SOURCE Boston
January 16, 2008
So, I posted my first blog post over at the SOURCE: Boston blog today. It’s all about why I was excited when Stacy asked me to be a part of the advisory board.
The one thing I didn’t mention in that post is the quality of the advisors on the board – it’s a heck of a group. I know I have posted about it before, but it’s very cool to work with people I have always respected – Raffy, Adam, the Veracode Chris’s, Oliver, etc.
It’s a cool group. And the speakers are even better – it’s going to be like the security version of big rock bands in small venues… while we’ve already got some big names confirmed (including Mogull and Hoff ON THE SAME STAGE), there are some even bigger names still in the works.
I can’t wait.
Under Construction…
January 16, 2008
You may notice that things look a little bit different around here.
I’ve finally grown weary of Serendipity and moved to WordPress.
The look and feel will get back to normal sometime soon, but I was tired of my blog only loading half of the time.
Getting Socially pwned
January 9, 2008
So, about a month ago, I did a post on Hoff owning Mogull’s house.
I figured I’d relay the conversation that I had with Rich about a week later:
Me: So, that whole “Hoff owning your house” thing must have sucked, huh?
Mogull: What?
Me: Hoff. Your house.
Mogull: Ohh… yeah. You didn’t see the post?
Me: Uhh… no. Haven’t been reading. What post?
Mogull: The post where I admitted it was all a hoax. Yeah, we thought it was pretty funny that you believed it.
So, in reality, it wasn’t Mogull that got pwned. It was me.
Funny that the guy who spends so much time talking and writing about social engineering got social engineered by those two pranksters.
The stupidest fight I’ve ever seen…
January 8, 2008
So, is anybody else following the whole Fortinet and Zango fight? This is one of the most amusing “responsible disclosure” debates I have ever seen. For those who haven’t seen it, let me introduce the combatants:
In the red corner, fighting out of California, there’s Fortinet – an internet security company who generally do a decent job of making products that help. They’ve got their issues, but so do most companies.
In the blue corner, from Washington, there’s Zango. They make spyware. That’s right. You heard me. They make spyware.
So the fight started when Fortinet put out this advisory claiming that Zango was using a Facebook widget to install their spyware. (Remember – they make spyware.)
So, Zango gets all up in their face. They’re delighting in calling Fortinet “opportunistic”. They roll their PR team in action, even to the point of getting this Wired News article. From the article:
“Zango’s associate corporate counsel Kevin Osborne called the report “reprehensible” in a phone interview Friday, saying Fortinet had just piled together the hot buzzwords “Facebook,” “Widgets” and “Spyware” to make a splash.”
Well, it turns out that Zango has now “proved” that Fortinet was wrong.
Okay, so let’s recap this. Fortinet makes a mistake calling b.s. on a known spyware vendor, and we’re supposed to be feeling sympathetic for Zango? Who’s the opportunistic one here?!?!
If I were Fortinet, I’d probably send the following (open) letter to Zango’s CEO:
Dear Kevin Smith,
We’re really sorry that we made a mistake on our advisory (if we actually did). However, if you weren’t such a pathetic company that makes a plague that infects the world’s computers without providing any real value, we probably wouldn’t have been so worried about it.
Clean up your act, and we’ll promise not to screw up ever again.
Yours truly,
Fortinet (on behalf of the security community at large).
Okay, rant over. This one just activated my “that’s dumb” circuitry.