223855 Bullies, 3678 online  
  • Register
Our Sponsors:

Results 11 to 20 of 57
Page 2 of 6 FirstFirst 12 3456 LastLast
Sponsored Links Spacer Image
  1. goodlun is offline
    goodlun's Avatar

    Senior Member

    Join Date
    Jun 2008
    Location
    Ramona
    Posts
    5,017

    Posted On:
    6/29/2013 3:33am

    Join us... or die
     Style: BJJ

    --
    Hell yeah! Hell no!
    I have a question in reguards to two part authintication
    does this
    http://www.huffingtonpost.com/2013/0...n_3378767.html
    count as something the user has or something the user is?
  2. Fuzzy is online now

    Registered Member

    Join Date
    Aug 2006
    Location
    London
    Posts
    991

    Posted On:
    6/29/2013 5:16am


     Style: FMA/MMA/HEMA noob

    --
    Hell yeah! Hell no!
    Quote Originally Posted by Nefron View Post
    Lol, mine sure does. I know a judoka that likes throwing people when he gets drunk. Not that I'm completely innocent in that department.

    As for the infosec, I was really into it in high school, but since then I have lost interest, and went full developer. I still like reading about it or trying stuff out now and then, but nothing special. I have gotten lazy about security, and hopefully it will not bite me in the ass.

    However, I absolutely must visit DEFCON one day.
    This is pretty much me too.
  3. submessenger is offline
    submessenger's Avatar

    Transmaniacon MC

    Join Date
    Apr 2010
    Location
    Delray Beach
    Posts
    1,602

    Posted On:
    6/29/2013 7:43am

    supporting member
     Style: BJJ

    --
    Hell yeah! Hell no!
    Quote Originally Posted by goodlun View Post
    What's this infosec thing you speak of?
    Another question wich of the 10 areas of do you think BJJ would fall under?

    Also if your not already messing around with them look up the damn vulnerable web app and linux
    dvwa is a good beginner's app, but how many times can you write the same blind sqli exploit. I've been working on the honeynet forensic challenge, which is damned boring.
  4. goodlun is offline
    goodlun's Avatar

    Senior Member

    Join Date
    Jun 2008
    Location
    Ramona
    Posts
    5,017

    Posted On:
    6/29/2013 12:29pm

    Join us... or die
     Style: BJJ

    --
    Hell yeah! Hell no!
    I have been getting into software define radio attack vectors as we ll as 10(data over power) so if your looking for new avenues.
  5. W. Rabbit is offline
    W. Rabbit's Avatar

    insight combined with intel, fuse, and dynamite

    Join Date
    May 2010
    Location
    Work
    Posts
    8,081

    Posted On:
    2/11/2014 1:48pm

    supporting member
     Style: (Hung Ga+BJJ+MT+JKD) ^ Qi

    1
    Hell yeah! Hell no!
    I'm on an (unclassified) call right now with DHS, FBI, and several other TLAs and FLAs.

    We're discussing the National Initiative For Cybersecurity Education (NICE). I've been asked to be part of the quality assurance process for this program.

    Here's your chance to weigh in, closeted infosecurity goons.

    What's wrong with American infosec education in your opinion? How would you fix it, if you had the budget and executive authority? Last chance...

    No, sending kids on field trips to Last Vegas to attend DEFCON is not a valid option, it would thoroughly debauch them.
  6. goodlun is offline
    goodlun's Avatar

    Senior Member

    Join Date
    Jun 2008
    Location
    Ramona
    Posts
    5,017

    Posted On:
    2/11/2014 1:58pm

    Join us... or die
     Style: BJJ

    --
    Hell yeah! Hell no!
    Quote Originally Posted by W. Rabbit View Post
    I'm on an (unclassified) call right now with DHS, FBI, and several other TLAs and FLAs.

    We're discussing the National Initiative For Cybersecurity Education (NICE). I've been asked to be part of the quality assurance process for this program.

    Here's your chance to weigh in, closeted infosecurity goons.

    What's wrong with American infosec education in your opinion? How would you fix it, if you had the budget and executive authority? Last chance...

    No, sending kids on field trips to Last Vegas to attend DEFCON is not a valid option, it would thoroughly debauch them.
    I think we started to brush on this topic in the programing for kids thread.

    Getting kids to actually learn the underlying technology and not just the UI of a computer is a good start.

