Are you over 18 and want to see adult content?
More Annotations
![A complete backup of www.tuttosport.com/news/calcio/serie-a/2020/02/15-66762576/diretta_lecce-spal_ore_15_come_vederla_in_tv_e_p](https://www.archivebay.com/archive2/dbe5f0ea-eb4b-4897-a803-b59f102d29cf.png)
A complete backup of www.tuttosport.com/news/calcio/serie-a/2020/02/15-66762576/diretta_lecce-spal_ore_15_come_vederla_in_tv_e_p
Are you over 18 and want to see adult content?
![A complete backup of theunionjournal.com/fulham-0-3-barnsley/](https://www.archivebay.com/archive2/b64bfdc6-8eb2-471d-9db2-0d05380c263b.png)
A complete backup of theunionjournal.com/fulham-0-3-barnsley/
Are you over 18 and want to see adult content?
Favourite Annotations
![A complete backup of highlightsfoundation.org](https://www.archivebay.com/archive2/eef29ae3-4c8b-4b02-a1db-bed0e6f01ef8.png)
A complete backup of highlightsfoundation.org
Are you over 18 and want to see adult content?
![A complete backup of sabbaticalhomes.com](https://www.archivebay.com/archive2/6d44b32f-f92a-474d-b9a6-d434df26b0f2.png)
A complete backup of sabbaticalhomes.com
Are you over 18 and want to see adult content?
![A complete backup of thecitymarketkc.org](https://www.archivebay.com/archive2/211487a1-a555-4d90-9877-d56c9e192e4a.png)
A complete backup of thecitymarketkc.org
Are you over 18 and want to see adult content?
![A complete backup of mediamarmalade.com](https://www.archivebay.com/archive2/c71efc9f-a9c7-4b58-811a-30f6189baa52.png)
A complete backup of mediamarmalade.com
Are you over 18 and want to see adult content?
![A complete backup of davesgeekyideas.com](https://www.archivebay.com/archive2/f64d9490-4beb-48b8-aa66-9301da075c02.png)
A complete backup of davesgeekyideas.com
Are you over 18 and want to see adult content?
Text
blog go.
WRITING AND RAMBLINGS » ABOUT My name is Martin McKeay, and I started blogging about security in August of 2003. I was in a job where I had plenty of free time and SSH access to my home servers. WRITING AND RAMBLINGS It’s been an interesting ride ever since Edward Snowden came out with the revelations about NSA spying efforts two years ago. There was a huge public outcry at first, both from the side who believes spying on your own citizens is necessary and from the side who believes spying on your own citizens is a vital tool in protecting them. WRITING AND RAMBLINGS » RAMBLINGS ON WRITING Sigh. Last weekend I wrote a long, hand-crafted, artisanal post on why it’s been so long since I wrote for my own purposes. It was beautiful, deeply thoughtful and a worthy debut after having been out of the blogging sphere for so very long. WRITING AND RAMBLINGS » A SWARM OF CARS It’s a given that we will have ‘intelligence’ in our cars within the next decade. Quite frankly, there’s no way it is avoidable, given the appetite of consumers for WRITING AND RAMBLINGS » HOW WOULD I WRITE A FRAMEWORK TO I’ve been working in and around the payment card industry for over four and a half years now. A year and a half working for a service provider and seeing the worst of credit card storage possible and three years of performing Payment Card Industry Data Security Standards (PCI-DSS) assessments have shown me both the best and the worst of how merchants, service providers and other entities WRITING AND RAMBLINGS » IMPOSTOR SYNDROME You could have written this article about me! I feel like this all the time, thinking “am I good enough” and feeling like I am being scrutinised, especially as a woman in cyber security. WRITING AND RAMBLINGS » YOU HAVE BEEN IDENTIFIED AS A This afternoon, while I ate lunch, I watched a new-to-me anime called Pscho-Pass.. The TL:DR summary of the show is a future where everyone is chipped and constantly monitored. WRITING AND RAMBLINGS » WHY IS YOUR COMPANY STORING CREDIT Martin, The risk has been with the merchant almost since the beginning of credit cards themselves. There was a time that the CC companies would push the risk off on the consumer, but they realized it was badmarketing.
WRITING AND RAMBLINGS » GLOBAL PAYMENT SYSTEMS DELISTED BY Last Friday Brian Krebs broke the story that MasterCard and Visa were warning of a major processor breach.. Later in the day it was announced that the payment processor was Global Payment Inc. and that approximately 50,000 card numbers had been compromised, a number that was later revised to 1.5 million card numbers.. Global Payment took such a pummeling in the stock market that MCKEAY.NET - WRITING AND RAMBLINGS Late in 2018 I went to do an update of the WordPress version driving the blog. And, as is prone to happening, something went wrong. I looked at the site, at my own motivation to write, and all the other projects I had on my plate, and decided it was just time to let theblog go.
