SecurityRatty: tag: assume

The Phorm Webwise System

2008-04-04 16:53:06 by Richard Clayton in Light Blue Touchpaper

...assume that targeting their advertisements will be welcomed If I spend my time checking out the details of a surprise visit to Spain, I dont want the person Im taking with me to glance at my laptop screen and see that its covered with travel adverts, mix up cause and effect, and think even just for a moment that it wasnt my idea first Phorm...

Tags: phorm, system, phorm assumes, phorm argue, phorm system, extensive technical details, technical details, system anonymises, details

Poor security quality in software. Someone is watching over me.

2008-07-30 14:51:49 by Chris Wysopal in Zero in a bit

...assume that it is vulnerability free. I think that sums up the problem pretty well. Customers assume the software they are getting is vulnerability free until it is proved otherwise If its distributed by the Apple Store it is coming from a trusted brand. It must be secure, many think. The same thinking is used by people who install social...

Tags: software, approach insecure software, insecure software, repeatable software security, secure online environment, environment, secure, secure software, software assurance

Poor Security Quality In Software; Someone Is Watching Over Me

2008-07-30 14:51:49 by Chris Wysopal in Zero in a bit

...assume that it is vulnerability free. I think that sums up the problem pretty well. Customers assume the software they are getting is vulnerability free until it is proved otherwise If its distributed by the Apple Store it is coming from a trusted brand. It must be secure, many think. The same thinking is used by people who install social...

Tags: software, approach insecure software, insecure software, repeatable software security, secure online environment, environment, secure, secure software, software assurance

Security ROI

2008-09-02 06:05:53 by schneier in Schneier on Security

...assume that the odds are 1 in 10,000 of that happening in any one year. ALE says you should spend no more than $2,000 mitigating that risk So far, so good. But maybe your CFO thinks an incident would cost only $10 million. You can't argue, since we're just estimating. But he just cut your security budget in half. A vendor trying to sell you a...

Tags: security, security countermeasures, countermeasures, incident, security incident, individual security countermeasures, security measure cuts, security measure reduces, security vendors

Proxy Caches are a Challenging Threat to Internet Security

2008-10-05 10:41:52 by Tim Bass in The Complex Event Processing Blog

...assume the worst case Internet scenario with aggressive Internet cache management policies that serve cached data for economic and performance reasons As a consequence, this fact-of-life on the Internet sometimes results in multiple web clients being sent the same Set-Cookie HTTP headers, for example. Caching proxy servers should obtain a...

Tags: proxy caches, security, web developers, developers, internet, application developers, security flaws similar, session management code, code

Citizens Advice stolen laptop was encrypted

2007-12-13 13:37:02 by Evan Francen in The Breach Blog

...assume it is a commercial solution such as Utimaco or Pointsec. Kudos to Citizens Advice for their proactive decision to encrypt sensitive data on a laptop Good commercial versions of "whole disk" laptop encryption software will protect against slaving the hard drive to another computer (thus bypassing password protection) and provide a...

Tags: laptop encryption, laptop encryption software, advice, encryption, encryption product, citizens advice, laptop, sought advice, personal data

Supporting Complex Passwords

2007-12-04 08:56:00 by Keith Brown in Security Briefs

...assume that users will supply short, simple passwords, not randomly generated, strong passwords created by a tool. Or long pass phrases. But this is especially egregious since it encourages people to reduce the strength of the password that controls access to many different Microsoft properties I didn't have time to try to figure out exactly...

Tags: passwords, complex passwords, complex, passwords hit, password temporarily, temporarily, password, strong passwords, password minder

Five-year-old wanders into bank branch after-hours

2008-02-06 10:24:03 by Evan Francen in The Breach Blog

...assume that the bank doors would be locked. Even if the door were unlocked, most of us would assume that alarms would go off as soon as I opened it I don't suggest that you drive from bank to bank looking for unlocked doors because this might get you in a lot of trouble Past Breaches Unknown

Tags: bank, customers, bank customers, bank after-hours, branch, door malfunction, bank doors, malfunction, breach description

Desktop computer stolen from Administrative Systems, Inc.

2008-02-11 14:53:04 by Evan Francen in The Breach Blog

...assume that many of the victims do not even know who ASI is or how they came into the possession of their information. If I received one of the notifications from ASI, I would have more questions than answers and I would be frustrated. As customers of companies, we provide certain personal information. We trust that the companies we do...

Tags: protect personal information, personal information, sensitive personal information, companies, include insurance companies, financial services companies, information, information security, asi partner companies

Stolen Salesforce.com unencrypted external storage device

2008-02-12 13:32:40 by Evan Francen in The Breach Blog

...assume. Sometimes what we assume is worse than reality Past Breaches Unknown

Tags: external storage device, storage device, sensitive personal information, personal information, device, personal information includes, informati

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo