The IT security folks felt secure in their jobs though, no matter the economic downturn, because what corporation would be foolish enough to slash their IT security departments, right? As we’ve all observed with each recession, labor has become the enemy. Network security was no exception. They’ve been firing the guards for the past five years. While the threats have only increased, there are few to no people standing at the gate. No one to address an escalating threat once it’s inside. The corporate goombahs weighed out the *possibility* of an attack against the cost of paying for that inhouse security, and have been gambling their futures and that of all their employees and shareholders, that nothing of any real financial consequence will occur. They’ll do anything to make those quarterly numbers on Wall Street. Their own bonuses depend on it.

I wouldn’t say network security people ‘love’ lulzsec, but they are completely unsurprised by lulzsec’s success. They’re wondering what happened in the Sony hack, and how did Amazon get used as a launch point for an attack on Sony? Lessons to be learned there…as long as there are still security employees to pay attention and take notes.

They could have slapped some sense into the corporate security industry without screwing over people who had nothing to do with the failures.

In the end some manager makes a “risk” based decision to save the company money, and increase his annual bonus, as the cost of the company.

This is everywhere, look at the financial crisis. Short term gain at the cost of risk is rewarded, and eventually when shit goes wrong they bank on being someplace else.

Its a fancy way of saying, “Yes I know there is a problem, but I am going to ignore it for the sake of saving a few bucks…”

I have even seen the stupid little matrix graphic showing high/low risk VS high/low impact etc… sadly I doubt most even use those common sense tools to make the decisions.

(Yes, I’d be mad if they came after me and my shit, but I’m poor and don’t have anything worth going after).

The corps aren’t putting much of their value at risk, they are putting YOUR assets at risk, get it? You can’t display what they are doing wrong without exposing the credit details of millions. Really, I do IT security and secure systems integration for a living, I know what I’m talking about. It’s relatively commonplace for a mega-corp to have their own financials locked up like Fort Knox and the customer financials flapping around in the breeze. I’ve seen systems where the company GL was on a physically separate system – accessed only by sneakernet – and the customer credit cards were in an Oracle database with the password “oracle”. No lie. Systems where customer credit card data is in a mySQL database and a privileged password is kept in a file that the Apache daemon can display are a dime a dozen.

Use a single payment service (I use paypal) for all online purchases is my advice.

I mean directly. ATM data dump was results on poking at *ahem* .

Credit unions aren’t safe either. Let’s just say a certain Credit Union I use, online security is based on a 4 digit pin. Granted they lock the account down after 3 incorrect attempts, but 4 digit pins?! Makes it easy to pick it up by sniffing.

Those wacky pranksters.

I’m having a blast watching them. Of course, I’m not on their shit list, so that may affect my opinion of them, but FFS, someone had to do it. And I’d rather it got done for the lulz than most of the hacked systems I deal with, which are parts of spambot networks or are serving malware along with their websites.

Saint Assange!

No, he’s more like this…

Bet that really eats you up inside. You know, to be so trite and insignificant while udders change the world.

Corporate and government actors have been trying to turn the internet into a cable TV franchise for 20 years, long before LulzSec turned up. They promise security but obviously can’t deliver–neither for you nor for their clients–as LulzSec and others repeatedly demonstrate.

Royalettes – It’s Gonna Take A Miracle http://youtu.be/G7Mxtdg752Q
Deniece Williams – “It’s Gonna Take a Miracle” http://youtu.be/0Yoa4iugW0U Lotta Love – Nicolette Larson http://youtu.be/iU3u5UDjYeY

Security there sucks too.

Sure, brink sucked, but why eff with Bethesda when Goldman Sachs has actually profiteered off of economic collapse, Blackwater is a war profiteer, GM killed the electric car, and video killed the radio star.

There is a banana bread in the oven, and they’re taking potshots at it because it’s simply shooting fish in a barrel. They could have a realistic, normal fight with purpose, but instead they decide to 1337pwn Bethesda, and League of Legends. I think they’re afraid to take on a real challenge.

Groups like Lulz show us no e-commerce, or personal information stored on someone’s server, is safe. The best you can do is minimize the damage, or bury all your money in the flower bed.

http://esciencenews.com/articles/2011/06/08/digital.democracy.study.finds.elite.viewpoints.dominate.online.content

…open your eyes, stop dreaming.