Security's Everyman

Security's Everyman

Wednesday, April 30, 2008

I hack Johnny Long

 P4300561 As I said in my SecureWorld Atlanta Day 2 post I met Johnny Long today. He gave the Keynote talk today and was by far the best part of the event. He gave his "No Tech Hacking" talk and also talked a little about his new venture "Hackers for Charity" and explained what they do. After his talk I went to talk to him about a few things. I wanted to talk to him about his faith which is very much a part of who he is. I wanted to talk to him about "Hackers for Charity" and about "No Tech Hacking". We talked about the first two and had to cut it short before getting to the third topic. Of course the first two are the most important and made my few minutes with him well worth it.

I was a little familiar with "Hackers for Charity" but had never really checked into it. After hearing Johnny talk about it and seeing a few slides that he had I decided that I wanted to do something to support it. Right now I can't go to Africa but I can do a couple of other things. I'm going to buy a copy of Johnny's new book "No Tech Hacking". This will help because when you go to his site and click on the book link it takes you to Amazon and you can buy it there. Also when you do it this way all of the proceeds of the sale go to "Hackers for Charity" . The proceeds of the sale of just one book will feed a child for a month. Johnny isn't keeping any money from the sale of these books. So in addition to getting a good book I'll also be doing something to help the charity.

The next thing that I'm going to do is ask each of you to do a couple of things. Buy the book from Johnny's site and take a look at "Hackers for Charity" and see if there is anything else that you can do. Then tell all your friends about it and encourage them to do something.

Why am I making such a big deal about this? Not that I think that this is the greatest charity ever but because it is a charity that was started by a hacker and security professional. It's something that we as Security Pros can get involved with and make a real difference in the lives of kids and others. We all talk about wanting to make a difference in the world of security but that has limited impact. Changing lives is something that has lasting impact.

SecureWorld Atlanta 2008 Day 2

Day 2 at SecureWorld was much the same yet quiet different. It started off with a Atlanta InfraGard Chapter meeting. There was a report on "Emerging Threats" by an FBI analysts that was pretty good and then followed by a Panel discussion (I missed the topic) that never was. What I mean by that is that each of the panelists talked a little about who they are and what they do. Then the moderator asked if there were any questions. A lady asked a question about SMB security and the moderator opened it up to allow the audience to give input. That pretty much took the rest of the time.  I never did find out what the topic of the panel was because the panel was never given the chance to talk.

The morning Keynote was by far the highlight of the conference. The speaker was Johnny Long talking about his No Tech Hacking. Not only was it informative but it was also enjoyable. I'm going to talk more about this in a separate post.

After Johnny's Keynote I attended a talk about aligning your security program with business objectives. This is something that is easier said than done and I am looking for any good tips I can get. The reason I say it is easier said than done is because often you get lots of push back when you try to do security the right way. Too often Management is only concerned about compliance checkboxes and so they don't support efforts to align the security program with the business objectives. The biggest obstacle here is educating management. They often don't want to learn or change and it's our job to convince them otherwise.

The rest of the day was pretty decent. I attended a couple of talks that were OK but nothing earth shattering. I had to miss the last session (of course it was one that I really wanted to go to) because of a conference call that I had to join in on.

All in all the conference is worth the money. It's a $200 conference so don't expect too much but you get your moneys worth. I'll probably attend next year again since it's here in Atlanta and offers good opportunities to network, meet new people and learn a little. If you're in the Atlanta area you many want to look into it next year.

SecureWorld Atlanta 2008 Day 1

OK, so I'm a little late on my day one update. When I got home after day one I spent time with the family and then had some work to do. I was up until 1:00 am finishing a project plan that was due today.

This is my first SecureWorld Atlanta conference and wasn't sure exactly what to expect. I had looked over the conference schedule and knew from the length of the sessions and the titles that it wasn't going to be too technical. That's fine with me because I don't do much that is technical in my day to day work any  longer, but I do enjoy sitting in technical sessions to stay fresh and learn new things.

I attended a session on SAN security considerations and a discussion by DHS on Securing critical infrastructure. I figured that the critical infrastructure talk would be a good one for me since I work for a company that is part of Atlanta's critical infrastructure. Neither session was overly informative but the CI session did have some good content and most importantly gave me some good contacts to keep for the future. From the SAN session I did come up with a few questions that I need to have my SAN team answer for me now.

