Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Anatomy of the HBGary Hack

Dman33 Re:Incompetent (220 comments)

Sure, the "we pay your ass, do it when I tell you to!" card is played all the time in corporate culture however a skilled and experienced security professional knows how to deal with that. It goes along the lines of "you may me to do my job to the best of my ability, if you want a yes-man then fire me and hire an intern".

Corporate culture is not an excuse in infosec, especially for a security company. If corporate culture IS like that, then change the corporate culture. If you cannot or do not know how to change the culture, then don't get a job in a leadership position.

Why is this so hard??

more than 3 years ago
top

The FBI Wants To Know About Your IT Skills

Dman33 Infragard is not nefarious (211 comments)

I am an Infragard member. I was working for a university research group and was required to join Infragard as a part of this research. I did not like the idea of being forced to join an organization I knew little to nothing about so I did research into the organization first. I read up on all of the conspiracy theories about Infragard and spoke with some members before joining.

The conspiracy theories link this organization to "big brother" programs that encourage people to spy on their neighbors. This is not actually the case with Infragard - as far as I can tell.

From what I can see, this organization is put into place for very good reasons. Look into the Russian action in Georgia last year - a large component of that military action was cyber-based. The Russians took over the Georgian infrastructure (electric, news and radio) far before tanks rolled into Georgian territory. If the US is ever attacked on a large scale, our infrastructure will be the first strike. Infragard allows a secured group of IT professionals to be "in the loop" on potential threats that cannot be made widely public yet. It also allows these professionals to collaborate on security issues in real time - as they happen.

Say a new worm was propagating across major infrastructure networks. An administrator at the water company finds evidence of this worm and sends a message to Infragard asking if anybody else has seen it. A person working at the electric company reads that message and notices that it matches something they are addressing as well. The issue may be quickly escalated and addressed appropriately. If these individuals had to deal with conventional reporting then the link between two critical infrastructure networks experiencing the same problem at the same time may be missed.

In my experience Infragard does not care a bit about individuals ripping a CD or something. This is about bridging the gap between law enforcement and IT professionals in order to minimize the time it takes to address a potential cyber threat on critical infrastructure.

Registering your IT skills with Infragard is optional, not mandatory. This is not as evil as it sounds and I see much more upside to this than downside.

more than 4 years ago
top

Sanely Moving from Word to the Web?

Dman33 Simple! (547 comments)

There is this handy tool that can go through all of the HTML for you and do all kinds of custom formatting, cleaning up and simplification custom per your specifications!

It is called an intern.

more than 9 years ago

Submissions

Dman33 hasn't submitted any stories.

Journals

Dman33 has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?