Security Stallions Blog "Musings of all things infosec…"

The Digs – 02.01.2010

Well.  Hi there!  I know, it's been a while.  So long, in fact, that I swear when I fired up this new post I could hear the gears of the backend squeak to life as they've been sitting idle since last September.  Yes, it's been far too long and much has and hasn't changed.  Why bore you with the details though?  Let's get back to where we left off.

One quick note before we get started.  A quick read would have noticed the name change to "The Digs".  I find it laughable now (the wonder of hindsight) that I had such high hopes for being able to do this every day.  Truth be told there's far too many things elsewhere and too little time.  Here's your new SLA: "The Digs" will appear on average 2-3 times per week catching up between posts.  And now, on to the digs...

First up is Gunnar.  I like Gunnar 1) because what he says is most often highly cogent and 2) because he has to deal with cold shitty winters too.  Thanks Gunnar.  Oh and thanks for finally bringing up APT.  There's a point in the post about the $6 billion in arms we're sending to Taiwan that will, likely, impose sanctions of what China buys from us in the future.  Here's my reply:  "Dear China, How's it going?  Don't worry about that whole Taiwan thing.  I've seen the shit we were selling to Taiwan a few years ago and you've got no worries.  Really, it's kind of like the toy you get out of a Cracker Jack box (because it'll all be yours eventually anyway).  If you don't understand the Cracker Jack thing I'm sure there's an article on Wikipedia.  Later China!".
[APT - The Sonny Response or the Michael Response?]

I like hardware.  Except when it sucks.  I'm often confused why small (and even medium sized) businesses buy hardware from large vendors (like those that start with a 'C' and end with an 'isco' - don't get me wrong, there is a time and a place along with an OC-12) when all they want to do is bring in some simple routing functionality, with a sprinkle of firewall and maybe, if they're feeling saucy, some IPsec on top.  So when I saw this new Netgear appliance and it's awesome price of roughly $275 I said to myself: "Wow, that underpowered old Linux kernel that will rarely ever be updated is just up my alley!".  OK, I didn't say that.  But, really, if you want that sort of thing people just pay someone to deploy and manage some pfSense boxes for you.  But if you're really still interested, by all means...
[Netgear Releases New Gateway Security Appliance]

OK, full disclosure here: I am the whipping boy over at Securosis (aka 'the intern').  But I'm glad someone said it (thanks Adrian!).  To all you big guns out there scrapping what you've got in house and churning out your next big thing - Agile & Scrum sux0r for your security.  Yeah.  SUX0R (with a capital zero).
[Firestarter: Agile Development and Security]

I laughed when I saw this next one.  Make sure you defrag your "Secure End Point Management (SEPM) server boys and girls!".  Well, for starters that implies it's probably running some old version of Windows.  Oh yeah, they state 2003 in the article.  Maybe it runs on Windows ME though, you never know.  Oh, and it's x86.  Awesome.  SEPM jokes anyone?  The article title just makes it sound incontinent or something.
[Defrag Your SEPM Server Regularly]

I'm not going to say much about this next gem I found over at NetWitness other than the fact that if you really think IDS started "several negative trends that are still affecting the psyche of security personnel today" then maybe the blue pill really is for you.
[IDS Legacy is Institutionalized Failure]

So last year I had a conversation with someone about IE6.  To preface - I know of a special place I visit on a regular basis during the week that still has IE6 as part of their base workstation build.  Anyway, so I had a conversation last year about when this individual thought IE6 would be irradicated from the environment.  And their answer was around 2012 or 2013 when XP wouldn't be their base OS.  I proceed to choke on my coffee.  They, on the other hand, were serious.  So I love to spam people like this with all of the love in the air for IE6 as of late.  Because, really, you thought even Microsoft could save such a fine piece of work?  Fat chance.
[Tide Turns Against IE6 as Usage Drops]

Let's round out our first post for 2010 (and hopefully not the last) with another great one that has to do with China.  The EFF has an article up about how US based companies need to shore up selling products that "selling Chinese authorities the surveillance equipment used to commit or facilitate human rights abuses".  This assumes that 1) China hasn't already ripped off IP from these companies which could be used to, well, remanufacture them and 2) that China doesn't have the upper hand from a monetary perspective right now.  Just food for thought.  Wasn't Cisco's source ripped off a few years ago anyway?  China could just always run a big virtual network with GNS3 anyway, right?  :)
[Seven "Corporations of Interest" in Selling Surveillance Tools to China"]

We'll leave you with these final links...  Thanks for reading!

[New Laws Close in on Hackers] - Seems rather timely, no?
[Cable Modem Hacker Faces Potential 40 Year Prison Term] - The Internet just wants to be free, what can I say?
[Researchers Uncover Security Vulnerabilities in Femtocell Technology] - Where "technology" should say "hardware" because, surprise surpsrise!  Your shitty embedded Linux hackery was reversed.
[Adobe Flash Security on Menu at BlackHat] - As if to say any Adobe technology hasn't been on the menu for the past, what, 5 years?  Keep on keepin' on Mr. Mike Bailey!