The rest of Day one was spent talking to vendors trying to get past the "snake oil" and see what it is that they really do and how they are different than their competitors. I'm am actively looking at several different technologies to determine if they will meet needs that we have. The vendor time gave me a chance to see how some companies that I'm not as familiar with are doing things.

All in all the biggest benefit that I gleaned from day one was the networking opportunities. I also ran into a guy that did some consulting work with a company that I worked for a few years ago. He's still with the same company that he worked with then and I'm going to see about having him come in and help us with some professional services that we need.

Monday, April 28, 2008

SecureWorld Atlanta 2008

Just a reminder that I'll be at SecureWorld Atlanta on Tuesday and Wednesday of this week. If your in the area and are planning on attending let me know. Also (I know this is late) but I can get you a $80 discount off the $195 regular conference fee or $200 off the full conference fee of $695. Just go to the website and register using this code JRC1031. There is also a "free" pass that will get you into the expo area and I think a couple of the open sessions.

Friday, April 25, 2008

Wireless Scanning

A couple of days ago I got on the bus to make the trip from Downtown Atlanta to the suburbs where I live. I pulled out my laptop to do some work and was just about to disable my wireless radio when up popped a "Wireless Network Found" message. I closed it and was about to go ahead and disable the radio when I thought it would be interesting to run NetStumbler and see what I could see as we drove through town. It was rather interesting and I decided to do a little categorizing and let y'all know what I found. I decided to do it again the next day and compare it to the first day. Here is a summary and some thoughts.

Disclaimer: Before I get into this I want to make it perfectly clear that I am NOT a wireless guru. I have lots to learn and some of what I have to say may have perfectly good exploitations or I may be WAY off base. Feel free to give me constructive feedback via comments or direct email. 

The first thing I noticed was that all 11 standard channels in 802.11a,b,g were used. Then I noticed that there were some other channels listed. They are 36, 40, 48, 56, 157. Honestly I wasn't even aware that you could use these other channels. What does that mean and how do you do it? I'd like to learn more about this. I looked to see if there were any common denominators about the devices that reported this but couldn't really find anything useful. The second day I picked up traffic on the same channels plus one that I didn't see on day one, channel 64.

Next I noticed that over the 2 days I saw 696 different devices, 388 on day 1 and 509 on day 2. So that means that 201 devices showed up on one day that didn't on the other day. That can be explained by several things. They may have been off that day. Maybe the bus was going too fast to pick them up one day and not the next. One day I may have had less interference in that area than the other.

280 had no encryption enabled on them. The rest were reported as having WEP enabled but I doubt that is correct. I don't know if it's the version of NetStumbler that I'm using or what but everything is reported as WEP. I checked it against my home system which is running WPA2 and it showed up as WEP.

42 showed up as being ad-hoc which means that they were more than likely other laptop users who were broadcasting their signals. In looking at the SSID's shown by these ad-hoc networks either there are lot's of "evil twins" set up or possibly NetStumbler just didn't get enough of a signal and read on what was really going on with them. In comparing ad-hoc to AP I only found 2 that looked like they were possibly "evil twins" based on SSID reported. Again if the others were then I was not able to pick up the "real" AP in my scan due to range or interference. 

Speed ranged between 11mbs to 54mbs with 22, 36, and 48 mbs also reporting. The vast majority of there were 54 mbs.

There were lots of vendors reported with the obvious ones present. Cisco, Aruba, Linksys, DLink, Netgear. There were several that I am not familiar with like Farallon, Eprigram, Sercom, Compex. Then some that I'm familiar with but only slightly like Gemtek, Z-Com, Airespace. I noticed several Symbol devices which I know is a popular handheld scanner manufacturer. I'm not sure if they make AP's also but these did show up as AP's. Again this goes back to me not being overly familiar with the world of wireless and who does what and especially not the specifics of how and why NetStumbler reports what it reports in the way it reports it. :)

Just a couple more thoughts and then I'm through. I noticed that a majority of the SSID's reported gave out too much information. Either company name, or some identifier that makes it easy to figure out who this AP belongs to such as a building number or something similar. All you had to do was look at the SSID and then at street numbers or business names and be able to put 2 and 2 together to find the owner. Not the wisest choice but in today's world of wireless hacking it doesn't take much for the bad guys to find out who you are pretty quickly anyway.

The last thing is I wanted to share with you a few of the funnier or more unique SSID's that I found. Sad to say this is as creative as people in this part of town seem to get. Oh, well.

