Jeff Jones Security Blog
 
Showing 1-10 of 31 records
 
Expand article

Q1 2008 - Client OS Vulnerability Scorecard

The Article has images
2008-05-14 23:04:00 by jrjones in Jeff Jones Security Blog
This paper is a compilation of vulnerability data for client operating systems for the first 3 month, January through March, of 2008. Vulnerabilities and fixes for the following products are discussed Microsoft Windows Vista Microsoft Windows XP SP2 Red Hat Enterprise Linux Desktop (v. 5 client Red Hat Enterprise Linux WS (V. 4 Ubuntu 6.06 LTS...
 
Tags: severity vulnerabilities, vulnerabilities, microsoft windows vista, mac, apple mac, microsoft windows, users, windows vista users, client
 
 
 
 
Expand article

Windows Vista vs Windows XP SP2 Vulnerability Report 2007

The Article has images
2008-05-14 22:50:00 by jrjones in Jeff Jones Security Blog
...Security Bulletins than Windows XP Windows Vista had 20% fewer vulnerabilities than Windows XP Windows Vista had 28% fewer Critical and Important vulnerabilities than Windows XP 26 vulnerabilities on Windows Vista are less severe for any users running as standard user Here is the chart breaking down the vulnerabilities by Microsoft severity...
 
Tags: windows vista, microsoft windows vista, microsoft windows, windows, sp2, vulnerabilities, fewer vulnerabilities, short paper, vulnerability report
 
 
 
 
Expand article

UAC, an Excellent Description and Discussion by Crispin Cowan

The Article has images
2008-05-12 22:07:49 by jrjones in Jeff Jones Security Blog
...security person wouldn't be! As one of the key drivers behind StackGuard , Linux Security Modules and co-founder of Immunix, which produced AppArmor - few people are as qualified as Dr. Cowan to talk about security features and security boundaries So, when he asks " Is UAC a convenience feature, or a security feature ?", I would say it is...
 
Tags: uac, standard user uac, standard user, uac prompt, security feature, convenience feature, convenience, cowan, crispin cowan
 
 
 
 
Expand article

Iron Man Cameo - Samuel L. Jackson is Nick Fury

The Article has images
2008-05-05 23:30:40 by jrjones in Jeff Jones Security Blog
Late Friday night, I was one of the millions of weekend viewers that help make Iron Man the second-best premiere ever . I am surprised by those results, but only because Iron Man isn't so well-known as other Comic Book heroes like Superman or Batman Yes, I liked it and was pretty sure I would even before I wnt. However, Robert Downey Jr. really...
 
Tags: iron, movie, comic book heroes, follow-up movie, tony stark, friday night, robert downey, modern times, weekend viewers
 
 
 
 
Expand article

Microsoft Security Intelligence Report 2H07

The Article has images
2008-04-23 14:03:16 by jrjones in Jeff Jones Security Blog
...Security Intelligence Report for the 2nd half of 2007. (home page is http://www.microsoft.com/sir , and the download page is here As one of the contributors for the report, I'd like to highlight the findings summary for the Industry vuln trends Vulnerability disclosures decreased by about 5 percent in 2007, reversing a multiyear trend of...
 
Tags: score vulnerabilities, vulnerabilities, report, security intelligence report, high-severity vulnerabilities, trend, disclosures, level trend chart, vulnerability disclosures
 
 
 
 
Expand article

RSA 2008 Keynote: Craig Mundie

The Article has images The Article has audio podcast
2008-04-10 00:16:00 by jrjones in Jeff Jones Security Blog
...Information Security Officer at Affiliated Computer Services. [fwiw, I personally don't love the fireside chat format. Give me videos, fancying graphics and lots of acrobats on the stage I knew generally what Craig was going to talk about, but I was very interested to hear Craig's perspective and see how he thought about and talked about the...
 
Tags: keynote, trust, trust forum, end-to-end trust topic, microsoft keynote, microsoft, microsoft partners, craig, craig mundie
 
 
 
 
Expand article

RSA Crypto Panel: Martin Hellman on 0.01% Events

The Article has images
2008-04-10 00:04:00 by jrjones in Jeff Jones Security Blog
...Security are pretty clear Targeted attacks are increasingly part of the landscape, but it is much harder to convey their seriousness to the average person than some of the high-profiles worms and viruses of the past that got on everyone's radar. And yet, we heard from Symantec's Stephen Trilling this week how credit card numbers go for as low...
 
Tags: probability, low probability events, hellman, martin hellman, low, martin, security, events, non-security folks
 
 
 
 
Expand article

RSA 2008 Keynote: John Thompson

The Article has images
2008-04-09 23:02:00 by jrjones in Jeff Jones Security Blog
...Information Centric Security: The Next Wave On one hand, this was one of the more interesting sessions of the morning, because John brought up his Research Labs VP, Steve Trilling, who shared lots of interesting security factoids from their research 70% of malware during the latter half of 2007 stole PII Symantec believes we may have reached...
 
Tags: security, security professionals, security factoids, security product folks, john, john thompson, information centric security, information, thompson
 
 
 
 
Expand article

RSA 2008 - A Theme Identified: Guitar Hero

The Article has images
2008-04-08 05:53:28 by jrjones in Jeff Jones Security Blog
...security geeks rocking out on Guitar Hero. Hmm, interesting idea, it definitely seemed to be drawing a crowd. I wonder why nobody else thought of that. Five minutes later, after passing 3 Guitar Hero sets, I realized that a lot of people had thought of it. Play, get high score and win a game system So, there it is, the theme of RSA 2008:...
 
Tags: guitar hero, rsa, theme, guitar hero sets, guitar hero iii, security theme, rsa conference, session, wednesday session