http://www.theinquirer.net/inquirer/news/2084044/dell-claims-security-software-doesnt-meet-uk-protection-laws



Bob Bennett, product manager at Dell,

said that the recent spate of data breaches due to the activities of Anonymous and Lulzsec has resulted in firms' "conversations [regarding security] heightening" and that the attacks had "increased awareness for the need to have data protection to be in place".



lulsec do some good after all

Its the only way that Admins get better and more income$, and respected role inside a company.

Yeah, while I know LulzSec are all anti-white-hat they are definitely doing the security firms a favour by making people more aware of security issues.

It's sad that it took that much just to get Dell to encrypt their data...

Lulz Security and Anonymous did a lot more bad than good. This isn't going to even start making up for it.

I disagree, I think that they may very likely have a very positive long term effect.

The amount of data & funds that are being robbed everyday by cracker is enormous. Various government agencies, banks, corporations & businesses of all sizes, mostly don't talk about it as they don't want to undermine people's confidence in them.

There really does need to be a tightening up of security, there also needs to be an opt in rather than do everything you can to try to opt out as far as possible situation for individuals re. their web usage being tracked.

If they had altruistic intentions they would have tested the targets security and advised them. They stole and published the details of innocent users there is not justification for their actions.

If you believe that they were doing good then you would believe that a bank robber has the bank customers well being at heart.

and advised them.

They advised them, no one of the targets try to contact back,
not to justify, just to say the truth...

They were just show off,s:D
A real cyber criminal group you wont hear about ,unless they get caught:D

Hackers are a very egotistical bunch and Lulzsec are no exception. They do what they do for bragging rights to say 'look what I can do.' To say that what they are doing will be good in the long term is wrong and I believe the innocent people who had their details stolen would agree.

Also I find it incredulous that in this day and age we still have big companies who don't encrypt their data. That is just asking for trouble.

Internet is public, all non-encrypted data can be and will be Sniffed; you dont need to be Google, LulSec or WhatEver.

Again, just to say the truth...

If they had altruistic intentions they would have tested the targets security and advised them. They stole and published the details of innocent users there is not justification for their actions.

If you believe that they were doing good then you would believe that a bank robber has the bank customers well being at heart.

Like the actual bank has the customers well being at heart, right?
mmhmm. Come on.

Your "metaphors" or 'analogies' or 'comparisons', or whatever they are, today are sorely lacking. O_o

If they had altruistic intentions they would have tested the targets security and advised them. They stole and published the details of innocent users there is not justification for their actions.

If you believe that they were doing good then you would believe that a bank robber has the bank customers well being at heart.

I'm going to have to agree with this. Harming innocent users, even if a company makes it "easy" to do so, is still wrong. Finding a flaw and quietly pointing it out to the company is the right thing to do (and actually, isn't that part of free software hacking? Find a problem and fix it, not find a problem and exploit it?)

Like the actual bank has the customers well being at heart, right?
mmhmm. Come on.

I personally do not believe two wrongs make a right.

If they had altruistic intentions they would have tested the targets security and advised them. They stole and published the details of innocent users there is not justification for their actions.

If you believe that they were doing good then you would believe that a bank robber has the bank customers well being at heart.


The "your either for us, or against us" way of thinking just doesn't cut it.

Things aren't just plain black or white in this world of cause & effect Mike.

Like the actual bank has the customers well being at heart, right?
mmhmm. Come on.

Your "metaphors" or 'analogies' or 'comparisons', or whatever they are, today are sorely lacking. O_o

Mutual benefit but I doubt you will understand that. :rolleyes:

Mutual benefit but I doubt you will understand that. :rolleyes:

Mike, you are So Right!

Mutual benefit but I doubt you will understand that. :rolleyes:
Hm, interesting theory... </realworldeconomics>
Also not meaning to be rude, but CoC kiwi, personal attacks ;).

Smilax you sure are enamored with these groups you are always posting about them :-P

IMO the problem comes in with the way companies analyze the risk of an APT. I have said it before, most threat matrices that company security personell come up with are lacking either in completeness or understanding of the black hat mentality. Both of which will cause escalating failure like that seen in Sony until the issues are properly addressed Lulzsec or any other group can point out flaws all day long. The problem is not that personell are unaware of them it's that they fail to implement proper mitigation when planning for the risk of an apt

Which truthfully is often for many reasons, budget concerns , sections in the company can't work well together, stuck on proprietary software that is poorly written etc

I also think alot of people who aren't involved in the IT industry think it's a lot easier to lock down these problems then it actually is. Even if your systems were properly hardened your employees are by and large likely vulnerable to social engineering. The cost is astronomical when you think about it. No I am not defending the corporations but I think there is a great misunderstanding of what is within their power.

well the way i see it is,

if you went to the bank and they took your cash and throw it in to there back yard which was surrounded by a small fence, and some kid came round jumped over and stole it all,

then the bank said, hey don't blame us, it was that kid, his fault.

would you be mad at the bank or not....

