tag:blogger.com,1999:blog-37798047.post5899602349166921242..comments2024-01-16T05:48:33.523-05:00Comments on Errata Security: The know-nothings of cybersecurity David Maynorhttp://www.blogger.com/profile/09921229607193067441noreply@blogger.comBlogger8125tag:blogger.com,1999:blog-37798047.post-91918769450265218172013-10-30T11:50:58.810-04:002013-10-30T11:50:58.810-04:00You can also access any blocked site if you want. ...You can also access any blocked site if you want. For that you just need to click on this link if you are willing to open any blocked site.<br /><a href="http://websiteproxy.co.uk/" rel="nofollow">access via proxy </a>Send Flower Pakistanhttps://www.blogger.com/profile/04201527870889773578noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-4641212317867550222012-09-20T01:10:04.448-04:002012-09-20T01:10:04.448-04:00Re: the "slack area of memory thing"
Th...Re: the "slack area of memory thing"<br /><br />That's exactly what I mean. Witty sent packets of variable length. If infected with a 700 byte packet, it might copy itself and send out an 800 byte packet -- that's 100 bytes of slack memory copied into the outbound packets.<br /><br />It's not a perfect chain. Sometimes a system infected with a longer packet sends out shorter ones, thus removing one or more hops in the visible chain. But enough of the chain was visible to prove beyond a reasonable doubt that the infection spread normally and was NOT the result of a pre-seeded hit-list.<br />Robert Grahamhttps://www.blogger.com/profile/09879238874208877740noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-80843309829853338412012-09-19T13:45:48.856-04:002012-09-19T13:45:48.856-04:00Could you explain the "slack area of memory&q...Could you explain the "slack area of memory" thing?<br /><br />I always heard the term as referring to non-zeroed areas of memory that sometimes hold interesting previous data, but unless you had access to the machines involved I don't see how you can reconstruct the infection graph.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-37798047.post-76792526020339769312012-09-18T23:32:02.770-04:002012-09-18T23:32:02.770-04:00"But his piece is reverse-hominem [is that a ..."But his piece is reverse-hominem [is that a thing?]."<br /><br />Could be 'appeal-to-[self-]authority' leading to 'poisoning the well'Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-37798047.post-9165736227569476472012-09-18T18:37:08.189-04:002012-09-18T18:37:08.189-04:00To me, the worst "know nothing" in compu...To me, the worst "know nothing" in computer security tend to be the cryptographs. They seem to consider that because they came up with a cipher, they know everything about computer security when in fact most of them would be incapable of explaining what a buffer overflow is. <br /><br />The "problem" is that they tend to have what seem to be valid credentials (PhD, publications, etc...) so few people call them out.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-37798047.post-74429879373306766782012-09-18T18:22:21.712-04:002012-09-18T18:22:21.712-04:00For a long time, thought I was the only one seeing...<br />For a long time, thought I was the only one seeing this "phenomenon".<br /><br />Imagine working in a company who employs people without practical software knowledge (didn't even know what version control is) while these people actually gives briefings and presentations to actual software programmers, designers etc on software frameworks, best practices, design processes, software configuration, security, safety etc.<br /><br />This is a mad word.<br /><br /><br />Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-37798047.post-60835189111224155362012-09-18T18:16:27.566-04:002012-09-18T18:16:27.566-04:00I would call charlatans those people who claim exp...I would call charlatans those people who claim expertise they don't really have, like claiming to have configured a firewall when they haven't.<br /><br />The thing about know-nothings like Stewart Baker is that he hasn't claimed to have configured a firewall, but claims expertise nonetheless.Robert Grahamhttps://www.blogger.com/profile/09879238874208877740noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-91725897607061829642012-09-18T18:02:16.834-04:002012-09-18T18:02:16.834-04:00Where do you figure these people fit in on the sca...Where do you figure these people fit in on the scale of experts to charlatans? Somewhere in the middle, or dangerously close to causing major problems?Steve Syfuhshttp://www.syfuhs.netnoreply@blogger.com