treasure trove.  The switch was previously at a major corporation, there were two snmp RW strings [...]

The latest entry to the Software Vault is a nice little windows program to compute and compare MD5 hashes.  I have found myself in the past not checking the md5 hash on a file when I was on a windows box and I would have checked the hash if I was on a Linux box.  [...]

I have been exploring different methods of storing non work related docs, files and information in the cloud for easy access.  I want to access from multiple locations and from a variety of devices.  The best solution so far is google aps, toodledo and drop box.   The new iphone app for Drop Box is great.  [...]

The Great Bay Beacon Endpoint Profiler 2.1.8 has a number of options for backups.  Backups are automatically run daily and manual backups can be run from the command line from the web based GUI.  The files can be manually downloaded, but the backup files are not be automatically moved to a remote location.  Below is [...]

Leo Laporte hosts a new podcast on Google and “cloud” related topics.  Leo has two cohosts, Gina Trapani, lifehacker founder and Jeff Jarvis. It is a weekly podcast and has just completed its 15th week.  The cast is always informative, entertaining and gives listeners insights to the Google’s radical yet sometimes quiet and not so [...]