SecurityRatty: tag: dumb

Dumb Luck IS a Strategy!

2008-09-18 09:38:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...dumb luck") have "shielded" the company from an incident. Yes, Virginia, dumb luck IS a security strategy for some companies... AND it works for them It was discovered, but not used/abused by the attacker - maybe he was busy hacking other systems, or saved this for later and never came back due to his ADD. Congratulation, you win! The immense...

Tags: dumb luck, dumb luck strategy, security, security countermeasures, security professional, security program, risk, obvious huge risk, password

"High-level" vs Fluffy vs Dumb vs Irrelevant?

2007-11-28 14:54:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...dumb down our presentations, WE NEED TO MAKE THEM RELEVANT About me: http://www.chuvakin.org

Tags: executives, 1st grade level, fortune class executives, fortune, presentations, exec-level presentations, executive data presentation, blog discussion, dumb

Nobody Is That Dumb ... Oh, Wait IX

2008-02-05 07:44:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...Dumb ... Oh, Wait" series comes back - with a vengeance! I really should have launched "the dumbest prediction of the year" contest, but I didn't :-) Still, we have a wiiiiiiiiiiinner: " TJXs Security Breaches Will Force it to Go out of Business or to Merge with Another Company " Huh? Then it gets better: "Furthermore, the negative impact...

Tags: tjxs security breaches, card, card arrives, tjxs public image, minute call, negative impact, dumb, issuer solves, wait

Nobody Is That Dumb ... Oh, Wait X

2008-05-05 14:26:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...Dumb ... Oh, Wait" series , a cheap [ but - hopefully! - more humorous ] imitation of the infamous "doghouse Today's entry is about throwing free money and free work [of somebody else, mind you] down the proverbial crapper So, the other day I was at one security conference which had a bit of a vendor expo. Since I work for a log management...

Tags: security appliance vendor, vendor, log management vendor, enables loglogic index, loglogic, logs, vendor expo, official support package, free money

CHECKLISTS ARE NOT FOR DUMMIES, BUT THEY SURE ARE DUMB!

2008-06-11 13:51:33 by Alex in RiskAnalys.is

...dumb As slightly paranoid, skeptical and jaded risk management professionals, we know this to be true. A PCI compliant company may or may not be at all secure or risk-free or even risk-reduced. Thats an aspect of analysis that the checklist is some prior information for, but not nearly all the information we need for an analysis of risk or...

Tags: checklists, article checklists, article, mmmmm-mmmmmmm checklists, nice checklists, provide analysis, provide, nature, nature statement

On Doomsaying (Terry Childs case)

2008-07-24 12:48:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...Dumb... Oh Wait" series Really, when I've heard about it first , I was like "ah, come on, I am sure the journalists are just mis-reporting it; nobody is that dumb in their approach to system security Well, they really were that dumb Honestly, from the "blatant disregard of common sense", this is very, very high on the list ( many in security...

Tags: terry childs, access, business, dumb, security vendor propaganda, romanian script kiddie, guy, common sense, people

IPs Now Private Info?

2008-01-22 13:49:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...dumb privacy' freaks" and conduct a wonderful experiment: how long those Europeans will survive without search engine "service?" But wait a few years, Google, before pulling a plug: it will make sure that Internet becomes truly indispensable Also, what do I mean by " dumb privacy "? Am I anti-privacy? No (not anymore), this is where I...

Tags: privacy, privacy chasm, dumb privacy, data privacy regulators, heavy privacy price, org outline, implication, org, pretty dramatic implication

Stolen Penn State laptop had information on 677

2008-01-28 12:43:09 by Evan Francen in The Breach Blog

...dumb, they wouldn't know the difference. It seems like most "bad guys' are dumb, so take that for what its worth Lindstrom added that, as required by law, letters are being sent to individuals whose information was believed to be in the laptop It's also on the National Crime Information Center database, so every police department in the...

Tags: information, store information, sensitive personal information, information custodian, information security practice, identifiable information, confidential information, laptop, penn

Anton Security Tip of the Day #14: More accesslog Fun: What Are You Not GETting?

2008-03-12 13:35:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...dumb (and so dumb, it's a classic 10.10.123.226 - - [12/Feb/2008:03:46:54 -0800] " POST / vti bin/shtml.exe/ vti rpc HTTP/1.1" 404 - "-" "MSFrontPage/6.0 10.10.123.226 - - [12/Feb/2008:03:46:55 -0800] " OPTIONS / HTTP/1.1" 200 20210 "-" "Microsoft Data Access Internet Publishing Provider Protocol Discovery It is probably one of the ancient...

Tags: web server, server, web, web browsers, security, web discussion board, anton security tip, fun, modern apache

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo