A short list of legitimate emails you will never get, if you have something else feel free to add:

* Lottery winnings - Microsoft is the big winner here, they keep sending me winning notifications, but I just don’t collect
* Your doctor’s prescription (probably some obscure medicine might go through, while most won’t) - to buy “cheap” fake medicine
* Your Antivirus renewal notice - trying to get you to install some form of malware
* Your bank’s security notice, and statement - of course its phishing scams
* Paypal payments being done to your name or from your name - phishing scams mainly
* Job offers - I get these money “mule” offers and get paid per call spam
Anything I missed?

If you ever went to a blackhat you probably think that the security crowd is a bunch of stuck up, unfriendly, egomaniacs.

That’s why I like the local meetups - the gatherings that bring together people who live in the area and like security as much as you do. Suddenly those same egomaniacs become fun drinking buddies who like to have interesting discussion and share interests.

I just saw an announcement about ARBSEC - “an informal CitySec meetup of local security professionals” in Ann Arbor, Michigan. I spoke at a “rubi-con” conference in Michigan once (is rubi-con still around?) and really liked the local guys. I recommend anybody who likes security and is in the MI area to check it out. If I get to the midwest area on that date I’ll be sure to attend.

The problem with these local meetups is that everybody knows where blackhat is held, but not too many people know where their local security ‘meetup’ is, or if one even exists. I know that there used to be a group meeting in the DC/VA area, and a “Security n’ Suds” monthly gathering in Northern California - both were almost secret and if you didn’t know who to ask, you had no chance of knowing they exist. Other groups like Austin Hackers seem to be defunct or at least stopped updating their web site a few years ago.

So what meetups are currently active? Please share if you know of a local security meeting club. If you want to start a local meetup in your area, try your luck here in the comments section and maybe you’ll find others who would like to join…

Yeah, it is true. I guess some programming errors are more serious than others, so lets give these guys a break: I also suppose the dark clouds gathered for all the recent DDoS characters, too.

And you thought this day would never come… read more here.

No, this is not a joke

Adobe Acrobat, at least the reader, has been owned. Again. So Surprising.

The good news is that Xpdf probably isn’t vulnerable

A new company is telling everyone which new companies are worth investing in.  Is this something we should get into?

http://news.bbc.co.uk/go/em/-/2/hi/technology/7900463.stm

“The software measures the “buzz” surrounding a company via blogs and media reports along with a variety of factors including website traffic.”

We should all blog and Twitter about this.

Then we should all blog about how blogging is so last year.

This would be hilarious, except for the fact that I think the guy who wrote it (some years back, but still) was serious.

I don’t know if that makes it more funny, or less …

Even the domain name is funny, as in “delusions of adequacy” …

There will be a new national register of mobile phone users in Mexico.

Under a new law published on Monday and due to be in force in April, mobile phone companies will have a year to build up a database of their clients, complete with fingerprints. The idea would be to match calls and messages to the phones’ owners.

(underlining added)

Mexico has a very strong culture of using prepaid phones.

Kaspersky’s USA website was hacked by SQL injection. Maybe they should hire some virus writers to secure their website, or better yet, a good penetration testing team.

Grab more details about the incident here.

There is an interesting article about NetBSD becoming the new os on the tmobile sidekick. While NetBSD can run on just about any kind of relevant hardware, running NetBSD on the sidekick and painting a nice GUI (with the help of Danger probably) should be lots of fun. As an end result, could this not rank as the most secure mobile device if nothing else?