* I just called, to say.....nothing, actually: Strange and annoying phonecalls. We all hate them, don't we? Especially when you can't decide if they're trying to sell you things (bad) or just steal all your personal data to sell on (worse).
* It's a trap: Hot chick adding herself to my Myspace friends list = Disaster. Mind you, I have plenty of real hot chicks on my list so that's okay.
* Hackmemes: Did you ever want to see a DDoS tool whose sole purpose for creation was as part of a meme war? Even better, a DDoS tool that's actually stuffed full of memes purely so it'll gain acceptance with the groups involved in the battle in the first place? Then here comes Christmas.
1) The comments on Spywareguide are working again, and you can now post as you see fit. Swear to God.
2) The day I posted this ramble complaining about Feedburner woes, Netvibes (who, judging from endless posts in their support group via Google, seem to have been the cause of endlessly fluctuating Feedburner stats) went and migrated all of their users to the new interface. Since that day, my stats have been back to normal and have actually gone up a little bit. Anyone else out there using Feedburner noticed a more regular pattern in their stats since a week ago?
All I want to know is, who comes up with this stuff?
See, I've been waiting.....and waiting......and waiting......for the sessions from RSA2008 to hit the web, so we can watch and listen and absorb or whatever. There's a lot of people who couldn't make it who have also asked me if / when my own presentation would be available to listen to. Last year, RSA seemed to be pretty open about who could get their hands on the talks (Hell, we still have one complete with funky Flash thing here).
Now? I get an Email from the RSA organisers last night pointing me to this page, with the following genius idea:
The information and ideas discussed at RSA Conference 2008 will have an impact on the information security industry for years to come. Be sure to capture all of the discussions by replaying the session recordings from this year's Conference. (Free for 2008 Full Conference attendees, $395 for non-attendees)
Wow, yes! What a brilliant idea! We'll have "an impact on the security industry for years to come" by.....letting all the same people who saw the talks originally watch them again!
Wooo!
Also, WTF and doh. Let's be honest and put the hyperbole aside for a second - nothing talked about at RSA will "have an impact on security for years to come", because nobody cares. It was a bunch of talks about stuff, and now it's over. Some were good, some were bad, same as it ever was. But hamming it up with over-the-topness just so we can justify charging lots of money to let people hear it who couldn't make it / afford it? Man, that sucks. That sucks ass, and is a terrible, exclusionary idea.
If there was anything of worth, of interest spoken about at RSA, how are we helping to spread those ideas by chaining them to full conference passes or extortionate amounts of cash after the event is long gone?
And why is it always just about the "security industry" anyway? There's a whole variety of people and initiatives that likely fall outside that narrow definition (purely because they're not running around yelling BUY THE BOX!) and yet they're just as active, just as important to the security scene as anyone else.
But of course, they didn't pay stupid amounts of money to attend and so don't count. Excuse me while I roll my eyes. How many people attending these conferences are only there because their company paid for them to go in the first place? And how many of those people wouldn't come within a hundred feet of security conferences if they actually had to pay up themselves?
Nobody can claim access to 365 session recordings for $395 is good value for money, because nobody in their right mind is going to listen to three hundred and sixty five sessions unless they are clinically insane.
Anyone with any interest in RSA2008 that didn't go is more likely to want to hear the odd handful of sessions - and here's a breaking newsflash, they are NOT going to pay out four hundred bucks just to hear them. I don't believe RSA have a "reduced fee" anywhere to listen to (say) five talks, but meh, even that would suck.
I really doubt half the people at RSA on free Full Conference Passes (courtesy of their company) would complain if people who didn't attend got to hear the talks for free after the event. Again, by this point nobody cares, right? It's now just a bunch of talks at some conference somewhere, and everyone is now too busy gearing up for the next conference in a few weeks or months time.
And if someone argues that it's not good form to have the great unwashed masses listening in for free when all those companies had to stump up tons of cash for full conference passes? Well, too bad for all those companies. Surely half the fun of the full pass is the chance to hear people speak in person that you always wanted to see present twenty feet away from you - not simply possession and apparent ownership of the words that came out of their mouth.
To me, security is all about protecting those same "great unwashed masses" with as much vigor and force as the companies at RSA devote to protecting enterprise and business customers - great unwashed masses that (currently) don't have a hope in Hell of hearing talks that might actually contribute to making them consider security a little more in their day to day lives.
It all seems a bit greedy and possessive to me, but then I only spoke at RSA.
