The funniest spam message ever…

January 26, 2008

So, this is completely off topic, but I had to post it. I received a spam message the other day that had me in stitches from its creative butchery of the English language. The entire message was:

Subject: Lengthen your device length and become sex giant.

Your girl shack up with your friend that’s why you’re alone.

His male device is bigger than yours and this is the main reason of leave.

Don’t warry chap. At present you can change your life to the good. Increase your aggregate size and you will forget about troubles.

This is your chance to change your sexual life.

Brilliant. That’s the only word I have to describe it. It gives me a new idea for a game: Spammer Refrigerator Poetry.

Technorati Tags: creative english, humor, language, linguistic butchery, spam

Under Construction…

January 16, 2008

You may notice that things look a little bit different around here.

I’ve finally grown weary of Serendipity and moved to WordPress.

The look and feel will get back to normal sometime soon, but I was tired of my blog only loading half of the time.

Getting Socially pwned

January 9, 2008

So, about a month ago, I did a post on Hoff owning Mogull’s house.

I figured I’d relay the conversation that I had with Rich about a week later:

Me: So, that whole “Hoff owning your house” thing must have sucked, huh?

Mogull: What?

Me: Hoff. Your house.

Mogull: Ohh… yeah. You didn’t see the post?

Me: Uhh… no. Haven’t been reading. What post?

Mogull: The post where I admitted it was all a hoax. Yeah, we thought it was pretty funny that you believed it.

So, in reality, it wasn’t Mogull that got pwned. It was me.

Funny that the guy who spends so much time talking and writing about social engineering got social engineered by those two pranksters.

The stupidest fight I’ve ever seen…

January 8, 2008

So, is anybody else following the whole Fortinet and Zango fight? This is one of the most amusing “responsible disclosure” debates I have ever seen. For those who haven’t seen it, let me introduce the combatants:

In the red corner, fighting out of California, there’s Fortinet – an internet security company who generally do a decent job of making products that help. They’ve got their issues, but so do most companies.

In the blue corner, from Washington, there’s Zango. They make spyware. That’s right. You heard me. They make spyware.

So the fight started when Fortinet put out this advisory claiming that Zango was using a Facebook widget to install their spyware. (Remember – they make spyware.)

So, Zango gets all up in their face. They’re delighting in calling Fortinet “opportunistic”. They roll their PR team in action, even to the point of getting this Wired News article. From the article:

“Zango’s associate corporate counsel Kevin Osborne called the report “reprehensible” in a phone interview Friday, saying Fortinet had just piled together the hot buzzwords “Facebook,” “Widgets” and “Spyware” to make a splash.”

Well, it turns out that Zango has now “proved” that Fortinet was wrong.

Okay, so let’s recap this. Fortinet makes a mistake calling b.s. on a known spyware vendor, and we’re supposed to be feeling sympathetic for Zango? Who’s the opportunistic one here?!?!

If I were Fortinet, I’d probably send the following (open) letter to Zango’s CEO:

Dear Kevin Smith,

We’re really sorry that we made a mistake on our advisory (if we actually did). However, if you weren’t such a pathetic company that makes a plague that infects the world’s computers without providing any real value, we probably wouldn’t have been so worried about it.

Clean up your act, and we’ll promise not to screw up ever again.

Yours truly,
Fortinet (on behalf of the security community at large).

Okay, rant over. This one just activated my “that’s dumb” circuitry.

“More Women Oriented” (Or: Ignorance creates a talentless environment)

December 28, 2007

Sometimes, I’m moved to blog because I am reminded of how unfair the world is. I suppose it’s something that most people are already aware of, but I usually forget that most of the world isn’t as enlightened as most of the people who I’m lucky to associate with on a daily basis.

This morning, my friend Jason twittered about Brazen Careerist Penelope Trunk getting fired from Yahoo. Now, that in itself isn’t that big a deal. People lose jobs all the time. It was when I read the entry that I found this wonderful quote:

Here’s what my boss’s boss’s boss said: “You should write for Lifestyles. That is more women oriented.”

This is a senior manager at a major public company. And I know that this happens. A friend of mine was once fired from a similarly major corporation because she reported sexual harassment.

But this is 2007, and it’s ridiculous that we still have to put up with this ignorance and stupidity in the world. The thing about it is, it’s Yahoo’s loss. Penelope is brilliant, funny and a wonderful thinker when it comes to careers. And she’s going to land on her feet, because she’s so talented.

But if companies like Yahoo continue to treat their talent like this, soon enough, they won’t have any talent. Their short-term ignorance will cost them the talent.

This is why these companies are having such trouble attracting the young “GenNext” employees. More and more, the people who are under-30s today are looking for places that respect the talent around them. This often appears to be a “sense of entitlement” to the old fogeys (yes, I just called everybody older than 35 a fogey). But it isn’t… it’s about respect for skill and talent.

And the understanding that disrespecting someone’s talent because of what they look like, how they dress, or their gender is stupid and shouldn’t be rewarded.

A Cool New Conference

December 17, 2007

So, I spent the weekend in Boston helping to organize Source Boston, a new security conference that is taking place in March.

