Dagmar wrote:

Decius wrote:

Bomb units scrambled across Boston and Somerville today to investigate several suspicious devices.

"It's a hoax -- and it's not funny," Gov. Deval Patrick said.

This is an extremely serious situation," former FBI Director Bill Gavin told FOX News during the investigation.

"Whoever did this — whether it be kids or adults — if they think it's funny, I think they'll soon learn it's not that much of a humorous situation."

What a bunch of idiots!

It gets worse. The stupid has spread to other cities now.

I love it...

From one of the articles: "It said the devices have been in place for two to three weeks in 10 cities: Boston; New York; Los Angeles; Chicago; Atlanta; Seattle; Portland, Ore.; Austin, Texas; San Francisco; and Philadelphia."

So, why does boston lose their mind? Because they're STUPID, look at the other cities....

New York = Understand Lights aren't bombs, thowies have been used in NY before.

Los Angeles = They needed the extra lights, so they didn't complain.

Chicago = the wind blew them all away, no one cared...

Atlanta = thought it was part of the rap scene, so it was cool yo'

Seattle = thought they were "floaties" in their eyes from drinking too much coffee

Portland = thought they were cool... and simply tuned into Adult Swim

Austin = thought they were part of the music scene, and played on.

San Fran = didn't even notice them.

Philadelphia = see Los Angeles.

Boston = With all their drinking and lack of thought, leapt to the conclusion that they looked like old IRA bombs, and freaked out.

RE: cbs4boston.com - Hoax Devices Creating Gridlock In Boston

The difference is that even during a full on nuclear exchange at the height of the cold war (1984 I believe), there would still be humans left. The death tolls would be significant, in the hundreds of millions to even a billion, but about half of the population would survive after the exchange, and a half again after the nuclear winter subsided. There were never enough arms to totally wipe out the human race. And a large section of the population didn't live near primary targets.

Wrong. There were enough Nuclear weapons on the planet at the height of the cold war to destroy all human live four times over. And it doesn't matter if a large section of the population didn't live near primary targets (which wasn't true either), because the climatological changes post an all out nuclear war would have destroyed all life on earth.

Now when you're talking about climate change, and many of the models indicate not only intolerable shifts in temperature as well as the atmosphere changing to essentially be poisonous, then I think he has a point. Granted, it would take hundreds of years to get to this state, but it's a lot more deadly consequence than the 90 minutes it would take to get off a nuclear exchange.

See above... those who die in the first 90 minutes would be the lucky ones. I was actually happy that I did grow up in a primary target area, because I wouldn't have to be around to suffer the end of man.

Actually, Nature has a way of controlling the climate. (hint) It's the largest unexplored area of our planet. El Nino is just the beginning. As more polar ice (fresh water) melts, and gets into the circulatory flow of the planet, changes the salinity of the current flows, causing temperatures of waters of all the world to change, effecting the climate directly.

We can continue to pollute the earth, the climate will change, and adjust, and begin eradicating humans. I really DON'T care, because nature will still survive. If it is our destiny to destroy ourselves, who are we to stop it?

RE: AM - Gore warns on climate change

Umm... As I understand it, Rangel's draft maneuverings have more to do with forcing the more hawkish members of congress to go on record as having voted for or against a draft. Part of his point is also that these same elected officials would be less likely to vote for armed conflict if they knew that their children could be called up to serve in the event of said conflict...

Sounds like a case of the man simply having NO BRAINS then...

That's a stupid way of "making a point".

Our Military would be weakened by a forced conscription and draft, as it is today, our Military is ALL VOLUNTEER.

Which means, that each and every person that HASN'T served our country, needs to take a moment, find one who has, and THANK THEM for their commitment and sacrifice. REGARDLESS of the "conflict", war, or action they were/are involved in, these people believe in the "American Way of Life" so strongly, that they are willing to sacrifice their time, and in some cases, their life, to be the strong force of our Government. (Regardless if you feel the particular action is right or wrong.)

