DojoCon DDoS Video

Posted December 16th, 2010 by

My DDoS presentation at DojoCon on Sunday.  A big thanks to Marcus J Carey for organizing the con and Adrian Crenshaw for doing the recording.

Michael Smith, @rybolov DDoS from Adrian Crenshaw on Vimeo.

Similar Posts:

Posted in Cyberwar, Speaking, Technical, What Doesn't Work, What Works | 2 Comments »

no rly, iz protest

Posted December 16th, 2010 by

Inspired by Anonymous, Operation Payback, and the “DDoS attacks as a legitimate form of protest?” article at ZDNet

iz virtual kitteh sit-in

Similar Posts:

Posted in IKANHAZFIZMA | 1 Comment »

WikiLeaks: Coming to an Agency Near You

Posted December 9th, 2010 by

Nope, we’re not going to talk about ego trips, hidden agendas, or complete irresponsible transparency.  This blog post is about some of the fallout inside the Government security teams.

The powers that be would like to remind you that downloading classified documents off the Intertubez does not make them unclassified.  An anonymous source that I talked to last week gave me the info that they were busy tracking their users’ browsing behaviors so that if you (the hypothetical you) went to WikiLeaks and downloaded a classified document, the InfoSec goon squad would show up outside your cubicle to shred your hard drive because you had just been responsible for a classified spillage–ie, your unclassified desktop now has classified material on it and as per procedure the only way to deal with the situation is to overwrite your hard drive and reimage it.  I have a couple thoughts about this:

  • Where were the InfoSec goons when their users were getting drive-by malware from questionable sites?
  • If it’s on TV, it’s not a “secret” anymore.
  • Don’t our InfoSec teams have something better they can spend their time doing other than being the WikiLeaks monitor?

And then there’s the Ambulance Chasing Department.  According to a different anonymous source, the vendors have descended upon the State Department hawking their security solutions, including this gem of a webinar.  Not quite sure what the webinar is on, except that they’re targeting you to sell something.

From: Prism Microsystems

Sent: Wednesday, December 01, 2010 10:01 AM


Subject: Webinar: Prevent “WikiLeaks-type” Data Loss

Webinar:  How to Prevent “WikiLeaks-type” Data Loss in Government Networks

Following the most recent publication of classified documents by WikiLeaks, government agencies are reviewing current provisions for protecting classified and top secret data – they are also researching best practices and alternative methods to monitor, prevent, and document data loss.

Attend this webinar to learn:

  • how the leaks happened
  • telltale signs of a leak
  • what you can do to prevent them

Leak picture by jillallyn.

Similar Posts:

Posted in Rants | 4 Comments »

Visitor Geolocationing Widget: