Comments on: Review: 2600, The Hacker Quarterly, Summer 2007 http://www.mcgrewsecurity.com/2007/08/07/review-2600-the-hacker-quarterly-summer-2007/ Thu, 05 Jan 2012 11:44:23 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Matt Parnell http://www.mcgrewsecurity.com/2007/08/07/review-2600-the-hacker-quarterly-summer-2007/#comment-183 Matt Parnell Mon, 05 Jan 2009 12:59:55 +0000 http://www.mcgrewsecurity.com/blog/?p=52#comment-183 Hey...thanks for mentioning me. I'm ilikenwf. Since that article, I had another one published recently, which is in Winter 2008 or at my website. It's about Blackhat SEO, and discusses methods of capitalizing off of the dumb masses as they incoherently click your advertisements. ilikenwf is just a pseudonym I've had for years, nwf was a church I once went to. It's like Lynyrd Skynyrd, only not disrespectful. If you're on facebook, join the 2600: The Hacker Quarterly group. I'm an admin there, as is famous "homeless hacker" Adrian Lamo. Hey…thanks for mentioning me. I’m ilikenwf. Since that article, I had another one published recently, which is in Winter 2008 or at my website. It’s about Blackhat SEO, and discusses methods of capitalizing off of the dumb masses as they incoherently click your advertisements.

ilikenwf is just a pseudonym I’ve had for years, nwf was a church I once went to. It’s like Lynyrd Skynyrd, only not disrespectful.

If you’re on facebook, join the 2600: The Hacker Quarterly group. I’m an admin there, as is famous “homeless hacker” Adrian Lamo.

]]> By: admin http://www.mcgrewsecurity.com/2007/08/07/review-2600-the-hacker-quarterly-summer-2007/#comment-182 admin Tue, 23 Sep 2008 00:12:33 +0000 http://www.mcgrewsecurity.com/blog/?p=52#comment-182 Thanks for commenting, Wrangler! I will concede that you know more about Bruce Schneier than I do, however I do know that he has the right idea when he writes about risk and threat. Next time you see him, bring up the two threats: lobbing explosives into the secured area from the mezzanine, vs. setting them off in the lines waiting to enter the secured area. It'll be an interesting conversation. I do agree with you that much of what surrounds airport and airline security is security theater. You're also not the only one I've heard that didn't compensated (or even notified) for their 2600 article. I'm not sure I got the point of the two Wordpress vuln links, however? Thanks for commenting, Wrangler! I will concede that you know more about Bruce Schneier than I do, however I do know that he has the right idea when he writes about risk and threat. Next time you see him, bring up the two threats: lobbing explosives into the secured area from the mezzanine, vs. setting them off in the lines waiting to enter the secured area. It’ll be an interesting conversation.

I do agree with you that much of what surrounds airport and airline security is security theater. You’re also not the only one I’ve heard that didn’t compensated (or even notified) for their 2600 article.

I’m not sure I got the point of the two WordPress vuln links, however?

]]> By: Ev1l Wrangler http://www.mcgrewsecurity.com/2007/08/07/review-2600-the-hacker-quarterly-summer-2007/#comment-181 Ev1l Wrangler Mon, 22 Sep 2008 23:47:41 +0000 http://www.mcgrewsecurity.com/blog/?p=52#comment-181 You should talk: http://www.securityfocus.com/bid/28703/info Or, if you don't like that one, there's this: http://www.sektioneins.de/advisories/SE-2008-05.txt BTW Bruce (whom I know) is a crypto guy - he does not do physical audits. Nor do I, as a rule, but as the article said I had an hour to kill waiting for someone's flight to arrive. Hey, at least I was nice and did not divulge *which* airport it was However, rather than vilifying you for your (somewhat) critical review of my article, I should instead thank you. See, Eric et al never provided me my four copies of 2600 for the privilege of authoring that article, and I assumed that it never was published. Your blog corrected my assumption, so for that I am grateful. FYI the point of the article, aside from obtaining four copies of the magazine, was to expose the 'security theater" of TSA which, aside from inconveniencing and occasionally traumatizing small children and grandmothers, has not resulted in one single case of thwarting a terrorist plot against the airlines. A thorough, complete, and total waste of money IMHO, and a large part of the reason why airlines in the United States are teetering on the verge of insolvency. =;^) You should talk:

http://www.securityfocus.com/bid/28703/info

Or, if you don’t like that one, there’s this:

http://www.sektioneins.de/advisories/SE-2008-05.txt

BTW Bruce (whom I know) is a crypto guy – he does not do physical audits. Nor do I, as a rule, but as the article said I had an hour to kill waiting for someone’s flight to arrive. Hey, at least I was nice and did not divulge *which* airport it was

However, rather than vilifying you for your (somewhat) critical review of my article, I should instead thank you. See, Eric et al never provided me my four copies of 2600 for the privilege of authoring that article, and I assumed that it never was published. Your blog corrected my assumption, so for that I am grateful.

