August 2008 Archives

I tend to leave my chats signed in, just throw up a 'not here now' sort of message. Or just walk away from the computer and forget about them. Sometimes, this leads to amusing things. Recently, I've been getting hit with tons of one-line spammers telling me to chat particular yahoo accounts. Yeah, sure, that's going to happen. This morning though, I got this amusing tidbit:

(04:38:36 AM) honneybunss22: hihi! you're from chat right?
(04:41:40 AM) honneybunss22: cool, sorry i type a little slow. 18f in college here, what are you up to?
(04:47:38 AM) honneybunss22: u wanna se more? i'm feeling kinda wild right now
(04:50:37 AM) honneybunss22: i'm gonna send you a cam invite here k?
(04:53:34 AM) honneybunss22: ok sent, did you get it?
(04:56:32 AM) honneybunss22: hmm.. let me try again, hang on
(04:59:35 AM) honneybunss22: what about now?
(05:02:39 AM) honneybunss22: ugh, this is stupid, this always happens to me when i use yahoo
(05:11:42 AM) honneybunss22: k, you just need a CC or debit to verify ur over 18, even an expired one works. we can't have little ones seeing what im about to do lol
(05:14:35 AM) honneybunss22: let me know when u make ur username, so i can link u to my cam profile
(05:20:34 AM) honneybunss22: ok you're good to go

No, I didn't redact or change anything. Let me count the fails: 1) It's acting as if I sent it messages in response... no messages were sent. 2) It takes it almost an hour to go through the whole sequence (I wonder if it would have gone quicker if a cat had walked on the keyboard) 3) They don't ever tell me where the site is, just that I should go there. 4) Granted, I suppose court cases have decided that providing a CC is proof of age? But I'm sure that if little Johnny wanted to be a brat, he could snag a CC from a wallet or purse, especially at 5am in the morning. 5) Grammar, I know mine is sometimes a little off, but at least a bot could be kind enough to use complete words instead of sms-speak. I know, boring, but it amused me this morning as I was vaguely waking up.

RSA, as many of you may have heard in other blogs was a silly rehash of vague promises of 'securing your enterprise' and 'vertical security' without anyone actually being willing to put on their material what their products did and didn't do. I don't like it when I look at a booth and I see nothing that indicates what technology or technologies are being sold. If you're a VPN product, tell me you're a VPN product, don't advertise as "securing your remote users". It's way too vague, and on top of that, it's probably not true.

Tomorrow I depart for Blackhat and defcon. I expect to see no fluff, no vague promises of security as a service, or other over-generalized hogwash as an attempt to lure me in and waste my time on a product space that either I've already bought, already discarded, or have been told I have no budget to purchase. I do expect some vendors, providing parties (yay!) and useful information about their products. I expect some excellent talks (anyone that hasn't heard that Dan Kaminsky will be talking about the DNS flaws at blackhat has been living under a rock for too long) on a wide range of topics, some of which will not be of interest and some of which will undoubtedly be way over my head (but I like the feeling of drowning in information technology overload).

For the first time, one of my co-workers will be in attendance, and my boss. Oh joy.

My plan is to post some highlights of things that especially catch my attention. Hopefully you'll find them as interesting as I do or did when I see them. (What is the correct tense when talking about things in the future that will be in the past when you will be talking about them?)