Skip to content

Security Experts in Glass Houses

Wednesday, February 16, 2011

Here’s an interesting twist to the story about HBGary Federal, the computer security firm whose computers were hacked into recently. The larger story involves WikiLeaks, Paypal, Amazon, Bank of America and others — you can read more about it here.

The twist is that the techniques that were used to hack into HBGary Federal were run-of-the-mill hacking techniques using well-known exploits and techniques. This is ironic, because HBGary Federal is a computer security firm, and one of the most well known in the business. They work with the NSA and Interpol. They offer products and services to stop exactly the kind of attacks to which their own site was vulnerable.

Initial entrance to their site was through an SQL injection attack, something that was done to this blog site a while ago and which I’ve subsequently protected against. But HBGary’s website was vulnerable to this kind of attack. They also didn’t secure their passwords properly, so their passwords were insecure. Their top corporate officers used passwords that were too short and easy to crack. And the same passwords that were used on their insecure website were also used on their other computers, so once the hackers broke into their web server, they could access any machine they wanted. The hackers also took advantage of a server operating system security flaw that allowed them to gain superuser privileges — even though that flaw was well known and had been fixed last year, but HBGary Federal had not bothered to install the patch yet.

It is awfully embarrassing when one of the top computer security firms has their systems broken into, but even worse when it is revealed that it didn’t even take that much work or sophistication to break into them. Techniques available to any kid with an internet connection worked just fine. HBGary knew all about this kind of problem, but didn’t protect themselves.

The moral of this story has good news and bad news. The good news is that it would not have been that hard for HBGary Federal to have protected themselves from this attack if they had followed their own advice. This gives hope to the rest of us who want to make our systems more secure. The bad news is that they didn’t follow their own advice.

Share
Filed in Irony | Comments (7)

Breakthrough

Wednesday, February 16, 2011


© Tom Toles

Bipartisanship returns to Washington?

Share
Filed in Humor | Comments Off on Breakthrough

Scandalous NY

Tuesday, February 15, 2011

A report released yesterday by a government watchdog group says that politicians in New York are more likely to leave office because of ethical or criminal misconduct than by losing an election. In fact, in the last six years, the number of government officials who left office due to scandal tripled over the previous six years.

The most common reasons for politicians in NY leaving office are retirement or taking a job in the private sector, but even so, as the research manager for the report put it “One would think in a democracy, electoral defeat would be the major reason for a change in representation in the legislature.”

In response, the NY legislature is considering ethics legislation. Doh!

Share
Filed in Irony | Comments (2)

The Glenn Beck Conspiracy Theory Generator

Tuesday, February 15, 2011

Daniel Kurtzman has a hilarious Glenn Beck Conspiracy Theory Generator over at his About.com political humor site. A lovely way to give yourself a giggle or two. Who needs the real Glenn Beck when a computer program can make just as much sense?

Here’s just one example, but there are plenty more where this came from:

UPDATE: Someone put up a site that throws quotes at you, some from the Glenn Beck Conspiracy Theory Generator, and some from the real Glenn Beck. See if you can tell the difference!

Share
Filed in Humor | Comments (9)

Bitter Irany

Monday, February 14, 2011


© John Sherffius

Just a few days after the Iran government praised the protesters in Egypt, they got their own protests, which they promptly tried to suppress.

Share
Filed in Irony | Comments (3)

The Economics of Valentine’s Day

Monday, February 14, 2011


© Jeff Stahler

Share
Filed in Humor | Comments (2)

The Modern Presidential Calendar

Sunday, February 13, 2011


© Tom Toles

Share
Filed in Humor | Comments (2)

Corporate State Secrets

Sunday, February 13, 2011

Glenn Greenwald has a disturbing report concerning WikiLeaks, Bank of America, and the merger of corporate and government power in this country. I’m loathe to use the overused word “fascism” but the textbook definition of that particular f-word is the alignment of the government and economy of a country around corporatist interests.

Just in case you haven’t been following along, after WikiLeaks published US diplomatic cables (the release of which likely played no small part in the recent revolutions in Tunisia and Egypt) they then threatened to release highly damaging reports on a major American bank — widely believed to be the Bank of America. Meanwhile, several corporations, including Paypal, MasterCard, Visa, and Amazon, likely under pressure from the US government, terminated services to WikiLeaks in an effort to knee-cap them. In response, a loose-knit group of hackers called Anonymous carried out cyber attacks against those corporations. Then, last week, a top executive at computer security firm HBGary Federal, boasted that his firm had infiltrated Anonymous and was going to expose them. In retaliation, Anonymous hacked virtually every computer at HBGary Federal and published 50,000 of their emails online.

