i couldn't figure out facebook

All the security blogs I usually read are going crazy about full disk encryption. Their stories are all the same… Disk encryption foils investigators. Not news.

Whenever disk encryption is discussed (and comments allowed) it’s said that encryption has a shelf life. Sure, but it doesn’t go bad, it just provides less of a barrier between payload and attacker. And DES was never broken. Broken is an attack more effective than brute force, the break in DES is brute force. Though some would argue what the definition of is is. It’s an oldie but a goodie, but no one should use DES on data at rest. Just saying.

After all this time, my honeypot hasn’t caught anybody

It’s been accessed 152 times, but no one has taken advantage of the delicious email address it provides. Oh well, it’s not hurting me any to keep giving fake addresses out… maybe one day, if I’m lucky, I will be spammed. I’ll just keep telling myself, I CAN be spammed.

The first WordPress plugin I installed on this site was Akismet, which compares comments to a list of spammers and separates real comments from blog spam. I moderate comments anyways, so it’s not like I’d end up with a bunch of spam links to begin with, but it’s fun (for me, I have fun) reading what these spammers are trying to do.

I’ve not advertised this site anywhere, it’s just for personal use, but spammers found it. I was getting about 7-10 spam comments a day blocked by Akismet. So I installed a CAPTCHA. Now I get 0 spam comments. Effectively ruining all the fun I was having reading what these spamming spammers were spamming.

So what’s a girl to do? Is that question relevant since I’m not a girl? The answer to none of these questions is join Project HoneyPot.

I’m the newest member, having my honeypot “active” for minutes now but I haven’t caught any spammers yet Hopefully soon I will have added a few evil doers to their blocklist.

… but these are funny.

Don't pay $.40, buy mine for only $25

Tailgate Sentry [tailgatesentry.com] is a painted white hose clamp that retails for only $24.95! This company identifies a problem (tailgate theft), explains how to commit the crime, then offers a two-bit solution.

CatClamp [catclamp.com] offers $325 $10 worth of steel cables at a $325 price tag. This is another company that demonstrates an exploit then offers a solution that is more than lacking. You see, what you need to do is strap your catalytic converter to the frame of your vehicle. It’s a system that works against thieves without saws. The theory is that when thieves come to saw off your muffler they wont realize they have a saw capable of cutting the steel cable. And yes, the cable can be cut. One user of the system said his mechanic had no problem cutting off excess cable during installation.

Targus Security Lock for iPod – You know that connection on the bottom of your iPod/iPhone that you can just pull right out? Now, imagine it with a combination lock. You can still easily pull it out, but now you can’t charge it because you stuck a padlock in the docking port. Basically for $29.99 you get an iPod USB cable that doesn’t work; I think that’s what we all really want but never had the stones to admit it.

I haven’t included links to the actually products for a few reasons. One being that I don’t want Google to think I support these products. Another being that I’m afraid of what the Tailgate Sentry guy would do if he saw me compare his white hose clamp to a regular hose clamp.

Digital security is easy. Encrypt it and don’t let everyone access it and you’ve done a pretty decent job. Physical security “keeps honest people honest” at best. These products though, it seems they just entice people to steal.

Obviously I have nothing to do. I can’t believe I never caught this but Dateline’s To Catch A Predator always makes mention of Perverted Justice and I never put 2 and 2 together with that. I didn’t realize that they might have their own website.

They even have a Top 10 list of the biggest sleaze balls. Netflix doesn’t carry Dateline so their website is the next best thing.

Hold the phones! You can actually sign up and help catch these guys. Today I’m Jeff, tomorrow I could be a 13 year old girl, Stephanie maybe, Steph for short, yeah.

It would be cool to be part of the team busting these guys. Computer security and forensics is kind of my thing, you know (I’m huge in Japan). But Computer Forensics doesn’t pay enough. How’s that for noble? Linux/Unix administration pays well and so will VoIP in the next few years, but even though I could be in those fields my <3 is in networking.

Sorry pedobear, I won’t be analyzing your computer. Maybe next time.