[attrition] random updates to stuff (tm)(c)(r)
security curmudgeon
jericho at attrition.org
Wed Dec 31 10:29:14 UTC 2008
Hi Loyal Readers,
Tequila [1] and The Pirate's Gospel [2] helped induce a few random updates
to the web site. Not much, but it was an excuse to mail you and waste your
time, and put my name in your inbox to fulfill my narcissistic nature.
Errata: Notice or not, we've actually been updating this page steadily for
some time. By 'we' I mean CJI, one of our inmates/interns. We encourage
you to mail him (cji@) and offer your condolences and/or pity. He also
likes receiving wedding propositions from inmates. Specifically, the irony
page and charlatan pages have gotten his sweet tender affection:
http://attrition.org/errata/irony.html
http://attrition.org/errata/charlatan.html
I managed to stay sober long enough to update our relatively new
'Certified Pre Owned' (CPO) page, with a few new incidents:
http://attrition.org/errata/cpo/
Dataloss: Yes, we still run it, but not on this TRS-80 these days. Our
pet-developer D2D decided to turn it into this fancy Ruby-on-rails based
site with more gadgets than his girlfriend uses on him. Check out the OSF
driven "DatalossDB" site now. Of particular interest, the 'Primary
Sources' page. In short, we're sending out FOIA requests to various states
looking for companies that lost consumer information and had to report it
due to state law and mandatory disclosure. These FOIA requests range from
'free' to several hundred dollars per state. We'd love it if some of you
armchair consumer advocates would throw us a bone while we do the heavy
lifting (paperwork). If you won't cough up a single dollar you cheap fuck,
at least mail d2d@ and tell him he's cool.
http://datalossdb.org/
OSVDB: Another OSF project but that's just a fancy legit way of referring
to several of us attrition heathens. Day in and day out, we continue to
catalog stupid vulnerabilities in products you probably use. We continue
to add new features to help better understand and track vulnerability
information. Something that 'professional' outfits don't seem to care
about any longer. Some of the other databases have around 10 full time
employees, and they are doing the same thing they did 5 years ago. Kind of
sad =( Armchair security professionals, make an account and help us mangle
the data. You'll be more respected than your local CISSP at least.
http://osvdb.org/
Last, a few random updates to the not-so-serious pages like our Staff
page, highlighting our qualifications for running this site. To honor the
coming of the new year (2008), the updates to the page will really hit
home with those of you that read it over 200 times.
http://attrition.org/attrition/staff/
I sure hope I sleep through 2008, I bet it's going to suck ass.
- jericho
[1] http://www.tequilasource.com/grancentenario/index.html
[2] http://www.amazon.com/exec/obidos/ASIN/B000I2JTAW/insekurity.orgA/
More information about the attrition
mailing list