[SecurityRatty] tag: panel

Judges consider whether FBI violated free speech in ISP case

Thu, 28 Aug 2008 19:20:52 +0000

A panel of federal appeals court judges pushed a U.S. government lawyer on Wednesday to answer why FBI letters sent out to Internet service providers seeking information should remain secret.

When turning updates off really doesnt

Thu, 14 Aug 2008 09:31:32 +0000

In any business dealings, if you cant trust the company to do what they say they will do,
You go elsewhere right?
Its your decision. Not in this instance folks.

clipped from windowssecrets.com

You’ll get a new Windows Update, like it or not

This time, Microsoft is being more up-front about its forthcoming
refresh of Windows Update. For example, product manager Michelle Haven described in a
blog post on July 3 some new features that the upgrade will add.

The new version will reportedly reduce the time WU takes to scan for and send out new updates. In addition, if you use the online version of WU, and you click an update for more information, the new version will offer you more links with additional details.

But the Redmond company hasn’t changed the wording of the Control Panel settings that appear to prevent Windows Update from performing silent downloads — but don’t.

In light of these potentially misleading controls, a few tricks on managing Windows Update are just what the doctor ordered.

One security implementer shares his single sign-on best practices

Tue, 12 Aug 2008 20:00:00 +0000

At the recent SSO Summit I moderated a panel of single sign-on implementers. One of them, Christopher Paidhrin HIPAA & IT security officer for ACS Healthcare Solutions, was kind enough to let me share with you his "best practices" list which he calls: "To Do & Not To Do: SSO implementation lessons learned."

Apple bails on Black Hat talk

Fri, 01 Aug 2008 09:00:00 +0000

Engineers on Apple's security team say that the company's marketing department has forbidden them from participating on a panel at this week's Black Hat conference -- and that even revealing the names of who would have spoken would endanger those employees' jobs.

Follow the Yellow Brick Road

Sat, 19 Jul 2008 15:57:20 +0000

Marc Adler follows on from Muddy Waters to The First Annual Fluffies for CEP where Marc also calls into question the transparency, credibility and accuracy of the various fluffy “awards” we see from time-to-time.

When I discussed this openly with Waters in Muddy Waters comments they kindly replied that “customers are loath to be a reference client for a vendor,” like this fact somehow justifies having 600 people, most who have never actually used the software in practice, vote on how great it is.

Follow the Yellow Brick Road.

Or, as Mark Adler pointed out in his well written blog post The First Annual Fluffies for CEP , a secretive “panel of renowned judge” is going to tell us, via Jolt, who has the better solution? Holy Cow Batman! Let me buy a nice layout in your magazine or web site, please, so “my software company” will be on the short list for the “the awards”.

Follow the Yellow Brick Road.

All this smoke-and-mirrors. share-the-love, marketing reminds me of The Matrix a bit, where the world as we observe it, is a complete artificial construction, where most people in the Matrix believe they are “real” because they do not know that they really just a computer generated program designed to keep humans happy as they sleep in some cold goop with electrodes stuck up their you-know-what, really just bio-batteries insuring the light bill is paid.

Follow the Yellow Brick Road.

Or better yet, these fluffies are similar to most of the Webinars we see where there are questions from “the audience” but we know that most of these questions did not come from the “audience” - yet we all seem to continue ”the audience” myth just like Santa Claus and the Easter Bunny!

Follow the Yellow Brick Road.

The Easter Bunny, Santa Claus, the Tooth Fairy and the Fluffy Awards are real, if you want them to be real. Just close your eyes and click your heels three times….

Follow the Yellow Brick Road. Follow the Yellow Brick Road.
Follow, follow, follow, follow,
Follow the Yellow Brick Road.
Follow the Yellow Brick, Follow the Yellow Brick,
Follow the Yellow Brick Road.

We’re off to see the Wizard, The Wonderful Wizard of Oz.
You’ll find he is a whiz of a Wiz! If ever a Wiz! there was.
If ever oh ever a Wiz! there was The Wizard of Oz is one because,
Because, because, because, because, because.
Because of the wonderful things he does.
We’re off to see the Wizard. The Wonderful Wizard of Oz

Vistafication Of Apps

Sun, 13 Jul 2008 05:03:15 +0000

With very few exceptions, if you design a Windows program correctly it should continue to run on new versions of Windows ad-infinitum. But Microsoft also adds new features with new major versions and you may want to incorporate them. Alun Jones, a Microsoft Security MVP, author of the Tales From The Crypto blog, looks at this issue with respect to a program he writes and sells, the WFTPD FTP server. He's decided to "Vistafy" it. Interestingly, none of the changes he proposes (as far as I can tell) would break the applications on other current versions of Windows. He's mostly talking about changes, like moving away from CPL files for the Control Panel, that make a program work better in Vista, and which conform to best practices. It's all worth considering for your own apps.

Vistafication of Apps

Sun, 13 Jul 2008 05:03:15 +0000

With very few exceptions, if you design a Windows program correctly it should continue to run on new versions of Windows ad infinitum. But Microsoft also adds new features with new major versions and you may want to incorporate them. Alun Jones, a Microsoft Security MVP, author of the Tales from the Crypto blog, looks at this issue with respect to a program he writes and sells, the WFTPD FTP server. He's decided to "Vistafy" it. Interestingly, none of the changes he proposes (as far as I can tell) would break the applications on other current versions of Windows. He's mostly talking about changes, like moving away from CPL files for the Control Panel, that make a program work better in Vista, and that conform to best practices. It's all worth considering for your own apps.

Vistafication of Apps

Sun, 13 Jul 2008 05:03:15 +0000

Schneier on Security and Privacy at Supernova

Fri, 11 Jul 2008 03:28:28 +0000

Here's the video of a panel I was on at Supernova; the topic was security and privacy.

Shake-up For Internet Proposed

Tue, 24 Jun 2008 06:45:48 +0000

From the BBC:

The net could see its biggest transformation in decades if plans to open up the address system are passed.

The net’s regulators will vote on Thursday to decide if the strict rules on so-called top level domain names, such as .com or .uk, can be relaxed.

If approved, it could allow companies to turn their brands into domain names while individuals could also carve out their own corner of the net.

The move could also see the launch of .xxx, after years of wrangling.

The part I find funny is the number of politicians that think having a .xxx domain will cordon off sexually oriented websites from the rest of the web.

The move could yet be blocked as the independent arbitration panel can reject domains based on “morality or public order” grounds.

Morality on the Internet. Hmmm, ok.

Article Link