SecurityRatty: Scott Wright's Security Views

Privacy Alert - ISPs putting ad service boxes in the clickstream is bad

2008-07-03 13:22:39 by Scott in Scott Wright's Security Views

Im not an alarmist, normally. But listening to Steve Gibsons Security Now Episode 149 - ISP Betrayal - describing a really disturbing new trend in ISP privacy violations - makes me think we are headed for a drive off a big cliff, privacy-wise, if we dont take notice and act soon. Full episode transcript - http://www.grc.com/sn/SN-149.htm According

Tags: episode transcript, episode, steve gibsons security, isp privacy violations, isp betrayal, alarmist, cliff, htm, comsnsn-149

Careful picking your color from the viral marketing rainbow

2008-06-25 11:48:34 by Scott in Scott Wright's Security Views

Viral marketing is a broad term used to describe methods for spreading ideas and messages through the internet at blazing speeds. Methods range from online contest promotions for canned spaghetti to subtle, clever videos on Youtube with website subtitles from the sponsor, to social networking site tools for scouring your email address book...

Tags: email address book, methods range, site tools, describe methods, clever videos, broad term, viral, website subtitles, subtle

The first steps in reducing the embarrassing frequency of college system breaches

2008-06-20 16:52:59 by Scott in Scott Wright's Security Views

Heres a scenario that could happen to anybody in any organization. But with the staggering number of information security breaches occurring at colleges and universities recently, this scenario is perhaps more common in within educational institutions. A university professor receives an email from another colleague working in the university. The...

Tags: university, university professor receives, information security breaches, scenario, universities recently, subject line, educational institutions, common, email

Why you dont like to voluntarily buy security solutions - and how to get around the issue

2008-06-16 03:28:06 by Scott in Scott Wright's Security Views

Bruce Schneiers recent explanation in a CIO article of psycho-economic experiments regarding how we handle simple security investment makes us all look pretty silly (click HERE). With images that bring to mind Jack Black playing the part of a doomed jungle animal or primitive homo securosis (in my minds eye, anyway), he recalls Kahneman and

Tags: primitive homo securosis, mind jack black, psycho-economic experiments, minds eye, jungle animal, cio article, pretty silly, recalls kahneman, images

Negotiating rough seas is safer when you are organized and systems are well documented

2008-06-02 20:53:16 by Scott in Scott Wright's Security Views

One thing sailors usually learn before they become old sailors is the value of keeping things neat. When you are at the mercy of wind and water - and with nobody around - a good sailor makes recovery from incidents look easy. They know exactly where the lines, tools and emergency equipment are stowed. They

Tags: sailors, emergency equipment, mercy, neat, recovery, tools, lines, incidents, water

Realization of Perfect Information - how it presents more risks to those creating value

2008-05-24 13:46:22 by Scott in Scott Wright's Security Views

In the world of economics there is a concept called Perfect Information. It refers to the idea that in some markets you can assume everybody has the same information. For example, the market value of a publicly traded stock rarely changes by large amounts from one transaction to another. The stability of the system depends

Tags: perfect information, information, system depends, stock rarely, market, assume, markets, economics, world

Carnival of the Security Catalyst Community - April 22, 2008

2008-04-22 14:31:21 by Scott in Scott Wright's Security Views

Well, today its my turn to host the Carnival of the Security Catalyst Community. The SCC Forum was launched by Michael Santarcangelo, the Security Catalyst. The forum itself can be found at http://www.securitycatalyst.org/forums (click HERE) and requires you to register for most of the threads posted by members. Most members are active security...

Tags: security catalyst community, security catalyst, forum, scc forum, active security professionals, carnival, michael santarcangelo, threads, orgforums

That silent sucking sound could be your data departing

2008-04-09 03:37:32 by Scott in Scott Wright's Security Views

In the same vein as spammers who depend on your clicking on or replying to their messages to feed their voracious appetites for valid email addresses and traffic, you should be aware of a fast-growing, yet less obvious risk. With the growth in small, low-cost, high capacity Mobile Storage Devices (e.g. USB Drives, MP3 Players, Cameras

Tags: valid email addresses, voracious appetites, mp3 players, obvious risk, traffic, usb, messages, feed, depend

How SNPX got pwned in HEX

2008-04-01 10:32:42 by Scott in Scott Wright's Security Views

AB24 B 25CF BB 3E11 42A F3E2A AB4D7 CA52DD4B. B433CA22 46CD A1 BAD C0DE BAD DA7E

Tags: b433ca22 46cd, 25cf, ab24

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo