Security
Get flash to fully experience Pearltrees
on Security: Five "Neglects" in Risk Management
4. " Solution neglect – choosing an optimal solution is not possible when one fails to consider all of the solutions."
A blog covering security and security technology. « The Keywords the DHS Is Using to Analyze Your Social Media Posts | Main | NSA's Secure Android Spec » How Changing Technology Affects Security Security is a tradeoff, a balancing act between attacker and defender.
on Security: How Changing Technology Affects Security
Qualys CEO creates security non-profit to fix the Internet
Philippe Courtot, chief executive of compliance software maker Qualys , launched the Trustworthy Internet Movement last night, pledging $500,000 of his own funds to integrate security into the product-making process. “Just the very fact that I could get the domain name “trustworthy internet” says it all,” Courtot told VentureBeat. Much of security is reactionary. McAfee general manager of network security Pat Calhoun likens it to a house break-in. You get the alarm system after your house has been robbed.
Cloud Computing & Hosting
This post was written by Chris Gillan, Co-Founder of Gazzang, Inc., a Rackspace Tools Partner. A friend of mine, the CEO of a small ASP software company, hired a consultant to come in and tweak a few things on a MySQL database. The consultant was in and out in a day, database performance was back to normal, and all was well.It’s an open secret: For years, hackers and feds have been strange bedfellows in the mission to defend military networks. Three-letter agencies set up recruiting booths with schwag at security conferences like Black Hat , and feds party it up with the computer nerds at the so-called “underground hacking conference” DefCon after enlisting intelligence help. Darpa, with the help of former hacker Peiter “Mudge” Zatko, wants to find a way for the government make that alliance even easier. With an eye on hacker-minded researchers who operate on small budgets and in their free time, Darpa is awarding small, short-term contracts to those who have a knack for discovering holes in network defenses. It’ll harness some of the creativity brewing at hacker-conferences and experimental hacker-spaces — which, incidentally, already underpin some of the multi-million, multi-year defense contracts being inked.
Darpa’s New ‘Fast Track’ Okays Hacker Projects in Just Seven Days | Danger Room
Computer
Cyberwarfare in 2011 is an odd beast. Many Western governments reportedly actively monitor rivals and engage in online sabotage, while countries ranging from Israel to Iran to India also engage in cyberwarfare programs of their own.
The Chinese Way of Hacking
I t was January 2010, and investigators with the International Atomic Energy Agency had just completed an inspection at the uranium enrichment plant outside Natanz in central Iran, when they realized that something was off within the cascade rooms where thousands of centrifuges were enriching uranium. Natanz technicians in white lab coats, gloves and blue booties were scurrying in and out of the “clean” cascade rooms, hauling out unwieldy centrifuges one by one, each sheathed in shiny silver cylindrical casings. Any time workers at the plant decommissioned damaged or otherwise unusable centrifuges, they were required to line them up for IAEA inspection to verify that no radioactive material was being smuggled out in the devices before they were removed. The technicians had been doing so now for more than a month.
How Digital Detectives Deciphered Stuxnet, the Most Menacing Malware in History | Threat Level
Firesheep lit a figurative fire under the feet of folks who otherwise weren't concerned with the security of their data as it passes to and fro over a WiFi network in a public place. That's good. You're at risk whenever you use WiFi on a public network, but thankfully it's never been easier or cheaper to secure yourself thoroughly. Firesheep 's threat is that it allows anyone with a Firefox browser to hijack the sessions of anyone on the same network using a few dozen popular content, commerce, and social-networking sites by snarfing cookies that pass in the clear. But Firesheep is only the easiest to use of a series of freely available tools that can extract and record data passing openly over networks. The only way to defeat all of them is to secure all the connections over which you pass anything personal, financial, or confidential.
