[SecurityRatty] tag: miss

We will miss you Paul Newman

Sat, 27 Sep 2008 10:57:47 +0000

You did good Paul. Thanks for all the good you did. You have a great soul.
Take care.

Legendary actor Paul Newman dies at age 83

WESTPORT, Conn.—Paul Newman, the Academy-Award winning superstar who personified cool as the anti-hero of such films as “Hud,” “Cool Hand Luke” and “The Color of Money”—and as an activist, race car driver and popcorn impresario—has died. He was 83.

The Two Classes of Airport Contraband

Tue, 23 Sep 2008 01:47:04 +0000

Airport security found a jar of pasta sauce in my luggage last month. It was a 6-ounce jar, above the limit; the official confiscated it, because allowing it on the airplane with me would have been too dangerous. And to demonstrate how dangerous he really thought that jar was, he blithely tossed it in a nearby bin of similar liquid bottles and sent me on my way.

There are two classes of contraband at airport security checkpoints: the class that will get you in trouble if you try to bring it on an airplane, and the class that will cheerily be taken away from you if you try to bring it on an airplane. This difference is important: Making security screeners confiscate anything from that second class is a waste of time. All it does is harm innocents; it doesn't stop terrorists at all.

Let me explain. If you're caught at airport security with a bomb or a gun, the screeners aren't just going to take it away from you. They're going to call the police, and you're going to be stuck for a few hours answering a lot of awkward questions. You may be arrested, and you'll almost certainly miss your flight. At best, you're going to have a very unpleasant day.

This is why articles about how screeners don't catch every -- or even a majority -- of guns and bombs that go through the checkpoints don't bother me. The screeners don't have to be perfect; they just have to be good enough. No terrorist is going to base his plot on getting a gun through airport security if there's decent chance of getting caught, because the consequences of getting caught are too great.

Contrast that with a terrorist plot that requires a 12-ounce bottle of liquid. There's no evidence that the London liquid bombers actually had a workable plot, but assume for the moment they did. If some copycat terrorists try to bring their liquid bomb through airport security and the screeners catch them -- like they caught me with my bottle of pasta sauce -- the terrorists can simply try again. They can try again and again. They can keep trying until they succeed. Because there are no consequences to trying and failing, the screeners have to be 100 percent effective. Even if they slip up one in a hundred times, the plot can succeed.

The same is true for knitting needles, pocketknives, scissors, corkscrews, cigarette lighters and whatever else the airport screeners are confiscating this week. If there's no consequence to getting caught with it, then confiscating it only hurts innocent people. At best, it mildly annoys the terrorists.

To fix this, airport security has to make a choice. If something is dangerous, treat it as dangerous and treat anyone who tries to bring it on as potentially dangerous. If it's not dangerous, then stop trying to keep it off airplanes. Trying to have it both ways just distracts the screeners from actually making us safer.

Security Matters: Airport Pasta-Sauce Interdiction Considered Harmful

Thu, 18 Sep 2008 14:00:00 +0000

---

Bruce Schneier is chief security technology officer of BT. His new book is Schneier on Security.

Chrome, Safari And Selt-Signed Certificates

Wed, 03 Sep 2008 05:10:29 +0000

I ran a column a couple weeks back about browsers and how they handle unsigned certificates. How does Chrome handle them? For that matter, how does Safari handle them, since I forgot to include it in that column? Chrome, at first, is much like IE7; it puts up an impossible-to-miss warning but lets you continue past it: Then if you do continue, like Firefox, it keeps a warning present in the address bar. Neat. Safari is much like IE7: It pops up warning dialog box: But when you choose Continue it continues with no visible indicator that anything is different.

Tomoko in Bangkok with Emerson Lake & Palmer

Tue, 02 Sep 2008 03:48:06 +0000

A few friends and colleagues have written privately, or blogged, and kindly mentioned how much they will miss not seeing Tomoko at the Event Processing Summit and Symposium this month. She is currently in Japan visiting friends and family. Here is a video I made with Tomoko on the Chao Phraya River in Bangkok, set to the music of ELP. Enjoy!

Gartner Event Processing Summit (and EPTS Meeting), Sept 2008

Sat, 30 Aug 2008 08:57:00 +0000

Many folks have been sending me email, inquiring if I will be attending the Gartner Event Processing Summit, September 15-16 or the 4th Event Processing Symposium, September 17-19, 2008 (the EPTS meeting). I regret not attending either event this year and will miss getting together with everyone. In addition, I would like to thank Opher and the EPTS team for inviting me.

As we get closer to the conference dates, I wish that I had made plans to fly back to the US to meet everyone. However, I have been cutting back on public speaking, taking a break since May. In addition, Gartner did not ask me to speak at their Event Processing Summit this year, I assume because they did not want to pay airfare for my flight from Thailand to the US. Also, Gartner always likes to fill their conference speaking slots with as many Gartner speakers as they can, unless you are a paid sponsor; and I noticed a number of Gartner employees speaking in multiple slots.

