<?xml version="1.0" encoding="UTF-8"?>
 <rdf:RDF xmlns="http://purl.org/rss/1.0/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cc="http://web.resource.org/cc/" xmlns:syn="http://purl.org/rss/1.0/modules/syndication/" xmlns:admin="http://webns.net/mvcb/">
  <channel rdf:about="http://pinboard.in">
    <title>Pinboard (vielmetti)</title>
    <link>https://pinboard.in/u:vielmetti/public/</link>
    <description>recent bookmarks from vielmetti</description>
    <items>
      <rdf:Seq>	<rdf:li rdf:resource="https://www.eclypsium.com/"/>
	<rdf:li rdf:resource="https://blog.sonatype.com/hijacking-of-a-known-github-id-go-bindata"/>
	<rdf:li rdf:resource="https://twitter.com/lattera/status/929822462774300672/photo/1"/>
	<rdf:li rdf:resource="https://photos.google.com/share/AF1QipM3UlbypOszx6zoIm3KUw7oJj0f9QkspeqGgX7n86eWuh7rgGglWD1-qIBUFqO8zw?key=aF9yZnlHSUNqZlRTZjhCLXFEZThLVHVXS25PUnJ3"/>
	<rdf:li rdf:resource="https://www.icann.org/news/announcement-2017-09-27-en"/>
	<rdf:li rdf:resource="http://dl.acm.org/citation.cfm?id=3029832"/>
	<rdf:li rdf:resource="https://www.federacy.com/docker_image_vulnerabilities"/>
	<rdf:li rdf:resource="https://firehol.org/source-install/"/>
	<rdf:li rdf:resource="https://twitter.com/CyberDomain/status/827983777867689985/photo/1"/>
	<rdf:li rdf:resource="http://www.tobem.com/cyberwar/the-hobbyists-guide-to-the-rtl-sdr-really-cheap-software-defined-radio/"/>
	<rdf:li rdf:resource="http://www.itsecuritynews.info/linux-kernel-zero-day-cve-2016-5195-patched-after-being-deployed-in-live-attacks/"/>
	<rdf:li rdf:resource="http://arstechnica.com/security/2016/09/stealing-login-credentials-from-a-locked-pc-or-mac-just-got-easier/"/>
	<rdf:li rdf:resource="http://incolumitas.com/2016/06/08/typosquatting-package-managers/"/>
	<rdf:li rdf:resource="https://duo.com/blog/critical-vulnerability-affecting-glibc-patch-immediately"/>
	<rdf:li rdf:resource="http://opensslrampage.org/"/>
	<rdf:li rdf:resource="http://www.ohio.com/news/break-news/akron-s-website-might-not-be-completely-restored-for-months-1.405932"/>
	<rdf:li rdf:resource="http://www.welivesecurity.com/2013/05/01/mysterious-avatar-rootkit-with-api-sdk-and-yahoo-groups-for-cc-communication/"/>
	<rdf:li rdf:resource="https://www.facebook.com/unsupportedbrowser"/>
	<rdf:li rdf:resource="http://ceriksen.com/2013/01/27/vulnerability-chaining-magic-quotes-bypass-with-hexadecimal-literals-and-data-exfiltration/"/>
	<rdf:li rdf:resource="http://www.androidpolice.com/2011/10/01/massive-security-vulnerability-in-htc-android-devices-evo-3d-4g-thunderbolt-others-exposes-phone-numbers-gps-sms-emails-addresses-much-more/"/>
	<rdf:li rdf:resource="http://blogs.forbes.com/andygreenberg/2011/02/11/palantir-apologizes-for-wikileaks-attack-proposal-cuts-ties-with-hbgary/"/>
	<rdf:li rdf:resource="http://gawker.com/5740744/"/>
	<rdf:li rdf:resource="http://www.boingboing.net/2010/12/25/cambridge-university-1.html"/>
	<rdf:li rdf:resource="http://www.slate.com/id/2235503/pagenum/all"/>
	<rdf:li rdf:resource="http://www.forbes.com/sites/firewall/2010/12/13/the-lessons-of-gawkers-security-mess/"/>
	<rdf:li rdf:resource="http://arbsec.org/"/>
	<rdf:li rdf:resource="http://rdist.root.org/2010/01/11/smart-meter-crypto-flaw-worse-than-thought/"/>
	<rdf:li rdf:resource="http://asert.arbornetworks.com/2008/11/2008-worldwide-infrastructure-security-report/"/>
	<rdf:li rdf:resource="http://threatchaos.com/?p=281"/>
	<rdf:li rdf:resource="http://www.emergentchaos.com/archives/2008/11/checking_in_on_the_securi.html"/>
	<rdf:li rdf:resource="http://www.emergentchaos.com/"/>
	<rdf:li rdf:resource="http://www.pcworld.com/article/149441/article.html?tk=rel_news"/>
	<rdf:li rdf:resource="http://www.wired.com/politics/security/commentary/securitymatters/2008/03/securitymatters_0320"/>
	<rdf:li rdf:resource="http://www.provos.org/index.php?/pages/dnstest.html"/>
	<rdf:li rdf:resource="http://www.ensuretech.com/mirror/company/aboutensure/aboutensure.html"/>
	<rdf:li rdf:resource="http://code.google.com/p/ratproxy/"/>
	<rdf:li rdf:resource="http://www.wired.com/politics/security/commentary/securitymatters/2007/12/securitymatters_1213"/>
	<rdf:li rdf:resource="http://www.theregister.co.uk/2002/12/14/ddos_attack_really_really_tested/"/>
	<rdf:li rdf:resource="http://securitydigest.org/phage/bydate"/>
	<rdf:li rdf:resource="http://www.zwire.com/site/news.cfm?newsid=19018393&amp;BRD=985&amp;PAG=461&amp;dept_id=161556&amp;rfi=6"/>
	<rdf:li rdf:resource="http://www.eweek.com/article2/0,1895,2215792,00.asp"/>
	<rdf:li rdf:resource="http://hyper.to/blog/link/opensocial-insecurity-no-user-to-app-authentication/"/>
	<rdf:li rdf:resource="http://theharmonyguy.com/"/>
	<rdf:li rdf:resource="http://openid.net/pipermail/general/2007-January/001260.html"/>
	<rdf:li rdf:resource="http://www.computerworld.com/action/article.do?command=viewArticleBasic&amp;articleId=9043418"/>
	<rdf:li rdf:resource="http://www.thespanner.co.uk/2007/10/17/openid-account-security/"/>
	<rdf:li rdf:resource="http://www.links.org/?p=188"/>
	<rdf:li rdf:resource="http://www.links.org/?p=187"/>
	<rdf:li rdf:resource="http://www.idcorner.org/?p=161"/>
	<rdf:li rdf:resource="http://www.xmlgrrl.com/blog/archives/2007/09/21/sun-openid-idp-protocol-and-implementation-review/"/>
	<rdf:li rdf:resource="http://www.boston.com/business/globe/articles/2007/09/22/tjx_offers_deal_to_end_data_breach_suit/"/>
	<rdf:li rdf:resource="http://media.www.michigandaily.com/media/storage/paper851/news/2007/09/19/Crime/Sensitive.Patient.Data.Stolen.From.Nursing.Building-2977434.shtml"/>
	<rdf:li rdf:resource="http://www.computerworld.com/action/article.do?command=viewArticleBasic&amp;articleId=9034319"/>
	<rdf:li rdf:resource="http://planet-websecurity.org/Mozilla+Says+%22Ten+Fucking+Days%22/"/>
	<rdf:li rdf:resource="http://planet-websecurity.org/Congratulation!+You%E2%80%99ve+been+nominated+for+a+Pwnie+Award./"/>
	<rdf:li rdf:resource="http://mezzoblue.com/archives/2007/06/05/unsettling/"/>
	<rdf:li rdf:resource="http://mikeg.typepad.com/perceptions/2007/04/corporate_data_.html"/>
	<rdf:li rdf:resource="http://www.oscandy.com/hacking/454-dreamhost-hosting-platform-hacked"/>
	<rdf:li rdf:resource="http://it.slashdot.org/article.pl?sid=07/05/29/1410258"/>
	<rdf:li rdf:resource="http://news.com.com/2008-7349_3-6186751.html"/>
	<rdf:li rdf:resource="http://news.bbc.co.uk/2/hi/technology/6526851.stm"/>
	<rdf:li rdf:resource="http://www.networkworld.com/news/2007/032907-tjx-data-theft-largest.html?nlhtsec=0326securityalert5&amp;company=Masergy"/>