WRITING AND RAMBLINGS » ABOUT My name is Martin McKeay, and I started blogging about security in August of 2003. I was in a job where I had plenty of free time and SSH access to my home servers. WRITING AND RAMBLINGS It’s been an interesting ride ever since Edward Snowden came out with the revelations about NSA spying efforts two years ago. There was a huge public outcry at first, both from the side who believes spying on your own citizens is necessary and from the side who believes spying on your own citizens is a vital tool in protecting them. WRITING AND RAMBLINGS » RAMBLINGS ON WRITING Sigh. Last weekend I wrote a long, hand-crafted, artisanal post on why it’s been so long since I wrote for my own purposes. It was beautiful, deeply thoughtful and a worthy debut after having been out of the blogging sphere for so very long. WRITING AND RAMBLINGS » A SWARM OF CARS It’s a given that we will have ‘intelligence’ in our cars within the next decade. Quite frankly, there’s no way it is avoidable, given the appetite of consumers for WRITING AND RAMBLINGS » HOW WOULD I WRITE A FRAMEWORK TO I’ve been working in and around the payment card industry for over four and a half years now. A year and a half working for a service provider and seeing the worst of credit card storage possible and three years of performing Payment Card Industry Data Security Standards (PCI-DSS) assessments have shown me both the best and the worst of how merchants, service providers and other entities WRITING AND RAMBLINGS » IMPOSTOR SYNDROME You could have written this article about me! I feel like this all the time, thinking “am I good enough” and feeling like I am being scrutinised, especially as a woman in cyber security. WRITING AND RAMBLINGS » YOU HAVE BEEN IDENTIFIED AS A This afternoon, while I ate lunch, I watched a new-to-me anime called Pscho-Pass.. The TL:DR summary of the show is a future where everyone is chipped and constantly monitored. WRITING AND RAMBLINGS » WHY IS YOUR COMPANY STORING CREDIT Martin, The risk has been with the merchant almost since the beginning of credit cards themselves. There was a time that the CC companies would push the risk off on the consumer, but they realized it was badmarketing.
WRITING AND RAMBLINGS » GLOBAL PAYMENT SYSTEMS DELISTED BY Last Friday Brian Krebs broke the story that MasterCard and Visa were warning of a major processor breach.. Later in the day it was announced that the payment processor was Global Payment Inc. and that approximately 50,000 card numbers had been compromised, a number that was later revised to 1.5 million card numbers.. Global Payment took such a pummeling in the stock market that WRITING AND RAMBLINGS » WHAT WILL YOUR FUTURE BRING? I spend a lot of time thinking about the future. It’s an inevitable part of getting older, being responsible for children, and having more time behind you than in front of you. WRITING AND RAMBLINGS » ABOUT My name is Martin McKeay, and I started blogging about security in August of 2003. I was in a job where I had plenty of free time and SSH access to my home servers. WRITING AND RAMBLINGS » USING THE SECRET WEAPON I’m not the most organized person in the world; I never have been and I never will be. But I’ve usually been able to keep a modicum of organization in my life by using pen and paper and a notebook. WRITING AND RAMBLINGS » 2006 » OCTOBER Rich Mogull at Securosis call’s it like he see’s it: “If You Think Boarding Passes and ID’s Improve Security, You Shouldn’t Be in Security.”Not that I disagree with him, but it’s harsh thing to say. After all, if we were to use his logic, half of the TSA would be out on the street looking for a new career. WRITING AND RAMBLINGS » 2010 » FEBRUARY My friend Alex Hutton and the rest of the RISK Team at Verizon Business have done it again! This time rather than release a report about breaches however, they’ve release the Verizon Incident Sharing Metrics Framework (VerIS for short).). All the awesomeness that went into creating the 2009 Verizon Breach Report is being shared with the incident response community so that we can compare WRITING AND RAMBLINGS » MASKING VS. TRUNCATING I don’t get a ton of questions about PCI sent to me, but from time to time someone asks a question that deserves a blog post. Earlier today I received a question from a reader, Michele, that reflects a common misunderstanding in the PCI sphere: WRITING AND RAMBLINGS » PAPER CISSP? Believe me I work at a large company and we have had and currently have a large number of “PAPER CISSPs”. It’s ridiculous that they only have very generalized security knowledge and nothing more, I have had to train multiple CISSPs on real world practices for WRITING AND RAMBLINGS » 2008 » MAY Alan is continuing the conversation about the firing at TJX and reporting Payment Card Industries ‘violations’ to someone.I want to pause the conversation for a moment to clear up a few misconceptions. The PCI Security Council has no power to fine and is only responsible maintaining the PCI Data Security Standards and administrating the assessment process. WRITING AND RAMBLINGS » ARE LOW STANDARDS BETTER THAN NO On Twitter this morning, @secrunner made the following comment: “I think it’s surprising that PCI still hasn’t developed a program to certify pen testers or at least standardize the approach” WRITING AND RAMBLINGS » BEWARE ‘SWINE FLU’ SPAM, IT’S COMING We all know it’s going to happen and probably sooner than later; spammers will figure out that people are panicking about swine flu and they’ll start registering domain names and sending out email offering the latest information and drugs guaranteed to stop swineflu.
MCKEAY.NET - WRITING AND RAMBLINGS Ramblings on Writing. Published by Martin under Blogging, General. Sigh. Last weekend I wrote a long, hand-crafted, artisanal post on why it’s been so long since I wrote for my own purposes. It was beautiful, deeply thoughtful and a worthy debut after having been out of the blogging sphere for so very long. WRITING AND RAMBLINGS » HACKING It’s been an interesting ride ever since Edward Snowden came out with the revelations about NSA spying efforts two years ago. There was a huge public outcry at first, both from the side who believes spying on your own citizens is necessary and from the side who believes spying on your own citizens is a vital tool in protecting them. WRITING AND RAMBLINGS » ABOUT My name is Martin McKeay, and I started blogging about security in August of 2003. I was in a job where I had plenty of free time and SSH access to my home servers. WRITING AND RAMBLINGS » OPEN TABS 01/09/12 Still feels a little funny to be putting the ’12’ in the year column, doesn’t it? I’m sure the feeling will go away by March orApril.
WRITING AND RAMBLINGS » YOU HAVE BEEN IDENTIFIED AS A This afternoon, while I ate lunch, I watched a new-to-me anime called Pscho-Pass.. The TL:DR summary of the show is a future where everyone is chipped and constantly monitored. WRITING AND RAMBLINGS » 2004 » FEBRUARY Windows is offering a freeWindows Security Update CD.The CD contains all of the security updates through October 2003, and they will ship it to you for free. I hope they start offering up this type of CDevery 3-6 months.