Offtopic: Arbitrary Attacks on Videogames Annoy Me
Peter Hitchens wheeled out a predictable attack on videogames - namely Grand Theft Auto 4 - in the print edition of the Daily Mail today. His tortured logic spilled onto his weblog, so I left him the following reply:
"Could it possibly be bad for a child or a teenager to spend long hours impersonating a violent car thief?" (Hitchens)
Could it possibly be bad for you to write a "won't somebody think of the children" missive to whip up the usual sensationalist panic about videogames while (predictably) failing to mention the product in question is clearly labeled 18 for adults?
Rather than decry the game, perhaps it might make more sense to attack gamestores that happily sell products aimed at an older market to kids. Perhaps it might be better to attack the parents that thoughtlessly hurl products aimed at an older market at their children.
Unless, of course, you're *also* going to blame the collapse of Western civilization on every single activity aimed at someone over 18 along with the horrors of GTA4?
The gaming market has grown and aged with the products. I've played games for 25 years, and I don't particularly fancy playing "super happy hooray for everything" anymore.
Thanks for trying to limit my choice of personal pursuits via the agenda you're pushing without even bothering to try the product in question.
If you *had* actually tried the game, you wouldn't be writing it off as a senseless, lawless gunfest with no consequences, morals or anything approaching depth beyond "kill everything in sight".
It's mature, its intelligent, its - shock horror - actually very grown up, and at least one major videogame site said of this game in its review that the more realistic and serious nature of the lead character meant that they were actually *less* inclined to go on a gun rampage, because it "didn't feel like something the character would do".
To impress upon a player that sense of depth with regards a fictional character jumping around on a screen is pretty impressive. To do such a thing when it could be argued the basic mechanic of the title is to shoot people, even more so.
But of course, you're too busy wheeling out assumptions and blanket statements.
* Credit Card up for Renewal? Then Beware This Phish: A funky little diversion through a Phish scam that caught my eye simply because my credit card was due to expire.
* The Spectre of Rogue Facebook Applications, Back Once More: Ooh, it's all kicking off with Facebook applications again!
* Pinont.com - No Need to Panic: Aargh, it's an apocalyptic wave of.....viagra spam.
* Beware - New MSN Messenger Password Stealing Program in the Wild: This is a pretty slick application for scumbags everywhere - click a few buttons, and hey presto, a ready-rolled executable that can be used to steal your MSN Messenger login credentials. here's the Client:
And here's what the attacker will see with the click of a button, assuming the victim let the infection file execute on their PC beforehand:
Would you like a side order of WTF with those fries?
Sometimes I see things that break my brain.
This is one of those things. Sighted on Facebook, the content falls somewhere between comical and extremely creepy, so of course I'm publishing the whole glorious train wreck below:
.....what??
I love how "I am dead" is thrown in as an afterthought, like having pencil shavings up your butt and not having any nose or ears wasn't quite bad enough.
Bonus points if you can work out why it has a random picture of two teens hugging attached, too. As for "don't send it to me", I can't say I have any dead seven year olds missing half their face waving kitchen knives on my friends list to send this to, but oh well.
Haven't had one of these for a while, so here goes.
* Here Phishy, Phishy and Booze & Binders: Some leet hax script kiddy applications currently in circulation. I'd throw in a picture here, but amazingly the Blogger image upload tool is broken. Again. Blogger is full of so much win and awesome, and by win and awesome, I mean crap and fail.
* Locking down Facebook Chat: Nothing particularly revelatory, but a little delve into the wonderful world of Facebook Chat, or (to be more accurate) how to get rid of the damn thing if (like me) you had no clue what you were supposed to click on when confronted by hundreds of people saying HELLO LOL. Once more, no pictures. Blogger. Fail. Epic fail.
* Myspace - Who is Watching the Detectives Part 3: Did Myspace ever fix their "system error" that allowed people to view exactly who had been snooping round their profile pages? Click this and find out. Ooh, the suspense.
* Off-Topic Fun: Videogames are Awesome: Spurred on by my post about the Dreamcast phishing incident a few weeks ago, I decided to go deep into off-topic country and post up a bunch of my old videogame systems. I used Flickr for these images, so nothing stops me from posting these up:
I encourage anyone remotely interested in old game systems to post up some screenies of their collections. I had planned for people to post their links directly on Spywareguide, but it appears the hope invested in the comment fixing was a little premature. With that in mind, post your links here and when (if) the comments start working again on SPG, I'll port everything over there.
For the last month or so, my Feed subscriber count has been fluctuating wildly - it currently says 1,319 which is correct but (more often than not) keeps showing at around the 900 mark, which is way off the real total. I eventually worked out that this is because Feeburner is having issues with anyone subscribed to the site via Netvibes as they upgrade to their new release.