	<rdf:li rdf:resource="http://google.brand.edgar-online.com/fetchFilingFrameset.aspx?FilingID=5062935&amp;Type=HTML"/>
	<rdf:li rdf:resource="http://www.donblumenthal.com/"/>
	<rdf:li rdf:resource="http://www.hamachi.cc/download/"/>
	<rdf:li rdf:resource="http://times.hankooki.com/lpage/200702/kt2007021117420210440.htm"/>
	<rdf:li rdf:resource="http://maloff-ip.com/MaloffOnTheInternet/"/>
	<rdf:li rdf:resource="http://news.bbc.co.uk/2/hi/technology/6338261.stm"/>
	<rdf:li rdf:resource="http://atlas.arbor.net/"/>
	<rdf:li rdf:resource="http://blogs.zdnet.com/security/?p=15"/>
      </rdf:Seq>
    </items>
  </channel><item rdf:about="https://www.eclypsium.com/">
    <title>Eclypsium</title>
    <dc:date>2018-04-30T18:20:06+00:00</dc:date>
    <link>https://www.eclypsium.com/</link>
    <dc:creator>vielmetti</dc:creator><dc:subject>firmware chipsec infosec security</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:e4d609324555/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:firmware"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:chipsec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://blog.sonatype.com/hijacking-of-a-known-github-id-go-bindata">
    <title>The Hijacking of a Known GitHub ID: go-bindata</title>
    <dc:date>2018-02-07T22:13:49+00:00</dc:date>
    <link>https://blog.sonatype.com/hijacking-of-a-known-github-id-go-bindata</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[This morning, the creator of go-bindata deleted their GitHub account and someone else created a new account under the same name.  When open source is at center stage for new innovations, the provenance and security of components is critical to the well-being of development practices in all industries.

]]></description>
<dc:subject>go-bindata golang github infosec supply-chain</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:185e5498ea07/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:go-bindata"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:golang"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:github"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:supply-chain"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://twitter.com/lattera/status/929822462774300672/photo/1">
    <title>Twitter</title>
    <dc:date>2017-11-12T21:25:25+00:00</dc:date>
    <link>https://twitter.com/lattera/status/929822462774300672/photo/1</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[#LibreSSL 2.6.3 on #HardenedBSD 12-CURRENT on the #RPI3. Full img:  #FreeBSD #arm64 #infosec ]]></description>
<dc:subject>LibreSSL RPI3 infosec arm64 HardenedBSD FreeBSD</dc:subject>
<dc:source>https://twitter.com/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:826247ed484a/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:LibreSSL"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:RPI3"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:arm64"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:HardenedBSD"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:FreeBSD"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://photos.google.com/share/AF1QipM3UlbypOszx6zoIm3KUw7oJj0f9QkspeqGgX7n86eWuh7rgGglWD1-qIBUFqO8zw?key=aF9yZnlHSUNqZlRTZjhCLXFEZThLVHVXS25PUnJ3">
    <title>Untitled (https://photos.google.com/share/AF1QipM3UlbypOszx6zoIm3KUw7oJj0f9QkspeqGgX7n86eWuh7rgGglWD1-qIBUFqO8zw?key=aF9yZnlHSUNqZlRTZjhCLXFEZThLVHVXS25PUnJ3)</title>
    <dc:date>2017-11-12T21:25:25+00:00</dc:date>
    <link>https://photos.google.com/share/AF1QipM3UlbypOszx6zoIm3KUw7oJj0f9QkspeqGgX7n86eWuh7rgGglWD1-qIBUFqO8zw?key=aF9yZnlHSUNqZlRTZjhCLXFEZThLVHVXS25PUnJ3</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[#LibreSSL 2.6.3 on #HardenedBSD 12-CURRENT on the #RPI3. Full img:  #FreeBSD #arm64 #infosec ]]></description>
<dc:subject>LibreSSL RPI3 infosec arm64 HardenedBSD FreeBSD</dc:subject>
<dc:source>https://twitter.com/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:f08fd042e9c3/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:LibreSSL"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:RPI3"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:arm64"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:HardenedBSD"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:FreeBSD"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.icann.org/news/announcement-2017-09-27-en">
    <title>KSK Rollover Postponed - ICANN</title>
    <dc:date>2017-09-28T16:33:04+00:00</dc:date>
    <link>https://www.icann.org/news/announcement-2017-09-27-en</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[FYI: The upcoming ICANN Key Signing Key Rollover ceremony has been postponed.  #INFOSEC  #cybersecurity]]></description>
<dc:subject>cybersecurity INFOSEC</dc:subject>
<dc:source>https://twitter.com/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:ddaa2ba3157f/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:cybersecurity"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:INFOSEC"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://dl.acm.org/citation.cfm?id=3029832">
    <title>A Study of Security Vulnerabilities on Docker Hub</title>
    <dc:date>2017-04-05T02:22:54+00:00</dc:date>
    <link>http://dl.acm.org/citation.cfm?id=3029832</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[Docker containers have recently become a popular approach to provision multiple applications over shared physical hosts in a more lightweight fashion than traditional virtual machines. This popularity has led to the creation of the Docker Hub registry, which distributes a large number of official and community images. In this paper, we study the state of security vulnerabilities in Docker Hub images. We create a scalable Docker image vulnerability analysis (DIVA) framework that automatically discovers, downloads, and analyzes both official and community images on Docker Hub. Using our framework, we have studied 356,218 images and made the following findings: (1) both official and community images contain more than 180 vulnerabilities on average when considering all versions; (2) many images have not been updated for hundreds of days; and (3) vulnerabilities commonly propagate from parent images to child images. These findings demonstrate a strong need for more automated and systematic methods of applying security updates to Docker images and our current Docker image analysis framework provides a good foundation for such automatic security update.

]]></description>
<dc:subject>ncsu security infosec docker dockerhub containers software-supply-chain</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:d3ca3d448b8f/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:ncsu"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:docker"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:dockerhub"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:containers"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:software-supply-chain"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.federacy.com/docker_image_vulnerabilities">
    <title>Federacy</title>
    <dc:date>2017-04-05T02:22:17+00:00</dc:date>
    <link>https://www.federacy.com/docker_image_vulnerabilities</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[Docker has security issues in untrusted (untrustable) Dockerfiles. Omits all alpine containers, which skews the results.]]></description>
<dc:subject>infosec docker dockerfile</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:275c67da30c0/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:docker"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:dockerfile"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://firehol.org/source-install/">
    <title>FireHOL - FireHOL Source Code</title>
    <dc:date>2017-03-20T17:01:31+00:00</dc:date>
    <link>https://firehol.org/source-install/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[source code for an iptables based firewall configuration system.]]></description>
<dc:subject>iptables firehol infosec linux</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:5681f9393c79/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:iptables"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:firehol"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:linux"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://twitter.com/CyberDomain/status/827983777867689985/photo/1">
    <title>Twitter</title>
    <dc:date>2017-02-04T20:54:50+00:00</dc:date>
    <link>https://twitter.com/CyberDomain/status/827983777867689985/photo/1</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[The Hobbyist's Guide to the RTL-SDR: Rea  #InfoSec #Cybersecurity  ]]></description>
<dc:subject>Cybersecurity InfoSec</dc:subject>
<dc:source>https://twitter.com/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:840878ed732c/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:Cybersecurity"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:InfoSec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.tobem.com/cyberwar/the-hobbyists-guide-to-the-rtl-sdr-really-cheap-software-defined-radio/">
    <title>The Hobbyist's Guide to the RTL-SDR: Really Cheap Software Defined Radio - CyberWar: Si Vis Pacem, Para BellumCyberWar</title>
    <dc:date>2017-02-04T20:54:50+00:00</dc:date>
    <link>http://www.tobem.com/cyberwar/the-hobbyists-guide-to-the-rtl-sdr-really-cheap-software-defined-radio/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[The Hobbyist's Guide to the RTL-SDR: Rea  #InfoSec #Cybersecurity  ]]></description>
<dc:subject>Cybersecurity InfoSec</dc:subject>
<dc:source>https://twitter.com/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:a5851c2908cf/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:Cybersecurity"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:InfoSec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.itsecuritynews.info/linux-kernel-zero-day-cve-2016-5195-patched-after-being-deployed-in-live-attacks/">
    <title>Linux Kernel Zero-Day CVE-2016-5195 Patched After Being Deployed in Live Attacks | | IT Security News</title>
    <dc:date>2016-10-21T01:20:41+00:00</dc:date>
    <link>http://www.itsecuritynews.info/linux-kernel-zero-day-cve-2016-5195-patched-after-being-deployed-in-live-attacks/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[RT @sorinmustaca: Linux Kernel Zero-Day CVE-2016-5195 Patched After Being Deployed in Live Attacks  #infosec]]></description>
<dc:subject>infosec</dc:subject>
<dc:source>https://twitter.com/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:f82fccc364e1/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arstechnica.com/security/2016/09/stealing-login-credentials-from-a-locked-pc-or-mac-just-got-easier/">
    <title>Stealing login credentials from a locked PC or Mac just got easier | Ars Technica</title>
    <dc:date>2016-09-08T02:16:57+00:00</dc:date>
    <link>http://arstechnica.com/security/2016/09/stealing-login-credentials-from-a-locked-pc-or-mac-just-got-easier/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[pretend to be an ethernet, send a default route, decode the messages you get]]></description>
<dc:subject>infosec hak5-turtle</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:286fac0a3919/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:hak5-turtle"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://incolumitas.com/2016/06/08/typosquatting-package-managers/">
    <title>Coding, Learning and IT Security – Typosquatting programming language package managers</title>
    <dc:date>2016-06-09T06:42:57+00:00</dc:date>
    <link>http://incolumitas.com/2016/06/08/typosquatting-package-managers/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[Typosquatting programming language package managers ]]></description>
<dc:subject>infosec</dc:subject>
<dc:source>https://twitter.com/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:09ae51f66141/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://duo.com/blog/critical-vulnerability-affecting-glibc-patch-immediately">
    <title>Critical Vulnerability Affecting Glibc: Patch Immediately:     Blog:
  Duo Security</title>
    <dc:date>2016-02-16T20:22:23+00:00</dc:date>
    <link>https://duo.com/blog/critical-vulnerability-affecting-glibc-patch-immediately</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[RT @duosec: New critical glibc vulnerability that could lead to remote code execution - patch as soon as possible:   #infosec]]></description>
<dc:subject>infosec</dc:subject>
<dc:source>https://twitter.com/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:131f02561c80/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://opensslrampage.org/">
    <title>OpenSSL Valhalla Rampage</title>
    <dc:date>2014-04-21T03:47:54+00:00</dc:date>
    <link>http://opensslrampage.org/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[For entertaining #infosec reading, see  - @openbsd fixing the problems in OpenSSL, "one arcane VMS hack at a time"]]></description>
<dc:subject>infosec</dc:subject>
<dc:source>https://twitter.com/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:7f4b03cd1e2f/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.ohio.com/news/break-news/akron-s-website-might-not-be-completely-restored-for-months-1.405932">
    <title>Akron’s website might not be completely restored for months - Break News - Ohio</title>
    <dc:date>2013-06-15T03:40:14+00:00</dc:date>
    <link>http://www.ohio.com/news/break-news/akron-s-website-might-not-be-completely-restored-for-months-1.405932</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[RT @MattH: “What we are trying to do is what you might call ‘security by obscurity,’' -Rick Schmahl, Akron OH Chief Info Officer ]]></description>
<dc:subject>akron-ohio security infosec security-by-obscurity</dc:subject>
<dc:source>https://twitter.com/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:1fb502f7d334/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:akron-ohio"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security-by-obscurity"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.welivesecurity.com/2013/05/01/mysterious-avatar-rootkit-with-api-sdk-and-yahoo-groups-for-cc-communication/">
    <title>The mysterious Avatar rootkit</title>
    <dc:date>2013-05-23T19:29:40+00:00</dc:date>
    <link>http://www.welivesecurity.com/2013/05/01/mysterious-avatar-rootkit-with-api-sdk-and-yahoo-groups-for-cc-communication/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[This strange root kit uses @YahooGroups (!) as a communications mechanism  #infosec]]></description>
<dc:subject>infosec</dc:subject>
<dc:source>https://twitter.com/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:7a7ce4a01aee/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://www.facebook.com/unsupportedbrowser">
    <title>Redirecting...</title>
    <dc:date>2013-05-20T16:37:44+00:00</dc:date>
    <link>https://www.facebook.com/unsupportedbrowser</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[RT @therobdale: RT @InghamHSEM: Storms are developing to our west, and a Severe T-storm Watch is likely to be issued soon.  #Lansing]]></description>
<dc:subject>Lansing MIwx DetroitBlues FredReif historian archivist findaway DavidErdody sound NotAnEndorsement Toledo mediachat coalash annarbor DTEEnergy workinonit detsound berrywatch oralhistory PopUpArchive tracyforjudge SaveTheDate Conference photographer gospelmusic producer archiving DavidClaments iheartbees bees LarryGabriel RecordDET slurp PaulSchauert ListeningSpaces HouseofSoul EdVielmetti Onion keweenaw a2schools grandrapids civictech opengr transparency opendata ThankALineman AvlNews Asheville srsw dioxane historicmarker UnitedSound staytuned A2Council Aurora MarquetteMI Ishpeming SonnetBomber ArborBrewingCo a2 Michigan StrongCommunity Cybersecurity InfoSec foolmoon2017 getfoolish Detroit Cuba Dockermeetup Havana SFO17 Connect OpenHours UMichRegents</dc:subject>