(Editorial Note) Then again, maybe I complained to much about the lack of organization and conference problems when I was invited at be a Gartner keynote speaker last time - reservations not made propertly, problems with the guest speaker registration list at sign-in, rooms shifted without notifying the speakers and panelists. Admittedly, I was not happy with the conference organizers at the last get together. This was my fault, as I am accustomed to better conference execution and am probally too “picky” about details these days - my bad. Anyway, the Gartner organizers apologized numerous times, saying they had too many conferences going on at the same time and not enough people to cover them all.

One of the problems with spending so much time in Asia, especially in Thailand, is that guest speakers are really treated as VIPs. There are usually special comfy couches set up for the speakers and the conference staff really treat you very nice, taking care of you every step of the way. In fact, there is an entire very nice culture around how guest speakers are treated in Thailand. Often, they pin flowers on the VIP speakers and take your photos like you are a star. Very nice culture.

I absolutely look forward to speaking on event processing or CEP at a future venue and meeting everyone face-to-face instead of over the net. My sincere and deepest apologies for not attending either the Gartner or the EPTS event this year.

PS: If you take up a collection and send me a RT business class air ticket, I might change my mind

Links List 8.29.08

Fri, 29 Aug 2008 10:00:44 +0000

ChangeWave Research released a survey of 1,947 people responsible for IT spending. Thirty percent of the respondents reported that third-quarter IT spending was lower than previously planned – while 12 percent spent more than planned. Thirty-five percent cited higher energy costs as the top factor for spending slowdown.

Parlez-vous open source? While wide-spread open source usage is still debated in many companies, the French have been advocating for all open source all the time in government and education. French President Nicolas Sarkozy set up an economic commission that recommended tax benefits to stimulate more open source development. Lesson learned from France: start ‘em early. “All students in France use open source.”

Just in time for Labor Day, John Edwards (no, not that one) comes out with an informative guide on “Who provides what in the cloud”. No doubt, this will be a rapidly expanding list, but what’s really interesting is the comment on the article. People have very strong opinions on the cloud…

Research firm Aberdeen Group reports that network costs will increase slightly more than 5 percent over 2007. Contributing factors: “need for speed”, shift from standard to mobile PCs (more end points of connectivity), and the ever-expanding network. And of course the hidden costs of multiple tools with multiple management consoles – if you’re not smart enough to choose say a comprehensive network management solution that is vendor agnostic…One tool to monitor them all…

And just because I miss the Olympics already, here’s an irreverent take on what it’s like to lose to Michael Phelps. http://www.thetechstop.net/?p=1503

Enjoy your long Labor Day Weekend!

More security often means lower costs

Tue, 26 Aug 2008 03:11:45 +0000

People often miss one of the biggest selling points about security--cost reduction. This is the problem with comments in a recent article in Dark Reading.

Unsubscribe from Spam emails?

Sat, 23 Aug 2008 11:53:14 +0000

Replying or hitting the unsubscribe will most probably get you even more Spam folks.

clipped from www.crime-research.org

Should you EVER reply to a spam message?

First you need to determine what kind of junk mail you have. Is it being sent by a company you’ve ever done business with, or something you might have signed up for in the past, however long ago? Most commercial mail being sent by legitimate companies will have an unsubscribe link at the bottom, and though those links can take a few days (up to 10 in some cases) to go into effect, if you follow the instructions to unsubscribe from a mailing list (be sure to complete the transaction and read what to do carefully so you don’t miss anything) the messages should stop.

Phish Page Steals Your Details, Then Logs You In

Fri, 22 Aug 2008 10:15:31 +0000

One of the few things that - perhaps - alerts users that they've been phished is when (after entering perfectly valid login details) they see something like this:

...or like this:

Generally, when net-savvy users get phished, they're alert enough to know that messages such as the ones above are a clue that they might have stumbled onto a Phishing page (assuming they're 100% sure they entered their details correctly, of course). This "break" in the login cycle has always been a weakness of a phish page, and the typical flow of events is as follows:

1. Visit Phish page
2. Enter details
3. User is told "your login cannot be processed at this time", and your information is stolen

What if the process could go like this:

1. Visit Phish page
2. Enter details
3. Phish page steals your information, but logs you into the target site

You'd miss that vital clue - the failed login - and assume everything was okay.

Well, a Phish for the popular Habbo Hotel caught my eye today because it does just that - seamlessly logging you into Habbo Hotel once your details have been stolen. Here is the Phish page in question:

Click to Enlarge

Here I am, entering my login details into the page:

At this point, a regular Phish page risks giving the game away because of the familiar variations on "Your login could not be processed" that appear at this point in the procedure.

However, the Phish page takes you to a page hosting an encoded base64 script:

From there, the user is deposited onto the Habbo Hotel website, fully logged in - no "Your login could not be processed" messages here!

Click to Enlarge

Meanwhile, my login has been stolen (it's the one in red) and placed in the ever growing pile collected by the Phisher:

Click to Enlarge

From the point where I decided to login to Habbo Hotel, to the point where I'm actually logged into the site there is no break in the usual procedure and I have absolutely no indication I've just been phished. If this kind of devious tactic is employed for banking phishes, it'll make it all the more crucial that end-users start to think about running Anti-Phishing programs and browsers that have built-in Phish Detectors because the stakes seem to have raised once again.