Disqus - Latest Comments for DennisF

Re: Amit Yoran on Cyberwar, Federal Cybersecurity and the Evolution of Threats

DennisF — Fri, 28 Aug 2009 14:37:37 -0000

Agree completely.

Re: New WiFi Attack Cracks WPA--Again

DennisF — Thu, 27 Aug 2009 10:17:06 -0000

Right, thanks. I fixed it.

Re: Snow Leopard Gets an Anti-Virus Scanner

DennisF — Wed, 26 Aug 2009 11:01:27 -0000

How is that even relevant? The point is that attackers are focusing more attention on OS X these days, not that there's more malware for OS X than for Windows.

Re: Hackers Using Trojans to Steal One-Time Passwords

DennisF — Fri, 21 Aug 2009 09:43:09 -0000

There are some banks that do that sort of thing already, with a call to a cell phone or landline that is registered with the bank and nearly impossible to change. But there are potential problems with that as well. It's all a race against the clock.

Re: Apple Warns of Mac Attack Risk via Image Files

DennisF — Thu, 06 Aug 2009 12:47:39 -0000

But, wait. I thought Macs were unhackable.

Re: Irresponsibility Runs Amok at Black Hat, Defcon

DennisF — Tue, 04 Aug 2009 15:53:52 -0000

I couldn't disagree more. Too many problems to mention, but one glaring issue is that the LoJack thing isn't a vulnerability. It's a rootkit that sits on millions of laptops. There's no fix for that aside from rip/replace.

Re: Researcher Uses New Linux Kernel Flaw to Bypass SELinux, Other Protections

DennisF — Sat, 18 Jul 2009 13:06:06 -0000

I updated the story to credit Tinnes and Ormandy for the exploit technique. Thanks for the info.

Re: A Cyberwarfare Reality Check

DennisF — Thu, 09 Jul 2009 12:53:37 -0000

Some of the points may be obvious, but they're routinely overlooked by a large portion of the general press and the analysts/pundits who love to expound on this stuff. The reality is these attacks happen constantly and when this stuff shows up on the Today show, someone needs to bring everyone back to reality.

Re: Demo: Exploiting the Microsoft MsVidCtl DirectShow Flaw

DennisF — Wed, 08 Jul 2009 09:14:42 -0000

Thanks Lenny. I should also mention that IE 8 is NOT vulnerable to this attack.

Re: Koobface Worm Infections Exploding

DennisF — Tue, 07 Jul 2009 12:35:58 -0000

I'd agree with most of that. The bots that auto-follow users on Twitter have become a major problem, and many of them are pushing malware. And the engineers on these sites have not caught up with the problem.

Re: Mass Attacks Exploiting 0-Day in DirectShow

DennisF — Mon, 06 Jul 2009 16:10:50 -0000

The recommended mitigation from Microsoft seems to be to set the killbit on that DLL. If you're using Vista, you're not vulnerable. If you're using IE 8, you're safe, too.

Re: Mass Attacks Exploiting 0-Day in DirectShow

DennisF — Mon, 06 Jul 2009 13:33:32 -0000

You're right. It's the msvidctl.dll. I've changed it. Thanks.

Re: Microsoft Takes the Lead in Security

DennisF — Mon, 22 Jun 2009 06:09:02 -0000

That's a frustrating situation, I'm sure, but it's separate from the software security initiatives that this article is talking about. However, I am going to have one of Microsoft's Xbox Live security officials on my podcast soon and will talk about this trend with him.

Re: Short list emerges for cybersecurity czar job

DennisF — Fri, 12 Jun 2009 10:32:45 -0000

Yeah, you did talk about it on the podcast. It's possible, but I still feel like he's been there already and he's got a nice, high-paying gig at Microsoft which he'd have to give up just to do this job for a year or 18 months.

Re: New attack class exploits intranet weaknesses

DennisF — Thu, 11 Jun 2009 13:07:32 -0000

You make a great point. The discussion I had with Hansen about this was a long one and covered a lot of ground, but most of it focused on the characteristics of these networks that enable the attacks. The JavaScript issues are well documented, as are the browser problems, so what was really new here was applying those techniques to the RFC-1918 networks, which is why the story focused on that.

Re: Adobe slaps band-aid on 13 security holes

DennisF — Wed, 10 Jun 2009 09:40:41 -0000

The silent fix trend is getting out of hand. I'm all for vendors discovering flaws in their own products and fixing them, but tell us what they are.

Re: Encrypted tunnels: Enabling users to circumvent security controls

DennisF — Mon, 01 Jun 2009 15:42:02 -0000

Points well-taken. But I think that Matt was just pointing out that these tools can be used for malicious/unwanted purposes, not that the tools themselves are evil. But as you point out, that's true of most tools. The larger point, as you said, is that users who really want to find a way around Internet controls will do so.

Re: Snow Leopard security is all relative

DennisF — Mon, 18 May 2009 08:55:22 -0000

Re: Miller being a liar: evidence please. And I'm not defending anyone or any specific OS. Miller does a lot of work on Mac security, so he knows what he's talking about. If you prefer to think that there are no threats to Macs, that's your prerogative.

Re: Snow Leopard security is all relative

DennisF — Thu, 14 May 2009 16:30:24 -0000

You can hear it from Miller's own mouth here: http://threatpost.com/blogs....

It didn't take him anything like a year to do it. Listen to his assessment of OS X security and then see what you think.

Re: Snow Leopard security is all relative

DennisF — Thu, 14 May 2009 16:19:23 -0000

Paycheck has nothing to do with it. I'm not a freelancer. I only used Enderle as an illustration of the point, not as an authoritative source.

Re: Do we really need a cybersecurity czar?

DennisF — Thu, 14 May 2009 09:52:51 -0000

I've been following the Congressional hearings and know Spaff well. The license idea has been kicking around for a while and I personally like it, but I'm not sure how it would be implemented. Who qualifies as an IT pro? What are the criteria? And who does the licensing?

Re: Snow Leopard security is all relative

DennisF — Thu, 14 May 2009 09:23:59 -0000

It didn't take Miller a year to develop the exploit. He had it ready the year before at CSW but didn't need to use it because he had another one that that worked. So he had it in his pocket for more than a year and then used it. Big difference.

Re: Snow Leopard security is all relative

DennisF — Wed, 13 May 2009 14:36:18 -0000

A good point, Larry. But then again, they're Apple. They don't care what businesses want, unless those businesses are run by 22-year-olds.

Re: Do we really need a cybersecurity czar?

DennisF — Wed, 13 May 2009 09:26:16 -0000

You make some excellent points. In regards to the cybersecurity czar having influence over the private sector, unfortunately history has shown that just doesn't happen. Industry is reluctant to listen to someone they see as a political appointee, especially when some of the suggestions might cut into profits or put them at a competitive disadvantage.

Re: How employees evade IT security controls

DennisF — Mon, 11 May 2009 15:35:45 -0000

That's one of the key problems with trying to stop employees or students from doing what they want online: There's always someone who has figured out a way around the controls already.