What ties this all together is that some of the emails published detail a report prepared by HBGary Federal that propose countermeasures against organizations and individuals that support WikiLeaks. Many of these countermeasures appear to be serious crimes. But even worse, they expose to a disturbing amount of lawlessness being carried out by the major institutions — both private and public, and often in collaboration — in our country.

Here’s a quick excerpt from Greenwald’s report, but the whole thing is definitely a must read:

But the real issue highlighted by this episode is just how lawless and unrestrained is the unified axis of government and corporate power. … The exemption from the rule of law has been fully transferred from the highest level political elites to their counterparts in the private sector. “Law” is something used to restrain ordinary Americans and especially those who oppose this consortium of government and corporate power, but it manifestly does not apply to restrain these elites. Just consider one amazing example illustrating how this works.

After Anonymous imposed some very minimal cyber disruptions on Paypal, Master Card and Amazon, the DOJ flamboyantly vowed to arrest the culprits, and several individuals were just arrested as part of those attacks. But weeks earlier, a far more damaging and serious cyber-attack was launched at WikiLeaks, knocking them offline. Those attacks were sophisticated and dangerous. Whoever did that was quite likely part of either a government agency or a large private entity acting at its behest. Yet the DOJ has never announced any investigation into those attacks or vowed to apprehend the culprits, and it’s impossible to imagine that ever happening.

Why? Because crimes carried out that serve the Government’s agenda and target its opponents are permitted and even encouraged; cyber-attacks are “crimes” only when undertaken by those whom the Government dislikes, but are perfectly permissible when the Government itself or those with a sympathetic agenda unleash them. Whoever launched those cyber attacks at WikiLeaks (whether government or private actors) had no more legal right to do so than Anonymous, but only the latter will be prosecuted.

UPDATE: Forbes magazine has an interesting update on all this. Interesting quote in an email from HBGary Federal CEO: “I follow one law. Mine.”

UPDATE 2: More from Forbes. “Rarely in the history of the cybersecurity industry has a company become so toxic so quickly as HBGary Federal. Over the last week, many of the firm’s closest partners and largest clients have cut ties with the Sacramento startup. And now it’s cancelled all public appearances by its executives at the industry’s biggest conference in the hopes of ducking a scandal that seems to grow daily as more of its questionable practices come to light.”

Share
Filed in Irony | Comments (19)

Late Night Political Humor

Saturday, February 12, 2011

“President Obama had lunch with Republican leaders at the White House today and had to do without salt, pepper and butter. Not for dietary reasons. The Republicans refused to pass anything.” – Jay Leno

“On the ‘Today’ show, Michelle Obama called the Bush twins ‘magnificent’ and Chelsea Clinton a ‘solid young woman.’ In fact, the only president’s kid she didn’t compliment was George Bush Sr.’s.” – Jimmy Fallon

“Michelle Obama says she has gotten President Obama to stop smoking. Now, maybe she can get John Boehner to stop sobbing.” – David Letterman

“The problem in Egypt is that so many government officials are rich and the people are poor. I think it’s a pyramid scheme.” – Jay Leno

“The demonstrations are getting bigger in Cairo. The Egyptian government tried to disperse the crowd with tear gas, and when that didn’t work, a Black Eyed Peas halftime show.” – Conan O’Brien

“Christina Aguilera is bouncing back from her Super Bowl appearance by singing at the Grammys. She’ll be accompanied by a full orchestra and 135 teleprompters.” – Conan O’Brien

“The Catholic Church has approved an app that let’s you confess on your iPhone. You can now cheat and atone right on the same device. Perfect for Brett Favre.” – Jay Leno

“The actual name for this app is “Priest in your pocket.” Don’t they read the paper? Couldn’t they come up with a better name?” – Jay Leno

“The Catholic Church has approved an app that lets people confess their sins through their iPhones. The number one confession? Taking the Lord’s name in vain after the iPhone drops your call.” – Jay Leno

“Over 83% of prostitutes have Facebook pages. You can tell which they are because their relationship status is ‘It’s simple.'” – Conan O’Brien

“G.I. Joe was created on this day in 1964, so tonight G.I. Joe’s going out with Ken to celebrate his birthday and the repeal of Don’t Ask Don’t Tell.” – Craig Ferguson

“A California man is suing Disney because he was trapped on the ‘It’s a Small World’ ride for 40 minutes. When they heard it, the Chilean miners said, ‘Wow, we got off easy.'” – Conan O’Brien

“Russian astronomers say an asteroid is heading toward our planet and will hit us in 2036. You have to keep in mind that Russian astronomers use empty vodka bottles for telescopes.” – Craig Ferguson

Share
Filed in Humor | Comments Off on Late Night Political Humor

Stability

Saturday, February 12, 2011


© Joel Pett

Is unbridled democracy really that scary to the US government?