Smilax you sure are enamored with these groups you are always posting about them :-P
t

yea, i have a intrest in what there at,

i have a like of maths and Cryptography.

and i like to see the ways that they use (practical) to avoid detection.


:popcorn:

If there is no threat of cost one way or another, most of these corporations won't spend a cent on upgrading their security. The guys at the top are interested in the maximum quarterly profits as it pays them (one way or another) to.

Embarrassing them publicly by showing proof of access these cracker groups may force these people to upgrade their security.

If there is no threat of cost one way or another, most of these corporations won't spend a cent on upgrading their security. The guys at the top are interested in the maximum quarterly profits as it pays them (one way or another) to.

Embarrassing them publicly by showing proof of access these cracker groups may force these people to upgrade their security.

That does not justify exposing the customers information or handing it on to other parties.

Their motive was self gain and their 15 minutes.

That does not justify exposing the customers information or handing it on to other parties.

Their motive was self gain and their 15 minutes.


well, whiles that may be true,

if they didn't expose the info,

nothing would change,

as the corporations would not loss anything, so would not invest anything to better defend customers data

Kiwi friend, that the info is not under a glowing button link on the index dont mean that is not public

That does not justify exposing the customers information or handing it on to other parties.

Their motive was self gain and their 15 minutes.

As I said before, it is not as simple as black or white.

well, whiles that may be true,

if they didn't expose the info,

nothing would change,

as the corporations would not loss anything, so would not invest anything to better defend customers data

My argument for why this won't change anything...

So how many people in this thread will buy Playstation 4 regardless of Lulzsec hacking Sony PSN?

My argument for why this won't change anything...

So how many people in this thread will buy Playstation 4 regardless of Lulzsec hacking Sony PSN?

I most likely will.

I most likely will.

Exactly my point, in 6 months when the new latest greatest technology is out. And someone has a few hundred bucks in their pocket, looking at this new shiny toy they want to have so badly. Do you really think the impulse will be overcome by the fact that Sony got hacked months prior?

Not a chance , that's because as cool as information technology is it doesn't lead the world, greed and marketing do. Sad but true fact. Sony's infosec guys may be bottom of the barrel but I assure you their marketing team is the best money can buy.

A good salesman can make a turd look like a shiny new BMW (in fact they often do ;-) )

At their worst they are just malevolent punks that just like rub the man the wrong way. They will get theirs and a new crop of punks will rise to take their place. Heck I read this article just hours ago and it proclaims we have to put up with this junk http://www.infoworld.com/d/security/how-live-malware-infections-668
If they only would listen to the Linux commuity :)

Exactly my point,

What exactly is the point that you infer from my previous statement?

What I said was that I probably will buy a PS4 (it certainly won't be in the next couple of years, but I expect that I eventually will, as the TUX, SUX for gaming, big time, which is the only reason I currently own a PS3).



in 6 months when the new latest greatest technology is out. And someone has a few hundred bucks in their pocket, looking at this new shiny toy they want to have so badly. Do you really think the impulse will be overcome by the fact that Sony got hacked months prior?

I personally have no idea about what other people's impulses will be on that topic, beyond being a mixed bag.

As far as Sony is concerned, I expect that they have increased their security level somewhat after that costly little exercise. Many PS3 users don't use their network either.



Not a chance , that's because as cool as information technology is it doesn't lead the world, greed and marketing do.

I thought it was just the plain natural stupidity that is inherent in humanity. Though I won't say anymore on that subject as I've already had one post jailed today.

Just so you know I wasnt targeting you directly you just happened to be the one that replied. All "yous" in my post are general and relate to people as a whole.

Well cracker groups are good in the way, that they put focus on a area. Here it's very VERY important since its data security. And firms who has a low data security needs a *** woping sometimes.

It's the same with people that use WEP / WPA on their wireless. Now i don't believe these should get a *** woping. But its such as important area that people aren't paying enough attention to.

Where i live
1 - doesn't use wireless security
3 - uses WEP
31 uses WPA
2 - (me and one else) uses WPA2 security.

Normally when I'm bored, i "crack" their network security and make users aware that "hey, maybe you should consider using better security" and send them a guide to do so and leave the network again. (and yes yes WPA2 can be broken, in its algorithm. But its still way better)

The same when im on public networks. I sniff for facebook info, get it. Login on their facebook. Post a comment "use https instead of http" and a explanation (link) to why they should use https and not http. And a lot of people are now doing so.

So.
More focus, on internet / data security = good.
slack = BAD!

Just so you know I wasnt targeting you directly you just happened to be the one that replied. All "yous" in my post are general and relate to people as a whole.

Ah! The collective Yous'. I'm into that Eastern & Jungian stuff big time. :)