Exploring practical methods for preparing for the end times, including analysis of end time scripture and prophecy, current events, prepping and self-defense.
Pages
▼
Wednesday, February 11, 2015
OPSEC Lessons from the Indictment of a Hacker
Even a group with robust operational security practices is vulnerable to the oldest trick in the book: the informant. The take away lessons are slightly more interesting:
Migrate comms and identity on a regular basis
Never store incriminating logs
Compartment heavily, and sanitize frequently
So it is sad news for Mr Lauri Love facing hacking charges, but at least there’re some valuable OPSEC lessons for the rest of us. Remember: No logs, no crime.
I appreciate your taking the time to comment. To explain my perspective, I didn't quote from Grugq's article with the intention to blogspam. I try to present the germane portions of articles setting out information that I think my readers might otherwise have not seen, but without appearing to pass off someone else's ideas as my own. Hence, the quotations and links. You refer to Grugq's information as merely being "schtick." If you have someone in mind that you believe has more credible information concerning cyber-OPSEC than Grugq, I would be interested in a link to their blog or web-site. Thanks. Finally, I didn't view Grugq's article as defaming Mr. Love, but only repeating what was in the indictment, which is a public record. Numerous courts, including the U.S. Supreme Court, have held that publishing information obtained from court records is not defamatory.
your blogspam rips off grugq's schtick, which is itself defamatory. you should maybe reconsider that.
ReplyDeleteI appreciate your taking the time to comment. To explain my perspective, I didn't quote from Grugq's article with the intention to blogspam. I try to present the germane portions of articles setting out information that I think my readers might otherwise have not seen, but without appearing to pass off someone else's ideas as my own. Hence, the quotations and links. You refer to Grugq's information as merely being "schtick." If you have someone in mind that you believe has more credible information concerning cyber-OPSEC than Grugq, I would be interested in a link to their blog or web-site. Thanks. Finally, I didn't view Grugq's article as defaming Mr. Love, but only repeating what was in the indictment, which is a public record. Numerous courts, including the U.S. Supreme Court, have held that publishing information obtained from court records is not defamatory.
Delete