SEARCH RESULTS
 
Showing 1-10 of 40 records
 
Expand article

Network Security Reference Guide

2008-02-21 14:00:00 by Editor in Computerworld Security News
 
...examine five areas of network security designed to offer a layered approach. For each security threat, we'll review the various security vulnerabilities that are unique to that area. We'll then examine the most effective methods to mitigate the vulnerabilities
 
Tags: network security, vulnerabilities, security vulnerabilities, reference guides, effective methods, examine, cdw, guide, security threat
 
 
 
 
Expand article

Mashup of the Titans

2008-06-25 17:29:25 by Gunnar Peterson in 1 Raindrop
 
...examine the paper by Saltzer and Schroeder which was written in 1975 and serves as the basis for most information security programs against the Gelernter's manifesto as to where computing is actually going. Each of the eight principles in Saltzer and Schroeder's paper is listed in order, and followed by select excerpts of Gelernter's...
 
Tags: protection mechanisms, protection mechanisms correctly, information security, information, implements protection mechanisms, information travels, information security people, protection, potential information path
 
 
 
 
Expand article

Covert channel vulnerabilities in anonymity systems

2007-12-10 10:39:42 by Steven J. Murdoch in Light Blue Touchpaper
 
...examine some protocol implementations and show how the use of several covert channels can be detected and how channels can be modified to resist detection I show how side channels (unintended information leakage) in anonymity networks may reveal the behaviour of users. While drawing on previous research on traffic analysis and covert...
 
Tags: covert, covert channel vulnerabilities, vulnerabilities, network covert channels, covert channels, channels, covert channel, anonymity systems, systems
 
 
 
 
Expand article

Bogus Microsoft sweepstakes emails

2007-08-19 22:35:48 by Steve Riley in Steve Riley on Security
 
...examine some of its characteristics The sending address is microsoft.co.uk-00@adelphia.net. The address was a hidden hyperlink. Legitimate emails you receive from us almost always come from @microsoft.com domain; occasionally a marketing partner will use their own domain -- this we're trying to eliminate. No legitimate mail from us would use...
 
Tags: microsoft sweepstakes, sweepstakes, microsoft, email, email insists, domain, american domain, subject line, emails
 
 
 
 
Expand article

Microsoft Security Intelligence Report - 1st Half 2007

The Article has images
2007-10-23 16:35:43 by jrjones in Jeff Jones Security Blog
...examine with more detail in the full report Social engineering plays a growing role in overall malware attack techniques. This is a key result since even with vulnerability-free software , these techniques could succeed against users of any platform Windows Defender has proportionally detected 2.8 times less potentially unwanted software on...
 
Tags: total vulnerabilities, vulnerabilities, report, severity vulnerabilities continue, software vulnerabilities, malicious software, sir results, software, results
 
 
 
 
Expand article

Common Criteria and answering the question 'Is it Safe'

2007-12-20 16:57:00 by sdl in The Security Development Lifecycle
 
...examine in depth the software itself, its intended use, the environment in which it will be used, and a variety of other factors. Consumers who are not security savvy will likely make judgments based on sound bites from the media and intuition rather than any specific data or analysis. The Internet can be a dangerous place; a computer with...
 
Tags: criteria, fails, common criteria fails, common criteria, common criteria arguably, common, arguably, arguably deficient, security
 
 
 
 
Expand article

Security vs. Privacy

2008-01-29 05:21:41 by schneier in Schneier on Security
 
...examine the content of any e-mail, file transfer or Web search. "Google has records that could help in a cyber-investigation," he said. Giorgio warned me, "We have a saying in this business: 'Privacy and security are a zero-sum game I'm sure they have that saying in their business. And it's precisely why, when people in their business are in...
 
Tags: privacy, security, security affects privacy, people, people choose security, choose security, anti-privacy, afford privacy, security theater
 
 
 
 
Expand article

Who should do your security audits? Or, how do you organize the security department?

2008-02-07 22:25:32 by Steve Riley in Steve Riley on Security
 
...examine a typical software development department. Here at Microsoft, such departments are composed of four over-arching roles program management product management software development software test Why this way? Consider the first two. We don't have "project managers" at Microsoft because project management incorporates two conflicting...
 
Tags: information, information assets, information security, alignment folk, security alignment folk, information security department, alignment, security department, security
 
 
 
 
Expand article

Squirreling Backdoors Into Distribution Points

2007-12-19 22:16:35 by Chris Eng in Zero in a bit
 
...examine the backdoor in detail. However, we do have a newsgroup posting that sheds a little light on the situation What diff do you see between the compromised version and the one that is there now? I see only a comment diff in one file it was a small block of code that checks for a $ SERVER var. If that var was present, it would redefine SM...
 
Tags: md5 collisions, md5, md5 hashes, distribution, php, execute php code, execute, code, md5 unsafe