Tag Archives: belief

[ISN] Oracle, still clueless about security

http://www.computerworld.com/article/2975780/security/oracle-still-clueless-about-security.html By Steven J. Vaughan-Nichols Computerworld Aug 25, 2015 Oracle’s chief security officer, Mary Ann Davidson, recently ticked off almost everyone in the security business. She proclaimed that you had to do security “expertise in-house because security is a core element of software development and you cannot outsource it.” She continued, “Whom do you think is more trustworthy? Who has a greater incentive to do the job right — someone who builds something, or someone who builds FUD around what others build?” Oh. Wait. That’s what Davidson said in 2011! What she said in 2015 was that security reports based on reverse-engineering Oracle code and then applying static or dynamic analysis to it does not lead to “proof of an actual vulnerability. Often, they are not much more than a pile of steaming … FUD.” Davidson’s blog post is one long rant that boils down to, “How dare people analyze Oracle code?” “I have seen a large-ish uptick in customers reverse engineering our code to attempt to find security vulnerabilities in it. This is why I’ve been writing a lot of letters to customers that start with “hi, howzit, aloha” but end with ‘please comply with your license agreement and stop reverse engineering our code, already.’” Because God forbid someone should find a security hole! Oracle backed away from Davidson’s position in less than 24 hours. “We removed the post as it does not reflect our beliefs or our relationship with our customers,” wrote Edward Screven, Oracle executive vice president and chief corporate architect. […]


[ISN] Oracle yanks blog post critical of security vendors, customers

http://www.computerworld.com/article/2969378/security/oracle-yanks-blog-post-critical-of-security-vendors-customers.html By Joab Jackson IDG News Service Aug 11, 2015 Oracle published, then quickly deleted, a blog post criticizing third-party security consultants and the enterprise customers who use them. Authored by Oracle chief security officer Mary Ann Davidson, the post sharply admonished enterprise customers for reverse engineering, or hiring consultants to reverse engineer, the company’s proprietary software, with the aim of finding as of yet unfixed security vulnerabilities. The missive, entitled “No, You Really Can’t,” was issued Monday on Davidson’s corporate blog, then pulled a few hours later. The Internet Archive captured a copy of the post. “We removed the post as it does not reflect our beliefs or our relationship with our customers,” wrote Edward Screven, Oracle executive vice president and chief corporate architect, in a statement emailed Tuesday. […]


[ISN] An unapologetic history of plane hacking: Beyond the hype and hysteria

http://www.zdnet.com/article/a-practical-history-of-plane-hacking-beyond-the-hype-and-hysteria/ By Violet Blue Zero Day May 21, 2015 Headlines and infosec pros alike have been going mental over security researcher Chris Roberts’ alleged mid-flight hacking of a commercial airplane, and his subsequent detainment by the FBI in April. Things got hysterical last weekend when a month-old FBI search warrant application surfaced in headlines hyping the FBI’s belief that Roberts tried to fly the plane by hacking in through the in-flight entertainment system. It remains to be seen whether or not a hacker can make a 747 “do a barrel roll” a la the maddeningly impossible fantasies of CSI Cyber. But as a result, the world is openly wondering whether there’s truth to the assurances from manufacturers and officials that aviation systems are as secure as claimed


Five steps for an unbelievably green and water efficient lawn during California’s drought

Keep your lawn green this summer!

The following five steps will allow you to significantly improve your lawn while saving a tremendous amount of water use throughout the year. The following five steps only take about 30 minutes across the entire year in order to properly improve your specific situation. The simple fact is you do not need to kill off your lawn in order to save significant amounts of water and contribute to the efficiency of water use within California.

By implementing these steps I personally experienced more than 30% reduction in my water use while my neighbors stood in awe of how florescent green my lawn was. When I showed my water bill and the savings to my neighbors they were in complete disbelief because they believed they had to kill off their lawn by reducing their water use to all zero but quite in fact this is not necessary. With proper maintenance, a lawn and your entire yard needs only a fraction of a the water necessary to keep it green and beautiful when you are not properly caring for it.

Step 1. Follow the sun (and the weather).

Often, many of us pay attention to the weather in order to select the right clothing for the day. However many of us ignore the fact that our lawns also need you to adjust your care according to the weather and the amount of sun your lawn will receive. So it is important to note what the weather will be like and the temperature ranges that your lawn will be experiencing along with you during the day.

Step 2. Penetrate your soul (leverage an aerator).



This simple little tool can be used to significantly change the absorption rate of water for your lawn. Imagine that you don’t aerate your lawn, without aeration the water sits on the top layer of soil and if you have a hill or sloped lawn it rolls right off only permeating the very top quarter-inch layer of topsoil. The goal for water efficient lawn is to maintain deep penetration of water into the topsoil and the only way to perform this without overwatering is through aeration. Aeration also has other benefits such as delivering nutrients further into the soil towards the roots of your grass. This is the single most effective way to reduce water usage and it only takes five minutes with this tool found at Home Depot at the following URL: http://www.homedepot.com/p/Hound-Dog-Steel-Spike-Aerator-HDP37/202605484

Step 3. Renew your body (sprinkle some seed).

Re-seeding is an essential step to keeping a quality lawn. Over time and age lawn degrades and the blades of grass simply don’t have the same luster as they once had similar to humans and aging. So it is important to re-seed on a regular basis usually in the springtime. grass-seedThere are many types of seed and you should try and match the type of seed that you already have if at all possible so that you can maintain the look the you desire. For me a simple fescue mix from my local Walmart or Home Depot was sufficient to maintain my own grass in the look that I desired.

Step 4. Take some vitamins (fertilize!).

