Thursday, June 10, 2021

Episode #51 Honey! The Neighbors are Watching us Again!

 At least in years gone past we could at least spot the neighbors as they tried to hide behind the shrubs in the garden, the curtains in the house, or ducked down below the fence line that separated each of our little slices of the American Dream....




These days however things are a little more subtle (if the neighbors have been paying attention to the InfoSec world for more than 5 minutes...)

Long gone are the days of just borrowing the neighbors wireless to launch an attack against the NSA through their cable provider (although it IS fun to see the black suburban roll up occasionally to their doorstep when you’re feeling mischievous..)

Today’s targets for neighborhood “watching” varies across an entire spectrum of fun and games...

I still feel slightly guilty about the 50-gallon barrel of lube my neighbors have, but “Hey Siri...” we just have to have some fun....

I DO enjoy making their microwave go off in the middle of the night, although they have replaced it a few times now, and the electrician doesn’t use Google Maps anymore to find them... amazing just how far away those WEMO plugs can be controlled from.

Now, thankfully Xfinity allows themselves to provide “free” WiFi to anyone with account credentials, so it IS still possible to get directly TO their router (you’d think folks would update the things.... but no) and given I’ve got around 1,335,000 Xfinity account ID/Passwords I’m set for a LONG time before I must leave my own fingerprints...

Oh, speaking of fingerprints, confession time... one of the neighbors has a RING doorbell, oh how we laughed when we changed out the screws during install and just last week got the doorbell to short circuit and burn ½ the place down... shame the fire alarms didn’t work, someone should REALLY unblock NEST’s fire alarms from the firewall and allow them to do their job... The video of the owners yelling “Hey Google FFS call the fire brigade” will be posted on YouTube later (thanks Arlo for the default account credentials...)

Oh, while we’re on the subject of the recently deceased, I guess playing Poltergeist on the other neighbors Roku device and having it display on all their nice Samsung IoT enabled TV’s is probably a mean thing to do... although it does make for entertainment as we might have also hooked up their Phillips Hue to pulse at the same frequency as the TV... I guess that’s why they seem a little nervous these days.

Oh, and we won’t mention the fun we had with the Tesla and some bright spark in the neighborhood thinking they could geofence the car into opening/closing the garage as they came home... Watching the garage door rapidly open and close AS the car tried to get in watching Grandma eat dinner with her falsies...

Speaking of that, I need to go mess with dear old Grandma’s IoT toothbrush, I think tonight we’ll set it for “killer mode” and see if it can chase her round the bathroom again...

We haven’t even gotten to the fun part watching the cute couple across the road react as their adult toys came to life in the middle of a webinar and started to inch across the desk... now THAT was fun to record… got to LOVE Bluetooth enabled things.

You get the idea; the neighborhood is SO much more fun these days....

Join us tonight as we talk though the evolution of the nosey neighbor :)

10 pm Central 2100 mountain time 

https://www.youtube.com/watch?v=TbT1DknqRw4

Tuesday, May 25, 2021

Episode #49 Sorry to Disturb You...

 

Sorry to Disturb You...

·      But your front doors open...

·      Your flies are undone...

·      I found your kid wandering on the street...

·      But I think you dropped your wallet...

All things many of us have said, done, acted upon OR been the recipient of over our years, and all of them taken in the spirit of the manner delivered, graciously, often with relief and a huge thanks to whomever delivered the news.

HOWEVER, in the digital realm...

·      I do say, you appear to have an open port on the Internet...

·      Um, your application has a hole in it...

·      We found your data lost and confused....

·      I think you might have a hole in your cloud...

SOME of us have tried to have these conversations with companies, individuals, and entities out in the digital realm and have been met with a variety of responses ranging from thanks AND relief, to accusation, lawyers, silence, or the FED’s arriving on the doorstep etc.

Somehow, in the physical realm when point out your mistakes, flaws and general numptiness you are happy to receive the feedback, yet in the digital realm when we do the same it’s as if we called your baby “robust with a face only a mother could love.”

What gives? How DO we give you YOUR data BACK in the digital realm without all this grief?

I mean, it’s NOT as if you realized it was gone, OR that chocolate fireguard you were sold would have slowed us down anyhow IF we did want it!