<dc:source>https://twitter.com/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:0fb9b78c4638/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:Lansing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:MIwx"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:DetroitBlues"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:FredReif"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:historian"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:archivist"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:findaway"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:DavidErdody"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:sound"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:NotAnEndorsement"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:Toledo"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:mediachat"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:coalash"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:annarbor"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:DTEEnergy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:workinonit"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:detsound"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:berrywatch"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:oralhistory"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:PopUpArchive"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:tracyforjudge"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:SaveTheDate"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:Conference"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:photographer"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:gospelmusic"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:producer"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:archiving"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:DavidClaments"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:iheartbees"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:bees"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:LarryGabriel"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:RecordDET"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:slurp"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:PaulSchauert"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:ListeningSpaces"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:HouseofSoul"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:EdVielmetti"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:Onion"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:keweenaw"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:a2schools"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:grandrapids"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:civictech"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:opengr"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:transparency"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:opendata"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:ThankALineman"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:AvlNews"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:Asheville"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:srsw"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:dioxane"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:historicmarker"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:UnitedSound"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:staytuned"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:A2Council"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:Aurora"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:MarquetteMI"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:Ishpeming"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:SonnetBomber"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:ArborBrewingCo"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:a2"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:Michigan"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:StrongCommunity"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:Cybersecurity"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:InfoSec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:foolmoon2017"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:getfoolish"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:Detroit"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:Cuba"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:Dockermeetup"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:Havana"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:SFO17"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:Connect"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:OpenHours"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:UMichRegents"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://ceriksen.com/2013/01/27/vulnerability-chaining-magic-quotes-bypass-with-hexadecimal-literals-and-data-exfiltration/">
    <title>Vulnerability chaining, magic quotes bypass with hexadecimal literals and data exfiltration | ceriksen.com</title>
    <dc:date>2013-01-27T18:18:26+00:00</dc:date>
    <link>http://ceriksen.com/2013/01/27/vulnerability-chaining-magic-quotes-bypass-with-hexadecimal-literals-and-data-exfiltration/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[latest Wordpress hack explained, combining 4 separate bugs into one "magic quotes bypass"  #infosec #gameover]]></description>
<dc:subject>gameover infosec</dc:subject>
<dc:source>https://twitter.com/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:18f8c2c68f4e/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:gameover"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.androidpolice.com/2011/10/01/massive-security-vulnerability-in-htc-android-devices-evo-3d-4g-thunderbolt-others-exposes-phone-numbers-gps-sms-emails-addresses-much-more/">
    <title>Massive Security Vulnerability In HTC Android Devices (EVO 3D, 4G, Thunderbolt, Others) Exposes Phone Numbers, GPS, SMS, Emails Addresses, Much More</title>
    <dc:date>2011-10-24T03:17:47+00:00</dc:date>
    <link>http://www.androidpolice.com/2011/10/01/massive-security-vulnerability-in-htc-android-devices-evo-3d-4g-thunderbolt-others-exposes-phone-numbers-gps-sms-emails-addresses-much-more/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[Additionally, and the implications of this could end up being insignificant, yet still very suspicious, HTC also decided to add an app called androidvncserver.apk to their Android OS installations. If you're not familiar with the definition of VNC, it is basically a remote access server. On the EVO 3D, it was present from the start and updated in the latest OTA. The app doesn't get started by default, but who knows what and who can trigger it and potentially get access to your phone remotely? I'm sure we'll know soon enough - HTC, care to tell us what it's doing here?
]]></description>
<dc:subject>htc android infosec mobisec</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:e2f4c760e3a0/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:htc"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:android"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:mobisec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://blogs.forbes.com/andygreenberg/2011/02/11/palantir-apologizes-for-wikileaks-attack-proposal-cuts-ties-with-hbgary/">
    <title>Palantir Apologizes For WikiLeaks Attack Proposal, Cuts Ties With HBGary - Andy Greenberg - The Firewall - Forbes</title>
    <dc:date>2011-02-13T19:34:32+00:00</dc:date>
    <link>http://blogs.forbes.com/andygreenberg/2011/02/11/palantir-apologizes-for-wikileaks-attack-proposal-cuts-ties-with-hbgary/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[Now, just a few days later, one of those firms, Palo Alto-based Palantir, has publicly cut ties with HBGary and apologized for its role in the WikiLeaks response plan, essentially verifying the reality of that plan and isolating HBGary further.

]]></description>
<dc:subject>palantir wikileaks infosec</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:19ed2c96bbe6/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:palantir"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:wikileaks"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://gawker.com/5740744/">
    <title>You Can Buy Illegal Access to U.S. Military Websites for $500</title>
    <dc:date>2011-01-23T02:42:40+00:00</dc:date>
    <link>http://gawker.com/5740744/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[I'm going to go for the bargain and hack the State of Michigan and have some real fun. Ha! Try to find yourself on the hand now, Michiganders! 
]]></description>
<dc:subject>michigan-gov security infosec talk-to-the-mitten</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:58858d15bfcf/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:michigan-gov"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:talk-to-the-mitten"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.boingboing.net/2010/12/25/cambridge-university-1.html">
    <title>Cambridge university refuses to censor student's thesis on chip-and-PIN vulnerabilities - Boing Boing</title>
    <dc:date>2010-12-26T18:55:01+00:00</dc:date>
    <link>http://www.boingboing.net/2010/12/25/cambridge-university-1.html</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[Ross Anderson gives a smackdown to British bankers who are unhappy about a student thesis]]></description>
<dc:subject>infosec ross-anderson</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:bdd9834be3ed/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:ross-anderson"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.slate.com/id/2235503/pagenum/all">
    <title>Fix your terrible, insecure passwords in five minutes</title>
    <dc:date>2010-12-19T19:02:40+00:00</dc:date>
    <link>http://www.slate.com/id/2235503/pagenum/all</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[How to create a better password, by using an algorithm; of course, once the algorithm is well known, it's easy to crack passwords that use it.]]></description>
<dc:subject>via:Taryn infosec</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:0db3b796c050/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:via:Taryn"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.forbes.com/sites/firewall/2010/12/13/the-lessons-of-gawkers-security-mess/">
    <title>The Real Lessons Of Gawker's Security Mess - Forbes</title>
    <dc:date>2010-12-13T19:47:45+00:00</dc:date>
    <link>http://www.forbes.com/sites/firewall/2010/12/13/the-lessons-of-gawkers-security-mess/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[Gawker's mess, via Forbes  #infosec]]></description>
<dc:subject>infosec</dc:subject>
<dc:source>https://twitter.com/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:a776af0d2458/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://arbsec.org/">
    <title>ARBSEC - Ann Arbor Security Meetup</title>
    <dc:date>2010-02-02T19:42:19+00:00</dc:date>
    <link>http://arbsec.org/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[ARBSEC is the first Wednesday of every month. Unlike other meetups, you will not be expected to pay dues, "join up", or present a zero-day exploit to attend.

