Why Phish? Just invite!

Garage Sale on Craigslist


So I love garage sales as much or maybe more than the next person but this scares me. “We’ll be taking cash or Paypal. (To use Paypal you have to pay on site using my laptop and the transaction would have to clear before you leave. This means no E-check transactions.)” I don’t think the person is planning anything bad but, what if their computer is infected? Now everyone’s usernames and passwords have been exposed. Or what if an evil garage sale shopper has a USB Hacksaw with them and infects the computer? 

I have to run grarge sales are waiting…. 



TSA swap’s laptop

So the other day a friend of a friend brought my friend Bob at Laptop and a great story. He was on his way home to Cleveland from out of the country. TSA did the standard search and seizure of all his belongings and he moved along. A little while later he went to log into his laptop and notice it wasn’t his. He had a non qwerty keyboard on his and this was a qwerty system. So he went to TSA and they were not much help. In fact they wanted him to give them the laptop. He said “NO” and kept the laptop. He wanted to have something to trade with the guy who had his laptop. TSA claimed to remember checking a guy with the name that was the same as the login name but, they couldn’t help him. The airlines were not much help either. So for about 3 days he kept calling the TSA and no respond.

So he brought the laptop to Bob. Bob called the computer manufacturer and explained the issue. Then he escalated the issue to a supervisor. The supervisor said sorry no subpoena no info. He did suggest Bob talk to the corporate offices and gave him the phone number. So Bob called. They were not much help either. So when they transferred him to the product registration group the time had come to stop playing games. Or was time to start? “Hi, This is Bob. I’d like to check that my co-worker has registered his laptop correctly.” So Bob quickly learned that the machine hadn’t been registered.  So they wanted a subpoena to say they had no info. Got to love it.

A few hours later the friend finally received a call from the TSA. They said “Sorry we haven’t heard anything yet. If you can Hack into the machine and get any info go for it.”  So Bob did. The ophcrack disks didn’t work(Laptop Froze.) So he went old school and ran an Ubuntu liveCD. Mounted the local drive and was in.

Then the fun of finding the owner started. Bob noticed a resume, resignation file and a job description. So the assumption is that maybe it’s a manager and an employee is leaving. Bob also noticed the pictures and movies on the drive didn’t feel like a typical set of guy pictures. He went back and looked at the resume again and then it all made sense. The resume was for a lady. Her e-mail address that was on the resume was very similar to the login ID of the laptop. Bob found the owner.

The laptops got swapped back to the correct owners and everyone is happy except for the TSA.

Movie star teaching in Northeast Ohio!

The famed star of “The PCI ultimatum”, Dwayne Edwards, also of Dwayne’s world of security, is going to be teaching two classes at Corporate College East.

Deactivating the robot.

He may not teach us how to stop the robots but, then again it is Dwayne!

Hope to see you there.

Security Breaches – Executive Session – Cost $99



Foundations of Information Security – Cost $595

Collaboration Technology and Engaging the Campus 2008

Thursday, May 8, 2008
Case Western Reserve University
Thwing Center
Cleveland, Ohio

9am – 4 pm

To the Cleveland 2.0 Community:

I would like to ask for your support in distribution this invitation to your friends, colleagues, on your blogs and wikis… This is an outstanding opportunity for the entire  community to learn and participant in the emerging world of collaboration technology. In addition to workshops, panels, and keynotes, there are big raffle drawings for computer systems and more (must be present to win). The website is open for registration at http://www.case.edu/its/collabtech08/collabtech08.html
Case Western Reserve University will highlight new technologies and how they enhance research and discovery during its campus Collaboration Technologies Summit 2008 from 9 a.m. to 4 p.m. May 8 in Thwing Center. In addition, the keynote and panels will be streamed in ClevelandPlus in SecondLife <http://www.case.edu/its/services/documents/SlClevelandPLusIntro.pdf> .

All university faculty, staff, students, alumni, neighborhood and community partners are invited to attend the symposium and demonstration event—that will be conducted simultaneously at collaborative sites throughout world.

The event will feature a keynote address by Anthony D. Williams. An author, researcher and consultant, Williams’s latest project is the bestselling book (co-authored with Don Tapscott) called Wikinomics: How Mass Collaboration Changes Everything.

Two panels at the summit will be anchored by Campus Computing Project Director, Dr. Kenneth Green, Visiting Scholar at Claremont Colleges. The first panel is titled Making Sense of the explosion of Web 2.0 tools and their relevance and consequence in Higher Education. Panelists include educators and faculty leaders from Case Western Reserve University, University of Southern California, Bradley University, and Researchers from IBM. At the end of the day-long event Green will host a panel called Collaboration Technology—What’s Next?: Bold Predictions, Cautionary Notes and Take Away Lessons. Panelists include leaders from Case Western Reserve University, Tri-C, MIT, and the co-founder of SecondLife, Cory Ondrejka.