WRITING AND RAMBLINGS » MASKING VS. TRUNCATING segment of PAN data. Think of the cardholder data as numbers written down on a piece of paper. Masking the numbers would be similar to taking a piece of correction tape and covering up the majority of the numbers so only the last four would be readable by the next person you hand the paper to. The data still exists under the correction tape WRITING AND RAMBLINGS » YOU’VE BEEN REPORTED … BY AN AD This looks like an interesting experiment; the City of London police have started placing ads on sites for pirated music warning that the visit to the site has been recorded and reported.. Called “Operation Creative”, this is an effort by the Police Intellectual Property Crime Unit (PIPCU) to educate people visiting sites that offer pirated music and videos that it’s illegal and could WRITING AND RAMBLINGS » DIDN’T HAVE TO WAIT LONG Axel, No, I’m almost certain SB1386 specifically exempts both state and federal agencies. I read it about this time last year, and I’m to lazy to look it up on the Internet, but I do remember several passages specifically providing loopholes for the government. WRITING AND RAMBLINGS » MOSTLY BACK UP Will, I can still access the HD of the dead system, I just can’t get it connected to the network. I’ve had some luck getting information off of the system with a USB key, but it’s going to take some wizardry to get the remainder of my posts back from MovableType andMySQL.
MCKEAY.NET - WRITING AND RAMBLINGS Ramblings on Writing. Published by Martin under Blogging, General. Sigh. Last weekend I wrote a long, hand-crafted, artisanal post on why it’s been so long since I wrote for my own purposes. It was beautiful, deeply thoughtful and a worthy debut after having been out of the blogging sphere for so very long. WRITING AND RAMBLINGS » HACKING It’s been an interesting ride ever since Edward Snowden came out with the revelations about NSA spying efforts two years ago. There was a huge public outcry at first, both from the side who believes spying on your own citizens is necessary and from the side who believes spying on your own citizens is a vital tool in protecting them. WRITING AND RAMBLINGS » ABOUT My name is Martin McKeay, and I started blogging about security in August of 2003. I was in a job where I had plenty of free time and SSH access to my home servers. WRITING AND RAMBLINGS » OPEN TABS 01/09/12 Still feels a little funny to be putting the ’12’ in the year column, doesn’t it? I’m sure the feeling will go away by March orApril.
WRITING AND RAMBLINGS » YOU HAVE BEEN IDENTIFIED AS A This afternoon, while I ate lunch, I watched a new-to-me anime called Pscho-Pass.. The TL:DR summary of the show is a future where everyone is chipped and constantly monitored. WRITING AND RAMBLINGS » 2004 » FEBRUARY Windows is offering a freeWindows Security Update CD.The CD contains all of the security updates through October 2003, and they will ship it to you for free. I hope they start offering up this type of CDevery 3-6 months.
WRITING AND RAMBLINGS » MASKING VS. TRUNCATING segment of PAN data. Think of the cardholder data as numbers written down on a piece of paper. Masking the numbers would be similar to taking a piece of correction tape and covering up the majority of the numbers so only the last four would be readable by the next person you hand the paper to. The data still exists under the correction tape WRITING AND RAMBLINGS » YOU’VE BEEN REPORTED … BY AN AD This looks like an interesting experiment; the City of London police have started placing ads on sites for pirated music warning that the visit to the site has been recorded and reported.. Called “Operation Creative”, this is an effort by the Police Intellectual Property Crime Unit (PIPCU) to educate people visiting sites that offer pirated music and videos that it’s illegal and could WRITING AND RAMBLINGS » DIDN’T HAVE TO WAIT LONG Axel, No, I’m almost certain SB1386 specifically exempts both state and federal agencies. I read it about this time last year, and I’m to lazy to look it up on the Internet, but I do remember several passages specifically providing loopholes for the government. WRITING AND RAMBLINGS » MOSTLY BACK UP Will, I can still access the HD of the dead system, I just can’t get it connected to the network. I’ve had some luck getting information off of the system with a USB key, but it’s going to take some wizardry to get the remainder of my posts back from MovableType andMySQL.
WRITING AND RAMBLINGS » HACKING It’s been an interesting ride ever since Edward Snowden came out with the revelations about NSA spying efforts two years ago. There was a huge public outcry at first, both from the side who believes spying on your own citizens is necessary and from the side who believes spying on your own citizens is a vital tool in protecting them. WRITING AND RAMBLINGS » 2004 » FEBRUARY Windows is offering a freeWindows Security Update CD.The CD contains all of the security updates through October 2003, and they will ship it to you for free. I hope they start offering up this type of CDevery 3-6 months.
WRITING AND RAMBLINGS » 2007 » JANUARY This is an interesting development in PCI compliance: a group of vendors have grouped together to create the PCI Security Vendor Alliance.I see a mission statement and a lot of interestingly vague statements, but what I don’t see anywhere is a statement affiliating the PCI SVA with Visa or Master Card directly. WRITING AND RAMBLINGS » YOU HAVE BEEN IDENTIFIED AS A This afternoon, while I ate lunch, I watched a new-to-me anime called Pscho-Pass.. The TL:DR summary of the show is a future where everyone is chipped and constantly monitored. WRITING AND RAMBLINGS » YOU ARE BEAUTIFUL AND UNIQUE…JUST I’ve got to love it when a friend writes a post that disproves its own title. For example, my friend Mike just wrote a blog post called “You are Not a Beautiful and Unique Snowflake” in which he goes own to explain that you’re unique, as our your competitors, but that doesn’t give you any reason to expect special treatment. And that’s his real point, that while you may see someone WRITING AND RAMBLINGS » GLOBAL PAYMENT SYSTEMS DELISTED BY Last Friday Brian Krebs broke the story that MasterCard and Visa were warning of a major processor breach.. Later in the day it was announced that the payment processor was Global Payment Inc. and that approximately 50,000 card numbers had been compromised, a number that was later revised to 1.5 million card numbers.. Global Payment took such a pummeling in the stock market that WRITING AND RAMBLINGS » GOOGLE’S WIFI MAPPING NON-SOLUTION Google got in a lot of trouble last year for capturing private data from wireless networks when they were driving the googlemobiles around to get video shots for StreetView. WRITING AND RAMBLINGS » WHY “WIFE0” AND THE SPAWN? I’m not much of a programmer. I’ve written a few thousand lines of code in my life, but that’s just enough to make me familiar with the generalities of programming. WRITING AND RAMBLINGS » THE GOOD, THE BAD AND THE UGLY 3 responses so far. 3 Responses to “The Good, the bad and the ugly: WordPress, Scribefire and Wireshark” # Mark Palmeron 21 Mar 2008 at8:38 am
WRITING AND RAMBLINGS » BEWARE ‘SWINE FLU’ SPAM, IT’S COMING We all know it’s going to happen and probably sooner than later; spammers will figure out that people are panicking about swine flu and they’ll start registering domain names and sending out email offering the latest information and drugs guaranteed to stop swineflu.