]]></description>
<dc:subject>arbsec annarbor security infosec meetup first-wednesday</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:vielmetti/b:feb58825154b/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:arbsec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:annarbor"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:meetup"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:first-wednesday"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://rdist.root.org/2010/01/11/smart-meter-crypto-flaw-worse-than-thought/">
    <title>Smart meter crypto flaw worse than thought « root labs rdist</title>
    <dc:date>2010-02-02T17:35:49+00:00</dc:date>
    <link>http://rdist.root.org/2010/01/11/smart-meter-crypto-flaw-worse-than-thought/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[Travis describes two flaws: the PRNG is a 16-bit LFSR and it is not seeded with very much entropy. However, the datasheet recommends this random number generator be used to create cryptographic keys. It’s extremely scary to find such a poor understanding of crypto in a device capable of forging billing records or turning off the power to your house.

]]></description>
<dc:subject>via:joshd infosec zigbee random prng crypto</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:335beedb951c/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:via:joshd"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:zigbee"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:random"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:prng"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:crypto"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://asert.arbornetworks.com/2008/11/2008-worldwide-infrastructure-security-report/">
    <title>2008 Internet Security Report | Security to the Core | Arbor Networks Security</title>
    <dc:date>2008-11-11T18:58:03+00:00</dc:date>
    <link>http://asert.arbornetworks.com/2008/11/2008-worldwide-infrastructure-security-report/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[Finally, the surveyed ISPs also said their vendor infrastructure equipment continues to lack key security features (like capacity for large ACL lists) and suffers from poor configuration management and a near complete absence of IPv6 security features. While most ISPs now have the infrastructure to detect bandwidth flood attacks, many still lack the ability to rapidly mitigate these attacks. Only a fraction of surveyed ISPs said they have the capability to mitigate DDoS attacks in 10 minutes or less. Even fewer providers have the infrastructure to defend against service-level attacks or this year’s reported peak of a 40 gigabit flood attack.
]]></description>
<dc:subject>internet security ddos opsec netsec infosec</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:2e36bad30895/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:internet"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:ddos"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:opsec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:netsec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://threatchaos.com/?p=281">
    <title>Threatchaos relaunches! | ThreatChaos</title>
    <dc:date>2008-11-07T20:22:43+00:00</dc:date>
    <link>http://threatchaos.com/?p=281</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[But, a blog buried within Network World’s community is hard to find so as of today I am re-launching threatchaos.com.   With complete control over the technology I use and the features I develop this site will quickly become a valauble resource to the entire IT security industry.    In addition to my daily blog posts I will be retaining people to help with news coverage.  I am also embarking on several video ventures that will show up here.
]]></description>
<dc:subject>infosec stiennon richard threatchaos security blog relaunch</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:bb568cb592d6/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:stiennon"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:richard"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:threatchaos"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:blog"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:relaunch"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.emergentchaos.com/archives/2008/11/checking_in_on_the_securi.html">
    <title>Emergent Chaos: Checking in on the Security of Chequing</title>
    <dc:date>2008-11-06T15:16:59+00:00</dc:date>
    <link>http://www.emergentchaos.com/archives/2008/11/checking_in_on_the_securi.html</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[I remember a conversation back in 1995 or 1996 with someone who described to me how the Automated ClearingHouse (ACH) for checking worked. He explained that once you had an ACH merchant account, you sent in a message of roughly the form (src, dest, amount, reason) and money got moved. I argued with him that this was inconceivable (yeah, yeah), and he must be mis-understanding. He assured me that no, he was right, and that the reason they ran this way was because it was cheaper, and because only trustworthy people could get ACH merchant accounts.
]]></description>
<dc:subject>ach infosec finsec checking check21 better-faster-cheaper-pick-any-two</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:fb77ce72a154/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:ach"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:finsec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:checking"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:check21"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:better-faster-cheaper-pick-any-two"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.emergentchaos.com/">
    <title>Emergent Chaos: The Emergent Chaos Jazz Combo of the Blogosphere</title>
    <dc:date>2008-11-06T15:16:04+00:00</dc:date>
    <link>http://www.emergentchaos.com/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[good reliable security blog
]]></description>
<dc:subject>blog security infosec finsec</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:6274b063baac/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:blog"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:finsec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.pcworld.com/article/149441/article.html?tk=rel_news">
    <title>PC World - Eleven Charged in Massive ID Theft Scheme</title>
    <dc:date>2008-08-07T21:42:33+00:00</dc:date>
    <link>http://www.pcworld.com/article/149441/article.html?tk=rel_news</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[The ID theft ring stole more than 40 million credit and debit card numbers, said Michael Sullivan, U.S. attorney for the District of Massachusetts. The criminals installed sophisticated "sniffer" programs on the retailers' networks, allowing them to collect credit card and password information, he said during a press conference.
]]></description>
<dc:subject>creditcard identitytheft wireless infosec cardshark</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:f158b41391c7/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:creditcard"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:identitytheft"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:wireless"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:cardshark"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.wired.com/politics/security/commentary/securitymatters/2008/03/securitymatters_0320">
    <title>Commentary: Inside the Twisted Mind of the Security Professional</title>
    <dc:date>2008-08-04T17:19:54+00:00</dc:date>
    <link>http://www.wired.com/politics/security/commentary/securitymatters/2008/03/securitymatters_0320</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[Which is why CSE 484, an undergraduate computer-security course taught this quarter at the University of Washington, is so interesting to watch. Professor Tadayoshi Kohno is trying to teach a security mindset.
You can see the results in the blog the students are keeping. They're encouraged to post security reviews about random things: smart pill boxes, Quiet Care Elder Care monitors, Apple's Time Capsule, GM's OnStar, traffic lights, safe deposit boxes, and dorm -room security.
]]></description>
<dc:subject>kohno tadayoshi design security infosec hacking psychology schneier bruce social-engineering-will-get-you-what-you-want</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:dfe2504aea7b/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:kohno"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:tadayoshi"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:design"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:hacking"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:psychology"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:schneier"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:bruce"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:social-engineering-will-get-you-what-you-want"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.provos.org/index.php?/pages/dnstest.html">
    <title>DNS Resolver Test</title>
    <dc:date>2008-07-23T16:04:33+00:00</dc:date>
    <link>http://www.provos.org/index.php?/pages/dnstest.html</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[For secure name resolution, it is important that your DNS resolver uses random source ports. The box below will tell you if there is something you need to worry about.
]]></description>
<dc:subject>dns networks security services dnssec monkey niels-provos infosec netsec</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:36247e151fd6/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:dns"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:networks"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:services"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:dnssec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:monkey"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:niels-provos"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:netsec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.ensuretech.com/mirror/company/aboutensure/aboutensure.html">
    <title>Ensure Technologies: About Ensure</title>
    <dc:date>2008-07-18T01:55:37+00:00</dc:date>
    <link>http://www.ensuretech.com/mirror/company/aboutensure/aboutensure.html</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[Founded in 1997 and headquartered in Ann Arbor, Michigan, Ensure Technologies is an innovative developer of intelligent security solutions designed to provide maximum security with minimal impact on users.