Things to ponder on and discuss this coming Thursday on the Shit Show with Evan, Ryan, and Chris

‘all for now

Chris

Thursday, May 20, 2021

Episode #48 - Jeopardy v2 (and other interesting things... Attempt #2)

 

Well we are going to try this again Episode #47 went a different direction, so tonight we are going to to try Jeopardy again

It's time to play some Security Shit Show Jeopardy again. Hell yeah!

I will be your host Ryan Trebek 

One game, one Cham Peon. Like v1, we'll pick three contestants from our live audience to play our version of Jeopardy. Winner gets some bragging rights and a Security Shit Show T-shirt (that I'll forget to send you).

YOU THINK YOU'VE GOT WHAT IT TAKES?! 
COME PROVE IT!

After the game, I want to talk to the guys about a beef I've got. We'll have time for this too.

In prepping for the v2 Security Shit Show Jeopardy game, I got to thinking about some of the classic SNL Jeopardy skits. Remember some of these lines?

 - Category: A PETIT DEJEUNER, Turd Ferguson "why don't you give me ape tit for $200."


 - Category: CATCH THESE MEN, Sean Connery "I'll take catch the semen for $800."

 - Category: JAPAN US RELATIONS, Sean Connery "I'll take Jap Anus relations for $200."


 - Category: LET IT SNOW, Sean Connery "I'll take le tits now for $800."

 - Category: AN ALBUM COVER, Sean Connery "I'll take anal bum cover for $7,000."

And the list goes on. Some funny shit. These won't be our categories tonight, DAMMIT!

After we crown our new Security Shit Show Jeopardy Cham Peon, we'll use the time we got left to talk about this quote I read recently:

"55% of C-Suites respondents had viewed data breaches as 'not a big deal' and 'blown out of proportion' with an overwhelming 86% of consumers believing that data breaches are in fact 'a big deal'."

Or, maybe we'll talk about this new Presidential Executive Order that just came out yesterday. No shortage of shit going on around this industry, is there?!

This will be another fun Shit Show!

-Ryan

Thursday, May 13, 2021

Episode #47 - Jeopardy v2 (and other interesting things...)

It's time to play some Security Shit Show Jeopardy again. Hell yeah!

One game, one Cham Peon. Like v1, we'll pick three contestants from our live audience to play our version of Jeopardy. Winner gets some bragging rights and a Security Shit Show T-shirt (that I'll forget to send you).

YOU THINK YOU'VE GOT WHAT IT TAKES?! 
COME PROVE IT!

After the game, I want to talk to the guys about a beef I've got. We'll have time for this too.

In prepping for the v2 Security Shit Show Jeopardy game, I got to thinking about some of the classic SNL Jeopardy skits. Remember some of these lines?

 - Category: A PETIT DEJEUNER, Turd Ferguson "why don't you give me ape tit for $200."


 - Category: CATCH THESE MEN, Sean Connery "I'll take catch the semen for $800."

 - Category: JAPAN US RELATIONS, Sean Connery "I'll take Jap Anus relations for $200."


 - Category: LET IT SNOW, Sean Connery "I'll take le tits now for $800."

 - Category: AN ALBUM COVER, Sean Connery "I'll take anal bum cover for $7,000."

And the list goes on. Some funny shit. These won't be our categories tonight, DAMMIT!

After we crown our new Security Shit Show Jeopardy Cham Peon, we'll use the time we got left to talk about this quote I read recently:

"55% of C-Suites respondents had viewed data breaches as 'not a big deal' and 'blown out of proportion' with an overwhelming 86% of consumers believing that data breaches are in fact 'a big deal'."

Or, maybe we'll talk about this new Presidential Executive Order that just came out yesterday. No shortage of shit going on around this industry, is there?!

This will be another fun Shit Show!

-Evan

Thursday, May 6, 2021

Episode #46 Lawnmower Man





My Retirement Plan:



Is to head to New Zealand

Somewhere nice and remote

With good power (Wind farm, etc.)

Good internet (Wire and Satellite)



AND a nice AS/400 to live in

If I have my way, and I think well get there before I go too much more senile given the work being done on untangling some of the innerworkings of the brain, I should be at a point where not only can my current intelligent system recognize when I want a cuppa tea, but it can also figure out why.

As I’m helping TO push the boundaries of integration, I’ve every confidence that a digital version of me will be coursing around the Interwebs before I’m pushing up daisies. Which brings a WHOLE heap of questions.