    So my advice would be to start a program that teaches kids game programing using something like Alice. Kids would love it and it would start exposing them to that next layer.
  7. goodlun is offline
    goodlun's Avatar

    Senior Member

    Join Date
    Jun 2008
    Location
    Ramona
    Posts
    5,017

    Posted On:
    2/11/2014 2:02pm

    Join us... or die
     Style: BJJ

    2
    Hell yeah! Hell no!
    Also
    A good video game along the lines that the US Army did with http://en.wikipedia.org/wiki/America's_Army
    The game should be fun and story driven but include real trade craft and actual attack vectors including interactive social engineering.
  8. W. Rabbit is offline
    W. Rabbit's Avatar

    insight combined with intel, fuse, and dynamite

    Join Date
    May 2010
    Location
    Work
    Posts
    8,081

    Posted On:
    2/11/2014 3:23pm

    supporting member
     Style: (Hung Ga+BJJ+MT+JKD) ^ Qi

    --
    Hell yeah! Hell no!
    Thanks for the feedback. This isn't just about kids, I should have clarified that.

    This is K through Doctoral level, including non-academic areas such as on-the-job training in places such as the military or private sector. So getting kids into computers and *sec is part of that, but what this program really applies to is professional education and training, soup to nuts.

    NICE started at NIST: http://csrc.nist.gov/nice/aboutUs.htm. The President by executive order has moved it to DHS, the agency that works with the other public and private sectors on critical infrastructure

    https://www.dhs.gov/shaping-future-c...ce-development

    So, the program is really meant to fix the huge gap in the number of necessary *sec positions, and the actual number of qualified candidates (which is painfully inadequate). Most of the currently qualified folks are working in the private sector or as private consultants to government [insert Snowden joke here]. Those folks are NOT heading into public sector work any time soon.

    So, in theory the skill supply will continue to remain stagnant without a major, national education effort that results in more younger, skilled *sec professionals. You might assume they're just "on their way" but this is not the case, especially given the US's decline in areas like math and science.

    If anything, the "ease" of computers is making it harder to create the next generation of savvy folks who can hack things. The first and second "hacker" generations (1970s - 2000s) largely owes itself to how easy it was to tinker with tech. Now that things have changed...we need a more dedicated, repeatable approach in order to meet our future needs.

    I blame Apple, personally. The only real Apple hackers I know are the ones who knew the old 68k assembly language, unless you count the guys on Youtube taking apart their iPods.
    Last edited by W. Rabbit; 2/11/2014 3:27pm at .
  9. W. Rabbit is offline
    W. Rabbit's Avatar

    insight combined with intel, fuse, and dynamite

    Join Date
    May 2010
    Location
    Work
    Posts
    8,081

    Posted On:
    2/11/2014 3:28pm

    supporting member
     Style: (Hung Ga+BJJ+MT+JKD) ^ Qi

    --
    Hell yeah! Hell no!
    Quote Originally Posted by goodlun View Post
    Also
    A good video game along the lines that the US Army did with http://en.wikipedia.org/wiki/America's_Army
    The game should be fun and story driven but include real trade craft and actual attack vectors including interactive social engineering.
    Yeah simulation and exercise-based training is on the rise and definitely has its merits.

    The challenge though is getting someone to that level, where they can contribute to Red and Blue team exercises and the like, takes an extraordinary amount of development.

    Wherever you see such things as Netwars, there is always a participant:spectator ratio of at least 10,000:1!
  10. goodlun is offline
    goodlun's Avatar

    Senior Member

    Join Date
    Jun 2008
    Location
    Ramona
    Posts
    5,017

    Posted On:
    2/11/2014 3:43pm

    Join us... or die
     Style: BJJ

    2
    Hell yeah! Hell no!
    Quote Originally Posted by W. Rabbit View Post
    Yeah simulation and exercise-based training is on the rise and definitely has its merits.

    The challenge though is getting someone to that level, where they can contribute to Red and Blue team exercises and the like, takes an extraordinary amount of development.

    Wherever you see such things as Netwars, there is always a participant:spectator ratio of at least 10,000:1!
    Yeah basically what you need is a really good simulator dressed up as a video game.
    With a really good single player campaign with a really good compelling story.
    Sneak the teaching in their slowly.
    It should play and feel like a video game instead of a simulator. But have all the simulator components.
    Also get the word out about this program right here in fact me and the wife start in March

    http://www.wgu.edu/online_it_degrees...egree_security

    Its Competency based meaning you can go through it quick.
    A lot of the classes you pass by having to go down and take the related industrial certification which is included in the tuition (one of the reasons I am going despite having a BS EE)
    The tuition is something like 3k for 6 months. They pay for all your cert test (up to 2 takes) and for as many credits as you can finish in that time.
    They are also really generous with transfer credits for stuff outside of your core.
    I am going to bang out the BS and then pick up the
    http://www.wgu.edu/online_it_degrees...surance_degree
    Now if their where cheap/free resources for
    CISP
    and the GIAC certs.
Page 2 of 6 FirstFirst 12 3456 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Powered by vBulletin™© contact@vbulletin.com vBulletin Solutions, Inc. 2011 All rights reserved.