The email and anti-spam communities lost one of their leading lights last night. JD was a passionate defender of email end users. He will be greatly missed by all of us.
For some of the many tributes go to the site above or to this from CAUCE, an organization JD helped found.
“Brave journalists have defied court orders and have even been jailed rather than compromise their ethical duty to protect sources. But as governments increasingly record their citizens’ every communication — even wiretapping journalists and searching their computers — the safety of anonymous sources will depend not only on journalists’ ethics, but on their computer skills.”
“Security is a comparatively young discipline, and that relative youth means that many of the men and women responsible for pioneering the field are not only still here, but are still actively working, writing, speaking and sharing their knowledge and experiences with anyone willing to read or listen. This will not always be the case.”
“There’s an opt-out that you can apply for that lets you block your registered trademark from being in the pool of available .xxx domains and prevent third-parties from exploiting your carefully crafted brand identity. The fee is $199-$350 depending on your registrar. The block lasts for 10 years.”
“Mainsleaze is nerdy slang for spam sent by large, well-known, otherwise reputable organizations. Although the volume of mainsleaze is dwarfed by the volume of spam for fake drugs, account phishes, and Nigerian 419 fraud, it causes work for mail managers far out of proportion to its volume.
The new MainSleaze blog…is all mainsleaze all the time, and she’s having no trouble finding plenty of examples.”
“It’s become a firm fixture of everyday life, loathed by some but essential to nearly all of us, and yet its future is far from certain. Email is forty years old this month, with the first message having been sent in October 1971.”
The information suggests that more than 760 other organizations had networks that were compromised with some of the same resources used to hit RSA. Almost 20 percent of the current Fortune 100 companies are on this list.
“Ritchie, the creator of the C programming language and co-developer of the Unix operating system passed away on October 8 at the age of 70, leaving a legacy that casts a very long shadow.”
“Being able to trust email from federal agencies is highly important to them, not merely for communication among agencies but also between the government and its constituents.”
“Most companies proclaim to be ‘listening’ in the space but very few have changed or implement processes or products based on this listening. Huge ROI can be gained just by measuring changes that stem from listening. It’s sad to say, but the only changes I have seen are those due to large or threatening groundswells. And in my view, change was only made to silence the noise.”
“Military network security specialists aren’t sure whether the virus and its so-called “keylogger” payload were introduced intentionally or by accident; it may be a common piece of malware that just happened to make its way into these sensitive networks. The specialists don’t know exactly how far the virus has spread. But they’re sure that the infection has hit both classified and unclassified machines at Creech. That raises the possibility, at least, that secret data may have been captured by the keylogger, and then transmitted over the public internet to someone outside the military chain of command.”
(Isn’t this the opening scene of some bad old spy novel? -BoM)
“Twitter finds much of its strength in the fact that you can refine who you follow, choosing to only follow family, or people in your niche, or your customers. By diluting this with agreeing to follow those who have mass followed you, you will likely lose interest in Twitter.”
“Too many security pros blame users for failing to remember the fundamentals that security awareness training teaches, but the real problem is that these programs just aren’t very good”
“Both the U.S. government and the country’s internet service providers (ISP) agree that botnets are among the greatest threats facing Web users.
But they can’t yet agree on what to do about it, because the ISPs aren’t exactly the biggest fans of a government document calling for them to establish voluntarily, industry-wide standards for detecting and fighting threats.”
“It seems spammers are buying very, very old lists scraped from usenet and inviting everyone on those lists to join them on Google+.”