Yes, The Register is great!!  BOFH (Bastard Operator from Hell) is a must read.

I need a quick sanity check here, I am running on very little sleep.  Did I miss something or did that video make little or no sense. 

Two more hours of work left before I can sleep. 

WOW!  That is crazy.   I hope they figured out how bad of an idea that was and closed the site.

I agree with Don if you already have your CISSP it is probably not worth your training budget to take GSEC training/cert.  If I were you I would flip through the SANS training courses and find something either you are interested in or something your company would really need.  SANS has some great courses!

Yeah, I think I will pass on the random .exes but thanks for the offer. LOL!

Wow, that forum seemed a little harsh.   

Quote from the Microsoft KB article

"The programs in the following table have known compatibility problems with Windows Vista SP1. For reliability reasons, Microsoft blocks these programs from starting after you install Windows Vista SP1."

So Microsoft is basically saying, Sorry but these programs make our O/S look bad so you can't run them until the companies comply with our standards.

Hmmmm?

Looks like a great tool.  Thanks for the post g00d_4ash!

You can pre-order here.

http://www.jr.com/JRProductPage.process?Product_Id=4210629&JRSource=googlebase.datafeed.ASU+EEEPC8GPW

This certainly looks cool.  It makes me wish I hadn't already bought a Nokia 770.

LOL your an evil man g00d_4sh. 

I think from a legal standpoint a lot would depend on how well the unknowing party has separated their data from their significant others data.  For example they both may own the computer but use separate user accounts that maybe password protected.  I think that weighs in heavily when considering whether accessing data is legal or not.

If you find a Linux User Group in your area they usually give distros away like candy at a parade.  Knoppix is popular so you could probably get one that way if you were willing to do a little digging.  It is usually a great place to get good technical information about Linux.

LOL  Don thats just evil!

I certainly think it is ethical to accept payment, prizes, or an all expensive trip to Disney World (WOOT!) for discovering a new vulnerability.  Having said that I also believe that if you plan to "sell" the vulnerability you have an ethical obligation to attempt to discover the intentions of the purchaser before committing to the sale.  For example if I were going to sell a vulnerability I would require a written statement from the purchaser stating what they intended to do with the vulnerability.  Obviously if their written intentions were illegal/unethical I would cancel the sale right then and there.  If later the company double crossed me and decided to do something unethical with the vulnerability I sold them then I would release the vulnerability information to the software manufacturer and other security research companies.  That way hopefully the vulnerability could be patched as soon as possible. 

As long as a vulnerability researcher is conscientious about who they release vulnerabilities to I don't see any reason why they shouldn't be paid for their work.

Congrats and good luck on the CEH!