Whoops.
Apparently they claim subscribers aren't affected, it just makes your stats look more rubbish than they actually are. I've noticed this sudden drop-off affecting quite a few security blogs out there so if you're wondering where all your subscribers are going, it's down to Netvibes. No ETA on when this will be fixed, which sucks.
April 28th, 2008 For Immediate Release: Contact: Colonel Custard (aka the corporate criminal creamer)
Footage available: www.GreenwashGuerrillas.org
Greenwash Guerrillas Pie Thomas Friedman at Brown University
YouTube Censors Video; Pie Thrower Faces University Disciplinary Procedures
Providence, RI - New York Times columnist and author Thomas Friedman was pied by the Greenwash Guerillas while giving an Earth Day Lecture at Brown University. The Greenwash Guerillas targeted Thomas Friedman because of his support for U.S. military intervention in the Middle East, neo-liberal economic policies that harm the world’s poor, and especially for promoting bogus solutions to the global climate crisis.
"We sought to expose the hypocrisy of allowing Friedman, who is known for his influential support of U.S. wars for oil in the Middle East, to call himself an environmentalist,” explained Greenwash Guerrilla Margaree Little. "He has blood on his hands that no amount of 'green' can wash away."
Little, a Brown University student identified as one of the pie throwers, faces University disciplinary hearings, potentially including expulsion. Colonel Custard, the second pie thrower, remains at large.
Little and Custard jumped on stage as Friedman began his talk, entitled “Green is the new Red, White & Blue.” The talk focused on how green technology and corporate environmentalism can restore the United States to its "natural place in the global order."
They tossed two green-colored cream pies at Friedman and dashed off as leaflets denouncing Friedman were thrown to the crowd. According to the pamphlets, “On behalf of the earth and all true environmentalists – we, the Greenwash Guerillas, declare Thomas Friedman’s ‘Green’ as fake . . . as the cool-whip covering his face.”
The Greenwash Guerillas object to Friedman’s support for nuclear power, coal power, industrial biofuels, and carbon trading markets. "These false solutions are smokescreens, intended to generate massive corporate profits while creating global humanitarian and environmental disasters,” said Colonel Custard.
Video of the pie throwing incident was posted on YouTube, and received close to 70,000 views in 36 hours, making it one of the most popular videos on the site. Without notice, YouTube abruptly censored the video, removing it from the website. Hundreds of news outlets, blogs, and websites had linked to the video. The Greenwash Guerillas have reposted the clip at: www.GreenwashGuerrillas.org
"Given the many other pieings on YouTube(1), the removal of the video can only be understood as an act of political censorship," said Little. "One has to wonder whether Friedman, a billionaire with a lot of connections, has more influence than “you” on YouTube."
“The Greenwash Guerillas chose the harmless and humorous tactic of pie-throwing because our goal was to take this perpetual charlatan off his new green pedestal,” said Colonel Custard. “Friedman’s support for coal and nuclear power is as misguided as his counsel on Iraq.”
This is the second time Friedman has been hit by a pie. In October 2002, he received a banana pie to his face while promoting his writings on free-market globalization in Boston."
Now, that's a pretty awesome thing to appear in your mailbox by any standards.
However.
Someone getting a pie in their face gets removed from Youtube, but insanely stupid crap like idiots juggling cats (warning: an idiot juggling a cat) and an endless stream of leet hax videos never seem to get canned?
Meh, whatever. I will say that the options for reporting hacking videos on Youtube are limited at best - if you're not reporting a copyright violation, physical attacks or animal abuse (though I guess the animal abuse option is broken, seeing as a moron is still juggling his cat) then you're pretty much up a creek without a paddle.
Remember this guy? Sure you do. Well, he's back again with another breathtaking display of getting-it-all-wrong.
Fish, meet barrel. It's clear our anonymous superhero isn't going to reveal their identity OR say anything even remotely approaching common sense, so this one goes out to you, whoever you are:
"Catching the Script Kiddies" - now that's interesting. The words "script kiddy" sometimes get the odd mention in news articles, but only usually as a passing reference. This is the first one I've seen in a loooooong time where they were the primary focus of the piece.
Hacking school computers, no less. Well, I hope they were better at it than this guy. No wait, I don't. Meh, as long as they got busted it's all good.
I doubt this is the start of a massive trend of "let's write about kids hacking stuff", but good to see it pop up as a fully fledged article somewhere. More, please.
Categories
