Site icon Liquidmatrix Security Digest

Don’t quit your day job…

I’m sitting in a meeting at my day job, listening to a prospective vendor lyrically describing their lush infosec management capabilities and my mid morning reverie was broken by the following phrases in rapid succession:

We use a labyrinth of firewalls. Four in series because you can sometimes see past the first few.

I asked what he meant when he said “see past the first few” — he answered something mumbling about traceroute.

We use a proprietary encryption algorithmn.

I’ve read enough Schneier to positively flip out at this one.

The data is protected by 4096-bit MD5 encryption.

Ok… I’m not even going to get into it with this guy.

SSL is not safe for our environment, one of our engineers broke SSL in 3 minutes.

OMFG – YOU BROKE THE INTERNET!!!!1!!! – WTFBBQ

Ahem, May I please attend the special press conference you’re going to call when you release this information? I want to see what happens when the guys with the mirrors on the inside of the glasses take you out with a NATO round to the cranium.

If you want SSL, we’ll change the encryption key once per day.

I’m sorry, did I mis-read the RFC where it describes per session keys?

It’s not that I’m nervous, but, well, I’m nervous. You may all return to your regularly scheduled programme.

[tags]Security Consultants, Infosec, Funny, Encryption, Bruce Schneier[/tags]

Exit mobile version