MCKEAY.NET - WRITING AND RAMBLINGS Ramblings on Writing. Published by Martin under Blogging, General. Sigh. Last weekend I wrote a long, hand-crafted, artisanal post on why it’s been so long since I wrote for my own purposes. It was beautiful, deeply thoughtful and a worthy debut after having been out of the blogging sphere for so very long. WRITING AND RAMBLINGS » ABOUT My name is Martin McKeay, and I started blogging about security in August of 2003. I was in a job where I had plenty of free time and SSH access to my home servers. WRITING AND RAMBLINGS It’s been an interesting ride ever since Edward Snowden came out with the revelations about NSA spying efforts two years ago. There was a huge public outcry at first, both from the side who believes spying on your own citizens is necessary and from the side who believes spying on your own citizens is a vital tool in protecting them. TSA SCREENINGS & YOUR RIGHTS Airport policies & local law re. photography is.gd/ihJ0Y ABQ OK Susanne Spencer 505 246 4131 14 Apr 09 is.gd/ijyLe BOS OK Ann Davis 617 733 8437 1 Apr 09 is.gd/ijyOo CMH OK Robert Mauldin 28 Jun 10 is.gd/ijyQW DCA All: permit?G DATA SUMMIT
A couple of weeks ago at the G Data Summit in Bochum, Germany, I got a chance to talk to Dr. Thorsten Holz, CEO and Director of the Horst Gortz Institute of IT Security at Ruhr University. WRITING AND RAMBLINGS » CERT … OR IS IT CIRT … OR CSIRT CERT = Computer Emergency Response Team. CIRT = Computer Incident Response Team. CSIRT = Computer Security Incident Response Team. When you boil it down to basics, all three acronyms mean the same thing, a team of first responders and handlers for a computer-based incident. The rest of it is just flavor text based on who is running the show. WRITING AND RAMBLINGS » YOU’VE BEEN REPORTED … BY AN AD This looks like an interesting experiment; the City of London police have started placing ads on sites for pirated music warning that the visit to the site has been recorded and reported.. Called “Operation Creative”, this is an effort by the Police Intellectual Property Crime Unit (PIPCU) to educate people visiting sites that offer pirated music and videos that it’s illegal and could WRITING AND RAMBLINGS » 2006 » OCTOBER Rich Mogull at Securosis call’s it like he see’s it: “If You Think Boarding Passes and ID’s Improve Security, You Shouldn’t Be in Security.”Not that I disagree with him, but it’s harsh thing to say. After all, if we were to use his logic, half of the TSA would be out on the street looking for a new career. WRITING AND RAMBLINGS » WHY IS YOUR COMPANY STORING CREDIT This post was about why are merchants storing credit card numbers (CCN) when they don’t really need them. And the answer is usually because they think they’ll need the CCN for something, even if they don’t know what that something is. That’s something the merchant has total control over, they just never make use of it. WRITING AND RAMBLINGS » TRACKING YOUR EMAIL Tracing Emails. Les Bell has done a very nice job of dissecting a couple spam emails to find out where they came from. I’m lazy and wouldn’t have gone to nearly the lengths he did in this writeup. MCKEAY.NET - WRITING AND RAMBLINGS Ramblings on Writing. Published by Martin under Blogging, General. Sigh. Last weekend I wrote a long, hand-crafted, artisanal post on why it’s been so long since I wrote for my own purposes. It was beautiful, deeply thoughtful and a worthy debut after having been out of the blogging sphere for so very long. WRITING AND RAMBLINGS » ABOUT My name is Martin McKeay, and I started blogging about security in August of 2003. I was in a job where I had plenty of free time and SSH access to my home servers. WRITING AND RAMBLINGS It’s been an interesting ride ever since Edward Snowden came out with the revelations about NSA spying efforts two years ago. There was a huge public outcry at first, both from the side who believes spying on your own citizens is necessary and from the side who believes spying on your own citizens is a vital tool in protecting them. TSA SCREENINGS & YOUR RIGHTS Airport policies & local law re. photography is.gd/ihJ0Y ABQ OK Susanne Spencer 505 246 4131 14 Apr 09 is.gd/ijyLe BOS OK Ann Davis 617 733 8437 1 Apr 09 is.gd/ijyOo CMH OK Robert Mauldin 28 Jun 10 is.gd/ijyQW DCA All: permit?G DATA SUMMIT
A couple of weeks ago at the G Data Summit in Bochum, Germany, I got a chance to talk to Dr. Thorsten Holz, CEO and Director of the Horst Gortz Institute of IT Security at Ruhr University. WRITING AND RAMBLINGS » CERT … OR IS IT CIRT … OR CSIRT CERT = Computer Emergency Response Team. CIRT = Computer Incident Response Team. CSIRT = Computer Security Incident Response Team. When you boil it down to basics, all three acronyms mean the same thing, a team of first responders and handlers for a computer-based incident. The rest of it is just flavor text based on who is running the show. WRITING AND RAMBLINGS » YOU’VE BEEN REPORTED … BY AN AD This looks like an interesting experiment; the City of London police have started placing ads on sites for pirated music warning that the visit to the site has been recorded and reported.. Called “Operation Creative”, this is an effort by the Police Intellectual Property Crime Unit (PIPCU) to educate people visiting sites that offer pirated music and videos that it’s illegal and could WRITING AND RAMBLINGS » 2006 » OCTOBER Rich Mogull at Securosis call’s it like he see’s it: “If You Think Boarding Passes and ID’s Improve Security, You Shouldn’t Be in Security.”Not that I disagree with him, but it’s harsh thing to say. After all, if we were to use his logic, half of the TSA would be out on the street looking for a new career. WRITING AND RAMBLINGS » WHY IS YOUR COMPANY STORING CREDIT This post was about why are merchants storing credit card numbers (CCN) when they don’t really need them. And the answer is usually because they think they’ll need the CCN for something, even if they don’t know what that something is. That’s something the merchant has total control over, they just never make use of it. WRITING AND RAMBLINGS » TRACKING YOUR EMAIL Tracing Emails. Les Bell has done a very nice job of dissecting a couple spam emails to find out where they came from. I’m lazy and wouldn’t have gone to nearly the lengths he did in this writeup. WRITING AND RAMBLINGS » PODCAST A couple of weeks ago I was invited to the G Data Summit in Bochum, Germany to take part in a celebration of G Data’s 30th anniversary.. Being the oldest anti-virus company in the world is a little something for them to crow about. During the event, I got a chance to interviewWalter Schuman, G