Please, take a moment to thank your nearest sailor, airman, soldier, marine, and coast guard. If you don't know any, here are a few links to find a way to say "Thanks".

http://www.uso.org/whatwedo/specialprograms/

http://www.military.com/Content/MoreContent1/?file=support_troops

http://www.usocares.org/src/uso_home.htm

Thats my 2¢, YMMV.

dc0de.

RE: Top Democrat: Bring back the draft - CNN.com

And the credit for the next errant quote goes to: Russ Knocke, spokesman for the Department of Homeland Security, who states at the end of the article:

"Biometric licenses will be "virtually impossible" to fake"

==sarcasm== Yeah, I'm really all over that... because the RFID chip that they are going to use could "Never" be reprogrammed, nor could the "Encryption" on the chip "Ever" be broken... ==/sarcasm==

It seems to me that we are spending billions on a project that will only expose us all to MORE FRAUD, without any calculable risk mitigation.

Some interesting facts about the REAL ID Act:
It mandates (but doesn't budget) that each state is responsible for building a data warehouse to store the information that is printed on the drivers license, and encoded on the "electronically readable medium". These statewide data stores will then be shared amongst all states and the federal government, for "Identification Verification" purposes.(When was the last time your state had an information security breach?)

The REAL ID will be your "NEW" drivers license, doubling not only as your proof of driving in the state that you reside, but also it will then be elevated to perform several other functions, primarily as your new National ID, proof of citizenship, proof of voting rights, proof of residence, proof of age, and anything else that the state so desires to encode on the "electronically readable medium".

The decision for what type of "electronically readable medium" is left in the "capable" hands of the Department of Homeland Security, who is currently enamored with RFID technology. (Also the state department has moved to Passports with RFID chips in them, and it "seems to be working well", which means they can't yet tell if anyone has stolen or tampered with any of the data on the chip, as there is no way to tell at this time.)

Nowhere in the REAL ID Act is there any mention of how any of this data is to be secured, controlled, or tracked, nor are there any stipulations as to who has access to it, and who can see this access list. Meaning, you won't know who has your data, and what they are doing with it.

Those without the "new REAL ID" will not be permitted to FLY on any commercial airline, enter any Federal Building, or any other area that the Federal Government deems requires such Identification. This is a direct limitation of constitutional freedom

I am all in favor of securing our country, however, I think that this should be reviewed by more than just lawmakers, as the ability for this new "Security" measure introduces much more INSECURITY and RISK than I feel is necessary, and does not conform to common standards of information security practices.

More diatribe on REAL ID

Another blow to privacy and a potential "blocker" to the REAL ID act. The loss of passage of this bill is a significant step backward in preventing the loss of our privacy and subsiquent adoption of a National ID System based on our Driver's License.

Anyone want to throw in and buy an island with me? This is getting ridiculous...

dc0de.

Schwarzenegger Terminates RFID Bill - News by InformationWeek

Update:

I haven't heard from my current company yet, but as it seems, I'm still employed... and earning money on "administrative leave".

Funny though, I received an email today from a headhunter, with the following job opportunity:

===================================
From: "Jxxxxxx Mxxxxe"
To: redacted@removed.net
Subject: permanent position with choicepoint
Date: Wed, 17 May 2006 13:53:42 -0400
Message-ID: 009001c679da$d5f4cee0$1001a8c0@xxxxxxxx.com
MIME-Version: 1.0
Importance: High
Thread-Index: AcZ52tWmOLWu6kXHSLWnZoifXJmO1w==
Return-Path: jxxxxxxe@dxxxxxxxxxe.com

It was nice talking to you. They are looking for someone strong in
FIREWALL, CHECKPOINT, CISSP, VPN,DNS

Salary between 120 -130k plus 10-15% performance bonus at the end of the year.

Required Skills and Experience:
. Certified Information Systems Security Professional certification (CISSP) is required.
. Certified Information Systems Auditor certification (CISA) is desired.
. Cisco Certified Internetwork Expert certification (CCIE) is desired.
. Check Point firewall certified preferred.
. Experience with architecting and designing security infrastructures, understanding of how to design security devices, network and systems compliant with the requirements of a desired security posture or state is required.