Cleveland Day of .NET Saturday, May 17, 2008

Cleveland Day of .NET is a free one day conference targeted at developers using the Microsoft .NET platform. It is a collaborative effort among the various local user groups and is open to all developers, local or otherwise. This event is occurring on Saturday, May 17, 2008 from 8:00 AM to 5:30 PM. More info on location and speakers will be posted as it becomes available.

Cleveland has a lot of passionate, knowledgeable developers that have been asking for the opportunity to get together and share their knowledge with each other. Now we all have that chance!

There will be numerous sessions to choose from covering a variety of topics. The exact session list will be coming in a few weeks but you can look forward to topics such as:

  • Silverlight
  • DLR / IronRuby / IronPython
  • SharePoint / MOSS
  • SQL Server 2008
  • … many more



HTCIA Spring Training Conference May 12-14th in Cleveland

HTCIA Spring Training Conference May 12-14th in Cleveland

Interested in forensics and computer security?
Looking for something locally?
Don’t have much money to spend?
Than you’ll want to check out this great conference happening here locally in May…

The High Technology Crime Investigation Association (HTCIA)

2008 Spring Training Conference

When: May 12 – 14, 2008

Location: Lakeland Community College

Cost: $225

For schedule of sessions and speakers see this page: http://www.ohiohtcia.org/speakers.html

For more information visit http://www.ohiohtcia.org/conference.html

Notacon – April 4th – 6th 2008


www.notacon.org is happening April 4th – 6th 2008. Right here in Cleveland Ohio. (That’s local for me.)

From the website:

NOTACON, an annual conference held in Cleveland, Ohio, explores and showcases technologies, philosophy and creativity often overlooked at other “hacker cons”. Our desire is not to supplant other events, but complement them and strike a balance that has gone unnoticed in our community for far too long.

With each new year we build upon the successes and knowledge of the previous years. Our goal is to enlighten, educate, and entertain attendees, presenters, and staff alike. We try to do this by finding new ways to apply technology to graphics, art, music, or social interaction.

Notacon espouses an ethos of exploration, participation and positive contributions. Hence, while some of the material we may cover is controversial or potentially “black hat” in nature, we feel it is important to bring light to all topics so that everyone can learn from the experience and create something good, fun or interesting from it.

Events during Notacon run from Friday morning through Sunday afternoon. These include over 40 presentations, contests such as “Anything but Ethernet”, game shows, prize giveaways and a whole lot of who-knows-what. Anything can happen, and usually does.

Feel free to get involved in our community now by exploring our getting involved section. Also, please join our forums, mailing lists, IRC server, and other online communities. Feel free to check out our archives (2004, 2005, 2006) from previous years as well.

Free Wireless Networks Lab March 12th!

All NEOISF Members,

Matt Neely is holding a lecture and lab in March on locating and securing wireless networks.  In this lab participants will learn basic information about 802.11 networks, how to find wireless access points using NetStumbler and Kismet and tips on securing 802.11 network. This is a two hour class that will include both a lecture and hands-on lab.

Thanks to Baldwin-Wallace’s generous donation of this class is FREE to all NEO Info Sec Forum members!

There is a catch.  Seating is limited.  Only 34 slots are available so we are requiring folks to register to attend this class.  Further, if you register you need to attend – please notify us in advance if you are unable to attend so we can free up that seat for someone else.

Here are the details…

Title : Using NetStumbler and Kismet to Find Wireless Network
Topic : Covered above
Date : Wednesday March 12th from 6:30 to 8:30 PM
Location : Baldwin-Wallace College Exact location details will be sent once registration is confirmed
Cost : FREE
Computer for Lab : All machines will be provided by Baldwin-Wallace.  No need to bring your own laptop.
Technical Level : Intermediate

REGISTRATION DEADLINE: Again, you MUST register to attend due to the limited seating and slots are FIRST COME FIRST SERVE. YOU MUST REGISTER TO ATTEND!

If you are interested REGISTER NOW by replying to this email with the following information.  This will help us understand our audience…

EMAIL ADDRESS (not shared with anyone):

Matt Neely
Steering Committee Member
Northeast Ohio Information Security Forum matthew.neely@neoinfosecforum.org

Web Application Security Hands-On Class – Apr 24 – 25, 2008 (Cleveland)

A friend of mine is putting on a Web Application Security Class. The class was awesome and a lot of fun. Lots of Hands-On labs.

Apr 24 – 25, 2008