]]></description>
<dc:subject>infosec annarbor michigan ypsilanti proxcard</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:d510c6bed7c4/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:annarbor"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:michigan"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:ypsilanti"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:proxcard"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://code.google.com/p/ratproxy/">
    <title>ratproxy - Google Code</title>
    <dc:date>2008-07-06T23:48:43+00:00</dc:date>
    <link>http://code.google.com/p/ratproxy/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[passive web application security assessment tool
]]></description>
<dc:subject>via:monkey code ajax security testing infosec trust-but-verify</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:312c6ea7d382/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:via:monkey"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:code"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:ajax"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:testing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:trust-but-verify"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.wired.com/politics/security/commentary/securitymatters/2007/12/securitymatters_1213">
    <title>Why 'Anonymous' Data Sometimes Isn't</title>
    <dc:date>2007-12-14T02:51:21+00:00</dc:date>
    <link>http://www.wired.com/politics/security/commentary/securitymatters/2007/12/securitymatters_1213</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[bruce schneier notes that birthdate + zip code + gender is probably enough to identify you.  (ed43 + 48104)
]]></description>
<dc:subject>security surveillance infosec anonymous birthday</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:7500e91fccd5/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:surveillance"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:anonymous"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:birthday"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.theregister.co.uk/2002/12/14/ddos_attack_really_really_tested/">
    <title>DDOS attack 'really, really tested' UltraDNS | The Register</title>
    <dc:date>2007-12-11T21:14:06+00:00</dc:date>
    <link>http://www.theregister.co.uk/2002/12/14/ddos_attack_really_really_tested/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[account of 2002 era attacks on the root name servers, no SLA payouts
]]></description>
<dc:subject>ultradns ddos bgp bgp-anycast party-like-its-2002 infrastructure infosec</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:53d6d89bddfa/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:ultradns"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:ddos"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:bgp"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:bgp-anycast"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:party-like-its-2002"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infrastructure"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://securitydigest.org/phage/bydate">
    <title>The 'Security Digest' Archives (TM) : Phage List: archive, by date</title>
    <dc:date>2007-11-29T19:43:42+00:00</dc:date>
    <link>http://securitydigest.org/phage/bydate</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[Phage List: archive, by date.  3/11/88 - Morris Internet Worm - 20th anniversary coming up
]]></description>
<dc:subject>worm morris-worm security infosec phage security-digest 1988</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:37f4972f5d11/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:worm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:morris-worm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:phage"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security-digest"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:1988"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.zwire.com/site/news.cfm?newsid=19018393&amp;BRD=985&amp;PAG=461&amp;dept_id=161556&amp;rfi=6">
    <title>Journal Inquirer - Security breach affects UConn Foundation donors</title>
    <dc:date>2007-11-20T01:42:29+00:00</dc:date>
    <link>http://www.zwire.com/site/news.cfm?newsid=19018393&amp;BRD=985&amp;PAG=461&amp;dept_id=161556&amp;rfi=6</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[The foundation was one of 92 clients of the vendor, Convio, affected by the breach, Sponauer said.
]]></description>
<dc:subject>convio uconn infosec security nptech john-sponauer nonprofit foundation</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:6ee88d8daa3e/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:convio"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:uconn"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:nptech"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:john-sponauer"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:nonprofit"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:foundation"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.eweek.com/article2/0,1895,2215792,00.asp">
    <title>Attackers Snatch Member Data from 92 Nonprofits</title>
    <dc:date>2007-11-20T01:40:16+00:00</dc:date>
    <link>http://www.eweek.com/article2/0,1895,2215792,00.asp</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[Attackers have stolen passwords and accounts from 92 nonprofits by infiltrating systems at Convio, the leading online marketing company for nonprofits.
]]></description>
<dc:subject>convio getactive nonprofit nptech crm saas infosec</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:8110ce48dbf4/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:convio"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:getactive"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:nonprofit"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:nptech"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:crm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:saas"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://hyper.to/blog/link/opensocial-insecurity-no-user-to-app-authentication/">
    <title>Miron’s Weblog » OpenSocial insecurity - no user to app authentication</title>
    <dc:date>2007-11-06T16:08:34+00:00</dc:date>
    <link>http://hyper.to/blog/link/opensocial-insecurity-no-user-to-app-authentication/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[no user authentication! Any user can forge anybody else’s identity when interacting with any OpenSocial application. As it currently stands, it is not possible to write secure social applications on the platform
]]></description>
<dc:subject>api facebook identity opensocial security widgets infosec</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:26f96a84bc8c/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:api"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:facebook"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:identity"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:opensocial"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:widgets"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://theharmonyguy.com/">
    <title>Social Hacking</title>
    <dc:date>2007-11-06T15:51:15+00:00</dc:date>
    <link>http://theharmonyguy.com/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[I’m really starting to wonder about the overall security of the OpenSocial platform’s design.  Not to say that I know more than Google, but I am surprised these issues weren’t noticed prior to launch.
]]></description>
<dc:subject>google hacking web2.0 opensocial infosec security</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:3c3e2b350550/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:google"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:hacking"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:web2.0"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:opensocial"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://openid.net/pipermail/general/2007-January/001260.html">
    <title>[OpenID] Phishing and OpenID</title>
    <dc:date>2007-11-05T19:35:49+00:00</dc:date>
    <link>http://openid.net/pipermail/general/2007-January/001260.html</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[a significant problem with OpenID   I've brought this up before and had assumed that most of these schemes would not get off the ground because of the severity and obviousness of the problem -- but I was wrong.
]]></description>
<dc:subject>openid phishing security infosec</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:bdae642f68e1/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:openid"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:phishing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.computerworld.com/action/article.do?command=viewArticleBasic&amp;articleId=9043418">
    <title>Details of hijacked 24/7 ad server emerge</title>
    <dc:date>2007-10-23T13:39:26+00:00</dc:date>
    <link>http://www.computerworld.com/action/article.do?command=viewArticleBasic&amp;articleId=9043418</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[Hackers have hijacked a server operated by Internet advertising company 24/7 Real Media Inc. and are using it to seed legitimate Web sites with ads carrying attack code, Symantec Corp. said Friday.
