Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Brain Implants Contain Malware SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Brain Implants Contain Malware

Well, maybe not today, but who among us can't see that as a diary title years from now?

On many occasions, our professional lives can feel heavy with the responsibility of a company's profitability or even livelyhood in the palm of our hand, so I thought it might be nice to end the year on a lighter note.

We've all had moments where something happened or someone said something so absurd that you were left speechless.

Send in your most absurd moments for this past year, or the most amusing diary entry you can imagine for next year and I'll post the best ones.

As a reminder, submissions are confidential so names will be changed to protect the innocent, and the guilty.

Happy New Year everyone and make sure you get an anti virus license for those implants!

Christopher Carboni - Handler On Duty

Chris

140 Posts
Dec 31st 2010
exactly, so why do we keep running so fast in this direction. Sometime soon, some ought to think about about the ol' "Just cause we can, doesn't mean we should."

Remember folks, your children will have to live with what you allow today.
Greg

25 Posts
It's this very sentiment that is beginning to cause some, including myself, to start going old school in certain areas. My phone, for example, is just for voice and SMS. No apps, no web access, no GPS, just voice and text, and I like it!
Chris

140 Posts
Here's an absurd case of management imposed Resource Starvation Malware.
I work for a Fortune 25 insurance company as a sec analyst and I work heavily in our SIEM. Our primary website serves our millions of customers so there is a ton of valid users.
Our HR group recently asked me to create a firewall report of ALL unique IP addresses that hit our website over the past YEAR!
I was speechless ... never hearing back from this HR person feel I can say I stopped a Resource Starvation Malware 'attack' of our SIEM... my manager agreed ;)
Chris
1 Posts
Never underestimate how absurd requests can get. I had an auditor ask for a printout of the file permissions on every file on every directory on all systems. I think it was about 4 cartons of 14x11 green bar. But my all time favorite was the SEC asking for a printout of every transaction we did with firm XXX between two dates. Yes, they did insist on printout. I think it was 14 cartoons of xerox paper. And later we found out that they were trying to OCR the data back into a pc for analysis.
Kenneth

11 Posts
The absurdity of a request is mostly determined by the ignorance of the requester. We had a state official show up one time demanding to review our original payroll records. So we pointed at a computer and said they are all in there, what do you want to see? He asked us what the box was. After a little puzzlement on our end, we replied it was a computer. We could easily have printed out the information, but he refused saying they weren't originals. He muttered to himself and left. Apparently, he had never seen a computer before and didn't have any idea of what to do with non-paper records.
Rastech

18 Posts
I recall reading a sci-fi book many years ago where brain implants were commonly used as a sort of built in memory assistant. Someone was able to get away with something because he got into the control system and associated "stupid idea" with anyone thinking of that particular scenario. It was only uncovered because someone without the implant was asking why it was a stupid idea.
Kenneth

11 Posts
Meh, William Gibson got a lot of things right, already. Or maybe we made a lot of things (not)right because of William Gibson? Anyway, I nominate Kevin Liston, Chris Carboni, and Marcus Sachs for Really Odd ISC Headlines of 2010, with, "Zeus wants to do your taxes", "Honey, my laptop is acting funny again", and "Evil Sports Sites", respectively.
hacks4pancakes

48 Posts

Sign Up for Free or Log In to start participating in the conversation!