What makes us human?

Are we just quarks and binding energy?

Is there really something else to this?

Can we be broken down into pulses?

Where are the limits? (if any)

So, for now, I’m going to hang out in my AS/400 and watch things unfold AND if it looks really dodgy I’m going to work out a way to simply fire my digital self into space as a set of waves and see what the hell happens…

Lawnmower man, here we come!


Join Evan Francen Ryan Cloutier, CISSP Rachel Arnold and I this evening on the #shitshow to discuss.

‘all for now

Chris
#power #energy #hacker #technology #infosec #ai

Wednesday, April 21, 2021

Episode #45 Dolla Dolla Bill Y'all

 



Money!! it makes the world go round, we need it, we want it, and when it comes to money for our security program we fight for it, but are we spending it wisely?

  • Will it have the impact on our security program we hopped it would?
  • Did we spend too much or not enough?
  • How much money is enough?
  • What the hell should i be spending it on that will make the biggest impact?

Is it wiser to invest in your people and the fundamentals or to invest in state-of-the-art laser cats with predictive AI powers? What is the right level of budget for your organization and how will you show improvements to the organizational security posture against the spend on the security program.


Vendors love money, and the love of money is the root of all evil.


  • How do you know if your vendor is predatory?
  • Does the product or service do what they claim?
  • will you need to increase headcount to accommodate the tool or service?
  • Could you get a better deal on this tool or service?
  • Do I even need this tool in my portfolio or is there an existing tool that I can leverage better?
All this and more, on the Security Shit Show Join Chris Roberts, Evan Francen and myself for what should be a a very lively discussion. 



Ryan Cloutier


Thursday, April 15, 2021

Episode #44 - Am I Crazy?


What the hell is going on?! It feels like the world has lost it's mind. Everywhere I look (out there), it's chaos.

  • Hypocrisy running rampant.
  • Virtue signaling is a "thing", gotta score those popularity points.
  • Cancel culture? This is a thing now, maybe, maybe not?
  • Politicians preach nonsense, openly lying and manipulating.
  • Big societal problems left unsolved, with no (unbiased) solutions.
  • Black kids shot (accidental or not, the result is the same) on the streets.
  • Cities burning, and we're burning them.
  • People hurting (deeply), and we're not helping them.
  • Vaccinate! Wait, maybe not. If you do, maybe you'll die?
  • Accountability, what the hell is that?
  • On, and on.
The bath water is dirty. Who cares about the baby.

People spew shit out of their mouths that doesn't make any sense. Nobody speaks up. Worse yet, yahoos sell their souls to support bullshit, because it's better to be in the "in" crowd. Who the hell is the "in" crowd anyway?

This shit IS NOT computing. 

Not in this brain anyway. Everyone's lost their minds! Not "everyone" everyone, but everyone out there.

WAIT A SECOND. 

It clicks. Didn't my Day say something about this once?  

Son, if everyone's an asshole, you're the asshole.

So, does this mean, if everyone's crazy, I'm the one who's crazy?!

Dammit! Now, I have some reflection to do. The journey down the rabbit hole begins...

What does this have to do with information security?

Simple.

Everything. 

The hypocrites, the virtue signalers, the cancellers, the politicians, the "illegals", the Blacks, the Whites, the Hispanics, the people who live in our cities, the people who live in our suburbs, the people who are hurting, the people who vaccinate, the people who don't vaccinate, the Liberals, the Conservatives, and everyone in between, is ALSO my co-worker, my relative, my partner, my customer, my friend, my employee, and my fellow human being.

I may run in my circles, just like you run in yours, but my job is to protect EVERYONE, regardless of who you are, where you come from, what you believe, or what you're struggling with. Knowing that information security isn't about information or security as much as it is about people, makes people my focus. Not just the people I like and agree with.

This is deep, but sometimes we have to dig deep to find out who we really are and what we're really doing here.

Looking forward to talking this shit out with my AWESOME friends, Ryan Cloutier and Chris Roberts! Catch us this week LIVE at 10pm/2200 CDT on the YouTube

(and yes, I am crazy, but a functional crazy)

Episode #51 Honey! The Neighbors are Watching us Again!

  At least in years gone past we could at least spot the neighbors as they tried to hide behind the shrubs in the garden, the curtains in th...