Belkin Sucks
But Why ???
SSID Name
Your Mom
Funkdafied
Hotboysin1205
Smallpoxgirl
Tuffygoestovegas

Tuesday, April 15, 2008

Security Silos

Something that I've noticed over the years is that lots and lots of companies secure their environments in silos. Each team, division, LOB or whatever is responsible for securing their equipment and they do so at their leisure and discretion. Not only that but within these silos there are other silos. Whoever is responsible for a particular device (server, router, switch, firewall, etc) secures it as they please or not at all.

Traditionally most people who are not security professionals and who get tasked with managing a device only secure the obvious. I've seen servers that have no admin password and only basic folder level security. They were deemed to be secure. I've seen routers, switches and firewalls that were managed via telnet with weak passwords and no password on the console. Then there is the whole "one password fits all" mentality that many companies have. I call this "Security Silos". It's security done in bits and pieces with no consideration for what is going on in other parts of the company in regards to security. It's the "my device is secure and I don't care about your device" syndrome.

What this misses is 2 very important pieces of information.

  • A device is only as secure as the weakest link in the network it sits on.
  • Security for the sake of security alone is no security at all.

You can lock a server (or any device) down to where it's next to impossible to get into it. Yet if the router that routes traffic to it is insecure then the bad guys will be able to get to the server and pick away at it little by little until they find the chink in the armor. Or they will sit there and watch all traffic into and out of the server until they find something that is of use to them and use against you.

If you secure a device just because it needs to be secure then you are missing out on the big picture. You don't secure a device just because it needs it. You need to understand the purpose of the device in the overall picture of what it is that the business is trying to accomplish. You then secure that device in ways that enable the business to work optimally while remaining secure. This can not be done effectively in silos. Go back to point 1.

Companies often lack the vision and understanding of a overall security program. This is basically a company wide umbrella that covers all aspects of security. It needs to include information and physical (or at least the ability to control physical access to information resources). To truly create this type of program Senior Management needs to understand the need for it and they must support it. The company as a whole needs to be informed about the need for it and they need to understand the purpose of it. IT needs to understand that living in silos will never allow them to truly succeed in their jobs. IT Management and personnel need to be on board with developing a program that will bridge the gap between infrastructure, network, servers, and applications.

If all of these don't work together then you are just spinning your wheels. I'm amazed when I hear apps say that they don't need to worry about security because either the network is secure, the server they reside on is secure or doesn't sit on the internet or that the app itself is secure because it requires a user name and password to access it. There is a lack of understanding of overall security principles between different IT groups. Servers know how and understand server security but they don't understand Network or Application security and the same for the other two.

This is where a overall security plan and program add real value to an organization. It requires leadership and support in order to happen. This is where many programs fail. They get leadership yet management never buys in completely and therefore the program stumbles along. I know that some of you would argue that if the leader was really effective then he would be able to get the necessary support. I agree to a point but I've seen some good leaders who were up against a wall and couldn't get the support. Yet at other companies they were able to get the support and create good programs.  Just as a company can't just decide that it needs a security program and never bring in leadership to create it. You can't will it to happen it has to be lead.

Getting the message across

Sometimes it's almost comical (in a sad sort of way) how people just don't understand security no matter how much you preach it. Especially when many of those people are technical and they are supposed to be leaders and promoters of the IT program and even of security.

Case in point. In the last couple of months there have been 2 different conversations w/i my company that involve an individual (we'll call him Bob) with a position of influence and in each situation comments were made that just make me shake my head and want to find a hard object to bang in against.

The first conversation was around VPN access into our network for 3rd parties. Like it or not this is a part of business today. Gone are the days when we can isolate our selves and only allow employees access to our networks. Vendors need access to troubleshoot issues with their stuff, partners need access to be able to complete their jobs, contractors need access to work on projects. We do not have technology in place that will allow us to manage all of this centrally. This makes it a manually intensive process to ensure that we know who has access to what; when they are accessing it; why they are there; what they are doing while there, etc, etc, etc.....  While I and my team were discussing ways to tighten this up the comment was made by Bob that we didn't need to worry about locking it down any more because if anything malicious was done we would find out about it via our monitoring and we could just sue the offending party. I'll wait here while you pick up your jaw and put it back in place.

OK, as you can imagine this went over like a lead balloon. I was speechless for a minute while I waited for him to crack a smile or something to let me know that he was just kidding. The smile never came. I looked around and saw the others in the room either putting their jaw back in place, holding back a laugh (not the good kind either) or staring off into oblivion hoping to find that peaceful place that they go to when life gets to be too much for them. Needless to say his idea didn't carry much weight and we were able to convince him that we really did need to control things better and that legal action was not the answer to our security problems.

