Former CBS journalist Sharyl Attkisson is coming out with a book claiming the government hacked her computer in order to suppress reporting on Benghazi. None of her "evidence" is credible. Instead, it's bizarre technobabble. Maybe her book is better, but those with advance copies quoting excerpts make it sound like the worst "ninjas are after me" conspiracy theory.Same thoughts I had. found via new twitter follower @jwgoerlich
Infosec Institute - Practical Shellshock Exploitation – Part 1 -
Before understanding how to exploit this Shellshock vulnerability, we need to understand the potential targets that are vulnerable to Shellshock. This will also help us in building a lab to demonstrate how to exploit this vulnerability.
If you have read some news about Shellshock on the Internet, you might have heard about vulnerable targets as follows: Apache mod-cgi, SSH, DHCP, etc.
I will make things clear using SSH as an example.
Your SSH doesn’t really need to be exploited if you are using OpenSSH as an SSH Server as well as bash as your default shell. There are a few limitations in order to exploit this, as explained below.
You may be vulnerable if you have implemented “authorization_keys” for your clients with some specific requirements like “force command” execution before the user executes the commands.
Just throwing it out there for people who are interested.
Information Week - The IT Talent Shortage Debate -
Is there an IT talent crunch? It's a simple question with no simple answer. InformationWeek asked the IT community: Do you see an IT talent shortage today in one or more technology areas important to your business? Yes, said 73% of respondents at companies with fewer than 1,000 employees, and a whopping 88% of respondents at larger companies.
But is a botched hiring process aggravating this talent shortfall? Business technologists are sharply divided: About half of survey respondents at those larger companies see it as broken or too stringent, while 45% of the folks at smaller companies see things that way.You know my thoughts on this. There may be shortages in some skills but not enough to justify the number of foreign workers IT companies want to bring to the US.
Medium - Hollaback and Why Everyone Needs Better Research Methods: And Why All Data Needs Theory -
The Hollaback video also shows why “data” without theory can be so misleading—and how the same data can fit multiple theories. Since all data collection involves some form of data selection (even the biggest dataset has selection going into what gets included, from what source), and since data selection is always a research method, there is always a need for understanding methods.Actually the way the flaws in this video are pointed out makes this article very easy to follow and understand, and if you read it correctly it can have a lot to say on interpreting other culturally driven research projects.
No comments:
Post a Comment