Quick thought, I was listening to MSNBC this morning and I stumbled upon a statement by a correspondent that identified her as attending a party for most of the night yesterday evening (something that is fairly common at the DNC/RNC where food, beverage and entertainment are usually free on tap) that was sponsored by the One Campaign group and the Recording Industry Association of America (RIAA). Why is this significant? I’ll tell you. Continue reading ‘RIAA Lobbies at DNC’
27
Aug
RIAA Lobbies at DNC
In a quick post reflecting on Chris Wysopal’s commentary related to a article from our friends at Veracode, I would agree that their security model was flawed, but perhaps disagree from a business perspective in MBTA’s decision to attempt to silence the three MIT students exposing a gaping security flaw. Continue reading ‘MBTA Put Profit Before Security?’
As the 2008 Beijing Olympics loom closer, the perceived threat of open international journalism on the Internet in the eyes of China increases dramatically. Who would have thought that the Chinese government would have been so open to a free accessibility to a unfiltered, unfettered Internet? Apparently the International Olympic Committee (IOC), the governing/planning body of the Olympic games, foolish as that may have been to surmise from the vague conditions put forth by the Chinese government in it’s bid to claim these Olympic games. Perhaps the IOC never heard of the infamous ‘Great Firewall of China’? Continue reading ‘Chinese Pervasive Censorship Culture’
You tell us… at this point, we don’t know what could have possibly been going through Matasano Chargen’s collective mind when they commented on Halvar Flake’s hypothesis (reference: Halvar Flake) and posting that content directly to the web - this unfortunately doesn’t mix well with the already ’scene’ headache over Dan’s less-than-forthcoming disclosure method (source: Dan Kaminsky / DOXPARA | here, here & here) which has earned him stars in vendor / whitehat handbooks and a big black X with a lot of his INFOSEC counterparts or fellow researchers as briefly depicted here (reference: C|Net News). Whether or not this really hit the nail on the head, it seemed to have raised enough eyebrows this week.
Continue reading ‘Unintentional Betrayal or Faux Ignorance?’
More than a week later, we mull over Dan Kaminsky’s recent finding that has directly impacted the Internet and it’s support industry, vendors and consumer and stirred controversy that has led some to speculate whether he is only looking for exposure before his talk at the BlackHat briefings this year - we’re posting this poll, referencing his article to see what you think of his disclosure motives or the lack thereof.
You might say, “Why haven’t you written an article on it?” - To be clear, we haven’t blogged about it simply because everyone and their mom has already and we think some of the more provocative ones get to the point here and here.
Dan Kaminsky's DNS bug is...
- Very Important! (73%, 33 Votes)
- Moderately Important! (16%, 7 Votes)
- Searching for 15 Seconds of Fame! (11%, 5 Votes)
- Not Important! (0%, 0 Votes)
Total Voters: 45
Loading ...As a brief thought, I was reading some analysis materials and a white paper on ballistic forensics and how scientists are overcoming barriers to processing crime scenes involving a firearm that utilizes ballistic projectiles. As a strong proponent of our right to bear arms, responsibly, in the United States, I also find myself increasingly interested in the advancements of industry on trace ballistic evidence which can be assessed in a criminal event. There are several dozen parameters, metrics and material analysis processes that take place in the dissection of these specific type crimes, but what happens if the firearm itself leaves little or no trace other than a projectile which decimated it’s target?
Continue reading ‘Proactive Action Needed in Ballistic Forensics’
This article will probably not inspire everyone, but I hope it highlights some of the interesting evolutions in computer hardware and how computers are going to evolve over the next couple of years.
CUDA is a new technology from Nvidia which, as much as possible, gives you access to the power of your commercial-grade graphics card. There are now quite a number of nvidia cards that allow you to use this technology.
Basically, CUDA is an API interface to your graphics card. A GPU doesn’t look like your main CPU that you have in the computer, it’s actually composed of a number of multi-processors, each containing smaller processors that work in unison on the chip. Continue reading ‘High Performance Computing with CUDA’
I understand this post will only appeal to a very small group of developers, however I find it useful. Hibernate is a ORM service for Java. ORM stands for Object/Relational Mapping, meaning you can map your plain old Java objects (POJO) directly to your chosen database tables and columns with ease. Hibernate will even build your Java classes as database tables and columns for you! One of the biggest performance issues for newer developers working with databases is managing connections. Continue reading ‘Connection Pooling in Hibernate using C3PO.’
03
Jun
Server Up for OSX86Scene
We enjoy watching Internet-based grassroots efforts flourish, opening doors to universal access and we think our friends at the OSX86Scene are doing just that. Through relations cultivated between a contributor of theReformed and the OSX86Scene, we’ve recently decided to move forward and link our private irc server to others, complimenting several associates of ours have donated for the new Internet Relay Chat (IRC) network they’re building @ irc.osx86scene.com . We encourage viewers of our site to utilize this new resource at their leisure. As always, user participation is key in the development of this project. Continue reading ‘Server Up for OSX86Scene’
01
Jun
Securing Data OffShore
I recently wrote an article for InformationWeek, How To Assess Offshore Data Security. You should read it, it is a good piece. Of course I am biased.
There are a few points I want to add that did not fit directly into the article. These points apply to all infosec programs, so even if you don’t care about offshore security keep reading.
Continue reading ‘Securing Data OffShore’