After getting this "misunderstanding" straightened out I felt pretty confident that Bob had a much better understanding of security and what it is that we are trying to do. Then again maybe not. Fast forward a few weeks to a Change Control meeting yesterday. We were discussing a control that I wanted to implement to lock down some things on our systems that are not used (or at best only used by a few). Someone (not Bob) took exception to this because he actually used this. I told him that we would look at his and similar cases and make a case by case decision based upon their ability to show a legitimate business need. Then Bob chimed in. His comment was "We have a secure environment and it will get more secure as time goes by. Security is here to protect us and that means that it will be inconvenient for the user and that is OK with us".

NO, NO, NO, NO, NO, NO, NO, NO, NO!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Where in the world did he get that idea from? It wasn't me. I'm always talking about how my aim is to secure the environment while making it as easy as possible for the user to do their job. I'll admit that it's not as easy as it would be if there was no security at all in place but that's not really true either. It wouldn't be easier because the malware would make it all but impossible to use the systems.

So it seems that with some people you just can't win.

Friday, April 11, 2008

Information Security According to Me

I love technology. There isn't much that is more exciting than to get a new "toy" to play with and use to make your job easier and hopefully more secure. I think it's pretty cool how a piece of software can alert you to threats to your system, prevent you from doing things that you shouldn't do and keep your system from doing things without your knowledge. I really like the concept of having some devices on the network that can watch the traffic flowing through the network and make assumptions and/or decisions based upon rules, algorithms, and other things over my head and either drop, divert or allow the traffic to continue. Often these things can shut down ports (logical and physical), pass ACL's to devices and do other things to stop worms, virus' and other bad things in their tracks.

The problem with technology is that it often gets misconfigured, deployed improperly, or just isn't the right fit for what you are trying to do. Even if non of this happens it can still be left to it's own and cause problems. It has to be monitored, updated, tweaked and cared for on a regular basis. Not only that but in the case of shutting down ports and pushing ACL's automatically I would hope that you don't really want or allow that to happen on your network. Talk about taking a risk. Technology is cool and it is necessary but it has to be used in the right way for your situation. You can't let the vendors drive your strategy. Use them to learn about your options but what ever you do DON'T let them sell you what they want to sell you. Take your time, review your options, look at the pros and cons of each solution and find the one that fits your need and one that will fit in with your strategy and plans for the future.

As much as I like technology I still feel that it falls far short of the mark of keeping us secure. It goes much deeper than that. It requires a good solid framework that includes policy, process, procedures, guidelines, user awareness training, security training for IT staff. I like the new buzz acronym of GRC. Governance, Risk and Compliance. I think that it does a pretty good job of summing up what a solid program consists of. If a company doesn't allow for IT Governance to play a part in the way it does business then they are missing out on opportunities to make the best technology and policy decisions. These decisions are partly based upon the risk that is involved in doing various activities to enhance business. They are based upon the framework that is (or should be) in place for how technology is used to enable business. They take into consideration the goals and objectives of the company, the projects the the LOB's have, the way the IT infrastructure is designed, and making best use of what is already in place.

GRC is not perfect but when implemented correctly and supported from the top down it will make things run smoother and allow for business to function in a manner that balances security, productivity, usability and makes best use of company resources.

Proof of risk

Update: First I want to apologize for not linking to Alex's site RiskAnalys.is in my original posting. I wrote this over 2 days and 4 different editing points and still failed to get all my ducks in a row. Secondly, even though the article was posted at RiskAnalys.is Alex wasn't the one who wrote it (no wonder he didn't remember writing it). It was written by JonesJ (whom I'm assuming is Jack Jones, based upon looking at the comments section).


I must say right off that Alex actually posted something similar to parts what I am going to say. I didn't just think about this after reading his post but had been thinking this very thing from the moment that the news of the DRAM being frozen to find encryption keys story hit. Actually I have held this belief for a long time but recent stories have made it "front lobe" thinking of late.

Lots of people get paid good money and receive grants to do research on various things. I think that this research is important and often critical to helping us improve security and how we secure data. What usually happens is that the researchers release their findings and the IT/Security world (OK just a few who tend to be vocal) shout it from the roof tops and bemoan how any day now we are all going to fall victim to this very attack. The vendors jump on the band wagon and talk about how their product X will prevent or fix this or at the minimum (although they don't admit that it's a minimum) keep you in compliance with every possible regulation that the government can think up.

What has to be do by companies before panicking is to determine what the risk of this attack happening to your company really is. Not only what is the risk but what is the potential cost if this happens. Will you lose IP that will seriously hurt the company? Will you risk having financial or PII data stolen? Will this happening seriously affect how your employees work?

In most of these cases the biggest question is "How likely is it that this attack will actually happen to us?" Is it worth the cost of putting in controls that will mitigate it? Can it be handled in a different way with technology that you currently use? Can you teach your users how to protect against it?

Lately there have been 3 "attacks" that have been in the news that have garnered lots of attention in the press and lots of blogs. At least 2 of the 3 have exploits that have been released (I'm not sure about the biometric key logger) that I want to touch on briefly.

The first is the study that proves how you can capture encryption keys and other data from RAM after the system has been powered off. This has potential to be a big deal. If FDE keys can be found hanging around in RAM then obviously the bad guys can use this against us, or can they? Ask it this way. How likely is it that this will happen to my users? Wait, even before that lets ask just what is it that has to happen in order for this to be exploited? How long does the data stay resident in RAM after you power off the system? What does the hacker have to do in order to get to the data? It turns out that the data only sticks around for a couple of seconds and that in order to preserve it the memory has to be quickly frozen and remain sufficiently cold long enough for the memory to be either removed from the system or the system to be powered back up. Then they attacker has to have the tools to read the contents of memory and figure out what is in there and how they can use it. How likely is it that when you power off your system that a hacker is going to be hiding in the next cube ready to pounce? Obviously laptops are the big threat here but even still a few simple tips to your users can eliminate this.
First, tell them to turn their system off instead of putting it in standby or Hibernate.
Second, tell them to turn the laptop off and let it power down while they gather up the rest of their stuff. Then by the time they are ready to leave the laptop has been powered off long enough to allow the data in RAM to dissipate enough to prevent this from being a problem. There is more to this. There are ways that the bad guys have a bit of an advantage and more that you and the user can do but this covers 99% of the risk.

The second thing is the Biometric Key logger that has recently been developed. As far as I know this has not been released into the wild. A British researcher has come up with a way to sniff biometrics and recreate the image. Again this is not good news but it's also not all bad. What has to happen in order for this to be a risk to your (or any) company? Besides the obvious that you have to be using Biometrics what other things have to happen in order for this to be worth an investment in time and money for your company? In my opinion this is a very low risk threat for most companies. In a few years when biometrics are more popular it may be a bigger risk but even for companies that use biometrics the risk of this happening is probably very low.

The last one I want to bring up is Winlockpwn This has potential to be a big problem for lots of companies now. Why? Because almost every computer and laptop in use today has a FireWire port that is active. This exploit allows you to connect a Linux system directly to the firewire port on a Windows system and get read/write access to memory. Can you say Total Pwnage? This one is not good news. There are lots of ways for hackers to get access to systems both in and out side your company walls. A few seconds is all it would take for malicious code to be loaded onto a system via this vulnerability. The good news is that most of us aren't using our firewire ports and they can be disabled when not needed.

So there you have it. A tale of 3 vulnerabilities that are putting lots of fear into the hearts of security professionals all over the globe. But in my opinion the fear is unnecessary and the exploits can be easily mitigated for most of us. So what is the moral of this little story? When you hear of the latest vulnerability, exploit or hack don't rush out and panic. Don't go spend the rest of your budget on some technology that isn't what you need. Don't go rushing to management with FUD. Take a step back and do a quick risk assessment for your environment and then make a well informed decision. Also before you go spending money unnecessarily take a look at what you already have in house that can be used to reduce this issue and make your life much easier.

Risk is key!

Wednesday, April 09, 2008

Thanks Birmingham InfraGard Chapter

I'd like to publicly thank the Birmingham, Al chapter of InfraGard for having me speak at their April meeting. They seem to have a really good chapter going there. They meet monthly and have a strong regular attendance. Also from talking with them they seem to do quiet a bit outside of the regular meetings. I think my talk went well. They were at least polite and told me that they enjoyed what I had to share. Michael Ramm drove over from Tuscaloosa, AL to meet me. It was nice to meet someone that I've interacted with lots over the past year.

