Friday, January 25, 2008

Prediction 2 for 2008 - Stealth "Hackers"

Wow.. that sounds like a good name for a movie "Coming to the big screen in 2008 - Stealth Hackers!"

This isn't really a new thing. Hackers as we know them (and I use the word hacker in the evyl-skript-kiddie-with-toyz way and not the kind-open-source-guru way) are slowly moving toward the idea that "cool, we can make good money from this!"

In the past hacking was really done for the cool stories hackers could tell their friends to get street cred. Events were big and done for the headlines. Hacking was like graffiti - it was out in the open and done so people could see. Hackers didn't want to get caught but they did want their work to get noticed.

I believe that these people are still out there and still trying to do big things. I think that their work is also being converted over to the new types of hackers.

The stealth hackers are not necessarily very computer literate. They take the research and exploits of the big-bang hackers and craft it into tools like malware, root kits etc. They don't want to get caught, obviously, but they don't want to be noticed either. These are the botmasters who want to use the world' s computers to gather information that they shouldn't have. They also want to use computers to send spam and the longer they can stay undetected, the more money they can get.

There are different levels of technical ability in the realm of the stealth hackers from those that write exploits to those that deploy bots to those that sell information and those that just buy credit card numbers.

I believe that both groups - traditional hackers and stealth hackers will grow in numbers but that stealth hackers will grow much quicker.

Wednesday, January 23, 2008

Prediction 1 for 2008 - Facebook hacked

Ok, finally, here it is.

For the impatient - Facebook will be hacked. Alternatively, a major Facebook application will be hacked.

Right...the impatient can go now. The rest - read on.

[Personal note first]
I decided that my Blog was becoming too important. I have a host of blog posts that are just not quite as well written as I'd like and since my blog is somewhat a reflection of my writing skill (skillz?) I decided that I'd need to fix them up, when I have time.. well, I've changed my mind - my blog is now an indication of my thinking skills as it was always intended to be, hence the name. It is an indication of my quick writing skill and how I write under time constraints. So, ignore the strange terms, spelling and grammer. Read the content.

This is also the reason why I don't have a "my top 10 predictions for 2008". There is no list that I am working from - as I think them up, I wil blog about them.
[end personal note]

Last year when Facebook made their application language available I was very excited and signed up as an "application developer". I even wrote an application which is about the level of complexity of a "hello world" program. I think it is a box that greets the Facebook-er by name. Woopy-doo.

But what I found quite interesting is that the application runs on my server and my database but queries information from Facebook. This makes creating applications so much easier and is probably what led to the Facebook explosion in the first place. However, users may not be aware that every time they add an application they are increasing the risk that their Facebook information can be compromised.

I like to believe that Facebook is big enough to be able to throw money at security. I think that their product is simple enough to secure. So, there should not be too much opportunity to hack into Facebook. I could be wrong. Facebook certainly is a huge target for both those hackers who want to make some good money, those that want email addresses (to spam) and those that want to make a big bang and a name for themselves.

But my money is on a large Facebook application being hacked - its a way to get in through the back door.

Thursday, January 17, 2008


I have been trying to get the motivation together to blog about my predictions for 2008 but I'm not finding it. So, I've decided to break it up into smaller pieces and hopefully that will make it easier.

So, looking back...

2007 started with me being very motivated, excited and happy. It was going to be a great year with lots of promise. It ended with me feeling very down, de-motivated and depressed. But I am still optimistic for 2008 which either means I am hard to get down or just really naive. I guess time will tell.

My first prediction for 2008 is that I will be a very different person by this time next year. And I will be sitting in a very different place. If I am not - I will have failed.

I don't like to get too much into the personal aspects of my job but a lot of the energy I put into getting security to move forward has been in vain and I am feeling that I am now wasting my time trying to move forward. I have put myself into "cruise" mode while I work behind the scenes to improve myself and then with a big bang I'll be back.

There were some some really excellent moments in 2007. I think that the most important was when I started my blog. I highly recommend blogger. I also recommend feedburner. Both companies are owned by the big G.

A big thank you goes out to Alan from Still Secure who got me motivated and introduced me to the Security Bloggers Network.

While it helps that I am a member of the network and that drives some views to my blog, it has helped me more to explore and find people on the network. I have been able to populate my RSS feed list from a number of bloggers and I hope to add more. I just need the time.

So, who is honoured to be in my RSS feed?

First up is my brother-from-another-mother - Andy the IT guy. I call him that because he has a very similar job, a wife and two daughters and he has had a very similar career path to me. More importantly, I usually see eye-to-eye with him.

Next up is "Security Mike" - Mike Rothman. The daily incite is an amazing tool to get an idea of what is happening in the security blog world. How Mike can read so much still amazes me. One day I'll have saved up enough. The new Audio is also worthwhile.

Next is (this is the order I read my blogs in - obviously I'd want to get the best first) the Mogull. One can see from his postings just how much research he has done into the security field. They are well written and very useful.

Just as wordy and usually more fun is the Hoff. The Hoff is worth reading because of how he pushes the boundaries of what security (or survivability) is all about. He does not pull his punches and is not afraid to sacrifice a few sacred cows along the way.

There are other bloggers that I respect and read too - Anton Chuvakin, Randy Armknecht, Richard Bejtlich, etc etc

I think that the best part of reading all of the above blogs is that the authors all read each others blogs too. This leads to debates, arguments but hopefully lessons learned.

2007 was also the year that I learned about the Security Catalyst Forums where more debate happens. This just proves how new our industry is and how much passion is being put into finding out the answers. This can only be a good thing.

Locally I've kept up with my visits to ISG Africa which has great presentations every month.

I completed almost 100 blog entries over the year, putting into word my thoughts about our exciting industry. My "70s" entries show where we went wrong in the 80s with our IT plans and how we are putting things right again. My 7 habits show how popular business and life philosophies can be used in InfoSec to move us in the right direction. I will hopefully finish those off shortly. (Prediction 2?)

Thank you everyone who has shared their views and hard work with me via their blogs and forums and I hope all that read this blog have learned something and will continue to follow my progress and read my thoughts.

Soon I will post my predictions for 2008.

Monday, January 7, 2008

A Quote From Bill Gates

(I really haven't been doing very well with my blog these past three months.

I aim to do better. My schedule has been totally messed around and time I spent blogging has gone. I do however have more time to read.)

So, with all that out of the way...those that know me know that I am total Linux Penguin Man so Bill Gates is not my favourite person in the world. However, he is a great man and has been, I believe by following this vision throughout his life from when he was Microsoft's CEO, Chairman and now with his charity work.

"To turn caring into action, we need to see a problem, see a solution, and see the impact. But complexity blocks all three steps." - Bill Gates, 2007.

His point in context is that people want to donate to charity but find the complexity of donating too much and they just don't. Alternatively, if they do donate, the money gets used up by supporting complexity and not really for what it was intended.

But there is a bigger picture here. I was involved once in a project which developed a security tool. I saw the bigger picture of how this tool would fit into an organisation but was shot down by everyone in the company from the CEO down because they had a different view. They were too caught up with the technology and didn't see the problem they were trying to solve.

I then did some work for two other companies (not Information Security companies) and again they were too caught up in the technology and suffered from red tape. One closed down and the other struggled along.

Most recently I did work for a company that runs its Information Security department in such a way that it jumps from buzzword to buzzword without really getting more secure.

I think we should all learn from Bill Gates and see what the problems are, simplify them, rank them, and solve them.. then move on. After all, he is the richest man in the world and has become so not by giving people the most complicated software but by giving them simple software that solves their problems.

Thank you to Presentation Zen for the information.