WRITING AND RAMBLINGS » WHAT WILL YOUR FUTURE BRING? I spend a lot of time thinking about the future. It’s an inevitable part of getting older, being responsible for children, and having more time behind you than in front of you. WRITING AND RAMBLINGS » CLOUD EXPERIMENT: MINECRAFT Thank you for this post. My 13yr. old son has been hosting a server for approximately a year now for a himself and a about 8 of his friends, and I have trusted him that he knew what he was doing and that he did all the necessary research needed to not expose WRITING AND RAMBLINGS » “I DON’T WANT TO BELONG TO ANY CLUB…” As Brian Krebs points out, the Groucho Marx comment, “I don’t want to belong to any club that will accept me as a member” captures the spirit of the latest round of the Storm worm emails.Following the simple rule of “if you didn’t ask for it, don’t open it” applies to these club membership spams just as well as it does toattachments.
WRITING AND RAMBLINGS » MASKING VS. TRUNCATING segment of PAN data. Think of the cardholder data as numbers written down on a piece of paper. Masking the numbers would be similar to taking a piece of correction tape and covering up the majority of the numbers so only the last four would be readable by the next person you hand the paper to. The data still exists under the correction tape WRITING AND RAMBLINGS » GLOBAL PAYMENT SYSTEMS DELISTED BY Last Friday Brian Krebs broke the story that MasterCard and Visa were warning of a major processor breach.. Later in the day it was announced that the payment processor was Global Payment Inc. and that approximately 50,000 card numbers had been compromised, a number that was later revised to 1.5 million card numbers.. Global Payment took such a pummeling in the stock market that WRITING AND RAMBLINGS » I’M BACK Well, almost. Need to perform a little maintenance that wasn’t automated and make a backup of everything before I really start doinganything.
WRITING AND RAMBLINGS » PAPER CISSP? Believe me I work at a large company and we have had and currently have a large number of “PAPER CISSPs”. It’s ridiculous that they only have very generalized security knowledge and nothing more, I have had to train multiple CISSPs on real world practices for WRITING AND RAMBLINGS » BEWARE ‘SWINE FLU’ SPAM, IT’S COMING We all know it’s going to happen and probably sooner than later; spammers will figure out that people are panicking about swine flu and they’ll start registering domain names and sending out email offering the latest information and drugs guaranteed to stop swineflu.
WRITING AND RAMBLINGS » HOW WOULD I WRITE A FRAMEWORK TO I’ve been working in and around the payment card industry for over four and a half years now. A year and a half working for a service provider and seeing the worst of credit card storage possible and three years of performing Payment Card Industry Data Security Standards (PCI-DSS) assessments have shown me both the best and the worst of how merchants, service providers and other entities* Home
* About
* An American in London* Privacy Policy
* Resetting the password WRITING AND RAMBLINGS THESE ARE MY OPINONS. YOU CAN'T HAVE THEM, FORM YOUR OWN.Aug 31 2020
WHAT WILL YOUR FUTURE BRING? Published by Martin under Personal ,Simple Security I spend a lot of time thinking about the future. It’s an inevitable part of getting older, being responsible for children, and having more time behind you than in front of you. It’s also brought on by having a role involving projects that take six months plus to bring to fruition, and need to be coordinated with other departments 15-18 months in the future. Lastly, living in the eternal now of a pandemic, where it feels like everything stays the same and we have no control, you have to look beyond today and beyond the timeless present to something that reminds us of a time without a major virus. At least I do, even if you don’t feel the same way. What’s that got to do with security, you may ask. Truthfully, it’s not related to security more than any other career. But, at least early in our careers, security professionals deal with tickets and incidents that revolve around ‘now’, rather than some distance in the future. I started my career as a Help Desk technician more than two decades ago, and most days I was struggling to get through a queue of problems with printers, desktops, and servers. It was even worse when I managed an Intrusion Detection System and I’d have a few minutes at a time to review, categorize, and respond to the alerts streaming across my screen. We have also chosen a career known for its high turnover rate. Until my current role, I’d never stayed at an organization for more than three years, and many of them for 18 months or less. I suspect my experiences aren’t uncommon, and that many people still shift jobs frequently, looking for a new challenge, better pay, or a promotion they couldn’t get if they stayed where they were. It’s very hard to plan for the future when the horizon you see is so close most people are just getting settled in when they’re looking for a newjob.
