There has been a strange radio advertisement running lately. I know, you are probably saying “Radio? What is that?”. It is true, I sometimes listen to the radio — on my cell phone, if that is any consolation.

Anyway, a Mitt Romney disciple running for the office of California Governor has a radio campaign that says she was present when eBay’s servers crashed. Correlation or causation? Why did they crash? Poor planning on her part? They do not say.

It is hard to guess what the message is supposed to be from this radio advertisement but it sounds to me like if you have Meg Whitman around she will let things crash without being prepared (no failover) and then she will literally sleep while others scramble to fix them.

Here is the exact text I heard:

When the servers crashed, effectively putting eBay out of business, Meg gathered her team, along with the best technology experts from around Silicon Valley, and they stayed there until it was fixed. Literally, sleeping at the office.

When the servers crashed? They make it sound so inevitable. It is not “when the truck crashed into the servers” or “when a tornado ripped out the servers” or even “when someone spilled their mocha-java-whipped-frothy-sprinkle-latte on the servers”.

No, they left that part out. It is just when the severs crashed. That happens with Meg around, apparently.

Great. So she clearly was unprepared. The company almost went out of business. This just goes from bad to worse.

And then she literally slept at the office during a disaster? Let’s hear it for an unprepared leader who goes to sleep at the office?

Who wrote this ad?

eBay…hmmm, I seem to remember Whitman saying she would stay for a decade. Then she had some kind of mishap called a “private matter”, eBay stock was tanking, and she quit.

The early exit of Meg Whitman from her employer during tough times, coupled with her new radio ad, gives me the impression of an unprepared asleep-on-the-job quitter candidate.

It begs the question: if Romney’s disciple is elected will the story be “when the economy crashed, Meg gathered people together and then slept in her office until it was fixed”?

Some have pointed out her money comes from out-of-state. Could her big out-of-state donors plan to run fix-it services that will cash-in when the state is “crashed” and she is sleeping?

Factcheck.org has another way of describing Meg Whitman’s advertisements:

it’s Whitman who fails when it comes to the facts

The NYT reports that her direction at eBay failed

John Donahoe, her successor, has pretty much disassembled all of her major strategic moves.

Does that make her the unprepared asleep-on-the-job quitter liar candidate? And this is just from her own campaign language. I have not even bothered to look into her son getting kicked out of Princeton for racism towards blacks.

These days when I think of samba overflows I get images of bahais fejoida completa dancing in my head. Fortunately a security alert from the samba team has brought me back to reality. No Caipirinha today.

Two functions of Samba version 3 can be exploited remotely even without authentication due to a buffer overflow error. It was found during an internal code review and a fix has already been released.

The sid_parse() function (and related dom_sid_parse() function in the source4 code) do not correctly check their input lengths when reading a binary representation of a Windows SID (Security ID).

A SID is the variable length binary value used by Microsoft to uniquely identify a user or group in Windows. It was introduced to manage user permissions independently of human-readable characters such as a username. Changing a username mapped to a SID therefore does not impact the system as much as remapping all the permissions to a username.

Patch, upgrade to Samba 3.5.5 or deploy countermeasures (e.g. strict segmentation and ingress/egress filtering) immediately.

Blizzard Entertainment has raised the stakes for Cheating in StarCraft II

Playing StarCraft II legitimately means playing with an unaltered game client. Doing otherwise violates our policies for Battle.net, and it goes against the spirit of fair play that all of our games are based on. We strongly recommend that you avoid using any hacks, cheats, or exploits. Suspensions and bans of players that have used or start using cheats and hacks will begin in the near future.

A permanent ban for an account is apparently a big step. I am not familiar enough with the game to know whether someone could open multiple accounts and use them for testing cheats. This would be a simple countermeasure to an account ban — lessen the value of the account.

It seems to me an even bigger and more exciting step would be if they offered an incentive system for whistleblowers. Then players not only would engage in battle online but also could try to get ahead by reporting suspicious accounts. Or would they have to change the name to StarNarkCraft?

I am honored to be presenting three topics at the The High Technology Crime Investigation Association (HTCIA) International Conference next week. They just mentioned it on the conference blog:

Davi Ottenheimer, a security and PCI expert, blogs at http://www.flyingpenguin.com/ — not just about infosec, but also on a wide variety of topics including energy, food, and sailing. He’ll be presenting “Anatomy of a Breach” on Wednesday, along with “No Patch for Social Engineering” and “Cloud Investigations and Forensics,” both on Monday.

Well, I’d say it’s all just the poetry of information security :)

The HTCIA is made up of many local chapters designed for information sharing on investigations, as you might guess from who is allowed membership

(a) Peace Officers, Investigators and Prosecuting Attorneys engaged in the investigation and/or prosecution of criminal activity associated with computers and/or advanced technologies. Each member shall be regularly employed by the Federal Government, State Government, Counties, and/or Municipal subdivisions of any state, or

(b) Management Level and Senior Staff Security Professionals in the regular employ of private business or Industry in the various states, the primary duties of which, are the control and responsibility for security and/or investigation in computer or advanced technology environments, or by virtue of his/her position or interest can provide, or have a need for information and training in the areas of computer and/or advanced technologies.

I hope the NZ security community reps will be there and able to discuss the Wilce incident.