Share
Filed in Irony | Comments (3)

Unfortunately, Mubarak said “no”

Friday, February 11, 2011


© Tom Toles

UPDATE: Apparently Mubarak changed his mind today.

Share
Filed in Irony | Comments (7)

Late Night Political Humor

Friday, February 11, 2011

“Egyptian President Hosni Mubarak is the richest man in the world, with more than $70 billion in hidden assets. That will go up even more once his unemployment kicks in.” – Jimmy Fallon

“Hosni Mubarak is supposedly worth around $80 billion. He claims to have saved the money by properly inflating his tires.” – David Letterman

“Dick Cheney says that Egyptian President Hosni Mubarak is a ‘good friend.’ Why am I not surprised by this?” – David Letterman

“An Egyptian Google executive has become a hero to Egyptian protestors for a Facebook page he created. Still no luck selling his futon on Craigslist, though.” – Conan O’Brien

“Joe Biden announced plans for a $53 billion train system. To offset the cost, they’re raising the price of a train ticket to $53 billion.” – Craig Ferguson

“Vice presidents love technology: Joe Biden with the trains, Al Gore with the Internet, and Dick Cheney with the electric torture clamps.” – Craig Ferguson

“Nancy Pelosi described Justin Bieber as ‘adorable but also substantial,’ while Justin Bieber described Nancy Pelosi as ‘court ordered to maintain a distance of 300 feet at all times.'” – Jimmy Fallon

“The economics professor who helped craft President Obama’s healthcare plan is going to explain that plan in a comic book. As a result, President Bush has now come out in favor of Obama’s healthcare plan.” – Conan O’Brien

“Michelle Obama says her husband, President Obama, has quit smoking. Fox News reported this as ‘Obama Destroying the Tobacco Industry.'” – Craig Ferguson

“President Obama urged private businesses to hire more workers. He didn’t realize that only the government hires more people than it needs.” – Jay Leno

“The literary world has been abuzz after Bristol Palin released a 304-page memoir. At her age, it’s not called a memoir, it’s called a diary.” – Jimmy Kimmel

“The Catholic Church has approved a new app that lets you make confessions over your iPhone. It also raises the possibility of accidentally butt-dialing God.” – Conan O’Brien

“Washington, D.C. is updating its traffic cameras to enforce traffic laws. How about enforcing bribery and corruption laws?” – Jay Leno

“Recent storms have been very tough on New York City. Just today, Mayor Bloomberg was busy cutting the ribbon on a new pothole.” – David Letterman

“There was a power outage at Newark Airport. Who wants a TSA pat-down with the lights off?” – Jay Leno

“Peru has changed its national anthem. It wasn’t too hard to change the lyrics. They just let Christina Aguilera sing it.” – Jay Leno

Share
Filed in Humor | Comments Off on Late Night Political Humor

Is anyone else worried about headlines that read “Protestors have won, Mubarak is stepping down”?

Thursday, February 10, 2011

I thought the goal was to establish democracy in Egypt, and try to get rid of their crushing corruption? How does having Mubarak step down, to be replaced by his handpicked vice president, guarantee this will happen?

Something tells me that Mubarak is trying to pull a fast one in order to get the protests to stop.

I hope I’m wrong.

p.s. Here’s an example of that headline: “Egypt Protesters on Verge of Victory? Watch for the Demand”
Another one from Reddit: “Breaking news: Protesters have won! Mubarak stepping down!!!!”

Share
Filed in Irony | Comments (7)

Give me Liberty, or give me a new Caucus

Thursday, February 10, 2011

Shouldn’t any politician who votes for the Patriot Act be automatically kicked out of the Tea Party Caucus?

Of the 52 official members of Michelle Bachmann’s Tea Party Caucus, 44 of them voted for the Patriot Act on Tuesday. Wow. What part of “small government” and “protect the constitution” do they not understand?

Share
Filed in Hypocrisy | Comments (19)

Conservative Logic

Thursday, February 10, 2011


© Tom Tomorrow

Maybe he needs a robot with two heads, so it can believe two contradictory thoughts at the same time. The one thing we know for sure is that no matter what happens, it will be Obama’s fault.

Share
Filed in Humor | Comments Off on Conservative Logic