SEARCH RESULTS
 
Showing 1-10 of 26 records
 
Expand article

Common Criteria and answering the question 'Is it Safe'

2007-12-20 16:57:00 by sdl in The Security Development Lifecycle
 
...fails to meet customer needs as a useful indicator of the likelihood of security vulnerabilities in software At a very fundamental level, when someone in either the private sector or from a government agency considers purchasing or using a software product, one of the questions that may come up is Is it Safe? (Apologies for the lame and...
 
Tags: criteria, fails, common criteria fails, common criteria, common criteria arguably, common, arguably, arguably deficient, security
 
 
 
 
Expand article

Five stolen Florida Department of Children and Families laptops

The Article has images
2008-01-04 10:12:20 by Evan Francen in The Breach Blog
...fails to do so within 45 days following the determination of a breach or receipt of notice from law enforcement as provided in subsection (3) is liable for an administrative fine not to exceed $500,000, as follows The notification required by this section may be delayed upon a request by law enforcement if a law enforcement agency determines...
 
Tags: agency, law enforcement agency, law, confidential information, information, confidential personal information, law enforcement led, laptops, sensitive personal information
 
 
 
 
Expand article

Sysadmin tries, fails at being l337 hax0r, gets jail time

2008-01-10 06:30:09 by Editor in Digg / Security
 
A 51-year-old sysadmin has gotten a record jail sentence after attempting (and failing) to write code that would have destroyed everything on one of his company's servers
 
Tags: record jail sentence, 51-year-old sysadmin, servers, company, code
 
 
 
 
Expand article

More trustworthy election systems via SDL?

2008-02-04 23:34:00 by sdl in The Security Development Lifecycle
 
...fails to adequately protect ballot secrecy The concerns about unsecured network interfaces are discussed in the context of authentication and least privilege (pages 24-25). While that is certainly a reasonable perspective, with the SDL we take a broader view and require all teams to threat model the attack surface of the software being...
 
Tags: machine security concerns, security concerns, election systems, election, security, security researchers, election systems margin, margin, election management system
 
 
 
 
Expand article

Privacy and Power

2008-03-11 06:09:57 by schneier in Schneier on Security
 
...fails utterly if you and I have different power levels to begin with An example will make this clearer. You're stopped by a police officer, who demands to see identification. Divulging your identity will give the officer enormous power over you: He or she can search police databases using the information on your ID; he or she can create a...
 
Tags: relative power differential, relative power, power, relative power levels, power levels, additional power, power imbalance, officer enormous power, officer
 
 
 
 
Expand article

Vista antimalware fails VB100 tests

2008-04-04 00:00:00 by HASH0x8b243e0 in Network World on Security
 
It's fortunate that Vista-specific malware is still in its infancy because a new test of anti-malware products running on the platform has found that many don't work as well as they should
 
Tags: anti-malware products, vista-specific malware, test, platform, infancy
 
 
 
 
Expand article

Software Security Metrics and Commentary - Part 2

2007-10-23 20:31:00 by Security Retentive in Security Retentive
 
...fails catastrophically Unlike other engineering disciplines, we don't know how to get to certainty about the strength of a piece of software. I won't disagree with either of these points, but to an extent you can say this about all new technologies. We've had catastrophic failures in physical engineering before as well. Old materials fail in...
 
Tags: security metrics, software security metrics, metrics, software, metrics framework, metric, upstream sdl metrics, concrete metric, paper steve bellovin
 
 
 
 
Expand article

Safety feedback loops and new car safety features

2007-11-07 21:23:00 by Security Retentive in Security Retentive
 
...fails to run certain programs whose digital signature doesn't match anymore - which is leading to no end of annoyances for Skype and WoW users I was struck by one line in the article I always thought that as the driver, watching the road ahead for slow-moving vehicles and cars that dart into my lane not to mention checking left or right to...
 
Tags: safety, car safety technology, safety features, technology, line, fine line, job, systems, witness
 
 
 
 
Expand article

Sexing up the logs

2008-04-03 04:00:00 by Stuart King in Stuart King's Security and Risk Management Blog
 
...fails to appear then you have an anomoly to investigate. Of course the issue might not be security related, or it might be. The fact is that some anomolous behavious causes you to investigate and find out what the problem is. Another example is when you consider what is normal system user behaviour. If the log files show that an individual...
 
Tags: logs, logs enables, security event logs, security, review logs, perform security functions, log, log output, information security events
 
 
 
 
Expand article

Malware and Exploits Serving Girls

The Article has images