roger s information security blog feedshow rss reader -


Roger S Information Security Blog Feedshow Rss Reader

  • Jailbreaking iPhones became a big thing for a while.   People like to tinker.   Is jailbreaking necessary anymore?  Jailbreaking predates the appstore.   Now the phrase theres an app for that is a cultural meme.   Jailbreaking was also used to get the phone onto unapproved carriers.  iPhone is now available on Verizon, and a third carrier rumored soon.  There is tethering, but now the phone company wants to sell that to you and will probably catch up with you if jailbreak to tether.    iOS5 is rumored to be bringing in many of the features formerly only available through jailbreaking such as an approved alert system and wireless syncing.   Facetime over 3g was also rumored for iOS5.

  • .    Yes, jailbreaking does weaken the security of the device by circumventing the security architecture as designed by Apple (code signing, running apps as user mobile in a sandbox, etc).    In 2009, he was more bold stating , The process removes around 80 percent of the security protections built into the phone’s software, making it more vulnerable. 

  • Unlike MDS rather than using a special browser where all traffic is proxied through the Blackberry server, Good Secure Browser allows you to list the domains or sites that are allowed.   This is theoretically more secure than Blackberry because least privilege insists that you only allow access to what is needed.   Ive seen some recommendations to firewall the Blackberry Enterprise Server so it cant access just anything in the organization.

  • It seems the Secure Browsers allowed domains list is nothing more than a false sense of security.   The Secure Browser manual (which wasnt available when this feature was first rolled out as a beta) says if a user enters a non-fully qualified domain name such as

  • Should we show more situation awareness in our everyday lives?  Most people go through their lives in condition white;  relaxed, unaware and unprepared.  I wonder how many people left DEFCON and used coffeehouse wifi on the way home.

  • .   Also depending on when you started in computers, you’ll have your own memories.   I ran into Happy99 a lot while doing dialup tech support.   Before that, in college I remember people infecting the entire computer lab via sneakernet.  “Weird, my floppy doesn’t work, I ‘ll try the next computer.”   Ugh.

  • Im not sure what I expected culture-wise.   It seemed a bit more buttoned down that I expected.   That may be because I didnt go to DEFCON 101 or the awards.   The only session with the wacky zanyness that I expected was the Jeopary contest.   I guess some of that is growing up, and some of that isnt possible in an event of this scale.

  • There were a fare number of tweets saying the talks this year were as good.  That researchers are more likely to sell their good stuff rather than present at DEFCON.   Dont know if I have an opinion there.   In the past it seemed like all the cool talks at Shmoocon had been previously delivered at DEFCON.   Now I go to DEFCON and find the cool talks were given at BLACKHAT.   And at Blackhat they were given 75 minutes instead of 50.

  • Is a website really analogous to a poster on the wall?   Or is it more like an advertisement held by a sign spinning guy?   You could take the sign out of his hand, but he might fight you for it.    Then again for $5 an hour, he probably isnt that interested.   Maybe that is like a website protected by a Managed Security Provider.  

  • Even if the website had nothing more important than what you would put on a poster, there is a certain amount of reputation on the line.   The poster isnt protected as if it were in a SCIF, but it is in a secured lobby.

  • Computer experts know that websites often contain much more than just the sort of public content that would be  on a poster.   I think computer experts hear The idiot infosec staff at the CIA let their site get hacked.   They should hire me.   Then they make sure the metaphorical Windows are closed and the doors locked and wonder, would I even notice if I was attacked.





  • solidarios marinos canadienses hicieron obra social en albergue
  • saab podria entrar al wrc con el nuevo 9
  • instalacion de microsoft exchange 2007 server y sus pre requisitos
  • enero 2010 kurioso
  • dieta empezamos de nuevo 2008 apuntate aqui
  • en saladas conformaron un comite de emergencia
  • panqueques de manzana

    No hay comentarios para este post


    Envianos tus comentarios!


    < 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24  

    roger s information security blog feedshow rss reader