We joke about it when we have our HR mandated yearly reviews and our manager asks where we’d like to be in five years. It’s hard to think that far ahead, especially when we are in the habit of changing roles every year and a half. I jokingly said, “Employed.” once. My manager asked, “Here?”, and I had to stop in my tracks to give that serious thought. I did not stay at that company for five years, but I have been at Akamai for nine years as ofmid-September.
Leaving an organization for an opportunity to grow, better pay, or even just to escape boredom isn’t necessarily a bad thing, but it can be short sighted. When was the last time you sat down and thought about where you want to be in five years? Even if the answer is ‘not here’ or ’employed’, what are you doing now that leads you in that direction? Floating through an eternal now is relatively easy, and for many avoids the stress of not being where you really want to be, but it also doesn’t lead to the destination we desire, unless you’re really, really, and I mean REALLY lucky. There’s a lot of sayings that amount to stating the real skill you need to develop for life is learning how to recognize luck when it comes along and setting yourself up to take advantage of it. What have you done lately to set yourself up for that offramp that leads to the success you want to achieve? Would you recognize it when you saw it? That’s a part of what thinking about the future enables you todo.
I won’t pretend I have a real answer to thinking about the future. Even though I work in a security team and have a lot of experience in the field, I have the seemingly non-security title of ‘Editorial Director’ where I work. Despite what I wrote earlier, this was never my goal. But it was something writing, blogging, podcasting, and a host of other side efforts prepared me for. When a little dirt road led off from the career path I thought I wanted, I followed it out of curiosity, in part because all the skills I’d collected seemed to work so well with this opportunity. I get to lead a team that turns security research into something we share with the world in our publications, which turned out to be the real goal I’d never quite identified to myself before it appeared. There’s nothing that says a plan will come to fruition. But failure to plan, failure to look ahead, almost guarantees that you’ll miss that dirt road that leads to the career you really want. As with my path, it’s not necessarily about learning how to use a new technology or expanding on your existing skill set. The right thing to do might be getting a degree or learning a skill you never thought you’d apply to security. One final point: Whatever career path you think you might want to follow, learn to write! Very few skills will serve you better and set you apart from your peers more than learning to write well. Learn both to be brief but succinct, and to expound upon an idea at length. Being able to recognize which of those two is appropriate at any given juncture is a skill too few have. There are few skills you can plan to develop that will be more beneficial to every career choice than learning to express yourself coherently and explain why your ideas are important. Comments Off on What will your future bring?Aug 26 2020
IT LIVES!
Published by Martin underSite Configuration
Late in 2018 I went to do an update of the WordPress version driving the blog. And, as is prone to happening, something went wrong. I looked at the site, at my own motivation to write, and all the other projects I had on my plate, and decided it was just time to let the blog go. It was the right decision at the time, I think. Forward to yesterday. @mojo_sec pointed out a blog post I had written in 2014 on Impostor Syndromeand stated it
was one of the things that they referenced when they felt like they weren’t as good as someone else. It’s humbling and gratifying to know I’ve had a positive, lasting effect on someone’s life with my writing. It was strange to read something my younger self had written from a far different perspective. But it also made me think, “Wait, the site’s down, so how is it they’re still able to read that post after all this time?” Turns out that the blog wasn’t as dead as I thought and that a random auto-update had fixed at least one of the problems that had made me give up on the blog in the first place. Which prompted me to attempt to login, reset my passwords, log in, break the blog with a couple of updates, fix the blog with more updates, and write this post. I’d been getting backups of the blog for some time and had toyed with the idea of writing my personal thoughts again, but hadn’t acted on the impulse. My full time job is leading the team that creates Akamai’s State of the Internet / Security report,
and it’s definitely something that takes up a lot of my creative energy. You have no idea how much work collecting the data, analyzing the intelligence, and organizing it into something that’s not just accurate but interesting is until you’ve done it. But I have an awesome team that makes it possible, and even fun sometimes. Some time I’ll write up that journey and the lessons I’ve learned about security by working with the Marketing, Creative, and PR teams. Some time when I don’t have to worry about facing any of them the next day. 🙂 So, the blog is back for now, it’s up to date, patched, and functional. As much as a WordPress blog ever is. Comments Off on It Lives!Sep 16 2018
LUCKY BREAK
Published by Martin under General ,Social Networking One of the things I do from time to time is throw out an open ended question on Twitter. Sometimes I’m making a point, sometimes I just want to amuse myself, but mostly I’m honestly curious about what other people think. The answers almost always surprise me. Yesterday afternoon, I asked a pair of related questions: > What piece of luck had the biggest effect on your career?>
> What did you have to do to be prepared to take advantage of that> piece of luck?
Here’s a list of the responses I’ve received so far. If you’re on the list and want to have your response removed, just let me know. I figure if you said it on Twitter, you already think of your comment as public, but I’ve been wrong before. I know and have met less than half the people who responded. It’s always interesting to get a little insight into the backstory of your peers and the people around you.—————–
APIARY?
Getting hired as a part time contract worker doing recruiting work for a security company. It was enough to get my foot in the door. I leveraged my previous customer support experience to get full time work, and went from there. I had to be prepared to learn everything.DAN_ROWINSKI?
This is a bit of the sadness and reality of the human condition. When I was a junior sports reporter on the Bruins beat in Boston, the senior reporter got pancreatic cancer at the beginning of the season. Thus, I was thrown into the job as the full time beat reporter … It was an opportunity presented through the saddest of circumstances (he passed away less than a year later). But I had no choice but to take advantage the situation by learning to become a fully fledged and competent sports reporter. Study day and night. Work on craft etc.WIM REMES
getting fired from my first job turned out to be the best thing that ever happened to my career._ – Martin: I have had a similarexperience_
GISELE ELLIS
Finding a theater that would take an inexperienced teenager as a volunteer. Gave me a foothold to build a resume that got me into MIT. It took a lot of calls to find that role, but once I did, I did everything I could, never assuming I couldn’t because of age orgender.