]]></description>
<dc:subject>infosec hackers ad advertising security 24-7-real-media</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:3cfc02269e12/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:hackers"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:ad"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:advertising"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:24-7-real-media"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.thespanner.co.uk/2007/10/17/openid-account-security/">
    <title>OpenID account security</title>
    <dc:date>2007-10-17T05:01:43+00:00</dc:date>
    <link>http://www.thespanner.co.uk/2007/10/17/openid-account-security/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[3 classes of attacks on openid.  (looks like a worse and worse system every time I read one of these articles)
]]></description>
<dc:subject>openid security infosec phishing</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:77f25b830b39/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:openid"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:phishing"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.links.org/?p=188">
    <title>Links » OpenID and Phishing: Episode II</title>
    <dc:date>2007-10-14T23:21:16+00:00</dc:date>
    <link>http://www.links.org/?p=188</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[The OpenID fanboys want OpenID to work on any old platform using only standard software, and so therefore are doomed to live in the world of broken authentication. This is fine if what you protect with your OpenID is worthless, but it seems clear that the
]]></description>
<dc:subject>identity openid phishing security infosec authentication broken worthless</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:f4cb6ea355cd/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:identity"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:openid"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:phishing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:authentication"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:broken"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:worthless"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.links.org/?p=187">
    <title>Links » OpenID: Phishing Heaven</title>
    <dc:date>2007-10-14T23:20:04+00:00</dc:date>
    <link>http://www.links.org/?p=187</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[OpenID announced the release of a new draft of OpenID Authentication 2.0 today. I’m reluctantly forced to come to the conclusion that the OpenID people don’t care about phishing, since they’ve defined a standard that has to be the worst I’ve ever
]]></description>
<dc:subject>identitytheft toread openid infosec security phishing worst-ive-ever-seen</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:2708ff79160c/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:identitytheft"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:toread"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:openid"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:phishing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:worst-ive-ever-seen"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.idcorner.org/?p=161">
    <title>The Identity Corner » The problem(s) with OpenID</title>
    <dc:date>2007-10-14T23:19:03+00:00</dc:date>
    <link>http://www.idcorner.org/?p=161</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[Beyond this, OpenID is pretty much useless. The reasons for this are many: OpenID is highly vulnerable to phishing and other attacks, creates insurmountable privacy problems, is not a trust system, suffers from usability problems, and makes it unappealing
]]></description>
<dc:subject>openid infosec design usability security</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:a939f8ce5365/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:openid"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:design"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:usability"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.xmlgrrl.com/blog/archives/2007/09/21/sun-openid-idp-protocol-and-implementation-review/">
    <title>Pushing String » Sun OpenID IdP: protocol and implementation review</title>
    <dc:date>2007-10-14T23:17:53+00:00</dc:date>
    <link>http://www.xmlgrrl.com/blog/archives/2007/09/21/sun-openid-idp-protocol-and-implementation-review/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[When we put our OpenID provider through the security review wringer (many thanks to Glenn Brunette and his team for their work on this!), some nitsy OpenID protocol questions came out, along with issues of provider and consumer behavior in the wild. Some
]]></description>
<dc:subject>openid security infosec</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:cd8df262b099/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:openid"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.boston.com/business/globe/articles/2007/09/22/tjx_offers_deal_to_end_data_breach_suit/">
    <title>TJX offers deal to end data breach suit - The Boston Globe</title>
    <dc:date>2007-09-24T15:08:57+00:00</dc:date>
    <link>http://www.boston.com/business/globe/articles/2007/09/22/tjx_offers_deal_to_end_data_breach_suit/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[TJX Cos. said that it reached a tentative settlement with customers who were victims of the largest security breach of personal data ever reported and that it would provide store vouchers to some people whose data were compromised and a three-day sale for
]]></description>
<dc:subject>tjx infosec tjmaxx</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:f799c51afeda/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:tjx"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:tjmaxx"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://media.www.michigandaily.com/media/storage/paper851/news/2007/09/19/Crime/Sensitive.Patient.Data.Stolen.From.Nursing.Building-2977434.shtml">
    <title>Sensitive patient data stolen from nursing building - Crime</title>
    <dc:date>2007-09-21T20:32:32+00:00</dc:date>
    <link>http://media.www.michigandaily.com/media/storage/paper851/news/2007/09/19/Crime/Sensitive.Patient.Data.Stolen.From.Nursing.Building-2977434.shtml</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[Since 8,585 tapes were stolen from the School of Nursing two weeks ago - the third data theft in the last year - University officials are stressing the importance of protecting against data theft.
]]></description>
<dc:subject>michigan annarbor umich nursing infosec theft data tapes</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:f3686e859415/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:michigan"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:annarbor"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:umich"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:nursing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:theft"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:data"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:tapes"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.computerworld.com/action/article.do?command=viewArticleBasic&amp;articleId=9034319">
    <title>Pfizer confirms third breach involving employee data since June</title>
    <dc:date>2007-09-10T12:43:00+00:00</dc:date>
    <link>http://www.computerworld.com/action/article.do?command=viewArticleBasic&amp;articleId=9034319</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[The company today confirmed that as many as 34,000 of its employees may be at risk of identity theft after a former employee illegally accessed and download copies of confidential information from a Pfizer computer system without the company's knowledge.
]]></description>
<dc:subject>pfizer pfired infosec via:richard-stiennon</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:32bb93b7b8f6/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:pfizer"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:pfired"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:via:richard-stiennon"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://planet-websecurity.org/Mozilla+Says+%22Ten+Fucking+Days%22/">
    <title>Planet-Websecurity.org: good news brought together</title>
    <dc:date>2007-08-03T20:49:52+00:00</dc:date>
    <link>http://planet-websecurity.org/Mozilla+Says+%22Ten+Fucking+Days%22/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[At this point Mike Shaver threw down the gauntlet. He gave me his business card with a hand written note on it, laying his claim on the line. The claim being - with responsible disclosure Mozilla can patch and deploy any critical severity holes within “
]]></description>
<dc:subject>mozilla security patches infosec ten-freaking-days ten-effing-days ten-fracking-days</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:62d71b96e9b7/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:mozilla"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:patches"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:ten-freaking-days"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:ten-effing-days"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:ten-fracking-days"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://planet-websecurity.org/Congratulation!+You%E2%80%99ve+been+nominated+for+a+Pwnie+Award./">
    <title>Planet-Websecurity.org: good news brought together</title>
    <dc:date>2007-08-02T15:14:50+00:00</dc:date>
    <link>http://planet-websecurity.org/Congratulation!+You%E2%80%99ve+been+nominated+for+a+Pwnie+Award./</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[From the Pwnie Awards website, the Mass 0wnage Pwnie Award is Awarded to the person who discovered the bug that resulted in the most widespread exploitation. Also known as the Pwnie for Breaking the Internet.
]]></description>
<dc:subject>security infosec pwnie most-likely-to-break-the-internet</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:ee7a15b36e06/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:pwnie"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:most-likely-to-break-the-internet"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://mezzoblue.com/archives/2007/06/05/unsettling/">
    <title>mezzoblue § Unsettling</title>
    <dc:date>2007-06-06T18:05:17+00:00</dc:date>
    <link>http://mezzoblue.com/archives/2007/06/05/unsettling/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[For those who host with Dreamhost: I received a confirmation email from them at 8:27pm PST on June 5th that yes indeed, something in the neighbourhood of 3,500 FTP accounts have been compromised. If you’re on Dreamhost, time to change all your passwords
]]></description>
<dc:subject>dreamhost infosec wordpress spam security hosting</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:4fb1e572e282/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:dreamhost"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:wordpress"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:spam"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:hosting"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://mikeg.typepad.com/perceptions/2007/04/corporate_data_.html">
    <title>Collaborative Thinking: Corporate data slips out via Google Calendar</title>
    <dc:date>2007-06-06T13:45:37+00:00</dc:date>
    <link>http://mikeg.typepad.com/perceptions/2007/04/corporate_data_.html</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[Google Calendar gives users the choice of keeping calendar entries private or publishing them for the world to see, but some Google Calendar users appear to be sharing their calendar information without realizing it.
]]></description>
<dc:subject>calendar google security infosec</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:3153a8814ecd/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:calendar"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:google"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.oscandy.com/hacking/454-dreamhost-hosting-platform-hacked">
    <title>Dreamhost hosting platform hacked! — Open Source Candy</title>
    <dc:date>2007-06-06T13:25:42+00:00</dc:date>
    <link>http://www.oscandy.com/hacking/454-dreamhost-hosting-platform-hacked</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[some details emerging of dreamhost hack problems.  black hat seo spam appears to be the nature of the exploit.