. Highly knowledgeable of security principles such as defense in depth, grandularity of privilege, etc. and how these are applied in the real world.

. Expert understanding of intrinsic security weaknesses within the core infrastructure components such as TCP/IP, Checkpoint firewall, VPN, DNS, file transfer, proxy, and remote administration protocols.

. Pragmatic understanding of security problems as a mix of technology and process issues with the ability to pursue solutions at both layers within the organization.

Optional Skills

Key Job Functions:
In this exciting position you will -
. Design and architect global network and security systems including
firewalls, IDS, proxies, policy compliance tools, routers, switches, VPN hardware / software, and other security devices as specified.

. Lead and execute network security projects in a diverse set of areas that include: intrusion detection, end point security, log file correlation, security information management, actively identify where new work efforts are required, and network / security metrics.

. Take a leadership role in providing network security advice, such as risk analysis, to business units who engage with the Network Design and Engineering team.

. Manage the relationship with various network and security vendors to ensure their products and services add value to client

. Define, gather, and report metrics regarding network and security with the ChoicePoint environment.

. Act as a gatekeeper for operational requests related to network and security matters.

. Provide vision for network and security direction and designs to achieve these agreed upon objectives.

. Be a Team Lead to the firewall and network engineers, including developing the team members individually and as a group in order to achieve the next level.

. Improve stability, availability, and scalability of the network and security infrastructure.

. Develop a customer service orientation for the Network Design and Engineering team.

Jxxxxe Mxxxe
Tel: 678-xxx-0xx3 x 5xxx
Fax: 678-xxx-0xx0
www.dxxxxxxxxe.com

RE: Telling the Truth hurts...

Here is a fscked up story... (the sad part, is that it is true).

In January of this year, my company's marketing department asked me to give a talk at a conference being held in Lake Las Vegas, NV, during the first week of May. I agreed, and the topic was set for me, that of "Insider Attacks, the anatomy of an Inside Attack, and how to stop one.".

I asked our marketing group if there was a presentation started, or completed on this topic, and I was told that I would have to create it from "scratch", but if I needed any assistance to ask the marketing department.

Fast forward to about 3 weeks before the conference. I spoke to the marketing department, and asked them for assistance creating my presentation, as I had to deal with some family emergencies, and was running out of time. I received no assistance. I then spent every waking moment researching insider risk, and the risks associated with insider loss. I learned quite a bit, and have several hundred links to pertinent data on the web. Including information from the aforementioned IDR.

Now, fast forward to the presentation. It went flawlessly. As a matter of fact, there were approximately 80 people in the room, and 20 or so more in the hallway, watching with the doors wide open.

The next day, my company asked me to present the material again, as there were too many people who missed it. I reluctantly agreed, and put on another presentation. During the 2nd presentation, there was someone there that took the data back to the IDR.

Part of the presentation includes a slide that shows the Insider Attack Variables, including, Corporate environment and culture. Since the IDR's previous incident was caused by someone not performing their due diligence on 50 fraudulent companies, thereby allowing these companies to freely PURCHASE data from the IDR and commit fraud, I used their loss as an example.

I stated, "The [IDR Company Name] incident was caused, in part, by a company culture that was more focused on making sales numbers, than it was to vet the companies it was selling information to." The individual in the audience that took the data back to the IDR made some aggregious claims, that I was "mocking" them. This was not the case. I mentioned several other companies in the presentation, and wasn't mocking anyone.

However, the IDR claimed that my comments were slanderous, and their attorney began harrassing me on the phone. I then went to my internal company resources, who, took all of my information, and then put me on administrative leave.

Today, I find out that the company president went down to the Atlanta IDR's offices, and spoke with their President and legal council, and apparently, arranged a settlement agreement, on my behalf, that does not allow me to ever use the IDR's name again. (Hint, it located in Atlanta.) Part of the meeting, alledgedly included an email message from the person in the 2nd meeting, making statements that I had either been drinking or was drunk. (Neither of which were true, I hadn't had anything to drink until Thursday night after the presentations were over.)