Atlanta needs something to kick start the local chapter here. We only meet quarterly and that's being optimistic. The last meeting was in November 2007 and the next meeting is at SecureWorld Atlanta the end of this month. On my calendar that's a 6 month lull, doesn't sound very quarterly to me. I'm not trying to pick on InfraGard in general here. There is something about Atlanta that doesn't seem to fit well with InfoSec meetings. I know that ISSA and ISACA meet monthly but I have never been so I can't speak to what they are like. We have tried several times to get a CitySec started and have had a total of 2 gatherings. The first time it was Mike Rothman, Beau Woods and myself. The second meeting Beau had dinner and drinks alone. A time or two since then emails have gone out no one has shown any interest. So I guess that will have to wait for another time.

I'm jealous of the fact that lots of my friends are at RSA this week and I'm not. For some reason I seem to have an aversion to working for companies that will send me to conferences. Maybe one day. I really can't complain too much. Even though I would have to foot the bill myself for most anything out of the Atlanta area I've been lucky. Atlanta has quiet a few small conferences (day, 1/2 day, lunch, etc) and a couple of 2 to 3 day events that I get to participate in. Just last month I attended the CSO Perspectives conference here and later this month I will be at SecureWorld Atlanta.

Things at work have been keeping me hopping. I've got so many things going on that I'm almost paralyzed trying to decide what to do first. I've prioritized them but still when it all is screaming at you it's hard to focus. Everything is an "emergency" in the eyes of the requester. Oh well, it will get done in time I just need to quit worrying about it.

Hopefully soon I'll get back to blogging something of value. For now work and my honeydo list calls so.......... It's off the catch the bus home and hopefully finish staining the deck.

Monday, April 07, 2008

It was a cold, dark, rainy night.........

and you are home alone. All alone and very lonely. The only thing to keep you company is your computer and you internet connection to the world. Yet it seems that you are the only one alone on this night. No one want to chat. You have 4 different IM clients up and waiting. You are logged into 3 other chat rooms and still it's only you. You get more and more sad and life looks bleak. You pick up the TV remote and search the channels for something that you haven't already seen 3 times or an infomercial that you haven't already bought the product they are selling. Nothing. Tears start to well up in your eyes. Sleep won't come..........

Then all of a sudden a ray of hope appears on one of your IM windows. A MESSAGE!!!!!!!!! A REAL MESSAGE JUST FOR YOU!!!!!!!! You check the name and don't recognize it but still it's a message for you! So you anxiously start reading. Here is the text of the message:

(12:22:19 PM)
teencutie957435@real-cam-girls.net:
Hey! I thought you really enjoyy watching my F - R - E - E web camera :-* just visit 6d="" 36="" ojf=""
www.s%69%67%6E%75%70%36.%63%6F%6D/%67%69%72%6C%69%65%38%36/%69%6E%
klfpkklkkfjdkf64%65%78.html?????klu9987890Pleiades.luxfoatiii.dxbyn.fuchrbxuwho.diagramed
.lymphomata:?ojf
tell me what you think! :) x parcelled 5 alluvia 7 impanelling
lateralled chapelling oreades puj 80

A smile crosses your face as you hover the mouse over the link anxious to see what's on the other end of that web cam and maybe even chat with her. This is your lucky night.
_______________________________________________________________
Just how stupid do you have to be to actually click on a link in an IM from someone called teencutie957435 and when the link is as convoluted as that one is. Not to mention the garbage at the end of the message.

COME ON PEOPLE! USE YOUR HEAD! USE SOME COMMON SENSE!

Sorry, it just gets my goat to think that there are people who actually click on something so obviously wrong. I know it must work b/c they are still sending them out. I get 3 or 4 a week and NO I DON'T CLICK ON THEM. I type them in manually. :) Just kidding.

I know that none of you who read my blog would actually click on something like that and that I'm preaching to the choir but I had to get it off my chest.

Saturday, April 05, 2008

I'm Speaking at the Birmingham, AL InfraGard

I just wanted to put up a post to let y'all know that I'm still here. For some reason I've hit a lull and just have nothing worth saying so I'm keeping quiet.

The only thing I have right now is a reminder for any of you in the Birmingham, Al area that I will be speaking at the InfraGard meeting this Tuesday 4/8/08. If you are in the area and can make it I'd love to meet you. If you do want to come here is the address. 1000 18th Street North, Birmingham, AL. That is an FBI facility so if you want to come let me or the Chapter president know that you are coming. Reservations are required.

Hopefully I'll get back on the blogging track soon and post something worth reading.

Creative Commons License
This work is licensed under a Creative Commons Attribution-NC-SA 3.0.