To the best of my knowledge, online poker players are perhaps the single biggest marks on the planet when it comes to pragmatic information security. These are people with hundreds of thousands of dollars on poker sites who think nothing of cruising the backwaters of the internet on the same laptops and workstations they use to play poker.

Even the players who aren't downloading porn torrents and installing "pop-up blockers" and god knows what else have no clue. In fact, often they are even worse than the habitual risk takers because they operate under the assumption that they are safe.

If this forum does it's job, a lot of people will understand why thats Bad, and how they can create a secure environment worthy of playing poker from without impacting their ability to enjoy the most sordid corners of the web.

"But I have a firewall and anti-virus running!"

Cool, congrats, but a 14 year old from Estonia just tricked your browser into installing a lightweight application that invisibly crippled your anti-virus gear, is logging all your keystrokes, can take pictures of your desktop remotely, has secretly enabled that webcam you thought you disabled, and to top it off is currently scanning every computer on your network while copying itself to any removable drives or CD/DVDS you burn.

Every single thing I just said in the above example has happened. Every, single, one. None of it is invented, and much of whats going on right now is considerably more nefarious than anything I've mentioned so far.

So!

Basically; if you want to sleep with whores in Haiti, use a condom. If you want to play poker online for real money, read this forum.

"So if I read this forum, I won't ever get hacked?"

The unfortunate nature of the beast is that pretty much every machine that can be interacted with via digital means can (and probably will) get hacked. I've been hacked. The people I look to for guidance have been hacked. The people who taught them whats up have been hacked. Getting hacked happens.

What you can do, however, is avoid being a 'low hanging fruit'. A low hanging fruit is simply the easiest target at hand. If you embrace the overall methodologies that this forum espouses, not only will you minimize your exposure risk but you can often significantly mitigate the damage done by attackers.


The overall goal of this forum is to accomplish several things:

* Increase end user awareness regarding information security.

What exactly are the risks? What should I worry about? What shouldnt I worry about? What do I need to know to be situationally aware online?

Who wants to hack you, why, how, and what you can do to avoid it, basically.

* Discuss contemporary threats

Current worms, exploits, methodologies, events, so on.

* Discuss the underworld economy of Information Trafficking.

Bot herding, malware, zombies, phishing, SPAM, and how it all ties together.




Forum Rules:

THIS IS NOT A "HACKING FORUM".

Stop. Read the previous sentence again.

You are not here to learn how to hack, post/request exploit code, brag, provoke anyone, settle scores, or generally be up to no good.

ASSUME AT ALL TIMES THAT THIS FORUM IS UNDER CONSTANT LAW ENFORCEMENT OBSERVATION AND ACT ACCORDINGLY.

If you want to post something and you are not sure if it is appropriate, PM me. Any attempts to subvert the overall benign nature of this forum will result in heavy moderation.

I wont have people coming here to victimize, harass, or belittle posters or anyone else.

Ok.

I have one other request; any and all questions are encouraged, but the one thing I must insist on is this:

Before you ask a question here, ask it on Google.com. There are two reasons for this; one) often you will find out what you need to know immediately, and two) in the process of finding out your answer, you will often learn 10 other things you didnt know but should.

If you dont get an answer that makes sense or suspect it isnt correct, post away.

One final point I want to make; invariably, at some point, I will post something that is incorrect. Everyone has carte blanche to correct me, anyone who does not agree with some point I've labored to make can state their case and it will be taken seriously. If it changes my mind, I will say so, and if it doesn't, I will explain why I feel it's flawed.

There are people here, right now, who know more about some security oriented issues than I do. In fact, in the security community, I am very much a nobody. I have no white papers published, I have not broken any cases really. What I do have, is a wealth of experience going back almost 15 years and a driving personal agenda to excel in this field, and as such I welcome this opportunity to share my passion for information security, and discuss what I truly consider to be an exotic and even somewhat romantic landscape of secrecy and paranoia, and an ongoing digital arms race that continues to shape the nature of the internet as you read this.

Lastly, I wish to sincerely thank Micon, Druff, Neverwin, DirtyB and all the other moderators here, as well as Pokernews and our Lithuanian Overlords for this opportunity. I hope we all benefit from our time spent here.

excellent, good luck with your forum

Thanks, very much! Please contribute with questions or suggestions, of course.

this is a good time to give a shit about security:

http://www.enterpriseitplanet.com/secur ... hp/3825096

Gov. is hiring 10,000 information security experts. The gigs dont pay much but its the absolute best experience you can get.

searched over 1000 threads..stumbled on this part of the forum