And, while I’m a bit biased because I’m helping organize, I have no doubt that this one’s going to be amazing. We’ve got an amazing group of advisors – I spent the weekend hanging around with Raffy, Adam, Oliver, the 3 Chris’s from Veracode, and our fearless and effervescent leader Stacy (who really, really needs to get a blog I can link to). It’s always fun to be the dumbest person in the room by a pretty wide margin.

But here’s what’s cool about the conference – our goal is to put on the kind of speaker list that you’d only get at Blackhat or RSA, but do it in a really intimate venue. We agreed that the conference should have the same sort of vibe as you get when a huge rock-band (that usually sells out an arena) comes and plays a small local club.

There’s a disadvantage to having such an intimate setting, though – you have to get your tickets soon – we’re capping attendance at 450, and they’re going to move quickly.

To me, it’s all about access to the speakers – you can really get the chance to ask questions, meet people, and be part of the discussion. Which is rare with the speakers we have (more announcements on the speaker list in the coming days – it’s amazing, and I can’t wait to be able to talk about it more).

Oh, and I’m pretty excited about an activity on the final day of the conference – we’re going to have a reunion of the L0pht – having a large number of the members in one place to talk about their experiences and their thoughts on the industry that, in many minds, they were a large part of starting.

Aside: we’re doing some super-secret registration mojo that I think is pretty cool. Email me and I’ll tell you about it.

Don’t hassle the Hoff…

December 14, 2007

Okay, so I’ve been seriously remiss in posting for, oh, say the last six months, but I couldn’t resist mentioning this one.

Recently, Mogull posted an article on Dark Reading decrying the nature of security predictions. Shortly after writing the article, and while out of the country, Rich’s house automation went crazy.

Well, Hoff took umbrage to the article, and decided to make one of his own predictions come true… and owned Mogull’s house.

Hats off to the Hoff… and to Mogull for showing us all that even the most security aware of us can get owned.

(Of course, it’s always easier to get pwned by somebody who can drop you an email and ask you to collaborate on something, but that’s a topic for another post…)

Welcome Alex Jones listeners…

September 6, 2007

I heard through a rumor that a talk I gave last year was mentioned on Alex Jones’ radio show yesterday. If you came here looking for information on my talk on Hacking the Mind, feel free to follow that link for my own impressions of the talk, as well as a link to the slides I presented.

The MP3 of the talk is also available on the HOPE Number Six website here.

If you have any questions about my talk, or just want to shoot the breeze about hypnosis in all its forms, feel free to drop me an email.

Live from Blackhat

August 1, 2007

It’s Wednesday morning and I woke up in Vegas with a bit of a headache – something tells me that’s going to be a common occurrence this week. Yes, it’s Blackhat time again. There’s almost 4000 in town for Blackhat, and probably even more for Defcon later this week. I’ll be blogging as much of the conference as I can.

The partying got started early this year – last night was both an absolutely fantastic party hosted by Qualys – it was held in the Absolut suite at Caesar’s, and was a total blast. It’s the first time (that I’m aware of) that Qualys has done an event here, and they did a great job.

Half way through the party, I ran into trouble, however. The trouble came in the form of Hoff, Amrit and Rothman all being in one place. It was around then that the drinking kicked into high-gear – trying to keep up with Amrit and Hoff is usually a recipe for disaster, and last night was no exception. Hence this morning’s headache.

More soon…

Second Order Networking

July 25, 2007

Jason had a great post today about what I would call “second order networking” – the concept of using someone you are networked to to network to someone that they don’t know. This is the equivalent of making a “3rd” connection on LinkedIn, because the request goes from you to someone you know, ultimately to a person that they don’t know (through another contact).

From Jason’s post:

“In each case I was asking for my network contacts to hook me up. Here’s the interesting thing: in every case they did not know the person that I needed to talk to.

This presents an interesting decision….

But here is what I would do. I would take the opportunity to grow my own network and try and make the connection. Why? It’s easier to go to someone that you don’t know with a purpose…

It’s a great point – not only does this type of networking allow you to expand your own network, but helps your network expand theirs.

I loved the concept so much that I think I’m going to send a few emails… I could use an introduction or two.

Next Page »

• Subscribe

  • Subscribe to RSS
  • Comments

• Recent Posts

  • Return-to-Barry-White Human Exploitation
  • NLP for Social Engineers
  • Hacker Halted Redux
  • Recap: The Hope Symposium
  • Social Engineering Abounds
  • Greed as a prime motivator
  • Constraints and The Bandwidth Problem
  • Social Networking and Security
  • Obama and Hypnosis
  • NLP is not Science

• Categories

  • Business
  • Career Skills
  • Hypnosis
  • Management
  • Marketing
  • NLP
  • Personal
  • Security
  • social engineering
  • Uncategorized

• Archives

  • November 2009
  • October 2009
  • September 2009
  • July 2009
  • April 2009
  • March 2009
  • January 2009
  • December 2008
  • October 2008
  • September 2008
  • August 2008
  • July 2008
  • May 2008
  • April 2008
  • March 2008
  • February 2008
  • January 2008
  • December 2007
  • September 2007
  • August 2007
  • July 2007
  • June 2007
  • April 2007
  • March 2007
  • February 2007
  • January 2007
  • December 2006
  • November 2006
  • October 2006
  • September 2006
  • August 2006

• Links

• Meta

  • Log in
  • WordPress
  • XHTML