oneeyedcarmen

Buwahahahahahahaha!!!

By far the area of this crazy infosec world of ours that I find the most fun. Probably due to the fact that my technical skills have atrophied a bit since moving into more managerial type roles…that and people tend to believe me. Guess I have one of those faces.

The amount of data you can gather, though, just through apparently casual…[Read more]

OK, now I feel like a bit of a jerk for my tiny little comment. I was not attacking Lewis or your company. I would suggest in the future, however, if posting to a forum such as this, to just be honest and up front about who you are. Please do not assume this to mean that I’m saying Lewis was DIShonest.

Please accept my apologies for any offense…[Read more]

I think that in the interest of full disclosure, Lewis should have included (though it was easy enough to guess) that he is an employee of 7Safe.

I’ve read that book, probably 50 times in my life, and seen the movie more times. I’m a bit embarassed that I didn’t nail that one.  :'( Nurse Ratched’s gonna get me!

You’re ALL winners! Kevin now owns all of your FB accounts  ;D

Wish I would have seen this one sooner. I usually just jump straight into the forums…BAD oneeyedcarmen!!!

And, Don, I believe you’re referencing the Michael Keaton/Christopher Lloyd classic, “The Dream Team.”

Cheesy as it may be, there’s a pretty large InfoSec community on the Twitter. A bunch of the guys local to me have started up a group called Charmsec. I know in Boston there’s BeanSec, and NYSec in, well, you can probably guess.

Poke around a little bit, and you’re sure to find people who share your interests. Have you heard of the freaks that…[Read more]

This thread has me itching to spend some time playing on HTS…my technical skills, crypto in particular, have a thick coat of rust on them. Time to break out the WD-40

I actually put one together about two years ago at the last job. I might have it saved somewhere. If I do, it’s yours.

Congrats! I’ve been trying to decide between going for the CISA or one of the GIACs. (If I can get the boss to pay for both, I’d be cool with that, too!)

Very nice write up, Adriano! I’ve also been moving more into a less technical role, doing more audit  and C&A type work of late.

Oh, and I, too, have now added your blog to my subscriptions.

Sure, I’ll hop on this dead horse and whip it some more 😉

I would definitely say that using the (ISC)2 material, dry as it may be, is the best way to go to start of. Struggle through it. I read it twice through, sometimes feeling like doing the old Clockwork Orange to keep my eyes open. Then read another book. I didn’t really like Shon’s big…[Read more]

Thanks, Don, for the opportunity to attend my first Black Hat event. I gotta say, it was a little different. Playing “Spot the Fed,” is a lot less fun when it’s so blatantly obvious  😉

There were some great speakers, some great information, and every once in a while you got both of those things in the same talk! One of the more interesting…[Read more]

I’m starting my study routine now for the CISA. Just registered for the June exam. I’ve picked up a couple of books, and am going to hit up the big bosses for a boot camp when the time gets closer. Nothing like an intense brain beating right before hand to add a little insurance.

I didn’t know that Intense School shut down. I went to them, too, but only after studying for about 4 months. I was pretty confident from my own reading and use of cccure, but then the in-laws decided to surprise me and buy the boot camp for me (a little insurance).
Larry Greenblatt was my instructor, and I thought he was one of the best I’ve had.…[Read more]

The abacus was vulnerable to data corruption if it was shaken  😉

I’ll be at Shmoo hanging out with all the other geeks. See you all there!

I’ve been thinking of rebranding. OneEyedCarmen came about b/c I used to tend bar at a place called One Eyed Mike’s, and Carmen is my last name…makes it a little hard to be anonymous, but it’s stuck for so long, I think the risks do not outweigh the rewards.

And vijay2, if you send my your email address and password, I’ll gladly explain how…[Read more]

My liver and I survived my first Shmoocon (though my bank card may not have http://tinyurl.com/aedh9l).

I’m going through my notes and trying to put together a summary, along with links to some of the talks. It was great finally getting to meet CG, as we’d corresponded via email and the boards here and on LSO for a few years now. I also got to…[Read more]

@KrisTeason wrote:

Hahaha, Wow I had no idea Twitter didn’t have a password policy to lock an account after so many failed attempts.

Supposedly they do now. They’ve also implemented a timeout. We’ll see.