The next stephandheld-spreader after aeration is to ensure that your grass has quality nutrients delivered directly to its roots, just like our bodies need vitamins so to do grasses and other shrubs we plant our yards. A simple $10-$15 fertilizer sprinkled across your lawn is sufficient to provide nutrients for almost 6 months and significantly improve the health of your lawn and provide for a florescent green and healthy color. This step takes only minutes once every six months. Ideally you can spread fertilizer with the same handheld spreader you use for the seed.

Step 5. Adjust your clocks! (water at the right time of day).

The final step in this process is to adjust your watering habits or your watering system to accommodate our newly renovated lawn. An unhealthy lawn without these maintenance techniques requires 2 to 3 times as much water, leading guidance from common Internet sources to claim watering must be 8 to 10 minutes per day in order for the desired look. However I have found that For my environmental conditions in Northern California,  quite honestly a healthfully maintained lawn only needs one third of the amount of water across to the majority of the year with only exceeding this amount in the highest temperature period of the summer months. The best watering times for grass are during the morning hours between 4 and 5 AM allowing sufficient soak time prior to the sun rising and evaporating the moisture. For my use I also run my water in the afternoon at around 5 PM, ideally you do not want a moist soil all night long to avoid bacteria and moss growth during the evening.

This is a photo of my lawn and my bill usage graph with an over 30% reduction (year over year) in my water use. 







[ISN] I was taught to dox by a master

http://www.dailydot.com/politics/dox-doxing-protection-how-to/ By Joseph Cox The Daily Dot January 06, 2015 There are few things more startling than seeing your private information released online. It makes you feel vulnerable and on-edge, knowing that anyone has the details necessary to throw a brick through your window at a moment’s notice. The act, known as doxing, has become a popular tactic with activists and trolls alike, with members of Anonymous releasing details on KKK members to Gamergate members publishing the personal information of those the movement opposes. While doxers sometimes use hacking or deception to uncover personal details about their targets, contrary to popular belief “most of the info is public,” according to one researcher who has spent years studying and participating in the practice of doxing. All it takes is the right person to put it all together for devastating effect. The researcher, who asked not to be identified, has gained a deep understanding of the various strategies that are used to generate a profile on someone. He agreed to tell me how it’s done. I’m passing on what I’ve learned, so you can better protect yourself against this privacy-destroying practice. […]


[ISN] UK Ministry of Justice fined over prison data loss

http://www.ft.com/intl/cms/s/0/240e2eb2-2d0c-11e4-8105-00144feabdc0.html By Chris Nuttall FT.com August 26, 2014 The UK’s Prison Service can lock its cells but not its hard drives, it seems – displaying a lack of technical knowhow that “beggars belief”, according to the Information Commissioner’s Office. The information rights regulator has fined the Ministry of Justice £180,000 for a second incident where an unencrypted hard drive went missing – in May 2013 – with sensitive and confidential information about prisoners. After a similar case in October 2011, when an unencrypted hard drive containing the details of 16,000 prisoners was lost, the Prison Service issued new hard drives, which were able to encrypt – or scramble – information on them, to all 75 prisons in England and Wales. However, the ICO’s investigation into the latest incident has found that the Prison Service didn’t realise that the encryption option on the new hard drives needed to be turned on to work correctly. […]


[ISN] Navy Systems Administrator Arrested on Hacking Charges

http://online.wsj.com/news/articles/SB10001424052702303417104579544551961937712.html By Andrew Grossman The Wall Street Journal May 5, 2014 WASHINGTON —- A Navy systems administrator assigned to the nuclear reactor department of an aircraft carrier was also the leader of an antigovernment hacking group, prosecutors alleged Monday. Prosecutors say 27-year-old Nicholas Knight, an alleged hacker since age 16, led Team Digi7al, a group that broke into networks belonging to more than 30 governments, companies and individuals throughout 2012 and stole personal information about employees and customers. The group, motivated by a mix of antigovernment politics, boredom and desire to prove itself to the hacking community, then posted some of the information online, according to the charging document filed in federal court in Tulsa, Okla., Monday. Mr. Knight’s arrest is a reminder of the dilemma the government faces as it seeks to recruit young adults with hacker-grade computer chops. Often times, they are indeed hackers. Some aren’t yet ready to give up the darker side of technology or, in the case of Edward Snowden, the former National Security Agency contractor, they hold beliefs that may clash with the Pentagon. […]


Fox News Comments on Thailand: Flight 370

I just saw a news release with Greta Van Susteren about Thailand’s participation in the radar data for Flight 370. I myself have been searching online using DigitalGlobe.com’s satellite data in their crowdsourcing effort to search for flight 370. Although I can certainly understand how some people could be upset by the response that Thailand didn’t provide radar data “because they weren’t asked”. This sort of response is typical of Thai culture. My wife is Thai and I think that amoungst many cultures of the world, Thais are some of the most caring and loving people but their cultural norms make others (especially western cultures) feel like they don’t care. Quite in fact it is very common in Thai culture to avoid conflict and stay out of other people’s problems or situations entirely. In Thai culture their perception is that they are giving respect by staying out of other people’s business and affairs unless a Thai is asked directly to get involved. This is a deep rooted belief and likely why they did not get involved to provide data until there was a specific request for them to get involved. I know this runs contrary to Christian beliefs entirely but it is how the culture operates and this situation is likely being misinterpreted. In personal dealings with my own wife and her family I have found this dynamic to be troublesome and cause of some misunderstandings. I am certain that the Thai people care deeply for the loss of flight 370 just as much as any other country. Additionally the Thai government is in disarray adding difficulties to this scenario with severe problems in their parliament and leadership. I ask my fellow countrymen and others to not sit in judgement because of this odd cultural dynamic. My two cents. Peace!