JODY T?
I worked retail back when you had to enter everything in by hand at register and my 10-key speed was wicked fast. I switched to lowly data entry job and was so quick I had extra time on hands. I volunteered for anything/everything computer related. #HUSTLECHORT ?? ??
?? ABOLISH ICE?
Someone I knew from playing video games online was a director at a hot dot com and got me a job there. All I had to know was how email works. The rest is history.SLEEPYSECURITYNINJA
I boarded an airplane late (last one on). My seat had been taken by a mother/daughter pair, I didn’t make them move back. I sat in the middle seat, next to the director of consulting at my next job. My passion for IT and my hobby projects likely left a good enoughimpression
DUSTIN COLLINS?
Moving from the Midwest to Boston and getting a lucky break with my first job at CarboniteDAN SNEDDON
I once went above and beyond for a field office, in spite of the fact that I knew before they did that the field office was going to be shut down. The IT manager at the field office then offered me a sweet job at Apple when he became a manager there. It pays to be helpful.ANDY ELLIS
Rescheduling my flight from Boston to LA off of September 11. –_ Martin: This is one of the few responses I consider to be ‘pure luck’. There’s a lot of backstory to this short tweet. _ JOSEPH PIERINI – OG TWIZZLEBIT Helping out in a booth at a PCI Community Meeting and saying Yes/No/Please, I Changed My Mind Can I Still Take The Job?ACOTONIO?
Luck: Out-processing my last day in the #USAF , and headed to retire with a pension and nothing lined up (not for a lack of trying). Bumped into a friend I hadn’t seen in awhile. Chatted, she asked for a resume. Her boss offered me a stellar job/salary on the phone that night. Prep: During my service, I worked on multiple things to get ready. AAS and BS in Business, BS and MS in Infosec, 15 security certs, and years of pen testing/hacking exp. I wanted to be *ready*. Now that I’m settled in the perfect dream job, I’m chasing my DSc in Cyber 🙂DANDELS?
A near relative needed extra hands in his small company, and over time I became an important part of the dev team. My prior IT experience was just gaming and using the internet for years. The most important thing was being technically literate and good at googling problems.FTOBLOKE ?
???
A casual conversation with a fellow student on the first night of my 3 year part time Masters degree.NICK SELBY
Someone in a position of authority at the place I’ve wanted to work my whole life (but had never done anything about it) stumbled across a blog post I’d written about a problem he was having that very day. This led to the series of events that got me my job there. – _Martin: An early career interview with Nick was one of the things that got me thinking I could be more than just a system admin, though I didn’t take the job at the time._ /BIN/BASH/ALLEN -BARANOV Not sure if it was “luck” but at the consultancy that I worked at, the whole security team (three people) quit on one day and I was the only one with both networking and Unix experience. So I quickly became the “security expert” Comments Off on Lucky BreakSep 15 2018
RAMBLINGS ON WRITING Published by Martin underBlogging ,General
Sigh. Last weekend I wrote a long, hand-crafted, artisanal post on why it’s been so long since I wrote for my own purposes. It was beautiful, deeply thoughtful and a worthy debut after having been out of the blogging sphere for so very long.It was crap.
Then WordPress ate it. It was actually a decent post, but it was me blathering on about things that don’t matter to most people. I wrote for a long time. Then I didn’t write for a while. Now I’m planning on writing again. Those are the important points that I took 1500 words to express last weekend. It was a thing of beauty. I wish you could have read it. But it’s probably for the best that you couldn’t. Comments Off on Ramblings on WritingAug 30 2018
I’M BACK
Published by Martin underBlogging
Well, almost. Need to perform a little maintenance that wasn’t automated and make a backup of everything before I really start doinganything.
That said, time to start writing for myself rather than for a paycheck once again. (Yes, I’m still employed)One response so far
Oct 14 2015
NSP MICROCAST – G DATA SUMMIT – NATALYA KASPERSKY Published by Martin underGovernment ,Podcast
It’s taken me a lot longer than it should have, but I finally got my interview with Natalya Kaspersky, CEO of InfoWatch and former CEO of Kaspersky Labs from the G Data Summit edited and posted. We talked about the nature of current threats against enterprises (hint: think APT and nationstate) as well as current changes to the global nature of the Internet. Natalya has been in the security industry for some time and has a different viewpoint than a Western/US person such asmyself.
http://traffic.libsyn.com/mckeay/NSPMicrocast_-_GData_-_Kaspersky.mp35 responses so far
Oct 08 2015
NSPMICROCAST – G DATA SUMMIT – DR. THORSTEN HOLZ Published by Martin underPodcast
A couple of weeks ago at the G Data Summit in Bochum, Germany, I got a chance to talk to Dr. Thorsten Holz, CEO and Director of the Horst Gortz Institute of IT Security at Ruhr University. Dr. Holz and I talk about the nature of training the next generation of security professionals and how things have changed in education over the lastdecade.
It’s interesting to hear that even with the huge increase in students that Dr. Holz is seeing, it’s still not enough to meet with the needs of business in Germany. I can’t imagine that universities and colleges in other areas are seeing any less of ademand than he is.
http://traffic.libsyn.com/mckeay/NSPMicrocast-GData-Holz.mp3One response so far
Oct 06 2015
NSP MICROCAST – GDATA SUMMIT – WALTER SCHUMAN Published by Martin underPodcast
A couple of weeks ago I was invited to the G Data Summit in Bochum, Germany to take part in a celebration of G Data’s 30th anniversary . Being the oldest anti-virus company in the world is a little something for them to crow about. During the event, I got a chance to interview Walter Schuman, G Data’s CSO. Unluckily, CSO doesn’t mean Chief Security Officer, it means Chief Sales Officer. Walter and I had a good conversation about what security means to his customers, why protecting customer’s privacy is important to a business like G Data’s and explored a little of the political landscape of the world and what it means to someone selling security products. http://traffic.libsyn.com/mckeay/NSPMicrocast-GData-Schuman.mp3 Comments Off on NSP Microcast – GData Summit – Walter SchumanOct 02 2015
LHS MICROCAST, INTERVIEW WITH JEN ELLIS Published by Martin underPodcast
I wish it hadn’t taken me so long to find the time to edit this podcast, because this interview with Jen Ellis (@infosecjen on Twitter) is pretty good, no thanks to me. Jen Ellis had given a talk earlier in the week and Chris John Riley and I finally managed to track her down to the press room at Defcon. We talk about what the legal system in the US means to researchers and hackers, how the system is flawed and what steps we should be taking to influence future legal measures. Jen also gives Chris and I a little background into the Wassenaar Arrangement and what it could mean to researchersinternationally.
LHS Microcast, Interview with Jen Ellis Comments Off on LHS Microcast, Interview with Jen EllisSep 03 2015
INTERVIEW, JEFF WILLIAMS, CONTRAST SECURITY Published by Martin underPodcast
I sat down for a few minutes at Black Hat to talk to Jeff Williams, the Chief Technology Officer of Contrast Security . We spent a little time reviewing his past, which includes penning the OWASP Top 10 we all know and love, as well as talking about the work he does in applicationsecurity now.
Interview with Jeff Williams, CTO Contrast Security Comments Off on Interview, Jeff Williams, Contrast SecurityNext »
*
FIND STUFF
Search for:
*
ARCHIVES
* August 2020 (2)
* September 2018 (2)* August 2018 (1)
* October 2015 (4) * September 2015 (1)* August 2015 (4)
* May 2015 (4)
* October 2014 (3) * September 2014 (5)* August 2014 (7)
* July 2014 (13)
* June 2014 (3)
* May 2014 (2)
* April 2014 (2)
* March 2014 (10)
* February 2014 (2) * January 2014 (6) * December 2013 (7) * November 2013 (8) * October 2013 (18)* August 2013 (1)
* July 2013 (1)
* June 2013 (5)
* May 2013 (4)
* April 2013 (3)
* March 2013 (4)
* February 2013 (3) * January 2013 (6) * December 2012 (2) * November 2012 (3) * October 2012 (4) * September 2012 (6)* August 2012 (5)
* July 2012 (3)
* June 2012 (3)
* May 2012 (4)
* April 2012 (7)
* March 2012 (5)
* February 2012 (5) * January 2012 (7) * December 2011 (7) * November 2011 (11) * October 2011 (14) * September 2011 (6)* August 2011 (5)
* July 2011 (6)
* June 2011 (7)
* May 2011 (4)
* April 2011 (8)
* March 2011 (7)
* February 2011 (6) * January 2011 (6) * December 2010 (13) * November 2010 (7) * October 2010 (12) * September 2010 (11) * August 2010 (13)* July 2010 (9)
* June 2010 (7)
* May 2010 (14)
* April 2010 (6)
* March 2010 (19)
* February 2010 (17) * January 2010 (4) * December 2009 (5) * November 2009 (12) * October 2009 (11) * September 2009 (12) * August 2009 (19)* July 2009 (20)
* June 2009 (16)
* May 2009 (10)
* April 2009 (24)
* March 2009 (20)
* February 2009 (13) * January 2009 (21) * December 2008 (19) * November 2008 (21) * October 2008 (26) * September 2008 (23) * August 2008 (43)* July 2008 (26)
* June 2008 (24)
* May 2008 (29)
* April 2008 (35)
* March 2008 (18)
* February 2008 (18) * January 2008 (24) * December 2007 (3) * November 2007 (3) * October 2007 (4) * September 2007 (4) * August 2007 (26)* July 2007 (27)
* June 2007 (16)
* May 2007 (18)
* April 2007 (30)
* March 2007 (40)
* February 2007 (42) * January 2007 (45) * December 2006 (17) * November 2006 (37) * October 2006 (58) * September 2006 (54) * August 2006 (51)* July 2006 (30)
* June 2006 (36)
* May 2006 (40)
* April 2006 (28)
* March 2006 (42)
* February 2006 (41) * January 2006 (48) * December 2005 (72) * November 2005 (74) * October 2005 (36) * September 2005 (24) * August 2005 (41)* July 2005 (21)
* June 2005 (18)
* May 2005 (16)
* April 2005 (21)
* March 2005 (30)
* February 2005 (27) * January 2005 (24) * December 2004 (29) * November 2004 (13) * October 2004 (12) * September 2004 (9) * August 2004 (15)* July 2004 (17)
* June 2004 (13)
* May 2004 (8)
* April 2004 (18)
* March 2004 (10)
* February 2004 (12) * January 2004 (14) * December 2003 (7) * November 2003 (3) * October 2003 (4) * September 2003 (6) * August 2003 (10)*
CATEGORIES
Categories Select Category Apple/Mac Big Data Blogging CISSP/ISC2 Cloud Encryption Family Firewall General Government Hacking Humor IDS Linux Malware Microsoft PCI Personal Phishing, scams, etc. Podcast Privacy Public Speaking Risk Security Advisories Simple Security Site Configuration Social Networking Testing Uncategorized Video Site Admin | WordPress Theme | Web Hosting Bluebook WRITING AND RAMBLINGS Copyright 2021 All Rights Reserved .7ads6x98y
Details
Copyright © 2024 ArchiveBay.com. All rights reserved. Terms of Use | Privacy Policy | DMCA | 2021 | Feedback | Advertising | RSS 2.0