FYI the point of the article, aside from obtaining four copies of the magazine, was to expose the ‘security theater” of TSA which, aside from inconveniencing and occasionally traumatizing small children and grandmothers, has not resulted in one single case of thwarting a terrorist plot against the airlines. A thorough, complete, and total waste of money IMHO, and a large part of the reason why airlines in the United States are teetering on the verge of insolvency.

=;^)

]]> By: admin http://www.mcgrewsecurity.com/2007/08/07/review-2600-the-hacker-quarterly-summer-2007/#comment-180 admin Sat, 29 Dec 2007 05:00:59 +0000 http://www.mcgrewsecurity.com/blog/?p=52#comment-180 That sounds like an excellent project. I don't recall ever reading any old issues of 2600, so I'd definitely be interested in hearing the review! That sounds like an excellent project. I don’t recall ever reading any old issues of 2600, so I’d definitely be interested in hearing the review!

]]> By: The Philosopher http://www.mcgrewsecurity.com/2007/08/07/review-2600-the-hacker-quarterly-summer-2007/#comment-179 The Philosopher Sat, 29 Dec 2007 00:54:10 +0000 http://www.mcgrewsecurity.com/blog/?p=52#comment-179 This was one of the worst issues of 2600 that I have ever read. Regarding the review, though, I find it interesting and unique-I have embarked on such a venture myself, and I am going to post an audio file online soon in which I complete a "compare and contrast" review of this issue with the Summer 1994 one, in order to demonstrate the tragic deterioration of this great magazine over the years. This was one of the worst issues of 2600 that I have ever read. Regarding the review, though, I find it interesting and unique-I have embarked on such a venture myself, and I am going to post an audio file online soon in which I complete a “compare and contrast” review of this issue with the Summer 1994 one, in order to demonstrate the tragic deterioration of this great magazine over the years.

]]> By: McGrew Security http://www.mcgrewsecurity.com/2007/08/07/review-2600-the-hacker-quarterly-summer-2007/#comment-178 McGrew Security Mon, 08 Oct 2007 03:12:10 +0000 http://www.mcgrewsecurity.com/blog/?p=52#comment-178 [...] issue of 2600, I decided to write an article-by-article review of the magazine, which you can read here. It turned out to be one of the more popular posts I’ve made, and it was fun to write. With [...] [...] issue of 2600, I decided to write an article-by-article review of the magazine, which you can read here. It turned out to be one of the more popular posts I’ve made, and it was fun to write. With [...]

]]> By: LonerVamp http://www.mcgrewsecurity.com/2007/08/07/review-2600-the-hacker-quarterly-summer-2007/#comment-177 LonerVamp Thu, 09 Aug 2007 15:48:00 +0000 http://www.mcgrewsecurity.com/blog/?p=52#comment-177 Interesting takes on the articles! I always pick up a copy of 2600 but I don't always read all the articles. I try to hit the ones that sound interesting, and at least skim the rest. I'm with you about the whole "illegal-don't-do-this" disclaimer thing, meaning I see both sides of it like you mention. The Tire Kingdom guy maybe should have and the DeObfuscation guy likely didn't, but therein lies the problem. I find it silly when people put those in, but then again, maybe I have more common sense than some others. I appreciate when people give it 1 very short line, and not a whole paragraph. And yes, it is cooler to use a pseudonym. :) Of course, I'm somewhat biased with my prolific use of a not-really-very-anonymous handle, hehe. Interesting takes on the articles! I always pick up a copy of 2600 but I don’t always read all the articles. I try to hit the ones that sound interesting, and at least skim the rest.

I’m with you about the whole “illegal-don’t-do-this” disclaimer thing, meaning I see both sides of it like you mention. The Tire Kingdom guy maybe should have and the DeObfuscation guy likely didn’t, but therein lies the problem. I find it silly when people put those in, but then again, maybe I have more common sense than some others. I appreciate when people give it 1 very short line, and not a whole paragraph.

And yes, it is cooler to use a pseudonym. :) Of course, I’m somewhat biased with my prolific use of a not-really-very-anonymous handle, hehe.

]]>