[Owasp-Mumbai] FW: Can we help govt fight cyber crimes

Dinesh O'Bareja dineshbareja at gmail.com
Fri Oct 24 04:35:20 EDT 2008


Friends - my practical 2 cents .. or I should say 2 paisa .....

Do you really think it is possible for any organization to go out and train
a few million people ? Lofty aspirations and nothing else. Someone thinks
that a 3 hour session will be good to train students and they will carry the
message to the masses. Wow - does this remind you of some political message
being sent out by Gandhi.... go to every society and knock on every door and
give them the gyan of WiFi security !

Guys how much time wold it take to set your router ? And why not just have
the dealers give a printed sheet which has instructions on how to do this -
simple. And maybe the dealer can call the customer (as a community service)
to check if he / she has made the settings. And why not ask Linksys and
DLink etc to sell routers with default security settings in place ?

You had a hundred workshops and then did anyone go home and secure the
router ? Did anyone call for feedback. You spent 3 hours trying to "train"
people for a five minute job !! C'mon on folks how much time does it take to
configure the settings ?

Maybe we can get together to make a video and post it on YouTube ? Take step
by step images and post them on websites. Make this available to dealers at
major electronics showrooms and cybercafes.

And believe me it is high time the IS community did something about it
rather than leaving it to organizations which have no clue about security
except that it is a cost center !!


And if we have a few guys here who would like to contribute to this sort of
effort (no seminar please) then lets get someting going and show some people
how to go about helping the community.

Have a nice day.

Dinesh

On Thu, Oct 23, 2008 at 5:43 PM, ashish kirtikar <
kirtikar_ashish at hotmail.com> wrote:

>
>
> Hi Dharmesh,
>
> I truly believe that it is us Security Professionals who should take an
> initiative in creating the awareness amongst people. Along with the Cyber
> Crime Cells of the regional police forces we can organize workshops to make
> people aware of their common mistakes which hackers use to take over their
> machines or networks.
>
> In terms of WiFi it is truly necessary to make people aware of the
> mandatory lockdowns or precautions they should follow to be well-protected
> and secure. I have myself sometimes used connections of my neighbour in my
> earlier dayz in college(though I m not really proud of it...but it was fun
> then), till now we can do it.
> Also, small organizations or firms having networks with open access to
> internet (untrusted world) should be made aware of IT-security and its
> importance. Also, we could collect generalized info in terms of options in
> varied price ranges which these companies can buy and implement ( as all
> cannot afford the firewalls, IDS, IPS and all the other devices seperately
> due to budget issues). I believe UTM's are the answer but my understanding
> on this device is still not complete so I would not comment much on it.
>
> Also, as we are discussing on workshops I also want to suggest that we
> should hold workshops creating awareness on "Phishing". I believe with the
> increase of Internet and boom of Social Networking it is now the most
> important thing.
>
>
> Thanks & Regards,
>
> Ashish Kirtikar
> Security Engineer - Wipro Infotech
>
> ------------------------------
> Date: Wed, 22 Oct 2008 13:50:01 +0530
> From: dharmeshmm at owasp.org
> To: owasp-mumbai at lists.owasp.org
> Subject: [Owasp-Mumbai] Can we help govt fight cyber crimes
>
> Hi,
>
> I was just re-looking at the blasts that have happened around the country
> and connect with the broken wireless networks been attacked.
> The immediate thing that probably comes to all of security gurus is
> "Wireless security should have been done obviously".....
>
> Essentially, I believe that for security experts in the industry, there are
> more malicious attacks possible which we all concentrate based on attackers
> trends.
>
> Just a thought. Can OWASP Mumbai community members help NASSCOM and Cyber
> Crime Cell fight against growing cyber attacks?
> I think if we all can collaborate and share our knowledge with these guys,
> we can work at best helping the government in addition to working for the
> security industry.
>
> Also, I was wondering, if anyone has contacts with Engineering and
> Management Colleges / Universities, one of us in the community should go and
> have an awareness session with these colleges.
>
> Discussions, thoughts and actions are welcome..
>
> Thanks & Regards,
> Dharmesh Mehta
> OWASP Mumbai Chapter Lead
> http://smartsecurity.blogspot.com
>
>
> ------------------------------
> Get the latest buzz on outsourcing. Up to date information on mergers,
> acquisitions and deals on BPO Watch. Try it now!<http://www.bpowatchindia.com/default.asp>
> ------------------------------
> Voice your opinion on the burning issues of the day. Discuss, debate with
> the world. Logon to message boards on MSN. Try it!<http://boards.live.com/Newsboards/forum.aspx?ForumID=104>
>
> _______________________________________________
> OWASP-Mumbai mailing list
> OWASP-Mumbai at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-mumbai
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-mumbai/attachments/20081024/cda430c1/attachment.html 


More information about the OWASP-Mumbai mailing list