Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!



Anatomy of the HBGary Hack

Dman33 Re:Incompetent (220 comments)

Sure, the "we pay your ass, do it when I tell you to!" card is played all the time in corporate culture however a skilled and experienced security professional knows how to deal with that. It goes along the lines of "you may me to do my job to the best of my ability, if you want a yes-man then fire me and hire an intern".

Corporate culture is not an excuse in infosec, especially for a security company. If corporate culture IS like that, then change the corporate culture. If you cannot or do not know how to change the culture, then don't get a job in a leadership position.

Why is this so hard??

more than 3 years ago

The FBI Wants To Know About Your IT Skills

Dman33 Infragard is not nefarious (211 comments)

I am an Infragard member. I was working for a university research group and was required to join Infragard as a part of this research. I did not like the idea of being forced to join an organization I knew little to nothing about so I did research into the organization first. I read up on all of the conspiracy theories about Infragard and spoke with some members before joining.

The conspiracy theories link this organization to "big brother" programs that encourage people to spy on their neighbors. This is not actually the case with Infragard - as far as I can tell.

From what I can see, this organization is put into place for very good reasons. Look into the Russian action in Georgia last year - a large component of that military action was cyber-based. The Russians took over the Georgian infrastructure (electric, news and radio) far before tanks rolled into Georgian territory. If the US is ever attacked on a large scale, our infrastructure will be the first strike. Infragard allows a secured group of IT professionals to be "in the loop" on potential threats that cannot be made widely public yet. It also allows these professionals to collaborate on security issues in real time - as they happen.

Say a new worm was propagating across major infrastructure networks. An administrator at the water company finds evidence of this worm and sends a message to Infragard asking if anybody else has seen it. A person working at the electric company reads that message and notices that it matches something they are addressing as well. The issue may be quickly escalated and addressed appropriately. If these individuals had to deal with conventional reporting then the link between two critical infrastructure networks experiencing the same problem at the same time may be missed.

In my experience Infragard does not care a bit about individuals ripping a CD or something. This is about bridging the gap between law enforcement and IT professionals in order to minimize the time it takes to address a potential cyber threat on critical infrastructure.

Registering your IT skills with Infragard is optional, not mandatory. This is not as evil as it sounds and I see much more upside to this than downside.

about 5 years ago

Sanely Moving from Word to the Web?

Dman33 Simple! (547 comments)

There is this handy tool that can go through all of the HTML for you and do all kinds of custom formatting, cleaning up and simplification custom per your specifications!

It is called an intern.

more than 9 years ago


Dman33 hasn't submitted any stories.


Dman33 has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?