Tag Archive: infosec

InfoSecDropBox rest in peace

click to enlarge

Sometime around 10am PDT on March 29th, 2011 someone in the InfoSec world had a clever idea to create a twitter account that anyone could log into and vent frusterations they had about the InfoSec industry or whatever else they wanted to.  Whoever did it remains unknown but luckily I was able to snag this screenshot from another browser after I realized it had been shut down only 4 hours after it was created.  I estimate that there were roughly 60-80 people who ultimately logged in and vented on this soundboard.  Twitter caught on as it was pretty much starting to go viral.

The bio first read:

“I am Jack’s infosec-induced rage. Password is Infosec, come log in and vent your rage anonymously. (And get yourself +1 followers)”

Then was changed to:

“I am Jack’s infosec-induced rage. Come log in and vent your rage anonymously. The password is guessable. So figure it out.”

Ultimately, this was a brilliant mashup of twitter and 4chan.  My hat goes off to whoever thought of this.

click to enlarge

Update 3/29/2011 1:59pm pst:  Someone just posted a v2 InfoSecDropBox but consequences will never be the same 🙁

Update 3/30:

The Adrians (Irongeek and Sanabria) have dug up a bit more so I will post that here as well:

Missing a few of the funniest hours…

InfoSecDropBox Mar 29, 8:07pm via web
Alright alright.. enough.

InfoSecDropBox Mar 29, 4:23pm via web
hey everyone want to know aloria real name

InfoSecDropBox Mar 29, 4:21pm via web

InfoSecDropBox Mar 29, 4:20pm via TweetDeck
pen testers are typically arrogant assholes, guess who created this, a pen tester

InfoSecDropBox Mar 29, 4:20pm via web
I use IE6 #2

InfoSecDropBox Mar 29, 4:20pm via web
@InfoSecDropBox @0ph3lia @aloria Shes on @th3j35t3r dick too much.

InfoSecDropBox Mar 29, 4:19pm via web
why wont @0ph3lia sleep with me why wont @aloria sleep with me why wont anyone sleep with me

InfoSecDropBox Mar 29, 4:18pm via web
@th3j35t3r = slowloris with a fancy GUI….Long live @real_j35t3r

InfoSecDropBox Mar 29, 4:16pm via web
is @aloria a tranny

InfoSecDropBox Mar 29, 4:15pm via web
@real_j35t3r is with ANONYMOUS!!!!

InfoSecDropBox Mar 29, 4:14pm via TweetDeck
@infosecdropbox says STFU @infosecdropbox

InfoSecDropBox Mar 29, 4:14pm via web

InfoSecDropBox Mar 29, 4:13pm via web
@th3j35t3r is a pretend hacker….long live @real_j35t3r!!!

InfoSecDropBox Mar 29, 4:13pm via web
.@real_jester is a fake long live @th3j35t3r. PS fuck Anon.

InfoSecDropBox Mar 29, 4:10pm via web
The password to this account is Infosec. It’s not a secret. I removed it from the profile to prevent bots… cool w/ everyone?

InfoSecDropBox Mar 29, 4:05pm via web
Looking for female roommates for defcon. RT pls, send pic. -Thx-L

InfoSecDropBox Mar 29, 3:58pm via web
BRING BACK TEH LULZ. Hacking was fun once.

InfoSecDropBox Mar 29, 3:58pm via web
Hey @0ph3lia do you realize that technical skills alone do not make a security professional? Stop shitting on QSAs or I will suckerpunch

InfoSecDropBox Mar 29, 3:58pm via web
My name is Gregory D. Evans.

InfoSecDropBox Mar 29, 3:52pm via web
I hacked HBGary.

InfoSecDropBox Mar 29, 3:51pm via web

InfoSecDropBox Mar 29, 3:51pm via web
If anything on this gets taken seriously you need to get a life.

Mar 29, 3:01pm via web
How long before some douche resets the password?

InfoSecDropBox Mar 29, 1:09pm via web
PW = “Infosec” come log in and vent your rage anonymously!

Here are some archived html files as captured by Irongeek.

Lastly, here is a PDF file of the reactions to InfoSecDropBox that was captured a bit after it was shut down.

InfoSec career day

If you are currently looking for a career in InfoSec or looking to move up, there have a been a few great podcast episodes recently worth checking out.

InfoSec Daily Podcast episode 315 was a fantastic open discussion tossing around the topic of certifications vs. degrees and everything in between.  Special guests Dave Kennedy and Adrian Crenshaw hashed it out with your regular hosts and everyone in the IRC.

Also worth noting is Securabit episode 71.  Those guys have been knocking it out of the park lately with some great shows.  This one in particular is good because it features head hunter, Lee Kushner giving some excellent perspective about personal development vs. continuing education.  He also brings up career planning stating that the guys who actually bother to plan out their career paths(15%) have much more success in life than everyone else(85%) who simply fly by the seat of their pants.

Lastly, InfoSec Daily had another career day special for episode 300 where they discussed what to do when you make the WRONG career switch.  Many of us have been there.  Left something good for greener pastures and wished we could go back.  Listen here for some helpful advice about not burning bridges and what not to do.

If you are attending higher ed or digesting a pile of certs, I hope you have a plan.  I hate to see people out there WASTING money on making the schools rich and if you don’t really know where you are going, that is exactly what you are doing.

Late 2009 I started becoming interested in security podcasts.  In general, security podcasters put out a lot of excellent information in an entertaining format.  I’ve come to find that many of them follow the same format to the point of being a bit cliche.  Things like crazy sound boards, beer de jour, etc.  ISD has a couple of these formula elements but they also have their own unique angles that give them value and make them entertaining.

ISD is the first podcast I ever listened to so I didn’t really have anything to judge it against.  I’ve listened to a lot more podcasts since then however and I still find that ISD stands out as one of the better ones.  I find Matthew and Rick very entertaining since the dynamic they share reminds me of the way myself and a former co-worker used to banter about and finally solve our heated discussions with Google.  I also applaud Rick and Matthew’s dedication.  These guys podcast EVERY WEEKDAY.  Wow!!  Most podcasters would(and do) run out of steam but these guys have put out more content already than 95% of the other podcasters out there ever will.

One of the best things about ISD is Thursdays where they bring on Adrian Crenshaw, the Irongeek for a weekly technical segment.  Adrian must clone himself or something because I hear him calling in and talking on all the other podcasts, I see that he goes to a zillion cons, holds a day job and tweaks with hardware hacks as a hobby.  Incredible.  He’s very interesting to listen to and is always working on a fascinating project.

Overall, the ISD guys are obviously dedicated to providing good content.  They haven’t even been around for a year yet (as of 5/7/10) but they have brought on plenty of interesting guests to interview and spewed off a lot of well-thought out content so far.  I think these guys are definitely worth a listen even if you aren’t directly in the computer security field yourself.

One last thing to keep in mind is that the ISD guys are VERY slanted towards security and local events in the southeast since they are based in Georgia.  They proudly pimp all of their hometown security conferences, events and training.  If you don’t live in the southeast, you’ll probably have to find information about local events from another source.  Nothing wrong with that, it’s just an observation.

Keep up the great work guys!

Powered by WordPress. Theme: Motion by 85ideas.