Wednesday, December 19, 2012

bcc: Anyone?

 How is it possible that a Dept of Defense IT service provider continues to send announcements (maintenance windows, outages, etc.) to a HUGE list of clients and simply adds all of the client email addresses to the To: line?

Seriously?

If I were evil I would farm that list for potential victims and also for an easy information set to use in a social engineering attack on the service provider.

Come on folks!

This is basic Operational Security stuff!

Friday, October 5, 2012

Sociopath Test | Sociopath Definition



INTERESTING. 

I HAVE BEEN THINKING MITT IS A PATHOLOGICAL LIAR, BUT MAYBE THIS IS A MORE ACCURATE FIT. 

Thursday, October 4, 2012

How long would it take Mitt to 'harvest' the USA?

 Creepy...

A video from 1985 in which Romney, describing Bain's formation, showed how he viewed the firm's mission. He explained that its goal was to identify potential and hidden value in companies, buy significant stakes in these businesses, and then "harvest them at a significant profit" within five to eight years.


Wednesday, October 3, 2012

New CAC Maintenance Portal

 DMDC has recently moved their utility to update DOD issued CAC cards.
It was here:  https://www.dmdc.osd.mil/ump/umphome.htm, but that just gives a 404 now.

The new site is here: https://www.dmdc.osd.mil/self_service/

From the site you can:
  • Add/Change email address to receive initial or new Email Signature and Email Encryption Certificates
  • Add Personnel Category Code to the User Principle Name of the Email Signature Certificate
  • Activate the PIV Authentication Certificate
  • Download applications
  • View/Update contact information
The first item is especially useful if you are forced to change your email address.

Thursday, September 20, 2012

iOS6 speaks to me in a crisp British accent

 I have been playing with the Accessibility settings on my iOS6 install and I found this nice surprise.  If you use Speak Selection your phone will 'read', out loud, what you have highlighted.  I prefer the British English Dialect, but you should select your favorite.

How to do it?

Pretty simple.
  1. Go into to Settings, select General
  2. Select Accessibility
  3. Select Speak Selection
  4. Turn on Speak Selection
  5. Turn on Highlight Words
  6. Select Dialects
  7. Select your favorite Dialect
  8. Open an email, Select a block of text, Select Speak
  9. Listen and follow along as the word are highlighted
Have with your new assistant!
Leave me a comment if you like this.
Thanks!










Tuesday, July 17, 2012

NIST updates mobile security guidelines


I am only gonna bitch about this a little...

Is NIST really telling me to worry about C-I-A, as if that isn't a basic IT Security requirement?  And it is somehow different for mobile vs. everything else?

What is NIST paying for this good advice?

Co-author and NIST guest researcher Karen Scarfone said mobile devices need to have multiple security objectives supported, including integrity, availability and confidentiality. Companies that have these bases covered will have an easier time protecting sensitive information.

More:

Friday, June 1, 2012

HOWTO: Fix your 'With Mitt' App

 The fine folks at the Romney campaign 'patched' their flawed With Mitt iPhone App, but they did a pretty weak job of it.

It turns out they left the flawed images with the "A Better AMERCIA" in the application.  If you have a jail broken iPhone and can move around in Unix/Linux, getting access to their mistake again is trivial.

  1. Go get the application from iTunes.
  2. Login to your iPhone via SSH.
  3. Move to the the /User/Applications/ directory.
  4. Find the correct directory (I use the command "ls -ltr" to find the newest directory)
  5. Find the "With Mitt" App.  (The actual application is named "with.app"
  6. Go to the /Users/Applications/43.....2D/with.app/overlays/ directory.
  7. Copy the flawed images over some that are still being used.  For mine I used:

cp RFP-A-Better-America-Black-320x416.png RFP-DayOne-JobOne-Black-320x416.png
cp RFP-A-Better-America-White-320x416.png RFP-DayOne-JobOne-White-320x416.png

    Voila!  We back to using Mitt's typo again.



    Tuesday, February 14, 2012

    Google makes a stand, for love

     By now you have seen the Google Valentine's Day video.

    It is very sweet, check it out on Google today, or see it here


    The really cool thing?
    They end it with what appears to be a message that we should love whoever we want.

    Milk can love a cookie,
    a cat can love a dog,
    a princess can love a frog,
    an astronaut can love an alien,
    a little white boy can love a little black girl,
    and a man can love a man.

    Go Google!


    Monday, January 23, 2012

    "He that lieth down with Dogs shall rise up with Fleas" -Benjamin Franklin

     Nice little ethical dilemma  via the MegaUpload issue

    • MegaUpload was primarily hosted in Virginia by a web hosting provider called Carpathia Hosting. Carpathia leased more than 1000 servers with a total of 25 petabytes of storage to MegaUpload.
    Source: http://gigaom.com/2012/01/19/megaupload-indictment/

    I wonder how the Federal Agencies who host with Carpathia feel about this...


    Friday, January 13, 2012

    dsquery

     Hey,
    This is actually pretty useful.

    On a Windows server:
    • dsquery group -name "Domain Admins" | dsget group -members

    Returns the members of the domain admin group.

    I know, it's a little thing, but very handy.

    Almost like somebody is serious about wanting to be a real OS.