]]></description>
<dc:subject>dreamhost hosting infosec security</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:cd3542d89a9c/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:dreamhost"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:hosting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://it.slashdot.org/article.pl?sid=07/05/29/1410258">
    <title>Slashdot | The Real Impact of the Estonian Cyberattack</title>
    <dc:date>2007-05-29T16:33:26+00:00</dc:date>
    <link>http://it.slashdot.org/article.pl?sid=07/05/29/1410258</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[slashdot notes jose nazario's reporting on the estonian denial of service attacks
]]></description>
<dc:subject>a2b3 slashdot jose-nazario estonia cyberattack ddos infosec</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:86368a585b76/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:a2b3"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:slashdot"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:jose-nazario"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:estonia"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:cyberattack"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:ddos"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://news.com.com/2008-7349_3-6186751.html">
    <title>Cyberattack in Estonia--what it really means | Newsmakers | CNET News.com</title>
    <dc:date>2007-05-29T16:25:42+00:00</dc:date>
    <link>http://news.com.com/2008-7349_3-6186751.html</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[When it comes to denial-of-service attacks, Jose Nazario has seen just about everything.
]]></description>
<dc:subject>a2b3 estonia ddos cybercrime infosec</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:e5a13cbe5cdb/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:a2b3"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:estonia"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:ddos"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:cybercrime"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://news.bbc.co.uk/2/hi/technology/6526851.stm">
    <title>BBC NEWS | Technology | Cursor hackers target WoW players</title>
    <dc:date>2007-04-08T16:18:12+00:00</dc:date>
    <link>http://news.bbc.co.uk/2/hi/technology/6526851.stm</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[Research by security firm Symantec suggests that the raw value of a WoW account is now higher than a credit card and its associated verification data.
]]></description>
<dc:subject>credit identity wow infosec security using-my-platinum-wow-account-to-buy-groceries</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:0ec456330d5d/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:credit"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:identity"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:wow"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:using-my-platinum-wow-account-to-buy-groceries"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.networkworld.com/news/2007/032907-tjx-data-theft-largest.html?nlhtsec=0326securityalert5&amp;company=Masergy">
    <title>UPDATE--TJX data theft called largest ever: 45.7M credit card numbers - Network World</title>
    <dc:date>2007-04-02T13:18:51+00:00</dc:date>
    <link>http://www.networkworld.com/news/2007/032907-tjx-data-theft-largest.html?nlhtsec=0326securityalert5&amp;company=Masergy</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[Detailing the sheer magnitude of a crime first reported earlier this year, TJX yesterday disclosed in financial reports that at least 45.6 million credit and debit card numbers were stolen in 2005 and another 130,000 last year by hackers who have yet to b
]]></description>
<dc:subject>tjx tjmaxx credit creditcard identify theft fraud infosec</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:241b5fa4a281/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:tjx"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:tjmaxx"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:credit"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:creditcard"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:identify"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:theft"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:fraud"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://google.brand.edgar-online.com/fetchFilingFrameset.aspx?FilingID=5062935&amp;Type=HTML">
    <title>TJX 10-K: computer intrusion at TJX, parent company of TJ Maxx</title>
    <dc:date>2007-03-30T05:26:09+00:00</dc:date>
    <link>http://google.brand.edgar-online.com/fetchFilingFrameset.aspx?FilingID=5062935&amp;Type=HTML</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[We suffered an unauthorized intrusion into portions of our computer systems that process and store information related to customer transactions that we believe resulted in the theft of customer data. We do not know who took this action and whether there w
]]></description>
<dc:subject>tjx edgar 10-k sec filing security infosec credit-card all-your-discount-merchandise-are-belong-to-us</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:888da6e4343b/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:tjx"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:edgar"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:10-k"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:sec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:filing"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:credit-card"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:all-your-discount-merchandise-are-belong-to-us"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.donblumenthal.com/">
    <title>Don M. Blumenthal</title>
    <dc:date>2007-02-13T16:48:05+00:00</dc:date>
    <link>http://www.donblumenthal.com/</link>
    <dc:creator>vielmetti</dc:creator><dc:subject>privacy security infosec a2b3 annarbor</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:51d4bbd2adf3/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:privacy"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:a2b3"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:annarbor"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.hamachi.cc/download/">
    <title>Hamachi : Download</title>
    <dc:date>2007-02-13T04:35:05+00:00</dc:date>
    <link>http://www.hamachi.cc/download/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[free vpn software.  holding my recco until some infosec geek blesses it
]]></description>
<dc:subject>internet free infosec via:anarchivist</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:aaa02564d745/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:internet"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:free"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:via:anarchivist"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://times.hankooki.com/lpage/200702/kt2007021117420210440.htm">
    <title>The Korea Times : Professor Leads ‘Indirect’ War on MS</title>
    <dc:date>2007-02-13T04:17:03+00:00</dc:date>
    <link>http://times.hankooki.com/lpage/200702/kt2007021117420210440.htm</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[korean internets depend on active x controls for info security, locking out mac, linux.  k. professor sues
]]></description>
<dc:subject>korea microsoft openweb a2b3 opensource infosec activex</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:4def9f9d4b55/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:korea"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:microsoft"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:openweb"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:a2b3"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:opensource"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:activex"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://maloff-ip.com/MaloffOnTheInternet/">
    <title>Maloff on the Internet</title>
    <dc:date>2007-02-12T05:24:57+00:00</dc:date>
    <link>http://maloff-ip.com/MaloffOnTheInternet/</link>
    <dc:creator>vielmetti</dc:creator><dc:subject>voip skype security infosec linkedin</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:bff8f479978a/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:voip"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:skype"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:linkedin"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://news.bbc.co.uk/2/hi/technology/6338261.stm">
    <title>BBC NEWS | Technology | Hackers attack heart of the net</title>
    <dc:date>2007-02-07T21:09:24+00:00</dc:date>
    <link>http://news.bbc.co.uk/2/hi/technology/6338261.stm</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[ddos against dns, film at 11
]]></description>
<dc:subject>ddos infosec bbc dns</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:1e588bf52aa9/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:ddos"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:bbc"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:dns"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://atlas.arbor.net/">
    <title>ATLAS Dashboard: Global Summary</title>
    <dc:date>2007-02-05T20:56:29+00:00</dc:date>
    <link>http://atlas.arbor.net/</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[infosec dashboard of global threats and attacks
]]></description>
<dc:subject>security virus worm web infosec via:nazarijo a2b3</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:54343811099f/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:virus"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:worm"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:web"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:via:nazarijo"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:a2b3"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://blogs.zdnet.com/security/?p=15">
    <title>» Super Bowl stadium site hacked, seeded with exploits | Zero Day | ZDNet.com</title>
    <dc:date>2007-02-03T01:49:06+00:00</dc:date>
    <link>http://blogs.zdnet.com/security/?p=15</link>
    <dc:creator>vielmetti</dc:creator><description><![CDATA[malicious javascript installs keystroke logger.
]]></description>
<dc:subject>security superbowl virus javascript infosec</dc:subject>
<dc:identifier>https://pinboard.in/u:vielmetti/b:2584cadb887e/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:security"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:superbowl"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:virus"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:javascript"/>
	<rdf:li rdf:resource="https://pinboard.in/u:vielmetti/t:infosec"/>
</rdf:Bag></taxo:topics>
</item>
</rdf:RDF>