Well, in addition, the company that I work for now is terminating me, and claiming that I have to sign the IDR's document, (that they negotiated as part of their settlement), and of course, another document, forbidding me to speak about this issue.

Well, I'm calling several attorneys on Monday, and just wanted you all to know how fucked this has all become.

The interesting question, if none of this were true, why would the IDR care?

but, in my grand scheme of things, it really doesn't matter.

On a side note, if you know of any jobs, gimme a call.

Ok...

Here's a what if scenario if the GA HR 1259 get's passed...

1. I am asked to go to a friends house to look at something odd on his VPN connnection.

2. I discover that he is witnessing someone steal Intellectual property from the company HE works for.

3. He turns the thief into the his company, and explains that I identified the network traffic that brought this to their attention.

4. They take the thief to court, and I am called as a witness.

5. I am asked what I did to identify the traffic, and at this point, I'm in a Catch22.

Do I explain what I did and risk being charged with a FELONY as having performing forensics without a P.I. license?

-Or-

Do I plead the 5th Ammendment, and allow the thief to go free?

Also, what if I am "compelled" to give my testimony? What if the company makes a sworn statement that I was the one that helped identify the thief? Wouldn't I still be liable for performing forensics without a license?

Wow...I can't even HELP people anymore?

Now that's messed up.

For those of you who care about Computer Forensics, please see the current situation in Georgia.

There is a bill before the GA Legislature -- HB 1259

If passed, it will make it a Felony to perform and testify in a State Court about any computer forensics performed, unless you are a licensed Private Investigator.

This law will put honest, local companies out of business, unless they go and get licensed. Note, the GA requirements for a Private Investigator have NO REQUIREMENTS to have ANY computer forensics expertise, nor is there any training regarding how to collect the evidence.

Several other states already have these laws, which only allows Licensed private investigative services company to perform and testify to any computer forensics related evidence. (Note, this would also include any IT Audit records, not specifically limited in any way to performing "Encase" like hard drive forensics.)

If you live in GA, please contact the Govenor and ask that he VETO HB1259.

-----------------------------------------------

From: "Scott A. Moulton" smoulton@nicservices.com
Date: Mon, 17 Apr 2006 22:05:56
To:REDACTED
Subject: Testifying in Court on 04-06-06

Mr, Julian, I am writing this to document the events that took place on Thursday April 6th, 2006. I was called as an computer forensic
expert witness totestify for Superior Court of Coweta County, Georgia. I have testified before on one previous occasion in Cobb County and was accepted as a computer forensic expert. I have over 5 years computer forensics as well as over 20 years experience in the computer service industry.

While waiting outside the court, GBI Agent Vicki Adams told me that in the courtroom with the Prosecutor Kevin McMurry was Jim Persinger.

She stated that he use to be a Cobb County Police Officer and now a Private Investigator and owns PM Investigations and that he does
computer forensics. She was telling about the computer forensic software that Jim had written and that she was going to get a copy of his newest creation.

When I was called to the stand, the defense attorney Steven Sadow, introduced my skills and asked that I be accepted as a
computer forensics expert witness. The prosecutor, Kevin McMurry, asked to reserve that answer until after he questioned me.

Prosecutor Kevin McMurry began by questioning me if I had done a report specifically for this court or legal purpose? He proceeded to
question whether I had a degree in criminal justice or if I had any law enforcement training? Prosecutor Kevin McMurry questioned me about my background in private investigation and then he asked if I had ever worked for a private investigator? He questioned if my company was licensed to practice as a private investigation firm? Prosecutor Kevin McMurry followed by questioning if I had even applied for my private investigator license and then acted appalled that I... [ Read More (0.4k in body) ]

I despise bull fighting, and applaud this bull... unfortunately, he lost his life, while goring the stoopid humans who paid to see a bull tortured.

Hopefully, these cultures will learn that bulls are better left to slaughterhouses, and not to rings...

I mean, shit... what a waste of good beef?!!!?

Go 'Little Bird'!!!