The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

Archive for March, 2008

HP Cuts Investment in their Security Portfolio

Posted by Xavier Ashe on March 25, 2008

Burton Group has specifically commented on HP’s struggle to succeed
in this competitive market. Burton Group’s Identity and Privacy
Strategies Report, “The Identity Management Market 2007: An Expanding Universe”, Our Catalyst 2007 Keynote “Identity Management Market Landscape 2007: Enabling Security and Control Objectives in the Enterprise”, and our “Vantage Point 2007: Trends in Identity Management” telebriefing, all noted that HP’s ability to compete, mindshare, and market momentum has been in sharp decline.

Burton Group has been contacted by HP customers who report that HP
is no longer going to seek new customers for its Identity Center
product.  We have contacted HP and the company confirms that HP
Software has decided to focus its investment in identity management
products exclusively on existing customers and not on pursuing
additional customers or market share. HP is in the process of reaching
out to each customer regarding the change. Last week Burton Group spoke
to HP Software Vice President of Products Eric Vishria regarding this
development. 

Vishria explained that the Identity Center product line was not
performing in this highly competitive market at a level that’s
acceptable to HP, but added that the product supports the operations of
a number of HP’s critical customers.  HP has therefore made the
decision to focus research and development efforts on existing
customers only.

This was posted on the Burton's Group Identity Blog.  Interesting stuff, read more:

Customers of other IdM vendors and customers considering new IdM
deployments should also be carefully scrutinizing this announcement. As
the market becomes increasingly competitive it is imperative that
customers evaluate the viability and long-term strategy of their
existing and potential IdM vendors. Burton Group predicts that the
market will see continued, or even increased, consolidation in coming
months.

Posted in Security | Leave a Comment »

You need a Mercedes Benz

Posted by Xavier Ashe on March 21, 2008

I am selling my Benz.  Who wants it?  $500 off the edmunds.com price by mentioning this blog.

2003 MERCEDES C320
Price:$18,268
Mileage:77,129
Color:Black
Doors:4
Features:
 Air Bag, Air Conditioning, Anti-Lock Brakes, CD player, Heated Seats,
Leather Interior, Power Seats,  Power Steering, Power Windows, Security
Features, Side Impact Air Bags, Sunroof, Traction Control
 
Additional Comments:
This car has served me well, but I am getting married and need to get a
bigger car (more kids!). It is priced to move. It's in near perfect
condition. This is a very fun drive. Give us a call to schedule a test
drive any time (we work from home). More details: AM/FM Stereo;
Multi-CD Changer; Cassette; Premium Audio System (Bose); 4-Wheel
Anti-Lock Brakes; Dual Control Air Conditioning; Alloy Wheels; Cruise
Control; Front And Rear Head Air Bags; Rear Window Defroster; Power
Seats; Leather Seats; Power Door Locks; Power Heated Mirrors; Power
Windows; Power Steering; Front And Rear Side Air Bags;
Sunroof/Moonroof; Tinted Glass; Power Tilt Wheel; Bucket Seats; Fog
Lights; Lighted Entry System; Automatic Climate Control; Memory Driver
And Passenger Seats; Power Telescopic Steering Wheel; Clock; Trip
Computer; Stability Control; Anti-Theft Alarm System; Rear Bench Seat;
Remote Trunk Release; Leather Steering Wheel Trim; Center Console;
Garage Door Opener; Keyless Entry System; Wood Interior Trim; 16 Inch
Wheels; 3.2L V6 SOHC 18V FI Engine; Tachometer; Traction Control; Audio
Steering Wheel Controls; Leather Shift Knob Trim; Intermittent Wipers;
Daytime Running Lights; Turn Signal Mirrors Contact Xavier Ashe
404-229-8905, xashe@digitribe.net

Posted in Main Page, Personal Note | Leave a Comment »

Cult of the Dead Cow Releases Goolag

Posted by Xavier Ashe on March 9, 2008

News report from eWeekTry Goolag now.

Posted in Security | Leave a Comment »

Bejtlich points out Gartner Wisdom

Posted by Xavier Ashe on March 9, 2008

2003: “IDSs [intrusion detection systems] have failed to provide value relative to its costs and will be obsolete by 2005.” (Gartner, “Gartner Information Security Hype Cycle Declares Intrusion Detection Systems a Market Failure”)

2008: “Our adversaries are very adept at hiding attacks in normal traffic. The only true way to protect our networks is to have an intrusion detection system.” (Robert Jamison, Under Secretary of the National Protection and Programs Directorate at DHS)

From TaoSecurity.

Posted in For Fun, Security | Leave a Comment »

Funny "Hacking" Story

Posted by Xavier Ashe on March 4, 2008

After a bit more back-and-forth about how he could “just answer any questions I had right now”, the sales rep pointed me to their sample ads, a 7mb PDF with sixteen pages of seemingly real companies, all with the same phone number (555-555-5555) and the same website (00000000000.com). Somehow, that didn't convince me to “invest” several hundred dollars, so the salesman faxed over some more inforation with a single, real ad.

As I eagerly waited for the follow-up call later that day, I thought I'd take a minute or two to check out their website. Almost immediately, I came across their Federal Procurement Officers Only page. Out of curiousity, I entered a username and password, and then clicked the Login button. Instantly, a JavaScript dialog popped-up…

Since there's really only one thing that could cause such a dialog to pop-up so fast, I checked the source code…

Entertaining story posted on The Daily WTF.

Posted in Security | Leave a Comment »

It's official: Pirates crack Vista at last

Posted by Xavier Ashe on March 3, 2008

A genuine crack for Windows Vista has just been released by pirate
group Pantheon, which allows a pirated, non-activated installation of
Vista (Home Basic/Premium and Ultimate) to be properly activated and
made fully-operational.

Unlike cracks which have been floating around since Vista RTM was
released in late November, this crack doesn’t simply get around product
activation with beta activation files or timestop cracks – it actually
makes use of the activation process. It seems that Microsoft has
allowed large OEMs like ASUS to ship their products with a
pre-installed version of Vista that doesn’t require product activation
– apparently because end users would find it too inconvenient.

Read More on APC.

Posted in Security | Leave a Comment »

 
%d bloggers like this: