Welcome to the aforementioned slinky and sultry Web 2.0 crap.
Navigation
Tags
attrition: advisory errata archive vendor_fail news charlatan lazlo security_comp_fail going_postal rant box_of_shit movie_review book_review music_review contest buy_shit
twitter: technical_difficulties unsolicited_updates foursquare wefollow musings imdb dmfail
hobbies: critter_of_the_day squirrel guinea_pig stalking
related: osf datalossdb conference osvdb
type: quote screenshot photo video tweet audio question chat link
Links
Tools
-
That makes book #10 on my plagiarism shelf, with 5 more in the to-do stack. WTB razors, emo music and vodka.
Notes: 3 / 7 months ago -
btw.. @jamesattrition is a sock puppet for @cattechie / @vaidehinbc
…and it seems @caks2257 is Greg Evans’ sockpuppet of the day.
Notes: 13 / 7 months ago -
Charlatan Update: Gregory D. Evans, Copyright Violations for Over a Year
Over one year ago, we documented a case where Evans was plagiarizing content for his Twitter feed. Since then, he has demonstrated a clear pattern of plagiarism and copyright violation. Even after his ‘National CyberSecurity’ web site was ousted by GoDaddy for repeated copyright violations (scraping entire articles and re-posting without permission), Evans continues to do it.
Notes: 5 / 7 months ago -
Errata: Veracode Spam
I received copies of this mail to errata[at]attrition.org, a contact address at OSVDB.org and DatalossDB.org. A quick Google search showed it was also sent to mail lists that it wasn’t appropriate for. Blatant spam. My reply to Veracode follows.
Notes: 3 / 8 months ago -
Security Company Fail: Certigna publishes SSL private key by mistake
[While this disclosure turned out to be a private key for a development / testing network, the fact is it still should not have been published in a world readable directory. Doing so highlights a serious breakdown in security policy and a failure in secure operations.]
A French provider of SSL certificates appears to have made a bit of a boo-boo in its webserver configuration: publishing its private key for the world to see, and opening up a potentially serious security hole in the world’s web browsers.
SSL certificates serve two purposes on the Internet: to encrypt information, and to verify a webserver’s identity. An SSL certificate is what is used to keep the password you log in to your Internet banking site private, and also serves to ensure that you’re genuinely logging in to the bank’s own server.
8 months ago -
Security Company Fail: Unveillance faces troubled waters in the wake of LulzSec visit
In response to the news that the U.S. government wants to view hacking as an act of war, the group responsible for attacks on Sony and PBS targeted the Atlanta chapter of InfraGard, a security association that works with the FBI.
The aftermath of LulzSec docking their ship in InfraGuard’s port has resulted in accusations of corruption against data intelligence and metrics firm Unveillance.
8 months ago -
Security Company Fail: LulzSec Hacks FBI Affiliate Infragard
LulzSec is at it again, bringing a whole new batch of stick-it-to-the-man.
In its most recent activity, LulzSec has defaced the website of Infragard Atlanta, the Atlanta branch of a cooperative between the FBI and public assets.
8 months ago -
Security Company Fail: Cisco deceived Canadian courts in audacious ploy to jail executive, judge finds
VANCOUVER - The giant computer company Cisco and U.S. prosecutors deceived Canadian authorities and courts in a massive abuse of process to have a former executive thrown in jail, says a B.C. Supreme Court judge.
The point, said Justice Ronald McKinnon in a stinging decision delivered orally on Tuesday, was to derail a lawsuit launched by the former employee, and involved a series of machinations that would make a normal person “blanch at the audacity of it all.”
8 months ago -
Security Company Fail: New hack on Comodo reseller exposes private data
Yet another official reseller of SSL certificate authority Comodo has suffered a security breach that allowed attackers to gain unauthorized access to data.
Brazil-based ComodoBR is at least the fourth Comodo partner to be compromised this year. In March, the servers of a separate registration authority were hacked by attackers who used their access to forge counterfeit certificates signed with Comodo’s root signing key. Comodo admitted that two more of its resellers were hit in similar attacks, although no keys were issued.
Comodo has so far declined to name the resellers.
9 months ago -
Security Company Fail: LastPass Says Hackers May Have Stolen Password Data
May 5 (Bloomberg) — LastPass, a company that offers to safeguard and simplify managing subscribers’ online passwords, said hackers may have broken into its database and stolen information on as many as 1.25 million accounts.
The company’s service allows customers to use one password with enhanced security features to access multiple password- protected accounts for online banking, Internet shopping, and other secure sites. The Vienna, Virginia-based company posted a message on its website late yesterday alerting customers to the breach in its security.
9 months ago -
Plagarism: Dr. Ali Jahangiri - "Computer Networking Handbook" 97.8% Plagiarized
“Computer Networking Handbook” (ISBN: 978-1-58909-666-0) is a 48 page book that “has a simple approach to computer networking, protocols and network hardware”. The book is published by Bookstand Publishing (a company that facilitates self publishing), authored by Dr. Ali Jahangiri, with a cover price of $19.95. At roughly 41 cents a page, this book is costly by most standards.
Notes: 3 / 11 months ago -
Charlatan: Ankit Fadia wows students with hack demo at IIT Patna fest
PATNA: Wanna avail of telephone facility without paying the bills? Get a tip or two from Ankit Fadia. Hack into the BSNL website and remove your name from the list of consumers whose bills are not paid.
Notes: 1 / 1 year ago -
Charlatan: Ankit Fadia Running Scared, Avoids Journalist Confrontation
Thanks to Ankit Fadia’s web site and @jason_andress on Twitter, I learned that Fadia was speaking in Denver again. January 5th, from 5:30 to 8:30 at TAG restaurant in downtown Denver, he was speaking to the Entrepreneurs’ Organization. Due to my proximity to this venue (1.5 miles), I figured I would drop by and ask him questions about his plagiarism and claims to the media.
1 year ago -
Plagarism: Ankit Fadia / Manu Zacharia - "Network Intrusion Alert" Heavily Plagiarized
“Network Intrusion Alert: An Ethical Hacking Guide to Intrusion Detection” written by Ankit Fadia and Manu Zacharia (ISBN 1598634143 and 9781598634143) contains significant amounts of plagiarized material. Published in 2008, the book uses material from a wide variety of sources to varying degrees. In many cases, entire paragraphs are used with little or no alteration, and no citation or credit. This large-scale plagiarism is detailed below. The book, published by Thomson Course Technology, was technically reviewed by Arlie Hartman, who apparently did not check if the material was original.
1 year ago -
Plagarism: Ankit Fadia - "Unofficial Guide to Ethical Hacking" 32% Plagiarized
Ankit Fadia’s career is built on the cornerstone of him writing a ‘hacking’ book when he was 14, which he used as a means of establishing his expertise on the subject of computer security. Since the book ‘Unofficial Guide to Ethical Hacking’ (ISBN 0333 93679 5) was published in 2001, Fadia has not been able to keep sales figures straight…
1 year ago
